Coexisting Parallelogram Method to Handle Jump Point on Hough Transform-based Clock Skew Measurement

In this paper, we improve the robustness of the Hough transform-based clock skew measurement on the occurrence of a jump point. The current Hough transform-based skew method uses angle (θ), thickness (ω), and region (β), to create a parallelogram that covers the densest part of an offset-set. However, the assumption that all offsets are considered to line up roughly in only one direction restricts the ability of the current method when handling an offset-set in which its densest part is located separately, the jump point condition. By acquiring the parallelogram from coexisting angle-region tuples at the beginning and the ending parts of the offset-set, we completed the ability of the Hough transform-based method to handle the jump point. When handling the jump point problem, the proposed coexisting parallelogram method could reach 0.35 ppm accuracy compared with tens ppm by the current methods

Device fingerprinting identification and authentication: A two-fold use in multi-factor access control schemes

Network security has always had an issue with secure authentication and identification. In the current mixed device network of today, the number of nodes on a network has expanded but these nodes are often unmanaged from a network security perspective. The solution proposed requires a paradigm shift, a recognition of what has already happened, identity is for sale across the internet. That identity is the users’ network ID, their behavior, and even their behavior in using the networks. Secondly a majority of the devices on the Internet have been fingerprinted. Use of device fingerprinting can help secure a network if properly understood and properly executed. The research into this area suggests a solution. Which is the use of device fingerprints including clock skews to identify the devices and a dual- authentication process targeted at authenticating the device and the user. Not only authenticating the identity presented but also combining them into a unified entity so failure to authenticate part of the entity means the whole is denied access to the network and its resources

Privacy-Preserving Web Browser Extension

Tato práce se zabývá bezpečností, soukromím a anonymitou uživatelů na internetu. V práci jsou popsány sledovací mechanismy a přístupy, které monitorují a odesílají informace o uživatelích. Takto uniknuté informace mohou být následně použity k identifikaci konkrétního uživatele, monitorování a analýze jeho chování na konkrétních webových stránkách nebo mohou být tyto informace zneužity jiným způsobem (např. odcizení a zneužití hesla nebo čísla platební karty). V rámci této práce je popsána a otestována funkcionalita a spolehlivost současných doplňků webových prohlížečů slibující uživatelům ochranu při pohybu na internetu. Následně je v rámci této práce navržen a implementován doplněk, který demonstruje přístup ke zvýšení soukromí a anonymity prostřednictvím techniky redefinování a zapouzdření původní implementace řady JavaScriptových funkcí a objektů, a to v době před začátkem zpracování načítané webové stránky. Spouštění obalovacího kódu v této době zajistí, že žádný jiný kód v načítané webové stránce nebude nikdy moci využívat původní implementaci. Doplněk je v rámci práce také důkladně testován. Závěr práce se zabývá celou řadou dalších možností rozšíření implementovaného doplňku.This thesis deals with security, privacy, and anonymity on the internet. In this thesis are described tracking mechanisms and approaches that are being used to collect and send away users' personal information. Information that leaks using this tracking approaches can be used to identify user, to monitor and analyze his behavior on specific web pages and several leaked pieces of information can be misused (for example the leaked credit card number or password). In this thesis is described and tested the functionality and reliability of several current web add-ons providing the protection on the internet. New security increasing web add-on has been designed and developed to demonstrate a technique, that redefines and wraps the original JavaScript implementation of several functions and objects, the wrapping is executed before the visited web page starts processing the source code. Running the wrapping code at this time will ensure, that no other code in loaded web page will ever have access to the original implementation. This add-on is also well-tested. The final thesis' stage provides a great amount of possibilities to improve implemented add-on.

Pro-active visualization of cyber security on a National Level : a South African case study

The need for increased national cyber security situational awareness is evident from the growing number of published national cyber security strategies. Governments are progressively seen as responsible for cyber security, but at the same time increasingly constrained by legal, privacy and resource considerations. Infrastructure and services that form part of the national cyber domain are often not under the control of government, necessitating the need for information sharing between governments and commercial partners. While sharing of security information is necessary, it typically requires considerable time to be implemented effectively. In an effort to decrease the time and effort required for cyber security situational awareness, this study considered commercially available data sources relating to a national cyber domain. Open source information is typically used by attackers to gather information with great success. An understanding of the data provided by these sources can also afford decision makers the opportunity to set priorities more effectively. Through the use of an adapted Joint Directors of Laboratories (JDL) fusion model, an experimental system was implemented that visualized the potential that open source intelligence could have on cyber situational awareness. Datasets used in the validation of the model contained information obtained from eight different data sources over a two year period with a focus on the South African .co.za sub domain. Over a million infrastructure devices were examined in this study along with information pertaining to a potential 88 million vulnerabilities on these devices. During the examination of data sources, a severe lack of information regarding the human aspect in cyber security was identified that led to the creation of a novel Personally Identifiable Information detection sensor (PII). The resultant two million records pertaining to PII in the South African domain were incorporated into the data fusion experiment for processing. The results of this processing are discussed in the three case studies. The results offered in this study aim to highlight how data fusion and effective visualization can serve to move national cyber security from a primarily reactive undertaking to a more pro-active model