Towards secure message systems

Message systems, which transfer information from sender to recipient via communication networks, are indispensable to our modern society. The enormous user base of message systems and their critical role in information delivery make it the top priority to secure message systems. This dissertation focuses on securing the two most representative and dominant messages systems---e-mail and instant messaging (IM)---from two complementary aspects: defending against unwanted messages and ensuring reliable delivery of wanted messages.;To curtail unwanted messages and protect e-mail and instant messaging users, this dissertation proposes two mechanisms DBSpam and HoneyIM, which can effectively thwart e-mail spam laundering and foil malicious instant message spreading, respectively. DBSpam exploits the distinct characteristics of connection correlation and packet symmetry embedded in the behavior of spam laundering and utilizes a simple statistical method, Sequential Probability Ratio Test, to detect and break spam laundering activities inside a customer network in a timely manner. The experimental results demonstrate that DBSpam is effective in quickly and accurately capturing and suppressing e-mail spam laundering activities and is capable of coping with high speed network traffic. HoneyIM leverages the inherent characteristic of spreading of IM malware and applies the honey-pot technology to the detection of malicious instant messages. More specifically, HoneyIM uses decoy accounts in normal users\u27 contact lists as honey-pots to capture malicious messages sent by IM malware and suppresses the spread of malicious instant messages by performing network-wide blocking. The efficacy of HoneyIM has been validated through both simulations and real experiments.;To improve e-mail reliability, that is, prevent losses of wanted e-mail, this dissertation proposes a collaboration-based autonomous e-mail reputation system called CARE. CARE introduces inter-domain collaboration without central authority or third party and enables each e-mail service provider to independently build its reputation database, including frequently contacted and unacquainted sending domains, based on the local e-mail history and the information exchanged with other collaborating domains. The effectiveness of CARE on improving e-mail reliability has been validated through a number of experiments, including a comparison of two large e-mail log traces from two universities, a real experiment of DNS snooping on more than 36,000 domains, and extensive simulation experiments in a large-scale environment

Hybrid approach for spam email detection

On this era, email is a convenient way to enable the user to communicate everywhere in the world which it has the internet. It is because of the economic and fast method of communication. The email message can send to the single user or distribute to the group. Majority of the users does not know the life exclusive of e-mail. For this issue, it becomes an email as the medium of communication of a malicious person. This project aimed at Spam Email. This project concentrated on a hybrid approach namely Neural Network (NN) and Particle Swarm Optimization (PSO) designed to detect the spam emails. The comparisons between the hybrid approach for NN_PSO with GA algorithm and NN classifiers to show the best performance for spam detection. The Spambase used contains 1813 as spams (39.40%) and 2788 as non-spam (60.6%) implemented on these algorithms. The comparisons performance criteria based on accuracy, false positive, false negative, precision, recall and f-measure. The feature selection used by applying GA algorithm to reducing the redundant and irrelevant features. The performance of F-Measure shows that the hybrid NN_PSO, GA_NN and NN are 94.10%, 92.60% and 91.39% respectively. The results recommended using the hybrid of NN_PSO with GA algorithm for the best performance for spam email detection

An ownership-base message admission control mechanism for curbing spam

Unsolicited e-mail has brought much annoyance to users, thus, making e-mail less reliable as a communication tool. This has happened because current email architecture has key limitations. For instance, while it allows senders to send as many messages as they want, it does not provide adequate capability to recipients to prevent unrestricted access to their mailbox. This research develops a new approach to equip recipients with ability to control access to their mailbox.This thesis builds an ownership-based approach to control mailbox usage employing the CyberOrgs model. CyberOrgs is a model that provides facilities to control resources in multi-agent systems. We consider a mailbox to be a precious resource of its owner. Any access to the resource requires its owner's permission. Thus, we give recipients a capability to manage their valuable resource - mailbox. In our approach, message senders obtain a permission to send messages through negotiation. In this negotiation, a sender makes a proposal and the intended recipient evaluates the proposal according to their own policies. A sender's desired outcome of a negotiation is a contract, which conducts the subsequent communication between the sender and the recipient. Contracts help senders and recipients construct a long-term relationship.Besides allowing individuals to control their mailbox, we consider groups, which represent organizations in human society, in order to allow organizations to manage their resources including mailboxes, message sending allowances, and contracts.A prototype based on our approach is implemented. In the prototype, policies are separated from the mechanisms. Examples of policies are presented and a public policy interface is exposed to allow programmers to develop custom policies. Experimental results demonstrate that the system performance is policy-dependent. In other words, as long as policies are carefully designed, communication involving negotiation has minimal overhead compared to communication in which senders deliver messages to recipients directly

Un sistema integrato di analisi e filtraggio della posta elettronica anti-spam ed anti-bot

Le email (Elettronic MAIL), rappresentano uno degli strumenti di comunicazione più adottati al mondo. Proprio per la sua larga diffusione, l’email è soggetta ad attacchi quali: SPAM, phishing ed infezioni bot. Lo SPAM è sostanzialmente posta spazzatura, ovvero corrispondenza non desiderata, mentre il phishing è una tecnica più spregiudicata che sfrutta messaggi con link a copie di siti originali per carpire informazioni a utenti ignari. Ultimamente si stanno diffondendo le botnet, reti di macchine soggiogate attraverso l’uso di virus o altri software malevoli, al potere di un unico botmaster che le utilizza per inviare email con scopi illeciti. Analizzando tali attacchi e accertata la loro accresciuta virulenza, arrecante danni spesso di carattere economico, si è progettato e realizzato un sistema in grado di arginare il problema, in maniera poco invasiva rispetto all’end user che lo utilizza. Sia la comunità scientifica sia le industrie di software hanno sviluppato metodi per contrastare gli attacchi sopra menzionati. In particolare, la comunità scientifica si è principalmente concentrata sulla protezione dalle infezioni botnet a livello di core network, mentre le industrie di software si sono soprattutto concentrate sul problema SPAM. I metodi ad oggi maggiormente utilizzati per il contrasto alla posta elettronica non desiderata, si basano principalmente sul filtraggio degli indirizzi ovvero il listing. In alternativa il filtraggio può essere compiuto sul contenuto sfruttando alcune leggi probabilistiche. Altri sistemi si basano sulla modifica dei protocolli SMTP e POP3 ma non sembrano, a tutt’oggi, una strada facilmente percorribile. Dalla ricerca compiuta è nata l’idea di realizzare un servizio di protezione che andasse a riempire una mancanza tra le soluzioni già esistenti. In particolare si è visto che il problema curato è quasi sempre quello dello SPAM, integrato in rari casi da sistemi anti-virus, trascurando la questione legata agli attacchi bot che possono insorgere. Tale mancanza può portare il sistema eventualmente colpito sia a diventare uno strumento con cui il botmaster può compiere altri cyber crime, sia a provocare contagi a catena in grado di interessare i sistemi ad esso noti. Stime attuali indicano che più di un quarto di tutti i personal computer connessi ad internet sono potenzialmente candidati a divenire parte di botnet. Partendo da questi riscontri empirici si è pensato di realizzare un sistema integrato anti-spam ed anti-bot, garantendo così una difesa più ampia. Un altro obiettivo si è delineato scegliendo di proteggere un’intera rete locale, ponendo il sistema sulla macchina che fornisce ad essa la connettività internet. L’applicativo sviluppato è stato chiamato Bloumail, acronimo di BLOck Unwanted MAIL. Tale programma si pone come filtro per la posta elettronica, entrante ed uscente, e può integrarsi con il programma Blobot. Quest’ultimo con metodi in parte analoghi a quelli proposti nel seguito, si occupa di controllare il traffico web, garantendo la sicurezza della navigazione internet in caso di infezioni bot. Bloumail si basa su due tecniche classiche di filtraggio, il blacklisting sugli indirizzi delle email ed il filtraggio probabilistico di Bayes sul loro contenuto. Facendo operare opportunamente tali meccanismi anche per la posta in uscita, ed aggiungendo un particolare strumento di autorizzazione fondato sull’uso di CAPTCHA, si è ottenuto il pregio di poter bloccare SPAM eventualmente prodotto da infezioni bot della macchina. In particolare l’uso di CAPTCHA permette di impedire l’accesso al sistema ai bot, garantendo che l’operatore sia un umano. In conclusione si sono eseguiti i test e le analisi atte a verificare sperimentalmente il corretto ed efficace funzionamento di quanto sviluppato. La tesi si articola su sei capitoli. Nel primo si espongono i principi alla base del funzionamento e dell’architettura del servizio di email, presentando con attenzione le problematiche riscontrabili durante il suo utilizzo. Nel secondo capitolo si riporta una sintesi delle ricerche compiute sullo stato dell’arte nel campo della difesa dagli abusi perpetrati attraverso la posta elettronica. Una sintetica descrizione dei protocolli SMTP e POP3 si trova nel terzo capitolo. Vincoli di progetto ed applicativi utilizzati con le rispettive motivazioni sono argomento del quarto capitolo. La completa trattazione del metodo ideato e la sua implementazione, comprendente le singole funzioni sviluppate e l’architettura che le governa sono riprese dal quinto capitolo. Il sesto ed ultimo capitolo descrive la sperimentazione, arricchita dalle conclusioni risultanti da questa esperienza

An investigation into the design and implementation of an internet-scale network simulator

Simulation is a complex task with many research applications - chiey as a research tool, to test and evaluate hypothetical scenarios. Though many simulations execute similar operations and utilise similar data, there are few simulation frameworks or toolkits that allow researchers to rapidly develop their concepts. Those that are available to researchers are limited in scope, or use old technology that is no longer useful to modern researchers. As a result of this, many researchers build their own simulations without a framework, wasting time and resources on a system that could already cater for the majority of their simulation's requirements. In this work, a system is proposed for the creation of a scalable, dynamic-resolution network simulation framework that provides scalable scope for researchers, using modern technologies and languages. This framework should allow researchers to rapidly develop a broad range of semantically-rich simulations, without the necessity of superor grid-computers or clusters. Design and implementation are discussed and alternative network simulations are compared to the proposed framework. A series of simulations, focusing on malware, is run on an implementation of this framework, and the results are compared to expectations for the outcomes of those simulations. In conclusion, a critical review of the simulator is made, considering any extensions or shortcomings that need to be addressed

Cyber Law and Espionage Law as Communicating Vessels

Professor Lubin\u27s contribution is Cyber Law and Espionage Law as Communicating Vessels, pp. 203-225. Existing legal literature would have us assume that espionage operations and “below-the-threshold” cyber operations are doctrinally distinct. Whereas one is subject to the scant, amorphous, and under-developed legal framework of espionage law, the other is subject to an emerging, ever-evolving body of legal rules, known cumulatively as cyber law. This dichotomy, however, is erroneous and misleading. In practice, espionage and cyber law function as communicating vessels, and so are better conceived as two elements of a complex system, Information Warfare (IW). This paper therefore first draws attention to the similarities between the practices – the fact that the actors, technologies, and targets are interchangeable, as are the knee-jerk legal reactions of the international community. In light of the convergence between peacetime Low-Intensity Cyber Operations (LICOs) and peacetime Espionage Operations (EOs) the two should be subjected to a single regulatory framework, one which recognizes the role intelligence plays in our public world order and which adopts a contextual and consequential method of inquiry. The paper proceeds in the following order: Part 2 provides a descriptive account of the unique symbiotic relationship between espionage and cyber law, and further explains the reasons for this dynamic. Part 3 places the discussion surrounding this relationship within the broader discourse on IW, making the claim that the convergence between EOs and LICOs, as described in Part 2, could further be explained by an even larger convergence across all the various elements of the informational environment. Parts 2 and 3 then serve as the backdrop for Part 4, which details the attempt of the drafters of the Tallinn Manual 2.0 to compartmentalize espionage law and cyber law, and the deficits of their approach. The paper concludes by proposing an alternative holistic understanding of espionage law, grounded in general principles of law, which is more practically transferable to the cyber realmhttps://www.repository.law.indiana.edu/facbooks/1220/thumbnail.jp

NASA Tech Briefs, April 1995

This issue of the NASA Tech Briefs has a special focus section on video and imaging, a feature on the NASA invention of the year, and a resource report on the Dryden Flight Research Center. The issue also contains articles on electronic components and circuits, electronic systems, physical sciences, materials, computer programs, mechanics, machinery, manufacturing/fabrication, mathematics and information sciences and life sciences. In addition to the standard articles in the NASA Tech brief, this contains a supplement entitled "Laser Tech Briefs" which features an article on the National Ignition Facility, and other articles on the use of Lasers

Graduate Catalogue 2015-2017

https://digitalscholarship.tnstate.edu/graduatecatalogues/1004/thumbnail.jp

Graduate Catalogue 2017-2019

https://digitalscholarship.tnstate.edu/graduatecatalogues/1005/thumbnail.jp