Dissertations / Theses on the topic 'Trojan Attack'

This dissertation focuses on the forensic validation of computer evidence. It is a burgeoning field, by necessity, and there have been significant advances in the detection and gathering of evidence related to electronic crimes. What makes the computer forensics field similar to other forensic fields is that considerable emphasis is placed on the validity of the digital evidence. It is not just the methods used to collect the evidence that is a concern. What is also a problem is that perpetrators of digital crimes may be engaged in what is called anti-forensics. Digital forensic evidence techniques are deliberately thwarted and corrupted by those under investigation. In traditional forensics the link between evidence and perpetrator's actions is often straightforward: a fingerprint on an object indicates that someone has touched the object. Anti-forensic activity would be the equivalent of having the ability to change the nature of the fingerprint before, or during the investigation, thus making the forensic evidence collected invalid or less reliable. This thesis reviews the existing security models and digital forensics, paying particular attention to anti-forensic activity that affects the validity of data collected in the form of digital evidence. This thesis will build on the current models in this field and suggest a tentative first step model to manage and detect possibility of anti-forensic activity. The model is concerned with stopping anti-forensic activity, and thus is not a forensic model in the normal sense, it is what will be called a “meta-forensic” model. A meta-forensic approach is an approach intended to stop attempts to invalidate digital forensic evidence. This thesis proposes a formal procedure and guides forensic examiners to look at evidence in a meta-forensic way.

Abstract The design principles proposed independently by both Ralph Merkle and Ivan Damgård in 1989 are applied widely in hash functions that are used in practice. The construction reads the message in one message block at a time and applies iteratively a compression function that, given a single message block and a hash value, outputs a new hash value. This iterative structure has some security weaknesses. It is vulnerable, for instance, to Joux's multicollision attack, herding attack that uses diamond structures and Trojan message attack. Our principal research topic comprises the deficiencies in hash function security induced by the Merkle-Damgård construction. In this work, we present a variant of Joux's multicollision attack. We also develop a new, time-saving algorithm for creating diamond structures. Moreover, two new efficient versions of Trojan message attack are introduced. The main contribution of the thesis is the analysis of generalized iterated hash functions. We study the combinatorial properties of words from a new perspective and develop results that are applied to give a new upper bound for the complexity of multicollision attacks against the so called q-bounded generalized iterated hash functions
Tiivistelmä Vuonna 1989 Ralph Merkle ja Ivan Damgård ehdottivat toisistaan riippumatta hash-funktioille suunnitteluperiaatteita, joita käytetään tänä päivänä laajasti. Niin kutsuttu Merkle-Damgård -rakenne lukee viestin sisään viestiblokki kerrallaan ja käyttää tiivistefunktiota, joka liittää hash-arvoon ja viestiblokkiin uuden hash-arvon. Tällä iteratiivisella rakenteella on joitakin turvallisuusheikkouksia. Se on haavoittuva esimerkiksi Joux’n monitörmäyshyökkäykselle, timanttirakenteita hyödyntävälle paimennushyökkäykselle ja Troijan viesti -hyökkäykselle. Väitöskirjan pääasiallinen tutkimusaihe on Merkle-Damgård -rakenteen aiheuttamat puutteet tietoturvassa. Tässä työssä esitetään uusi versio Joux’n monitörmäyshyökkäyksestä, luodaan uusi aikaa säästävä algoritmi timanttirakenteiden kehittämiseksi ja kaksi uutta tehokasta versiota Troijan viesti -hyökkäyksestä. Väitöskirjan tärkein kontribuutio on yleistettyjen iteratiivisten hash-funktioiden turvallisuuden analysointi. Sanojen kombinatorisia ominaisuuksia tutkitaan uudesta näkökulmasta, jonka pohjalta kehitettyjä tuloksia soveltamalla luodaan uusi yläraja niin kutsuttujen q-rajoitettujen yleisten iteratiivisten hash-funktioiden monitörmäyshyökkäysten kompleksisuudelle

This doctoral thesis summarizes research in quantum cryptography done at the Department of Electronics and Telecommunications at the Norwegian University of Science and Technology (NTNU) from 1998 through 2007.

The opening parts contain a brief introduction into quantum cryptography as well as an overview of all existing single photon detection techniques for visible and near infrared light. Then, our implementation of a fiber optic quantum key distribution (QKD) system is described. We employ a one-way phase coding scheme with a 1310 nm attenuated laser source and a polarization-maintaining Mach-Zehnder interferometer. A feature of our scheme is that it tracks phase drift in the interferometer at the single photon level instead of employing hardware phase control measures. An optimal phase tracking algorithm has been developed, implemented and tested. Phase tracking accuracy of +-10 degrees is achieved when approximately 200 photon counts are collected in each cycle of adjustment. Another feature of our QKD system is that it uses a single photon detector based on a germanium avalanche photodiode gated at 20 MHz. To make possible this relatively high gating rate, we have developed, implemented and tested an afterpulse blocking technique, when a number of gating pulses is blocked after each registered avalanche. This technique allows to increase the key generation rate nearly proportionally to the increase of the gating rate. QKD has been demonstrated in the laboratory setting with only a very limited success: by the time of the thesis completion we had malfunctioning components in the setup, and the quantum bit error rate remained unstable with its lowest registered value of about 4%.

More than half of the thesis is devoted to various security aspects of QKD. We have studied several attacks that exploit component imperfections and loopholes in optical schemes. In a large pulse attack, settings of modulators inside Alice's and Bob's setups are read out by external interrogating light pulses, without interacting with quantum states and without raising security alarms. An external measurement of phase shift at Alice's phase modulator in our setup has been demonstrated experimentally. In a faked states attack, Eve intercepts Alice's qubits and then utilizes various optical imperfections in Bob's scheme to construct and resend light pulses in such a way that Bob does not distinguish his detection results from normal, whereas they give Bob the basis and bit value chosen at Eve's discretion. Construction of such faked states using several different imperfections is discussed. Also, we sketch a practical workflow of breaking into a running quantum cryptolink for the two abovementioned classes of attacks. A special attention is paid to a common imperfection when sensitivity of Bob's two detectors relative to one another can be controlled by Eve via an external parameter, for example via the timing of the incoming pulse. This imperfection is illustrated by measurements on two different single photon detectors. Quantitative results for a faked states attack on the Bennett-Brassard 1984 (BB84) and the Scarani-Acin-Ribordy-Gisin 2004 (SARG04) protocols using this imperfection are obtained. It is shown how faked states can in principle be constructed for quantum cryptosystems that use a phase-time encoding, the differential phase shift keying (DPSK) and the Ekert protocols. Furthermore we have attempted to integrate this imperfection of detectors into the general security proof for the BB84 protocol. For all attacks, their applicability to and implications for various known QKD schemes are considered, and countermeasures against the attacks are proposed.

The thesis incorporates published papers [J. Mod. Opt. 48, 2023 (2001)], [Appl. Opt. 43, 4385 (2004)], [J. Mod. Opt. 52, 691 (2005)], [Phys. Rev. A 74, 022313 (2006)], and [quant-ph/0702262].

Att skydda sin IT-miljö mot olika typer av intrång och attacker som till exempel trojaner,skadliga Java applets eller DoS attacker med hjälp av brandväggar och antivirusprogramär två viktiga lager i skalskyddet. I den här uppsatsen undersöks hur väl ett Intrusion Prevention System skulle kunna fungera som ett ytterligare lager i skalskyddet. Fokus ligger på hur väl IPS-systemet klarar av att avvärja attacker, hur mycket tid som går åt till konfigurering och drift för att få ett fungerande IPS samt hur prestandan i nätverket påverkas av implementationen. För att mäta hur väl IPS systemet klarar av att upptäcka och blockera attacker utförs två experiment där ett mindre nätverk attackeras på olika sätt. I det första experimentet skyddas infrastrukturen av en brandvägg och klienterna är utrustade med antivirusprogram. I det andra experimentet genomförs samma attacker igen fast med ett Snort IPS implementerat i nätverket. Resultatet av de genomförda experimenten visar att en IPS klarar att blockera ca 87% av attackerna, men nätverksprestandan påverkas negativt. Slutsatsen är att endast brandväggar och antivirusprogram inte ger ett fullgott skydd.

More money nowadays moves online and it is very understandable that criminals want to make more money online aswell, because these days’ banks don’t have large sums of money in their cash box. Since there are many other internalrisks involved in robbing a bank, criminals have found many other ways to commit crimes and much lower risMore money nowadays moves online and it is very understandable that criminals want to make more money online as well, because these days’ banks don’t have large sums of money in their cash box. Since there are many other internal risks involved in robbing a bank, criminals have found many other ways to commit crimes and much lower risk in online crime. The first level of change involved was email-based phishing, but later circumstances changed again.

Authentication methods and security of online bank has been improved over the period. This will drastically reduce effects of phishing based on emails and fraudulent website. The next level of online bank fraud is called banking Trojans. These Trojans infect the online customers of banks. These Trojans monitors customer’s activities and uses their authenticated session to steal customers’ money.

A lot of money is made by these kinds of attacks. Comparatively few perpetrators have been caught, and the problem is getting worse day by day. To have a better understanding of this problem, I have selected a recent malware sample named as SilentBanker. It had the capability of attacking more than 400 banks. This thesis presents the problem in general and includes my results in studying the behaviour of the SilentBanker Trojan.

O autor pergunta, a partir da iconografia da Guerra de Tróia, pelo lugar da guerra no imaginário ateniense durante os séculos VI-V a.C.. O corpus da pesquisa é constituído por 248 vasos áticos referentes a nove cenas: 1) Armamento de Aquiles; 2) Partida de Aquiles; os duelos entre 3) Páris e Menelau, 4) Enéias e Diomedes, 5) Ájax e Heitor, 6) Aquiles e Heitor, 7) Aquiles e Mêmnon; os retornos de guerreiros mortos em batalha: 8) Sono e Morte carregando o corpo de Sarpédon e 9) Ájax carregando o corpo de Aquiles. Os recortes espacial, Atenas, e cronológico, séculos VI-V a.C., foram feitos devido à escolha deliberada dos vasos áticos e ao surgimento e desaparecimento do tema nesse período. Partindo dos pressupostos de que há uma relação entre imagens e sociedade e de que as imagens são construções do imaginário social, que permitem uma aproximação às representações coletivas, o autor propõe ser a Guerra de Tróia um elemento constitutivo do imaginário ateniense nos séculos VI-V a.C. e remeter sua iconografia às representações dos atenienses sobre a atividade guerreira em seu próprio tempo. As imagens pintadas da Guerra de Tróia, antes de serem ilustrações de um evento do passado, são manifestações da imagem que a cidade de Atenas faz de si mesma em relação à guerra. Presente na memória coletiva dos atenienses, a Guerra de Tróia é um acontecimento, no qual a cidade fundamenta seus valores, sua sociedade e os respectivos papéis de seus cidadãos. Em suma, a guerra, antes de ser uma atividade restrita aos guerreiros, envolve toda a cidade, isto é, os não guerreiros, entre os quais, a mulher e o homem idoso, pais do guerreiro, ocupam um lugar preponderante.
From the iconography of the Trojan War, the author asks about the place of the war in the Athenian imaginary in the sixth and fifth centuries B.C. The corpus of the research is composed of 248 attic vases about nine scenes: 1) The arming of Achilles; 2) The departure of Achilles; the duels: 3) Paris fighting Menelaos, 4) Aeneas fighting Diomedes, 5) Ajax fighting Hector, 6) Achilles fighting Hector, 7) Achilles fighting Memnon; the returns of the dead warriors in battle: 8) Sleep and Death carrying the body of Sarpedon, and 9) Ajax carrying the body of Achilles. The choice of space, Athens, and chronological period, 6th and 5th centuries B.C., was based on a deliberate option for the attic vases and on the appearance and disappearance of the theme in this period. Based on the assumptions that there is a relationship between images and society and that images are constructs of the social imaginary, allowing an approximation to collective representations, the author proposes that the Trojan War is a constituent element of the Athenian imaginary in the sixth and fifth centuries B.C. and that its iconography refers to the representations of Athenians on the war activity in their own time. The Trojan Wars painted pictures, rather than being illustrations of an event from the past, are manifestations of the image that the city of Athens makes about itself, concerning the war. The Trojan War is an event in the collective memory of the Athenians, upon which the city establishes its values, its society and the respective roles of its citizens. In short, that war, rather than being an activity restricted to warriors, concerns the whole city, namely, the non-warriors, among them, the woman and the old man, the warriors parents, who hold an important place.

L'exportation et la mutualisation des industries de fabrication des circuits intégrés impliquent de nombreuses interrogations concernant l'intégrité des circuits fabriqués. On se retrouve alors confronté au problème d'insertion d'une fonctionnalité dissimulée pouvant agir de façon cachée : on parle de Cheval de Troie Matériel (CTM). En raison de la complexité d'un circuit intégré, repérer ce genre de modification se révèle particulièrement difficile. Le travail proposé dans ce manuscrit s'oriente vers une technique de détection non destructrice de CTM. L’approche consiste à utiliser les temps de calculs internes du système étudié comme canal permettant de détecter des CTM. Dans ces travaux, un modèle décrivant les temps de calcul est défini. Il prend notamment en compte deux paramètres importants que sont les conditions expérimentales et les variations de procédés.Des attaques en faute par glitchs d’horloge basée sur la violation de contraintes temporelles permettent de mesurer des temps de calcul internes. Des cartes fiables sont utilisées pour servir de référence. Après avoir validé la pertinence de ce canal d’étude concernant l’obtention d’informations sur le comportement interne du circuit cible, on procède à des détections expérimentales de CTM insérés à deux niveaux d’abstraction (niveau RTL et après l'étape de placement/routage). Des traitements avec prise en compte des variations de procédés permettent d'identifier si les cartes testées sont infectées par un CTM
The globalization of integrated circuits fabrication involves several questions about the integrity of the fabricated circuits. Malicious modifications called Hardware Trojans (HT) can be introduced during the circuit production process. Due to the complexity of an integrated circuit, it is really difficult to find this kind of alterations.This work focuses on a non-destructive method of HT detection. We use the paths delays of the studied design as a channel to detect HT. A model to describe paths delays is defined. It takes into account two important parameters which are the experimental conditions and the process variations.Faults attacks by clock glitches based on timing constraints violations have been performed to measure data paths delays. Reliable circuits are used for reference. After validating the relevance of this channel to get information on the internal behavior of the targeted design, experimental detections of HT inserted on two different abstraction levels (RTL and after place and route) were achieved. Process variations are taken into consideration in the studies to detect if the tested circuits are infected

This thesis treats the identification between the Teucrians and the Ṯ-k-(k)-r, one of the so-called Sea Peoples. The hypothesis that the Teucrians and the Ṯ-k-(k)-r would be one and the same was proposed by the Egyptologist Lauth in 1867 and has since become the standard identification for this Sea People. The hypothesis is to-day up-hold by almost all scholars, regarding of discipline, devoted to the research of the Sea Peoples. The author has limited himself to the geographical links between these two peoples. Regarding the Teucrians, the ancient authors suggested three different areas of origin, Crete, Attica, and the Troad. Besides this, the Cypriot Salamis as well as the Cilician Olba have also been linked to this people. By studying the ancient texts relating to these five geographical areas and their respective connections to the Teucrians, the author has set out to test the historicity of the geographical connections. He has gone through the ancient texts and tried to find out the sources for their statements, the background and origin of these connections and their historical value. This has then been compared to the primary sources regarding the Ṯ-k-(k)-r, all of which originate from Egypt and the 20th Dynasty. The results of this survey is that none of the ancient accounts can be verified, with certainty, with information received from sources contemporary with the Sea Peoples. Furthermore, it is also impossible to prove that the Teucrians were an historical people and thusly their identification with the Ṯ-k-(k)-r is very problematic. Of the geographical areas, it is only Cyprus that with certainty can be linked to the Sea Peoples, but probably not with the Ṯ-k-(k)-r but with the D-n-n.

Formigas são insetos eusociais intensamente dependentes da comunicação química, possuindo características morfológicas, bioquímicas, fisiológicas e comportamentais adaptadas a um estilo de vida circundado por mensagens químicas. Esta peculiaridade olfativa do ponto de vista biológico, reflete nos padrões altamente polimórficos encontrados nas colônias dos grupos mais derivados, como as formigas cortadeiras (Attini). Assim, as castas e sub castas encontradas nos ninhos de formigas do gênero Atta, possuiriam características, como os órgãos olfativos e a sensibilidade eletrofisiológica, variáveis de acordo com seus tamanhos corpóreos e funções exercidas na colônia. Portanto, haveria uma correlação direta ou indireta do tamanho das formigas, os perfis comportamentais e comunicação química nessas espécies. Essa relação poderia ser vista em diversas atividades, como a limpeza entre os indivíduos e a troca de alimentos via oral. Dessa forma, a presente tese foca na interação entre o polimorfismo, polietismo e comunicação química nas formigas de Atta sexdens. Ainda descreve a participação das operárias e rainha nos comportamentos de grooming e trofalaxia, ligando-os à possível função de dispersão de hidrocarbonetos de cutícula na colônia. A tese esta dividida em quatro capítulos. O Capítulo 1, compreendeu uma introdução dos conhecimentos abordados em toda tese, e as linhas gerais do trabalho. No Capítulo 2, foi realizado uma descrição quantitativa e qualitativa das sensilas em todas as castas e sub castas encontradas em ninhos de A. sexdens. Os resultados indicaram que esses órgãos sensoriais variaram de acordo com os padrões polimórficos e perfis etológicos. O Capítulo 3 abordou as respostas eletrofisiológicas da antenas a diferentes feromônios, comparando todos os grupos polimórficos de A. sexdens. Foram observados neste caso, similaridades e discrepâncias na sensibilidade aos conteúdos das glândulas de veneno, Dufour e mandibular entre as sub castas (jardineiras, generalistas, forrageiras e soldados), e também entre os machos e rainhas, possibilitando a correlação com as atividades que exercem no ninho. No Capítulo 4 investigou-se a participação de cada tipo de operárias de A. sexdens nos comportamentos de trofalaxia, allogrooming e self-grooming, relacionando-os com a presença da rainha dentro da câmara. Adicionalmente, frente aos resultados, as diferentes ações das sub castas nesses comportamentos puderam ser associadas à possível importância da limpeza e troca de alimentos na dispersão de compostos de reconhecimento e formadores do gestalt químico da colônia. Estes resultados, contribuem para uma melhor compreensão do complexo cenário sustentado pela eusocialidade, ecologia química, percepção olfativa e comportamento nas formigas cortadeiras.
Ants are eusocial insects intensely dependent on chemical communication. They have morphological, biochemical, physiological and behavioral features adapted to a life surrounded by many molecules messages. Furthermore, each olfactory peculiarity in any of the biological level mentioned above, reflects on the highly polymorphic patterns found in the colonies of the most derived groups, as the leaf cutter ants (Attini). Thus, the castes and sub castes of Atta ants, would have characteristics, as olfactory organs and electrophysiological sensibility, that vary following the body sizes and tasks performed in the colonies. Therefore, it would have a direct or indirect correlation among the sizes of the ants, their ethological profiles and the chemical communication in these species. This relation could be seen over different activities, as the grooming and oral trophallaxis. In this way, this thesis focus in the interaction among the polymorphism, polyethism and chemical communication in Atta sexdens. It still describes the participation of workers and queen in grooming and trophallaxis, linking them to a possible role in cuticular hydrocarbon dispersion over the colony. The thesis is divided in four chapters. In the Chapter 1, it is presented an introduction to the knowledge explored in all thesis, and also its outline. In the Chapter 2, there is a quantitative and qualitative description of sensilla from all castes and sub castes of A. sexdens, showing that these sensory organs vary following the polymorphic patterns and ethological profiles. The Chapter 3 explores the differences in the antennae electrophysiological responses to three pheromones, comparing them with all polymorphic groups of A. sexdens. The results demonstrate similarities and discrepancies in the sensibility to the contents of poison, Dufour and mandibular glands among the sub castes (gardeners, generalists, foragers and soldiers), and also between males and queens, enabling a correlation with their tasks. In the Chapter 4, it is investigated the roles of each type of A. sexdens workers in the trophallaxis, allogrooming and self-grooming behaviors, relating them with the queen presence. Additionally, and based in the results, the different roles of the sub castes can be associated to a possible action of grooming and trophallaxis in the dispersion of intraspecific recognition molecules and in the formation of a colony chemical gestalt. All results and discussion distributed along the thesis, therefore, contribute to a better understanding of a complex scenario, supported by the eusociality, chemical ecology, olfactory perception and behavior of the leaf cutter ants.

La thèse étudie la sécurité de la technologie ARM TrustZone dans le cadre des SoCs complexes hétérogènes. La thèse présente des attaques matérielles qui touchent des éléments de l’architecture des SoCs et elle présente aussi des stratégies de contremesure
The thesis studies the security of the ARM TrustZone technology in the context of complex heterogeneous SoCs. The thesis presents hardware attacks that affect elements of the SoCs architecture and it also presents countermeasure strategies

With the increase in globalization of Integrated Circuit (IC) design and production, hardware trojans have become a serious threat to manufacturers as well as consumers. These trojans could be intensionally or accidentally embedded in ICs to make a system vulnerable to hardware attacks. The implementation of critical applications using ICs makes the effect of trojans an even more serious problem. Moreover, the presence of untrusted foundries and designs cannot be eliminated since the need for ICs is growing exponentially and the use of third party software tools to design the circuits is now common. In addition if a trusted foundry for fabrication has to be developed, it involves a huge investment. Therefore, hardware trojan detection techniques are essential. Very Large Scale Integration (VLSI) system designers must now consider the security of a system against internal and external hardware attacks. Many hardware attacks rely on system vulnerabilities. Moreover, an attacker may rely on deprocessing and reverse engineering to study the internal structure of a system to reveal the system functionality in order to steal secret keys or copy the system. Thus hardware security is a major challenge for the hardware industry. Many hardware attack mitigation techniques have been proposed to help system designers build secure systems that can resist hardware attacks during the design stage, while others protect the system against attacks during operation. In this dissertation, the idea of quantifying hardware attacks, hardware trojans, and hardware trojan detection techniques is introduced. We analyze and classify hardware attacks into risk levels based on three dimensions Accessibility/Resources/Time (ART). We propose a methodology and algorithms to aid the attacker/defender to select/predict the hardware attacks that could use/threaten the system based on the attacker/defender capabilities. Because many of these attacks depends on hardware trojans embedded in the system, we propose a comprehensive hardware trojan classification based on hardware trojan attributes divided into eight categories. An adjacency matrix is generated based on the internal relationship between the attributes within a category and external relationship between attributes in different categories. We propose a methodology to generate a trojan life-cycle based on attributes determined by an attacker/defender to build/investigate a trojan. Trojan identification and severity are studied to provide a systematic way to compare trojans. Trojan detection identification and coverage is also studied to provide a systematic way to compare detection techniques and measure their e effectiveness related to trojan severity. We classify hardware attack mitigation techniques based on the hardware attack risk levels. Finally, we match these techniques to the attacks the could countermeasure to help defenders select appropriate techniques to protect their systems against potential hardware attacks.
Graduate
0544
0984
samerm@uvic.ca

碩士
國立成功大學
電機工程學系
107
This thesis presents two hardware Trojan designs that employ time information as a trigger condition based on the understanding of the time maintenance and update mechanism on a modern system. One is a real-time based Trojan, which will attack a system at some specific real-world time. The other is a relative-time based Trojan, which will be triggered when a specific time passes after the system is powered on. In either case, when a hardware Trojan is triggered, its payload circuit will corrupt the system or leakage internal confidential information to the attackers. In addition, this thesis also presents a hardware design scheme, which allows the trigger condition to be programmed after the chip is manufactured. The proposed time-related hardware Trojans have been inserted into an open-source processor and some of the current Trojan detection methods have been used to evaluate the effectiveness of the time-related hardware Trojans. Moreover, we implement the time- related hardware Trojans in the FPGA boards to demonstrate the attack effect. Experimental results show that the extra delay, area and power consumption are very small. In addition, we also use commercial verification tools and Trojan feature extraction detection technology to evaluate the presented hardware Trojans. Analysis results show that the above methods are not effective or additional test assertions are needed to detect the presented Trojan designs.

This thesis examines the characterization of Trojans in fifth-century Attic tragedy with a particular focus on their ability to shed light on the contemporary Athenian sense of identity. I argue against the notion that Trojans are displaced Persians, for they maintain a strong connection to their mythological heritage. The evidence I present draws on fifth-century Attic tragedies but also on the Iliad, iconography, and fragmentary tragedies. My discussion of passages from the Iliad creates a context for interpreting Trojan characters in fifth-century tragedy by establishing the tradition that tragedians could draw on as the background against which to set their Trojan characters. The iconographic evidence similarly adds depth to the project by stepping away from a textual focus to create a wider understanding of how Trojans were visually conceptualized. The fragmentary tragedies provide a tantalizing glimpse into the portrayal of Trojan men, who are otherwise almost entirely absent from tragedies. As a result, my discussion of tragedy focuses on Trojan women, and I suggest that they are representatives of an idealized culture designed to evoke an idealized sense of Athenian cultural identity. I examine Euripides’ Andromache to compare the portrayal of Spartans, contemporary fifth-century Athenian enemies, with that of Trojans to demonstrate the differences between them. Following that, I address the gendered nature of the aftermath of the Trojan War by focusing on one particularly feminine theme in each of three plays: exchange in Andromache, nostalgia in Trojan Women, and mourning in Hecuba. Finally, I discuss the role played by class in considering Trojan characters. Only Euripides’ Orestes presents a (male) character who was a slave in Troy before the fall, and this provides an excellent opportunity to contrast the treatment of that character with the treatment of the royal Trojan women. The purpose of this examination of Trojan characters is to demonstrate that there was an intellectual curiosity about them and their role in contemporary society. I argue in favour of a sympathetic treatment of Trojan characters, or more specifically, against the notion of a “Phrygianization of Troy,” and restore to the Trojans their own unique identity.

This thesis examines a large set of evidence in relation to the myth of the Judgement of Paris. Representations of this myth appeared in both literary and artistic media during antiquity. I will consider those preserved testimonies dated up to the 6th century AD. The relevant contributions of Christoph Clairmont (1951) and Irmgard Raab (1972) in regard to the artistic representations of the Judgement of Paris in antiquity are enlarged here through an extensive discussion of literary sources and the addition of new artworks not included in the catalogue of each. Before analysing the testimonies, I classify them in accordance with their medium, either literature or art. After this, I analyse them with regard to the literary genre or the artistic style that better describes each work. This generic analysis is followed by a contextual analysis that relates to the time and the place where each work was produced. In analysing the contexts, I give a special place to Athens, setting it apart from the rest of Greek contexts. The reason for doing this is the impressive amount of Athenian painted vases that represent the Judgement of Paris, for they comprise almost two thirds of the whole preserved output from antiquity. The thesis aims to explore the development of literary and artistic representations of the Judgement of Paris throughout antiquity, showing the place this story holds in the culture of the Graeco-Roman world. It also aims to investigate the connections between works of a single medium, whether art or literature, and between these two media of representation. In doing so, it uncovers the relationship between genre and narrative, and the transmission process of the Judgement of Paris into different contexts through art and literature. There is a list of artworks (Appendix 1) including the concordances to Clairmont (1951), Raab (1972), Beazley (1942, 1963, 1971 & 1978) & Carpenter (1989), Haspels (1936), the Lexicon Iconographicum Mythologiae Classicae, the Corpus Vasorum Antiquorum, and the Beazley Archive Database (http://www.beazley.ox.ac.uk/index.htm). Descriptions of art objects depicting undefined episodes of the Judgement of Paris are given in Appendix 2. Appendix 3 is a catalogue of objects not classified in the thesis. 66 plates of 177 artworks are included in Appendix 4. In order to meet the requirements for submitting a digital copy of this thesis, several images have been omitted in Appendix 4 (Plates). The omitted images are indicated by the “Copyright Material” caption.

Advances in Artificial Intelligence (AI), or more precisely on Neural Networks (NNs), and fast processing technologies (e.g. Graphic Processing Units or GPUs) in recent years have positioned NNs as one of the main machine learning algorithms used to solved a diversity of problems in both academia and the industry. While they have been proved to be effective in solving many tasks, the lack of security guarantees and understanding of their internal processing disrupts their wide adoption in general and cybersecurity-related applications. In this dissertation, we present the findings of a comprehensive study aimed to enable the absorption of state-of-the-art NN algorithms in the development of enterprise solutions. Specifically, this dissertation focuses on (1) the development of defensive mechanisms to protect NNs against adversarial attacks and (2) application of NN models for anomaly detection in enterprise networks.

In this state of affairs, this work makes the following contributions. First, we performed a thorough study of the different adversarial attacks against NNs. We concentrate on the attacks referred to as trojan attacks and introduce a novel model hardening method that removes any trojan (i.e. misbehavior) inserted to the NN models at training time. We carefully evaluate our method and establish the correct metrics to test the efficiency of defensive methods against these types of attacks: (1) accuracy with benign data, (2) attack success rate, and (3) accuracy with adversarial data. Prior work evaluates their solutions using the first two metrics only, which do not suffice to guarantee robustness against untargeted attacks. Our method is compared with the state-of-the-art. The obtained results show our method outperforms it. Second, we proposed a novel approach to detect anomalies using LSTM-based models. Our method analyzes at runtime the event sequences generated by the Endpoint Detection and Response (EDR) system of a renowned security company running and efficiently detects uncommon patterns. The new detecting method is compared with the EDR system. The results show that our method achieves a higher detection rate. Finally, we present a Moving Target Defense technique that smartly reacts upon the detection of anomalies so as to also mitigate the detected attacks. The technique efficiently replaces the entire stack of virtual nodes, making ongoing attacks in the system ineffective.