Secret Key Agreement without Public-Key Cryptography

Secret Key Agreement without Public-Key Cryptography

Access: Use of this item is restricted to the UNT Community.
Date: August 2003
Creator: Surapaneni, Smitha
Description: Secure communication is the primary challenge in today's information network. In this project an efficient secret key agreement protocol is described and analyzed along with the other existing protocols. We focus primarily on Leighton and Micali's secret-key agreement without the use of public-key encryption techniques. The Leighton-Micali protocol is extremely efficient when implemented in software and has significant advantages over existing systems like Kerberos. In this method the secret keys are agreed upon using a trusted third party known as the trusted agent. The trusted agent generates the keys and writes them to a public directory before it goes offline. The communicating entities can retrieve the keys either from the online trusted agent or from the public directory service and agree upon a symmetric-key without any public-key procedures. The principal advantage of this method is that the user verifies the authenticity of the trusted agent before using the keys generated by it. The Leighton-Micali scheme is not vulnerable to the present day attacks like fabrication, modification or denial of service etc. The Leighton-Micali protocol can be employed in real-time systems like smart cards. In addition to the security properties and the simplicity of the protocol, our experiments show that in ...
Contributing Partner: UNT Libraries
Automated defense against worm propagation.

Automated defense against worm propagation.

Access: Use of this item is restricted to the UNT Community.
Date: December 2005
Creator: Patwardhan, Sudeep
Description: Worms have caused significant destruction over the last few years. Network security elements such as firewalls, IDS, etc have been ineffective against worms. Some worms are so fast that a manual intervention is not possible. This brings in the need for a stronger security architecture which can automatically react to stop worm propagation. The method has to be signature independent so that it can stop new worms. In this thesis, an automated defense system (ADS) is developed to automate defense against worms and contain the worm to a level where manual intervention is possible. This is accomplished with a two level architecture with feedback at each level. The inner loop is based on control system theory and uses the properties of PID (proportional, integral and differential controller). The outer loop works at the network level and stops the worm to reach its spread saturation point. In our lab setup, we verified that with only inner loop active the worm was delayed, and with both loops active we were able to restrict the propagation to 10% of the targeted hosts. One concern for deployment of a worm containment mechanism was degradation of throughput for legitimate traffic. We found that with proper ...
Contributing Partner: UNT Libraries
System and Methods for Detecting Unwanted Voice Calls

System and Methods for Detecting Unwanted Voice Calls

Date: December 2007
Creator: Kolan, Prakash
Description: Voice over IP (VoIP) is a key enabling technology for the migration of circuit-switched PSTN architectures to packet-based IP networks. However, this migration is successful only if the present problems in IP networks are addressed before deploying VoIP infrastructure on a large scale. One of the important issues that the present VoIP networks face is the problem of unwanted calls commonly referred to as SPIT (spam over Internet telephony). Mostly, these SPIT calls are from unknown callers who broadcast unwanted calls. There may be unwanted calls from legitimate and known people too. In this case, the unwantedness depends on social proximity of the communicating parties. For detecting these unwanted calls, I propose a framework that analyzes incoming calls for unwanted behavior. The framework includes a VoIP spam detector (VSD) that analyzes incoming VoIP calls for spam behavior using trust and reputation techniques. The framework also includes a nuisance detector (ND) that proactively infers the nuisance (or reluctance of the end user) to receive incoming calls. This inference is based on past mutual behavior between the calling and the called party (i.e., caller and callee), the callee's presence (mood or state of mind) and tolerance in receiving voice calls from the ...
Contributing Partner: UNT Libraries
A Multi-Variate Analysis of SMTP Paths and Relays to Restrict Spam and Phishing Attacks in Emails

A Multi-Variate Analysis of SMTP Paths and Relays to Restrict Spam and Phishing Attacks in Emails

Access: Use of this item is restricted to the UNT Community.
Date: December 2006
Creator: Palla, Srikanth
Description: The classifier discussed in this thesis considers the path traversed by an email (instead of its content) and reputation of the relays, features inaccessible to spammers. Groups of spammers and individual behaviors of a spammer in a given domain were analyzed to yield association patterns, which were then used to identify similar spammers. Unsolicited and phishing emails were successfully isolated from legitimate emails, using analysis results. Spammers and phishers are also categorized into serial spammers/phishers, recent spammers/phishers, prospective spammers/phishers, and suspects. Legitimate emails and trusted domains are classified into socially close (family members, friends), socially distinct (strangers etc), and opt-outs (resolved false positives and false negatives). Overall this classifier resulted in far less false positives when compared to current filters like SpamAssassin, achieving a 98.65% precision, which is well comparable to the precisions achieved by SPF, DNSRBL blacklists.
Contributing Partner: UNT Libraries
The Feasibility of Multicasting in RMI

The Feasibility of Multicasting in RMI

Date: May 2003
Creator: Ujjinihavildar, Vinay
Description: Due to the growing need of the Internet and networking technologies, simple, powerful, easily maintained distributed applications needed to be developed. These kinds of applications can benefit greatly from distributed computing concepts. Despite its powerful mechanisms, Jini has yet to be accepted in mainstream Java development. Until that happens, we need to find better Remote Method Invocation (RMI) solutions. Feasibility of implementation of Multicasting in RMI is worked in this paper. Multicasting capability can be used in RMI using Jini-like technique. Support of Multicast over Unicast reference layer is also studied. A piece of code explaining how it can be done, is added.
Contributing Partner: UNT Libraries
The Multipath Fault-Tolerant Protocol for Routing in Packet-Switched Communication Network

The Multipath Fault-Tolerant Protocol for Routing in Packet-Switched Communication Network

Date: May 2003
Creator: Krishnan, Anupama
Description: In order to provide improved service quality to applications, networks need to address the need for reliability of data delivery. Reliability can be improved by incorporating fault tolerance into network routing, wherein a set of multiple routes are used for routing between a given source and destination. This thesis proposes a new fault-tolerant protocol, called the Multipath Fault Tolerant Protocol for Routing (MFTPR), to improve the reliability of network routing services. The protocol is based on a multipath discovery algorithm, the Quasi-Shortest Multipath (QSMP), and is designed to work in conjunction with the routing protocol employed by the network. MFTPR improves upon the QSMP algorithm by finding more routes than QSMP, and also provides for maintenance of these routes in the event of failure of network components. In order to evaluate the resilience of a pair of paths to failure, this thesis proposes metrics that evaluate the non-disjointness of a pair of paths and measure the probability of simultaneous failure of these paths. The performance of MFTPR to find alternate routes based on these metrics is analyzed through simulation.
Contributing Partner: UNT Libraries
Security problems in 802.11 wireless networks standard due to the inefficiency of wired equivalent privacy protocol.

Security problems in 802.11 wireless networks standard due to the inefficiency of wired equivalent privacy protocol.

Date: May 2003
Creator: Samanthapudi, Varma
Description: Due to the rapid growth of wireless networking, the fallible security issues of the 802.11 standard have come under close scrutiny. Nowadays most of the organizations are eager to setup wireless local area networks to reduce the hassles of limited mobility provided by conventional wired network. There are serious security issues that need to be sorted out before everyone is willing to transmit valuable corporate information on a wireless network. This report documents the inherent flaws in wired equivalent privacy protocol used by the 802.11 standard and the ensuing security breaches that can occur to a wireless network due to these flaws. The solutions suggested in this report might not actually make the 802.11 standard secure, but will surely help in the lead up to a secure wireless network standard.
Contributing Partner: UNT Libraries
Dynamic Grid-Based Data Distribution Management in Large Scale Distributed Simulations

Dynamic Grid-Based Data Distribution Management in Large Scale Distributed Simulations

Date: December 2000
Creator: Roy, Amber Joyce
Description: Distributed simulation is an enabling concept to support the networked interaction of models and real world elements that are geographically distributed. This technology has brought a new set of challenging problems to solve, such as Data Distribution Management (DDM). The aim of DDM is to limit and control the volume of the data exchanged during a distributed simulation, and reduce the processing requirements of the simulation hosts by relaying events and state information only to those applications that require them. In this thesis, we propose a new DDM scheme, which we refer to as dynamic grid-based DDM. A lightweight UNT-RTI has been developed and implemented to investigate the performance of our DDM scheme. Our results clearly indicate that our scheme is scalable and it significantly reduces both the number of multicast groups used, and the message overhead, when compared to previous grid-based allocation schemes using large-scale and real-world scenarios.
Contributing Partner: UNT Libraries
Mobile agent security through multi-agent cryptographic protocols.

Mobile agent security through multi-agent cryptographic protocols.

Date: May 2004
Creator: Xu, Ke
Description: An increasingly promising and widespread topic of research in distributed computing is the mobile agent paradigm: code travelling and performing computations on remote hosts in an autonomous manner. One of the biggest challenges faced by this new paradigm is security. The issue of protecting sensitive code and data carried by a mobile agent against tampering from a malicious host is particularly hard but important. Based on secure multi-party computation, a recent research direction shows the feasibility of a software-only solution to this problem, which had been deemed impossible by some researchers previously. The best result prior to this dissertation is a single-agent protocol which requires the participation of a trusted third party. Our research employs multi-agent protocols to eliminate the trusted third party, resulting in a protocol with minimum trust assumptions. This dissertation presents one of the first formal definitions of secure mobile agent computation, in which the privacy and integrity of the agent code and data as well as the data provided by the host are all protected. We present secure protocols for mobile agent computation against static, semi-honest or malicious adversaries without relying on any third party or trusting any specific participant in the system. The security of ...
Contributing Partner: UNT Libraries
Flexible Digital Authentication Techniques

Flexible Digital Authentication Techniques

Date: May 2006
Creator: Ge, He
Description: Abstract This dissertation investigates authentication techniques in some emerging areas. Specifically, authentication schemes have been proposed that are well-suited for embedded systems, and privacy-respecting pay Web sites. With embedded systems, a person could own several devices which are capable of communication and interaction, but these devices use embedded processors whose computational capabilities are limited as compared to desktop computers. Examples of this scenario include entertainment devices or appliances owned by a consumer, multiple control and sensor systems in an automobile or airplane, and environmental controls in a building. An efficient public key cryptosystem has been devised, which provides a complete solution to an embedded system, including protocols for authentication, authenticated key exchange, encryption, and revocation. The new construction is especially suitable for the devices with constrained computing capabilities and resources. Compared with other available authentication schemes, such as X.509, identity-based encryption, etc, the new construction provides unique features such as simplicity, efficiency, forward secrecy, and an efficient re-keying mechanism. In the application scenario for a pay Web site, users may be sensitive about their privacy, and do not wish their behaviors to be tracked by Web sites. Thus, an anonymous authentication scheme is desirable in this case. That is, a ...
Contributing Partner: UNT Libraries
FIRST PREV 1 2 3 4 NEXT LAST