To see the other types of publications on this topic, follow the link: Communicative attack.
Dissertations / Theses on the topic 'Communicative attack'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Communicative attack.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Corzine, Larry M. "Communication breakdown DHS operations during a cyber attack." Thesis, Monterey, California. Naval Postgraduate School, 2010. http://hdl.handle.net/10945/4987.
Full textAbstract:
Approved for public release; distribution is unlimited<br>The Department of Homeland Security (DHS) leverages information technology to increase the effectiveness of first responders during disaster recovery. At the same time, cyber attacks against these information technologies have significantly increased. Unfortunately, cyber attacks have grown faster than the technologies used to defend them. The reliance on technology coupled with the difficulty of defending it makes it unrealistic to assume that communications will always be available when needed. Therefore, it is critical that first responders are prepared to operate when one or some of their communications abilities are lost. Alarmingly, DHS has the responsibility to prepare first responders to operate during disasters; however, they lack the authority to enforce programs to ensure this happens. This lack of authority affects how first responders communicate and provides gaps in DHS efforts to prepare for disasters. Until DHS has the authority to enforce change across all levels of government, communications will not be guaranteed during disaster recovery operations. However, DHS could leverage communication outages during operational exercises to better prepare first responders. This thesis explores DHS exercises on the federal, state and local levels and how they are preparing first responders to operate through cyber attacks.
2
Bas, Ali Karaca Volkan. "A simulation on organizational communication patterns during a terrorist attack." Monterey, Calif. : Naval Postgraduate School, 2008. http://handle.dtic.mil/100.2/ADA483636.
Full textAbstract:
Thesis (M.S. in Management)--Naval Postgraduate School, June 2008.<br>Thesis Advisor(s): Gibbons, Deborah E. ; Suchan, James E. "June 2008." Description based on title screen as viewed on August 28, 2008. Includes bibliographical references (p. 57-61). Also available in print.
3
Karaca, Volkan. "A simulation on organizational communication patterns during a terrorist attack." Thesis, Monterey, California. Naval Postgraduate School, 2008. http://hdl.handle.net/10945/4106.
Full textAbstract:
The purpose of this project is to provide a simulation which includes communication structures during a terrorist attack. Different communication patterns will provide different results in terms of effectiveness and efficiency. We are planning to identify some key variables to form an effective network structure in a military action. According to key variables of an organization, centralized and decentralized structures produce different communication patterns and different outputs as well. In a combat environment these different patterns will result in distinct results in terms of effectiveness and efficiency. This environment can be modeled by the help of software like Arena. As a part of the Global War on Terrorism NATO forces are conducting operations in Afghanistan. To enhance stability in Afghanistan, NATO established PRTs (Provincial Reconstruction Teams) composed of multinational elements (partly civilian, but mostly military. These teams are static, and form potential targets for terrorist attacks. We will use PRTs in our model as the target of the terrorists and try to discriminate communication structures in these ambush scenarios.
4
Shahriar, Chowdhury M. R. "Resilient Waveform Design for OFDM-MIMO Communication Systems." Diss., Virginia Tech, 2015. http://hdl.handle.net/10919/56973.
Full textAbstract:
This dissertation addresses physical layer security concerns, resiliency of the Orthogonal Frequency Division Multiplexing (OFDM) and the Multiple Input Multiple Output (MIMO) systems; the `de-facto' air-interface of most wireless broadband standards including LTE and WiMAX. The major contributions of this dissertation are: 1) developing jamming taxonomy, 2) proposing OFDM and MIMO equalization jamming attacks and countermeasures, 3) developing antijam (AJ) MIMO systems, and 4) designing null space projected overlapped-MIMO radar waveform for spectrum sharing between radar and communications system.
First, we consider OFDM systems under various jamming attacks. Previous research is focused on jamming OFDM data transmissions. We focus on energy efficient attacks that can disrupt communication severely by exploiting the knowledge of target waveform. Specifically, these attacks seek to manipulate information used by the equalization algorithm to cause errors to a significant number of symbols, i.e., pilot tones jamming and nulling. Potential countermeasures are presented in an attempt to make OFDM waveform robust and resilient. The threats were mitigated by randomizing the location and value of pilot tones, causing the optimal attack to devolve into barrage jamming.
We also address the security aspects of MIMO systems in this dissertation. All MIMO systems need a method to estimate and equalize channel, whether through channel reciprocity or sounding. Most OFDM-based MIMO systems use sounding via pilot tones. Like OFDM attacks, this research introduces MIMO channel sounding attack, which attempts to manipulate pilot tones to skew the channel state information (CSI) at the receiver.
We describe methods of designing AJ MIMO system. The key insight is that many of the theoretical concepts learned from transmit beamforming and interference alignment (IA) in MIMO systems can be applied to the field of AJ and robust communications in the presence of jammers. We consider a realistic jamming scenario and provide a `receiver-only' and a transmitter `precoding' technique that allow a pair of two-antenna transceivers to communicate while being jammed by a malicious non-cooperative single-antenna adversary.
Finally, we consider designing a collocated MIMO radar waveform, which employs a new MIMO architecture where antenna arrays are allowed to overlap. This overlapped-MIMO radar poses many advantages including superior beampattern and improvement in SNR gain. We combine this radar architecture with a projection-based algorithm that allows the radar waveform to project onto the null space of the interference channel of MIMO communications system, thus enabling the coexistence of radar and communications system.<br>Ph. D.
5
Toure, Almamy. "Collection, analysis and harnessing of communication flows for cyber-attack detection." Electronic Thesis or Diss., Valenciennes, Université Polytechnique Hauts-de-France, 2024. http://www.theses.fr/2024UPHF0023.
Full textAbstract:
La complexité croissante des cyberattaques, caractérisée par une diversification des techniques d'attaque, une expansion des surfaces d'attaque et une interconnexion croissante d'applications avec Internet, rend impérative la gestion du trafic réseau en milieu professionnel. Les entreprises de tous types collectent et analysent les flux réseau et les journaux de logs pour assurer la sécurité des données échangées et prévenir la compromission des systèmes d'information. Cependant, les techniques de collecte et de traitement des données du trafic réseau varient d'un jeu de données à l'autre, et les approches statiques de détection d'attaque présentent des limites d'efficacité et précision, de temps d'exécution et de scalabilité. Cette thèse propose des approches dynamiques de détection de cyberattaques liées au trafic réseau, en utilisant une ingénierie d'attributs basée sur les différentes phases de communication d'un flux réseau, couplée aux réseaux de neurones à convolution (1D-CNN) et leur feature detector. Cette double extraction permet ainsi une meilleure classification des flux réseau, une réduction du nombre d'attributs et des temps d'exécution des modèles donc une détection efficace des attaques. Les entreprises sont également confrontées à des cybermenaces qui évoluent constamment, et les attaques "zero-day", exploitant des vulnérabilités encore inconnues, deviennent de plus en plus fréquentes. La détection de ces attaques zero-day implique une veille technologique constante et une analyse minutieuse, mais coûteuse en temps, de l'exploitation de ces failles. Les solutions proposées garantissent pour la plupart la détection de certaines techniques d'attaque. Ainsi, nous proposons un framework de détection de ces attaques qui traite toute la chaîne d'attaque, de la phase de collecte des données à l'identification de tout type de zero-day, même dans un environnement en constante évolution. Enfin, face à l'obsolescence des jeux de données et techniques de génération de données existants pour la détection d'intrusion et à la nature figée, non évolutive, et non exhaustive des scénarios d'attaques récents, l'étude d'un générateur de données de synthèse adapté tout en garantissant la confidentialité des données est abordée. Les solutions proposées dans cette thèse optimisent la détection des techniques d'attaque connues et zero-day sur les flux réseau, améliorent la précision des modèles, tout en garantissant la confidentialité et la haute disponibilité des données et modèles avec une attention particulière sur l'applicabilité des solutions dans un réseau d'entreprise<br>The increasing complexity of cyberattacks, characterized by a diversification of attack techniques, an expansion of attack surfaces, and growing interconnectivity of applications with the Internet, makes network traffic management in a professional environment imperative. Companies of all types collect and analyze network flows and logs to ensure the security of exchanged data and prevent the compromise of information systems. However, techniques for collecting and processing network traffic data vary from one dataset to another, and static attack detection approaches have limitations in terms of efficiency and precision, execution time, and scalability. This thesis proposes dynamic approaches for detecting cyberattacks related to network traffic, using feature engineering based on the different communication phases of a network flow, coupled with convolutional neural networks (1D-CNN) and their feature detector. This double extraction allows for better classification of network flows, a reduction in the number of attributes and model execution times, and thus effective attack detection. Companies also face constantly evolving cyber threats, and "zero-day" attacks that exploit previously unknown vulnerabilities are becoming increasingly frequent. Detecting these zero-day attacks requires constant technological monitoring and thorough but time-consuming analysis of the exploitation of these vulnerabilities. The proposed solutions guarantee the detection of certain attack techniques. Therefore, we propose a detection framework for these attacks that covers the entire attack chain, from the data collection phase to the identification of any type of zero-day, even in a constantly evolving environment. Finally, given the obsolescence of existing datasets and data generation techniques for intrusion detection, and the fixed, non-evolving, and non-exhaustive nature of recent attack scenarios, the study of an adapted synthetic data generator while ensuring data confidentiality is addressed. The solutions proposed in this thesis optimize the detection of known and zero-day attack techniques on network flows, improve the accuracy of models, while ensuring the confidentiality and high availability of data and models, with particular attention to the applicability of the solutions in a company network
6
Groeling, Tim. "When politicians attack : the causes, contours, and consequences of partisan political communication /." Diss., Connect to a 24 p. preview or request complete full text in PDF format. Access restricted to UC IP addresses, 2001. http://wwwlib.umi.com/cr/ucsd/fullcit?p3027048.
Full text
7
Lambert, Maria T. "Attack of the Mommy Mafia| Examining The Honest Company's Use of Coombs' SCCT Strategies." Thesis, University of Louisiana at Lafayette, 2015. http://pqdtopen.proquest.com/#viewpdf?dispub=1593182.
Full textAbstract:
<p> A crisis can threaten the existence of an organization, and in this social media age, information is spread at lightning-fast speeds forcing crisis communication managers to work quickly to quell any unflattering press. Companies in crisis situations attempt to mitigate damage and repair reputations using crisis communication strategies, such as Coombs’ Situational Crisis Communication Theory (SCCT). This thesis explored social media as a crisis communication channel for these strategies, by studying an organizational crisis that played out almost entirely on social media, through the lens of SCCT.</p><p> This thesis used six statements made by The Honest Company during a 2013 crisis where stakeholders accused the company of bullying a working mother over trademark rights. The company’s crisis communication messages were retrieved, and by using discourse analysis the messages were examined through the guidelines of the SCCT model, which allowed categorization of the messages according to SCCT, analysis of their effectiveness, and the defining of SCCT challenges in analyzing this organizational conflict aggrandized through social media.</p><p> This study found that even though The Honest Company did not strictly adhere to SCCT’s guidelines, it was able to flourish and surpass consumer expectations after the crisis ended. The examination of this crisis offered insight into SCCT’s lack of clarity and direction concerning its crisis types, strategies, and guidelines. It also offered suggestions for more specific crisis types and the expansion of crisis types for SCCT. </p>
8
Bedhammar, Jennifer, and Oliver Johansson. "Visualization of cyber security attacks." Thesis, Linköpings universitet, Medie- och Informationsteknik, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-167144.
Full textAbstract:
The Swedish Defence Research Agency (FOI) simulates cyber attacks for research and education purposes in their cyber range, CRATE, with a system called SVED. This thesis describes the process of creating a visualization of the log files produced by SVED, with the purpose of increasing the users’ comprehension of the log files and thereby increasing their knowledge of the simulated attacks. To create an effective visualization a user study was held to know the users’ needs, experiences and requirements. Several designs were created based on the results and one was selected and refined using feedback from workshops. A web-based implementation of the design was created using the D3.js library, which included a directed graph, icicle chart and network graph to visualize the data. Thereafter an evaluation was held to analyze if the implementation was more effective than the log files, by letting the participants solve tasks defined by the user study. The results from the evaluation indicates that the visualization has a higher success rate than the log files when solving the tasks. They also indicate that finding the solution requires less time with the visualization. However, since the evaluation tasks were based on the user study, the results only conclude that the visualization is more effective when solving similar tasks. For further development the visualization could be improved with features like real time rendering and linkage with FOI’s internal systems. Additionally, with more research and further testing, the visualization could be used as a tool for standardization of graphics in cyber space. In conclusion, a visualization of the log files has been implemented and according to the evaluation does the visualization increase the users’ comprehension of the data in SVED’s log files.
9
Franz, Elke, Stefan Pfennig, and André Fischer. "Communication Overhead of Network Coding Schemes Secure against Pollution Attacks." Saechsische Landesbibliothek- Staats- und Universitaetsbibliothek Dresden, 2012. http://nbn-resolving.de/urn:nbn:de:bsz:14-qucosa-89807.
Full textAbstract:
Network coding is a promising approach for increasing performance of multicast data transmission and reducing energy costs. Of course, it is essential to consider security aspects to ensure a reliable data transmission. Particularly, pollution attacks may have serious impacts in network coding since a single attacker can jam large parts of the network. Therefore, various approaches have been introduced to secure network coding against this type of attack.
However, introducing security increases costs. Even though there are some performance analysis of secure schemes, to our knowledge there are no details whether these schemes are worthwhile to replace routing under the facet of efficiency. Thus, we discuss in this report parameters to assess the efficiency of secure network coding schemes. Using three network graphs, we evaluate parameters focusing on communication overhead for selected schemes. Our results show that there are still benefits in comparison to routing depending on the network topology.
10
Atiiq, Syafiq Al. "Adaptive Counteraction Against Denial of Service Attack." Thesis, KTH, Nätverk och systemteknik, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-219382.
Full textAbstract:
The Internet of Things (IoT) is the next generation of networked society where billions of, everyday-life, devices are directly connected to the Internet and able to communicate with each other. In particular, the Constrained Application Protocol (CoAP) has become the de-facto IoT standard for communication at the application layer, as a lightweight web transfer protocol affordable also for resource-constrained platforms. However, as IoT devices are directly connected to the Internet, they are especially vulnerable to a number of security attacks including Denial of Service (DoS), which can seriously worsen their performance and responsiveness, and even make them totally unavailable to serve legitimate requests. In this Master's Thesis project, we have developed a cross-layer and context-aware approach that adaptively counteracts DoS attacks against CoAP server devices, by dynamically adjusting their operative state according to the attack intensity. This considerably limits the impact of DoS attacks and preserves service availability of victim devices to the best possible extent. The proposed approach leverages a trusted Proxy that adaptively shields victim devices, while effectively forwarding and caching messages if needed. We have made a proof-of-concept implementation of our solution for the Californium framework and the CoAP protocol, and experimentally evaluated its effectiveness in counteracting DoS and preserving availability of devices under attack. This Master's Thesis project has been conducted in collaboration with RISE SICS, a research institute for applied information and communication technology in Sweden.<br>Sakernas Internet (IoT) är nästa generations nätverkssamhälle där miljarder av, vardagliga, enheter är direkt anslutna till Internet och har möjlighet att kommunicera med varandra. Särskilt har CoAP, ett lättviktsprotokoll för webbtrafik som även fungerar för plattformar med begränsade resurser, blivit Sakernas Internets standard för kommunikation på applikationslagret. Men eftersom IoT-enheter är direkt anslutna till Internet så är de också speciellt utsatta för ett antal säkerhetsattacker, inklusive DoS, som kan försämra deras prestanda och mottaglighet avsevärt och i värsta fall göra dem helt otillgängliga för legitima förfrågningar. I detta examensarbete har vi utvecklat en lageröverskridande och kontextmedveten metod som adaptivt motverkar DoS attacker mot CoAP serverenheter genom att dynamiskt anpassa enhetens operativa tillstånd i enlighet med attackintensiteten. Detta begränsar DoS-attackers påverkan på enheterna avsevärt samtidigt som det bibehåller tillgänglighet för tjänster på utsatta enheter till största möjliga utsträckning. Den föreslagna metoden utnyttjar en betrodd proxy som adaptivt skyddar utsatta enheter, samtidigt som den effektivt vidarebefordrar och sparar meddelanden om så behövs. I detta arbete har vi skapat en proof of concept-implementation av vår lösning för Californium-ramverket och CoAP protokollet. Arbetet har utvärderats experimentellt för att undersöka lösningens effektivitet när det gäller att motarbeta DoS-attacker samt hur den bibehåller enheters tillgänglighet under attacker. Detta uppsatsprojekt har utförts i samarbete med RISE SICS som är ett forskningsinstitut för tillämpad informations- och kommunikationsteknik i Sverige.
11
Fischer, Benjamin. "Vehicular Group Membership Resilient to Malicious Attacks." Thesis, Linköpings universitet, Programvara och system, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-158086.
Full textAbstract:
There is a range of tools and techniques in the realm of information security that can be used to enhance the security of a distributed network protocol and some of them introduce new problems. A security analysis of the distributed network protocol SLMP is made and three vulnerabilities are identified; messages can be intercepted and tampered with, nodes can fake id, and leader nodes can do a lot of harm if they are malicious. Three versions of SLMP that aims to remedy these vulnerabilities are implemented and the results show that while they remedy the vulnerabilities some of them introduce new problems.
12
Albarino, Laurie Ann. "Nonprofit Leader External Communication Strategies to Attract New Donors." ScholarWorks, 2019. https://scholarworks.waldenu.edu/dissertations/7853.
Full textAbstract:
Approximately 64% of nonprofit leaders struggle to connect with supporters through fund initiatives alone, and 59% of nonprofit leaders lack the marketing communication capability to attract new donors. Fundraising is vital to nonprofit organizations' sustainability and essential for successfully attracting new donors. The purpose of this qualitative single case study was to explore effective external communication strategies used by 3 southern California nonprofits through the conceptual lens of the integrated marketing communications theory. Data were gathered using semistructured interviews, a review of organizational documents and online databases, and the Baldrige Excellence Framework. The data were analyzed using Yin's 5-step process. The two key themes that emerged were process strengths and process opportunities. The results of this study could contribute to positive social change by helping organizations strengthen external communications strategies to increase new donors and financial capital to achieve mission goals.
13
Alnifie, Ghada Matooq. "A multi-channel defense against communication denial-of-service attacks in wireless networks." Fairfax, VA : George Mason University, 2008. http://hdl.handle.net/1920/3347.
Full textAbstract:
Thesis (Ph.D.)--George Mason University, 2008.<br>Vita: p. 152. Thesis director: Robert Simon. Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Computer Science. Title from PDF t.p. (viewed Jan. 8, 2009). Includes bibliographical references (p. 144-151). Also issued in print.
14
Opie, Jake Weyman. "Securing softswitches from malicious attacks." Thesis, Rhodes University, 2007. http://hdl.handle.net/10962/d1007714.
Full textAbstract:
Traditionally, real-time communication, such as voice calls, has run on separate, closed networks. Of all the limitations that these networks had, the ability of malicious attacks to cripple communication was not a crucial one. This situation has changed radically now that real-time communication and data have merged to share the same network. The objective of this project is to investigate the securing of softswitches with functionality similar to Private Branch Exchanges (PBX) from malicious attacks. The focus of the project will be a practical investigation of how to secure ILANGA, an ASTERISK-based system under development at Rhodes University. The practical investigation that focuses on ILANGA is based on performing six varied experiments on the different components of ILANGA. Before the six experiments are performed, basic preliminary security measures and the restrictions placed on the access to the database are discussed. The outcomes of these experiments are discussed and the precise reasons why these attacks were either successful or unsuccessful are given. Suggestions of a theoretical nature on how to defend against the successful attacks are also presented.
15
Ren, Kui. "Communication security in wireless sensor networks." Worcester, Mass. : Worcester Polytechnic Institute, 2007. http://www.wpi.edu/Pubs/ETD/Available/etd-040607-174308/.
Full text
16
Matte, Célestin. "Wi-Fi tracking : Fingerprinting attacks and counter-measures." Thesis, Lyon, 2017. http://www.theses.fr/2017LYSEI114/document.
Full textAbstract:
Le récent développement des appareils portatifs possédant une interface Wi-Fi (smartphones, tablettes et « wearables ») s'accompagne d'une menace sur la vie privée de leurs utilisateurs, et sur la société toute entière. Ces appareils émettent en continu des signaux pouvant être capturés par un attaquant passif, à l'aide de matériel peu coûteux et de connaissances basiques. Ces signaux contiennent un identifiant unique appelé l'adresse MAC. Pour faire face à cette menace, les acteurs du secteur déploient actuellement une contre-mesure sur les appareils récents: le changement aléatoire de l'adresse MAC. Malheureusement, nous montrons que cette mesure, dans son état actuel, n'est pas suffisante pour empêcher le traçage des appareils. Pour cela, nous introduisons plusieurs attaques basées sur le contenu et la répartition temporelle des signaux. En complément, nous étudions les implémentations du changement aléatoire de l'adresse MAC sur des appareils récents, et trouvons un certain nombre de manquements limitant l'efficacité de ces implémentations à prévenir le traçage. En parallèle, nous effectuons deux études de terrain. La première s'attaque au développement des acteurs exploitant les problèmes cités plus haut afin d'installer des systèmes de traçage basés sur le Wi-Fi. Nous listons certaines de ces installations et examinons plusieurs aspects de ces systèmes : leur régulation, les implications en terme de vie privée, les questions de consentement et leur acceptation par le public. La seconde étude concerne la progression du changement aléatoire d'adresse MAC dans la population des appareils. Finalement, nous présentons deux outils : le premier est un système de traçage expérimental développé pour effectuer des tests et sensibiliser le public aux problèmes de vie privée liés à de tels systèmes. Le second estime l'unicité d'un appareil en se basant sur le contenu des signaux qu'il émet, même si leur identifiant est modifié<br>The recent spread of everyday-carried Wi-Fi-enabled devices (smartphones, tablets and wearable devices) comes with a privacy threat to their owner, and to society as a whole. These devices continuously emit signals which can be captured by a passive attacker using cheap hardware and basic knowledge. These signals contain a unique identifier, called the MAC address. To mitigate the threat, device vendors are currently deploying a countermeasure on new devices: MAC address randomization. Unfortunately, we show that this mitigation, in its current state, is insufficient to prevent tracking. To do so, we introduce several attacks, based on the content and the timing of emitted signals. In complement, we study implementations of MAC address randomization in some recent devices, and find a number of shortcomings limiting the efficiency of these implementations at preventing device tracking. At the same time, we perform two real-world studies. The first one considers the development of actors exploiting this issue to install Wi-Fi tracking systems. We list some real-world installations and discuss their various aspects, including regulation, privacy implications, consent and public acceptance. The second one deals with the spread of MAC address randomization in the devices population. Finally, we present two tools: an experimental Wi-Fi tracking system for testing and public awareness raising purpose, and a tool estimating the uniqueness of a device based on the content of its emitted signals even if the identifier is randomized
17
Wu, Jingqi. "Cooperative Jamming in Wireless Networks - Turning Attacks into Privacy Protection." ScholarWorks@UNO, 2008. http://scholarworks.uno.edu/td/885.
Full textAbstract:
Generally, collisions between packets are undesired in wireless networks. We design this scheme, Cooperative Jamming in Wireless Networks (CJWN), to make use of collision to protect secret DATA packets from being sniffed by a nearby eavesdropper. We are intending to greatly increase the Packet Error Rate (PER) at the eavesdropper when the PER at the receiver is maintained at an acceptable level. This scheme is not intended to completely take the place of various encryption/decryption schemes which are working based on successfully received packets. Adding CJWN to the popular CSMA/CA adopted in IEEE 802.11 will add more security even the key for encryption/decryption is already exposed. Because the overhead of CJWN is very big, we do not suggest using it on every transmission. When some secret packets have a high requirement of confidentiality, CJWN is worth trying at the cost of throughput performance and power.
18
Sargolzaei, Arman. "Time-Delay Switch Attack on Networked Control Systems, Effects and Countermeasures." FIU Digital Commons, 2015. http://digitalcommons.fiu.edu/etd/2175.
Full textAbstract:
In recent years, the security of networked control systems (NCSs) has been an important challenge for many researchers. Although the security schemes for networked control systems have advanced in the past several years, there have been many acknowledged cyber attacks. As a result, this dissertation proposes the use of a novel time-delay switch (TDS) attack by introducing time delays into the dynamics of NCSs. Such an attack has devastating effects on NCSs if prevention techniques and countermeasures are not considered in the design of these systems. To overcome the stability issue caused by TDS attacks, this dissertation proposes a new detector to track TDS attacks in real time. This method relies on an estimator that will estimate and track time delays introduced by a hacker. Once a detector obtains the maximum tolerable time delay of a plant’s optimal controller (for which the plant remains secure and stable), it issues an alarm signal and directs the system to its alarm state. In the alarm state, the plant operates under the control of an emergency controller that can be local or networked to the plant and remains in this stable mode until the networked control system state is restored.
In another effort, this dissertation evaluates different control methods to find out which one is more stable when under a TDS attack than others. Also, a novel, simple and effective controller is proposed to thwart TDS attacks on the sensing loop (SL). The modified controller controls the system under a TDS attack. Also, the time-delay estimator will track time delays introduced by a hacker using a modified model reference-based control with an indirect supervisor and a modified least mean square (LMS) minimization technique.
Furthermore, here, the demonstration proves that the cryptographic solutions are ineffective in the recovery from TDS attacks. A cryptography-free TDS recovery (CF-TDSR) communication protocol enhancement is introduced to leverage the adaptive channel redundancy techniques, along with a novel state estimator to detect and assist in the recovery of the destabilizing effects of TDS attacks. The conclusion shows how the CF-TDSR ensures the control stability of linear time invariant systems.
19
Maouche, Mohamed. "Protection against re-identification attacks in location privacy." Thesis, Lyon, 2019. http://www.theses.fr/2019LYSEI089.
Full textAbstract:
De nos jours, avec la large propagation de différents appareils mobiles, de nombreux capteurs accompagnent des utilisateurs. Ces capteurs peuvent servir à collecter des données de mobilité qui sont utiles pour des urbanistes ou des chercheurs. Cependant, l'exploitation de ces données soulèvent de nombreuses menaces quant à la préservation de la vie privée des utilisateurs. En effet, des informations sensibles tel que le lieu domicile, le lieu de travail ou même les croyances religieuses peuvent être inférées de ces données. Durant la dernière décennie, des mécanismes de protections appelées "Location Privacy Protection Mechanisms (LPPM)" ont été proposé. Ils imposent des guarenties sur les données (e.g., k-anonymity ou differential privacy), obfusquent les informations sensibles (e.g., efface les points d'intéret) ou sont une contre-mesure à des attaques particulières. Nous portons notre attention à la ré-identification qui est un risque précis lié à la préservation de la vie privée dans les données de mobilité. Il consiste en a un attaquant qui des lors qu'il reçoit une trace de mobilité anonymisée, il cherche à retrouver l'identifiant de son propriétaire en la rattachant à un passif de traces non-anonymisées des utilisateurs du système. Dans ce cadre, nous proposons tout d'abords des attaques de ré-identification AP-Attack et ILL-Attack servant à mettre en exergue les vulnérabilités des mécanismes de protections de l'état de l'art et de quantifier leur efficacité. Nous proposons aussi un nouveau mécanisme de protection HMC qui utilise des heat maps afin de guider la transformation du comportement d'un individu pour qu'il ne ressemble plus au soi du passée mais à un autre utilisateur, le préservant ainsi de la ré-identification. Cet modification de la trace de mobilité est contrainte par des mesures d'utilité des données afin de minimiser la qualité de service ou les conclusions que l'on peut tirer à l'aide de ces données<br>With the wide propagation of handheld devices, more and more mobile sensors are being used by end users on a daily basis. Those sensors could be leveraged to gather useful mobility data for city planners, business analysts and researches. However, gathering and exploiting mobility data raises many privacy threats. Sensitive information such as one’s home or workplace, hobbies, religious beliefs, political or sexual preferences can be inferred from the gathered data. In the last decade, Location Privacy Protection Mechanisms (LPPMs) have been proposed to protect user data privacy. They alter data mobility to enforce formal guarantees (e.g., k-anonymity or differential privacy), hide sensitive information (e.g., erase points of interests) or act as countermeasures for particular attacks. In this thesis, we focus on the threat of re-identification which aims at re-linking an anonymous mobility trace to the know past mobility of its user. First, we propose re-identification attacks (AP-Attack and ILL-Attack) that find vulnerabilities and stress current state-of-the-art LPPMs to quantify their effectiveness. We also propose a new protection mechanism HMC that uses heat maps to guide the transformation of mobility data to change the behaviour of a user, in order to make her look similar to someone else rather than her past self which preserves her from re-identification attacks. This alteration of mobility trace is constrained with the control of the utility of the data to minimize the distortion in the quality of the analysis realized on this data
20
Vuković, Ognjen, György Dán, and Gunnar Karlsson. "Traffic Analysis Attacks in Anonymity Networks : Relationship Anonymity-Overhead Trade-off." KTH, Kommunikationsnät, 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-122444.
Full textAbstract:
Mix networks and anonymity networks provide anonymous communication via relaying, which introduces overhead and increases the end-to-end message delivery delay. In practice overhead and delay must often be low, hence it is important to understand how to optimize anonymity for limited overhead and delay. In this work we address this question under passive traffic analysis attacks, whose goal is to learn the traffic matrix. For our study, we use two anonymity networks: MCrowds, an extension of Crowds, which provides unbounded communication delay and Minstrels, which provides bounded communication delay. We derive exact and approximate analytical expressions for the relationship anonymity for these systems. Using MCrowds and Minstrels we show that, contrary to intuition, increased overhead does not always improve anonymity. We investigate the impact of the system's parameters on anonymity, and the sensitivity anonymity to the misestimation of the number of attackers.<br><p>QC 20130522</p>
21
Bittl, Sebastian. "Efficient Secure Communication in VANETs under the Presence of new Requirements Emerging from Advanced Attacks." Doctoral thesis, Humboldt-Universität zu Berlin, 2017. http://dx.doi.org/10.18452/18419.
Full textAbstract:
Drahtlose ad-hoc Netzwerke zwischen Fahrzeugen, sog. Vehicular ad-hoc Networks (VANETs), bilden einen Ansatz zur Verbesserung der Verkehrssicherheit, indem sie zukünftige kooperative Fahrerassistenzsysteme ermöglichen. Diese Netzwerke erfordern ein hohes Sicherheitsniveau, sowohl in Bezug auf Datenintegrität und -authentizität als auch im Bereich Datenschutz. Aktuell verfügbare Technologien können diese Anforderungen nicht vollständig erfüllen. Etliche Nachteile aktueller VANET-Ansätze werden in dieser Arbeit aufgezeigt.
In dieser Arbeit werden drei Schachpunkte von ETSI ITS bzw. WAVE basierten VANETs identifiziert, welche Angriffe auf Teilnehmer dieser Netzwerke ermöglichen. Diese ergeben sich aus
1. konstanten und für Teilnehmer charakteristischen Datensätzen innerhalb der zyklisch versandten Statusnachrichten, welche den Datenschutz der Fahrzeuge und damit auch ihrer Fahrer gefährden,
2. die Strategie zur Verteilung von digitalen Zertifikaten von Zertifizierungsstellen erlaubt es selbst Angreifern mit minimalen Fähigkeiten (einzelner, statischer Angreifer von außerhalb des Netzwerkes) die Kanallast in einem großen Teilgebiet des Netzwerkes massiv zu erhöhen,
3. GNSS Manipulation durch sog. spoofing erlaubt Angriffe auf zeit- und ortsbasiere Informationen in Fahrzeugen, wodurch sich folgende Gefährdungen ergeben:
a. Der Grundanforderung Teilnehmer durch Nichtabstreitbarkeit der gesendeten Daten für ihr Verhalten zur Rechenschaft ziehen zu können wird die Grundlage entzogen, da der Zeitpunkt des Sendens der Daten nicht mehr sicher festgestellt werden kann.
b. Die Zugangskontrolle zum System wird gefährdet, da angegriffene Teilnehmer veraltete Nachrichten und digitale Zertifikate akzeptieren.
c. Angreifer können einen sog. Sybil Angriff durchführen.
Es ist notwendig die identifizierten Sicherheitsprobleme zu beheben um eine sichere Verwendung von VANETs für zukünftige kooperative Fahrerassistenzsysteme zu ermöglichen.
Weiterhin werden einige Designprobleme in ETSI ITS Protokollen identifiziert. Die bisherige Art der Nachrichtenzusammensetzung auf den einzelnen Protokollschichten führt häufig zu Gesamtnachrichten, welche die zulässige maximale Gesamtlänge auf niedrigen Protokollschichten überschreitet. Da solche Nachrichten nicht versandt werden könne, können diverse wichtige Datensätze nicht im Netzwerk verteilt werden. Außerdem ist keine verschlüsselte Ende-zu-Ende Kommunikation über eine Multi-Hop Verbindung möglich, da die notwendigen Routing-Informationen den weiterleitenden Teilnehmern nicht zur Verfügung stehen. Es werden Vorschläge diskutiert, wie diese Probleme gelöst werden können.
Zur Adressierung der genannten Probleme werden u.a. folgende Maßnahmen vorgeschlagen:
1. Eine sichere Zeitsynchronisierung in VANETs ist notwendig.
2. Das Speichern von mehreren Fahrzeug-Zertifikaten mit gleicher Laufzeit ist zu vermeiden.
3. Das Speichern von Fahrzeug-Zertifikaten mit zukünftiger Laufzeit ist auf ein Minimum zu begrenzen.
4. Konstante und gleichzeitig für Teilnehmer charakteristische Datensätze sind nicht zu versenden.
5. Weitere Mechanismen zur Minimierung der Kanallast durch Zertifikatsverteilung sind notwendig, u.a.
a. nach einem Pseudonymwechsel sollte dieser explizit signalisiert werden um das Versenden aller Zertifikate in der Umgebung durch die Detektion eines neuen Nachbarn zu verhindern.
b. es sollte keine Verteilung von Zertifikatsketten erfolgen, da einzelne Zertifikate ausreichen.
c. die Anzahl der Übermittlungen von Zertifikaten von Zertifizierungsstellen ist zu minimieren.
Die Anwendung der genannten Verbesserungen überwindet die meisten Sicherheitsprobleme (1,2, und 3c). Für die weiteren Probleme kann der notwendige Aufwand für einen erfolgreichen Angriff deutlich erhöht werden.<br>Vehicular ad-hoc networks (VANETs) are an important approach to increase future safety of driving by enabling cooperative advanced driver assistance systems. However, rigid security and privacy requirements employed to conducted wireless data exchange still pose significant challenges for VANET approaches. Several weaknesses of the current state of the art of VANET approaches from ETSI ITS as well as WAVE standard frameworks have been identified in this work.
Three main attack surfaces of ETSI ITS or WAVE based VANETs are identified in this thesis, which are
1. constant and distinctive content in data fields within frequently sent VANET messages highly endanger privacy of vehicles, and thereby also their drivers,
2. the distribution strategy of certificate authority (CA) certificates allows even a simple static outsider attacker to massively increase the channel load within a large area around the attacker, which significantly exceeds his own communication range, and
3. GNSS spoofing modifying time and position information inside nodes
a. endangers the basic system requirement of accountability by circumventing the nonrepudiation feature of the employed digital signature scheme,
b. endangers the access control system by forcing the acceptance of outdated messages and certificates, and
c. enables an attacker to perform a Sybil attack.
The identified security problems need to be overcome to re-enable secure usage of VANETs and ADASs, which are based on the information obtained via VANETs.
Several protocol design weaknesses of the ETSI ITS approach have been identified. It is found that the standardized way of cross layer message assembly leads to frequent violation of low layers’ maximum packet size restrictions. This causes inabilities to distribute important data sets from the application layer. Furthermore, confidential end-to-end encrypted communication over a multi-hop connection is impossible, as forwarders cannot access required routing information. This is caused by incorrect data encryption rules. Approaches to overcome the found shortcomings are proposed and evaluated.
To overcome the outlined security issues, several improvements have been proposed. These include,
1. secure time synchronization among nodes, but current mechanisms can hardly provide it,
2. caching of multiple pseudonym certificates being valid during the same time span is to be avoided,
3. pre-caching of pseudonym certificates valid in the future is to be limited to a minimum,
4. presence of constant but distinctive data sets within VANET messages has to be avoided to enable privacy conserving pseudonym changes,
5. mechanisms for limiting the channel load caused by certificate distribution are required, especially
a. after a pseudonym change the number of superficial pseudonym certificate distributions due to new neighbor detection should be limited by using explicit signaling of the change,
b. sending of certificate chains should be removed altogether, instead individual dissemination should be used for CA certificates, and
c. the number of CA certificate deliveries after a request for such a kind of certificate should be limited to a minimum by using targeted requests.
By employing the given improvements most of the found security weaknesses can be overcome (issues 1, 2 and 3c). For the remaining weaknesses the required capabilities for a successful attack can be made significantly more challenging.
22
Hoblos, Jalaa. "Selfish Node Misbehaving Statistical Detection with Active MAC Layer NAV Attack in Wireless Networks}." [Kent, Ohio] : Kent State University, 2006. http://rave.ohiolink.edu/etdc/view?acc%5Fnum=kent1164119272.
Full text
23
Onwubiko, Cyril. "A security framework for detecting enterprise-wide attacks in computer networks." Thesis, Kingston University, 2008. http://eprints.kingston.ac.uk/20301/.
Full textAbstract:
An integrated security framework is proposed for detecting enterprise-wide network attacks. The proposed framework defines three types of components, namely, sensor, analysis and response. Sensor components gather evidence about security attacks. Analysis components correlate and combine pieces of attack evidence gathered by sensors, in order to detect attacks perceived on the network. Response components execute recommended responses and can be configured to assist humans in executing security countermeasures. Both schematic and formal descriptions of the framework and its components are provided and discussed. General and specific requirements of each component are outlined. To integrate components of the framework together, a lightweight signalling mechanism referred to as "security spaces" is proposed. A security space is a type of "tuple space" that allows sensor, analysis and response components to connect, contribute and communicate security related information. Its application to distributed sensor, and federated sensor environments is described. The detection of enterprise-wide attacks targeting computer networks is accomplished by distributing sensors across the network to collate evidence of perceived attacks, which are communicated to the analysis component for further investigation. In the analysis, a novel approach in data fusion is applied. This approach is underpinned by the Dempster-Shafer theory of evidence that is utilised to collectively combine pieces of attack evidence gathered by the sensors. The fusion of sensor evidence assists to provide accurate detection of attacks perceived on the entire network. Further, to assist security administrators to visualise and mitigate perceived attacks, graph theory and graph matching algorithms are employed in the analysis. Hence, a graph model - pattern activity graph - is proposed and investigated in representing security attacks perceived on the network. Both graph isomorphism and subgraph iso-morphism are used to compare attack graph templates to data graphs obtained from security events. To validate the objectives of this research, a series of experiments were conducted on a testbed network, where live network traffic was monitored. A dataset comprising background data and attack data was gathered. Background data is normal data obtained by monitoring the testbed network. Attack data was generated through the attacks conducted on the monitored testbed LAN. The attacks were primarily network scans, network worms, web attacks, policy violations, and stealthy network scans attacks.
24
Rathinakumar, Saravana Manickam. "Research on efficiency and privacy issues in wireless communication." Thesis, University of Edinburgh, 2018. http://hdl.handle.net/1842/31294.
Full textAbstract:
Wireless spectrum is a limited resource that must be used efficiently. It is also a broadcast medium, hence, additional procedures are required to maintain communication over the wireless spectrum private. In this thesis, we investigate three key issues related to efficient use and privacy of wireless spectrum use. First, we propose GAVEL, a truthful short-term auction mechanism that enables efficient use of the wireless spectrum through the licensed shared access model. Second, we propose CPRecycle, an improved Orthogonal Frequency Division Multiplexing (OFDM) receiver that retrieves useful information from the cyclic prefix for interference mitigation thus improving spectral efficiency. Third and finally, we propose WiFi Glass, an attack vector on home WiFi networks to infer private information about home occupants. First we consider, spectrum auctions. Existing short-term spectrum auctions do not satisfy all the features required for a heterogeneous spectrum market. We discover that this is due to the underlying auction format, the sealed bid auction. We propose GAVEL, a truthful auction mechanism, that is based on the ascending bid auction format, that avoids the pitfalls of existing auction mechanisms that are based on the sealed bid auction format. Using extensive simulations we observe that GAVEL can achieve better performance than existing mechanisms. Second, we study the use of cyclic prefix in Orthogonal Frequency Division Multiplexing. The cyclic prefix does contain useful information in the presence of interference. We discover that while the signal of interest is redundant in the cyclic prefix, the interference component varies significantly. We use this insight to design CPRecycle, an improved OFDM receiver that is capable of using the information in the cyclic prefix to mitigate various types of interference. It improves spectral efficiency by decoding packets in the presence of interference. CPRecycle require changes to the OFDM receiver and can be deployed in most networks today. Finally, home WiFi networks are considered private when encryption is enabled using WPA2. However, experiments conducted in real homes, show that the wireless activity on the home network can be used to infer occupancy and activity states such as sleeping and watching television. With this insight, we propose WiFi Glass, an attack vector that can be used to infer occupancy and activity states (limited to three activity classes), using only the passively sniffed WiFi signal from the home environment. Evaluation with real data shows that in most of the cases, only about 15 minutes of sniffed WiFi signal is required to infer private information, highlighting the need for countermeasures.
25
Bengtsson, Filip, and Matteo Madrusan. "Near Field Communication Security concerns & applicable security in Android." Thesis, Högskolan Kristianstad, Fakulteten för naturvetenskap, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:hkr:diva-20996.
Full textAbstract:
Near Field Communication (NFC) is being used more frequent in smart devices, this raises security concerns whether the users information is secure from attackers. The thesis examines the threats that NFC on Android smartphones are exposed to, its countermeasures, as well as existing protocols that ensures the integrity and confidentiality of the users data. The results were achieved by a literature study, a questionnaire sent to companies that create products related to the subject as well as an experiment that was divided into two parts. The first part examined what information can be extracted from a debit card stored on an Android smartphone. The second part included a relay attack in which a purchase would be made with a victim’s debit card by using Android smartphones. The results shows that it is difficult to conduct any attack on the smart devices because of the limited range of NFC as well as the protocols available for making purchases with debit cards stored on smart devices disallows unauthorized applications and hardware to attack cards stored in smart devices.
26
Hulstrom-Garces, Erika. "Crisis public relations : how law enforcement agencies responded to the sniper attacks of 2002." Scholarly Commons, 2003. https://scholarlycommons.pacific.edu/uop_etds/584.
Full textAbstract:
Headlines of the sniper attacks were relentless for almost an entire month. During 22 days in October 2002, the snipers' killing spree injured three and killed ten people. The media converged on the story at a non-stop pace, and the public understandably was entitled to be alarmed. High-profile cases such as the sniper attacks draw a large amount of attention and, therefore, can become cases through which professionals and scholars alike can learn. The sniper incident is one such case that provides exceptional research possibilities.
The style and unique dialogue used in news conferences grabbed the attention of the media, the public, and the criminal community. How did law enforcement use public relations to help in its case? What crisis plan did Montgomery County, Maryland, the lead investigating department, implement? The goal of this research was to examine the crisis management plan of law enforcement when tragic situations such as the sniper attacks occur, and further to investigate agenda-setting within law enforcement's media services departments. This research was conducted as a case study, using interviews with public information officers of law enforcement agencies and numerous media reports including newspapers, news magazines, and television news.
Results from this case study revealed that communicating accurate information to both the media and the community in a crisis was a top priority. Additionally, it was shared that the public information officer's role is to be ready and on the scene of crises in order to disseminate precise information. In the sniper attack incident, law enforcement controlled the flow of information and, therefore, set the agenda for the media. Moreover, the Chief of Police, when he realized the enormity of the case, took on the role of spokesperson, because he did not want the PIO to bear the burden of responsibility.
27
Sundberg, Sarah. "Data Link Layer Security for Spacecraft Communication Implementation on FPGA." Thesis, Linköpings universitet, Informationskodning, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-168808.
Full textAbstract:
With increasing awareness of potential security threats there is a growing interest in communication security for spacecraft control and data. Traditionally commercial and scientific missions have relied on their uniqueness to prevent security breaches. During time the market has changed with open systems for mission control and data distribution, increased connectivity and the use of existing and shared infrastructure. Therefore security layers are being introduced to protect spacecraft communication. In order to mitigate the perceived threats, the Consultative Committee for Space Data Systems (CCSDS) has proposed the addition of communication security in the various layers of the communication model. This thesis describes and discuss their proposal and look into how this application should be implemented into the data link layer of the communication protocol to protect from timing attacks. An implementation of AES-CTR+GMAC is constructed in software to compare different key lengths and another implementation is constructed in synthesized VHDL for use on hardware to investigate the impact on area consumption on the FPGA as well as if it is possible to secure it from cache-timing attacks.
28
Alserhani, Faeiz. "A framework for correlation and aggregation of security alerts in communication networks : a reasoning correlation and aggregation approach to detect multi-stage attack scenarios using elementary alerts generated by Network Intrusion Detection Systems (NIDS) for a global security perspective." Thesis, University of Bradford, 2011. http://hdl.handle.net/10454/5430.
Full textAbstract:
The tremendous increase in usage and complexity of modern communication and network systems connected to the Internet, places demands upon security management to protect organisations' sensitive data and resources from malicious intrusion. Malicious attacks by intruders and hackers exploit flaws and weakness points in deployed systems through several sophisticated techniques that cannot be prevented by traditional measures, such as user authentication, access controls and firewalls. Consequently, automated detection and timely response systems are urgently needed to detect abnormal activities by monitoring network traffic and system events. Network Intrusion Detection Systems (NIDS) and Network Intrusion Prevention Systems (NIPS) are technologies that inspect traffic and diagnose system behaviour to provide improved attack protection. The current implementation of intrusion detection systems (commercial and open-source) lacks the scalability to support the massive increase in network speed, the emergence of new protocols and services. Multi-giga networks have become a standard installation posing the NIDS to be susceptible to resource exhaustion attacks. The research focuses on two distinct problems for the NIDS: missing alerts due to packet loss as a result of NIDS performance limitations; and the huge volumes of generated alerts by the NIDS overwhelming the security analyst which makes event observation tedious. A methodology for analysing alerts using a proposed framework for alert correlation has been presented to provide the security operator with a global view of the security perspective. Missed alerts are recovered implicitly using a contextual technique to detect multi-stage attack scenarios. This is based on the assumption that the most serious intrusions consist of relevant steps that temporally ordered. The pre- and post- condition approach is used to identify the logical relations among low level alerts. The alerts are aggregated, verified using vulnerability modelling, and correlated to construct multi-stage attacks. A number of algorithms have been proposed in this research to support the functionality of our framework including: alert correlation, alert aggregation and graph reduction. These algorithms have been implemented in a tool called Multi-stage Attack Recognition System (MARS) consisting of a collection of integrated components. The system has been evaluated using a series of experiments and using different data sets i.e. publicly available datasets and data sets collected using real-life experiments. The results show that our approach can effectively detect multi-stage attacks. The false positive rates are reduced due to implementation of the vulnerability and target host information.
29
Björklund, Filip, and Niklas Landin. "Board and Chip Diversity in Deep Learning Side-Channel Attacks : On ATtiny85 Implementations Featuring Encryption and Communication." Thesis, KTH, Skolan för industriell teknik och management (ITM), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-300766.
Full textAbstract:
Hardware security is an increasingly relevant topic because more and more systems and products are equipped with embedded microcontrollers. One type of threat against hardware security is attacks against encryption implementations in embedded hardware. The purpose of such attacks might be to extract the secret encryption key used to encrypt secret information that is being processed in the hardware. One type of such an attack that has gained more attention lately is side-channel attacks using deep learning algorithms. These attacks exploit the information that leaks from a chip in the form of the power the chip is consuming during encryption. In order to execute a side-channel attack assisted by deep learning, large amounts of data are needed for the neural network to train on. The data typically consists of several hundreds of thousands of power traces that have been captured from the profiling device. When the network has finished training, only a few power traces are required from a similar device to extract the key byte that has been used during encryption. In this project, the 8-bit microcontroller ATtiny85 was used as the victim device. AES-ECB 128 was used as the encryption algorithm. The goal of the project was to test how differences between boards and ATtiny85 chips affect the performance of side-channel attacks with deep learning. In the experiments, six different boards were used, where three of them had identical designs, and three of the boards had different designs. The data gathering was performed by measuring power consumption with an oscilloscope connected to a PC. The results showed that the similarity between the boards that were used for profiling and the boards that were attacked was the most important aspect for the attack to succeed with as few power traces as possible. If the board that was attacked was represented as a part of the training dataset, improved attack performance could be observed. If the training used data from several identical boards, no obvious improvement in attack performance could be seen. The results also showed that there are noticeable differences between identical ATtiny85 chips. These differences were obvious because the best attacks were the ones where the attacked chip was part of the training data set. There are several directions for future work, including how feasible these attacks are in real life scenarios and how to create efficient countermeasures.<br>Hårdvarusäkerhet blir mer aktuellt allt eftersom fler och fler system och produkter utrustas med mikrokontrollers. En typ av hot mot hårdvarusäkerhet är attacker mot krypteringsimplementationer i inbyggd hårdvara. Sådana attacker kan ha som syfte att försöka ta fram den krypteringsnyckel som används för att kryptera hemlig information som hanteras i hårdvaran. En sådan typ av attack, som undersökts mycket under senare år, är sidokanalsattacker där djupinlärningsalgoritmer används. Dessa attacker utnyttjar den information som läcker från ett chip genom den ström som chippet förbrukar. För att kunna utföra en sidokanalsattack med hjälp av djupinlärning krävs stora mängder data för att träna det neurala nätverket som utgör djupinlärningen. Datan består vanligtvis av flera hundra tusen strömförbrukningsspår tagna från chippet som är tänkt att attackeras. Denna data märks upp med vilken nyckel och text som använts vid krypteringen, eftersom metoden som används är övervakad inlärning. När nätverket är färdigtränat krävs bara ett fåtal strömförbrukningsspår från ett liknande chip för att ta reda på vilken nyckel som används i krypteringen. I detta projekt användes ATtiny85, en 8-bitars mikrokontroller, som det utsatta chippet för attacken. 128 bitars AES-ECB användes som krypteringsalgoritm. Målet med projektet var att testa hur olikheter mellan olika kretskort och olika identiska ATtiny85-chip påverkar resultaten av sidokanalsattacker med djupinlärning. I testerna användes sex olika kretskort, där tre stycken var likadana varandra, och tre stycken var olika varandra. Datainsamlingen skedde genom att mäta strömförbrukningen med ett oscilloskop kopplat till en dator. Resultaten visade att likheten mellan de kretskort som användes för att samla in data och kretskortet som attackeras är den viktigaste faktorn för att attacken ska lyckas med hjälp av så få insamlade strömförbrukningsspår som möjligt. Om det kretskort som attackeras är representerat som en del av träningsdatamängden ses också förbättrade effekter i attackresultaten. Om träningen sker på flera identiska kretskort kunde ingen tydlig förbättring av attackerna observeras. Resultaten visade också att det finns skillnader mellan olika identiska ATtiny85-chip. Dessa skillnader visar sig i att en attack lyckas bäst om det attackerade chippet ingick i träningsdatamängden. Framtida studier kan bland annat undersöka hur effektiva dessa attacker är i en realistisk miljö samt om det är möjligt att skapa effektiva motåtgärder.
30
Mendoza, Patricia A. "An enhanced method for the existing bluetooth pairing protocol to avoid impersonation attacks." To access this resource online via ProQuest Dissertations and Theses @ UTEP, 2009. http://0-proquest.umi.com.lib.utep.edu/login?COPT=REJTPTU0YmImSU5UPTAmVkVSPTI=&clientId=2515.
Full text
31
Wahlgren, Alex, and Joakim Thorn. "Detecting ADS-B spoofing attacks : using collected and simulated data." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-179040.
Full textAbstract:
In a time where general technology is progressing at a rapid rate, this thesis aims to present possible advancements to security in regard to air traffic communication. By highlighting how data can be extracted using simple hardware and open-source software the transparency and lack of authentication is showcased. The research is specifically narrowed down to discovering vulnerabilities of the ADS-B protocol in order to apply countermeasures. Through fetching live aircraft data with OpenSky-Network and through fetching simulated ADS-B attack data with OpenScope, this thesis develops a data set with both authentic and malicious ADS-B messages. The data set was cleaned in order to remove outliers and other improper data. A machine learning model was later trained with the data set in order to detect malicious ADS-B messages. With the use of Support Vector Machine (SVM), it was possible to produce a model that can detect four different types of aviation communications attacks as well as allow authentic messages to pass through the IDS. The finished model was able to detect incoming ADS-B attacks with an overall accuracy of 83.10%.
32
de, Waern Henrik. "Computer Network Attack som olovligt våld : en fråga om association, effekt, aktör och mål." Thesis, Swedish National Defence College, Swedish National Defence College, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:fhs:diva-22.
Full textAbstract:
<p>I Estland 2007 utbröt vad som kommit att kallas ”Cyberwar I”, vari ett stort antal centrala myndigheters, tillika finansiella institutioners servrar attackerades av massiva så kallade Computer Network Attacks (CNA), utfört av framförallt ryska aktörer. Estland protesterade högljutt, men frågan huruvida CNA är att beteckna som olovligt är allt annat än klar. Prövningen sker mot den folkrättsliga regimen <em>Jus ad Bellum, </em>och huruvida metoden uppfyller vissa centrala begrepp. Men hur skall denna regim<em> </em>appliceras CNA?</p><p>De frågeställningar som avses besvaras är: hur kan CNA utgöra <em>våld </em>eller <em>hot om våld</em> i enlighet med FN-stadgans artikel 2(4) samt hur kan CNA utgöra <em>väpnat angrepp</em> i enlighet med FN-stadgans artikel 51? Detta avses göras genom en studie inbegripande flertalet folkrättsliga experters teorier på området CNA och våldsanvändning, samt applicering av desamma på en fallstudie av händelserna i Estland 2007.</p><p>Sammanfattningsvis konstateras att flertalet variabler har bärighet i hur CNA kan uppfylla artiklarnas centrala begrepp, vari frågan om <em>association, effekt, aktör </em>och <em>mål</em> tydligast faller ut. I en efterföljande diskussion påvisas dock hur variablerna endast är att betrakta som indicier på hur CNA kan klassas så som olovligt, varvid endast statspraxis kan ge den slutgiltiga bedömningen.</p>
33
He, Xiaobing [Verfasser], Hermann de [Akademischer Betreuer] Meer, and Stefan [Akademischer Betreuer] Rass. "Threat Assessment for Multistage Cyber Attacks in Smart Grid Communication Networks / Xiaobing He ; Hermann de Meer, Stefan Rass." Passau : Universität Passau, 2017. http://d-nb.info/114461144X/34.
Full text
34
Væver, Kronborg Katja. "The Stockholm Terror Attack 2017 : How Domestic and International Online News Media Framed the Act and Empowered Involved Actors." Thesis, Högskolan för lärande och kommunikation, Högskolan i Jönköping, HLK, Medie- och kommunikationsvetenskap, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:hj:diva-40859.
Full textAbstract:
The aim of this comparative study has been to identify similarities and differences in Swedish and British media’s framing and empowerment of actors in relation to the 2017 Stockholm terror attack. Theories on the risk society, framing, power and CDA have been used to create a framework that gives a deeper understanding of media’s role in framing actors and events, and how this can potentially affect the public. Moreover, to determine how media use their power to dis- tribute power among the actors and objects that are part of such an attack. A critical discourse analysis has been carried out on excerpts from a total of 15 articles, seven and six from Sweden and Britain respectively. In this analysis, both framing and power issues were identified, which was used to conduct a discussion on the findings in relation to the the- oretical framework used. It was found that while Sweden and Britain are part of the same culture and therefore largely covered the terror attack the same way, there was a significant difference in the portrayal of the perpetrator. Swedish media had a tendency to use othering and describe the perpetrator as one of “them” as opposed to the “we”. British media, on the other hand, made use of other- ing as well, but would also offer descriptions that could make the “we” relate to him. This difference can potentially be due to the fact that Swedes have been more emotional about the attack, as it happened in their own country. The distribution of power between actors were done similarly in both countries. Two power- plays were identified: the police vs. the perpetrator, and the act (the truck) vs. the public. In order to avoid giving the perpetrator credit for the act, when the act was portrayed, the truck would be described as the powerful actor. Thus, even though it is common sense that the truck did not drive into people on itself, the perpetrator’s actions has not been acknowledged in the media. Instead, when describing the perpetrator, it has been done in relation to the police, who were described as the powerful actors – they caught the perpetrator, i.e. he did not have the power to avoid them or escape. Thus, while Swedish and British media largely have covered the act the same way and with the same means, the Swedish media have used emotional means to further othering.
35
Haq, Izaz ul. "Information and Communication Technologies, Globalization and Terrorism : An empirical analysis of terrorist attacks around the world from 1991-2006." Thesis, Norges teknisk-naturvitenskapelige universitet, Institutt for datateknikk og informasjonsvitenskap, 2010. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-11878.
Full textAbstract:
Based on the empirical analysis of the terrorist activities, we can say that developed and globalized countries are more safer than the developing countries. The terrorist attacks are considerably low in these countries.To analyze the role of new technologies in terrorism and the actual use of ICT in terrorism, I have focused on the terrorist groups operating in Pakistan. These groups are taking advantage of these technologies in many ways like, Recruiting, Propaganda, Fund raising etc.Answer to the question of Islamic terrorist threat to the West again based on the empirical analysis. The analysis shows that Islamic terrorism is on continuous decline. Islamic terrorist groups are involved highly in other countries, especially Muslim majority countries. The analysis also showed that there is very less impact of the the new technologies on Islamic terrorism.
36
Kero, Chanelle. "A Literature Review of Connected and Automated Vehicles : Attack Vectors Due to Level of Automation." Thesis, Luleå tekniska universitet, Institutionen för system- och rymdteknik, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-80322.
Full textAbstract:
The manufacturing of connected and automated vehicles (CAVs) is happening and they are aiming at providing an efficient, safe, and seamless driving experience. This is done by offering automated driving together with wireless communication to and from various objects in the surrounding environment. How automated the vehicle is can be classified from level 0 (no automation at all) to level 5 (fully automated). There is many potential attack vectors of CAVs for attackers to take advantage of and these attack vectors may change depending on what level of automation the vehicle have. There are some known vulnerabilities of CAVs where the security has been breached, but what is seemed to be lacking in the academia in the field of CAVs is a place where the majority of information regarding known attack vectors and cyber-attacks on those is collected. In addition to this the attack vectors may be analyzed for each level of automation the vehicles may have. This research is a systematic literature review (SLR) with three stages (planning, conducting, and report) based on literature review methodology presented by Kitchenham (2004). These stages aim at planning the review, finding articles, extracting information from the found articles, and finally analyzing the result of them. The literature review resulted in information regarding identified cyberattacks and attack vectors the attackers may use as a path to exploit vulnerabilities of a CAV. In total 24 types of attack vectors were identified. Some attack vectors like vehicle communication types, vehicle applications, CAN bus protocol, and broadcasted messages were highlighted the most by the authors. When the attack vectors were analyzed together with the standard of ‘Levels of Driving Automation’ it became clear that there are more vulnerabilities to consider the higher level of automation the vehicle have. The contributions of this research are hence (1) a broad summary of attack vectors of CAVs and (2) a summary of these attack vectors for every level of driving automation. This had not been done before and was found to be lacking in the academia.
37
Zhu, Hua. "A Critical-Dramatistic Study of Rhetoric: Analyzing Ideological Representations of China in the Reporting of the Kunming Attack." Miami University / OhioLINK, 2015. http://rave.ohiolink.edu/etdc/view?acc_num=miami1430085109.
Full text
38
Hulstrom-Garces, Erika. "Crisis public relations : how law enforcement agencies responded to the sniper attacks of 2002 : a thesis." Scholarly Commons, 2001. https://scholarlycommons.pacific.edu/uop_etds/584.
Full textAbstract:
Headlines of the sniper attacks were relentless for almost an entire month. During 22 days in October 2002, the snipers' killing spree injured three and killed ten people. The media converged on the story at a non-stop pace, and the public understandably was entitled to be alarmed. High-profile cases such as the sniper attacks draw a large amount of attention and, therefore, can become cases through which professionals and scholars alike can learn. The sniper incident is one such case that provides exceptional research possibilities.
The style and unique dialogue used in news conferences grabbed the attention of the media, the public, and the criminal community. How did law enforcement use public relations to help in its case? What crisis plan did Montgomery County, Maryland, the lead investigating department, implement? The goal of this research was to examine the crisis management plan of law enforcement when tragic situations such as the sniper attacks occur, and further to investigate agenda-setting within law enforcement's media services departments. This research was conducted as a case study, using interviews with public information officers of law enforcement agencies and numerous media reports including newspapers, news magazines, and television news.
Results from this case study revealed that communicating accurate information to both the media and the community in a crisis was a top priority. Additionally, it was shared that the public information officer's role is to be ready and on the scene of crises in order to disseminate precise information. In the sniper attack incident, law enforcement controlled the flow of information and, therefore, set the agenda for the media. Moreover, the Chief of Police, when he realized the enormity of the case, took on the role of spokesperson, because he did not want the PIO to bear the burden of responsibility.
39
Stepura, I. S., and M. A. Sablina. "The Experience of Using Social Networks to Attract Students to Scientific Research." Thesis, Sumy State University, 2016. http://essuir.sumdu.edu.ua/handle/123456789/47043.
Full textAbstract:
Nowadays, the effective use of information and communication technologies plays a significant role in the educational process. The article is about the possibilities of using social networking for educational purposes.
40
Thornberg, Jack. "Distant Suffering : A multimodal analysis of the politics of pity in news agencies’ mediation of the chemical weapons attack on Khan Sheikhoun." Thesis, Försvarshögskolan, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:fhs:diva-7014.
Full textAbstract:
This thesis explores of how American and British television mediated the crisis that started with the 4 April 2017 alleged chemical attack in Syria and culminated with the subsequent attack on Syria by the United States 7 April 2017. It builds upon a rich literature and focuses on the politics of pity in the mediated representation of distant suffering as set out by Luc Boltanski. The thesis utilizes a methodological approach which merges Lilie Chouliaraki’s ‘analytics of mediation’ with Roxanne Lynn Doty’s view of discourse analysis. The results find that CNNW mediated the distant suffering based on ostensibly a priori knowledge, whereas BBC News was more inclined to guide the spectators along a line of investigative reasoning.
41
Stagkopoulou, Alexandra. "Simulative Evaluation of Security Monitoring Systems based on SDN." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-193710.
Full textAbstract:
Software Defined Networks (SDN) constitute the new communication paradigm ofprogrammable computer networks. By decoupling the control and date plane the networkmanagement is easier and more flexible. However, the new architecture is vulnerable to anumber of security threats, which are able to harm the network. Network monitoringsystems are pivotal in order to protect the network. To this end, the evaluation of a networkmonitoring system is crucial before the deployment of it in the real environment. Networksimulators are the complementary part of the process as they are necessary during theevaluation of the new system’s performance at the design time. This work focuses on providing a complete simulation framework which is able to(i) support SDN architectures and the OpenFlow protocol, (ii) reproduce the impact ofcyber and physical attacks against the network and (iii) provide detection and mitigationtechniques to address Denial-of-Service (DoS) attacks. The performance of the designedmonitoring system will be evaluated in terms of accuracy, reactiveness and effectiveness.The work is an extension of INET framework of OMNeT++ network simulator.<br>Software Defined Networks (SDN) utgör den nya kommunikationsmodellen av programmerbara datornätverk. Genom separation av kontroll- och dataplanet blir administrativ hantering av datornätverk enklare och flexiblare. Arkitekturen öppnar emellertid upp nya säkerthets hot, övervakningssystem är därför väsentliga för att skydda datornätverk. Till följd av detta är utvärdering av övervakningssystem kritiskt innan driftsättning i produktionsmiljö. Nätverkssimulatorer är den kompletterande delen i processen då de är nödvändiga för utvärdering av systemets prestanda under design fasen. Detta arbete fokuserar på att tillföra ett komplettet simulations ramverk vilket är kapabelet till; (i) ge stöd för SDN arkitekturer och OpenFlow protokollet, (ii) reproducera skadegörelsen av cyber- och fysiska attacker mot datornäterk och (iii) förse sätt att upptäcka och mildra Denial-of-Service (DoS) attacker. Prestanda av det designade övervakningssystemet är utvärderat i form av exakthet, responstid och effektivitet. Arbetet är en utvidgning av INET ramverket, som är del av OMNeT++ network simulator.
42
Park, DongGook. "Cryptographic protocols for third generation mobile communication systems." Thesis, Queensland University of Technology, 2001.
Find full text
43
Gharbi, Imen. "Tatouage pour le renforcement de la qualité audio des systèmes de communication bas débit." Phd thesis, Université René Descartes - Paris V, 2013. http://tel.archives-ouvertes.fr/tel-00817318.
Full textAbstract:
L'objectif de cette thèse est d'étudier l'idée du tatouage dans le traitement du son.Les recherches en tatouage audio se sont principalement tournées vers des applications sécuritaires ou de transmission de données auxiliaires. Une des applications visées par ce concept consiste à améliorer la qualité du signal hôte ayant subi des transformations et ceci en exploitant l'information qu'il véhicule. Le tatouage audio est donc considéré comme mémoire porteuse d'informations sur le signal originel. La compression à bas débit des signaux audio est une des applications visée par ce concept. Dans ce cadre, deux objectifs sont proposés : la réduction du pré-écho et de l'amollissement d'attaque, deux phénomènes introduits par les codeurs audio perceptifs, en particulier les codeurs AAC et MP3; la préservation de l'harmonicité des signaux audio dégradée par les codeurs perceptifs à extension de bande, en particulier le codeur HE-AAC.La première partie de ce manuscrit présente les principes de base des systèmes de codage bas débit et étudie les différentes distorsions introduites par ces derniers. Fondées sur cette étude, deux solutions sont proposées. La première, visant principalement la réduction du pré-écho, consiste à corriger l'enveloppe temporelle du signal après réception en exploitant la connaissance a priori de l'enveloppe temporelle du signal original, supposée transmise par un canal auxiliaire à faible débit (< 500 bits/s). La seconde solution vise à corriger les ruptures d'harmonicité générées par les codeurs à extension de bande. Ce phénomène touche essentiellement les signaux fortement harmoniques (exemple : violon) et est perçu comme une dissonance. Une préservation de l'harmonicité des signaux audio par des opérations de translation spectrale est alors proposée, les paramètres étant là encore transmis par un canal auxiliaire à faible débit.La seconde partie de ce document est consacrée à l'intégration du tatouage audio dans les techniques de renforcement de la qualité des signaux audio précitées. Dans ce contexte, le tatouage audio remplace le canal auxiliaire précédent et œuvre comme une mémoire du signal originel, porteuse d'informations nécessaires pour la correction d'harmonicité et la réduction de pré-écho. Cette seconde partie a été précédée par une étape approfondie de l'évaluation des performances de la technique de tatouage adoptée en terme de robustesse à la compression MPEG (MP3, AAC et aacPlus).
44
Tanase, Karlsson Sandra. "Intern kommunikation under krissituation : en kvalitativ studie av Polismyndighetens interna kommunikation under och efter terrorattentatet i december 2010." Thesis, Södertörns högskola, Institutionen för kommunikation, medier och it, 2011. http://urn.kb.se/resolve?urn=urn:nbn:se:sh:diva-9339.
Full textAbstract:
Att ha en välfungerande intern kommunikation inom en organisation är av yttersta vikt. Att dessutom ha en välfungerande intern kommunikation under en krishändelse är fundamental. Idag hamnar samhällen och organisationer ofta i olika typer av problematiska och hotfulla situationer. Detta är nästintill oundvikligt. Det som dock är hanterbart är kommunikation kring dessa situationer. Vintern 2010 sattes Polismyndighetens kommunikation på prov i och med ett terrorattentat där en självmordsbombare sprängde sig i centrala Stockholm. Denna uppsats tar sikte på att studera och undersöka polisens interna kommunikation under denna händelse. Avsikten är att redogöra för huruvida retoriska strategier så som retorisk situation, definition och angreppssätt, tagits i beaktande under den interna kommunikationens skapande och förmedlande. Genom användandet av en kvalitativ fallstudie som metod analyserade den interna skriftliga kommunikationen. Studien visar att flera delar inom den interna kriskommunikationen kan sammankopplas med olika retoriska strategier och modeller. Dock finns det delar som kan förbättras rent retoriskt.<br>To have an effective internal communication within an organization is of utmost importance. To also have a well-functioning internal communication during a crisis event is fundamental. Today, communities and organizations are often placed in different types of problematic and threatening situations. This is almost inevitable. However, the communication about these situations is manageable. In the winter of 2010 the communication of the Police Authority were put to the test, because of a terrorist attack that also included a suicide bomber. This essay aims and investigates the police's internal communication process during this event. The intention is to report on whether rhetorical strategies such as rhetorical situation, definition and approach, has been taken into consideration in the internal communication. Through the use of a qualitative case study method the internal written communication were analyzed. The study indicates that several elements within the internal crisis communication can be linked with various rhetorical strategies and models. However, there are parts that can be improved.
45
Bittl, Sebastian [Verfasser], Björn [Gutachter] Scheuermann, Frank [Gutachter] Kargl, and Falko [Gutachter] Dressler. "Efficient Secure Communication in VANETs under the Presence of new Requirements Emerging from Advanced Attacks / Sebastian Bittl ; Gutachter: Björn Scheuermann, Frank Kargl, Falko Dressler." Berlin : Humboldt-Universität zu Berlin, 2017. http://d-nb.info/1189330423/34.
Full text
46
Mekhitarian, Araxi, and Amir Rabiee. "A simulation study of an application layer DDoS detection mechanism." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-191145.
Full textAbstract:
Over the last couple of years the rise of application layer Distributed Denial of Service (DDoS) attacks has significantly increased. Because of this, many issues have been raised on how organizations and companies can protect themselves from intrusions and damages against their systems and services. The consequences from these attacks are many, ranging from revenue losses for companies to stolen personal data. As the technologies are evolving, application layer DDoS attacks are becoming more effective and there is not a concrete solution that entirely protects against them. This thesis focuses on the available defense mechanisms and presents a general overview of different types of application layer DDoS attacks and how they are constructed. Moreover this report provides a simulation based on one of the defense mechanisms mentioned, named CALD. The simulation tested two different application layer DDoS attacks and showed that CALD can detect and differentiate between the two attacks. This report can be used as a general information source for application layer DDoS attacks, how to detect them and how to defend against them. Furthermore the simulation can be used as a basis on how well a relatively small-scaled implementation of CALD can detect DDoS attacks on the application layer.<br>Under de senaste åren har ökningen av Distributed Denial of Service (DDoS) attacker på applikationslagret ökat markant. På grund av detta har många frågor uppkommit om hur organisationer och företag kan skydda sig mot intrång och skador mot sina system och tjänster. Konsekvenserna av dessa attacker är många, allt från intäktsförluster för företag till stulen personlig data. Eftersom tekniken utvecklas, har DDoS attacker på applikationslagret blivit mer effektiva och det finns inte en konkret lösning för att hindra dem. Denna rapport fokuserar på de tillgängliga försvarsmekanismer och presenterar en allmän översikt över olika typer av DDoS-attacker på applikationslagret och hur de är uppbyggda. Dessutom bidrar den här rapporten med en redovisning av en simulering baserad på en av de försvarsmekanismer som nämns i rapporten, CALD. Simuleringen testade två olika attacker på applikationslagret och visar att CALD kan upptäcka och skilja mellan de två attackerna. Denna rapport kan användas som en allmän informationskälla för DDoSattacker på applikationslagret och hur man försvarar sig mot och upptäcker dessa. Vidare kan simuleringen användas som utgångspunkt på hur väl en relativt småskalig implementering av CALD kan upptäcka DDoS-attacker på applikationslagret.
47
Gharbi, Imen. "Tatouage pour le renforcement de la qualité audio des systèmes de communication bas débit." Electronic Thesis or Diss., Paris 5, 2013. http://www.theses.fr/2013PA05S004.
Full textAbstract:
L'objectif de cette thèse est d'étudier l'idée du tatouage dans le traitement du son.Les recherches en tatouage audio se sont principalement tournées vers des applications sécuritaires ou de transmission de données auxiliaires. Une des applications visées par ce concept consiste à améliorer la qualité du signal hôte ayant subi des transformations et ceci en exploitant l'information qu'il véhicule. Le tatouage audio est donc considéré comme mémoire porteuse d'informations sur le signal originel. La compression à bas débit des signaux audio est une des applications visée par ce concept. Dans ce cadre, deux objectifs sont proposés : la réduction du pré-écho et de l'amollissement d'attaque, deux phénomènes introduits par les codeurs audio perceptifs, en particulier les codeurs AAC et MP3; la préservation de l'harmonicité des signaux audio dégradée par les codeurs perceptifs à extension de bande, en particulier le codeur HE-AAC.La première partie de ce manuscrit présente les principes de base des systèmes de codage bas débit et étudie les différentes distorsions introduites par ces derniers. Fondées sur cette étude, deux solutions sont proposées. La première, visant principalement la réduction du pré-écho, consiste à corriger l'enveloppe temporelle du signal après réception en exploitant la connaissance a priori de l'enveloppe temporelle du signal original, supposée transmise par un canal auxiliaire à faible débit (< 500 bits/s). La seconde solution vise à corriger les ruptures d'harmonicité générées par les codeurs à extension de bande. Ce phénomène touche essentiellement les signaux fortement harmoniques (exemple : violon) et est perçu comme une dissonance. Une préservation de l'harmonicité des signaux audio par des opérations de translation spectrale est alors proposée, les paramètres étant là encore transmis par un canal auxiliaire à faible débit.La seconde partie de ce document est consacrée à l'intégration du tatouage audio dans les techniques de renforcement de la qualité des signaux audio précitées. Dans ce contexte, le tatouage audio remplace le canal auxiliaire précédent et œuvre comme une mémoire du signal originel, porteuse d'informations nécessaires pour la correction d'harmonicité et la réduction de pré-écho. Cette seconde partie a été précédée par une étape approfondie de l'évaluation des performances de la technique de tatouage adoptée en terme de robustesse à la compression MPEG (MP3, AAC et aacPlus)<br>The goal of this thesis is to explore the idea of watermark for sound enhancement. Classically, watermark schemes are oriented towards security applications or maximization of the transmitted bit rates. Our approach is completely different. Our goal is to study how an audio watermarking can improve the quality of the host audio signal by exploiting the information it conveys. The audio watermarking is considered as a memory that carries information about the original signal.The low bitrate compression of audio signals is one of the applications covered by this concept. In this context, two objectives are proposed: reducing the pre-echo and the attack softening, two phenomena introduced by the perceptual audio coders, particularly AAC and MP3 encoders ; preserving the harmonicity of audio signals, distorted by coders with bandwidth extension, especially HE-AAC encoder. These coders are limited in the reconstruction of the high-frequency spectrum mainly because of the potential unpredictability of the fine structure of the latter, as well as imperfect indicators of tonal to noise.The first part of this manuscript presents the basic principles of low rate coding systems and studies the various distortions introduced by the latter. Based on this study, two solutions are proposed. The first one, principally aimed at reducing the pre-echo, consist in correcting the time envelope of the signal after reception by exploiting the prior knowledge of the temporal envelope of the original signal, which is assumed transmitted by an auxiliary channel at low bitrates (<500 bps). The second solution is to correct the harmonicity generated by coders with bandwidth extension. This primarily affects strongly harmonic signals (e.g. violin) and is perceived as a dissonance. We propose then to preserve the harmonicity of audio signals by spectral translations. The parameters being passed again by an auxiliary channel at low bitrates.The second part of this document is dedicated to the integration of audio watermarking techniques in the solution presented in the first part. In this context, the audio watermarking replaces the previous auxiliary channel and is regarded as a memory of the original signal, carrying information necessary for the correction of harmonicity and the pre-echo reduction
48
Hatfield, Katherine L. "A culture of terror rises out of the dust : a rhetorical analysis of iconic imagery in the aftermath of 9/11 /." View abstract, 2006. http://wwwlib.umi.com/dissertations/fullcit/3203332.
Full text
49
Lewis, Michael J. "Representations and Discourse of Torture in Post 9/11 Television: An Ideological Critique of 24 and Battlestar Galactica." Bowling Green State University / OhioLINK, 2008. http://rave.ohiolink.edu/etdc/view?acc_num=bgsu1205864439.
Full text
50
Amoordon, Andy. "Méthodes de détection d'attaques cybernétiques par une surveillance multicouches de communication." Electronic Thesis or Diss., Université de Lille (2022-....), 2022. http://www.theses.fr/2022ULILN042.
Full textAbstract:
Les réseaux sans-fil sont de plus en plus utilisés. La popularité de ces réseaux est due au fait que ces réseaux permettent de créer, modifier et étendre facilement un réseau informatique. Les réseaux sans-fil sont également particulièrement nécessaires pour relier des équipements mobiles tels que des montres connectées, voitures connectées, drones. Les réseaux sans-fil sont également utilisés dans le secteur du transport et de la sécurité pour relier les trains avec le centre de contrôle ou les caméras avec le centre d'enregistrement. Toutefois, contrairement aux réseaux filaires, dans les réseaux sans-fil, les transmissions ne sont pas isolées dans des câbles, mais transmises en utilisant généralement des antennes omnidirectionnelles. Pour ces raisons, il est plus facile d'écouter et d'émettre sans autorisation sur ces réseaux - les rendent ainsi plus vulnérables à certains types d'attaques. Dans cette thèse, nous nous sommes intéressés à la détection des trois différentes attaques sur les réseaux sans-fil IEEE 802.11 (Wi-Fi). Les trois attaques sont l'attaque par faux point d'accès et deux attaques de déni de service : notamment l'attaque par déauthentication et l'attaque par brouillage. Dans la littérature scientifique, les méthodes existantes proposent de détecter ces attaques de manière isolée et en analysant uniquement un ou deux indicateurs.Nous proposons une méthode utilisant des algorithmes de classification pour créer un modèle, capable de détecter les trois attaques en analysant quatre indicateurs simultanément. Le modèle peut également détecter les attaques lorsqu'elles sont réalisées de manière indépendante ou lorsqu'elles sont cumulées entre elles. Concernant les données utilisées pour créer le modèle, sur les trois types de trames qui peuvent être émis sur un réseau Wi-Fi, nous avons considéré exclusivement, les trames de gestion et plus particulièrement les trames de beacon. Les trames de beacon sont régulièrement émises même en l'absence de trafic utilisateur, ce qui rend le modèle plus efficace. Nous avons aussi considéré des variations concernant le débit du réseau (absence de trafic, trafic léger, moyen et intense) et la puissance du signal de brouillage (puissance forte, moyenne et faible). Les résultats montrent que le modèle arrive à détecter les attaques par faux point d'accès, par déauthentication, par brouillage (faible et moyenne puissance) avec grande précision et l'attaque par brouillage de forte puissance, avec une précision satisfaisante. Nous avons pu nettement augmenter la précision de détection de cette dernière variation en prenant en compte les trames de beacon d'un deuxième point d'accès éloigné du réseau. Enfin, nous avons aussi considéré le cas particulier des transmissions Wi-Fi sur la bande 5 GHz et les faux points d'accès fantômes<br>Wireless networks are nowadays indispensable components of telecommunication infrastructures. They offer flexibility, mobility and rapid expansion of telecommunication infrastructures. They are also particularly needed to connect mobile devices such as connected cars, watches and drones. Wireless networks are also used in the transport and security sector to connect trains and cameras to monitoring systems. However, in contrary to wired networks in which transmission are isolated in wires, in wireless networks, transmissions are emitted using omnidirectional antennas. This makes wireless networks more vulnerable to unauthorised listening, emission and some specific attacks. In this thesis, we have worked on the detection of three different types of attacks on IEEE 802.11 (Wi-Fi) networks. The three attacks are fake access points and two denial of service attacks namely, deauthentication and jamming attacks. In scientific literature, these three attacks are detected independently and using one or two indicators.We propose a method that uses classification algorithms to create a model that can detect the three attacks by analysing four indicators simultaneously. The model can detect the attacks when they are perpetuated independently and also when they are combined. Concerning data used to create the model, among the three different types of frames that can be transmitted on Wi-Fi networks, we have considered only management frames and more particularly, beacon frames. Beacon frames are sent at regular interval and even in the absence of user traffic. Therefore, basing the detection on the analysis of beacon frames leads to a more efficient detection. In this thesis, we have also considered variations in data rates (absence of user traffic, light, moderate and intense user traffic) and in jamming power (low, moderate and high jamming power). Results show that the model can detect fake access points, deauthentication and jamming attacks (low and moderate power) with high precision. The jamming attack with intense power is detected with satisfying precision. By considering the beacon frames of a farther second access point of the network, we have been able to increase detection precision in the latter case. Finally, we have considered special cases such as Wi-Fi transmissions in the 5 GHz band and the phantom fake access point attack