The strategic implications of the current Internet design for cyber security

Thesis (S.M. in Engineering and Management)--Massachusetts Institute of Technology, Engineering Systems Division, System Design and Management Program, 2011.Cataloged from PDF version of thesis.Includes bibliographical references (p. 87-89).In the last two decades, the Internet system has evolved from a collection point of a few networks to a worldwide interconnection of millions of networks and users who connect to transact virtually all kinds of business. The evolved network system is also known as Cyberspace. The use of Cyberspace is now greatly expanded to all fields of human endeavor by far exceeding the original design projection. And even though, the Internet architecture and design has been robust enough to accommodate the extended domains of uses and applications, it has also become a medium used to launch all sorts of Cyber attacks that results into several undesirable consequences to users. This thesis analyzes the current Internet system architecture and design and how their flaws are exploited to launch Cyber attacks; evaluates reports from Internet traffic monitoring activities and research reports from several organizations; provides a mapping of Cyber attacks to Internet architecture and design flaw origin; conducts Internet system stakeholder analysis; derives strategic implications of the impact of Internet system weaknesses on Cyber security; and makes recommendations on the broader issues of developing effective strategies to implement Cyber security in enterprise systems that have increasingly become complex. From a global architectural design perspective, the study conducted demonstrates that although the Internet is a robust design, the lack of any means of authentication on the system is primarily responsible for the host of Cyber security issues and thus has become the bane of the system. Following the analysis, extrapolation of facts and by inferences we conclude that the myriad of Cyber security problems will remain and continue on the current exponential growth path until the Internet and in particular the TCP/IP stack is given the ability to authenticate and that only through a collaborative effort by all stakeholders of the Internet system can the other major Cyber security issues be resolved especially as it relates to envisioning and fashioning new Cyber security centric technologies.by Charles M. Iheagwara.S.M.in Engineering and Managemen

An architecture framework for enhanced wireless sensor network security

This thesis develops an architectural framework to enhance the security of Wireless Sensor Networks (WSNs) and provides the implementation proof through different security countermeasures, which can be used to establish secure WSNs, in a distributed and self-healing manner. Wireless Sensors are used to monitor and control environmental properties such as sound, acceleration, vibration, air pollutants, and temperature. Due to their limited resources in computation capability, memory and energy, their security schemes are susceptible to many kinds of security vulnerabilities. This thesis investigated all possible network attacks on WSNs and at the time of writing, 19 different types of attacks were identified, all of which are discussed including exposures to the attacks, and the impact of those attacks. The author then utilises this work to examine the ZigBee series, which are the new generation of wireless sensor network products with built-in layered security achieved by secure messaging using symmetric cryptography. However, the author was able to uniquely identify several security weaknesses in ZigBee by examining its protocol and launching the possible attacks. It was found that ZigBee is vulnerable to the following attacks, namely: eavesdropping, replay attack, physical tampering and Denial of Services (DoS). The author then provides solutions to improve the ZigBee security through its security schema, including an end-to-end WSN security framework, architecture design and sensor configuration, that can withstand all types of attacks on the WSN and mitigate ZigBee’s WSN security vulnerabilities

Cinemas of Endurance

Cinemas of Endurance begins by questioning the way in which critics and scholars have addressed art cinema over the last decade, specifically the films referred to as “slow cinema.” These films have garnered widespread attention since the start of the 21st century for how they deploy what many believe to be anachronistic and redundant formal techniques, often discussed in terms of nostalgia and pastiche. This dissertation argues that these films have been unfairly couched within this discourse that largely judges their validity based on their stylistic similarities to the art cinema of the 1960s and 1970s. Breaking from this direction, this project proposes we take these films and their aesthetic seriously, not for stubbornly refuting the prevailing formal trends in filmmaking, but for how it creates a critical optic that grants us a greater capacity to recognize some of the most prevailing social, political, and economic issues of the last decade. Further, by using stylistic techniques that can often register as out of place, or protracted, these films can help us to understand the way our physical, mental, and affective coordinates have shifted in this historical moment. Each chapter of this dissertation takes an exemplary film from this subset of art cinema and addresses how the aesthetic works against established modes of viewing to render visible modalities of life that often escape critical ire because they are expected. This project relies on the theories and methodologies of film and media studies, aesthetic theory, realism, materialism, accelerationism, cultural studies, continental philosophy, and political philosophy. The films and filmmakers analyzed include: The Limits of Control (2009), dir. Jim Jarmusch; Ossos (1997), In Vanda’s Room (2000), and Colossal Youth (2006), dir. Pedro Costa; Dogville (2003), dir. Lars von Trier; and, 2046 (2004), dir. Wong Kar-wai

Design and Implementation of Secure Chaotic Communication Systems

Chaotic systems have properties such as ergodicity, sensitivity to initial conditions/parameter mismatches, mixing property, deterministic dynamics, structure complexity, to mention a few, that map nicely with cryptographic requirements such as confusion, diffusion, deterministic pseudorandomness, algorithm complexity. Furthermore, the possibility of chaotic synchronization, where the master system (transmitter) is driving the slave system (receiver) by its output signal, made it probable for the possible utilization of chaotic systems to implement security in the communication systems. Many methods like chaotic masking, chaotic modulation, inclusion, chaotic shift keying (CSK) had been proposed however, many attack methods later showed them to be insecure. Different modifications of these methods also exist in the literature to improve the security, but almost all suffer from the same drawback. Therefore, the implementation of chaotic systems in security still remains a challenge. In this work, different possibilities on how it might be possible to improve the security of the existing methods are explored. The main problem with the existing methods is that the message imprint could be found in the dynamics of the transmitted signal, therefore by some signal processing or pattern classification techniques, etc, allow the exposition of the hidden message. Therefore, the challenge is to remove any pattern or change in dynamics that the message might bring in the transmitted signal

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security