Dissertations / Theses on the topic 'System and network security'
To see the other types of publications on this topic, follow the link: System and network security.
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'System and network security.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Yucel, Okan. "Information System Security." Master's thesis, METU, 2003. http://etd.lib.metu.edu.tr/upload/4/1260303/index.pdf.
Full textAbstract:
This thesis analyzes the physical, communicational, and organizational
dimensions of information system security process by taking the four-layer approach,
which is composed of the policy, model, architecture, and mechanisms into account.
Within this scope, according to the results of the security analysis of information
systems in METU Informatics Institute, the policy, model, architecture, and
mechanisms necessary to prepare a new security process were proposed. As a
subcomponent of this proposed security process, the network security of the IS100
course was partially established, and the generated results were evaluated.
2
Mantere, M. (Matti). "Network security monitoring and anomaly detection in industrial control system networks." Doctoral thesis, Oulun yliopisto, 2015. http://urn.fi/urn:isbn:9789526208152.
Full textAbstract:
Abstract Industrial control system (ICS) networks used to be isolated environments, typically separated by physical air gaps from the wider area networks. This situation has been changing and the change has brought with it new cybersecurity issues. The process has also exacerbated existing problems that were previously less exposed due to the systems’ relative isolation. This process of increasing connectivity between devices, systems and persons can be seen as part of a paradigm shift called the Internet of Things (IoT). This change is progressing and the industry actors need to take it into account when working to improve the cybersecurity of ICS environments and thus their reliability. Ensuring that proper security processes and mechanisms are being implemented and enforced on the ICS network level is an important part of the general security posture of any given industrial actor. Network security and the detection of intrusions and anomalies in the context of ICS networks are the main high-level research foci of this thesis. These issues are investigated through work on machine learning (ML) based anomaly detection (AD). Potentially suitable features, approaches and algorithms for implementing a network anomaly detection system for use in ICS environments are investigated. After investigating the challenges, different approaches and methods, a proof-ofconcept (PoC) was implemented. The PoC implementation is built on top of the Bro network security monitoring framework (Bro) for testing the selected approach and tools. In the PoC, a Self-Organizing Map (SOM) algorithm is implemented using Bro scripting language to demonstrate the feasibility of using Bro as a base system. The implemented approach also represents a minimal case of event-driven machine learning anomaly detection (EMLAD) concept conceived during the research. The contributions of this thesis are as follows: a set of potential features for use in machine learning anomaly detection, proof of the feasibility of the machine learning approach in ICS network setting, a concept for event-driven machine learning anomaly detection, a design and initial implementation of user configurable and extendable machine learning anomaly detection framework for ICS networksTiivistelmä Kehittyneet yhteiskunnat käyttävät teollisuuslaitoksissaan ja infrastruktuuriensa operoinnissa monimuotoisia automaatiojärjestelmiä. Näiden automaatiojärjestelmien tieto- ja kyberturvallisuuden tila on hyvin vaihtelevaa. Laitokset ja niiden hyödyntämät järjestelmät voivat edustaa usean eri aikakauden tekniikkaa ja sisältää useiden eri aikakauden heikkouksia ja haavoittuvaisuuksia. Järjestelmät olivat aiemmin suhteellisen eristyksissä muista tietoverkoista kuin omista kommunikaatioväylistään. Tämä automaatiojärjestelmien eristyneisyyden heikkeneminen on luonut uuden joukon uhkia paljastamalla niiden kommunikaatiorajapintoja ympäröivälle maailmalle. Nämä verkkoympäristöt ovat kuitenkin edelleen verrattaen eristyneitä ja tätä ominaisuutta voidaan hyödyntää niiden valvonnassa. Tässä työssä esitetään tutkimustuloksia näiden verkkojen turvallisuuden valvomisesta erityisesti poikkeamien havainnoinnilla käyttäen hyväksi koneoppimismenetelmiä. Alkuvaiheen haasteiden ja erityispiirteiden tutkimuksen jälkeen työssä käytetään itsejärjestyvien karttojen (Self-Organizing Map, SOM) algoritmia esimerkkiratkaisun toteutuksessa uuden konseptin havainnollistamiseksi. Tämä uusi konsepti on tapahtumapohjainen koneoppiva poikkeamien havainnointi (Event-Driven Machine Learning Anomaly Detection, EMLAD). Työn kontribuutiot ovat seuraavat, kaikki teollisuusautomaatioverkkojen kontekstissa: ehdotus yhdeksi anomalioiden havainnoinnissa käytettävien ominaisuuksien ryhmäksi, koneoppivan poikkeamien havainnoinnin käyttökelpoisuuden toteaminen, laajennettava ja joustava esimerkkitoteutus uudesta EMLAD-konseptista toteutettuna Bro NSM työkalun ohjelmointikielellä
3
Coffey, Thomas. "A distributed global-wide security system." Thesis, University of Ulster, 1994. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.260989.
Full text
4
Scully, Michael N. B. "Network and system security in an information age." Honors in the Major Thesis, University of Central Florida, 2000. http://digital.library.ucf.edu/cdm/ref/collection/ETH/id/204.
Full textAbstract:
This item is only available in print in the UCF Libraries. If this is your Honors Thesis, you can help us make it available online for use by researchers around the world by following the instructions on the distribution consent form at http://library.ucf.edu/Systems/DigitalInitiatives/DigitalCollections/InternetDistributionConsentAgreementForm.pdf You may also contact the project coordinator, Kerri Bottorff, at kerri.bottorff@ucf.edu for more information.Bachelors
Business Administration
Management Information Systems
5
Benbrook, Jimmie Glen 1943. "A SYSTEM ANALYSIS OF A MULTILEVEL SECURE LOCAL AREA NETWORK (COMPUTER)." Thesis, The University of Arizona, 1986. http://hdl.handle.net/10150/275531.
Full text
6
Lessner, Dirk. "Network security for embedded systems /." [St. Lucia, Qld.], 2005. http://adt.library.uq.edu.au/public/adt-QU20060215.160952/index.html.
Full text
7
Burchett, Ian. "Quantifying Computer Network Security." TopSCHOLAR®, 2011. http://digitalcommons.wku.edu/theses/1118.
Full textAbstract:
Simplifying network security data to the point that it is readily accessible and usable by a wider audience is increasingly becoming important, as networks become larger and security conditions and threats become more dynamic and complex, requiring a broader and more varied security staff makeup. With the need for a simple metric to quantify the security level on a network, this thesis proposes: simplify a network’s security risk level into a simple metric. Methods for this simplification of an entire network’s security level are conducted on several characteristic networks. Identification of computer network port vulnerabilities from NIST’s Network Vulnerability Database (NVD) are conducted, and via utilization of NVD’s Common Vulnerability Scoring System values, composite scores are created for each computer on the network, and then collectively a composite score is computed for the entire network, which accurately represents the health of the entire network. Special concerns about small numbers of highly vulnerable computers or especially critical members of the network are confronted.
8
Song, Zixuan. "A Network based Home surveillance/ monitoring system : Router based Deployment and Network Security." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2011. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-47314.
Full textAbstract:
Home surveillance/monitoring systems are widely used nowadays. An intelligent surveillance system can provide multiple functions for uses. The assumption underlying this thesis project is that a home surveillance system can help people manage their homes better. The thesis presents two investigations into an intelligent home surveillance system implementation. First we will focus on the development of a router platform, which can manage the cameras connected to an intelligent home surveillance system. Such a system will include at least one router, one or more cameras. Some of these cameras will be connected by wireless links. Each camera will be dynamically allocated an IP address. The system will manage and control the various elements of the home surveillance/monitoring system via the network. Second, we will examine potential network security solutions, and choose a suitable solution. A key result of this thesis project is that SRTP and MIKEY are suitable for use in a home surveillance/monitoring system and together they provide authentication and privacy for the information from the camera (and potentially other information). This privacy is an important aspect of a home surveillance/monitoring system, since improper use of this information could be damaging to the homeowner’s privacy and personal integrity.
9
Wang, Haiyuan. "Security Architecture for the TEAMDEC System." Thesis, Virginia Tech, 1999. http://hdl.handle.net/10919/9778.
Full textAbstract:
The prevalence of the Internet, client/server applications, Java, e-commerce, and electronic communications offers tremendous opportunities for business, education and communication, while simultaneously presenting big challenges to network security. In general, the web was designed with little concern for security. Thus, the issue of security is important in the design of network-based applications. The software architecture proposed in this thesis allows for the secure and efficient running of a team-based decision support system, specifically TEAMDEC. Based on the system's requirements and architecture, three types of possible attacks to the system are identified and a security solution is proposed that allows for user authentication, secure communication, and script access control. The implementation of these features will reduce security risk and allow effective use of the valuable system information data.Master of Science
10
Onder, Hulusi. "A Security Management System Design." Thesis, METU, 2007. http://etd.lib.metu.edu.tr/upload/12608515/index.pdf.
Full textAbstract:
This thesis analyzes the difficulties of managing the security of an enterprise network. The problem that this thesis study deals with is the central management of a large number and variety of services that provide organization-wide network and information security. This study addresses two problem areas: how to better manage the security of a network, and how to explain the security issues to upper management better.
The study proposes a Security Management System (SMS) to be used for network security management, monitoring and reporting purposes. The system is a custom made, central management solution, which combines the critical performance indicators of the security devices and presents the results via web pages.
11
Niebur, Dagmar. "Kohonen self-organizing neural network for power system security assessment /." [S.l.] : [s.n.], 1994. http://library.epfl.ch/theses/?nr=1244.
Full text
12
Mukantabana, Beatrice. "Ethernet sniffing : a big threat to network security." Virtual Press, 1994. http://liblink.bsu.edu/uhtbin/catkey/897495.
Full textAbstract:
Networks play an important role in today's information age. The need to share information and resources makes networks a necessity in almost any computing environment. In many cases, the network can be thought of as a large, distributed computer, with disks and other resources on big systems being shared by smaller workstations on people's desks.Security has long been an object of concern and study for both data processing systems and communications facilities. With computer networks, these concerns are combined, and for local networks, the problems may be more acute. Consider a fullcapacity local network, with direct terminal access to the network, data files, and applications distributed among a variety of processors. This network may also provide access to and from long-haul communications and be part of an internet. Clearly, the task of providing security in such a complex environment is quite involved.The subject of security is a broad one and encompasses physical and administrative controls. The aim of this research is to explore the security problems pertaining to Ethernet networks. Different approaches to obtain a secure Ethernet environment are also discussed.Department of Computer Science
13
Atkins, William Dee. "Design and implementation of a hardened distributed network endpoint security system for improving the security of internet protocol-based networks." Diss., Rolla, Mo. : University of Missouri-Rolla, 2007. http://scholarsmine.umr.edu/thesis/pdf/Final_Thesis_09007dcc8031d3b0.pdf.
Full textAbstract:
Thesis (M.S.)--University of Missouri--Rolla, 2007.Vita. The entire thesis text is included in file. Title from title screen of thesis/dissertation PDF file (viewed April 11, 2007) Includes bibliographical references (p. 54-55).
14
Maharjan, Nadim, and Paria Moazzemi. "Telemetry Network Intrusion Detection System." International Foundation for Telemetering, 2012. http://hdl.handle.net/10150/581632.
Full textAbstract:
ITC/USA 2012 Conference Proceedings / The Forty-Eighth Annual International Telemetering Conference and Technical Exhibition / October 22-25, 2012 / Town and Country Resort & Convention Center, San Diego, CaliforniaTelemetry systems are migrating from links to networks. Security solutions that simply encrypt radio links no longer protect the network of Test Articles or the networks that support them. The use of network telemetry is dramatically expanding and new risks and vulnerabilities are challenging issues for telemetry networks. Most of these vulnerabilities are silent in nature and cannot be detected with simple tools such as traffic monitoring. The Intrusion Detection System (IDS) is a security mechanism suited to telemetry networks that can help detect abnormal behavior in the network. Our previous research in Network Intrusion Detection Systems focused on "Password" attacks and "Syn" attacks. This paper presents a generalized method that can detect both "Password" attack and "Syn" attack. In this paper, a K-means Clustering algorithm is used for vector quantization of network traffic. This reduces the scope of the problem by reducing the entropy of the network data. In addition, a Hidden-Markov Model (HMM) is then employed to help to further characterize and analyze the behavior of the network into states that can be labeled as normal, attack, or anomaly. Our experiments show that IDS can discover and expose telemetry network vulnerabilities using Vector Quantization and the Hidden Markov Model providing a more secure telemetry environment. Our paper shows how these can be generalized into a Network Intrusion system that can be deployed on telemetry networks.
15
Fuloria, Shailendra. "Robust security for the electricity network." Thesis, University of Cambridge, 2012. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.610100.
Full text
16
Nesteruk, Erik A. "Security considerations for network-centric weapon systems." Thesis, Monterey, California : Naval Postgraduate School, 2009. http://edocs.nps.edu/npspubs/scholarly/theses/2009/Sep/09Sep%5FNesteruk.pdf.
Full textAbstract:
Thesis (M.S. in Systems Engineering)--Naval Postgraduate School, September 2009.Thesis Advisor(s): Goshorn, Rachel ; Huffmire, Ted. "September 2009." Description based on title screen as viewed on November 5, 2009. Author(s) subject terms: Network-Centric, Weapons Systems, Systems Engineering, Security, Cryptography, Authentication, Espionage, Sabotage, Confidentiality, Integrity, Availability Includes bibliographical references (p. 75-78). Also available in print.
17
Oh, Khoon Wee. "Wireless network security : design considerations for an enterprise network /." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2004. http://library.nps.navy.mil/uhtbin/hyperion/04Dec%5FOh.pdf.
Full text
18
Alfayez, Fayez. "A wireless sensor network system for border security and crossing detection." Thesis, Manchester Metropolitan University, 2015. http://e-space.mmu.ac.uk/615894/.
Full textAbstract:
The protection of long stretches of countries’ borders has posed a number of challenges. Effective and continuous monitoring of a border requires the implementation of multi-surveillance technologies, such as Wireless Sensor Networks (WSN), that work as an integrated unit to meet the desired goals. The research presented in this thesis investigates the application of topologically Linear WSN (LWSNs) to international border monitoring and surveillance. The main research questions studied here are: What is the best form of node deployment and hierarchy? What is the minimum number of sensor nodes to achieve k− barrier coverage in a given belt region? iven an appropriate network density, how do we determine if a region is indeed k−barrier covered? What are the factors that affect barrier coverage? How to organise nodes into logical segments to perform in-network processing of data? How to transfer information from the networks to the end users while maintaining critical QoS measures such as timeliness and accuracy. To address these questions, we propose an architecture that specifies a mechanism to assign nodes to various network levels depending on their location. These levels are used by a cross-layer communication protocol to achieve data delivery at the lowest possible cost and minimal delivery delay. Building on this levelled architecture, we study the formation of weak and strong barriers and how they determine border crossing detection probability. We propose new method to calculate the required node density to provide higher intruder detection rate. Then, we study the effect of people movement models on the border crossing detection probability. At the data link layer, new energy balancing along with shifted MAC protocol are introduced to further increase the network lifetime and delivery speed. In addition, at network layer, a routing protocol called Level Division raph (LD ) is developed. LD utilises a complex link cost measurement to insure best QoS data delivery to the sink node at the lowest possible cost. The proposed system has the ability to work independently or cooperatively with other monitoring technologies, such as drowns and mobile monitoring stations. The performance of the proposed work is extensively evaluated analytically and in simulation using real-life conditions and parameters. The simulation results show significant performance gains when comparing LD to its best rivals in the literature Dynamic Source Routing. Compared to DSR, LD achieves higher performance in terms of average end-to-end delays by up to 95%, packet delivery ratio by up to 20%, and throughput by up to 60%, while maintaining similar performance in terms of normalised routing load and energy consumption.
19
Ferreira, Luis Antonio Fialho. "A network-based approach to power system security assessment and control." Diss., Georgia Institute of Technology, 1986. http://hdl.handle.net/1853/15721.
Full text
20
Morrissey, Joseph Patrick. "The extension and hardware implementation of the comprehensive integrated security system concept." Thesis, University of Plymouth, 1995. http://hdl.handle.net/10026.1/336.
Full textAbstract:
The current strategy to computer networking is to increase the accessibility that legitimate users have to their respective systems and to distribute functionality. This creates a more efficient working environment, users may work from home, organisations can make better use of their computing power. Unfortunately, a side effect of opening up computer systems and placing them on potentially global networks is that they face increased threats from uncontrolled access points, and from eavesdroppers listening to the data communicated between systems. Along with these increased threats the traditional ones such as disgruntled employees, malicious software, and accidental damage must still be countered. A comprehensive integrated security system ( CISS ) has been developed to provide security within the Open Systems Interconnection (OSI) and Open Distributed Processing (ODP) environments. The research described in this thesis investigates alternative methods for its implementation and its optimisation through partial implementation within hardware and software and the investigation of mechanismsto improve its security. A new deployment strategy for CISS is described where functionality is divided amongst computing platforms of increasing capability within a security domain. Definitions are given of a: local security unit, that provides terminal security; local security servers that serve the local security units and domain management centres that provide security service coordination within a domain. New hardware that provides RSA and DES functionality capable of being connected to Sun microsystems is detailed. The board can be used as a basic building block of CISS, providing fast cryptographic facilities, or in isolation for discrete cryptographic services. Software written for UNIX in C/C++ is described, which provides optimised security mechanisms on computer systems that do not have SBus connectivity. A new identification/authentication mechanism is investigated that can be added to existing systems with the potential for extension into a real time supervision scenario. The mechanism uses keystroke analysis through the application of neural networks and genetic algorithms and has produced very encouraging results. Finally, a new conceptual model for intrusion detection capable of dealing with real time and historical evaluation is discussed, which further enhances the CISS concept.
21
Hodack, David. "Information Assurance (IA) Considerations for a Telemetry Network System (TmNS)." International Foundation for Telemetering, 2010. http://hdl.handle.net/10150/604248.
Full textAbstract:
ITC/USA 2010 Conference Proceedings / The Forty-Sixth Annual International Telemetering Conference and Technical Exhibition / October 25-28, 2010 / Town and Country Resort & Convention Center, San Diego, CaliforniaThe integrated Network Enhanced Telemetry (iNET) project was launched by the Central Test and Evaluation Investment Program (CTEIP) to foster network enhanced instrumentation and telemetry. The iNET program is preparing for the TmNS system demonstration. The goal of the demonstration is to prove that the proposed TmNS will meet the Test Capability Requirements Document (TCRD) and validate the iNET standards. One aspect of the preparation is looking at the IA issues and making decisions to ensure that the system will be certified and accredited, meet user needs, and be secure. This paper will explore a few of these considerations.
22
Shu, Guoqiang. "Formal Methods and Tools for Testing Communication Protocol System Security." The Ohio State University, 2008. http://rave.ohiolink.edu/etdc/view?acc_num=osu1211333211.
Full text
23
Dementis, Georgios Sousa Goncalo. "A legal reasoning component of a network security command and control system." Monterey, California : Naval Postgraduate School, 2010. http://edocs.nps.edu/npspubs/scholarly/theses/2010/Mar/10Mar%5FDementis.pdf.
Full textAbstract:
Thesis (M.S. in Computer Science)--Naval Postgraduate School, March 2010.Thesis Advisor(s): Michael, James B. Second Reader: Wingfield, Thomas C. ; Sarkesain, John F. "March 2010." Description based on title screen as viewed on April 26, 2010. Author(s) subject terms: Cyberspace, Cyberspace Defense, Network Defense, Distributed Systems, Command and Control, Battle Management, Information Assurance, Situational Awareness. Includes bibliographical references (p. 73-77). Also available in print.
24
Sousa, Goncalo. "A legal reasoning component of a network security command and control system." Thesis, Monterey, California. Naval Postgraduate School, 2010. http://hdl.handle.net/10945/5457.
Full textAbstract:
Approved for public release; distribution is unlimitedThere are numerous computer-aided tools to enable Computer Network Defense. However, their effectiveness in countering attacks is less than optimal when they are used independently of one another. Research has identified the requirements for an integrated command and control (C2) system that is able to conduct full-spectrum operations in the cyberspace environment. The most notable of that research revolves around the development and experimentation with the prototype system known as Cyber Command, Control and Information Operations System (C3IOS). C3IOS provides for a loose confederation of the cooperating systems with interaction between systems going through C2 interfaces. In this thesis, the authors introduce into C3IOS a means to support the commander's ability to take measured responses to coercive actions in a timely manner, specifically to facilitate the interaction between experts in the law of information conflict and information warriors responding to a cyber attack. The authors' research results in a set of use cases and requirements for the C2 understanding, planning, and deciding activities involved in such a capability, using Schmitt's analysis as an example.
25
Bell, Patrick M. "Development of Local Homeland Security Networks in the State of Florida: A Social Network Analysis Approach." FIU Digital Commons, 2012. http://digitalcommons.fiu.edu/etd/574.
Full textAbstract:
How do local homeland security organizations respond to catastrophic events such as hurricanes and acts of terrorism? Among the most important aspects of this response are these organizations ability to adapt to the uncertain nature of these “focusing events” (Birkland 1997). They are often behind the curve, seeing response as a linear process, when in fact it is a complex, multifaceted process that requires understanding the interactions between the fiscal pressures facing local governments, the institutional pressures of working within a new regulatory framework and the political pressures of bringing together different levels of government with different perspectives and agendas.
This dissertation has focused on tracing the factors affecting the individuals and institutions planning, preparing, responding and recovering from natural and man-made disasters. Using social network analysis, my study analyzes the interactions between the individuals and institutions that respond to these “focusing events.” In practice, it is the combination of budgetary, institutional, and political pressures or constraints interacting with each other which resembles a Complex Adaptive System (CAS).
To investigate this system, my study evaluates the evolution of two separate sets of organizations composed of first responders (Fire Chiefs, Emergency Management Coordinators) and community volunteers organized in the state of Florida over the last fifteen years. Using a social network analysis approach, my dissertation analyzes the interactions between Citizen Corps Councils (CCCs) and Community Emergency Response Teams (CERTs) in the state of Florida from 1996- 2011. It is the pattern of interconnections that occur over time that are the focus of this study.
The social network analysis revealed an increase in the amount and density of connections between these organizations over the last fifteen years. The analysis also exposed the underlying patterns in these connections; that as the networks became more complex they also became more decentralized though not in any uniform manner. The present study brings to light a story of how communities have adapted to the ever changing circumstances that are sine qua non of natural and man-made disasters
26
Umeh, Njideka Adaku. "Security architecture methodology for large net-centric systems." Diss., Rolla, Mo. : University of Missouri-Rolla, 2007. http://scholarsmine.mst.edu/thesis/Umeh_09007dcc8049b3f0.pdf.
Full textAbstract:
Thesis (M.S.)--University of Missouri--Rolla, 2007.Vita. The entire thesis text is included in file. Title from title screen of thesis/dissertation PDF file (viewed December 6, 2007) Includes bibliographical references (p. 60-63).
27
Cheng, Kah Wai. "Distributed deployment of Therminators in the network." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2004. http://library.nps.navy.mil/uhtbin/hyperion/04Dec%5FCheng%5Kah.pdf.
Full text
28
Simons, William R. "The challenges of network security remediation at a regional university." [Johnson City, Tenn. : East Tennessee State University], 2005. http://etd-submit.etsu.edu/etd/theses/available/etd-0209105-075524/unrestricted/SimonsW022105f.pdf.
Full textAbstract:
Thesis (M.S.)--East Tennessee State University, 2005.Title from electronic submission form. ETSU ETD database URN: etd-0209105-075524 Includes bibliographical references. Also available via Internet at the UMI web site.
29
Ashe, James Patrick. "A vulnerability assessment of the East Tennessee State University administrative computer network." [Johnson City, Tenn. : East Tennessee State University], 2004. http://etd-submit.etsu.edu/etd/theses/available/etd-0301104-151512/unrestricted/AsheJ030204b.pdf.
Full textAbstract:
Thesis (M.S.)--East Tennessee State University, 2004.Title from electronic submission form. ETSU ETD database URN: etd-0301104-151512. Includes bibliographical references. Also available via Internet at the UMI web site.
30
Rivera, Polanco Sergio A. "AUTOMATED NETWORK SECURITY WITH EXCEPTIONS USING SDN." UKnowledge, 2019. https://uknowledge.uky.edu/cs_etds/87.
Full textAbstract:
Campus networks have recently experienced a proliferation of devices ranging from personal use devices (e.g. smartphones, laptops, tablets), to special-purpose network equipment (e.g. firewalls, network address translation boxes, network caches, load balancers, virtual private network servers, and authentication servers), as well as special-purpose systems (badge readers, IP phones, cameras, location trackers, etc.). To establish directives and regulations regarding the ways in which these heterogeneous systems are allowed to interact with each other and the network infrastructure, organizations typically appoint policy writing committees (PWCs) to create acceptable use policy (AUP) documents describing the rules and behavioral guidelines that all campus network interactions must abide by.
While users are the audience for AUP documents produced by an organization's PWC, network administrators are the responsible party enforcing the contents of such policies using low-level CLI instructions and configuration files that are typically difficult to understand and are almost impossible to show that they do, in fact, enforce the AUPs. In other words, mapping the contents of imprecise unstructured sentences into technical configurations is a challenging task that relies on the interpretation and expertise of the network operator carrying out the policy enforcement. Moreover, there are multiple places where policy enforcement can take place. For example, policies governing servers (e.g., web, mail, and file servers) are often encoded into the server's configuration files. However, from a security perspective, conflating policy enforcement with server configuration is a dangerous practice because minor server misconfigurations could open up avenues for security exploits. On the other hand, policies that are enforced in the network tend to rarely change over time and are often based on one-size-fits-all policies that can severely limit the fast-paced dynamics of emerging research workflows found in campus networks.
This dissertation addresses the above problems by leveraging recent advances in Software-Defined Networking (SDN) to support systems that enable novel in-network approaches developed to support an organization's network security policies. Namely, we introduce PoLanCO, a human-readable yet technically-precise policy language that serves as a middle-ground between the imprecise statements found in AUPs and the technical low-level mechanisms used to implement them. Real-world examples show that PoLanCO is capable of implementing a wide range of policies found in campus networks. In addition, we also present the concept of Network Security Caps, an enforcement layer that separates server/device functionality from policy enforcement. A Network Security Cap intercepts packets coming from, and going to, servers and ensures policy compliance before allowing network devices to process packets using the traditional forwarding mechanisms. Lastly, we propose the on-demand security exceptions model to cope with the dynamics of emerging research workflows that are not suited for a one-size-fits-all security approach. In the proposed model, network users and providers establish trust relationships that can be used to temporarily bypass the policy compliance checks applied to general-purpose traffic -- typically by network appliances that perform Deep Packet Inspection, thereby creating network bottlenecks. We describe the components of a prototype exception system as well as experiments showing that through short-lived exceptions researchers can realize significant improvements for their special-purpose traffic.
31
Ranang, Martin Thorsen. "An Artificial Immune System Approach to Preserving Security in Computer Networks." Thesis, Norwegian University of Science and Technology, Department of Computer and Information Science, 2002. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-255.
Full textAbstract:
It is believed that many of the mechanisms present in the biological immune system are well suited for adoption to the field of computer intrusion detection, in the form of artificial immune systems. In this report mechanisms in the biological immune system are introduced, their parallels in artificial immune systems are presented, and how they may be applied to intrusion detection in a computer environment is discussed. An artificial immune system is designed, implemented and applied to detect intrusive behavior in real network data in a simulated network environment. The effect of costimulation and clonal proliferation combined with somatic hypermutation to perform affinity maturation of detectors in the artificial immune system is explored through experiments. An exact expression for the probability of a match between two randomly chosen strings using the r-contiguous matching rule is developed. The use of affinity maturation makes it possible to perform anomaly detection by using smaller sets of detectors with a high level of specificity while maintaining a high level of cover and diversity, which increases the number of true positives, while keeping a low level of false negatives.
32
Wright, Roger E. "Management System for Heterogeneous Networks security services." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 1998. http://handle.dtic.mil/100.2/ADA349548.
Full textAbstract:
Thesis (M.S. in Systems Technology (Command, Control and Communications)) Naval Postgraduate School, June 1998."June 1998." Thesis advisor(s): Cynthia E. Irvine. Includes bibliographical references (p. 261-263). Also available online.
33
Alquhayz, Hani. "Security management system for 4G heterogeneous networks." Thesis, De Montfort University, 2015. http://hdl.handle.net/2086/11124.
Full textAbstract:
There is constant demand for the development of mobile networks to meet the service requirements of users, and their development is a significant topic of research. The current fourth generation (4G) of mobile networks are expected to provide high speed connections anywhere at any time. Various existing 4G architectures such as LTE and WiMax support only wireless technologies, while an alternative architecture, Y-Comm, has been proposed to combine both existing wired and wireless networks. Y-Comm seeks to meet the main service requirements of 4G by converging the existing networks, so that the user can get better service anywhere and at any time. One of the major characteristics of Y-Comm is heterogeneity, which means that networks with different topologies work together to provide seamless communication to the end user. However, this heterogeneity leads to technical issues which may compromise quality of service, vertical handover and security. Due to the convergence characteristic of Y-Comm, security is considered more significant than in the existing LTE and WiMax networks. These security concerns have motivated this research study to propose a novel security management system. The research aims to meet the security requirements of 4G mobile networks, e.g. preventing end user devices from being used as attack tools. This requirement has not been met clearly in previous studies of Y-Comm, but this study proposes a security management system which does this. This research follows the ITU-T recommendation M.3400 dealing with security violations within Y-Comm networks. It proposes a policy-based security management system to deal with events that trigger actions in the system and uses Ponder2 to implement it. The proposed system, located in the top layer of the Y-Comm architecture, interacts with components of Y-Comm to enforce the appropriate policies. Its four main components are the Intelligent Agent, the Security Engine, the Security Policies Database and the Security Administrator. These are represented in this research as managed objects to meet design considerations such as extensibility and modifiability. This research demonstrates that the proposed system meets the security requirements of the Y-Comm environment. Its deployment is possible with managed objects built with Ponder2 for all of the components of Y-Comm, which means that the security management system is able to prevent end user devices from being used as attack tools. It can also achieve other security goals of Y-Comm networks.
34
Tang, Han. "Security analysis of a cyber-physical system." Diss., Rolla, Mo. : University of Missouri-Rolla, 2007. http://scholarsmine.umr.edu/thesis/pdf/Tang_09007dcc803cfb5c.pdf.
Full textAbstract:
Thesis (M.S.)--University of Missouri--Rolla, 2007.Vita. The entire thesis text is included in file. Title from title screen of thesis/dissertation PDF file (viewed November 30, 2007) Includes bibliographical references (p. 55-57).
35
Kvastad, Johan. "ICT Security of an Electronic Health Record System: an Empirical Investigation : An in depth investigation of ICT security in a modern healthcare system." Thesis, KTH, Skolan för datavetenskap och kommunikation (CSC), 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-194121.
Full textAbstract:
An empirical investigation of the security flaws and features of an in-use modern electronic health record system is performed. The investigation was carried out using dynamic analysis, manual testing and interviews with developers. The results indicate that in-use electronic health record systems suffer from serious authentication flaws, arising from the interaction of many different proprietary systems. The authentication problems are so severe that gaining access to any user’s computer on the hospital intranet would compromise a large database of patient medical records, including radiological data regarding the patients. Common web vulnerabilities were also present, such as injections and incorrectly configured HTTP security headers. These vulnerabilities were heavily mitigated by the use of libraries for constructing web interfaces.En empirisk undersökning av säkerheten inom ett modernt elektroniskt patientjournal-system har utförts. Undersökningen genomfördes med hjälp av dynamisk analys, manuell testning och intervjuer med utvecklarna. Resultatet indikerar att system för elektroniska patientjournaler har stora brister inom autentisering, vilka uppstår p.g.a. att flera olika kommersiella system måste samarbeta. Problemen är så allvarliga att med tillgång till en enda dator på intranätet kan en stor databas med patientdata äventyras, inklusive radiologisk data gällande patienterna. Vanliga websårbarheter fanns också, så som injektioner av skript och inkorrekt konfigurerade HTTP säkerhetsheaders. Dessa sårbarheter mitigerades starkt genom användandet av bibliotek för webinterface.
36
Ademi, Muhamet. "Web-Based Intrusion Detection System." Thesis, Malmö högskola, Fakulteten för teknik och samhälle (TS), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-20271.
Full textAbstract:
Web applications are growing rapidly and as the amount of web sites globallyincreases so do security threats. Complex applications often interact with thirdparty services and databases to fetch information and often interactions requireuser input. Intruders are targeting web applications specifically and they are ahuge security threat to organizations and a way to combat this is to haveintrusion detection systems. Most common web attack methods are wellresearched and documented however due to time constraints developers oftenwrite applications fast and may not implement the best security practices. Thisreport describes one way to implement a intrusion detection system thatspecifically detects web based attacks.
37
Yang, Yi. "Intrusion detection for communication network security in power systems." Thesis, Queen's University Belfast, 2013. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.603572.
Full textAbstract:
In response to the emergence of cybersecurity issues in smarter grids, a number of IT security approaches have been presented. However, in practice, power networks with legacy systems are more difficult to update, patch and protect using conventional IT security techniques. This research presents a contribution to cybersecurity using Intrusion Detection Systems (IDS) in power systems. An intrusion detection methodology provides an approach to identify evidence of abnormal communication behaviours in a passive mode that does not impact normal operation of power systems but provides pre-emptive knowledge of potential threats and incidents. This thesis proposes and develops new intrusion detection approaches for Smart Grid cybersecurity that are applied in Supervisory Control and Data Acquisition (SCADA) and synchrophasor systems in order to monitor the operation of such systems and detect cyber threats against these systems resulting from malicious attacks or misuse by legitimate users. One of the proposed intrusion detection approaches combines whitelist categorisation with behaviour-based detection methods to identify known and unknown attacks by considering the operational features and the communication • protocols of SCADA and synchrophasor systems. Furthermore, SCADA-specific and synchrophasor-specific cybersecurity solutions are presented using test-beds to investigate, simulate and exemplify the impacts of cyber attacks on SCADA and synchrophasor systems. The proposed SCADA-specific IDS (SCADA-IDS) and Synchrophasor-Specific IDS (SSIDS) are implemented and verified using two lest-beds. In addition, a hybrid IDS is proposed for SCADA networks using the IEC 60870-5- 104 protocol, which contains signature-based, model-based and stateful detection methods. The proposed hybrid IDS is implemented and validated using the Internet Traffic and Content Analysis (ITACA) platform and the open source Snort tool. These new detection tools proposed in this thesis allow the cybersecurity of significant power systems communications networks to be improved, thus contribution 10 the security and reliability of the Smart Grid as a whole.
38
Fong, Ching-hang. "A mobile agent based framework for security enhanced autonomous network and system management (MASAM)." Thesis, University of Ulster, 2008. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.529528.
Full text
39
Peng, Liangjian. "Applications of artificial neural networks to power systems network reduction and static security assessment." Thesis, University of Strathclyde, 1997. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.366090.
Full text
40
Zheng, Wei. "An approach to behaviour-based intrusion detection system : implementation of a role-based network access control system and a proposal for three detection strategies." Thesis, Edith Cowan University, Research Online, Perth, Western Australia, 2009. https://ro.ecu.edu.au/theses/1827.
Full textAbstract:
The number of computers connecting with the Internet has grown rapidly, and user numbers are burgeoning, consequently server numbers are increasing proportionately in response to this new demand for services. An increasing population of vulnerable machines has been created with numbers of so-called “malicious users” also escalating dramatically resulting in millions of Internet users now suffer from Virus and Trojan horse interference.
In recent years, many security measures have been created. Firewalls are a typical as they play the role of network checkpoint, providing a secured means of regulating the outgoing and incoming information of the network’s area. An intrusion detection system (IDS) is an active process to observe attacks before a targeted system incurs fatal damages. Detecting intrusion can be categorized into two groups according to the method used: knowledge-based and behaviour-based. Knowledgebased detection techniques make use of all the knowledge pertaining to specific attacks, while behaviour-based detection is knowledgeable about normal communication, being able to detect intrusions by scrutinizing deviations sifted from expected or normal traffic. Currently, most IDS are classified as knowledge-based, with very few behaviour-based systems in use. The “Behaviour” is something associated with ’Who‘ – whose behaviour or to whom the behaviour applies; ’When‘ – when does a behaviour happen; ’What‘ – what happens when a behaviour occurs, or for what purpose, and so on. This requires a detection engine that has an unusually good knowledge of intranet infrastructure and protocols to guard against intrusions.
This study attempts to develop feasible solutions and provide practical approaches to implement a behaviour-based intrusion detection, based on the Netfilter implementation. This is a default firewall framework in Linux kernel, comprising statistical anomaly detection techniques and artificial intelligence. The Linux default stateful firewall netfilter not only filters the content of each package, but summarizes connection information into states, it has already opened the possibility of a behaviour-based IDS. This research develops a proposed detection engine that improves the performance of detection compared to netfilter. The proposed IDS in this thesis first analyses audit data collected from the network data sensor, relying on netfilter in such a way that each connection is endowed with a role attribute, then performing real-time monitoring on activities that may be unusual. This analysis is performed using statistical analysis, association rule data mining, and an expert system. The engine can therefore handle protocol-based inspection, and analyse internal network users’ networking behaviours.
To this end, this project has enabled a role-based network access control subsystem to be implemented into netfilter. Furthermore, three detection strategies have been proposed to apply in three different situations: weight-based statistical analysis is applied to TCP state transition analysis; association rule data mining is proposed for learning correlation of HTTP connection events; and an expert system is introduced to evaluate the behaviour of the connection, employing a knowledge base (a set of rules) to reach conclusions. All techniques are presented for gradually achieving a high level of intelligence in the detection of anomaly. This study contributes to the process of modifying the network implementation of a Linux operating system, and to its incorporation using artificial intelligence techniques into network security via a behaviour-based detection approach to an Intrusion Detection System.
41
Altunbasak, Hayriye Celebi. "Layer 2 security inter-layering in networks." Diss., Available online, Georgia Institute of Technology, 2006, 2006. http://etd.gatech.edu/theses/available/etd-11172006-130414/.
Full textAbstract:
Thesis (Ph. D.)--Electrical and Computer Engineering, Georgia Institute of Technology, 2007.Wardi, Yorai, Committee Member ; Abler, Randy, Committee Member ; Copeland, John, Committee Member ; Owen, Henry, Committee Chair ; Ahamad, Mustaque, Committee Member.
42
Horn, John F. "IPSec-based dynamic security services for the MYSEA environment." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2005. http://library.nps.navy.mil/uhtbin/hyperion/05Jun%5FHorn.pdf.
Full textAbstract:
Thesis (M.S. in Computer Science)--Naval Postgraduate School, June 2005.Thesis Advisor(s): Cynthia E. Irvine, Thuy D. Nguyen. Includes bibliographical references (p. 107-109). Also available online.
43
Srivatsa, Mudhakar. "Security Architecture and Protocols for Overlay Network Services." Diss., Georgia Institute of Technology, 2007. http://hdl.handle.net/1853/16284.
Full textAbstract:
Conventional wisdom suggests that in order to build a secure system, security must be an integral component in the system design. However, cost considerations drive most system designers to channel their efforts on the system's performance, scalability and usability. With little or no emphasis on security, such systems are vulnerable to a wide range of attacks that can potentially compromise confidentiality, integrity and availability of sensitive data. It is often cumbersome to redesign and implement massive systems with security as one of the primary design goals. This thesis advocates a proactive approach that cleanly retrofits security solutions into existing system architectures. The first step in this approach is to identify security threats, vulnerabilities and potential attacks on a system or an application. The second step is to develop security tools in the form of customizable and configurable plug-ins that address these security issues and minimally modify existing system code, while preserving its performance and scalability metrics.
This thesis uses overlay network applications to shepherd through and address challenges involved in supporting security in large scale distributed systems. In particular, the focus is on two popular applications: publish/subscribe networks and VoIP networks. Our work on VoIP networks has for the first time identified and formalized caller identification attacks on VoIP networks. We have identified two attacks: a triangulation based timing attack on the VoIP network's route set up protocol and a flow analysis attack on the VoIP network's voice session protocol. These attacks allow an external observer (adversary) to uniquely (nearly) identify the true caller (and receiver) with high probability. Our work on the publish/subscribe networks has resulted in the development of an unified framework for handling event confidentiality, integrity, access control and DoS attacks, while incurring small overhead on the system. We have proposed a key isomorphism paradigm to preserve the confidentiality of events on publish/subscribe networks while permitting scalable content-based matching and routing. Our work on overlay network security has resulted in a novel information hiding technique on overlay networks. Our solution represents the first attempt to transparently hide the location of data items on an overlay network.
44
Rumelioglu, Sertac. "Evaluation of Embedded Firewall System." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2005. http://library.nps.navy.mil/uhtbin/hyperion/05Mar%5FRumelioglu.pdf.
Full text
45
McGovern, Susan C. "Information security requirements for a coalition wide area network." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2001. http://handle.dtic.mil/100.2/ADA397542.
Full textAbstract:
Thesis (M.S. in Systems Technology (Command, Control, and Communications)) Naval Postgraduate School, June 2001.Thesis advisor(s): Irvine, Cynthia E. "June 2001." Includes bibliographical references (p. 77-78). Also available online.
46
Lee, Wen-ping, and 李文平. "Active Network Security Immune System." Thesis, 2004. http://ndltd.ncl.edu.tw/handle/66633183042476585713.
Full textAbstract:
碩士中華大學
資訊工程學系碩士班
92
With the popularity of Internet, the problem of computer security is transformed single computer problem into all computers problem on the Internet. Computers are attacked by novel viruses spreading over the Internet maliciously. To overcome this problem, many researchers had brought up different kinds of mechanism such as authentication, data encryption, antivirus system, firewall, and intrusion detection system (IDS). However, none of them can resist the Denial of Service (DoS) attack and its transformations effectively. In the thesis, we propose a new high detection rate technique, new response mechanism, an active network based security system - Active Network Security Immune System (ANSIS), and its implementation. ANSIS is a compatible, scalable and practical network framework. It can cope with any type of DoS, including novel worm spreading. Moreover, ANSIS has the same characteristics as creature and its immune system. It not only improves the security of network system substantially, but also reduces the cost of management and maintenance by a wide margin.
47
Yeh, Hua-I., and 葉華裔. "Network Security Self-Defense System." Thesis, 2009. http://ndltd.ncl.edu.tw/handle/17841998359762356555.
Full text
48
Mgabile, Tinny. "Network intrusion detection system using neural networks approach in networked biometrics system." Thesis, 2014. http://hdl.handle.net/10210/10054.
Full textAbstract:
M.Phil. (Electrical and Electronic Engineering)Network security has become increasingly important as more and more applica- tions are making their way into the market. The research community has proposed various methods to build a reliable network intrusion detection system to detect unauthorised activities in networked systems. However many network intrusion detection systems that have been reported in literature su er from an excessive number of false positives, false negatives, and are unable to cope with new, elegant and structured attacks. This is mainly because most network intrusion detection systems rely on security experts to analyze the network tra c data and manually construct intrusion detection rules. This study proposes to use a machine learning technique such as neural network approach to anomaly based network intrusion detection system (NIDS). The main objective for this study is to construct an NIDS model that will produce approx- imate to zero false positive or no false positive at all and have high degree of accuracy in detecting network attacks. The neural network (NN) model is trained on a biometric networked system dataset simulated in the study, containing strictly replayed and normal network tra c that encourage the development of the pro- posed NIDS. By analyzing the NN{based NIDS results, the study reached the false positive rate of 0, and high accuracy rate of 100 percent. To support the results obtained in this study, the performance of the NN{based NIDS was compared to two other classi cation methods (k{nearest neighbor algorithm (KNN) and Naive Bayes). The results obtained from KNN and naive Bayes were 99.87 and 99.75 percent respectively. These results show that the proposed model can successfully be used as an e ective tool for solving complicated classi cation problems such as NIDS.
49
Chang, Po-chieh, and 章博傑. "Distributed Network Security Analysis and Detection system." Thesis, 2008. http://ndltd.ncl.edu.tw/handle/7rtd4y.
Full textAbstract:
碩士銘傳大學
資訊傳播工程學系碩士班
96
Because the using generally of network at present, no matter the government office, incorporated business, school, even personal behavior, with have greatest connection by network, and this because characteristic of network " convenient ", however, the so-called network hacker exactly utilize convenience of the network to disseminate the virus procedure or the back door procedure to wait for an opportunity to carry on some hostile behaviors everywhere now, so how to prevent these hacker of network behavior, raise security of network is more and more important. How security of raising the network system is a subject paid attention to now. There are a lot of about protecting the software of the network security system too on the market at present, or by way of joining the webpage, help users to analyse that detect and examine the security of system, with these relevant software, the security efficiency that can become certain, however, present network hacker''s attacks are diversified gradually, dispersing type, so traditional shelter of form software already gradually unable various attack produce and react more and more to now. The present network attacks the way to adopt the dispersing type gradually, in view of this, originally research and propose and design the network security system by way of analysis of the dispersing type, through information collection of content of person who disperse, from with systematic daily record of systematic daily record and different kind of kind, analyse the unusual behavior or the attack, and then related with it, cross than the way to inquiring about, reach the analysis of the dispersing type homogeneity daily record and dispersing type heterogeneous daily record, and then improve the efficiency of the network security system, offer the way in which the general user uploads the daily record with the webpage, the persons who help to upload the daily record offer the dispersing type to analyse the report form, reach the function shared.
50
Sherwood, Michael E. "System and network security : the potential of intrusion detection systems /." 2004. http://emp3.hbg.psu.edu/theses/available/etd-05072004-124842/.
Full text