Relevant bibliographies by topics / Computer networks Computers Computer security / Dissertations / Theses
To see the other types of publications on this topic, follow the link: Computer networks Computers Computer security.

Dissertations / Theses on the topic 'Computer networks Computers Computer security'

Author: Grafiati
Published: 4 June 2021
Last updated: 10 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 dissertations / theses for your research on the topic 'Computer networks Computers Computer security.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.

1

Lurain, Sher. "Networking security : risk assessment of information systems /." Online version of thesis, 1990. http://hdl.handle.net/1850/10587.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Katsikas, Stamatios. "Game theoretic models of networks security." Thesis, University of Warwick, 2017. http://wrap.warwick.ac.uk/102611/.

Full text
Abstract:
Decision making in the context of crime execution and crime prevention can be successfully investigated with the implementation of game-theoretic tools. Evolutionary and mean-field game theory allow for the consideration of a large number of interacting players organized in social and behavioural structures, which typically characterize this context. Alternatively, `traditional' game-theoretic approaches can be applied for studying the security of an arbitrary network on a two player non-cooperative game. Theoretically underpinned by these instruments, in this thesis we formulate and analyse game-theoretic models of inspection, corruption, counter- terrorism, patrolling, and similarly interpreted paradigms. Our analysis suggests optimal strategies for the involved players, and illustrates the long term behaviour of the introduced systems. Our contribution is towards the explicit formulation and the thorough analysis of real life scenaria involving the security in network structures.
APA, Harvard, Vancouver, ISO, and other styles
3

Holtje, Carl. "Security in serverless network environments /." Link to online version, 2004. https://ritdml.rit.edu/dspace/handle/1850/439.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Zhang, Zhixiong. "Scalable role & organization based access control and its administration." Fairfax, VA : George Mason University, 2008. http://hdl.handle.net/1920/3110.

Full text
Abstract:
Thesis (Ph.D.)--George Mason University, 2008.
Vita: p. 121. Thesis directors: Ravi S. Sandhu, Daniel Menascé. Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Information Technology. Title from PDF t.p. (viewed July 7, 2008). Includes bibliographical references (p. 113-120). Also issued in print.
APA, Harvard, Vancouver, ISO, and other styles
5

Nwanze, Nnamdi Chike. "Anomaly-based intrusion detection using using lightweight stateless payload inspection." Diss., Online access via UMI:, 2009.

Find full text
Abstract:
Thesis (Ph. D.)--State University of New York at Binghamton, Thomas J. Watson School of Engineering and Applied Science, Department of Electrical and Computer Engineering, 2009.
Includes bibliographical references.
APA, Harvard, Vancouver, ISO, and other styles
6

Burchett, Ian. "Quantifying Computer Network Security." TopSCHOLAR®, 2011. http://digitalcommons.wku.edu/theses/1118.

Full text
Abstract:
Simplifying network security data to the point that it is readily accessible and usable by a wider audience is increasingly becoming important, as networks become larger and security conditions and threats become more dynamic and complex, requiring a broader and more varied security staff makeup. With the need for a simple metric to quantify the security level on a network, this thesis proposes: simplify a network’s security risk level into a simple metric. Methods for this simplification of an entire network’s security level are conducted on several characteristic networks. Identification of computer network port vulnerabilities from NIST’s Network Vulnerability Database (NVD) are conducted, and via utilization of NVD’s Common Vulnerability Scoring System values, composite scores are created for each computer on the network, and then collectively a composite score is computed for the entire network, which accurately represents the health of the entire network. Special concerns about small numbers of highly vulnerable computers or especially critical members of the network are confronted.
APA, Harvard, Vancouver, ISO, and other styles
7

Soewito, Benfano. "Adaptive Security In Computer Networks." Available to subscribers only, 2009. http://proquest.umi.com/pqdweb?did=1879096201&sid=3&Fmt=2&clientId=1509&RQT=309&VName=PQD.

Full text
Abstract:
Thesis (Ph. D.)--Southern Illinois University Carbondale, 2009.
"Department of Electrical and Computer Engineering." Keywords: Adaptive security, Computer networks, Intrusion detection. Includes bibliographical references (p. 78-84). Also available online.
APA, Harvard, Vancouver, ISO, and other styles
8

Umeh, Njideka Adaku. "Security architecture methodology for large net-centric systems." Diss., Rolla, Mo. : University of Missouri-Rolla, 2007. http://scholarsmine.mst.edu/thesis/Umeh_09007dcc8049b3f0.pdf.

Full text
Abstract:
Thesis (M.S.)--University of Missouri--Rolla, 2007.
Vita. The entire thesis text is included in file. Title from title screen of thesis/dissertation PDF file (viewed December 6, 2007) Includes bibliographical references (p. 60-63).
APA, Harvard, Vancouver, ISO, and other styles
9

Skaria, Sherin, and Fazely Hamedani Amir Reza. "Network Security Issues, Tools for Testing Security in Computer Network and Development Solution for Improving Security in Computer Network." Thesis, Halmstad University, Halmstad University, Halmstad University, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-4396.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Årnes, Andre. "Risk, Privacy, and Security in Computer Networks." Doctoral thesis, Norwegian University of Science and Technology, Faculty of Information Technology, Mathematics and Electrical Engineering, 2006. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-1725.

Full text
Abstract:

With an increasingly digitally connected society comes complexity, uncertainty, and risk. Network monitoring, incident management, and digital forensics is of increasing importance with the escalation of cybercrime and other network supported serious crimes. New laws and regulations governing electronic communications, cybercrime, and data retention are being proposed, continuously requiring new methods and tools.

This thesis introduces a novel approach to real-time network risk assessment based on hidden Markov models to represent the likelihood of transitions between security states. The method measures risk as a composition of individual hosts, providing a precise, fine-grained model for assessing risk and providing decision support for incident response. The approach has been integrated with an existing framework for distributed, large-scale intrusion detection, and the results of the risk assessment are applied to prioritize the alerts produced by the intrusion detection sensors. Using this implementation, the approach is evaluated on both simulated and real-world data.

Network monitoring can encompass large networks and process enormous amounts of data, and the practice and its ubiquity can represent a great threat to the privacy and confidentiality of network users. Existing measures for anonymization and pseudonymization are analyzed with respect to the trade-off of performing meaningful data analysis while protecting the identities of the users. The results demonstrate that most existing solutions for pseudonymization are vulnerable to a range of attacks. As a solution, some remedies for strengthening the schemes are proposed, and a method for unlinkable transaction pseudonyms is considered.

Finally, a novel method for performing digital forensic reconstructions in a virtual security testbed is proposed. Based on a hypothesis of the security incident in question, the testbed is configured with the appropriate operating systems, services, and exploits. Attacks are formulated as event chains and replayed on the testbed. The effects of each event are analyzed in order to support or refute the hypothesis. The purpose of the approach is to facilitate reconstruction experiments in digital forensics. Two examples are given to demonstrate the approach; one overview example based on the Trojan defense and one detailed example of a multi-step attack. Although a reconstruction can neither prove a hypothesis with absolute certainty, nor exclude the correctness of other hypotheses, a standardized environment combined with event reconstruction and testing can lend credibility to an investigation and can be a valuable asset in court.

APA, Harvard, Vancouver, ISO, and other styles
11

Montehermoso, Ronald Centeno. "Microsoft Windows Server 2003 : security enhancements and new features /." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2004. http://library.nps.navy.mil/uhtbin/hyperion/04Sep%5FMontehermoso.pdf.

Full text
Abstract:
Thesis (M.S. in Information Technology Management)--Naval Postgraduate School, Sept. 2004.
Thesis Advisor(s): Douglas E. Brinkley. Includes bibliographical references (p. 111-118). Also available online.
APA, Harvard, Vancouver, ISO, and other styles
12

El, Salamouny Ehab. "Probabilistic trust models in network security." Thesis, University of Southampton, 2011. https://eprints.soton.ac.uk/179163/.

Full text
Abstract:
One of the dominant properties of a global computing network is the incomplete information available to principals about each other. This was the motivation of using the notion of probabilistic trust as an approach to security sensitive decision making in modern open and global computing systems. In such systems any principal A uses the outcomes of past interactions with another principal B to construct a probabilistic model approximating the behaviour of B. Using this model, the principal A can take decisions regarding interactions with B by estimating its future actions. Many existing frameworks adopt the so-called ‘Beta model’. The main limitation of these frameworks is that they assume the behaviour of any principal to be fixed, which is not realistic in many cases. In this thesis, we first address the application of probabilistic trust to optimise security protocols, and specifically give an example where the Crowds anonymity protocol is extended to use trust information. We then address the problem of evaluating probabilistic trust in principals exhibiting dynamic behaviours. In this respect, we formally analyse the ‘exponential decay’ technique as an approach to coping with principals’ dynamic behaviours. Given the identified limitations of this technique, a more general framework for trust and reputation is introduced. In this framework, Hidden Markov Models (HMMs) are used for modelling the dynamic behaviours of principals. This framework is formally analysed in terms of a notion of ‘estimation error’. Using an experimental approach based on Monte-Carlo methods to evaluate the expected estimation error, the introduced HMM-based framework for trust and reputation is compared to the existing Beta framework. The results show in general that the latter is getting more promising in evaluating trust in principals (‘trustees’) having dynamic behaviours as longer sequences of observations are available about such trustees.
APA, Harvard, Vancouver, ISO, and other styles
13

Irwin, Barry Vivian William. "A framework for the application of network telescope sensors in a global IP network." Thesis, Rhodes University, 2011. http://hdl.handle.net/10962/d1004835.

Full text
Abstract:
The use of Network Telescope systems has become increasingly popular amongst security researchers in recent years. This study provides a framework for the utilisation of this data. The research is based on a primary dataset of 40 million events spanning 50 months collected using a small (/24) passive network telescope located in African IP space. This research presents a number of differing ways in which the data can be analysed ranging from low level protocol based analysis to higher level analysis at the geopolitical and network topology level. Anomalous traffic and illustrative anecdotes are explored in detail and highlighted. A discussion relating to bogon traffic observed is also presented. Two novel visualisation tools are presented, which were developed to aid in the analysis of large network telescope datasets. The first is a three-dimensional visualisation tool which allows for live, near-realtime analysis, and the second is a two-dimensional fractal based plotting scheme which allows for plots of the entire IPv4 address space to be produced, and manipulated. Using the techniques and tools developed for the analysis of this dataset, a detailed analysis of traffic recorded as destined for port 445/tcp is presented. This includes the evaluation of traffic surrounding the outbreak of the Conficker worm in November 2008. A number of metrics relating to the description and quantification of network telescope configuration and the resultant traffic captures are described, the use of which it is hoped will facilitate greater and easier collaboration among researchers utilising this network security technology. The research concludes with suggestions relating to other applications of the data and intelligence that can be extracted from network telescopes, and their use as part of an organisation’s integrated network security systems
APA, Harvard, Vancouver, ISO, and other styles
14

Al-Ibrahim, Mohamed Hussain. "Source authentication in group communication." Thesis, Electronic version, 2005. http://hdl.handle.net/1959.14/549.

Full text
Abstract:
Title from screen page; viewed 10 Oct 2005.
Thesis (PhD)--Macquarie University, Division of Information and Communication Sciences, Dept. of Computing, 2004.
Bibliography: leaves 163-175.
Introduction -- Cryptographic essentials -- Multicast: structure and security -- Authentication of multicast streams -- Authentication of concast communication -- Authentication of transit flows -- One-time signatures for authenticating group communication -- Authentication of anycast communication -- Authentication of joining operation - Conclusion and future directions.
Electronic publication; full text available in PDF format.
Multicast is a relatively new and emerging communication mode in which a sender sends a message to a group of recipients in just one connection establishment... reducing broadband overhead and increasing resource utilization in the already congested and contented network... The focus of the research in this area has been in two directions: first, building an efficient routing infrastructure, and secondly, building a sophisticated security infrastructure. The focus of this work is on the second issue.
An ideal authenticated multicast environment ... provides authenticity for all the communication operations in the system... We ... propose a comprehensive solution to the problem ... for all its possible operations... 1. one-to-one (or joining mode) 2. one-to-many (or broadcast mode) 3. many-to-one (or concast mode) 4. intermediate (or transit mode) ... We study the ... mode known as anycast, in which a server is selected from a group of servers. Further we develop ... schemes for group-based communication exploiting the distinct features of one-time signatures... cover situations when a threshold number of participants are involved and ... where a proxy signer is required.
Electronic reproduction.
Mode of access: World Wide Web.
Also available in a print form
APA, Harvard, Vancouver, ISO, and other styles
15

Chan, Kevin Sean. "Towards securing networks of resource constrained devices a study of cryptographic primitives and key distribution schemes /." Diss., Atlanta, Ga. : Georgia Institute of Technology, 2008. http://hdl.handle.net/1853/26651.

Full text
Abstract:
Thesis (Ph.D)--Electrical and Computer Engineering, Georgia Institute of Technology, 2009.
Committee Chair: Fekri, Faramarz; Committee Member: James McClellan; Committee Member: John Copeland; Committee Member: Steven McLaughlin; Committee Member: Yajun Mei. Part of the SMARTech Electronic Thesis and Dissertation Collection.
APA, Harvard, Vancouver, ISO, and other styles
16

Sanyamahwe, Tendai. "Digital forensic model for computer networks." Thesis, University of Fort Hare, 2011. http://hdl.handle.net/10353/d1000968.

Full text
Abstract:
The Internet has become important since information is now stored in digital form and is transported both within and between organisations in large amounts through computer networks. Nevertheless, there are those individuals or groups of people who utilise the Internet to harm other businesses because they can remain relatively anonymous. To prosecute such criminals, forensic practitioners have to follow a well-defined procedure to convict responsible cyber-criminals in a court of law. Log files provide significant digital evidence in computer networks when tracing cyber-criminals. Network log mining is an evolution of typical digital forensics utilising evidence from network devices such as firewalls, switches and routers. Network log mining is a process supported by presiding South African laws such as the Computer Evidence Act, 57 of 1983; the Electronic Communications and Transactions (ECT) Act, 25 of 2002; and the Electronic Communications Act, 36 of 2005. Nevertheless, international laws and regulations supporting network log mining include the Sarbanes-Oxley Act; the Foreign Corrupt Practices Act (FCPA) and the Bribery Act of the USA. A digital forensic model for computer networks focusing on network log mining has been developed based on the literature reviewed and critical thought. The development of the model followed the Design Science methodology. However, this research project argues that there are some important aspects which are not fully addressed by South African presiding legislation supporting digital forensic investigations. With that in mind, this research project proposes some Forensic Investigation Precautions. These precautions were developed as part of the proposed model. The Diffusion of Innovations (DOI) Theory is the framework underpinning the development of the model and how it can be assimilated into the community. The model was sent to IT experts for validation and this provided the qualitative element and the primary data of this research project. From these experts, this study found out that the proposed model is very unique, very comprehensive and has added new knowledge into the field of Information Technology. Also, a paper was written out of this research project.
APA, Harvard, Vancouver, ISO, and other styles
17

Deas, Matthew Burns. "Towards a user centric model for identity and access management within the online environment." Thesis, Nelson Mandela Metropolitan University, 2008. http://hdl.handle.net/10948/775.

Full text
Abstract:
Today, one is expected to remember multiple user names and passwords for different domains when one wants to access on the Internet. Identity management seeks to solve this problem through creating a digital identity that is exchangeable across organisational boundaries. Through the setup of collaboration agreements between multiple domains, users can easily switch across domains without being required to sign in again. However, use of this technology comes with risks of user identity and personal information being compromised. Criminals make use of spoofed websites and social engineering techniques to gain illegal access to user information. Due to this, the need for users to be protected from online threats has increased. Two processes are required to protect the user login information at the time of sign-on. Firstly, user’s information must be protected at the time of sign-on, and secondly, a simple method for the identification of the website is required by the user. This treatise looks at the process for identifying and verifying user information, and how the user can verify the system at sign-in. Three models for identity management are analysed, namely the Microsoft .NET Passport, Liberty Alliance Federated Identity for Single Sign-on and the Mozilla TrustBar for system authentication.
APA, Harvard, Vancouver, ISO, and other styles
18

Dobson, Lucas E. "Security analysis of session initiation protocol." Thesis, Monterey, California : Naval Postgraduate School, 2010. http://edocs.nps.edu/npspubs/scholarly/theses/2010/Jun/10Jun%5FDobson.pdf.

Full text
Abstract:
Thesis (M.S. in Computer Science)--Naval Postgraduate School, June 2010.
Thesis Advisor(s): Dinolt, George ; Eagle, Chris. "June 2010." Description based on title screen as viewed on July 13, 2010. Author(s) subject terms: Session initiation protocol, voice over IP, information security, siproxd, linphone, Qutecom, osip, eXosip Includes bibliographical references (p. 77-78). Also available in print.
APA, Harvard, Vancouver, ISO, and other styles
19

Kalutarage, H. K. "Effective monitoring of slow suspicious activites on computer networks." Thesis, Coventry University, 2013. http://curve.coventry.ac.uk/open/items/afdbba5c-2c93-41a7-90c3-2f0f3261b794/1.

Full text
Abstract:
Slow and suspicious activities on modern computer networks are increasingly hard to detect. An attacker may take days, weeks or months to complete an attack life cycle. A particular challenge is to monitor for stealthy attempts deliberately designed to stay beneath detection thresholds. This doctoral research presents a theoretical framework for effective monitoring of such activities. The main contribution of this work is a scalable monitoring scheme proposed in a Bayesian framework, which allows for detection of multiple attackers by setting a threshold using the Grubbs’ test. Second contribution is a tracing algorithm for such attacks. Network paths from a victim to its immediate visible hops are mapped and profiled in a Bayesian framework and the highest scored path is prioritised for monitoring. Third contribution explores an approach to minimise data collection by employing traffic sampling. The traffic is sampled using the stratification sampling technique with optimum allocation method. Using a 10% sampling rate was sufficient to detect simulated attackers, and some network parameters affected on sampling error. Final contribution is a target-centric monitoring scheme to detect nodes under attack. Target-centric approach is quicker to detect stealthy attacks and has potential to detect collusion as it completely independent from source information. Experiments are carried out in a simulated environment using the network simulator NS3. Anomalous traffic is generated along with normal traffic within and between networks using a Poisson arrival model. Our work addresses a key problem of network security monitoring: a scalable monitoring scheme for slow and suspicious activities. State size, in terms of a node score, is a small number of nodes in the network and hence storage is feasible for very large networks.
APA, Harvard, Vancouver, ISO, and other styles
20

Kurnio, Hartono. "Contributions to group key distribution schemes." Access electronically, 2005. http://www.library.uow.edu.au/adt-NWU/public/adt-NWU20060509.103409/index.html.

Full text
APA, Harvard, Vancouver, ISO, and other styles
21

LU, WEN-PAI. "SECURITY OF COMMUNICATION IN COMPUTER NETWORKS (KEY MANAGEMENT, VERIFICATION)." Diss., The University of Arizona, 1986. http://hdl.handle.net/10150/183922.

Full text
Abstract:
This dissertation concerns investigations on two of the most important problems in establishing communication security in computer networks: (1) developing a model which precisely describes the mechanism that enforces the security policy and requirements for a secure network, and (2) designing a key management scheme for establishing a secure session for end-to-end encryption between a pair of communicants. The security mechanism attempts to ensure secure flow of information between entities assigned to different security classes in different computer systems attached to a computer communication network. The mechanism also controls the accesses to the network devices by the subjects (users and processes executed on behalf of the users). The communication security problem is formulated by using a mathematical model which precisely describes the security requirements for the network. The model integrates the notions of access control and information flow control to provide a Trusted Network Base (TNB) for the network. The demonstration of security of the network when the security mechanism is designed following the present model is given by using mathematical induction techniques. The problem of designing key management schemes for establishing end-to-end encrypted sessions between source-destination pairs when the source and the destination are on different networks interconnected via Gateways and intermediate networks is examined. In such an internet environment, the key management problem attains a high degree of complexity due to the differences in the key distribution mechanisms used in the constituent networks and the infeasibility of effecting extensive hardware and software changes to the existing networks. A hierarchical approach for key management is presented which utilizes the existing network specific protocols at the lower levels and protocols between Authentication Servers and/or Control Centers of different networks at the higher levels. Details of this approach are discussed for specific illustrative scenarios to demonstrate the implementational simplicity. A formal verification of the security of the resulting system is also conducted by an axiomatic procedure utilizing certain combinatory logic principles. This approach is general and can be used for verifying the security of any existing key management scheme.
APA, Harvard, Vancouver, ISO, and other styles
22

Martina, Jean Everson. "Verification of security protocols based on multicast communication." Thesis, University of Cambridge, 2011. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.609650.

Full text
APA, Harvard, Vancouver, ISO, and other styles
23

Judd, Aaron C. "Improved Network Security and Disguising TCP/IP Fingerprint Through Dynamic Stack Modification /." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2005. http://library.nps.navy.mil/uhtbin/hyperion/05Sep%5FJudd.pdf.

Full text
APA, Harvard, Vancouver, ISO, and other styles
24

Hall, Kristopher Joseph. "Thwarting Network Stealth Worms in Computer Networks through Biological Epidemiology." Diss., Virginia Tech, 2006. http://hdl.handle.net/10919/27726.

Full text
Abstract:
This research developed a system, Rx, to provide early identification and effective control of network stealth worms in digital networks through techniques based on biological epidemiology. Network stealth worms comprise a class of surreptitious, self-propagating code that spread over network connections by exploiting security vulnerabilities in hosts. Past outbreaks due to traditional worms subverted hundreds of thousands of machines. Network stealth worms exacerbate that threat by using clandestine methods to maintain a persistent presence in the network. Biological epidemiology was shown to support the real-time detection, characterization, forecasting, and containment of network stealth worms. Epidemiology describes a scientific methodology in biology that seeks to understand, explain, and control disease. Bio-mathematical modeling led to the development of a mechanism for digital networks to identify worm infection behavior buried in anomaly data, to characterize a worm, and to forecast the temporal spread of a worm. Demographic analysis of the infected hosts revealed the subset of vulnerable machines within the population. The automated response of advanced quarantine used this information to control the spread of an identified worm by isolating both infected and vulnerable machines. The novel contributions of this research included the identification of a network stealth worm at the network-level based on end-host reports while simultaneously characterizing and forecasting the spread of the worm. Additionally, this task offered the technique of advanced quarantine through demographic analysis of the population. This work resulted in a scalable, fault-tolerant strategy that dramatically enhanced the survival rate of network hosts under attack by a stealth worm. Moreover, this approach did not require new hardware, changes to existing protocols, or participation outside the implementing organization. This research showed application to a wider range of challenges. The bio-mathematical models are extensible, allowing Rx to respond to variations on the self-propagating code presented here. The approach is applicable to other forms of malware beyond self-propagating code by interchanging the epidemic model with one more appropriate. Lastly, the strategy allowed anomaly detectors to be sensitive to lower reporting thresholds and a variety of often benign yet potentially useful events.
Ph. D.
APA, Harvard, Vancouver, ISO, and other styles
25

Deccio, Casey T. "Network-layer Selective Security." Diss., CLICK HERE for online access, 2004. http://contentdm.lib.byu.edu/ETD/image/etd560.pdf.

Full text
APA, Harvard, Vancouver, ISO, and other styles
26

Ardolino, Kyle R. "Semi-supervised learning of bitmask pairs for an anomaly-based intrusion detection system." Diss., Online access via UMI:, 2008.

Find full text
Abstract:
Thesis (M.S.)--State University of New York at Binghamton, Thomas J. Watson School of Engineering and Applied Science, Department of Electrical Engineering, 2008.
Includes bibliographical references.
APA, Harvard, Vancouver, ISO, and other styles
27

Agbeko, Joseph. "Evaluation and application of bloom filters in computer network security /." Connect to resource online, 2009. http://rave.ohiolink.edu/etdc/view?acc_num=ysu1253733230.

Full text
APA, Harvard, Vancouver, ISO, and other styles
28

Atkins, William Dee. "Design and implementation of a hardened distributed network endpoint security system for improving the security of internet protocol-based networks." Diss., Rolla, Mo. : University of Missouri-Rolla, 2007. http://scholarsmine.umr.edu/thesis/pdf/Final_Thesis_09007dcc8031d3b0.pdf.

Full text
Abstract:
Thesis (M.S.)--University of Missouri--Rolla, 2007.
Vita. The entire thesis text is included in file. Title from title screen of thesis/dissertation PDF file (viewed April 11, 2007) Includes bibliographical references (p. 54-55).
APA, Harvard, Vancouver, ISO, and other styles
29

Dalwadi, Chintan. "Network and data security." Birmingham, Ala. : University of Alabama at Birmingham, 2006. http://www.mhsl.uab.edu/dt/2006m/dalwadi.pdf.

Full text
APA, Harvard, Vancouver, ISO, and other styles
30

Bai, Yun. "On formal specification of authorization policies and their transformations : thesis /." View thesis View thesis, 2000. http://library.uws.edu.au/adt-NUWS/public/adt-NUWS20030612.090157/index.html.

Full text
Abstract:
Thesis (Ph.D.)--University of Western Sydney, 2000.
"A thesis submitted for the degree of Doctor of Philosophy at University of Western Sydney - Nepean." "September 2000." Bibliography : leaves 141-150.
APA, Harvard, Vancouver, ISO, and other styles
31

Benbrook, Jimmie Glen 1943. "A SYSTEM ANALYSIS OF A MULTILEVEL SECURE LOCAL AREA NETWORK (COMPUTER)." Thesis, The University of Arizona, 1986. http://hdl.handle.net/10150/275531.

Full text
APA, Harvard, Vancouver, ISO, and other styles
32

Sung, Minho. "Scalable and efficient distributed algorithms for defending against malicious Internet activity." Diss., Available online, Georgia Institute of Technology, 2006, 2006. http://etd.gatech.edu/theses/available/etd-07172006-134741/.

Full text
Abstract:
Thesis (Ph. D.)--Computing, Georgia Institute of Technology, 2007.
Xu, Jun, Committee Chair ; Ahamad, Mustaque, Committee Member ; Ammar, Mostafa, Committee Member ; Bing, Benny, Committee Member ; Zegura, Ellen, Committee Member.
APA, Harvard, Vancouver, ISO, and other styles
33

Donta, Praveen Kumar. "Performance Analysis of Security Protocols." UNF Digital Commons, 2007. http://digitalcommons.unf.edu/etd/172.

Full text
Abstract:
Security is critical to a wide range of applications and services. Numerous security mechanisms and protocols have been developed and are widely used with today’s Internet. These protocols, which provide secrecy, authentication, and integrity control, are essential to protecting electronic information. There are many types of security protocols and mechanisms, such as symmetric key algorithms, asymmetric key algorithms, message digests, digital certificates, and secure socket layer (SSL) communication. Symmetric and asymmetric key algorithms provide secrecy. Message digests are used for authentication. SSL communication provides a secure connection between two sockets. The purpose of this graduate project was to do performance analysis on various security protocols. These are performance comparisons of symmetric key algorithms DES (Data Encryption Standard), 3DES (Triple DES), AES (Advanced Encryption Standard), and RC4; of public-private key algorithms RSA and ElGamal; of digital certificates using message digests SHA1 (Secure Hash Algorithm) and MD5; and of SSL (Secure Sockets Layer) communication using security algorithms 3DES with SHA1 and RC4 with MD5.
APA, Harvard, Vancouver, ISO, and other styles
34

Ortwein, Michael T. "Establishing Regis network security policy." [Denver, Colo.] : Regis University, 2005. http://165.236.235.140/lib/MOrtwein2005.pdf.

Full text
APA, Harvard, Vancouver, ISO, and other styles
35

Chance, Christopher P. "Designing and implementing a network authentication service for providing a secure communication channel." Thesis, Kansas State University, 1986. http://hdl.handle.net/2097/9903.

Full text
APA, Harvard, Vancouver, ISO, and other styles
36

Bailey, Carmen F. "Analysis of security solutions in large enterprises." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2003. http://library.nps.navy.mil/uhtbin/hyperion-image/03Jun%5FBailey.pdf.

Full text
APA, Harvard, Vancouver, ISO, and other styles
37

Salim, Farzad. "Detecting and resolving redundancies in EP3P policies." Access electronically, 2006. http://www.library.uow.edu.au/adt-NWU/public/adt-NWU20061120.151611/index.html.

Full text
APA, Harvard, Vancouver, ISO, and other styles
38

Xu, Jun. "Security mechanisms in high-speed networks /." The Ohio State University, 2000. http://rave.ohiolink.edu/etdc/view?acc_num=osu1488203158826224.

Full text
APA, Harvard, Vancouver, ISO, and other styles
39

Felker, Keith A. "Security and efficiency concerns with distributed collaborative networking environments /." Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2003. http://library.nps.navy.mil/uhtbin/hyperion-image/03sep%5FFelker.pdf.

Full text
APA, Harvard, Vancouver, ISO, and other styles
40

Lough, Daniel Lowry. "A Taxonomy of Computer Attacks with Applications to Wireless Networks." Diss., Virginia Tech, 2001. http://hdl.handle.net/10919/27242.

Full text
Abstract:
The majority of attacks made upon modern computers have been successful due to the exploitation of the same errors and weaknesses that have plagued computer systems for the last thirty years. Because the industry has not learned from these mistakes, new protocols and systems are not designed with the aspect of security in mind; and security that is present is typically added as an afterthought. What makes these systems so vulnerable is that the security design process is based upon assumptions that have been made in the past; assumptions which now have become obsolete or irrelevant. In addition, fundamental errors in the design and implementation of systems repeatedly occur, which lead to failures. This research presents a comprehensive analysis of the types of attacks that are being leveled upon computer systems and the construction of a general taxonomy and methodologies that will facilitate design of secure protocols. To develop a comprehensive taxonomy, existing lists, charts, and taxonomies of host and network attacks published over the last thirty years are examined and combined, revealing common denominators among them. These common denominators, as well as new information, are assimilated to produce a broadly applicable, simpler, and more complete taxonomy. It is shown that all computer attacks can be broken into a taxonomy consisting of improper conditions: Validation Exposure Randomness Deallocation Improper Conditions Taxonomy; hence described by the acronym VERDICT. The developed methodologies are applicable to both wired and wireless systems, and they are applied to some existing Internet attacks to show how they can be classified under VERDICT. The methodologies are applied to the IEEE 802.11 wireless local area network protocol and numerous vulnerabilities are found. Finally, an extensive annotated bibliography is included.
Ph. D.
APA, Harvard, Vancouver, ISO, and other styles
41

Baratz, Joshua W. (Joshua William) 1981. "Regions Security Policy (RSP) : applying regions to network security." Thesis, Massachusetts Institute of Technology, 2004. http://hdl.handle.net/1721.1/17933.

Full text
Abstract:
Thesis (M. Eng. and S.B.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2004.
Includes bibliographical references (p. 51-54).
The Regions network architecture is a new look at network organization that groups nodes into regions based on common purposes. This shift from strict network topology groupings of nodes requires a change in security systems. This thesis designs and implements the Regions Security Policy (RSP). RSP allows a unified security policy to be set across a region, fully controlling data as it enters into, exits from, and transits within a region. In doing so, it brings together several existing security solutions so as to provide security comparable to existing systems that is more likely to function correctly.
by Joshua W. Baratz.
M.Eng.and S.B.
APA, Harvard, Vancouver, ISO, and other styles
42

Zhao, Li. "Enhance communication security in wireless ad hoc networks through multipath routing." Online access for everyone, 2007. http://www.dissertations.wsu.edu/Dissertations/Summer2007/L_Zhao_072407.pdf.

Full text
APA, Harvard, Vancouver, ISO, and other styles
43

Labbe, Keith G. "Evaluation of two host-based intrusion prevention systems." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2005. http://library.nps.navy.mil/uhtbin/hyperion/05Jun%5FLabbe.pdf.

Full text
APA, Harvard, Vancouver, ISO, and other styles
44

Liu, Zhen. "A lightweight intrusion detection system for the cluster environment." Master's thesis, Mississippi State : Mississippi State University, 2003. http://sun.library.msstate.edu/ETD-db/theses/available/etd-07102003-152642/unrestricted/ZhenLiu%5Fthesis.pdf.

Full text
APA, Harvard, Vancouver, ISO, and other styles
45

Mohammed, Ali, Sachin Sama, and Majeed Mohammed. "Enhancing Network Security in Linux Environment." Thesis, Högskolan i Halmstad, Sektionen för Informationsvetenskap, Data– och Elektroteknik (IDE), 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-17144.

Full text
Abstract:
Designing a secured network is the most important task in any enterprise or organization development. Securing a network mainly involves applying policies and procedures to protect different network devices from unauthorized access. Servers such as web servers, file servers, mail servers, etc., are the important devices in a network. Therefore, securing these servers is the first and foremost step followed in every security implementation mechanism. To implement this, it is very important to analyse and study the security mechanisms provided by the operating system. This makes it easier for security implementation in a network. This thesis work demonstrates the tasks needed to enhance the network security in Linux environment. The various security modules existing in Linux makes it different from other operating systems. The security measures which are mainly needed to enhance the system security are documented as a baseline for practical implementation. After analysing the security measures for implementing network security, it is important to understand the role of network monitoring tools and Linux inbuilt log management in maintaining the security of a network. This is accomplished by presenting a detailed discussion on network monitoring tools and log management in Linux. In order to test the network security, a network is designed using Linux systems by configuring different servers and application firewall for packet filtering. The security measures configured on each server to enhance its security are presented as part of the implementation. The results obtained while an unauthorized user accessing the servers from the external network are also documented along with attack information retrieved by different network monitoring tools and Linux inbuilt log messages.
APA, Harvard, Vancouver, ISO, and other styles
46

Ranang, Martin Thorsen. "An Artificial Immune System Approach to Preserving Security in Computer Networks." Thesis, Norwegian University of Science and Technology, Department of Computer and Information Science, 2002. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-255.

Full text
Abstract:

It is believed that many of the mechanisms present in the biological immune system are well suited for adoption to the field of computer intrusion detection, in the form of artificial immune systems. In this report mechanisms in the biological immune system are introduced, their parallels in artificial immune systems are presented, and how they may be applied to intrusion detection in a computer environment is discussed. An artificial immune system is designed, implemented and applied to detect intrusive behavior in real network data in a simulated network environment. The effect of costimulation and clonal proliferation combined with somatic hypermutation to perform affinity maturation of detectors in the artificial immune system is explored through experiments. An exact expression for the probability of a match between two randomly chosen strings using the r-contiguous matching rule is developed. The use of affinity maturation makes it possible to perform anomaly detection by using smaller sets of detectors with a high level of specificity while maintaining a high level of cover and diversity, which increases the number of true positives, while keeping a low level of false negatives.

APA, Harvard, Vancouver, ISO, and other styles
47

Onwubiko, Cyril. "A security framework for detecting enterprise-wide attacks in computer networks." Thesis, Kingston University, 2008. http://eprints.kingston.ac.uk/20301/.

Full text
Abstract:
An integrated security framework is proposed for detecting enterprise-wide network attacks. The proposed framework defines three types of components, namely, sensor, analysis and response. Sensor components gather evidence about security attacks. Analysis components correlate and combine pieces of attack evidence gathered by sensors, in order to detect attacks perceived on the network. Response components execute recommended responses and can be configured to assist humans in executing security countermeasures. Both schematic and formal descriptions of the framework and its components are provided and discussed. General and specific requirements of each component are outlined. To integrate components of the framework together, a lightweight signalling mechanism referred to as "security spaces" is proposed. A security space is a type of "tuple space" that allows sensor, analysis and response components to connect, contribute and communicate security related information. Its application to distributed sensor, and federated sensor environments is described. The detection of enterprise-wide attacks targeting computer networks is accomplished by distributing sensors across the network to collate evidence of perceived attacks, which are communicated to the analysis component for further investigation. In the analysis, a novel approach in data fusion is applied. This approach is underpinned by the Dempster-Shafer theory of evidence that is utilised to collectively combine pieces of attack evidence gathered by the sensors. The fusion of sensor evidence assists to provide accurate detection of attacks perceived on the entire network. Further, to assist security administrators to visualise and mitigate perceived attacks, graph theory and graph matching algorithms are employed in the analysis. Hence, a graph model - pattern activity graph - is proposed and investigated in representing security attacks perceived on the network. Both graph isomorphism and subgraph iso-morphism are used to compare attack graph templates to data graphs obtained from security events. To validate the objectives of this research, a series of experiments were conducted on a testbed network, where live network traffic was monitored. A dataset comprising background data and attack data was gathered. Background data is normal data obtained by monitoring the testbed network. Attack data was generated through the attacks conducted on the monitored testbed LAN. The attacks were primarily network scans, network worms, web attacks, policy violations, and stealthy network scans attacks.
APA, Harvard, Vancouver, ISO, and other styles
48

Hanikat, Marcus. "Centralized log management for complex computer networks." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254292.

Full text
Abstract:
In modern computer networks log messages produced on different devices throughout the network is collected and analyzed. The data from these log messages gives the network administrators an overview of the networks operation, allows them to detect problems with the network and block security breaches. In this thesis several different centralized log management systems are analyzed and evaluated to see if they match the requirements for security, performance and cost which was established. These requirements are designed to meet the stakeholder’s requirements of log management and allow for scaling along with the growth of their network. To prove that the selected system meets the requirements, a small-scale implementation of the system will be created as a “proof of concept”. The conclusion reached was that the best solution for the centralized log management system was the ELK Stack system which is based upon the three open source software Elasticsearch, Logstash and Kibana. In the small-scale implementation of the ELK Stack system it was shown that it meets all the requirements placed on the system. The goal of this thesis is to help develop a greater understanding of some well-known centralized log management systems and why the usage of them is important for computer networks. This will be done by describing, comparing and evaluating some of the functionalities of the selected centralized log management systems. This thesis will also be able to provide people and entities with guidance and recommendations for the choice and implementation of a centralized log management system.
I moderna datornätverk så produceras loggar på olika enheter i nätverket för att sedan samlas in och analyseras. Den data som finns i dessa loggar hjälper nätverksadministratörerna att få en överblick av hur nätverket fungerar, tillåter dem att upptäcka problem i nätverket samt blockera säkerhetshål. I detta projekt så analyseras flertalet relevanta system för centraliserad loggning utifrån de krav för säkerhet, prestanda och kostnad som är uppsatta. Dessa krav är uppsatta för att möta intressentens krav på loghantering och även tillåta för skalning jämsides med tillväxten av deras nätverk. För att bevisa att det valda systemet även fyller de uppsatta kraven så upprättades även en småskalig implementation av det valda systemet som ett ”proof of concept”. Slutsatsen som drogs var att det bästa centraliserade loggningssystemet utifrån de krav som ställs var ELK Stack som är baserat på tre olika mjukvarusystem med öppen källkod som heter Elasticsearch, Logstash och Kibana. I den småskaliga implementationen av detta system så påvisades även att det valda loggningssystemet uppnår samtliga krav som ställdes på systemet. Målet med detta projekt är att hjälpa till att utveckla kunskapen kring några välkända system för centraliserad loggning och varför användning av dessa är av stor betydelse för datornätverk. Detta kommer att göras genom att beskriva, jämföra och utvärdera de utvalda systemen för centraliserad loggning. Projektet kan även att hjälpa personer och organisationer med vägledning och rekommendationer inför val och implementation av ett centraliserat loggningssystem.
APA, Harvard, Vancouver, ISO, and other styles
49

Alarifi, Abdulrahman S. N. "Security through diversity for wireless sensor networks." Related electronic resource:, 2007. http://proquest.umi.com/pqdweb?did=1342747901&sid=1&Fmt=2&clientId=3739&RQT=309&VName=PQD.

Full text
APA, Harvard, Vancouver, ISO, and other styles
50

Iranmanesh, Seyed Amir. "Security Enhancements in Voice Over Ip Networks." W&M ScholarWorks, 2017. https://scholarworks.wm.edu/etd/1530192357.

Full text
Abstract:
Voice delivery over IP networks including VoIP (Voice over IP) and VoLTE (Voice over LTE) are emerging as the alternatives to the conventional public telephony networks. With the growing number of subscribers and the global integration of 4/5G by operations, VoIP/VoLTE as the only option for voice delivery becomes an attractive target to be abused and exploited by malicious attackers. This dissertation aims to address some of the security challenges in VoIP/VoLTE. When we examine the past events to identify trends and changes in attacking strategies, we find that spam calls, caller-ID spoofing, and DoS attacks are the most imminent threats to VoIP deployments. Compared to email spam, voice spam will be much more obnoxious and time consuming nuisance for human subscribers to filter out. Since the threat of voice spam could become as serious as email spam, we first focus on spam detection and propose a content-based approach to protect telephone subscribers' voice mailboxes from voice spam. Caller-ID has long been used to enable the callee parties know who is calling, verify his identity for authentication and his physical location for emergency services. VoIP and other packet switched networks such as all-IP Long Term Evolution (LTE) network provide flexibility that helps subscribers to use arbitrary caller-ID. Moreover, interconnecting between IP telephony and other Circuit-Switched (CS) legacy telephone networks has also weakened the security of caller-ID systems. We observe that the determination of true identity of a calling device helps us in preventing many VoIP attacks, such as caller-ID spoofing, spamming and call flooding attacks. This motivates us to take a very different approach to the VoIP problems and attempt to answer a fundamental question: is it possible to know the type of a device a subscriber uses to originate a call? By exploiting the impreciseness of the codec sampling rate in the caller's RTP streams, we propose a fuzzy rule-based system to remotely identify calling devices. Finally, we propose a caller-ID based public key infrastructure for VoIP and VoLTE that provides signature generation at the calling party side as well as signature verification at the callee party side. The proposed signature can be used as caller-ID trust to prevent caller-ID spoofing and unsolicited calls. Our approach is based on the identity-based cryptography, and it also leverages the Domain Name System (DNS) and proxy servers in the VoIP architecture, as well as the Home Subscriber Server (HSS) and Call Session Control Function (CSCF) in the IP Multimedia Subsystem (IMS) architecture. Using OPNET, we then develop a comprehensive simulation testbed for the evaluation of our proposed infrastructure. Our simulation results show that the average call setup delays induced by our infrastructure are hardly noticeable by telephony subscribers and the extra signaling overhead is negligible. Therefore, our proposed infrastructure can be adopted to widely verify caller-ID in telephony networks.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the bibliographies on the topic 'Computer networks Computers Computer security' for other source types:
Journal articles Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography