Showing items 1 - 7 of 7

Your selections:

Securing host and application information in the TCP/IP protocol suite

  • Authors: Boshoff, Paul Marthinus
  • Date: 2012-08-14
  • Subjects: TCP/IP (Computer network protocol) , Computer networks , Computer networks -- Security measures , Data encryption (Computer science)
  • Type: Thesis
  • Identifier: uj:9224 , http://hdl.handle.net/10210/5673
  • Description: M.Sc. , Using the Internet for communication purposes constitutes a high risk, considering the security of such information. The protocol suite used on the Internet is the TCP/IP protocol suite, which consists of the Transmission Control Protocol (TCP) and the Internet Protocol (IP). In a bid to create a basis to support the newly conceptualised ideas, various areas of networking are briefly discussed in this dissertation. The first in this series of areas is that of the OSI layers. This model forms the basis of all networking concepts. The model describes seven layers, of which each performs a certain networking function. The TCP/IP protocol suite fits into this model. Network security and encryption methods are applied and followed to secure information on the Internet. These methods have been used over a long period of time and will also be used to support the newly conceptualised ideas. The main focus of this dissertation falls on the securing of certain parts of the information contained in the headers of both the Transmission Control Protocol (TCP) and the Internet Protocol (IP) in a bid to minimise the amount of data that may be inferred about the communicating parties from these headers. In addition, where multiple routes exist between hosts, the possibility of the deliberate distribution of a single message across these routes is examined. Such distribution will further complicate the task of a hacker attempting to gather information from TCP and IP headers. In addition, such distribution will minimise the possibility that a hacker may assemble a complete message from its constituent parts and that he/she may infer information about the message that cannot be inferred from the isolated parts. The length of a message sent between hosts is one simple example of such information.
  • Full Text:

Encryption technology to address validity in transactions using the GII

  • Authors: Gerber, Anton Hendrik
  • Date: 2012-09-05
  • Subjects: Data encryption (Computer science) , Internet -- Security measures , Electronic commerce , Electronic data interchange , Data protection , Computer security
  • Type: Mini-Dissertation
  • Identifier: uj:3604 , http://hdl.handle.net/10210/6984
  • Description: M.Comm. , The development of electronic commerce resulted in the development of EDI and the use of the Internet to transact these data. This led to the question of whether a security technology existed that could ensure the validity and integrity of transactions. The development of the GII which will not only be used for EDI and other financial transactions, but also in the medical and educational fields, has emphasised this concern of business. Encryption is one of the technologies available which can ensure the validity of transaction during transmission and even during storage. Cryptology entails the encoding and decoding of transaction data before and after transmission through the use of secret and public keys. The following questions should be addressed: The most cost effective solution to business' security concerns; The legal and regulatory issues concerning privacy; Transmission of keys through digital and electronic media resulting in the possible breach of security in the keys themselves; Standards and infrastructures which must be agreed upon and implemented to secure the development of the Gll; and Existing internal and external audit methodologies can cater for the audit of the completeness, accuracy, validity and continuity of transactions but the methods and tests to substantiate these objectives will have to change. All of the above points are addressed in the research, except those on the legal and regulatory issues. Each of these points can, however, still be the topic for detailed future research. The objective of this dissertation is to research encryption technology to provide a questionnaire to the auditor ensuring the validity of transactions on the GII. A questionnaire or checklist is presented that could be serve a guideline for auditors when addressing risks in a GII environment.
  • Full Text:

A secure steganographic file system with non-duplicating properties

  • Authors: Ellefsen, Ian David
  • Date: 2012-09-11
  • Subjects: Cryptography , Computer security , Data encryption (Computer science)
  • Type: Thesis
  • Identifier: uj:9972 , http://hdl.handle.net/10210/7367
  • Description: M.Sc. , This dissertation investigates the possibility of a steganographic file system which does not have to duplicate hidden data in order to avoid "collisions" between the hidden and non-hidden data. This will ensure the consistency of the hidden data, and avoid unnecessary data duplication while at the same time providing an acceptable level of information security. The dissertation will critically analyse a number of existing steganographic file systems in order to determine the problems which are faced by this field. These problems will then be addressed, which will allow for the definition of a possible solution. In order to provide a more complete understanding of the implementation discussed in the latter part of this dissertation, a number of background concepts are discussed. This includes a discussion of file systems, cryptography, and steganography, each of which contributes to the body of knowledge required for later chapters. The latter part of this dissertation outlines the Secure Steganographic File System (SSFS). This implementation will attempt to effectively manage the storage of hidden data which is embedded within a host file system. The dissertation will outline how SSFS will allow fragments of hidden data to exist in any physical location on a storage device, while still maintaining a consistent file system structure. The dissertation will then critically analyse the impact of such a system, by examining the impact on the host file system's performance. This will allow the feasibility of such a system to be demonstrated.
  • Full Text:

Differential power analysis of an AES software implementation

Best practice strategy framework for developing countries to secure cyberspace

  • Authors: Jaquire, Victor John
  • Date: 2015-11-12
  • Subjects: Computer networks - Security measures , Data encryption (Computer science) , Cyberspace - Security measures , Cyberterrorism - Prevention , Information warfare - Prevention
  • Type: Thesis
  • Identifier: uj:14558 , http://hdl.handle.net/10210/15091
  • Description: M.Com. (Informatics) , Cyber issues are global phenomena in a world of inter-related systems, and as such, the discussion on cybersecurity frameworks, policies and strategies inevitably requires reference to, and benchmarking with regional, continental and global trends and solutions. This, in the context of the effects of globalisation on developing countries, with specific reference to areas such as Africa as a developing continent with regard to the protection of its cyberspace. More drastic measures, such as the utilization of cyber warfare techniques and pre-emptive cyber strike-teams in addition to traditional cybersecurity mechanisms as an essential part of a national security effort to protect cyberspace has become more prevalent within the developed worlds. Likewise, developing nations need to gear themselves in a structured, coordinated and responsible way in order to do their part to secure their own environments. Cyberspace is a dynamic global environment with cyber related issues being a global concern. Although countries generally regulate their own cyber environment through policy; cross-border cyber issues are difficult to resolve and the lack of international cyber laws impede cybersecurity efforts. Cybercrime and the management of cross-border cyber incidents are becoming a growing national security concern as the lack of effective controls leave critical infrastructure and the cyber-connected environment vulnerable to attack. Some developing countries are on track with the maturity of their cybersecurity initiatives, but appropriate cybersecurity frameworks for many developing countries require careful consideration, especially due to the lack of resources, infrastructure and local technology development capabilities.
  • Full Text:

Smart card byte code identification using power electromagnetic radiations analysis and machine learning

  • Authors: Djonon Tsague, Hippolyte
  • Date: 2018
  • Subjects: Embedded computer systems - Security measures , Smart cards - Security measures , Computer security , Data protection , Data encryption (Computer science)
  • Language: English
  • Type: Doctoral (Thesis)
  • Identifier: http://hdl.handle.net/10210/286050 , uj:30945
  • Description: D.Ing. (Electrical Engineering) , Abstract: Power Analysis or Side-Channel Attack aimed at embedded systems such as smart cards has gained momentum to become a very important and well-studied area in computer security. Side-channels are unwanted and exploitable by-products information leaked from cryptographic devices that an attacker or a hacker can utilize to reveal secret information stored or processed by those devices. In most instances it is easier to acquire the secret keys hidden in cryptographic hardware from such techniques than to attempt to break the cryptographic algorithm. One such side-channel attack is the electromagnetic side-channel attack, giving rise to electromagnetic analysis (EMA). In this thesis, we take a different approach towards side-channels. Instead of exploiting side-channel to derive cryptographic keys, we present techniques, algorithms and use-cases to identify instruction-dependent information from smart card code by analyzing their electromagnetic emanation and power consumption. This has resulted in the so-called side-channel disassembler offering new applications or uses that were not previously explored in the embedded design. Although the idea of recognizing executed micro-controller instructions using side-channel analysis is not new, previous implementations reported in available literature did not yield good enough accuracy to be relevant for practical applications. Our first use-case presents the practical results of a real-life smart card malware detection. We present an implementation consisting of reconstructing a malware program executed on a smart card device using the emanated electromagnetic radiation only. This is useful in the sense that it allows network engineers to immediately detect the presence of the Sykipot malware in a smart card environment almost instantaneously. It has been demonstrated that it takes approximately 229 days for network engineers to detect a malware attack. So this implementation goes a long way towards improving such statistics. Our solution makes use of machine learning techniques applied to data involving a substantial number of correlated variables. To effectively reduce the number of variable under consideration, we use dimension reduction algorithms such as PCA and LDA. K-Nearest neighbor (k-NN) search is applied as a learning and classification technique to recognize and detect malware presence in the device. Genetic Algorithms are further applied to improve some of the k-NN limitations and shortcomings. Our implementation shows very promising results in the sense that our malware detection tool produced a recognition rate of up to 90%. The second use-case analyzes the recorded power consumption of a micro-controller to extract Hamming weights of executed instructions including operands. These Hamming weights are transformed into strings that can be used to overcome the popular dummy instruction countermeasure. Although the presented technique is only applied to the dummy and random instruction countermeasure, a similar approach can be applied to other variants of side-channel countermeasures. Such findings highlight the fact that most available countermeasures can easily be overcome. As a contribution toward building more effective countermeasures to side-channel analysis, we proposed three techniques with their simulated results. The first technique relies on mathematical equations for modeling the performance trade-offs of logic circuits. Using such equations, effective models for leakage reduction in CMOS are easily deduced. Among other, it is argued and demonstrated that the use of high dielectric constant can be a very effective technique for reducing CMOS leakages. In the second proposition, we highlight the use of strained-Si in CMOS device fabrication. In our proposition, the emphasis is on mobility enhancement as a result of strain. The study is carried out...
  • Full Text:

Multi-period portfolio optimization : a differential evolution copula-based approach

  • 1
  • Disclaimer
  • Privacy
  • Copyright
  • Contact