Maxima a model for constructing an online identity model of a user using identity fragments
- Authors: Blauw, Frans Frederik
- Date: 2020
- Subjects: Computers - Access control , Computer security , Cryptography
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/458379 , uj:40712
- Description: Abstract: Please refer to full text to view abstract. , Ph.D. (Computer Science)
- Full Text:
- Authors: Blauw, Frans Frederik
- Date: 2020
- Subjects: Computers - Access control , Computer security , Cryptography
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/458379 , uj:40712
- Description: Abstract: Please refer to full text to view abstract. , Ph.D. (Computer Science)
- Full Text:
Perception and determinism theories for communicating information systems security policies
- Authors: Rantao, Tsholofelo
- Date: 2020
- Subjects: Computer security , Information storage and retrieval systems - Security measures , Data protection
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/422244 , uj:36025
- Description: Abstract: Information security breaches are one of the fastest growing challenges faced by businesses in the world. The pace and progression of cybercrime exceeds most corporate’s security capability. That is why companies cannot rely on security technology only; however, employees also need to be involved. The goal of the study is to predict the relationship between communication factors and information security compliance. Media synchronicity theory is used due to its perceived effectiveness in promoting shared behaviour among people that work in the same environment. Communication theory and media richness theory were also included to support the model. These theories are combined into a framework called Miscellany of Perception and Determinism. Ten factors are extracted from this framework to test the relationship between communication and information security compliance in organisations. adopts a positivist deductive stance and generates hypotheses derived from a miscellany of communication theories. The positivist paradigm informs the data collection method and the development of the questionnaire. The Miscellany of Perception and Determinism Framework shows that there is a significant relationship between the dependent variable: Information security compliance and independent variables: Communication factors; Media Appropriateness; Reason for Communication; Non-conflicting Interpretations; Feedback Immediacy; and Personal Focus. The findings show that personal focus; non-conflicting interpretations; feedback immediacy; media appropriateness; and the reason for communication explain 61.3% of information security compliance. The study is at the forefront of linking important aspects within information security compliance and communication alike. This is ground-breaking research that was able to predict how policies can effectively be communicated. The results emphasise the necessity of adopting a comprehensive approach to using factors to communicate IS (information security) policy compliance. The implications of these findings are that communication mediums used by organisations are isolated in that they do not consider user experience for promoting understanding, and this leads to low security compliance behaviour. Once communication of policy is articulated effectively using the correct mediums, organisations will be able to be mindful of employee perception towards security strategies, which contributes to improving security compliance... , M.Com. (Information Technology Management)
- Full Text:
- Authors: Rantao, Tsholofelo
- Date: 2020
- Subjects: Computer security , Information storage and retrieval systems - Security measures , Data protection
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/422244 , uj:36025
- Description: Abstract: Information security breaches are one of the fastest growing challenges faced by businesses in the world. The pace and progression of cybercrime exceeds most corporate’s security capability. That is why companies cannot rely on security technology only; however, employees also need to be involved. The goal of the study is to predict the relationship between communication factors and information security compliance. Media synchronicity theory is used due to its perceived effectiveness in promoting shared behaviour among people that work in the same environment. Communication theory and media richness theory were also included to support the model. These theories are combined into a framework called Miscellany of Perception and Determinism. Ten factors are extracted from this framework to test the relationship between communication and information security compliance in organisations. adopts a positivist deductive stance and generates hypotheses derived from a miscellany of communication theories. The positivist paradigm informs the data collection method and the development of the questionnaire. The Miscellany of Perception and Determinism Framework shows that there is a significant relationship between the dependent variable: Information security compliance and independent variables: Communication factors; Media Appropriateness; Reason for Communication; Non-conflicting Interpretations; Feedback Immediacy; and Personal Focus. The findings show that personal focus; non-conflicting interpretations; feedback immediacy; media appropriateness; and the reason for communication explain 61.3% of information security compliance. The study is at the forefront of linking important aspects within information security compliance and communication alike. This is ground-breaking research that was able to predict how policies can effectively be communicated. The results emphasise the necessity of adopting a comprehensive approach to using factors to communicate IS (information security) policy compliance. The implications of these findings are that communication mediums used by organisations are isolated in that they do not consider user experience for promoting understanding, and this leads to low security compliance behaviour. Once communication of policy is articulated effectively using the correct mediums, organisations will be able to be mindful of employee perception towards security strategies, which contributes to improving security compliance... , M.Com. (Information Technology Management)
- Full Text:
Exigencies of Computer System failure situations : influence on Information Security behaviour
- Authors: Van den Bergh, Maureen
- Date: 2019
- Subjects: Information technology - Management , Computer system failures , Computer security
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/422312 , uj:36033
- Description: Abstract: In the technology-people-management chain, people are predominantly identified as the weakest link in properly securing information systems. Previous information security studies pursued an understanding of information security behaviour by investigating internal and external factors influencing such behaviour. With some information security studies placing great significance on the role of the situation, an external factor, when investigating human behaviour. Psychological Situationism research emphasises that behaviour is shaped mainly by the exigencies of a particular situation. An examination of information security literature indicated that the exigencies of computer system failure situations had not been explored as an external factor in influencing information security behaviour. Computer system failure situations are perceived by employees as crises that interrupt or prevent them from performing their everyday tasks. Irrespective of the technological failure, employees still need to get the job done. Because the situation and its exigencies are influential in determining and shaping behaviour, it has the potential to negatively influence employee information security behaviour. Insecure employee behaviour could cause negative outcomes for organisations, such as financial loss and damage to reputation. .. , Ph.D. (Applied Information Systems)
- Full Text:
- Authors: Van den Bergh, Maureen
- Date: 2019
- Subjects: Information technology - Management , Computer system failures , Computer security
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/422312 , uj:36033
- Description: Abstract: In the technology-people-management chain, people are predominantly identified as the weakest link in properly securing information systems. Previous information security studies pursued an understanding of information security behaviour by investigating internal and external factors influencing such behaviour. With some information security studies placing great significance on the role of the situation, an external factor, when investigating human behaviour. Psychological Situationism research emphasises that behaviour is shaped mainly by the exigencies of a particular situation. An examination of information security literature indicated that the exigencies of computer system failure situations had not been explored as an external factor in influencing information security behaviour. Computer system failure situations are perceived by employees as crises that interrupt or prevent them from performing their everyday tasks. Irrespective of the technological failure, employees still need to get the job done. Because the situation and its exigencies are influential in determining and shaping behaviour, it has the potential to negatively influence employee information security behaviour. Insecure employee behaviour could cause negative outcomes for organisations, such as financial loss and damage to reputation. .. , Ph.D. (Applied Information Systems)
- Full Text:
CESIMAS : a continual evaluative self-aware immune-inspired multi agent critical information infrastructure protection system
- Authors: Van Niekerk, Jan Hendrik
- Date: 2018
- Subjects: Multiagent systems , Artificial immune systems , Ambient intelligence , Computer security , Data protection
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/292808 , uj:31826
- Description: Abstract: Organisations have become more reliant on electronic assets in recent years, as a shift in focus has driven organisations to make extensive use of Critical Information Infrastructure (CII) to drive various business activities. While there has been a significant paradigm shift during this transition, most organisations have failed to ensure that sufficient security mechanisms are put in place to protect the organisation and their CII from exploitation. Typically, these organisations employ conventional security mechanisms such as a firewall, proxy or anti-virus software, but these approaches are fallible. An organisation can simply not afford to have its CII exploited, as this results in reputational and financial losses. Every single organisation should define their appetite for risk by performing a Risk Value Assessment. (RVA). Unfortunately, it is impossible for an organisation to protect its CII against every possible threat, as threats are polymorphic and dynamic in nature. The research proposes a hybrid approach towards improving the Critical Information Infrastructure Protection (CIIP) capabilities within an organisation. The Continual Evaluative Self-aware Immune-inspired Multi Agent Critical Information Infrastructure Protection System (CESIMAS) utilises various concepts and ideal analogies from the research fields of Multi Agent Systems, Artificial Immune Systems, Self-awareness, and Ambient Intelligence to propose a hybrid virtualised metaphysical model. The CESIMAS model utilises various sub-systems and agent types to establish an automated, self-sufficient and self-regulatory eco-system whereby the agents in the model effectively and efficiently attempt to provide an improved CIIP capability within an organisation’s Critical Information Infrastructure. The CESIMAS model contributes a virtualised meta-physical model, which illustrates how an Ambient Intelligence-based approach can be implemented and modelled to potentially improve the level of CIIP within an organisation. The CESIMAS model proposes and contributes a more efficient and effective agent generation process, parts of which are utilised to improve immune-inspired detection techniques within the model. The model establishes a hybrid approach to self-set maintenance and immune-inspired detection techniques, whilst reducing the computational penalties and constraints. , Ph.D. (Computer Science)
- Full Text:
- Authors: Van Niekerk, Jan Hendrik
- Date: 2018
- Subjects: Multiagent systems , Artificial immune systems , Ambient intelligence , Computer security , Data protection
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/292808 , uj:31826
- Description: Abstract: Organisations have become more reliant on electronic assets in recent years, as a shift in focus has driven organisations to make extensive use of Critical Information Infrastructure (CII) to drive various business activities. While there has been a significant paradigm shift during this transition, most organisations have failed to ensure that sufficient security mechanisms are put in place to protect the organisation and their CII from exploitation. Typically, these organisations employ conventional security mechanisms such as a firewall, proxy or anti-virus software, but these approaches are fallible. An organisation can simply not afford to have its CII exploited, as this results in reputational and financial losses. Every single organisation should define their appetite for risk by performing a Risk Value Assessment. (RVA). Unfortunately, it is impossible for an organisation to protect its CII against every possible threat, as threats are polymorphic and dynamic in nature. The research proposes a hybrid approach towards improving the Critical Information Infrastructure Protection (CIIP) capabilities within an organisation. The Continual Evaluative Self-aware Immune-inspired Multi Agent Critical Information Infrastructure Protection System (CESIMAS) utilises various concepts and ideal analogies from the research fields of Multi Agent Systems, Artificial Immune Systems, Self-awareness, and Ambient Intelligence to propose a hybrid virtualised metaphysical model. The CESIMAS model utilises various sub-systems and agent types to establish an automated, self-sufficient and self-regulatory eco-system whereby the agents in the model effectively and efficiently attempt to provide an improved CIIP capability within an organisation’s Critical Information Infrastructure. The CESIMAS model contributes a virtualised meta-physical model, which illustrates how an Ambient Intelligence-based approach can be implemented and modelled to potentially improve the level of CIIP within an organisation. The CESIMAS model proposes and contributes a more efficient and effective agent generation process, parts of which are utilised to improve immune-inspired detection techniques within the model. The model establishes a hybrid approach to self-set maintenance and immune-inspired detection techniques, whilst reducing the computational penalties and constraints. , Ph.D. (Computer Science)
- Full Text:
Smart card byte code identification using power electromagnetic radiations analysis and machine learning
- Authors: Djonon Tsague, Hippolyte
- Date: 2018
- Subjects: Embedded computer systems - Security measures , Smart cards - Security measures , Computer security , Data protection , Data encryption (Computer science)
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/286050 , uj:30945
- Description: D.Ing. (Electrical Engineering) , Abstract: Power Analysis or Side-Channel Attack aimed at embedded systems such as smart cards has gained momentum to become a very important and well-studied area in computer security. Side-channels are unwanted and exploitable by-products information leaked from cryptographic devices that an attacker or a hacker can utilize to reveal secret information stored or processed by those devices. In most instances it is easier to acquire the secret keys hidden in cryptographic hardware from such techniques than to attempt to break the cryptographic algorithm. One such side-channel attack is the electromagnetic side-channel attack, giving rise to electromagnetic analysis (EMA). In this thesis, we take a different approach towards side-channels. Instead of exploiting side-channel to derive cryptographic keys, we present techniques, algorithms and use-cases to identify instruction-dependent information from smart card code by analyzing their electromagnetic emanation and power consumption. This has resulted in the so-called side-channel disassembler offering new applications or uses that were not previously explored in the embedded design. Although the idea of recognizing executed micro-controller instructions using side-channel analysis is not new, previous implementations reported in available literature did not yield good enough accuracy to be relevant for practical applications. Our first use-case presents the practical results of a real-life smart card malware detection. We present an implementation consisting of reconstructing a malware program executed on a smart card device using the emanated electromagnetic radiation only. This is useful in the sense that it allows network engineers to immediately detect the presence of the Sykipot malware in a smart card environment almost instantaneously. It has been demonstrated that it takes approximately 229 days for network engineers to detect a malware attack. So this implementation goes a long way towards improving such statistics. Our solution makes use of machine learning techniques applied to data involving a substantial number of correlated variables. To effectively reduce the number of variable under consideration, we use dimension reduction algorithms such as PCA and LDA. K-Nearest neighbor (k-NN) search is applied as a learning and classification technique to recognize and detect malware presence in the device. Genetic Algorithms are further applied to improve some of the k-NN limitations and shortcomings. Our implementation shows very promising results in the sense that our malware detection tool produced a recognition rate of up to 90%. The second use-case analyzes the recorded power consumption of a micro-controller to extract Hamming weights of executed instructions including operands. These Hamming weights are transformed into strings that can be used to overcome the popular dummy instruction countermeasure. Although the presented technique is only applied to the dummy and random instruction countermeasure, a similar approach can be applied to other variants of side-channel countermeasures. Such findings highlight the fact that most available countermeasures can easily be overcome. As a contribution toward building more effective countermeasures to side-channel analysis, we proposed three techniques with their simulated results. The first technique relies on mathematical equations for modeling the performance trade-offs of logic circuits. Using such equations, effective models for leakage reduction in CMOS are easily deduced. Among other, it is argued and demonstrated that the use of high dielectric constant can be a very effective technique for reducing CMOS leakages. In the second proposition, we highlight the use of strained-Si in CMOS device fabrication. In our proposition, the emphasis is on mobility enhancement as a result of strain. The study is carried out...
- Full Text:
- Authors: Djonon Tsague, Hippolyte
- Date: 2018
- Subjects: Embedded computer systems - Security measures , Smart cards - Security measures , Computer security , Data protection , Data encryption (Computer science)
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/286050 , uj:30945
- Description: D.Ing. (Electrical Engineering) , Abstract: Power Analysis or Side-Channel Attack aimed at embedded systems such as smart cards has gained momentum to become a very important and well-studied area in computer security. Side-channels are unwanted and exploitable by-products information leaked from cryptographic devices that an attacker or a hacker can utilize to reveal secret information stored or processed by those devices. In most instances it is easier to acquire the secret keys hidden in cryptographic hardware from such techniques than to attempt to break the cryptographic algorithm. One such side-channel attack is the electromagnetic side-channel attack, giving rise to electromagnetic analysis (EMA). In this thesis, we take a different approach towards side-channels. Instead of exploiting side-channel to derive cryptographic keys, we present techniques, algorithms and use-cases to identify instruction-dependent information from smart card code by analyzing their electromagnetic emanation and power consumption. This has resulted in the so-called side-channel disassembler offering new applications or uses that were not previously explored in the embedded design. Although the idea of recognizing executed micro-controller instructions using side-channel analysis is not new, previous implementations reported in available literature did not yield good enough accuracy to be relevant for practical applications. Our first use-case presents the practical results of a real-life smart card malware detection. We present an implementation consisting of reconstructing a malware program executed on a smart card device using the emanated electromagnetic radiation only. This is useful in the sense that it allows network engineers to immediately detect the presence of the Sykipot malware in a smart card environment almost instantaneously. It has been demonstrated that it takes approximately 229 days for network engineers to detect a malware attack. So this implementation goes a long way towards improving such statistics. Our solution makes use of machine learning techniques applied to data involving a substantial number of correlated variables. To effectively reduce the number of variable under consideration, we use dimension reduction algorithms such as PCA and LDA. K-Nearest neighbor (k-NN) search is applied as a learning and classification technique to recognize and detect malware presence in the device. Genetic Algorithms are further applied to improve some of the k-NN limitations and shortcomings. Our implementation shows very promising results in the sense that our malware detection tool produced a recognition rate of up to 90%. The second use-case analyzes the recorded power consumption of a micro-controller to extract Hamming weights of executed instructions including operands. These Hamming weights are transformed into strings that can be used to overcome the popular dummy instruction countermeasure. Although the presented technique is only applied to the dummy and random instruction countermeasure, a similar approach can be applied to other variants of side-channel countermeasures. Such findings highlight the fact that most available countermeasures can easily be overcome. As a contribution toward building more effective countermeasures to side-channel analysis, we proposed three techniques with their simulated results. The first technique relies on mathematical equations for modeling the performance trade-offs of logic circuits. Using such equations, effective models for leakage reduction in CMOS are easily deduced. Among other, it is argued and demonstrated that the use of high dielectric constant can be a very effective technique for reducing CMOS leakages. In the second proposition, we highlight the use of strained-Si in CMOS device fabrication. In our proposition, the emphasis is on mobility enhancement as a result of strain. The study is carried out...
- Full Text:
An architecture for anti-malware protection based on collaboration
- Corregedor, Manuel Rodrigues
- Authors: Corregedor, Manuel Rodrigues
- Date: 2017
- Subjects: Malware (Computer software) - Prevention , Computer networks - Security measures , Computer security , Computer crimes - Prevention
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/243085 , uj:25090
- Description: Ph.D. (Computer Science) , Abstract: Anyone who uses a computer for work or recreational purposes has come across the problem of malware, for example, viruses, worms, trojans, rootkits, adware etc. This is especially the case if the computer is connected to the Internet. A number of security organisations and / or vendors such as the European Union Agency for Network and Information Security (ENISA), Microsoft and McAfee release annual reports that contain statistics on the latest threats. The reports show that malware is a growing problem that needs to be addressed [1][2]. Furthermore, organisations such as AV-Comparatives [3] that conduct independent testing of security software have demonstrated that no anti-virus product guarantees a 100% detection of malware while keeping the false positive rate at zero i.e. benign (safe) files that are detected as malicious. Additionally, it should be noted as per the remarks in the AV-Comparatives report [4], that although some products have 100% detection rates in a test month report it does not mean the products will always protect against all existing and unknown viruses (malware). Therefore, this thesis will address the problem that current anti-malware products do not guarantee a 100% detection and / or prevention of malware. The main objective of this thesis is to create an architecture called Collab-AV that can be used to protect the home user from malware by leveraging the aspect of proactive collaboration between different sources of information and different existing anti-malware vendors thus following a strength in numbers philosophy. In order to achieve this objective the following approach is taken: • The different types of malware threats are identified and discussed • A comprehensive literature study on current and proposed anti-malware techniques is performed • Through the comprehensive literature study, the weaknesses and strengths of each antimalware technique are identified The Collab-AV architecture incorporates the identified strengths while addressing the identified weaknesses through collaboration...
- Full Text:
- Authors: Corregedor, Manuel Rodrigues
- Date: 2017
- Subjects: Malware (Computer software) - Prevention , Computer networks - Security measures , Computer security , Computer crimes - Prevention
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/243085 , uj:25090
- Description: Ph.D. (Computer Science) , Abstract: Anyone who uses a computer for work or recreational purposes has come across the problem of malware, for example, viruses, worms, trojans, rootkits, adware etc. This is especially the case if the computer is connected to the Internet. A number of security organisations and / or vendors such as the European Union Agency for Network and Information Security (ENISA), Microsoft and McAfee release annual reports that contain statistics on the latest threats. The reports show that malware is a growing problem that needs to be addressed [1][2]. Furthermore, organisations such as AV-Comparatives [3] that conduct independent testing of security software have demonstrated that no anti-virus product guarantees a 100% detection of malware while keeping the false positive rate at zero i.e. benign (safe) files that are detected as malicious. Additionally, it should be noted as per the remarks in the AV-Comparatives report [4], that although some products have 100% detection rates in a test month report it does not mean the products will always protect against all existing and unknown viruses (malware). Therefore, this thesis will address the problem that current anti-malware products do not guarantee a 100% detection and / or prevention of malware. The main objective of this thesis is to create an architecture called Collab-AV that can be used to protect the home user from malware by leveraging the aspect of proactive collaboration between different sources of information and different existing anti-malware vendors thus following a strength in numbers philosophy. In order to achieve this objective the following approach is taken: • The different types of malware threats are identified and discussed • A comprehensive literature study on current and proposed anti-malware techniques is performed • Through the comprehensive literature study, the weaknesses and strengths of each antimalware technique are identified The Collab-AV architecture incorporates the identified strengths while addressing the identified weaknesses through collaboration...
- Full Text:
Compliance at velocity within a DevOps environment
- Authors: Abrahams, Muhammad Zaid
- Date: 2017
- Subjects: Information technology - Security measures , Computer software - Development , Data protection , Computer security
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/279418 , uj:30006
- Description: M.Sc. (Informatics) , Abstract: Please refer to full text to view abstract.
- Full Text:
- Authors: Abrahams, Muhammad Zaid
- Date: 2017
- Subjects: Information technology - Security measures , Computer software - Development , Data protection , Computer security
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/279418 , uj:30006
- Description: M.Sc. (Informatics) , Abstract: Please refer to full text to view abstract.
- Full Text:
Network security by preventing DDOS attack using honeypot
- Authors: Selvaraj, Rajalakshmi
- Date: 2017
- Subjects: Computer security , Computer networks - Security measures , Machine learning , Intrusion detection systems (Computer security)
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/263140 , uj:27812
- Description: D.Ing. (Electrical Engineering) , Abstract: Basically, Intrusion Detection System (IDS) is introduced in the modern environment in order to secure the system that works in terms of signature, where they are not fit for recognizing most unidentified attackers. The identification of indistinct attack and interruption is not more supportive to recognize the few sorts of attacks, where interruption dependent attack has turned into a huge task to identify interrupter on the system. An intelligent attacker can get a sensible data and information from the framework only after detecting the shortcomings. Distributed Denial of Service (DDoS) is a main cause over the security and also it turns into a most challenging thread in future. There are such a large number of sorts of Denial of Service (DoS), for example, Smurf, Ping of Death, and Clone attack. Some methodologies are not being effortlessly actualized in the system of genuine enterprises, on account of practically trained framework which is trained by the specimen of malware or profound investigation of packet assessment or relies upon the host-based strategy that requires a major limitation for conservation. The Honeypots are a standout amongst the best techniques to gather the examples of malware thus it is used for investigation and for the determination of attacks. Honeypot is a novel application which comprises of huge energy and conceivable outcomes in the field of security. It helps in compromising the behavior of the attack as well as attackers information. Distributed Denial of Service (DDoS) turns into a main goal in the system as it influences the system at multi-level. This prompts a congestion overhead and wastage of transmission capacity usage. In order to overcome these issues, a roaming virtual...
- Full Text:
- Authors: Selvaraj, Rajalakshmi
- Date: 2017
- Subjects: Computer security , Computer networks - Security measures , Machine learning , Intrusion detection systems (Computer security)
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/263140 , uj:27812
- Description: D.Ing. (Electrical Engineering) , Abstract: Basically, Intrusion Detection System (IDS) is introduced in the modern environment in order to secure the system that works in terms of signature, where they are not fit for recognizing most unidentified attackers. The identification of indistinct attack and interruption is not more supportive to recognize the few sorts of attacks, where interruption dependent attack has turned into a huge task to identify interrupter on the system. An intelligent attacker can get a sensible data and information from the framework only after detecting the shortcomings. Distributed Denial of Service (DDoS) is a main cause over the security and also it turns into a most challenging thread in future. There are such a large number of sorts of Denial of Service (DoS), for example, Smurf, Ping of Death, and Clone attack. Some methodologies are not being effortlessly actualized in the system of genuine enterprises, on account of practically trained framework which is trained by the specimen of malware or profound investigation of packet assessment or relies upon the host-based strategy that requires a major limitation for conservation. The Honeypots are a standout amongst the best techniques to gather the examples of malware thus it is used for investigation and for the determination of attacks. Honeypot is a novel application which comprises of huge energy and conceivable outcomes in the field of security. It helps in compromising the behavior of the attack as well as attackers information. Distributed Denial of Service (DDoS) turns into a main goal in the system as it influences the system at multi-level. This prompts a congestion overhead and wastage of transmission capacity usage. In order to overcome these issues, a roaming virtual...
- Full Text:
Information security awareness in small information technology-dependent business organisations
- Authors: Jordaan, Pierre
- Date: 2015-03-25
- Subjects: Computer security , Internet - Safety measures , Small business - Information technology
- Type: Thesis
- Identifier: uj:13514 , http://hdl.handle.net/10210/13566
- Description: M.A. (Business Management) , Small businesses thrive in the developing economy of South Africa and address the important issue of unemployment and poverty that exist in the country. A large number of these business organisations can be found in the province of Gauteng because of the large and diverse economic contribution the province delivers to the economy of South Africa. With the increased use of technology in the small businesses of Gauteng and South Africa, the risks around cyber-security, information security and other IT-related threats that can harm the businesses increase. As part of the related IT risks comes the information security awareness of the businesses. Research findings show that little to no information security awareness exists in the small IT-dependent business organisations of Gauteng, South Africa. New knowledge has been gained from the information technology uses and information security awareness that exists in small business organisations. This knowledge is specific to the small business organisations of South Africa which places an African context to a global debate of information security awareness.
- Full Text:
- Authors: Jordaan, Pierre
- Date: 2015-03-25
- Subjects: Computer security , Internet - Safety measures , Small business - Information technology
- Type: Thesis
- Identifier: uj:13514 , http://hdl.handle.net/10210/13566
- Description: M.A. (Business Management) , Small businesses thrive in the developing economy of South Africa and address the important issue of unemployment and poverty that exist in the country. A large number of these business organisations can be found in the province of Gauteng because of the large and diverse economic contribution the province delivers to the economy of South Africa. With the increased use of technology in the small businesses of Gauteng and South Africa, the risks around cyber-security, information security and other IT-related threats that can harm the businesses increase. As part of the related IT risks comes the information security awareness of the businesses. Research findings show that little to no information security awareness exists in the small IT-dependent business organisations of Gauteng, South Africa. New knowledge has been gained from the information technology uses and information security awareness that exists in small business organisations. This knowledge is specific to the small business organisations of South Africa which places an African context to a global debate of information security awareness.
- Full Text:
A secure, anonymous, real-time cyber-security information sharing system with respect to critical information infrastructure protection
- Authors: Mohideen, Feroze
- Date: 2015
- Subjects: Computer security , Data protection , Computers - Access control , Cyber intelligence (Computer security) , Supervisory control systems
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/84671 , uj:19250
- Description: Abstract: Please refer to full text to view abstract , M.Sc.
- Full Text:
- Authors: Mohideen, Feroze
- Date: 2015
- Subjects: Computer security , Data protection , Computers - Access control , Cyber intelligence (Computer security) , Supervisory control systems
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/84671 , uj:19250
- Description: Abstract: Please refer to full text to view abstract , M.Sc.
- Full Text:
Alert modeling on supervisory control and data acquisition system with remote terminal unit
- Authors: Dey, A.K.
- Date: 2015
- Subjects: Supervisory control systems , Automatic data collection systems , Computer networks - Security measures , Computer security
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/82632 , uj:18981
- Description: Abstract: Supervisory control and data acquisition (SCADA) systems have evolved over from standalone, compartmentalized operations into networked architectures that communicate across large distances. In addition, their implementations have migrated from custom hardware and software to standard hardware and software platforms. These changes have led to reduced development and operational as well as providing executive management with real-time information that can be used to support planning, supervision, and decision making. For reasons of efficiency, maintenance, data acquisition and control platforms have migrated from isolated in-plant networks security using proprietary hardware and software to Remote Terminal Unit using standard software, network protocols, and the Internet. Control engineering might be absorbed or closely integrated with the corporate software. Integrating SCADA data collection and alert monitoring with corporate customer data provides management with an increased ability to run the organization more efficiently and effectively. This thesis provides a conceptual analysis for the creation of a SCADA network security exploration alert. A framework application using common SCADA network security logic is created to provide a proof of concept. Development of a viable alert system for identifying SCADA network remotely will help improve critical infrastructure security by improving situational awareness for network managers. , M.Eng.
- Full Text:
- Authors: Dey, A.K.
- Date: 2015
- Subjects: Supervisory control systems , Automatic data collection systems , Computer networks - Security measures , Computer security
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/82632 , uj:18981
- Description: Abstract: Supervisory control and data acquisition (SCADA) systems have evolved over from standalone, compartmentalized operations into networked architectures that communicate across large distances. In addition, their implementations have migrated from custom hardware and software to standard hardware and software platforms. These changes have led to reduced development and operational as well as providing executive management with real-time information that can be used to support planning, supervision, and decision making. For reasons of efficiency, maintenance, data acquisition and control platforms have migrated from isolated in-plant networks security using proprietary hardware and software to Remote Terminal Unit using standard software, network protocols, and the Internet. Control engineering might be absorbed or closely integrated with the corporate software. Integrating SCADA data collection and alert monitoring with corporate customer data provides management with an increased ability to run the organization more efficiently and effectively. This thesis provides a conceptual analysis for the creation of a SCADA network security exploration alert. A framework application using common SCADA network security logic is created to provide a proof of concept. Development of a viable alert system for identifying SCADA network remotely will help improve critical infrastructure security by improving situational awareness for network managers. , M.Eng.
- Full Text:
VAIS : a virtual distributed artificial immune system for the protection of critical information infrastructure
- Authors: Bengis, Merrick Kenna
- Date: 2015
- Subjects: Artificial immune systems , Multiagent systems , Computer security , Data protection
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/84369 , uj:19211
- Description: Abstract: Critical Information Infrastructure is an important part of any country’s functioning. It includes most if not all of the country’s important systems and subsystems that allow the country to operate effectively and provide critical services to its citizens. These services comprise important infrastructure such as telecommunications and energy, without which the country would grind to a halt and fall into chaos. The advent and widespread use of the Internet has created a world in which information is made easily accessible worldwide. Much of this information is private however, and needs to be protected from exploitation. Criminals have devised means to circumvent the privacy of information so as to interfere with the information, with the intention of possibly damaging or making this information unavailable. This poses a great threat with regard to the security of Critical Infrastructures, as attacks on these infrastructures may cause significant damage to them. Malware and other threats can be used by criminals to compromise a targeted system in various ways. Critical Information Infrastructure Protection is aimed at the protection of a country’s valuable Critical Infrastructure and must be focused on a comprehensive approach that aims to protect CIs as a single system made up of various smaller subsystems. A possible approach for achieving this protection is the creation of an artificial immune system capable of acting like the biological immune system in terms of detecting potential threats. This AIS would need to make use of various immunological models to detect and deal with unknown threats, and be made up of learning agents capable of adaption and learning, thus allowing the system to react to new threats and remember old ones. The AIS would have to be implemented in a manner allowing it to operate independently of the operating system so that it is itself protected from attacks and infection. In this dissertation, the VAIS model is introduced for the creation of an AIS capable of protecting a computer system from both known and unknown threats. The VAIS model is designed to be deployed across a massively distributed computer system for the protection of critical information infrastructures. The VAIS model is a layered model broken up into three main layers: the Immune Process layer, the Immune Agent layer, and the Distributed Agent Management Network. These three layers are designed to work together to define the basis of creating a distributed AIS, covering all aspects from the definition of the immune processes and functions that will be simulated, to the creation of specifically tasked agents and the management thereof. , M.Sc. (Computer Science)
- Full Text:
- Authors: Bengis, Merrick Kenna
- Date: 2015
- Subjects: Artificial immune systems , Multiagent systems , Computer security , Data protection
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/84369 , uj:19211
- Description: Abstract: Critical Information Infrastructure is an important part of any country’s functioning. It includes most if not all of the country’s important systems and subsystems that allow the country to operate effectively and provide critical services to its citizens. These services comprise important infrastructure such as telecommunications and energy, without which the country would grind to a halt and fall into chaos. The advent and widespread use of the Internet has created a world in which information is made easily accessible worldwide. Much of this information is private however, and needs to be protected from exploitation. Criminals have devised means to circumvent the privacy of information so as to interfere with the information, with the intention of possibly damaging or making this information unavailable. This poses a great threat with regard to the security of Critical Infrastructures, as attacks on these infrastructures may cause significant damage to them. Malware and other threats can be used by criminals to compromise a targeted system in various ways. Critical Information Infrastructure Protection is aimed at the protection of a country’s valuable Critical Infrastructure and must be focused on a comprehensive approach that aims to protect CIs as a single system made up of various smaller subsystems. A possible approach for achieving this protection is the creation of an artificial immune system capable of acting like the biological immune system in terms of detecting potential threats. This AIS would need to make use of various immunological models to detect and deal with unknown threats, and be made up of learning agents capable of adaption and learning, thus allowing the system to react to new threats and remember old ones. The AIS would have to be implemented in a manner allowing it to operate independently of the operating system so that it is itself protected from attacks and infection. In this dissertation, the VAIS model is introduced for the creation of an AIS capable of protecting a computer system from both known and unknown threats. The VAIS model is designed to be deployed across a massively distributed computer system for the protection of critical information infrastructures. The VAIS model is a layered model broken up into three main layers: the Immune Process layer, the Immune Agent layer, and the Distributed Agent Management Network. These three layers are designed to work together to define the basis of creating a distributed AIS, covering all aspects from the definition of the immune processes and functions that will be simulated, to the creation of specifically tasked agents and the management thereof. , M.Sc. (Computer Science)
- Full Text:
'n Model vir inligtingsekerheidsdokumentasie
- Authors: Du Toit, Louisa Maria
- Date: 2014-11-20
- Subjects: Data protection - South Africa , Computer security
- Type: Thesis
- Identifier: uj:13100 , http://hdl.handle.net/10210/12978
- Description: M.Sc. (Informatics) , A need has been identified for guidelines to Top Management on the implementation of an Information Security Policy and its associated documentation. In this dissertation, the Model for Information Security Documentation (lSD-model) for the organisation and content of documentation on information security is proposed. The proposed model is divided into three distinct levels respectively containing the Information Security Policy Document, the Goal Documents and the Application Guideline Documents. A document is placed on the different levels of the ISO-model according to the amount of detailed information it contains and the management level mainly concerned with that document. Guidelines are given regarding the content and format of each of the levels. Particular emphasis is laid on the Information Security Policy Document, which is the highest level, and a number of existing Information Security Policy Documents are evaluated according to the guidelines given for the lSD-model. Finally, a comparison is made between C. C. Wood's guidelines on Information Security Policies and those given for the ISO-model.
- Full Text:
- Authors: Du Toit, Louisa Maria
- Date: 2014-11-20
- Subjects: Data protection - South Africa , Computer security
- Type: Thesis
- Identifier: uj:13100 , http://hdl.handle.net/10210/12978
- Description: M.Sc. (Informatics) , A need has been identified for guidelines to Top Management on the implementation of an Information Security Policy and its associated documentation. In this dissertation, the Model for Information Security Documentation (lSD-model) for the organisation and content of documentation on information security is proposed. The proposed model is divided into three distinct levels respectively containing the Information Security Policy Document, the Goal Documents and the Application Guideline Documents. A document is placed on the different levels of the ISO-model according to the amount of detailed information it contains and the management level mainly concerned with that document. Guidelines are given regarding the content and format of each of the levels. Particular emphasis is laid on the Information Security Policy Document, which is the highest level, and a number of existing Information Security Policy Documents are evaluated according to the guidelines given for the lSD-model. Finally, a comparison is made between C. C. Wood's guidelines on Information Security Policies and those given for the ISO-model.
- Full Text:
Automated secure systems development methodology
- Booysen, Hester Aletta Susanna
- Authors: Booysen, Hester Aletta Susanna
- Date: 2014-11-20
- Subjects: Computers - Access control , Computer security , Data protection
- Type: Thesis
- Identifier: uj:13093 , http://hdl.handle.net/10210/12971
- Description: D.Com. (Informatics) , The complexity of modern computer-based information systems is such that, for all but the simplest of examples, they cannot be produced without a considerable amount of prior planning and preparation. The actual difficulties of trying to design, develop and implement complex computer-based systems have been recognised as early as the seventies. In a bid to deal with what was then referred to as the "software crisis", a number of so- called "methodologies" were advocated. Those methodologies were, in turn, based on a collection of guidelines or methods thanks to which their designers could eventually make the claim that computer systems, and in particular information systems, could be designed and developed with a greater degree of success. By using a clear set of rules, or at least reasonably detailed principles, they could ensure that the various design and development tasks be performed in a methodical, organ ised fashion. Irrespective of the methodologies or guidelines that were adopted or laid down, the developers principal aim was to ensure that all relevant detail about the proposed information systems would be taken into account during the long and often drawn-out design and development process. Unfortunately, many of those methodologies and guidelines date from the early 1970s and, as a result, no longer meet the security requirements and guidelines of today's information systems. It was never attempted under any of those methodolog ies, however, to unriddle the difficulties they had come up against in information security in the domain of system development . Security concerns should however, form an integral part of the planning, development and maintenance of a computer application. Each application system should for example, take the necessary security measures in any given situation.
- Full Text:
- Authors: Booysen, Hester Aletta Susanna
- Date: 2014-11-20
- Subjects: Computers - Access control , Computer security , Data protection
- Type: Thesis
- Identifier: uj:13093 , http://hdl.handle.net/10210/12971
- Description: D.Com. (Informatics) , The complexity of modern computer-based information systems is such that, for all but the simplest of examples, they cannot be produced without a considerable amount of prior planning and preparation. The actual difficulties of trying to design, develop and implement complex computer-based systems have been recognised as early as the seventies. In a bid to deal with what was then referred to as the "software crisis", a number of so- called "methodologies" were advocated. Those methodologies were, in turn, based on a collection of guidelines or methods thanks to which their designers could eventually make the claim that computer systems, and in particular information systems, could be designed and developed with a greater degree of success. By using a clear set of rules, or at least reasonably detailed principles, they could ensure that the various design and development tasks be performed in a methodical, organ ised fashion. Irrespective of the methodologies or guidelines that were adopted or laid down, the developers principal aim was to ensure that all relevant detail about the proposed information systems would be taken into account during the long and often drawn-out design and development process. Unfortunately, many of those methodologies and guidelines date from the early 1970s and, as a result, no longer meet the security requirements and guidelines of today's information systems. It was never attempted under any of those methodolog ies, however, to unriddle the difficulties they had come up against in information security in the domain of system development . Security concerns should however, form an integral part of the planning, development and maintenance of a computer application. Each application system should for example, take the necessary security measures in any given situation.
- Full Text:
Design and implementation of a prototype to include security activities as part of application systems design
- Authors: Kasselman, André
- Date: 2014-11-20
- Subjects: Data protection - South Africa , Computer security
- Type: Thesis
- Identifier: uj:13096 , http://hdl.handle.net/10210/12974
- Description: M.Com. (Information systems) , This study has its origin in the growing need for information systems to be classified as 'secure'. With the increasing use of Computer Aided Software Engineering (CASE) tools in the design of application systems for commercial use, the risks that exist in terms of information security have become more prominent. The importance of considering security during the analysis and design of an information system, in other words, on a logical level, is increasing daily. Usually security features are added to existing application systems on an ad hoc basis. Security design activities should become such an integrated part of systems analysis and design activities on a logical level, that a complete integration of the two fields, security and computer aided software engineering, can be achieved. The aim of this dissertation is to study the literature to discover existing approaches to this integration, and to extract the strengths from them and expand on those strengths in order to compile an approach that is completely implementable in the form of a prototype data flow design tool (DFD tool). The proposed approach to the secure analysis and design of an application system of a logical level, which is presented in Chapter 4, is designed in conjunction with H.A.S. Booysen [Booysen, Kasselman, Eloff - 1994]. Existing CASE-tools have also been studied by the author to determine their current capabilities, especially in terms of security definition activities, but also in terms of their support to the systems analyst during the analysis and design phases of the project life cycle when developing a target application system.
- Full Text:
- Authors: Kasselman, André
- Date: 2014-11-20
- Subjects: Data protection - South Africa , Computer security
- Type: Thesis
- Identifier: uj:13096 , http://hdl.handle.net/10210/12974
- Description: M.Com. (Information systems) , This study has its origin in the growing need for information systems to be classified as 'secure'. With the increasing use of Computer Aided Software Engineering (CASE) tools in the design of application systems for commercial use, the risks that exist in terms of information security have become more prominent. The importance of considering security during the analysis and design of an information system, in other words, on a logical level, is increasing daily. Usually security features are added to existing application systems on an ad hoc basis. Security design activities should become such an integrated part of systems analysis and design activities on a logical level, that a complete integration of the two fields, security and computer aided software engineering, can be achieved. The aim of this dissertation is to study the literature to discover existing approaches to this integration, and to extract the strengths from them and expand on those strengths in order to compile an approach that is completely implementable in the form of a prototype data flow design tool (DFD tool). The proposed approach to the secure analysis and design of an application system of a logical level, which is presented in Chapter 4, is designed in conjunction with H.A.S. Booysen [Booysen, Kasselman, Eloff - 1994]. Existing CASE-tools have also been studied by the author to determine their current capabilities, especially in terms of security definition activities, but also in terms of their support to the systems analyst during the analysis and design phases of the project life cycle when developing a target application system.
- Full Text:
Die integrering van inligtingsekerheid met programmatuuringenieurswese
- Booysen, Hester Aletta Susanna
- Authors: Booysen, Hester Aletta Susanna
- Date: 2014-11-20
- Subjects: Computer security , Software engineering , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:13039 , http://hdl.handle.net/10210/12921
- Description: M.Com. (Informatiks) , Please refer to full text to view abstract
- Full Text:
- Authors: Booysen, Hester Aletta Susanna
- Date: 2014-11-20
- Subjects: Computer security , Software engineering , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:13039 , http://hdl.handle.net/10210/12921
- Description: M.Com. (Informatiks) , Please refer to full text to view abstract
- Full Text:
Die ontwikkeling van 'n kategoriseringsmeganisme vir beheermaatreëls in die veld van rekenaarsekerheid en die koppeling daarvan met standaarde vir beheermaatreëls
- Authors: Bosch, Christiaan Johannes
- Date: 2014-11-20
- Subjects: Computer security , Information technology
- Type: Thesis
- Identifier: uj:13094 , http://hdl.handle.net/10210/12972
- Description: M.Sc. (Informatics) , Please refer to full text to view abstract
- Full Text:
- Authors: Bosch, Christiaan Johannes
- Date: 2014-11-20
- Subjects: Computer security , Information technology
- Type: Thesis
- Identifier: uj:13094 , http://hdl.handle.net/10210/12972
- Description: M.Sc. (Informatics) , Please refer to full text to view abstract
- Full Text:
Diskresionêre sekerheid in objek georiënteerde omgewings
- Jansen van Rensburg, Philipina Wilhelmina
- Authors: Jansen van Rensburg, Philipina Wilhelmina
- Date: 2014-11-20
- Subjects: Computer security
- Type: Thesis
- Identifier: http://ujcontent.uj.ac.za8080/10210/390861 , uj:13095 , http://hdl.handle.net/10210/12973
- Description: M.Sc (Computer Science) , Please refer to full text to view abstract
- Full Text:
- Authors: Jansen van Rensburg, Philipina Wilhelmina
- Date: 2014-11-20
- Subjects: Computer security
- Type: Thesis
- Identifier: http://ujcontent.uj.ac.za8080/10210/390861 , uj:13095 , http://hdl.handle.net/10210/12973
- Description: M.Sc (Computer Science) , Please refer to full text to view abstract
- Full Text:
Sekerheid in elektroniese data-uitruiling
- Authors: Du Toit, Johannes Hendrik
- Date: 2014-11-17
- Subjects: Electronic data interchange , Computer security , Data protection
- Type: Thesis
- Identifier: uj:12838 , http://hdl.handle.net/10210/12727
- Description: M.Sc. (Computer Science) , Please refer to full text to view abstract
- Full Text:
- Authors: Du Toit, Johannes Hendrik
- Date: 2014-11-17
- Subjects: Electronic data interchange , Computer security , Data protection
- Type: Thesis
- Identifier: uj:12838 , http://hdl.handle.net/10210/12727
- Description: M.Sc. (Computer Science) , Please refer to full text to view abstract
- Full Text:
The computer incident response framework (CIRF)
- Authors: Pieterse, Theron Anton
- Date: 2014-10-10
- Subjects: Information technology - Security measures , Computer networks - Security measures , Risk management , Computer security
- Type: Thesis
- Identifier: http://ujcontent.uj.ac.za8080/10210/369666 , uj:12577 , http://hdl.handle.net/10210/12368
- Description: M.Com. (Informatics) , A company’s valuable information assets face many risks from internal and external sources. When these risks are exploited and reports on information assets are made public, it is usually easy to determine which companies had a contingency plan to deal with the various aspects of these “computer incidents”. This study incorporates important factors of computer incidents into a framework which will assists the company in effectively dealing and managing computer incidents when they occur.
- Full Text:
- Authors: Pieterse, Theron Anton
- Date: 2014-10-10
- Subjects: Information technology - Security measures , Computer networks - Security measures , Risk management , Computer security
- Type: Thesis
- Identifier: http://ujcontent.uj.ac.za8080/10210/369666 , uj:12577 , http://hdl.handle.net/10210/12368
- Description: M.Com. (Informatics) , A company’s valuable information assets face many risks from internal and external sources. When these risks are exploited and reports on information assets are made public, it is usually easy to determine which companies had a contingency plan to deal with the various aspects of these “computer incidents”. This study incorporates important factors of computer incidents into a framework which will assists the company in effectively dealing and managing computer incidents when they occur.
- Full Text: