Dissertations / Theses on the topic 'Security systems Mathematics'

Big data has been used regularly in finance and business to build forecasting models. It is, however, a relatively new concept in the security industry. This study predicts technology related alarm codes that will sound in the coming 7 days at location $L$ by observing the past 7 days. Logistic regression and neural networks are applied to solve this problem. Due to the problem being of a multi-labeled nature logistic regression is applied in combination with binary relevance and classifier chains. The models are trained on data that has been labeled with two separate methods, the first method labels the data by only observing location $L$. The second considers $L$ and $L$'s surroundings. As the problem is multi-labeled the labels are likely to be unbalanced, thus a resampling technique, SMOTE, and random over-sampling is applied to increase the frequency of the minority labels. Recall, precision, and F1-score are calculated to evaluate the models. The results show that the second labeling method performs better for all models and that the classifier chains and binary relevance model performed similarly. Resampling the data with the SMOTE technique increases the macro average F1-scores for the binary relevance and classifier chains models, however, the neural networks performance decreases. The SMOTE resampling technique also performs better than random over-sampling. The neural networks model outperforms the other two models on all methods and achieves the highest F1-score.
Big data har använts regelbundet inom ekonomi för att bygga prognosmodeller, det är dock ett relativt nytt koncept inom säkerhetsbranschen. Denna studie förutsäger vilka larmkoder som kommer att låta under de kommande 7 dagarna på plats $L$ genom att observera de senaste 7 dagarna. Logistisk regression och neurala nätverk används för att lösa detta problem. Eftersom att problemet är av en multi-label natur tillämpas logistisk regression i kombination med binary relevance och classifier chains. Modellerna tränas på data som har annoterats med två separata metoder. Den första metoden annoterar datan genom att endast observera plats $L$ och den andra metoden betraktar $L$ och $L$:s omgivning. Eftersom problemet är multi-labeled kommer annoteringen sannolikt att vara obalanserad och därför används resamplings metoden, SMOTE, och random over-sampling för att öka frekvensen av minority labels. Recall, precision och F1-score mättes för att utvärdera modellerna. Resultaten visar att den andra annoterings metoden presterade bättre för alla modeller och att classifier chains och binary relevance presterade likartat. Binary relevance och classifier chains modellerna som tränades på datan som använts sig av resamplings metoden SMOTE gav ett högre macro average F1-score, dock sjönk prestationen för neurala nätverk. Resamplings metoden SMOTE presterade även bättre än random over-sampling. Neurala nätverksmodellen överträffade de andra två modellerna på alla metoder och uppnådde högsta F1-score.

IT security metrics are used to achieve an IT security assessment of certain parts of the IT security environment. There is neither a consensus of the definition of an IT security metric nor a natural scale type of the IT security. This makes the interpretation of the IT security difficult. To accomplish a comprehensive IT security assessment one must aggregate the IT security values to compounded values.

When developing IT security metrics it is important that permissible mathematical operations are made so that the information are maintained all the way through the metric. There is a need for a sound mathematical foundation for this matter.

The main results produced by the efforts in this thesis are:

• Identification of activities needed for IT security assessment when using IT security metrics.

• A method for selecting a set of security metrics in respect to goals and criteria, which also is used to

• Aggregate security values generated from a set of security metrics to compounded higher level security values.

• A mathematical foundation needed for development of security metrics.

Tweakable ciphers are a building block used to construct a variety of cryptographic algorithms. Typically, one proves (via a reduction) that a tweakable-cipher-based algorithm is about as secure as the underlying tweakable cipher. Hence improving the security or performance of tweakable ciphers immediately provides corresponding benefits to the wide array of cryptographic algorithms that employ them. We introduce new tweakable ciphers, some of which have better security and others of which have better performance than previous designs. Moreover, we demonstrate that tweakable ciphers can be used directly (as opposed to as a building block) to provide authenticated encryption with associated data in a way that (1) is robust against common misuses and (2) can, in some cases, result in significantly shorter ciphertexts than other approaches.

With the extreme growth in third party cloud applications, increased exposure of applications to the internet, and the impact of successful breaches, improving the security of software being produced is imperative. Static analysis tools can alert to quality and security vulnerabilities of an application; however, they present developers and analysts with a high rate of false positives and unactionable alerts. This problem may lead to the loss of confidence in the scanning tools, possibly resulting in the tools not being used. The discontinued use of these tools may increase the likelihood of insecure software being released into production. Insecure software can be successfully attacked resulting in the compromise of one or several information security principles such as confidentiality, availability, and integrity. Feature selection methods have the potential to improve the classification of static analysis alerts and thereby reduce the false positive rates. Thus, the goal of this research effort was to improve the classification of static analysis alerts by proposing and testing a novel method leveraging feature selection. The proposed model was developed and subsequently tested on three open source PHP applications spanning several years. The results were compared to a classification model utilizing all features to gauge the classification improvement of the feature selection model. The model presented did result in the improved classification accuracy and reduction of the false positive rate on a reduced feature set. This work contributes a real-world static analysis dataset based upon three open source PHP applications. It also enhanced an existing data set generation framework to include additional predictive software features. However, the main contribution is a feature selection methodology that may be used to discover optimal feature sets that increase the classification accuracy of static analysis alerts.

CAPES
Vídeos digitais se tornaram uma forma de comunicação altamente utilizada na rede, entretanto estes dados são facilmente copiados e distribuídos. Isto se deve ao crescente número de ferramentas que surgiram com este objetivo, causando quebra dos direitos autorais e distribuição ilegal de conteúdo. A solução mais estudada para este problema são as marcas d'água digitais, que provêm segurança em forma de autenticação e verificação de violação. Neste trabalho, foi desenvolvido um novo método de inserção e extração de marcas d'água em um vídeo, usando o processo chamado abordagem lateral. Este possibilita a marcação em blocos de frames. As diversas marcas inseridas são usadas como redundância para aumentar a robustez contra ataques. Os testes realizados seguiram o padrão dos benchmarks Vidmark e Stirmark, os quais demonstram a eficiência do método em manter a marca d'água mesmo após ataques.
Digital videos have become the most used way to communicate, however these data are easily copied and distributed. That happen due the growing number of tools that are create with this goal, causing breach of copyright and illegal distribution of content. The most studied solution that can solve this problem are the digital watermarks that provide security like authentication and tamper detection. In this work, we developed a new method of embedding and extracting watermarks in a video using a process called side view. This process allows watermark a block of frames. The several watermarks embedded can be used like redundance to grow the robustness of the method against attacks. The tests followed the standard benchmarks Vidmark and Stirmark that show the performance of the method in keep the watermark even after attacks.

This thesis presents the developed taxonomy of the security threats in agent-based distributed systems. Based on this taxonomy, a set of theories is developed to facilitate analyzng the security threats of the mobile-agent systems. We propose the idea of using the developed security risk graph to model the system's vulnerabilties.

In a digital world, users’ Personally Identifiable Information (PII) is normally managed with a system called an Identity Management System (IMS). There are many types of IMSs. There are situations when two or more IMSs need to communicate with each other (such as when a service provider needs to obtain some identity information about a user from a trusted identity provider). There could be interoperability issues when communicating parties use different types of IMS. To facilitate interoperability between different IMSs, an Identity Meta System (IMetS) is normally used. An IMetS can, at least theoretically, join various types of IMSs to make them interoperable and give users the illusion that they are interacting with just one IMS. However, due to the complexity of an IMS, attempting to join various types of IMSs is a technically challenging task, let alone assessing how well an IMetS manages to integrate these IMSs. The first contribution of this thesis is the development of a generic IMS model called the Layered Identity Infrastructure Model (LIIM). Using this model, we develop a set of properties that an ideal IMetS should provide. This idealized form is then used as a benchmark to evaluate existing IMetSs. Different types of IMS provide varying levels of privacy protection support. Unfortunately, as observed by Jøsang et al (2007), there is insufficient privacy protection in many of the existing IMSs. In this thesis, we study and extend a type of privacy enhancing technology known as an Anonymous Credential System (ACS). In particular, we extend the ACS which is built on the cryptographic primitives proposed by Camenisch, Lysyanskaya, and Shoup. We call this system the Camenisch, Lysyanskaya, Shoup - Anonymous Credential System (CLS-ACS). The goal of CLS-ACS is to let users be as anonymous as possible. Unfortunately, CLS-ACS has problems, including (1) the concentration of power to a single entity - known as the Anonymity Revocation Manager (ARM) - who, if malicious, can trivially reveal a user’s PII (resulting in an illegal revocation of the user’s anonymity), and (2) poor performance due to the resource-intensive cryptographic operations required. The second and third contributions of this thesis are the proposal of two protocols that reduce the trust dependencies on the ARM during users’ anonymity revocation. Both protocols distribute trust from the ARM to a set of n referees (n > 1), resulting in a significant reduction of the probability of an anonymity revocation being performed illegally. The first protocol, called the User Centric Anonymity Revocation Protocol (UCARP), allows a user’s anonymity to be revoked in a user-centric manner (that is, the user is aware that his/her anonymity is about to be revoked). The second protocol, called the Anonymity Revocation Protocol with Re-encryption (ARPR), allows a user’s anonymity to be revoked by a service provider in an accountable manner (that is, there is a clear mechanism to determine which entity who can eventually learn - and possibly misuse - the identity of the user). The fourth contribution of this thesis is the proposal of a protocol called the Private Information Escrow bound to Multiple Conditions Protocol (PIEMCP). This protocol is designed to address the performance issue of CLS-ACS by applying the CLS-ACS in a federated single sign-on (FSSO) environment. Our analysis shows that PIEMCP can both reduce the amount of expensive modular exponentiation operations required and lower the risk of illegal revocation of users’ anonymity. Finally, the protocols proposed in this thesis are complex and need to be formally evaluated to ensure that their required security properties are satisfied. In this thesis, we use Coloured Petri nets (CPNs) and its corresponding state space analysis techniques. All of the protocols proposed in this thesis have been formally modeled and verified using these formal techniques. Therefore, the fifth contribution of this thesis is a demonstration of the applicability of CPN and its corresponding analysis techniques in modeling and verifying privacy enhancing protocols. To our knowledge, this is the first time that CPN has been comprehensively applied to model and verify privacy enhancing protocols. From our experience, we also propose several CPN modeling approaches, including complex cryptographic primitives (such as zero-knowledge proof protocol) modeling, attack parameterization, and others. The proposed approaches can be applied to other security protocols, not just privacy enhancing protocols.

Cette thèse traite de la synchronisation des systèmes dynamiques. La synchronisation est étudiée pour une configuration de type maître-esclave, c'est-à-dire pour des systèmes couplés de façon unidirectionnelle. Ce type de configuration s'avère d'un intérêt tout particulier car elle correspond à des architectures de communications chiffrées un-vers-un ou un-vers-plusieurs. Une attention spécifique est portée sur l'autosynchronisation, comportement qui caractérise la synchronisation par le simple couplage maître-esclave et donc en l'absence de tout contrôle extérieur. Elle joue un rôle majeur dans les communications impliquant des chiffreurs par flot autosynchronisants. L'étude de l'autosynchronisation dans le contexte cryptographique s'appuie sur la théorie du contrôle. Un lien original entre l'autosynchronisation et le principe de chiffrement/déchiffrement en cryptographie est mis en évidence. Il fait appel à la propriété de platitude des systèmes dynamiques, un concept emprunté à l'automatique. On montre que les systèmes dynamiques plats définissent complètement l'ensemble des systèmes autosynchronisants et permettent d'élargir les structures existantes des chiffreurs autosynchronisants. La platitude est tout d'abord étudiée pour deux types de systèmes non linéaires~: les systèmes linéaires commutés et à paramètres variants (LPV). La caractérisation des sorties plates s'appuie sur le concept de semigroupes nilpotents et un algorithme performant est proposé. Une approche constructive pour réaliser des structures maître-esclave autosynchronisantes est proposée sur la base de systèmes plats et les notions d'inversibilité à gauche et à droite empruntées à la théorie du contrôle. Par la suite, l'autosynchronisation est étudiée dans le contexte booléen privilégié en cryptographie. Elle est caractérisée en premier lieu au travers la notion d'influence. Ensuite, différentes représentations matricielles associées aux fonctions booléennes sont proposées. Ces représentations s'avèrent particulièrement intéressantes pour l'analyse des propriétés liées à la sécurité. Un lien entre l'autosynchronisation et les structures propres des représentations matricielles est établi. Une approche orientée graphes est finalement élaborée pour la caractérisation. De nouvelles constructions de structures autosynchronisantes en sont déduites et des éléments de sécurité sont discutés. Enfin, une plateforme de test à base de FPGA qui a été réalisée est décrite.

Despite the recent advances in systems and network security, attacks on large enterprise networks consistently impose serious challenges to maintaining data privacy and software service integrity. We identify two main problems that contribute to increasing the security risk in a networked environment: (i) vulnerable servers, workstations, and mobile devices that suffer from vulnerabilities, which allow the execution of various cyber attacks, and, (ii) poor security and system configurations that create loopholes used by attackers to bypass implemented security defenses.

Complex attacks on large networks are only possible with the existence of vulnerable intermediate machines, routers, or mobile devices (that we refer to as network components) in the network. Vulnerabilities in highly connected servers and workstations, that compromise the heart of today\'s networks, are inevitable. Also, modern mobile devices with known vulnerabilities cause an increasing risk on large networks. Thus, weak security mechanisms in vulnerable  network components open the possibilities for effective network attacks.

On the other hand, lack of systematic methods for an effective static analysis of an overall complex network results in inconsistent and vulnerable configurations at individual network components as well as at the network level. For example, inconsistency and faults in designing firewall rules at a host may result in enabling more attack vector. Further, the dynamic nature of networks with changing network configurations, machine availability and connectivity, make the security analysis a challenging task.

This work presents a hybrid approach to security by providing two solutions for analyzing the overall security of large organizational networks, and a runtime  framework for protecting individual network components against misuse of system resources by cyber attackers. We  observe that to secure an overall computing environment, a static analysis of a network is not sufficient. Thus, we couple our analysis with a framework to secure individual network components including high performance machines as well as mobile devices that repeatedly enter and leave networks. We also realize the need for advancing the theoretical foundations for analyzing the security of large networks.


To analyze the security of large enterprise network, we present the first scientific attempt to compute an optimized distribution of defensive resources with the objective of minimizing the chances of successful attacks. To achieve this minimization, we develop a rigorous probabilistic model that quantitatively measures the chances of a successful attack on any network component. Our model provides a solid theoretical foundation that enables efficient computation of unknown success probabilities on every stage of a network attack. We design an algorithm that uses the computed attack probabilities for optimizing security configurations of a network. Our optimization algorithm  uses state of the art sequential linear programming to approximate the solution to a complex single objective nonlinear minimization problem that formalizes various attack steps and candidate defenses at the granularity of attack stages.

To protect individual network components, we develop a new approach under our novel idea of em process authentication.
We argue that to provide high assurance security, enforcing authorization is necessary but not sufficient. In fact, existing authorization systems lack a strong and reliable process authentication model for preventing the execution of malicious processes (i.e., processes that intentionally contain malicious goals that violate integrity and confidentiality of legitimate processes and data). Authentication is specially critical when malicious processes may use various system vulnerabilities to install on the system and stealthily execute without the user\'s consent.

We design and implement the Application Authentication (A2) framework that is capable of monitoring application executions and ensuring proper authentication of application processes. A2 has the advantage of strong security guarantees, efficient runtime execution, and compatibility with legacy applications. This authentication framework reduces the risk of infection by powerful malicious applications that may disrupt proper execution of legitimate applications, steal users\' private data, and spread across the entire organizational network.

Our process authentication model is extended and applied to the Android platform. As Android imposes its unique challenges (e.g., virtualized application execution model), our design and implementation of process authentication is extended to address these challenges. Per our results, process authentication in Android can protect the system against various critical vulnerabilities such as privilege escalation attacks and drive by downloads.

To demonstrate process authentication in Android, we implement DroidBarrier. As a runtime system, DroidBarrier includes an authentication component and a lightweight permission system to protect legitimate applications and secret authentication information in the file system. Our implementation of DroidBarrier is compatible with the Android runtime (with no need for modifications) and shows efficient performance with negligible penalties in I/O operations and process creations.
Ph. D.

Radio Frequency Identification (RFID) is a technology to identify objects or people automatically and has received many applications recent years. An RFID tag is a small and low-priced device consisting of a microchip with limited functionality and data storage and antenna for wireless communication with the readers. RFID tags can be passive, active or semi-active depending on the powering technique. In general passive tags are inexpensive. They have no on-board power; they get power from the signal of the interrogating reader. Active tags contain batteries for their transmission. The low-cost passive RFID tags are expected to become pervasive device in commerce. Each RFID tag contains a unique identifier to serve as object identity so that this identity can be used as a link to relate information about the corresponding object. Due to this unique serial number in an RFID tag it is possible to track the tag uniquely. The challenge raised by the RFID systems for certain applications is that the information in it is vulnerable to an adversary. People who carry an object with an RFID tag could be tracked by an adversary without their knowledge. Also, implementation of conventional cryptography is not possible in a low-cost RFID tag due to its limited processing capability and memory limitations. There are various types of RFID authentication protocols for the privacy and security of RFID systems and a number of proposals for secure RFID systems using one-way hash functions and random number. Few researchers have proposed privacy and security protocols for RFID systems using varying identifiers. These are secured against most of the attacks. Due to varying identifiers they also include the recovery from desynchronization due to incomplete authentication process. However, due to the hash function of the identifier if one authentication process is unsuccessful, an adversary can use the responses in the subsequent phase to break the security. In this case the adversary can use the response for impersonation and replay attack and also can break the location privacy. Some protocols protect privacy and security using static tag identifier with varying responses so that they can work in pervasive computing environment. Most of these protocols work with computationally expensive hash functions and large storage. Since 2001 a number of lightweight protocols have been proposed by several researchers. This thesis proposes seven protocols for the privacy and security of the RFID systems. Five of them use a hash function and a static identifier such as SUAP1, SUAP2, SUAP3 and EMAP. These iii protocols are based on challenge-response method using one-way hash function, hash-address and randomized hash function. The protocols are operable in pervasive environment since the identifier of the tag is static. Another protocol named ESAP also works with static identifier but it updates the timestamp that is used with another random number to make the response unidentifiable. The protocol GAPVI uses varying identifier with hash function to ensure privacy and security of the tag. It is based on challenge-response method using one-way hash function and randomized hash function RFID system. Another proposed protocol EHB-MP is a lightweight encryption protocol which is more suitable for low-cost RFID tag because it does not require comparatively more computationally expensive hash function. Since 2001 Hopper and Blum developed the lightweight HB protocol for RFID systems, a number of lightweight protocols have been proposed by several researchers. This work investigates the possible attacks in the existing light weight protocols HB, HB+ and HB-MP of RFID systems and proposes a new lightweight authentication protocol that improves HB-MP protocol and provides the identified privacy and security in an efficient manner for pervasive computing environment. The validity and performance of the hash-based protocols are tested using analysis; simulation programs and some cases mathematical proofs have been given to prove the protection particularly from the special man-in-the attack in the EHB-MP protocol. Finally this research work investigates the privacy and security problems in few most potential application areas that are suitable for RFID implementation. The areas are e-passport, healthcare systems and baggage handling in airport. Suitable RFID authentication protocols are also proposed for these systems to ensure the privacy and security of the users. This thesis uses the symmetric cryptography for privacy and security protocols. In the future asymmetric protocols may be an important research consideration for this area together with ownership transfer of the tag could be a potential work area for research.

Adaptability and invisibility are hallmarks of modern terrorism, and keeping pace with its dynamic nature presents a serious challenge for societies throughout the world. Innovations in computer science have incorporated applied mathematics to develop a wide array of predictive models to support the variety of approaches to counterterrorism. Predictive models are usually designed to forecast the location of attacks. Although this may protect individual structures or locations, it does not reduce the threat—it merely changes the target. While predictive models dedicated to events or social relationships receive much attention where the mathematical and social science communities intersect, models dedicated to terrorist locations such as safe-houses (rather than their targets or training sites) are rare and possibly nonexistent. At the time of this research, there were no publically available models designed to predict locations where violent extremists are likely to reside. This research uses France as a case study to present a complex systems model that incorporates multiple quantitative, qualitative and geospatial variables that differ in terms of scale, weight, and type. Though many of these variables are recognized by specialists in security studies, there remains controversy with respect to their relative importance, degree of interaction, and interdependence. Additionally, some of the variables proposed in this research are not generally recognized as drivers, yet they warrant examination based on their potential role within a complex system. This research tested multiple regression models and determined that geographically-weighted regression analysis produced the most accurate result to accommodate non-stationary coefficient behavior, demonstrating that geographic variables are critical to understanding and predicting the phenomenon of terrorism. This dissertation presents a flexible prototypical model that can be refined and applied to other regions to inform stakeholders such as policy-makers and law enforcement in their efforts to improve national security and enhance quality-of-life.

Function approximation is an important problem. This work presents applications of interpolants to modeling random variables. Specifically, this work studies the prediction of distributions of random variables applied to computer system throughput variability. Existing approximation methods including multivariate adaptive regression splines, support vector regressors, multilayer perceptrons, Shepard variants, and the Delaunay mesh are investigated in the context of computer variability modeling. New methods of approximation using Box splines, Voronoi cells, and Delaunay for interpolating distributions of data with moderately high dimension are presented and compared with existing approaches. Novel theoretical error bounds are constructed for piecewise linear interpolants over functions with a Lipschitz continuous gradient. Finally, a mathematical software that constructs monotone quintic spline interpolants for distribution approximation from data samples is proposed.
Doctor of Philosophy
It is common for scientists to collect data on something they are studying. Often scientists want to create a (predictive) model of that phenomenon based on the data, but the choice of how to model the data is a difficult one to answer. This work proposes methods for modeling data that operate under very few assumptions that are broadly applicable across science. Finally, a software package is proposed that would allow scientists to better understand the true distribution of their data given relatively few observations.

Thesis (M.S.)--East Tennessee State University, 2004.
Title from electronic submission form. ETSU ETD database URN: etd-0301104-151512. Includes bibliographical references. Also available via Internet at the UMI web site.

Les systèmes dynamiques discrets, œuvrant en itérations chaotiques ou asynchrones, se sont avérés être des outils particulièrement intéressants à utiliser en sécurité informatique, grâce à leur comportement hautement imprévisible, obtenu sous certaines conditions. Ces itérations chaotiques satisfont les propriétés de chaos topologiques et peuvent être programmées de manière efficace. Dans l’état de l’art, elles ont montré tout leur intérêt au travers de schémas de tatouage numérique. Toutefois, malgré leurs multiples avantages, ces algorithmes existants ont révélé certaines limitations. Cette thèse a pour objectif de lever ces contraintes, en proposant de nouveaux processus susceptibles de s’appliquer à la fois au domaine du tatouage numérique et au domaine de la stéganographie. Nous avons donc étudié ces nouveaux schémas sur le double plan de la sécurité dans le cadre probabiliste. L’analyse de leur biveau de sécurité respectif a permis de dresser un comparatif avec les autres processus existants comme, par exemple, l’étalement de spectre. Des tests applicatifs ont été conduits pour stéganaliser des processus proposés et pour évaluer leur robustesse. Grâce aux résultats obtenus, nous avons pu juger de la meilleure adéquation de chaque algorithme avec des domaines d’applications ciblés comme, par exemple, l’anonymisation sur Internet, la contribution au développement d’un web sémantique, ou encore une utilisation pour la protection des documents et des donnés numériques. Parallèlement à ces travaux scientifiques fondamentaux, nous avons proposé plusieurs projets de valorisation avec pour objectif la création d’une entreprise de technologies innovantes
Discrete dynamical systems by chaotic or asynchronous iterations have proved to be highly interesting toolsin the field of computer security, thanks to their unpredictible behavior obtained under some conditions. Moreprecisely, these chaotic iterations possess the property of topological chaos and can be programmed in anefficient way. In the state of the art, they have turned out to be really interesting to use notably through digitalwatermarking schemes. However, despite their multiple advantages, these existing algorithms have revealedsome limitations. So, these PhD thesis aims at removing these constraints, proposing new processes whichcan be applied both in the field of digital watermarking and of steganography. We have studied these newschemes on two aspects: the topological security and the security based on a probabilistic approach. Theanalysis of their respective security level has allowed to achieve a comparison with the other existing processessuch as, for example, the spread spectrum. Application tests have also been conducted to steganalyse and toevaluate the robustness of the algorithms studied in this PhD thesis. Thanks to the obtained results, it has beenpossible to determine the best adequation of each processes with targeted application fields as, for example,the anonymity on the Internet, the contribution to the development of the semantic web, or their use for theprotection of digital documents. In parallel to these scientific research works, several valorization perspectiveshave been proposed, aiming at creating a company of innovative technology

Thesis (M.S.)--East Tennessee State University, 2005.
Title from electronic submission form. ETSU ETD database URN: etd-0209105-075524 Includes bibliographical references. Also available via Internet at the UMI web site.

This research created a new theoretical Soft Computing (SC) hybridized network intrusion detection diagnostic system including complex hybridization of a 3D full color Self-Organizing Map (SOM), Artificial Immune System Danger Theory (AISDT), and a Fuzzy Inference System (FIS). This SOM+ diagnostic archetype includes newly defined intrusion types to facilitate diagnostic analysis, a descriptive computational model, and an Invisible Mobile Network Bridge (IMNB) to collect data, while maintaining compatibility with traditional packet analysis. This system is modular, multitaskable, scalable, intuitive, adaptable to quickly changing scenarios, and uses relatively few resources.

Abstract The goal of this research is to advance the state of the art in bulk power system reliability assessment. Bulk power system reliability assessment is an important procedure at both power system planning and operating stages to assure reliable and acceptable electricity service to customers. With the increase in the complexity of modern power systems and advances in the power industry toward restructuring, the system models and algorithms of traditional reliability assessment techniques are becoming obsolete as they suffer from nonrealistic system models and slow convergence (even non-convergence) when multi-level contingencies are considered and the system is overstressed. To allow more rigor in system modeling and higher computational efficiency in reliability evaluation procedures, this research proposes an analytically-based security-constrained adequacy evaluation (SCAE) methodology that performs bulk power system reliability assessment. The SCAE methodology adopts a single-phase quadratized power flow (SPQPF) model as a basis and encompasses three main steps: (1) critical contingency selection, (2) effects analysis, and (3) reliability index computations. In the critical contingency selection, an improved contingency selection method is developed using a wind-chime contingency enumeration scheme and a performance index approach based on the system state linearization technique, which can rank critical contingencies with high accuracy and efficiency. In the effects analysis for selected critical contingencies, a non-divergent optimal quadratized power flow (NDOQPF) algorithm is developed to (1) incorporate major system operating practices, security constraints, and remedial actions in a constrained optimization problem and (2) guarantee convergence and provide a solution under all conditions. This algorithm is also capable of efficiently solving the ISO/RTO operational mode in deregulated power systems. Based on the results of the effects analysis, reliability indices that provide a quantitative indication of the system reliability level are computed. In addition, this research extends the proposed SCAE framework to include the effects of protection system hidden failures on bulk power system reliability. The overall SCAE methodology is implemented and applied to IEEE reliability test systems, and evaluation results demonstrate the expected features of proposed advanced techniques. Finally, the contributions of this research are summarized and recommendations for future research are proposed.

Les itérations chaotiques, un outil issu des mathématiques discrètes, sont pour la première fois étudiées pour obtenir de la divergence et du désordre. Après avoir utilisé les mathématiques discrètes pour en déduire des situations de non convergence, ces itérations sont modélisées sous la forme d’un système dynamique et sont étudiées topologiquement dans le cadre de la théorie mathématique du chaos. Nous prouvons que leur adjectif « chaotique » a été bien choisi : ces itérations sont du chaos aux sens de Devaney, Li-Yorke, l’expansivité, l’entropie topologique et l’exposant de Lyapunov, etc. Ces propriétés ayant été établies pour une topologie autre que la topologie de l’ordre, les conséquences de ce choix sont discutées. Nous montrons alors que ces itérations chaotiques peuvent être portées telles quelles sur ordinateur, sans perte de propriétés, et qu’il est possible de contourner le problème de la finitude des ordinateurs pour obtenir des programmes aux comportements prouvés chaotiques selon Devaney, etc. Cette manière de faire est respectée pour générer un algorithme de tatouage numérique et une fonction de hachage chaotiques au sens le plus fort qui soit. À chaque fois, l’intérêt d’être dans le cadre de la théorie mathématique du chaos est justifié, les propriétés à respecter sont choisies suivant les objectifs visés, et l’objet ainsi construit est évalué. Une notion de sécurité pour la stéganographie est introduite, pour combler l’absence d’outil permettant d’estimer la résistance d’un schéma de dissimulation d’information face à certaines catégories d’attaques. Enfin, deux solutions au problème de l’agrégation sécurisée des données dans les réseaux de capteurs sans fil sont proposées
For the first time, the divergence and disorder properties of “chaotic iterations”, a tool taken from the discrete mathematics domain, are studied. After having used discrete mathematics to deduce situations of non-convergence, these iterations are modeled as a dynamical system and are topologically studied into the framework of the mathematical theory of chaos. We prove that their adjective “chaotic” is well chosen : these iterations are chaotic, according to the definitions of Devaney, Li-Yorke, expansivity, topological entropy, Lyapunov exponent, and so on. These properties have been established for a topology different from the order topology, thus the consequences of this choice are discussed. We show that these chaotic iterations can be computed without any loss of properties, and that it is possible to circumvent the problem of the finiteness of computers to obtain programs that are proven to be chaotic according to Devaney, etc. The procedure proposed in this document is followed to generate a digital watermarking algorithm and a hash function, which are chaotic according to the strongest possible sense. At each time, the advantages of being chaotic as defined in the mathematical theory of chaos is justified, the properties to check are chosen depending on the objectives to reach, and the programs are evaluated. A novel notion of security for steganography is introduced, to address the lack of tool for estimating the strength of an information hiding scheme against certain types of attacks. Finally, two solutions to the problem of secure data aggregation in wireless sensor networks are proposed

У дисертаційній роботі висвітлено хід і результати дослідження впливу хімічного складу грунтів міста Івано-Франківська на здоров’я людей. Проаналізовано екологічний стан грунтів у місті. Встановлено статистичний зв’язок між концентраціями мікроелементів та хворобами людей. Запропоновано математичні моделі показників рівня екологічної безпеки з медичної точки зору. На основі знайдених залежностей розроблено екологічно-медичні індекси та динамічні екологічно-медичні індекси, які чисельно виражають рівень безпеки співвідношень концентрацій окремих мікроелементів у грунтах для здоров’я людей. Структура загальних індексів відповідає структурі хвороб - екологічних маркерів -та смертності від них. Загальні індекси визначені як лінійна згортка екологічно-медичних індексів типів хвороб. Розроблено методологію визначення показників екологічної безпеки території, на основі якої розроблено математичну модель. Вона враховує стан літосфери та мінерально-сировинних ресурсів; геофізсфери та космічних ресурсів; геоморфосфери та територіальних ресурсів; поверхневої та підземної гідросфери, динаміки та якості водних ресурсів; атмосфери та кліматичних ресурсів; педосфери та земельних ресурсів; фітосфери, рослинних і рекреаційних ресурсів; зоосфери, ресурсів тваринного світу; демосфери, захворюваності населення у зв’язку з екологічними чинниками та показника екологічного впливу техносфери на природні компоненти. Запропоновано їх звести до інтегрального показника рівня екологічної безпеки, попередньо нормувавши виміряні та розраховані параметри. Спроектовано та розроблено інформаційну аналітичну систему для екологічних служб. Функціонально інформаційна система реалізована 6-ма програмними блоками: вводу вхідної інформації, моделювання, аналізу та прогнозування, генерації документів, інтеграторі та генераторі звіту. Інтелектуальна частина цієї системи використовує семантичну мережу, яка є нечітким орієнтованим графом з розміченими вершинами та ребрами. Прийняття рішень нормується двома методами. Перший метод базується на корисності альтернатив, а другий - на ризиках альтернатив.
В диссертационной работе отображены ход и результаты исследования влияния микроэлементного состава почв города Ивано-Франковска на здоровье его жителей. Проанализировано экологическое состояние почв в городе. Исходя из анализа выполненных расчетов, сделаны выводы о том, что концентрации исследуемых микроэлементов в почвах всей территории города Ивано-Франковска отражают умеренный уровень опасности. Есть некоторое незначительное отклонение по отдельным химическим элементам и участкам, но они несущественно влияет на ситуацию состояния экологической безопасности города. Выявлена статистическая связь между концентрациями микроэлементов и болезнями людей. Для этого использовались непараметрические методы с исользованием ранговых корреляций. Предложены математические модели показателей уровня экологической безопасности с медицинской точки зрения. Для этого была выполненен предварительный анализ геометрической структуры сооокупности рассчитаных данных, проанализирована геометрия парных корреляций. Были использованы линейная функция; параметрических функции, которые с помощью несложных преобразований сводятся к линейной; степенные и тригонометрические полиномы. На основе найденных зависимостей разработаны эколого-медицинские индексы и динамические эколого-медицинские индексы, которые численно выражают уровень безопасности соотношений концентраций отдельных микроэлементов в почвах для здоровья людей. Динамические индексы учитывают развитие процессов во времени, что позволяет прогнозировать изменения состояния здоровья. Структура общих индексов соответствует структуре болезней - экологических маркеров - и смертности от них. Общие индексы определены как линейная свертка экологически медицинских индексов типов болезней. Разработана методология определения показателей уровня экологической безопасности территории с числовыми показателями экологического состояния литосферы и минерально-сырьевых ресурсов; геофизсферы и космических ресурсов; геоморфосферы и территориальных ресурсов; поверхностной и подземной гидросферы, динамики и качества водных ресурсов; атмосферы и климатических ресурсов; педосферы и земельных ресурсов; фитосферы, растительных и рекреационных ресурсов; зоосферы, ресурсов животного мира; демосферы, заболеваемости населения в связи с экологическими факторами и показателя экологического воздействия техносферы на природные компоненты. Предложено их свести к интегральному показателю уровня экологической безопасности, предварительно номировав измерянные и рассчитанные параметры. Спроектирована и разработана информационная аналитическая система для экологических служб. Она состоит из 6 основных программ расчета: фоновых значений загрязнения ЕсоPhone, статистических параметров ЕсоStat, концентрационных интервалов безопасности жизнедеятельности InterConcSafetyLife, экологически безопасных для существования геосистем интервалов концентрации загрязнителей ЕсоSafetyGeosystems, эколого-медицинских показателей состояния почв ЕсоМеdIndeх и прогнозирования заболеваемости и смертности ЕсоМеdIndeх. Интеллектуальная часть информационной системы представлена семантической сетью. Реализована эта семантическая сеть нечетким графом, который описан нечеткими множествами вершин и ребер, задающими, соответственно, объекты урбоэкосистемы и отношения между ними. Нормирование принятия решений использует две нормы. Норма полезностей альтернатив определена отношением полезности альтернативы и максимально возможной полезности, а норма риска - как риск потерять полезность.
The thesis displays the progress and results of investigation of the chemical composition of the soil of the city of Ivano-Frankivsk on the health of its inhabitants. Analyzed the ecological condition of the soil in the city. Found a statistical association between the concentrations of trace elements and human disease. The mathematical models of indicators of environmental safety from a medical point of view. On the basis of the found dependencies developed ecological and health codes and dynamic ecological and health codes that numerically express the security level concentration ratios of individual trace elements in the soil to human health. Dynamic indexes take into account the development of processes in time, which allows to predict changes in health status. The structure corresponds to the structure of the general indexes of disease - ecological markers - and mortality. General indices are defined as a linear convolution of environmentally medical indexes types of diseases. Developed methodology of measuring indicators of environmental safety grounds with numerical indicators of ecological condition of the lithosphere and mineral resources, the ecological state geofizsphere and space resources; geomorfosphere ecological state and territorial resources, the ecological state of the surface and underground hydrosphere, dynamics and quality of water resources, the ecological state of the atmosphere and climatic resources ecological status pedosphere and land resources; environmental condition phytosphere plant and recreational resources; ecological state of the zoosphere, wildlife resources; demosphere ecological status, morbidity due to environmental factors and indicators of environmental impact on natural components of the technosphere. Proposed are reduced to the integral indicator of the level of ecological safety. Designed and developed an information system for environmental analytical services. Functional information system implemented by 6 program blocks: input input data, modeling, analysis and forecasting, generating documents, integrators and report generator. The intelligent part of the system uses a semantic network that is fuzzy directed graph with vertices and edges marked. Decision-making is normalized by two methods. The first method is based on the utility of alternatives, and the second - on the risks of alternatives.

Herein I cover the basics of cryptology and the mathematical techniques used in the field. Aside from an overview of cryptology the text provides an in-depth look at block cipher algorithms and the techniques of cryptanalysis applied to block ciphers. The text also includes details of knapsack cryptosystems and pseudo-random number generators.

M. Tech. Electrical engineering.
Discusses a desirable chaos-based encryption scheme for image storage and transmission is one that can resist different types of attacks in less time and with successful decryption. To resist different kinds of attacks, a higher security level is required. As a result, there is a need to enhance the security level of existing chaos-based image encryption schemes using hyper-chaos. To increase the level of security using hyper-chaos, the research will present a scheme that combines two different techniques that are used to improve the degree of security of chaos-based cryptography; a classical chaos-based cryptographic technique and a hyper-chaos masking technique. The first technique focuses on the efficient combination and transformation of image characteristics based on hyper-chaos pseudorandom numbers. The second technique focuses on driving the hyper-chaos system by using the results of the first technique to change the transmitted chaos dynamic as well as using synchronisation and a high-order differentiator for decryption. To achieve the objective of our research the following sub-problems are addressed.

Indiana University-Purdue University Indianapolis (IUPUI)
Blömmer, Otto, and Seifert presented a fault attack on elliptic curve scalar multiplication called the Sign Change Attack, which causes a fault that changes the sign of the accumulation point. As the use of a sign bit for an extended integer is highly unlikely, this appears to be a highly selective manipulation of the key stream. In this thesis we describe two plausible fault attacks on a smart card implementation of elliptic curve cryptography. King and Wang designed a new attack called counter fault attack by attacking the scalar multiple of discrete-log cryptosystem. They then successfully generalize this approach to a family of attacks. By implementing King and Wang's scheme on RSA, we successfully attacked RSA keys for a variety of sizes. Further, we generalized the attack model to an attack on any implementation that uses NAF and wNAF key.

by Meng Xiaoning.
Thesis (M.Phil.)--Chinese University of Hong Kong, 2006.
Includes bibliographical references (leaves 99-106).
Abstracts in English and Chinese.
Chapter 1 --- Introduction --- p.1
Chapter 1.1 --- Motivation --- p.1
Chapter 1.2 --- Overview --- p.2
Chapter 1.3 --- Organization of the Thesis --- p.3
Chapter 2 --- Related Research --- p.6
Chapter 2.1 --- Information Technology in Cars --- p.6
Chapter 2.2 --- Anti-theft Protection --- p.8
Chapter 2.3 --- Learning Human Behaviors --- p.10
Chapter 2.4 --- Neural Network Learning --- p.11
Chapter 3 --- Experimental Design --- p.14
Chapter 3.1 --- Overview --- p.14
Chapter 3.2 --- Driving Simulation Subsystem --- p.14
Chapter 3.3 --- Data Sensing and Capturing Subsystem --- p.15
Chapter 3.4 --- Data Analysis Subsystem --- p.17
Chapter 4 --- Data Preprocessing for Feature Selection --- p.23
Chapter 4.1 --- Introduction --- p.23
Chapter 4.2 --- Fast Fourier Transform --- p.23
Chapter 4.3 --- Principal Component Analysis --- p.24
Chapter 4.4 --- Independent Component Analysis --- p.26
Chapter 5 --- Classification via Support Vector Machine --- p.28
Chapter 5.1 --- Introduction --- p.28
Chapter 5.1.1 --- Why Using Support Vector Machine --- p.28
Chapter 5.1.2 --- Mathematic Description --- p.29
Chapter 5.2 --- Problem Formulation --- p.31
Chapter 5.3 --- Approach --- p.31
Chapter 5.4 --- Experimental Results --- p.34
Chapter 5.4.1 --- Preprocess Data Analysis --- p.34
Chapter 5.4.2 --- Models Design --- p.37
Chapter 5.5 --- Discussion --- p.44
Chapter 6 --- Evaluation via Hidden Markov Model --- p.47
Chapter 6.1 --- Introduction --- p.47
Chapter 6.1.1 --- Why Using Hidden Markov Model --- p.48
Chapter 6.1.2 --- Mathematic Description --- p.50
Chapter 6.2 --- Problem Formulation --- p.51
Chapter 6.3 --- Approach --- p.53
Chapter 6.4 --- Experimental Results --- p.56
Chapter 6.4.1 --- Model-to-model Measure --- p.56
Chapter 6.4.2 --- Human-to-model Measure --- p.63
Chapter 6.4.3 --- Parameters Optimization --- p.66
Chapter 6.5 --- Discussion --- p.69
Chapter 7 --- System Design and Implementation --- p.71
Chapter 7.1 --- Introduction --- p.71
Chapter 7.2 --- Hardware --- p.72
Chapter 7.3 --- Software --- p.78
Chapter 7.4 --- System Demonstration --- p.80
Chapter 8 --- Conclusion and Future Work --- p.82
Chapter 8.1 --- Contributions --- p.82
Chapter 8.2 --- Future Work --- p.84
Chapter A --- Hidden Markov Model Training --- p.87
Chapter A.1 --- Forward-backward Algorithm --- p.87
Chapter A.2 --- Baum-Welch Algorithm --- p.87
Chapter B --- Human Driving Behavior Data --- p.90
Chapter C --- Publications Resulted from the Study --- p.98

In the field of cybersecurity, it is often not possible to construct systems that are resistant to all attacks. For example, even a well-designed password authentication system will be vulnerable to password cracking attacks because users tend to select low-entropy passwords. In the field of cryptography, we often model attackers as powerful and malicious and say that a system is broken if any such attacker can violate the desired security properties. While this approach is useful in some settings, such a high bar is unachievable in many security applications e.g., password authentication. However, even when the system is imperfectly secure, it may be possible to deter a rational attacker who seeks to maximize their utility. In particular, if a rational adversary finds that the cost of running an attack is higher than their expected rewards, they will not run that particular attack. In this dissertation we argue in support of the following statement: Modeling adversaries as rational actors can be used to better model the security of imperfect systems and develop stronger defenses. We present several results in support of this thesis. First, we develop models for the behavior of rational adversaries in the context of password cracking and quantum key-recovery attacks. These models allow us to quantify the damage caused by password breaches, quantify the damage caused by (widespread) password length leakage, and identify imperfectly secure settings where a rational adversary is unlikely to run any attacks i.e. quantum key-recovery attacks. Second, we develop several tools to deter rational attackers by ensuring the utility-optimizing attack is either less severe or nonexistent. Specifically, we develop tools that increase the cost of offline password cracking attacks by strengthening password hashing algorithms, strategically signaling user password strength, and using dedicated Application-Specific Integrated Circuits (ASICs) to store passwords.

The main objective of the thesis was to investigate the feasibility of accurately and precisely fore- casting the number of both national and provincial bene ciaries of social security grants in South Africa, using simple autoregressive integrated moving average (ARIMA) models. The series of the monthly number of bene ciaries of the old age, child support, foster care and disability grants from April 2004 to March 2010 were used to achieve the objectives of the thesis. The conclusions from analysing the series were that: (1) ARIMA models for forecasting are province and grant-type spe- ci c; (2) for some grants, national forecasts obtained by aggregating provincial ARIMA forecasts are more accurate and precise than those obtained by ARIMA modelling national series; and (3) for some grants, forecasts obtained by modelling the latest half of the series were more accurate and precise than those obtained from modelling the full series.
Mathematical Sciences
M.Sc. (Statistics)

Many e-voting techniques have been proposed but not widely used in reality. One of the problems associated with most of existing e-voting techniques is the lack of transparency, leading to a failure to deliver voter assurance. In this work, we propose a transparent, auditable, end-to-end verifiable, and mutual restraining e-voting protocol that exploits the existing multi-party political dynamics such as in the US. The new e-voting protocol consists of three original technical contributions -- universal verifiable voting vector, forward and backward mutual lock voting, and in-process check and enforcement -- that, along with a public real time bulletin board, resolves the apparent conflicts in voting such as anonymity vs. accountability and privacy vs. verifiability. Especially, the trust is split equally among tallying authorities who have conflicting interests and will technically restrain each other. The voting and tallying processes are transparent to voters and any third party, which allow any voter to verify that his vote is indeed counted and also allow any third party to audit the tally. For the environment requiring receipt-freeness and coercion-resistance, we introduce additional approaches to counter vote-selling and voter-coercion issues. Our interactive voting protocol is suitable for small number of voters like boardroom voting where interaction between voters is encouraged and self-tallying is necessary; while our non-interactive protocol is for the scenario of large number of voters where interaction is prohibitively expensive. Equipped with a hierarchical voting structure, our protocols can enable open and fair elections at any scale.

This study explores the utilisation of spatial technologies as a tool to analyse and combat crime. The study deals specifically with remote sensing and its potential for being integrated with geographical information systems (GIS). The integrated spatial approach resulted in the understanding of land use class behaviour over time and its relationship to specific crime incidents per police precinct area. The incorporation of spatial technologies to test criminological theories in practice, such as the ecological theories of criminology, provides the science with strategic value. It proves the value of combining multi-disciplinary scientific fields to create a more advanced platform to understand land use behaviour and its relationship to crime. Crime in South Africa is a serious concern and it impacts negatively on so many lives. The fear of crime, the loss of life, the socio-economic impact of crime, etc. create the impression that the battle against crime has been lost. The limited knowledge base within the law enforcement agencies, limited logistical resources and low retention rate of critical staff all contribute to making the reduction of crime more difficult to achieve. A practical procedure of using remote sensing technology integrated with geographical information systems (GIS), overlaid with geo-coded crime data to provide a spatial technological basis to analyse and combat crime, is illustrated by a practical study of the Tshwane municipality area. The methodology applied in this study required multi-skilled resources incorporating GIS and the understanding of crime to integrate the diverse scientific fields into a consolidated process that can contribute to the combating of crime in general. The existence of informal settlement areas in South Africa stresses the socio-economic problems that need to be addressed as there is a clear correlation of land use data with serious crime incidents in these areas. The fact that no formal cadastre exists for these areas, combined with a great diversity in densification and growth of the periphery, makes analysis very difficult without remote sensing imagery. Revisits over time to assess changes in these areas in order to adapt policing strategies will create an improved information layer for responding to crime. Final computerised maps generated from remote sensing and GIS layers are not the only information that can be used to prevent and combat crime. An important recipe for ultimately successfully managing and controlling crime in South Africa is to strategically combine training of the law enforcement agencies in the use of spatial information with police science. The researcher concludes with the hope that this study will contribute to the improved utilisation of spatial technology to analyse and combat crime in South Africa. The ultimate vision is the expansion of the science of criminology by adding an advanced spatial technology module to its curriculum.
Criminology
D.Litt. et Phil. (Criminology)