Physical Sciences and Mathematics Commons^™

Service Provisioning And Security Design In Software Defined Networks, Mohamed Rahouti

USF Tampa Graduate Theses and Dissertations

Information and Communications Technology (ICT) infrastructures and systems are being widely deployed to support a broad range of users and application scenarios. A key trend here is the emergence of many different "smart" technology paradigms along with an increasingly diverse array of networked sensors, e.g., for smart homes and buildings, intelligent transportation and autonomous systems, emergency response, remote health monitoring and telehealth, etc. As billions of these devices come online, ICT networks are being tasked with transferring increasing volumes of data to support intelligent real-time decision making and management. Indeed, many applications and services will have very stringent Quality of …

Keyless Anti-Jamming Communication Via Randomized Dsss, Ahmad Alagil

USF Tampa Graduate Theses and Dissertations

Nowadays, wireless networking is ubiquitous. In wireless communication systems, multiple nodes exchange data during the transmission time. Due to the natural use of the communication channel, it is crucial to protect the physical layer to make wireless channels between nodes more reliable. Jamming attacks consider one of the most significant threats on wireless communication. Spread spectrum techniques have been widely used to mitigate the effects of the jammer. Traditional anti-jamming approaches like Frequency Hopping Spread Spectrum (FHSS) and Direct Sequence Spread Spectrum (DSSS) require a sender and a receiver to share a secret key prior to their communication. If this …

Authentication Usability Methodology, Jean-Baptiste Subils

USF Tampa Graduate Theses and Dissertations

Nowadays many systems require end users to authenticate themselves. Authentication is one of the security activities that end users perform the most. Thus, the usability of this security feature plays a major role in the proper utilization and adoption of a novel authentication method.

This dissertation presents coauthentication, a novel authentication system. Many authentication methods and protocols exist, but passwords remain the predominant authentication method used. Coauthentication is presented here in detail in several possible variations and their associated protocols, with performance comparisons.

This dissertation also presents a framework to evaluate authentication methods in terms of usability.

A large body …

Tradeoffs In Protocol Designs For Collaborative Authentication, Jacob Venne

USF Tampa Graduate Theses and Dissertations

Authentication is a crucial tool used in access control mechanisms to verify a user’s identity. Collaborative Authentication (co-authentication) is a newly proposed authentication scheme designed to improve on traditional token authentication. Co-authentication works by using multiple user devices as tokens to collaborate in a challenge and authenticate a user request on single device.

This thesis adds two contributions to the co-authentication project. First, a detailed survey of applications that are suitable for adopting co-authentication is presented. Second, an analysis of tradeoffs between varying protocol designs of co-authentication is performed to determine whether, and how, any designs are superior to other …

Secure Communication Scheme In Smart Home Environment, Hari Krishna Jonnalagadda

USF Tampa Graduate Theses and Dissertations

Internet of Things, has started to mark its existence from past few years. Right from its inception with a coke machine at Carnegie Mellon University, it has come a long way, connecting billions of devices to internet. This journey is well supported by the advancements in networking, hardware miniaturization and sensing capabilities. Diverse nature of applications of Internet of Things, has cut the communication barriers between the varieties of fields ranging from manufacturing industry to health-care industry. Smart Home is one such application of Internet of Things. Connectivity of home appliances, to achieve automation in living, defines Smart Home. Out …

A Comparative Study Of Formal Verification Techniques For Authentication Protocols, Hernan Miguel Palombo

USF Tampa Graduate Theses and Dissertations

Protocol verification is an exciting area of network security that intersects engineering and formal methods. This thesis presents a comparison of formal verification tools for security protocols for their respective strengths and weaknesses supported by the results from several case studies. The formal verification tools considered are based on explicit model checking (SPIN), symbolic analysis (Proverif) and theorem proving (Coq). We formalize and provide models of several well-known authentication and key-establishment protocols in each of the specification languages, and use the tools to find attacks that show protocols insecurity. We contrast the modelling process on each of the tools by …

Developing A Compiler For A Regular Expression Based Policy Specification Language, Cory Michael Juhlin

USF Tampa Graduate Theses and Dissertations

Security policy specification languages are a response to today's complex and vulnerable software climate. These languages allow an individual or organization to restrict and modify the behavior of third-party applications such that they adhere to the rules specified in the policy. As software grows in complexity, so do the security policies that govern them. Existing policy specification languages have not adapted to the growing complexity of the software they govern and as a result do not scale well, often resulting in code that is overly complex or unreadable. Writing small, isolated policies as separate modules and combining them is known …

Blindcanseeql: Improved Blind Sql Injection For Db Schema Discovery Using A Predictive Dictionary From Web Scraped Word Based Lists, Ryan Wheeler

USF Tampa Graduate Theses and Dissertations

SQL Injections are still a prominent threat on the web. Using a custom built tool, BlindCanSeeQL (BCSQL), we will explore how to automate Blind SQL attacks to discover database schema using fewer requests than the standard methods, thus helping avoid detection from overloading a server with hits. This tool uses a web crawler to discover keywords that assist with autocompleting schema object names, along with improvements in ASCII bisection to lower the number of requests sent to the server. Along with this tool, we will discuss ways to prevent and protect against such attacks.

Authentication Via Multiple Associated Devices, Jean-Baptiste Subils

USF Tampa Graduate Theses and Dissertations

This thesis presents a practical method of authentication utilizing multiple devices. The factors contributing to the practicality of the method are: the utilization of devices already commonly possessed by users and the amenability to being implemented on a wide variety of devices. The term “device” refers to anything able to perform cryptographic operations, store data, and communicate with another such device.

In the method presented herein, multiple devices need to be associated with a single user to provide this user an identity in the system. A public key infrastructure is used to provide this identity. Each of the devices associated …

Design, Testing And Implementation Of A New Authentication Method Using Multiple Devices, Cagri Cetin

USF Tampa Graduate Theses and Dissertations

Authentication protocols are very common mechanisms to confirm the legitimacy of someone’s or something’s identity in digital and physical systems.

This thesis presents a new and robust authentication method based on users’ multiple devices. Due to the popularity of mobile devices, users are becoming more likely to have more than one device (e.g., smartwatch, smartphone, laptop, tablet, smart-car, smart-ring, etc.). The authentication system presented here takes advantage of these multiple devices to implement authentication mechanisms. In particular, the system requires the devices to collaborate with each other in order for the authentication to succeed. This new authentication protocol is robust …

Defining And Preventing Code-Injection Attacks, Donald Ray

USF Tampa Graduate Theses and Dissertations

This thesis shows that existing definitions of code-injection attacks (e.g., SQL-injection attacks) are flawed. The flaws make it possible for attackers to circumvent existing mechanisms, by supplying code-injecting inputs that are not recognized as such. The flaws also make it possible for benign inputs to be treated as attacks. After describing these flaws in conventional definitions of code-injection attacks, this thesis proposes a new definition, which is based on whether the symbols input to an application get used as (normal-form) values in the application's output. Because values are already fully evaluated, they cannot be considered ``code'' when injected. This simple …

An Analysis Of Remote Biometric Authentication With Windows, Brandy Marie Eyers

USF Tampa Graduate Theses and Dissertations

One thing that everyone seems to be worried about when it comes to his or her computer is security. If your computer is not secure then private information could be stolen. Many people now use passwords to protect themselves though they are discovering that using multi-factor authentication is much more secure. It allows you to use multiple different proofs of who you are. Biometrics is one of the ways to prove identity. Using it, you could log into a system with just a fingerprint, which is something that is very difficult to steal. We present a suite of software tools …

Grouper: A Packet Classification Algorithm Allowing Time-Space Tradeoffs, Joshua Adam Kuhn

USF Tampa Graduate Theses and Dissertations

This thesis presents an algorithm for classifying packets according to arbitrary (including noncontiguous) bitmask rules. As its principal novelty, the algorithm is parameterized by the amount of memory available and can customize its data structures to optimize classification time without exceeding the given memory bound. The algorithm thus automatically trades time for space efficiency as needed. The two extremes of this time-space tradeoff (linear search through the rules versus a single table that maps every possible packet to its class number) are special cases of the general algorithm we present. Additional features of the algorithm include its simplicity, its open-source …

Modularizing Crosscutting Concerns In Software, Nalin Saigal

USF Tampa Graduate Theses and Dissertations

Code modularization provides benefits throughout the software life cycle; however, the presence of crosscutting concerns (CCCs) in software hinders its complete modularization. Traditional modularization techniques work well under the assumption that code being modularized is functionally orthogonal to the rest of the code; as a result, software engineers try to separate code segments that are orthogonal in their functionality into distinct modules. However, in practice, software does not decompose neatly into modules with distinct, orthogonal functionality. In this thesis, we investigate the modularization of CCCs in software using two different techniques.

Firstly, we discuss IVCon, a GUI-based tool that provides …