Browsing by Subject "Security"
Now showing 1 - 20 of 31
Results Per Page
Sort Options
Item A NEW COLD WAR? A RESURGENT RUSSIA AND THE IMPLICATIONS FOR REGIONAL AND GLOBAL SECURITYTanner, Ashley N.; Ehlers, Robert S; Dailey, Jeffrey D; Taylor, William A; Lamberson, Christine MRecent events in Eastern Europe and the Middle East have prompted world leaders to opine that the world is entering a new Cold War. These concerns are based on the recent invasions of Crimea and Ukraine, action in Syria, Russian rhetoric, and military posturing by both sides. Russian history, strategy, and strategic culture provide context for the current state of affairs. These do not, however, guarantee that the present implementation of strategy will mirror the past and that the goals are to return to a Soviet-style, Cold War-era, bipolar world order. The issue is more complex then our own cognitive biases have allowed us to comprehend. Russia is resurgent and does pose a threat to stability, but its goal is neither a Cold War nor a hot war. Rather, it seeks to be treated as an equal and to reassert a greater level of control and influence over its former lands.Item A Study on the Relationship Between Security and Prosperity in PakistanHubbard, Austen Cross; Dailey, Jeffery; Ehlers, Robert; Martinez, Eduardo; Abernathy, SusanSince 2014 Pakistan has reported improvements in their security and their economy. The aim of this study is to determine if those improvements are a result of counterterrorism policies implemented that same year, along with aggressive military operations. By utilizing a linear regression model, the hope was to identify a direct negative relationship between Pakistan’s Market Potential Index scores from 2007-2014 and their reported fiscal loss due to terrorism during the same years. If a relationship exists between those two variables, then there is an opportunity to argue that Pakistan has improved their economic situation by reducing domestic terrorism within their borders. Other research on this topic only measures Pakistan’s economic loss from acts of terrorism; there is no record of research gauging the effects of reported improvements. By studying the effects of a reduction in terrorist acts on the economic potential of Pakistan, the goal is to support increased security reform in Pakistan and international cooperation in their road to stability.Item Advanced Dynamic Encryption ? A Security Enhancement Protocol for IEEE 802.11 and Hybrid Wireless Network(2012-02-14) Yu, Peter Huan PeData integrity and privacy are the two most important security requirements in wireless communication. Most mechanisms rely on pre-share key data encryption to prevent unauthorized users from accessing confidential information. However, a fixed secret key is vulnerable to cracking by capturing sufficient packets or launching a dictionary attack. In this research, a dynamic re-keying encryption protocol was developed to enhance the security protection for IEEE 802.11 and hybrid wireless network. This protocol automatically updates the secret key during the end-to-end transmission between wireless devices to protect the network and the communication privacy. In addition, security analyses are given to verify the protection of this protocol. Experiment results also validate that the dynamic encryption approach can perform as efficiently as other security architectures while providing an additional layer of data protection.Item Analyzing risk and uncertainty for improving water distribution system security from malevolent water supply contamination events(2009-05-15) Torres, Jacob ManuelPrevious efforts to apply risk analysis for water distribution systems (WDS) have not typically included explicit hydraulic simulations in their methodologies. A risk classification scheme is here employed for identifying vulnerable WDS components subject to an intentional water contamination event. A Monte Carlo simulation is conducted including uncertain stochastic diurnal demand patterns, seasonal demand, initial storage tank levels, time of day of contamination initiation, duration of contamination event, and contaminant quantity. An investigation is conducted on exposure sensitivities to the stochastic inputs and on mitigation measures for contaminant exposure reduction. Mitigation measures include topological modifications to the existing pipe network, valve installation, and an emergency purging system. Findings show that reasonable uncertainties in model inputs produce high variability in exposure levels. It is also shown that exposure level distributions experience noticeable sensitivities to population clusters within the contaminant spread area. The significant uncertainty in exposure patterns leads to greater resources needed for more effective mitigation.Item Anonymous, authentic, and accountable resource management based on the E-cash paradigm(2009-05-15) Lam, Tak CheungThe prevalence of digital information management in an open network has driven the need to maintain balance between anonymity, authenticity and accountability (AAA). Anonymity allows a principal to hide its identity from strangers before trust relationship is established. Authenticity ensures the correct identity is engaged in the transaction even though it is hidden. Accountability uncovers the hidden identity when misbehavior of the principal is detected. The objective of this research is to develop an AAA management framework for secure resource allocations. Most existing resource management schemes are designed to manage one or two of the AAA attributes. How to provide high strength protection to all attributes is an extremely challenging undertaking. Our study shows that the electronic cash (E-cash) paradigm provides some important knowledge bases for this purpose. Based on Chaum-Pederson?s general transferable E-cash model, we propose a timed-zero-knowledge proof (TZKP) protocol, which greatly reduces storage spaces and communication overheads for resource transfers, without compromising anonymity and accountability. Based on Eng-Okamoto?s general divisible E-cash model, we propose a hypercube-based divisibility framework, which provides a sophisticated and flexible way to partition a chunk of resources, with different trade-offs in anonymity protection and computational costs, when it is integrated with different sub-cube allocation schemes. Based on the E-cash based resource management framework, we propose a privacy preserving service oriented architecture (SOA), which allows the service providers and consumers to exchange services without leaking their sensitive data. Simulation results show that the secure resource management framework is highly practical for missioncritical applications in large scale distributed information systems.Item Assessment of United States national security policy under international human rights law and international humanitarian law(2014-05) Salvaggio, Natalie Cecile; Inboden, William, 1972-; Dulitzky, Ariel E.This paper assesses U.S. national security policies in surveillance, detention, interrogation and torture, and targeted killing to determine whether they comport with international human rights law and international humanitarian law. The U.S. is responsible for adhering to the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and the Geneva Conventions. These human rights law documents can be understood through court decisions, congressional statutes, and widely accepted interpretations from organizations such as the International Committee of the Red Cross, and the UN Human Rights Council. Further, this paper offers prescriptions on how international human rights law and international humanitarian law can be updated to better deal with the current war on terror.Item Automatic static analysis of software performance(2016-05) Olivo, Oswaldo Luis; Lin, Yun Calvin; Dillig, Isil; Dillig, Thomas; Lahiri, Shuvendu; Shmatikov, VitalyPerformance is a critical component of software quality. Software performance can have drastic repercussions on an application, frustrating its users, breaking the functionality of its components, or even rendering it defenseless against hackers. Unfortunately, unlike in the program verification domain, robust analysis techniques for software performance are almost non-existent. In this thesis we formalize important classes of performance-related bugs and security vulnerabilities, and implement novel static analysis techniques for automatically detecting them in widely used open-source applications. Our tools are able to uncover 92 performance bugs and 47 security vulnerabilities, while analyzing hundreds of thousands of lines of code and reporting a modest amount of false positives. Our work opens a new avenue for research: the development of rigorous automatic analyses for effective software performance understanding, inspired by traditional research in functional verification.Item Bleeding Mexico : an analysis of cartels evolution and drug-related bloodshed(2012-08) Medel, Monica Cristina; Dietz, Henry A.Drug-related violence in Mexico has increased exponentially in the last five years, killing near 50,000 people. Even though the country has been a producer of marijuana and opium poppy for nearly a century, it was not until the beginning of the new millennium that drug violence skyrocketed. Up until now, academic studies and policy papers have focused primarily on the political changes Mexico underwent over the last decade and on ingrained corruption as the central factors in explaining the increased violence. But such a jump in homicides rates, as well as the sheer brutality of the violence involved, also reflects the evolution of the country's drug organizations -- which went from being merely feared and ruthless drug producers and smugglers to far-reaching criminal empires that now dominate all aspects of the illicit drug underworld in the Americas. Many have become so powerful that they have formed their own armies of hit men and foot soldiers that operate like full-fledged paramilitary groups protecting their territories and smuggling routes to American soil. Further feeding the cycle of murders in Mexico is an increasing diversification of drug gangs' businesses, which now range from drug production and smuggling to extortion, kidnapping and human trafficking. Through an historical, spatial and statistical analysis, this study sets out to deconstruct the current wave of Mexican drug violence, show how it is spreading and why, and how that reflects the evolution of Mexican drug organizations.Item Cloud computing : security risk analysis and recommendations(2011-12) Sachdeva, Kapil; Bagchi, Uttarayan; Walls, StephenCloud computing is here to stay and is the natural progression in the evolution of our computing and collaboration needs. The easy availability of computing infrastructures is motivating a new breed of entrepreneurs to realize their ideas and deliver innovations to masses. These innovations, however, have some serious security weaknesses. If not taken into account, these weaknesses could prove fatal for an organization’s reputation and existence. This thesis explains the potential risks associated with various types of cloud computing technologies and recommends methods to mitigate them.Item Evaluation of power system security and development of transmission pricing method(Texas A&M University, 2004-11-15) Kim, HyungchulThe electric power utility industry is presently undergoing a change towards the deregulated environment. This has resulted in unbundling of generation, transmission and distribution services. The introduction of competition into unbundled electricity services may lead system operation closer to its security boundaries resulting in smaller operating safety margins. The competitive environment is expected to lead to lower price rates for customers and higher efficiency for power suppliers in the long run. Under this deregulated environment, security assessment and pricing of transmission services have become important issues in power systems. This dissertation provides new methods for power system security assessment and transmission pricing. In power system security assessment, the following issues are discussed 1) The description of probabilistic methods for power system security assessment 2) The computation time of simulation methods 3) on-line security assessment for operation. A probabilistic method using Monte-Carlo simulation is proposed for power system security assessment. This method takes into account dynamic and static effects corresponding to contingencies. Two different Kohonen networks, Self-Organizing Maps and Learning Vector Quantization, are employed to speed up the probabilistic method. The combination of Kohonen networks and Monte-Carlo simulation can reduce computation time in comparison with straight Monte-Carlo simulation. A technique for security assessment employing Bayes classifier is also proposed. This method can be useful for system operators to make security decisions during on-line power system operation. This dissertation also suggests an approach for allocating transmission transaction costs based on reliability benefits in transmission services. The proposed method shows the transmission transaction cost of reliability benefits when transmission line capacities are considered. The ratio between allocation by transmission line capacity-use and allocation by reliability benefits is computed using the probability of system failure.Item Exploiting leakage in privacy-protecting systems(2016-12) McPherson, Richard, III Fontaine; Gouda, Mohamed G., 1947-; Shmatikov, Vitaly; Alvisi, Lorenzo; Witchel, EmmettConventional systems store data unencrypted. This allows them to easily access and manipulate their data. However, by not protecting their data, these systems are at a greater risk if they are compromised by a malicious hacker. More advanced systems add encryption to their data, but this causes other issues. Normal encryption often ruins the ability to run computations on data, negating many of the reasons to store the data in the first place. More recently, some systems have attempted to strike a compromise between security and functionality by using encryption that partially protects their data while still allowing certain operations to be performed. Examples of these systems include general purpose frameworks like Mylar for Web applications, as well as domain- and application-specific systems like P3 for photo storage. This dissertation examines the privacy concerns that arise when using these systems with realistic datasets and real-world usage scenarios. The first system we explore is Mylar, an extension to the popular Meteor framework. Meteor is a JavaScript-based framework for concurrently developing the client and server parts of Web apps. Mylar allows users to share and search over data while protecting against a compromised or malicious server. We expand Mylar's vague definitions of passive and active adversaries into three threat models and show that Mylar is insecure against all three models. Mylar's metadata leaks sensitive information to an adversary with one-time access to Mylar's encrypted database. Mylar provides no protection against adversaries which can monitor user access patterns, allowing them to watch for data dependent behavior corresponding to sensitive information. Finally, Mylar fails to protect against active attackers who, by nature of the system, have been given the ability to modify the database and run search over the encrypted data. We next look at set of systems designed to protect sensitive images by selectively obfuscating them. We examine a system called P3 which splits an image into two images: a secret image that contains most of the identifying information and a public image that can be distributed with less risk of leaking information. We also investigate mosaicing (often called pixelation) and blurring, two commonly used image obfuscation techniques. Examining the obfuscated images, it's obvious that all three of these systems leak information. However, it's not clear how to exploit this leakage or if doing so is even possible. The authors of P3 specifically examined P3 using a number of techniques that mimic human image recognition. We bypass the need for human recognition by making use of modern machine learning techniques. Using neural networks, we are able to classify the obfuscated image content automatically without needing human assistance or having to define image features. Finally, we conclude by proposing a number of guidelines for creating modern privacy-preserving systems. We look at problems that arise when creating a scheme on paper as well as issues that come up when implementing the system. These guidelines were created by examining the mistakes of BoPET and image obfuscation researchers and developers. We present them in the hope that they will be used to insure the effectiveness of future privacy systems.Item Highly secure strong PUF based on nonlinearity of MOSFET subthreshold operation(2012-12) Kalyanaraman, Mukund Murali; Orshansky, Michael; Aziz, AdnanSilicon physical unclonable functions (PUFs) are security primitives relying on the intrinsic randomness of IC manufacturing. Strong PUFs have a very large input-output space which is essential for secure authentication. Several proposed strong PUFs use timing races to produce a rich set of responses. However, these PUFs are vulnerable to machine-learning attacks due to linear separability of the output function resulting from the additive nature of timing delay along timing paths. We introduce a novel strong silicon PUF based on the exponential current-voltage behavior in subthreshold region of FET operation. This behaviour injects strong nonlinearity into the response of the PUF. The PUF, which we term subthreshold current array (SCA) PUF, is implemented as a two-dimensional n x k transistor array with all devices subject to stochastic variability operating in subthreshold region. Our PUF is fundamentally different from earlier attempts to inject nonlinearity via digital control techniques like XORing the outputs of PUF and using feedforward structures, which could also be used with SCA-PUF. Voltages produced by nominally identical arrays are compared to produce a random binary response. SCA-PUF shows excellent security properties. The average inter-class Hamming distance, a measure of uniqueness, is 50.3%. The average intra-class Hamming distance, a measure of response stability, is 0.6%. Crucially, we demonstrate that the introduced PUF is much less vulnerable to modeling attacks. Using a machine-learning technique of support-vector machine with radial basis function kernel for optimum nonlinear learnability, we observe that the information leakage (rate of error reduction with learning) is much lower than for delay-based PUFs. Specifically, over a wide range of the number of observed challenge-response pairs, the error rate is 3-35x higher than for earlier designs.Item Intrinsic security in SORCER (service oriented) grid(Texas Tech University, 2005-05) Rai, Abhijit; Sobolewski, Michael; Zhuang, Yu; Hernandez, Hector J.A grid is a vast repository of virtual services. SORCER is a computational grid environment based on the Service Oriented Paradigm. Security and trust, in SORCER, are of utmost importance since the grid resources and the requestors connecting to faceless service providers are at high risk. For example, if a virus code is sent for computation, the grid resources are at high risk. Similarly, if rogue services are present on the network, requestor’s privacy and security are at risk. A security framework for a grid shall ensure access control to the federated services by authenticated and authorized users so that the requestors and services are able to work with mutual–trust. Today, grids are being used to build the systems which build up, rather than replace, legacy components. This makes securing virtual services even more difficult. The task of securing the SORCER grid can be accomplished by incorporating the following security practices into the SORCER environment: - Requestor (Client/Service) Identification and Authentication - Proxy Verification (building trust) - Authorization - Resource Control and Containment - Privacy and Integrity - Non-Repudiation - Accountability (Auditing) The security mechanism needs to be intrinsic to the grid, so that secure services can be built without being concerned with security on a per service basis. This will greatly reduce the effort required in patching security of individual services. Our goal is to achieve Intrinsic Security by developing robust, scaleable, and multi-layered security solutions for federated services.Item Intrinsic security in SORCER (Service Oriented) grid(2006-09) Rai, Abhijit; Sobolewski, Michael; Zhuang, Yu; Hernandez, Hector J.A grid is a vast repository of virtual services. SORCER is a computational grid environment based on the Service Oriented Paradigm. Security and trust, in SORCER, are of utmost importance since the grid resources and the requestors connecting to faceless service providers are at high risk. For example, if a virus code is sent for computation, the grid resources are at high risk. Similarly, if rogue services are present on the network, requestor’s privacy and security are at risk. A security framework for a grid shall ensure access control to the federated services by authenticated and authorized users so that the requestors and services are able to work with mutual–trust. Today, grids are being used to build the systems which build up, rather than replace, legacy components. This makes securing virtual services even more difficult. The task of securing the SORCER grid can be accomplished by incorporating the following security practices into the SORCER environment: -Requestor (Client/Service) Identification and Authentication -Proxy Verification (building trust) -Authorization -Resource Control and Containment -Privacy and Integrity -Non-Repudiation -Accountability (Auditing) The security mechanism needs to be intrinsic to the grid, so that secure services can be built without being concerned with security on a per service basis. This will greatly reduce the effort required in patching security of individual services. Our goal is to achieve Intrinsic Security by developing robust, scaleable, and multi-layered security solutions for federated services.Item Malicious software engineer intrusion detection between components(2010-12) Sethia, Snehadeep; Shin, Michael; Zhuang, YuThis thesis describes an approach to detecting malicious software engineer intrusion between components in application systems using business processes (use cases) of applications. The approach detects malicious codes inserted by malicious software engineers to the system during the software development or the maintenance phase. This research extends a previous research about malicious software engineer intrusion within a component. The proposed approach detects intrusion using system detectors that are designed to encapsulate the relationships between components. Those relationships are represented with the UML state machines. The system detectors communicate with objects in components in order to monitor the communication between components in which the system detectors authenticate the messages from objects. This is to avoid fake messages from malicious code. The proposed approach has been applied to two case studies – Automated Teller Machine System and Electronic Commerce System – and the performance of the system detectors has been evaluated with case studies.Item Platform-level protection for interacting mobile apps(2016-08) Xu, Yuanzhong, Ph.D.; Witchel, Emmett; Alvisi, Lorenzo; Geambasu, Roxana; Pingali, Keshav; Shmatikov, VitalyIn a modern mobile platform, apps are mutually distrustful, but they share the same device and frequently interact with each other. This dissertation shows how existing platforms, like Android and iOS, often fail to support important data protection scenarios, and describes two systems to improve platform-level security. First, many data leaks in existing platforms are due to the lack of information flow control for inter-app data exchanges. For example, a document viewer that opens an attachment from an email client often further discloses the attachment to other apps or to the network. To prevent such leaks, we need strict information flow confinement, but a challenge to enforce such confinement in existing platforms is the potential disruptions to confined apps. We present Maxoid, a system that uses context-aware custom views of apps' storage state to make information flow enforcement backward compatible. Second, apps' abstraction of data has diverged from platforms' abstraction of data. Modern mobile apps heavily rely on structured data, and relational databases have become the hub for apps' internal data management. However, in existing platforms, protection mechanisms are coarse-grained and have no visibility to the structures of apps' data. In these platforms, access control is a mixture of coarse-grained mechanisms and many ad hoc user-level checks, making data protection unprincipled and error-prone. We present Earp, a new mobile platform that combines simple object-level permissions and capability relationships among objects to naturally protect structured data for mobile apps. It achieves a uniform abstraction for storing, sharing and efficiently protecting structured data, for both storage and inter-app services.Item Prioritizing security regression test cases using threat models(2016-12) Longoria, Jason Andrew; Khurshid, SarfrazWhen existing software is modified, regression testing provides an approach to gain confidence that no unexpected security vulnerabilities have been introduced. If faults or vulnerabilities were introduced by the change, it is beneficial to identify them as soon as possible. Prioritizing regression test cases by their risk exposure improves the likelihood that faults will be found early. This paper reviews regression test case prioritization methods and provides an example prioritization of security regression test cases based on a threat model.Item Protecting sensitive information from untrusted code(2010-08) Roy, Indrajit; Witchel, Emmett; Dahlin, Michael D.; Mazières, David; McKinley, Kathryn S.; Shmatikov, VitalyAs computer systems support more aspects of modern life, from finance to health care, security is becoming increasingly important. However, building secure systems remains a challenge. Software continues to have security vulnerabilities due to reasons ranging from programmer errors to inadequate programming tools. Because of these vulnerabilities we need mechanisms that protect sensitive data even when the software is untrusted. This dissertation shows that secure and practical frameworks can be built for protecting users' data from untrusted applications in both desktop and cloud computing environment. Laminar is a new framework that secures desktop applications by enforcing policies written as information flow rules. Information flow control, a form of mandatory access control, enables programmers to write powerful, end-to-end security guarantees while reducing the amount of trusted code. Current programming abstractions and implementations of this model either compromise end-to-end security guarantees or require substantial modifications to applications, thus deterring adoption. Laminar addresses these shortcomings by exporting a single set of abstractions to control information flows through operating system resources and heap-allocated objects. Programmers express security policies by labeling data and represent access restrictions on code using a new abstraction called a security region. The Laminar programming model eases incremental deployment, limits dynamic security checks, and supports multithreaded programs that can access heterogeneously labeled data. In large scale, distributed computations safeguarding information requires solutions beyond mandatory access control. An important challenge is to ensure that the computation, including its output, does not leak sensitive information about the inputs. For untrusted code, access control cannot guarantee that the output does not leak information. This dissertation proposes Airavat, a MapReduce-based system which augments mandatory access control with differential privacy to guarantee security and privacy for distributed computations. Data providers control the security policy for their sensitive data, including a mathematical bound on potential privacy violations. Users without security expertise can perform computations on the data; Airavat prevents information leakage beyond the data provider's policy. Our prototype implementation of Airavat demonstrates that several data mining tasks can be performed in a privacy preserving fashion with modest performance overheads.Item Rethinking operating system trust(2013-12) Hofmann, Owen Sebastian; Witchel, EmmettOperating system kernels present a difficult security challenge. Despite their millions of lines of code and broad, complex attack surface, they remain a trusted component shared between all applications. If an attacker can combine an exploit for any application on a system with a kernel exploit or privilege escalation, the attacker can then control any other application, regardless of whether the second application was itself vulnerable. This dissertation presents two hypervisor-based systems: OSck, which increases the trustworthiness of a guest kernel by detecting kernel rootkits, and InkTag, which removes the need for an application to trust the kernel at all. Vital to both systems is their use of information from a potentially malicious kernel. These systems rely on information from the kernel about its own functionality to make their implementation simpler, more efficient, and more secure. Importantly, although they rely on this information, they do not trust it. A kernel that lies about its functionality to appear benign will be detected, as will a kernel that simply acts maliciously. OSck detects kernel rootkits: malicious software programs that are particularly difficult to detect because they modify internal kernel operation to hide their presence. Running concurrently with an operating system and isolated by the hypervisor, OSck verifies safety properties for large portions of the kernel heap with minimal overhead, by deducing type information from unmodified kernel source code and in-memory kernel data structures. InkTag gives strong safety guarantees to trusted applications, even in the presence of a malicious operating system. InkTag isolates applications from the operating system, and enables applications to validate that the kernel is acting in good faith, for example by ensuring that the kernel is mapping the correct file data into the application's address space. InkTag introduces paraverification, a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. InkTag requires that the kernel prove to the hypervisor that its updates to application state (such as page tables) are valid, and also to prove to the application that its responses to system calls are consistent. InkTag is also the first system of its kind to implement access control, secure naming, and consistency for data on stable storage.Item Retrospect on contemporary Internet organization and its challenges in the future(2011-05) Gutierrez De Lara, Felipe; Bard, William Carl, 1944-; Julien, ChristineThe intent of this report is to expose the audience to the contemporary organization of the Internet and to highlight the challenges it has to deal with in the future as well as the current efforts being made to overcome such threats. This report aims to build a frame of reference for how the Internet is currently structured and how the different layers interact together to make it possible for the Internet to exist as we know it. Additionally, the report explores the challenges the current Internet architecture design is facing, the reasons why these challenges are arising, and the multiple efforts taking place to keep the Internet working. In order to reach these objectives I visited multiple sites of organizations whose only reason for existence is to support the Internet and keep it functioning. The approach used to write this report was to research the topic by accessing multiple technical papers extracted from the IEEE database and network conferences reviews and to analyze and expose their findings. This report utilizes this vii information to elaborate on how network engineers are handling the challenges of keeping the Internet functional while supporting dynamic requirements. This report exposes the challenges the Internet is facing with scalability, the existence of debugging tools, security, mobility, reliability, and quality of service. It is explained in brief how each of these challenges are affecting the Internet and the strategies in place to vanquish them. The final objectives are to inform the reader of how the Internet is working with a set of ever changing and growing requirements, give an overview of the multiple institutions dedicated to reinforcing the Internet and provide a list of current challenges and the actions being taken to overcome them.