Combining Programs to Enhance Security Software

Automatic threats require automatic solutions, which become automatic threats themselves. When software grows in functionality, it grows in complexity, and in the number of bugs. To keep track of and counter all of the possible ways that a malicious party can exploit these bugs, we need security software. Such software helps human developers identify and remove bugs, or system administrators detect attempted attacks. But like any other software, and likely more so, security software itself can have blind spots or flaws. In the best case, it stops working, and becomes ineffective. In the worst case, the security software has privileged access to the system it is supposed to protect, and the attacker can hijack those privileges for its own purposes. So we will need external programs to compensate for their weaknesses. At the same time, we need to minimize the additional attack surface and development time due to creating new solutions. To address both points, this thesis will explore how to combine multiple programs to overcome a number of weaknesses in individual security software: (1) When login authentication and physical protections of a smart phone fail, fake, decoy applications detect unauthorized usage and draw the attacker away from truly sensitive applications; (2) when a fuzzer, an automatic software testing tool, requires a diverse set of initial test inputs, manipulating the tools that a human uses to generate these inputs multiplies the generated inputs; (3) when the software responsible for detecting attacks, known as an intrusion detection system, itself needs protection against attacks, a simplified state machine tracks the software's interaction with the underlying platform, without the complexity and risks of a fully functional intrusion detection system; (4) when intrusion detection systems run on multiple, independent machines, a graph-theoretic framework drives the design for how the machines cooperatively monitor each other, forcing the attacker to not only perform more work, but also do so faster. Instead of introducing new, stand-alone security software, the above solutions only require a fixed number of new tools that rely on a diverse selection of programs that already exist. Nor do any of the programs, old or new, require additional privileges that the old programs did not have before. In other words, we multiply the power of security software without multiplying their risks

Sub-wavelength photonics from solution-processing

Light is pervasive: it transmits information at celeritas lucis, interfaces with everyday electronics and offers a source of renewable energy. The optics and photonics which manage light should satisfy its growing prevalence. One organic polymer and Titanium hybrid is synthesised simply in two steps and is processable as a liquid at room temperature at low capital intensity. It exhibits a tunable refractive index with a large range of 1.5 to 2.0. Light management applications are explored, focusing on two forms of light propagation: free radiation and guided waves. All devices are fabricated from solution-processable materials. The behaviour of light is manipulated by periodic modulations of refractive index. Two directions of periodicity are investigated: parallel and perpendicular to light propagation. Thin-film multilayers form dielectric mirrors with parallel periodicity. The radiation of selected wavelengths are suppressed whilst others are enhanced. These are used to modify emission properties of a photoluminescent dye; a method towards improving efficiencies in optoelectronic devices without chemical alterations. Perpendicular periodicity is provided by thin-film diffraction gratings, enabling coupling between guided and freely radiating light; a key function of solar concentrators and wearable augmented-reality displays. An experimental system is developed to measure coupled light transmissions. To facilitate the design and assessment of these devices, Transfer Matrix Method (TMM) and Finite-Element Method (FEM) models are used. Refractive indices of thin-films are extracted by fitting transmittance and reflectance spectra to TMM. For dielectric mirrors, a phase reconstruction algorithm is extended to account for incoherent substrates. In doing so, information on band-gap positioning is extracted. Meanwhile, diffraction spectra are modelled using the Fraunhofer expression and modified by TMM to include thin-film interferences. This is utilised to fit grating dimensions, which support FEM calculations to identify guided transmissions. A variety of devices are fabricated from solution and characterised using the models developed.Open Acces