Dissertations / Theses on the topic 'Security devices'
To see the other types of publications on this topic, follow the link: Security devices.
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Security devices.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Brooks, Jason L., and Jason A. Goss. "SECURITY ISSUES AND RESULTING SECURITY POLICIES FOR MOBILE DEVICES." Monterey, California. Naval Postgraduate School, 2013. http://hdl.handle.net/10945/32799.
Full textAbstract:
Mobile devices, given their promise of mobility with rich functionality, are being deployed with broadening use cases throughout the United States Department of Defense. All the while, massive quantities of information are stored and accessed by these devices without there being a comprehensive and specialized security policy dedicated to protecting that information. The importance of having a security policy grows as these devices start providing new capabilities and replacing many information systems we currently have deployed. Since the same device will be used in many different contexts, each with potentially different security policies, the devices will have to be able to adapt to those contexts. The security policy(ies) enforced by the device will have to adapt accordingly. We investigate potential mobile computing security policies to balance this request for context aware functionality with the information assurance required of these government devices. We investigate the security issues raised in the use of these devices and provide example security policies that address some of these issues.
2
de, Souza Savita. "Digital watermarking and novel security devices." Thesis, De Montfort University, 2003. http://hdl.handle.net/2086/5847.
Full textAbstract:
This research is in the field of document security and the investigation of existing security devices. Security documents can be of two types; those that have commercial value, namely currency, articles of value and those that have legal value, namely, passports, identification cards etc. It is of vital importance in today's world, where fraud and counterfeiting are the order of the day, to protect any article or document of aesthetic importance and value. After the tragic events of September 11th 2001, security and the lack of security in every sense of the word is a much talked and researched subject. The literature review in Chapter Two will reveal that there are many security devices being currently used for various applications and each of them has many advantages and disadvantages. Devices such as magnetic cards, chip cards, biometric technology, optically variable devices, holograms and kinegrams and others have been described and their uses explained. Chapter Three is a continuation of literature review on Digital Watermarking and the available Digimarc technologies and applications in the field of security. Digimarc Corporation, based in Tualatin, Oregon, United States has been the pioneer in the field of Digital Watermarking. Microbar Security Limited, a subsidiary company of Durand Technology Limited, based at the Shrivenam 100 Business Park, Shrivenam, Oxfordshire, United Kingdom has developed its own watermarking technique, which has many advantages in comparison to the Digimarc Technology has also been described here.In Chapter Four, an optical variable device, namely, the Lippmann Optical Variable Device, named after the nineteenth century scientist Gabriel Lippmann (1845-1921), has been studied in thorough detail. Much work has been done to prove it and to understand the principle behind the theory he proposed. Currently, this type of technique based on interferential photography can be applied as a unique security device on passports, identification cards etc. The principles and theory of Lippmann photography has been explained in considerable detail. Experimental work done using various methods and using different photographic materials has also been described along with the results obtained. The application that has been emphasized here, is for passports for which this research was conducted in collaboration with Holographic Dimensions, Florida. Chapter Five, explains the principle of Covert Bar Coding which is the basis of the Microbar Watermarking Technique. Experimental results have been presented, these have been obtained using the MATLAB software. Finally, Chapter Six gives some ideas that can be pursued for future work. This work has produced two papers on Lippmann Photography and the mathematical evaluation of the emulsion co-authored by the author of the thesis. Abstracts from the papers have been used in this thesis. Also, it has produced two patents, one by `Holographic Dimensions', Florida on the Lippmann Photography and second, `Microbar Security Limited' on the `Covert Bar Coding Technique'.
3
Nakarmi, Prajwol Kumar. "Evaluation of VoIP Security for Mobile Devices." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2011. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-43721.
Full textAbstract:
Market research reports by In-Stat, Gartner, and the Swedish Post and Telecom Agency (PTS) reveal a growing worldwide demand for Voice over IP (VoIP) and smartphones. This trend is expected to continue over the coming years and there is wide scope for mobile VoIP solutions. Nevertheless, with this growth in VoIP adoption come challenges related with quality of service and security. Most consumer VoIP solution, even in PCs, analog telephony adapters, and home gateways, do not yet support media encryption and other forms of security. VoIP applications based on mobile platforms are even further behind in adopting media security due to a (mis-)perception of more limited resources. This thesis explores the alternatives and feasibility of achieving VoIP security for mobile devices in the realm of the IP Multimedia Subsystem (IMS).
4
Stevenson, Martijn. "Asbestos : operating system security for mobile devices." Thesis, Massachusetts Institute of Technology, 2006. http://hdl.handle.net/1721.1/37101.
Full textAbstract:
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2006.Includes bibliographical references (p. 75-78).
This thesis presents the design and implementation of a port of the Asbestos operating system to the ARM processor. The port to the ARM allows Asbestos to run on mobile devices such as cell phones and personal digital assistants. These mobile, wireless-enabled devices are at risk for data attacks because they store private data but often roam in public networks. The Asbestos operating system is designed to prevent disclosure of such data. The port includes a file system and a network driver, which together enable future development of Asbestos applications on the ARM platform. This thesis evaluates the port with a performance comparison between Asbestos running on an HP iPAQ hand held computer and the original x86 Asbestos.
by Martijn Stevenson.
M.Eng.
5
Clulow, Jolyon Steven. "On the security of real-world devices." Thesis, University of Cambridge, 2007. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.613220.
Full text
6
Kayayurt, Barış Tuğlular Tuğkan. "End-to-end security for mobile devices/." [s.l.]: [s.n.], 2004. http://library.iyte.edu.tr/tezler/master/bilgisayaryazilimi/T000492.pdf.
Full text
7
NARAYANAMOORTHY, KAUSHIK. "OUTSOURCING OF SECURITY PROTOCOLS IN CONSTRAINED DEVICES." OpenSIUC, 2015. https://opensiuc.lib.siu.edu/theses/1724.
Full textAbstract:
Wireless Sensor Network (WSN) has become an interesting field in computer science due to its diversified applicability that includes military applications, industrial applications, home applications, monitoring temperature, etc. Wireless sensor nodes have many limitations in computational capabilities. A number of security issues subsist in WSN and need to be analyzed in order to design congruous security mechanisms and overcome security problems that arise in the sensor environment. In this project we focus on how to set up communication between two computationally incapable nodes by outsourcing the information to a server in an untrustworthy environment without sharing the key directly. A public-key cryptosystem called elliptic curve cryptography is basically used in here and we ultimately get the sender node authentication from the server through a signature verification scheme. We provide extra security by using a cryptographic hash function for the channel between the server and the destination node. We performed an evaluation of our approach through simulation. The analysis of the results clearly indicate the advantage of our proposed approach.
8
Novak, Edmund. "Security and Privacy for Ubiquitous Mobile Devices." W&M ScholarWorks, 2016. https://scholarworks.wm.edu/etd/1477068313.
Full textAbstract:
We live in a world where mobile devices are already ubiquitous. It is estimated that in the United States approximately two thirds of adults own a smartphone, and that for many, these devices are their primary method of accessing the Internet. World wide, it is estimated that in May of 2014 there were 6.9 billion mobile cellular subscriptions, almost as much as the world population. of these 6.9 billion, approximately 1 billion are smart devices, which are concentrated in the developed world. In the developing world, users are moving from feature phones to smart devices as a result of lower prices and marketing efforts. Because smart mobile devices are ubiquitous, security and privacy are primary concerns. Threats such as mobile malware are already substantial, with over 2500 different types identified in 2010 alone. It is likely that, as the smart device market continues to grow, so to will concerns about privacy, security, and malicious software. This is especially true, because these mobile devices are relatively new. Our research focuses on increasing the security and privacy of user data on smart mobile devices. We propose three applications in this domain: (1) a service that provides private, mobile location sharing; (2) a secure, intuitive proximity networking solution; and (3) a potential attack vector in mobile devices, which utilizes novel covert channels. We also propose a first step defense mechanism against these covert channels. Our first project is the design and implementation of a service, which provides users with private and secure location sharing. This is useful for a variety of applications such as online dating, taxi cab services, and social networking. Our service allows users to share their location with one another with trust and location based access controls. We allow users to identify if they are within a certain distance of one another, without either party revealing their location to one another, or any third party. We design this service to be practical and efficient, requiring no changes to the cellular infrastructure and no explicit encryption key management for the users. For our second application, we build a modem, which enables users to share relatively small pieces of information with those that are near by, also known as proximity based networking. Currently there are several mediums which can be used to achieve proximity networking such as NFC, bluetooth, and WiFi direct. Unfortunately, these currently available schemes suffer from a variety of drawbacks including slow adoption by mobile device hardware manufactures, relatively poor usability, and wide range, omni-directional propagation. We propose a new scheme, which utilizes ultrasonic (high frequency) audio on typical smart mobile devices, as a method of communication between proximal devices. Because mobile devices already carry the necessary hardware for ultrasound, adoption is much easier. Additionally, ultrasound has a limited and highly intuitive propagation pattern because it is highly directional, and can be easily controlled using the volume controls on the devices. Our ultrasound modem is fast, achieving several thousand bits per second throughput, non-intrusive because it is inaudible, and secure, requiring attackers with normal hardware to be less than or equal to the distance between the sender and receiver (a few centimeters in our tests). Our third work exposes a novel attack vector utilizing physical media covert channels on smart devices, in conjunction with privilege escalation and confused deputy attacks. This ultimately results in information leakage attacks, which allow the attacker to gain access to sensitive information stored on a user's smart mobile device such as their location, passwords, emails, SMS messages and more. Our attack uses our novel physical media covert channels to launder sensitive information, thereby circumventing state of the art, taint-tracking analysis based defenses and, at the same time, the current, widely deployed permission systems employed by mobile operating systems. We propose and implement a variety of physical media covert channels, which demonstrate different strengths such as high speed, low error rate, and stealth. By proposing several different channels, we make defense of such an attack much more difficult. Despite the challenging situation, in this work we also propose a novel defense technique as a first step towards research on more robust approaches. as a contribution to the field, we present these three systems, which together enrich the smart mobile experience, while providing mobile security and keeping privacy in mind. Our third approach specifically, presents a unique attack, which has not been seen "in the wild", in an effort to keep ahead of malicious efforts.
9
Güneysu, Tim Erhan. "Cryptography and cryptanalysis on reconfigurable devices security implementations for hardware and reprogrammable devices." Berlin Bochum Dülmen London Paris Europ. Univ.-Verl, 2009. http://d-nb.info/994465785/04.
Full text
10
Borison, Torbjorn. "Object Synchronization and Security for Mobile Communications Devices." Thesis, KTH, Mikroelektronik och Informationsteknik, IMIT, 2001. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-93276.
Full textAbstract:
The main objective of this master’s thesis project was to investigate and find solutions to the problem of how to combine the SyncML synchronisation specification with object security and thus protection of personal information, such as contacts and calendar entries in mobile devices. SyncML is a new synchronisation specification agreed upon by major device developers (Ericsson, Palm, Motorola, etc.) and the major synchronisation server developers (Starfish, Puma, fusionOne, etc.). It is independent of transport (HTTP, WSP, or OBEX) platform, operating system, and application and simplifies synchronisation of personal information between dissimilar SyncML supportive devices. SyncML compliant devices are fully capable of synchronising information with a third party operated Internet based server and a desktop computer. This allows us to access, up-date and maintain information independent of Intranets or geographical position. However, synchronising and storing confidential personal information on an third party operated Internet based server entails weaknesses in our personal information security. Even if transport and storage security are used, how secure is the server where this information is stored since this server has the highest probability of being attacked. Can we really trust that an employee or other person with valid appropriated administrators access to the storage facility with the appropriate knowledge, working together with the third party server operator, won’t try to access our stored information? To prevent this, the personal information’s confidentiality must be guaranteed before the information leaves the device. When synchronising and exchanging personal information, the information is often marked according to a specific format. The three de-facto standard PIM formats are: (1) vCard (contact information), (2) vCalendar, and (3) iCalendar (calendar and scheduling information). These formats divide the personal information into properties. Each property is assigned to contain a small piece of the personal information entry (e.g. a telephone number, an e-mail address, the time when the calendar event begins, etc.). Furthermore to preserve the interoperability between different devices given by SyncML, authorised recipients must automatically be able to reverse the encryption process and decrypt the encrypted property value. Therefore general cryptographic formats are used (e.g. CMS, PGP and the newly developed XML Encryption). They add information needed by the recipients (e.g. algorithm used, padding method used on the plain text, etc.), encrypt the plaintext into cipher text, and decrypt the cipher text into plain text given the correct key.
11
Blount, Charles Lenward. "Users' privacy and security behaviors on mobile devices." Thesis, University of Maryland, Baltimore County, 2015. http://pqdtopen.proquest.com/#viewpdf?dispub=1571723.
Full textAbstract:
Preferences and behaviors for privacy management with mobile applications are difficult to capture. Previous measures are mostly based on self-report data, which often does not accurately predict actual user behavior. A deeper understanding was sought, gleaned from observing actual practices. This thesis analyzes 11,777 applications from the Google Play marketplace in order to determine the impact of privacy settings on purchase behavior. This was done by looking at the effect of the number of privacy concessions as well as the effect of individual concessions and category on number of downloads. It was found that users of paid applications do not have a preference for fewer privacy concessions. This study further reinforces the disconnect between the user's often stated preference for privacy and their actual behavior -- a discrepancy known as the “privacy paradox ”. Theoretical and practical implications are discussed.
12
Weis, Stephen August 1978. "Security and privacy in radio-frequency identification devices." Thesis, Massachusetts Institute of Technology, 2003. http://hdl.handle.net/1721.1/87860.
Full text
13
Cheng, Bin. "Security imaging devices with planar capacitance sensor arrays." Thesis, University of Manchester, 2008. https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.676722.
Full text
14
Trebula, Peter. "Mobile Devices Attacks." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2007. http://www.nusl.cz/ntk/nusl-236912.
Full textAbstract:
Táto práca sa zaoberá bezpečnostnými architektúrami v mobilných zariadeniach a rôznymi formami útokov proti nim. V prvej časti je úvod do bezpečnosti mobilných zariadení a bezpečnostné riziká súvisiace s mobilnými zariadeniami. Sú tu uvedené slabé miesta vo WLAN sieťach a úvod do Bluetooth technológie aj s rizikami. V druhej časti je predstavenie produkčného testovania, ktoré sa využíva u spoločnosti Nokia a popis jednotlivých testov používaných na vyskúšanie funkčnosti zariadení. Rovnako sa v nej nachádza popis architektúry, ktorou sú mobilné zariadenia u spoločnosti Nokia zabezpečené voči rôznym formám útokov viažucim sa na inštalovanie softwaru a testovanie.
15
Abu, Mahfouz Adnan Mohammed I. "Elliptic curve cryptosystem over optimal extension fields for computationally constrained devices." Pretoria : [s.n.], 2004. http://upetd.up.ac.za/thesis/available/etd-06082005-144557.
Full text
16
Ng, Yu Loon. "Short Message Service (SMS) security solution for mobile devices." Thesis, Monterey, Calif. : Naval Postgraduate School, 2006. http://bosun.nps.edu/uhtbin/hyperion.exe/06Dec%5FNg%5FYu.pdf.
Full textAbstract:
Thesis (M.S. in Computer Science)--Naval Postgraduate School, December 2006.Thesis Advisor(s): Gurminder Singh, John Gibson. "December 2006." Includes bibliographical references (p. 91-94). Also available in print.
17
Krkusic, Enis. "Security of the mobile devices in VäxjöKommun and corporation." Thesis, Växjö University, School of Mathematics and Systems Engineering, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:vxu:diva-6253.
Full text
18
Akram, Raja. "A user centric security model for tamper-resistant devices." Thesis, Royal Holloway, University of London, 2012. http://repository.royalholloway.ac.uk/items/aca52f8c-6233-4f73-a9da-025d25ab1295/1/.
Full textAbstract:
In this thesis, we propose a ubiquitous and interoperable device based on the smart card architecture to meet the challenges of privacy, trust, and security for traditional and emerging technologies like personal computers, smart phones and tablets. Such a device is referred as User Centric Tamper-Resistant Device (UCTD). To support the smart card architecture for the UCTD initiative, we propose the delegation of smart card ownership from a stringent centralised authority (i.e. the card issuer) to users. This delegation mandated the review of existing smart card mechanisms and their adequate modifications/improvements. Since the inception of smart card technology, the most prevalent ownership model in the smart card industry has been the Issuer Centric Smart Card Ownership Model (ICOM). The ICOM has no doubt played a pivotal role in the proliferation of the technology into various segments of modern life. However, it has been a barrier to the convergence of different services on a smart card. In addition, it might be considered as a hurdle to the adaption of smart card technology into a general-purpose security device. To avoid these issues, we propose citizen ownership of smart cards, referred as the User Centric Smart Card Ownership Model (UCOM). Contrary to the ICOM, it gives the power of decision to install or delete an application on a smart card to its user. The ownership of corresponding applications remains with their respective application providers along with the choice to lease their application to a card or not. In addition, based on the UCOM framework, we also proposed the Coopetitive Architecture for Smart Cards (CASC) that merges the centralised control of card issuers with the provision of application choice to the card user. In the core of the thesis, we analyse the suitability of the existing smart card architectures for the UCOM. This leads to the proposal of three major contributions spanning the smart card architecture, the application management framework, and the execution environment. Furthermore, we propose protocols for the application installation mechanism and the application sharing mechanism (i.e. smart card firewall). In addition to this, we propose a framework for backing-up, migrating, and restoring the smart card contents. Finally, we provide the test implementation results of the proposed protocols along with their performance measures. The protocols are then compared in terms of features and performance with existing smart cards and internet protocols. In order to provide a more detailed analysis of proposed protocols and for the sake of completeness, we performed mechanical formal analysis using the CasperFDR.
19
Demblewski, Michael. "Security Frameworks for Machine-to-Machine Devices and Networks." NSUWorks, 2015. http://nsuworks.nova.edu/gscis_etd/68.
Full textAbstract:
Attacks against mobile systems have escalated over the past decade. There have been increases of fraud, platform attacks, and malware. The Internet of Things (IoT) offers a new attack vector for Cybercriminals. M2M contributes to the growing number of devices that use wireless systems for Internet connection. As new applications and platforms are created, old vulnerabilities are transferred to next-generation systems. There is a research gap that exists between the current approaches for security framework development and the understanding of how these new technologies are different and how they are similar. This gap exists because system designers, security architects, and users are not fully aware of security risks and how next-generation devices can jeopardize safety and personal privacy. Current techniques, for developing security requirements, do not adequately consider the use of new technologies, and this weakens countermeasure implementations. These techniques rely on security frameworks for requirements development. These frameworks lack a method for identifying next generation security concerns and processes for comparing, contrasting and evaluating non-human device security protections. This research presents a solution for this problem by offering a novel security framework that is focused on the study of the “functions and capabilities” of M2M devices and improves the systems development life cycle for the overall IoT ecosystem.
20
Hei, Xiali. "Security Issues and Defense Methods for Wireless Medical Devices." Diss., Temple University Libraries, 2014. http://cdm16002.contentdm.oclc.org/cdm/ref/collection/p245801coll10/id/264269.
Full textAbstract:
Computer and Information SciencePh.D.
This dissertation evaluates the design of several defense schemes for wireless medical devices to address security issues. These schemes are designed to enable efficient and effective access control of wireless medical devices in both non-emergency and emergency situations. In recent years, the range of available wireless medical devices has increased and includes cardiac pacemakers, insulin pump, defibrillators, cochlear implants, neurostimulators, and various drug delivery systems. Unfortunately, most existing wireless medical devices lack sufficient security mechanisms to protect patients from malicious attacks. Thus, with the rise in use of medical implants, security becomes a critical issue as attacks on wireless medical devices may harm patients. Security on wireless medical devices is a relatively new field, which has not been thoroughly researched yet. The authors of a lot of articles have proposed token based, certification based and proximity based schemes to address the issue. However, most of the current solutions have many limitations and cannot be widely applied. Therefore, better solutions are needed. In order to address this issue, we design a novel and multiple-layer access control framework for wireless medical devices. In a low layer level, we utilize bi-channel technology and multi-factor authentication to defend against various attacks at wireless medical devices. Our system utilizes near field communication (NFC) to do device pairing and uses the medical device's wireless radio to perform remote programming. This approach defends against most attacks because our NFC pairing scheme guarantees that the successful communication range between the programmer and wireless medical devices is less than 6cm. When the patient is in a crowded area such as on public transportation, a different person's mobile devices and the patient's medical devices may be located less than 6cm apart; we use the patient's cell phone to detect such an environment. To avoid attacks in crowded areas, we design a scheme to detect such a situation using the patient's cell phone. User involvement is used on non-implantable medical devices (IMDs) and a patient access pattern based access control (PAPAC) scheme is used on IMDs. We also design a response time based scheme to defend against fake patient attacks. Our analyses and experiments show that the protection schemes are efficient and effective. In a high layer level, we design patient infusion pattern based access control (PIPAC) scheme for wireless medical devices. Specifically, insulin pumps are most widely applied wireless medical devices. The pump parameters and doses can be adjusted by anyone with an easily obtained USB device. The hacker can deliver a lethal dose without knowing the device's serial number in advance. To address this issue, we propose a PIPAC for wireless insulin pumps. This scheme employs a supervised learning approach to learn normal patient infusion patterns in terms of the dosage amount, rate, and time of infusion, which are automatically recorded in insulin pump logs. The generated regression models are used to dynamically configure a safe infusion range for abnormal infusion identification. Our proposed algorithms are evaluated with real insulin pump logs used by several patients for up to 6 months. The experimental results demonstrate that our scheme can reliably detect a single overdose attack with a success rate up to 98\% and defend against a chronic overdose attack with a very high success rate. For IMDs in non-emergency case, the PAPAC scheme we design utilizes the patient's IMD access pattern to address resource depletion (RD) attacks. It is a novel support vector machine (SVM) based scheme. This SVM based scheme is very effective at defending against RD attacks. Our experimental results show that the average detection rate is above 90\%. For IMDs in emergency cases, we design a novel biometrics based two-level secure access control scheme that utilizes a patient's biometrics to prevent unauthorized access to the IMD. The scheme consists of two levels: level-one employs a patient's some basic biometrics and is lightweight; level-two uses a patient's customized iris data to achieve effective authentication. The experimental results show that our IMD access control scheme is very effective and has small overhead in terms of battery, CPU and memory. Thus, it is suitable for IMDs. Both the false acceptance rate (FAR) and false rejection rate (FRR) are close to zero with a suitable threshold. Protecting wireless medical devices is a very challenging task due to their extremely limited resource constraints. It is necessary to balance the overhead of security schemes and security requirements. In this dissertation, we will first discuss security vulnerabilities in wireless medical device systems. Then we will present our framework using smart phones and other technologies, such as near field communication based access control. Further, we will describe the detailed design of this framework. Finally, extensive experiments show that our schemes can achieve good performance with small overhead.
Temple University--Theses
21
Singh, Preeti. "Modeling Context-Adaptive Energy-Aware Security in Mobile Devices." UNF Digital Commons, 2019. https://digitalcommons.unf.edu/etd/883.
Full textAbstract:
As increasing functionality in mobile devices leads to rapid battery drain, energy management has gained increasing importance. However, differences in user’s usage contexts and patterns can be leveraged for saving energy. On the other hand, the increasing sensitivity of users’ data, coupled with the need to ensure security in an energy-aware manner, demands careful analyses of trade-offs between energy and security. The research described in this thesis addresses this challenge by 1)modeling the problem of context-adaptive energy-aware security as a combinatorial optimization problem (Context-Sec); 2) proving that the decision version of this problem is NP-Complete, via a reduction from a variant of the well-known Knapsack problem; 3) developing three different algorithms to solve a related offline version of Context-Sec; and 4) implementing tests and compares the performance of the above three algorithms with data-sets derived from real-world smart-phones on wireless networks. The first algorithm presented is a pseudo-polynomial dynamic programming (DP)algorithm that computes an allocation with optimal user benefit using recurrence of the relations; the second algorithm is a greedy heuristic for allocation of security levels based on user benefit per unit of power consumption for each level; and the third algorithm is a Fully Polynomial Time Approximation Scheme (FPTAS) which has a polynomial time execution complexity as opposed to the pseudo-polynomialDP based approach. To the best of the researcher’s knowledge, this is the first work focused on modeling, design, implementation and experimental performance.
22
Griffin, Tony. "Strategies to Prevent Security Breaches Caused by Mobile Devices." ScholarWorks, 2017. https://scholarworks.waldenu.edu/dissertations/4628.
Full textAbstract:
Data breaches happen almost every day in the United States and, according to research, the majority of these breaches occur due to a lack of security with organizations' mobile devices. Although most of the security policies related to mobile devices currently in place may meet the guidelines required by law, they often fail to prevent a data breach caused by a mobile device. The main purpose of this qualitative single case study was to explore the strategies used by security managers to prevent data breaches caused by mobile devices. The study population consisted of security managers working for a government contractor located in the southeastern region of the United States. Ludwig von Bertalanffy's general systems theory was used as the conceptual framework of this study. The data collection process included interviews with organization security managers (n = 5) and company documents and procedures (n = 13) from the target organization related to mobile device security. Data from the interviews and organizational documents were coded using thematic analysis. Methodological triangulation of the data uncovered 4 major themes: information security policies and procedures, security awareness, technology management tools, and defense-in-depth. The implications for positive social change from this study include the potential to enhance the organizations' security policies, cultivate a better security awareness training program, and improve the organizations data protection strategies. In addition, this study outlines some strategies for preventing data breaches caused by mobile devices while still providing maximum benefit to its external and internal customers.
23
Subils, Jean-Baptiste. "Authentication Via Multiple Associated Devices." Scholar Commons, 2015. http://scholarcommons.usf.edu/etd/5778.
Full textAbstract:
This thesis presents a practical method of authentication utilizing multiple devices. The factors contributing to the practicality of the method are: the utilization of devices already commonly possessed by users and the amenability to being implemented on a wide variety of devices. The term “device” refers to anything able to perform cryptographic operations, store data, and communicate with another such device.
In the method presented herein, multiple devices need to be associated with a single user to provide this user an identity in the system. A public key infrastructure is used to provide this identity. Each of the devices associated with a user possesses a public and private key which allow cryptographic operations to be performed. These operations include signing and encrypting data and will prove the identity of each device. The addition of these identities helps authenticate a single user.
A wide variety of devices qualifies to be used by this authentication method. The minimum requirements are: the storage of data such as a private key, the ability to communicate, and a processor to perform the cryptographic operations. Smart devices possess these requirements and the manufacture of such devices can be realized at a reasonable cost.
This method is malleable and implemented in numerous authentication protocols. This thesis illustrates and explains several instances of these protocols.
The method’s primary novelty is its resistance to theft-based attacks, which results from the utilization of multiple devices to authenticate users. A user associated with multiple devices needs to be in possession of these devices to correctly perform the authentication task. This thesis focuses on the system design of this novel authentication method.
24
Lykouropoulos, Efstathios, Andreas Kostoulas, and Zainab Jumaa. "Connect street light control devices in a secure network." Thesis, Högskolan i Halmstad, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-28180.
Full textAbstract:
Wireless communications is a constantly progressing technology in network engineering society, creating an environment full of opportunities that are targeting in financial growth, quality of life and humans prosperity. Wireless security is the science that has as a goal to provide safe data communication between authorized users and prevent unauthorized users from gaining access, deny access, damage or counterfeit data in a wireless environment. In order to success it uses layers of protection that consist of software and hardware mechanisms that are able to monitor network’s behavior and in coordination provide a safe and secure environment for the user. In this thesis, a scientific research will be conducted in a given wireless network topology designed for an original application. This is about an intelligent street lightning system and it has already been implemented by Greinon Engineering which is the company that we are cooperating with. It is a matter of great importance that this thesis was conducted under real life criteria and in cooperation with an engineering company. This means that our programming, our ideas, our study research were all rotated and concentrated in certain type of hardware – software and network topology. In this thesis there is a detailed overview of basic wireless security mechanisms – vulnerabilities – types of attacks and countermeasures focused on 802.11b protocol. Moreover there will be security weak point’s analysis on the given industrial network; our proposals to protect and secure this network based on our threat analysis of the current system. There is an analysis on the most up to date VPN security implementations and reasoning that guided our team to conclude in a specific procedure - protocol and implementation, including limitation factors – obstacles faces during this procedure. During this research iterative approach in procedures – ideas and implementation attempts is followed. Basic goal is to provide security solutions that are easy applicable, low cost, easy to maintain and monitor.
25
Formby, David. "A physical overlay framework for insider threat mitigation of power system devices." Thesis, Georgia Institute of Technology, 2014. http://hdl.handle.net/1853/53107.
Full textAbstract:
Nearly every aspect of modern life today, from businesses, transportation, and healthcare, depends on the power grid operating safely and reliably. While the recent push for a “Smart Grid” has shown promise for increased efficiency, security has often been an afterthought, leaving this critical infrastructure vulnerable to a variety of cyber attacks. For instance, devices crucial to the safe operation of the power grid are left in remote substations with their configuration interfaces completely open, providing a vector for outsiders as well as insiders to launch an attack. This paper develops the framework for an overlay network of gateway devices that provide authenticated access control and security monitoring for these vulnerable interfaces. We develop a working prototype of such a device and simulate the performance of deployment throughout a substation. Our results suggest that such a system can be deployed with negligible impact on normal operations, while providing important security mechanisms. By doing so, we demonstrate that our proposal is a practical
and efficient solution for retro-fitting security onto crucial power system devices.
26
Yesilyurt, Halim Burak. "A Simplified Secure Programming Platform for Internet of Things Devices." FIU Digital Commons, 2018. https://digitalcommons.fiu.edu/etd/3788.
Full textAbstract:
The emerging Internet of Things (IoT) revolution has introduced many useful applications that are utilized in our daily lives. Users can program these devices in order to develop their own IoT applications; however, the platforms and languages that are used during development are abounding, complicated, and time-consuming. The software solution provided in this thesis, PROVIZ+, is a secure sensor application development software suite that helps users create sophisticated and secure IoT applications with little software and hardware experience. Moreover, a simple and efficient domain-specific programming language, namely Panther language, was designed for IoT application development to unify existing programming languages. In addition to these contributions, PROVIZ+ supports a novel secure over-the-air programming framework, namely SOTA, using Bluetooth and WiFi as well as serial programming.
In this thesis, we explain the features of PROVIZ+’s components, how these tools can help develop IoT applications, and SOTA. We also present the performance evaluations of PROVIZ+ and SOTA.
27
Kong, Jeong Ja. "Security system for passive IP devices on SIP-based networks." Thesis, University of Ottawa (Canada), 2009. http://hdl.handle.net/10393/28211.
Full textAbstract:
Session Initiation Protocol (SIP), an easy and simple Internet application layer protocol used to establish a session, and passive Internet Protocol (IP) devices like SIP-based surveillance cameras, form a perspective combination that is on demand in the network market. The only necessity of the predefined network is to acquire a secure mechanism due to the private information that the devices transmit on the Internet network. This thesis proposes an architecture for securing information that passive IP devices deliver into public IP networks. The architecture provides a security mechanism for authentication, authorization, and audit (AAA). The mechanism combines the security features of the authentication server with SIP architecture to provide AAA service to registered users requesting access to passive IP devices. Also, the Authentication-Authorization Database (AADB) that allows device certificate management is introduced. The dynamic password and dynamic session key utilized by the Public Key Infrastructure (PKI) scheme are also introduced to enhance the security features of devices by authenticating and administering user accesses and device accesses. The AAA with the authentication database and dynamic authentication mechanism ensures a secure IP network based on SIP protocol.
28
Razafindralambo, Tiana. "Security of micro-controllers : From smart cards to mobile devices." Thesis, Limoges, 2016. http://www.theses.fr/2016LIMO0087/document.
Full textAbstract:
Afin de pouvoir profiter de services sécurisés, efficaces et rapides (ex: paiement mobile, agenda, télécommunications, vidéos, jeux, etc.), de nos jours nos téléphones embarquent trois différents microcontrôleurs. Du plus sécurisé vers le plus générique nous avons, la carte SIM qui n’est autre qu’une carte à puce sécurisé chargée de garder de manière sûr au sein de sa mémoire des données sensibles. Ensuite, nous avons le processeur à bande de base qui est le seul à pouvoir discuter avec la carte SIM, et s’occupe de se charger des fonctions radio du téléphone (ex: le réseau GSM/3G/4G/LTE). Et enfin, nous avons le processeur applicatif, qui se charge d’exécuter tous les autres programmes sur le téléphone. Ce qui rend ces microcontrôleurs plus particuliers, c’est le fait qu’ils sont chacun contrôlés par un système d’exploitation totalement indépendant. Néanmoins, chacun peut avoir son influence, direct ou indirect sur l’autre/les autres. La sécurité de ces trois plateformes dépendent non seulement de leur implémentations matérielles, mais aussi de l’implémentation logicielle de leur système d’exploitation. Cette thèse s’intéresse à la sécurité logicielle, et en partie, matérielle de ces trois plateformes, afin de comprendre dans quelle mesure, une carte à puce telle que la carte SIM, est-elle résistante aux attaques logicielles dans le contexte d’un environnement multi-applicatif offert par les appareils mobiles. Nous nous intéressons aussi, à la sécurité du processeur applicatif face à une famille particulière d’attaque qui exploite le mécanisme de mémoire cache. Nous partons alors de l’étude et de l’application en pratique des attaques logiques sur carte à puce. Après avoir étudié les différents moyens qui permettent d’atteindre la carte SIM dans un mobile et ainsi d’étudier la surface d’attaque, nous poursuivons vers une étude par rétro-conception de l’implémentation de l’interface logicielle qui communique directement avec la SIM au niveau du processeur de bande de base. Ceci afin de comprendre le fonctionnement de cette partie très peu documentée. Finalement, nous étudions les effets du mécanisme de cache sur l’exécution d’un programme dans un téléphone mobile. Enfin, nous avons commencé à étudier l’attaque de Bernstein, qui consiste à exploiter les variations de temps induits par différents mécanismes de cache, en mesurant le temps global de l’exécution d’une implémentation particulière de l’algorithme cryptographique AES (Advanced Encryption Standard). Plus particulièrement, par une mise en pratique, nous essayons de déterminer ce qui exacerbe ou non la réalisation de sa technique dans le contexte d’un téléphone mobile réelNowadays, in order to provide secure, reliable and performant services (e.g: mobile payments, agenda, telecommunication, videos, games, etc.), smartphones embed three different micro-controllers. From the most secure to the most general purpose one, we have the SIM card which is a secure smart card that has to prevent anyone by any means to exfiltrate sensitive assets from its internal memories. Furthermore, we also have the baseband processor, which is the only one that directly talks with the SIM card. It essentially manages all the "phone" parts (e.g: GSM/3G/4G/LTE networks) inside a mobile device. Finally, we have the application processor which runs all the general user applications. What is interesting to note for those three micro-controllers is that they are controlled by different and independent operating systems. However, one may affect the behavior of the other(s). The security of these three platforms depend on their hardware and software implementations. This thesis is concerned with the security of these three microcontrollers that are managed by independent OSs within mobile devices. We particularly focused on understanding to what extent a smart card such as SIM cards can be resistant to software attacks in the context of a multi-application environment provided by mobile devices. We were also interested in a specific family of, so-called cache attacks, namely time-driven one, as this kind of technique essentially exploits the hardware implementation of the different cache memories and the mechanisms that enable to manage them. We decided to first study and experimentally perform so-called logical attacks on smart cards. In a second step, in order to understand the attack surface, we have studied the different means to reach the SIM card from both the baseband processor and the application processor. Then, by means of reverse engineering, we tried to understand how was implemented the SIM interface from the baseband side. Finally, we have studied the cache effects on the execution speed of a program on real mobile devices, and we experimentally studied Bernstein’s time-driven cache attack in order to understand what possible events/mechanisms exacerbate (or not) the achievement of the latter on an actual mobile device
29
Burkard, Corinna. "Three-dimensional scattering problems with applications to optical security devices." Thesis, University of Reading, 2010. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.529960.
Full text
30
Andersson, Dorothea. "Simulation of industrial control system field devices for cyber security." Thesis, KTH, Elkraftteknik, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-202405.
Full textAbstract:
Industrial Control Systems (ICS) are an integral part of modernsociety, not least when it comes to controlling and protecting criticalinfrastructure such as power grids and water supply. There is a need to testthese systems for vulnerabilities, but it is often difficult if not impossible to doso in operational real time systems since they have been shown to be sensitiveeven to disturbances caused by benign diagnostic tools. This thesis exploreshow ICS field devices can be simulated in order to fool potential antagonists,and how they can be used in virtualized ICS for cyber security research. 8different field devices were simulated using the honeypot daemon Honeyd,and a generally applicable simulation methodology was developed. It was alsoexplored how these simulations can be further developed in order to functionlike real field devices in virtualized environments.Industriella informations- och styrsystem utgör en viktig delav vårt moderna samhälle, inte minst när det gäller kontroll och skydd avkritisk infrastruktur som elnät och vattenförsörjning. Det finns stora behov avatt säkerhetstesta dessa typer av system, vilket ofta är omöjligt iproduktionsmiljöer med realtidskrav som är erkänt känsliga för störningar, tilloch med från vanligt förekommande analysverktyg. Denna rapport presenterarhur vanliga komponenter i industriella informations- och styrsystem kansimuleras för att lura potentiella antagonister, och hur de kan användas ivirtualiserade styrsystem för cybersäkerhetsforskning. 8 olika komponentersimulerades med hjälp av Honeyd, och en generellt applicerbarsimuleringsmetodik utvecklades. Hur dessa simuleringar kan vidareutvecklasför att fungera som riktiga styrsystemskomponenter i virtualiserade miljöer harockså undersökts.
31
Wu, Longfei. "Designing Effective Security and Privacy Schemes for Wireless Mobile Devices." Diss., Temple University Libraries, 2017. http://cdm16002.contentdm.oclc.org/cdm/ref/collection/p245801coll10/id/469736.
Full textAbstract:
Computer and Information SciencePh.D.
The growing ubiquity of modern wireless and mobile electronic devices has brought our daily lives with more convenience and fun. Today's smartphones are equipped with a variety of sensors and wireless communication technologies, which can support not only the basic functions like phone call and web browsing, but also advanced functions like mobile pay, biometric security, fitness monitoring, etc. Internet-of-Things (IoT) is another category of popular wireless devices that are networked to collect and exchange data. For example, the smart appliances are increasingly deployed to serve in home and office environments, such as smart thermostat, smart bulb, and smart meter. Additionally, implantable medical devices (IMD) is the typical type of modern wireless devices that are implanted within human body for diagnostic, monitoring, and therapeutic purposes. However, these modern wireless and mobile devices are not well protected compared with traditional personal computers (PCs), due to the intrinsic limitations in computation power, battery capacity, etc. In this dissertation, we first present the security and privacy vulnerabilities we discovered. Then, we present our designs to address these issues and enhance the security of smartphones, IoT devices, and IMDs. For smartphone security, we investigate the mobile phishing attacks, mobile clickjacking attacks and mobile camera-based attacks. Phishing attacks aim to steal private information such as credentials. We propose a novel anti-phishing scheme MobiFish, which can detect both phishing webpages and phishing applications (apps). The key idea is to check the consistency between the claimed identity and the actual identity of a webpage/app. The claimed identity can be extracted from the screenshot of login user interface (UI) using the optical character recognition (OCR) technique, while the actual identity is indicated by the secondary-level domain name of the Uniform Resource Locator (URL) to which the credentials are submitted. Clickjacking attacks intend to hijack user inputs and re-route them to other UIs that are not supposed to receive them. To defend such attacks, a lightweight and independent detection service is integrated into the Android operating system. Our solution requires no user or app developer effort, and is compatible with existing commercial apps. Camera-based attacks on smartphone can secretly capture photos or videos without the phone user's knowledge. One advanced attack we discovered records the user's eye movements when entering passwords. We found that it is possible to recover simple passwords from the video containing user eye movements. Next, we propose an out-of-band two-factor authentication scheme for indoor IoT devices (e.g., smart appliances) based on the Blockchain infrastructure. Since smart home environment consists of multiple IoT devices that may share their sensed data to better serve the user, when one IoT device is being accessed, our design utilizes another device to conduct a secondary authentication over an out-of-band channel (light, acoustic, etc.), to detect if the access requestor is a malicious external device. Unlike smartphones and IoT devices, IMDs have the most limited computation and battery resources. We devise a novel smartphone-assisted access control scheme in which the patient's smartphone is used to delegate the heavy computations for authentication and authorization. The communications between the smartphone and the IMD programmer are conducted through an audio cable, which can resist the wireless eavesdropping and other active attacks.
Temple University--Theses
32
Maji, Saurav. "Energy-efficient protocol and hardware for security of implantable devices." Thesis, Massachusetts Institute of Technology, 2019. https://hdl.handle.net/1721.1/122701.
Full textAbstract:
This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2019
Cataloged from student-submitted PDF version of thesis.
Includes bibliographical references (pages 77-83).
Modern-day bio-electronics has truly revolutionized monitoring, diagnosis, and treatment of disease. The continued development of microelectronic has fueled the development of implantable and wearable devices by enabling them with increased functionality and features. According to the report, global active implantable medical devices (IMDs) market was valued at approximately USD 16.47 billion in 2017 and is expected to generate revenue of around USD 23.33 billion by the end of 2024 [63]. However, the deployment of these devices is limited by their security concerns. Several attacks have been demonstrated on IMDs by exploiting their weaknesses [29, 36, 38, 58, 72]. Although these attacks have been demonstrated for academic investigation, these are enough to confirm that the security of these systems needs to be addressed more aggressively. In this work, we analyze the security concerns in the design of the IMDs and the interactions with the other parties involved. Based on this analysis, we propose a protocol to address some of the shortcomings. Our protocol features a dual-factor authentication system in the IMD that relies on both cryptographic security as well as voluntary human actions before responding to any request. We discuss the merits of the protocol and analyze the trade-offs involved. The proposed protocol is implemented in an energy-efficient integrated circuit-and-system solution to emulate an actual implantable device. The design decisions involved to make the system energy-efficient and to accelerate the cryptographic computation are analyzed in detail. Finally, the impact of the implemented protocol on the entire system is obtained and discussed for various use-cases.
"Analog Devices Fellowship and Analog Devices Inc. for providing financial support during various phases of this project"
by Saurav Maji.
S.M.
S.M. Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science
33
Mahboubi, Arash. "Security of critical information infrastructures exposed to mobile personal devices." Thesis, Queensland University of Technology, 2018. https://eprints.qut.edu.au/118743/1/Arash_Mahboubi_Thesis.pdf.
Full textAbstract:
Mobile personal devices with USB communication capabilities are essential elements of our modern lives. Their large-scale pervasive deployment within the population has promoted many malware attacks some of which are capable of infiltrating physically isolated critical control systems. This research investigates mobile malware capable of infecting and spreading through a system with heterogeneous computing, communication and storage components. Two novel prevention methods are presented: user accountability and system immunity. While the former uses a novel intrusive USB authentication, authorization and accounting solution, the latter exploits coding theory to make the system immune and allergic to the malware behaviour.
34
Kedrowitsch, Alexander Lee. "Deceptive Environments for Cybersecurity Defense on Low-power Devices." Thesis, Virginia Tech, 2017. http://hdl.handle.net/10919/86164.
Full textAbstract:
The ever-evolving nature of botnets have made constant malware collection an absolute necessity for security researchers in order to analyze and investigate the latest, nefarious means by which bots exploit their targets and operate in concert with each other and their bot master.
In that effort of on-going data collection, honeypots have established themselves as a curious and useful tool for deception-based security. Low-powered devices, such as the Raspberry Pi, have found a natural home with some categories of honeypots and are being embraced by the honeypot community. Due to the low cost of these devices, new techniques are being explored to employ multiple honeypots within a network to act as sensors, collecting activity reports and captured malicious binaries to back-end servers for later analysis and network threat assessments. While these techniques are just beginning to gain their stride within the security community, they are held back due to the minimal amount of deception a traditional honeypot on a low-powered device is capable of delivering.
This thesis seeks to make a preliminary investigation into the viability of using Linux containers to greatly expand the deception possible on low-powered devices by providing isolation and containment of full system images with minimal resource overhead. It is argued that employing Linux containers on low-powered device honeypots enables an entire category of honeypots previously unavailable on such hardware platforms. In addition to granting previously unavailable interaction with honeypots on Raspberry Pis, the use of Linux containers grants unique advantages that have not previously been explored by security researchers, such as the ability to defeat many types of virtual environment and monitoring tool detection methods.Master of Science
35
Hallett, Joseph. "Capturing mobile security policies precisely." Thesis, University of Edinburgh, 2018. http://hdl.handle.net/1842/31341.
Full textAbstract:
The security policies of mobile devices that describe how we should use these devices are often informally specified. Users have preferences for some apps over others. Some users may avoid apps which can access large amounts of their personal data, whilst others may not care. A user is unlikely to write down these policies or describe them using a formal policy language. This is unfortunate as without a formal description of the policy we cannot precisely reason about them. We cannot help users to pick the apps they want if we cannot describe their policies. Companies have mobile security policies that definehowan employee should use smart phone devices and tablet computers from home at work. A company might describe the policy in a natural language document for employees to read and agree to. They might also use some software installed on employee's devices to enforce the company rules. Without a link between the specification of the policy in the natural language document and the implementation of the policy with the tool, understanding how they are related can be hard. This thesis looks at developing an authorisation logic, called AppPAL, to capture the informal security policies of the mobile ecosystem, which we define as the interactions surrounding the use of mobile devices in a particular setting. This includes the policies of the users, the devices, the app stores, and the environments the users bring the devices into. Whilst earlier work has looked on checking and enforcing policies with low-level controls, this work aims to capture these informal policy's intents and the trust relationships within them separating the policy specification from its enforcement. This allows us to analyse the informal policies precisely, and reason about how they are used. We show how AppPAL instantiates SecPAL, a policy language designed for access control in distributed environments. We describe AppPAL's implementation as an authorisation logic for mobile ecosystems. We show how we can check AppPAL policies for common errors. Using AppPAL we show that policies describing users privacy preferences do not seem to match the apps users install. We explore the differences between app stores and how to create new ones based on policy. We look at five BYOD policies and discover previously unexamined idioms within them. This suggests aspects of BYOD policies not managed by current BYOD tools.
36
Mayisela, Simphiwe Hector. "Data-centric security : towards a utopian model for protecting corporate data on mobile devices." Thesis, Rhodes University, 2014. http://hdl.handle.net/10962/d1011094.
Full textAbstract:
Data-centric security is significant in understanding, assessing and mitigating the various risks and impacts of sharing information outside corporate boundaries. Information generally leaves corporate boundaries through mobile devices. Mobile devices continue to evolve as multi-functional tools for everyday life, surpassing their initial intended use. This added capability and increasingly extensive use of mobile devices does not come without a degree of risk - hence the need to guard and protect information as it exists beyond the corporate boundaries and throughout its lifecycle. Literature on existing models crafted to protect data, rather than infrastructure in which the data resides, is reviewed. Technologies that organisations have implemented to adopt the data-centric model are studied. A utopian model that takes into account the shortcomings of existing technologies and deficiencies of common theories is proposed. Two sets of qualitative studies are reported; the first is a preliminary online survey to assess the ubiquity of mobile devices and extent of technology adoption towards implementation of data-centric model; and the second comprises of a focus survey and expert interviews pertaining on technologies that organisations have implemented to adopt the data-centric model. The latter study revealed insufficient data at the time of writing for the results to be statistically significant; however; indicative trends supported the assertions documented in the literature review. The question that this research answers is whether or not current technology implementations designed to mitigate risks from mobile devices, actually address business requirements. This research question, answered through these two sets qualitative studies, discovered inconsistencies between the technology implementations and business requirements. The thesis concludes by proposing a realistic model, based on the outcome of the qualitative study, which bridges the gap between the technology implementations and business requirements. Future work which could perhaps be conducted in light of the findings and the comments from this research is also considered.
37
Pierfederici, Eugenio. "Inferring the behaviour and security of networked devices via communication analysis." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2019. http://amslaurea.unibo.it/19418/.
Full textAbstract:
In the last years the number of devices connected to the Internet has been increasing exponentially and it has reached huge numbers, just days ago the RIPE Network Coordination Center announced it run out of IPv4 addresses.
As a consequence, it's extremely complex to control what is happening on the network and what, or whom, a device is communicating with. We are losing control over many of our devices. It's becoming everyday more difficult to know what the device is doing and what is it sharing on the Internet.
Luckily, in the last years the attention to security, privacy and awareness is ever increasing: the users pay more attention to what their devices are doing and care about it.
While big software (like the operative systems and most mobile devices) make available an increasing number of tools to monitor the device traffic, some devices cannot be inspected or those same tools may be forged in a way that makes it impossible to detect some specific malicious behaviours.
Until now every successful method to detect or filter the behaviour of the devices has been trying to only detect anomalies or manually lock some specific behaviours; this means nobody ever tried to understand at a discrete
level of accuracy what the device does relying only on the analysis of the metadata of the traffic intercepted.
That’s why in this thesis I defined a model able to detect the behaviour which is occurring on the device by the mere observation of its network traffic. In doing so, I first defined a model that takes the raw low-level information regarding the communications occurring, process them and return information about the high-level operations occurring on the device. I then built a demo that uses that model and demonstrates its feasibility. The data used are low-level information on the traffic without ever inspecting its payload.
To improve the efficiency of the algorithm, I also use a form of Recurrent Neural Networks to finally infer the device behaviour.
38
Al-Hassanieh, Haitham (Haitham Zuhair). "Encryption on the air : non-Invasive security for implantable medical devices." Thesis, Massachusetts Institute of Technology, 2011. http://hdl.handle.net/1721.1/66020.
Full textAbstract:
Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2011.Cataloged from PDF version of thesis.
Includes bibliographical references (p. 73-78).
Modern implantable medical devices (IMDs) including pacemakers, cardiac defibrillators and nerve stimulators feature wireless connectivity that enables remote monitoring and post-implantation adjustment. However, recent work has demonstrated that flawed security tempers these medical benefits. In particular, an understandable lack of cryptographic mechanisms results in the IMD disclosing private data and being unable to distinguish authorized from unauthorized commands. In this thesis, we present IMD-Shield; a prototype defenses against a previously proposed suite of attacks on IMDs. IMD-Shield is an external entity that uses a new full dulpex radio design to secure transmissions to and from the IMD on the air wihtout incorporating the IMD itself. Because replacing the install base of wireless-enabled IMDs is infeasible, our system non-invasively enhances the security of unmodified IMDs. We implement and evaluate our mechanism against modern IMDs in a variety of attack scenarios and find that it effectively provides confidentiality for private data and shields the IMD from unauthorized commands.
by Haitham Al-Hassanieh.
S.M.
39
Dutta, Saurabh. "Striking a balance between usability and cyber-security in IoT devices/." Thesis, Massachusetts Institute of Technology, 2017. http://hdl.handle.net/1721.1/113508.
Full textAbstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2017.Cataloged from PDF version of thesis.
Includes bibliographical references (pages 67-74).
Today more and more physical objects are being connected to internet. The Internet of Things, or loT, is dramatically changing the way of living and the way we interact with things and each other. Home doors can be opened remotely with a watch, cars' performance can be upgraded remotely, devices monitor health and send updates to physicians remotely. loT technology has made some labor-intensive jobs simple and has the potential to simplify and enhance nearly every aspect of our lives. On the other hand, increased levels of high profile cyber security breaches in recent years have made it clear how important it is to make sure these devices are trustworthy and secure. While most users are aware of how critical it is to secure their laptops, mobile devices, and apps, due to the seamless ways in which loT devices integrates into our daily lives, users are often unaware of risks associated with them. At the same time, IoT device makers are aggressively releasing new products in a mad race to establish themselves in this emerging market. Increased pressure to differentiate on usability based functionalities has spurred products and features that are not properly vetted for security. Gartner predicts that by 2020, more than 25% of identified enterprise attacks will involve IoT, though loT will account for only 10% of IT security budgets. As loT continues to grow, vendors will favor usability over security and IT security practitioners remain unsure of the correct amount of acceptable risk.
by Saurabh Dutta.
S.M. in Engineering and Management
40
Malik, Muneer. "Creating Secured Web Framework for Mobile Devices." University of Cincinnati / OhioLINK, 2013. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1378112267.
Full text
41
Brawerman, Alessandro. "A Fraud-Prevention Framework for Software Defined Radio Mobile Devices." Diss., Georgia Institute of Technology, 2005. http://hdl.handle.net/1853/7162.
Full textAbstract:
The superior reconfigurability of software defined radio mobile devices has made it one of the most promising technology on the wireless network and in the mobile communication industry.
The evolution from a static and rigid system to a highly dynamic environment, which offers many advantages over current systems, has been made possible thanks to the concepts of programmability
and reconfigurability introduced by the software defined radio technology and the higher level of flexibility and openness of this technology's devices.
Clearly, the software defined radio mobile device's flexibility is a great advantage since the customer is able to use the same device in different parts of the world, with different wireless technologies.
Despite the advantages, there are still issues to be discussed regarding security. According to the Software Defined Radio Forum some of the concerns are the radio configuration download, storage and installation, user's privacy, and cloning.
To address the SDR Forum concerns a raud-prevention framework is proposed. The framework is composed by new pieces of hardware, new modules and new protocols that together greatly enhance the overall security of software defined radio mobile devices and this new highly dynamic environment.
The framework offers security monitoring against malicious attacks and viruses that may affect the configuration data; protects sensitive information through the use of protected storage; creates and protects an identity for the system; employs a secure and efficient protocol for radio configuration download and update; and finally, establishes an anti-cloning scheme, which not
only guarantees that no units can be cloned over the air but also elevates the level of difficulty to clone units if the attacker has physical access to those units. Even if cloned units exist, the anti-cloning scheme is able to identify them and deny any service.
42
Horcher, Ann-Marie. "Conservation of Limited Resources: Design Principles for Security and Usability on Mobile Devices." Diss., NSUWorks, 2018. https://nsuworks.nova.edu/gscis_etd/1028.
Full textAbstract:
Mobile devices have evolved from an accessory to the primary computing device for an increasing portion of the general population. Not only is mobile the primary device, consumers on average have multiple Internet-connected devices. The trend towards mobile has resulted in a shift to “mobile-first” strategies for delivering information and services in business organizations, universities, and government agencies. Though principles for good security design exist, those principles were formulated based upon the traditional workstation configuration instead of the mobile platform. Security design needs to follow the shift to a “mobile-first” emphasis to ensure the usability of the security interface. The mobile platform has constraints on resources that can adversely impact the usability of security. This research sought to identify design principles for usable security for mobile devices that address the constraints of the mobile platform. Security and usability have been seen as mutually exclusive. To accurately identify design principles, the relationship between principles for good security design and usability design must be understood. The constraints for the mobile environment must also be identified, and then evaluated for their impact on the interaction of a consumer with a security interface. To understand how the application of the proposed mobile security design principles is perceived by users, an artifact was built to instantiate the principles. Through a series of guided interactions, the importance of proposed design principles was measured in a simulation, in human-computer interaction, and in user perception. The measures showed a resounding difference between the usability of the same security design delivered on mobile vs. workstation platform. It also reveals that acknowledging the constraints of an environment and compensating for the constraints yields mobile security that is both usable and secure. Finally, the hidden cost of security design choices that distract the user from the surrounding environment were examined from both the security perspective and public safety perspective.
43
Jellen, Isabel. "Towards Security and Privacy in Networked Medical Devices and Electronic Healthcare Systems." DigitalCommons@CalPoly, 2020. https://digitalcommons.calpoly.edu/theses/2141.
Full textAbstract:
E-health is a growing eld which utilizes wireless sensor networks to enable access to effective and efficient healthcare services and provide patient monitoring to enable early detection and treatment of health conditions. Due to the proliferation of e-health systems, security and privacy have become critical issues in preventing data falsification, unauthorized access to the system, or eavesdropping on sensitive health data. Furthermore, due to the intrinsic limitations of many wireless medical devices, including low power and limited computational resources, security and device performance can be difficult to balance. Therefore, many current networked medical devices operate without basic security services such as authentication, authorization, and encryption.
In this work, we survey recent work on e-health security, including biometric approaches, proximity-based approaches, key management techniques, audit mechanisms, anomaly detection, external device methods, and lightweight encryption and key management protocols. We also survey the state-of-the art in e-health privacy, including techniques such as obfuscation, secret sharing, distributed data mining, authentication, access control, blockchain, anonymization, and cryptography. We then propose a comprehensive system model for e-health applications with consideration of battery capacity and computational ability of medical devices. A case study is presented to show that the proposed system model can support heterogeneous medical devices with varying power and resource constraints. The case study demonstrates that it is possible to signicantly reduce the overhead for security on power-constrained devices based on the proposed system model.
44
Amrutkar, Chaitrali Vijay. "Towards secure web browsing on mobile devices." Diss., Georgia Institute of Technology, 2014. http://hdl.handle.net/1853/53400.
Full textAbstract:
The Web is increasingly being accessed by portable, multi-touch wireless devices. Despite the popularity of
platform-specific (native) mobile apps, a
recent study of smartphone usage shows that more people (81%) browse the Web than use native apps (68%) on their phone. Moreover, many popular native apps such as BBC depend on browser-like components (e.g., Webview) for their functionality. The popularity and prevalence of web browsers on modern mobile phones warrants characterizing existing and emerging threats to mobile web browsing, and building solutions for
the same. Although a range of studies have focused on the security of native apps on mobile devices, efforts in characterizing the security of web transactions originating at mobile browsers are limited.
This dissertation presents three main contributions: First, we show that porting browsers to mobile platforms leads to new vulnerabilities previously not observed in desktop browsers. The solutions to these vulnerabilities require careful balancing between usability and security and might not always be equivalent to those in desktop browsers. Second, we empirically demonstrate that the combination of reduced screen space and an independent selection of security indicators not only make it difficult for experts to determine the security standing of mobile browsers, but actually make mobile browsing more dangerous for average users as they provide a false sense of security. Finally, we experimentally demonstrate the need for mobile specific techniques to detect malicious webpages. We then design and implement kAYO, the first mobile specific static tool to detect malicious webpages in real-time.
45
Karatzouni, Sevasti. "Non-intrusive continuous user authentication for mobile devices." Thesis, University of Plymouth, 2014. http://hdl.handle.net/10026.1/3225.
Full textAbstract:
The modern mobile device has become an everyday tool for users and business. Technological advancements in the device itself and the networks that connect them have enabled a range of services and data access which have introduced a subsequent increased security risk. Given the latter, the security requirements need to be re-evaluated and authentication is a key countermeasure in this regard. However, it has traditionally been poorly served and would benefit from research to better understand how authentication can be provided to establish sufficient trust. This thesis investigates the security requirements of mobile devices through literature as well as acquiring the user’s perspectives. Given the findings it proposes biometric authentication as a means to establish a more trustworthy approach to user authentication and considers the applicability and topology considerations. Given the different risk and requirements, an authentication framework that offers transparent and continuous is developed. A thorough end-user evaluation of the model demonstrates many positive aspects of transparent authentication. The technical evaluation however, does raise a number of operational challenges that are difficult to achieve in a practical deployment. The research continues to model and simulate the operation of the framework in an controlled environment seeking to identify and correlate the key attributes of the system. Based upon these results and a number of novel adaptations are proposed to overcome the operational challenges and improve upon the impostor detection rate. The new approach to the framework simplifies the approach significantly and improves upon the security of the system, whilst maintaining an acceptable level of usability.
46
Karamanos, Emmanouil. "Investigation of home router security." Thesis, KTH, Kommunikationssystem, CoS, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-91107.
Full textAbstract:
Home routers are common in every household that has some kind of Internet connectivity. These embedded devices are running services such as web, file and DHCP server. Even though they have the same security issues as regular computers, they do no run protection software such as anti-virus and they are not updated. Moreover, the importance of these devices is misjudged; all network traffic is passing through them and they control the DNS of the network while, in most cases, they are on-line around the clock. When more and more non-Internet features are implemented into home routers, such as Voice over IP and network storage, their role becomes more special and many security concerns are raising. In this thesis, we investigate the issues resulting from this special role; the importance for these devices to be secure, the attacking vector and how the devices can be compromised to be part of a large home router botnet. We conclude by proposing ways to make the current implementation more secure, suggesting ways to protect routers from botnets without user interaction, that is from the ISP, while respecting the privacy of the end user and we identify what future work needs to be done.Router är vanliga i hem som har någon slags Internet anslutning. De här inbyggda enheter kör tjänster som t.ex. web, file och DHCP basenheter. Fastän de har samma säkerhetsfrågor som vanliga datorer, så kan de inte använda säkerhets mjukvara som t.ex anti-virus och de är inte uppdaterade. Dessutom har betydelsen av de här apparaterna blivit felbedömmat; hela nätverket passerar genom dem och de kontrolerar nätverkets DNS medan, i de flesta fall, de är on-line dygnet runt. Men, när mer och mer icke-Internet lockvaror fars in i routern, som t.ex Voice över IP och nätverkslagring, blir deras roll viktigare och oron för säkerheten växer. I den här avhandlingen utforskars problemen och frågorna som efterföljer deras speciella roll, hur viktigt det är att de här apparaterna är skyddade, (the attacking vector) och hur de här apparaterna kan bli jämkningad för att bli en del av ett stort router botnet. Vi avsluter med att lägga fram sätt att göra det nuvarande verktyget mer skyddat, föreslå sätt att skydda routern från botnet utan användarinteraktion, som kommer från ISP, medan man respekterar det andra användarens privtaliv och markera vad som behövs ändras i framtiden.
47
Overton, Billy. "Capturing and Analyzing Network Traffic from Common Mobile Devices for Security and Privacy." Digital Commons @ East Tennessee State University, 2014. https://dc.etsu.edu/honors/180.
Full textAbstract:
Mobile devices such as tablets and smartphones are becoming more common, and they are holding more information. This includes private information such as contacts, financial data, and passwords. At the same time these devices have network capability with access to the Internet being a prime feature. Little research has been done in observing the network traffic produced by these mobile devices. To determine if private information was being transmitted without user knowledge, the mobile capture lab and a set of procedures have been created to observe, capture and analyze the network traffic produced by mobile devices. The effectiveness of the lab and procedures has been evaluated with the analysis of four common mobile devices. The data analyzed from the case studies indicates that, contrary to popular opinion, very little private information is transmitted in clear text by mobile devices without the user’s knowledge.
48
Stelly, Christopher D. "Dynamic User Defined Permissions for Android Devices." ScholarWorks@UNO, 2013. http://scholarworks.uno.edu/td/1775.
Full textAbstract:
Mobile computing devices have become an essential part of everyday life and are becoming the primary means for collecting and storing sensitive personal and corporate data. Android is, by far, the dominant mobile platform, which makes its permissions model responsible for securing the vast majority of this sensitive data.
The current model falls well short of actual user needs, as permission assignments are made statically at installation time. Therefore, it is impossible to implement dynamic security policies that could be applied selectively depending on context. Users are forced to unconditionally trust installed apps without means to isolate them from sensitive data.
We describe a new approach, app sanitization, which automatically instruments apps at installation time, such that users can dynamically grant and revoke individual permissions. The main advantage of our technique is that it runs in userspace and utilizes standard aspect-oriented methods to incorporate custom security controls into the app.
49
Giacalone, Anthony S. "Evaluation of security methods for the prevention of malware on mobile devices." Thesis, California State University, Long Beach, 2014. http://pqdtopen.proquest.com/#viewpdf?dispub=1527936.
Full textAbstract:
Since the introduction of the iPhone in 2008, mobile devices have become ubiquitous in our society and have spawned a new area for attackers to steal private information and data. Malware has begun to appear on these devices despite the claims of Google and Apple that their devices are secure. To combat this growing problem, companies have started producing applications which claim to have the ability to scan for malware and protect devices from these threats. Current measures to prevent loss of data from malware and illicit use of mobile devices are first be discussed. This thesis then explores and attempts to analyze the three most popular security application offerings on Android OS and determine if these security suites have any benefits to the user above and beyond the standard malware scans that are performed by Google's servers by conducting four separate benchmark tests on the software. Potential problems with these security programs, which include increased system load and loss of battery life, will be included in the discussion along with the results of the tests. Finally, this thesis will explore and discuss the lack of heuristic scanning in these security applications and the potential threat that boot sector viruses might pose to mobile devices in the future.
50
Huang, Xuan. "Mobile security and smart systems : multi-modal biometric authentication on mobile devices." Thesis, Abertay University, 2013. https://rke.abertay.ac.uk/en/studentTheses/ce2dec7b-fdcf-496e-81c4-fb98d0033c78.
Full textAbstract:
With increased use of mobile phones that support mobile commerce, there is a need to examine the authentication of users. The password-based authentication techniques are not reliable with many passwords being too simple. A biometric authentication system is becoming more commonplace and is widely used in security fields because of its special stability and uniqueness. Within this context, the researcher has developed a fuzzy logic based multi-modal biometric authentication system to verify the identity of a mobile phone user. The research presented in this thesis involves three parts of work. Firstly, a model to support the authentication of mobile commerce has been proposed. Within this model, a number of different authentication levels have been defined in the system which sought to achieve the balance between usability and security. Secondly, the researcher has developed a multi-modal biometric authentication system which involves typing behaviour recognition, face recognition and speaker recognition techniques to establish the identity of the user on the mobile phone. However, there are some issues with deterministic biometric authentication systems. Because of this, a fuzzy logic model which can determine the transaction risk in m-commerce and the recognition result from biometric authentication engine has been built. In the experimental stage, the researcher simulates a mobile commerce environment. At one extreme, users will just want to obtain the item and not enter any identity. They are prepared to accept the low level of risk when the transaction is of low value. On the other extreme for a high value transaction users will accept multiple levels of security and would not want the transaction to go through without any checking. The experimental results showed that the fuzzy logic based multi-modal authentication system can achieve a low equal error rate (EER) of 0.63%, and by using the fuzzy logic model, it can effectively reduce the false rejection rate (FRR). There is also a reduction in the environmental influence in the fuzzy logic based biometric authentication. There are three contributions of the thesis: firstly, this research has proposed a model to support the authentication in mobile commerce. Secondly, a multi-modal biometric authentication system was developed. Another major contribution is the development of a fuzzy logic based multi-modal biometric authentication system which is able to overcome the issues of deterministic biometric systems. Overall, the results gained in this thesis prove that using the multi-modal biometric authentication system, itis possible to establish the identity of the user on a mobile phone. The fuzzy logic based authentication model can make the multi-modal biometric system more accurate, and also reduce the influence of external environmental factors. A holistic interpretation of the research indicated that the mobile security and smart system can help mobile commerce become more secure and more flexible in future.