Høgskolen i Gjøvik
Information Security 2006
Full time students - handing in July 1 2006
|
Student Name |
Thesis Title |
Assigned By |
Teaching Supervisor |
|
Hip movement based Authentication - How will imitation affect the results? |
NISlab |
Einar Snekkenes |
|
|
NISlab |
Einar Snekkenes |
||
|
NISlab |
Einar Snekkenes |
||
|
Can Network Security be Fun? An agent-based Simulation Model and Game proposal |
NISlab |
Einar Snekkenes |
|
|
NISlab |
Slobodan Petrovic |
||
|
The use of Situation Assessment in a Wireless Intrusion Detection System |
NISlab |
Slobodan Petrovic |
|
|
The use of k-best path algorithms in clock control sequence reconstruction |
NISlab |
Slobodan Petrovic |
|
|
NISlab |
Einar Snekkenes |
||
|
NISlab |
Frode Volden |
||
|
NISlab |
Hanno Langweg |
||
|
NISlab |
Espen Torseth |
||
|
Certificateless Authenticated Two-Party Key Agreement Protocols |
NISlab |
Chik How Tan |
|
|
NISlab |
Einar Snekkenes |
||
|
Nilsen, Tom |
NISlab |
Slobodan Petrovic |
|
|
Pettersen, Jon Fredrik |
Sårbarhetsanalyse av utvalgte deler av norske biometriske pass |
NISlab |
Einar Snekkenes |
|
NISlab |
Slobodan Petrovic |
||
|
Smestad, Mats Erik |
NISlab |
Slobodan Petrovic |
|
|
Storvik, Eskild |
Konsekvenser ved samlokalisering av IKT-systemer innen helsesektoren |
NISlab |
Nils Kalstad Svendsen |
|
Clock Control Sequence Reconstruction in the Generalized Shrinking Generator |
NISlab |
Slobodan Petrovic |
|
|
Vesterås, Brita |
NISlab |
Chik How Tan |
Part time students - handing in November 1 2006
|
Student Name |
Thesis Title |
Assigned By |
Teaching Supervisor |
|
Awan, Haneef |
A Qualitative Study of Information Security Initiatives in Anglosphere and Nordic Countries |
NISlab |
Jose J. Gonzalez |
|
Berget, Ståle Jonny |
NISlab |
Chik How Tan |
|
|
NISlab |
Slobodan Petrovic |
||
|
Skar, Rune Linchausen |
Systemdynamisk tilnærming for risikoanalyse av transformasjonen til Nettverksbasert forsvar |
NISlab |
Jose J. Gonzalez |
|
Terkelsen, Harald |
NISlab |
Hanno Langweg |
Abstract/Sammendrag
Berget, Ståle Jonny
Authentication in Mobile Ad-hoc network (MANET)
This paper is a MSc plan for the master thesis on authentication in mobile ad-hoc network (MANET). A proper authentication protocol is necessary to establish integrity within a MANET and the user of the network. The big issue in authentication is to assuring that only legal nodes and entities are a part of the network. The MANET can be divided in two groups: 1) a MANET where there exist one single authority and 2) MANET without a single authority. The thesis will only cover authentication in a MANET with only one single authority as in the scenario of a rescue operation, and propose a new and better authentication protocol for this scenario. To design this protocol the thesis must includes a threat model that can be expected for this kind of network, and a description of the scenario of a rescue operation.
Buvarp, Tor Erik
Hip movement based Authentication - How will imitation affect the results?
- Thesis (pdf)
- Presentation
This thesis will look at a relatively new method within biometric authentication that is quite new within the research topic. This method deals with authentication of a person by means of register the hip movement during ordinary walk. These data should be gathered using a unit that is attached to the hip while a person is walking. After transmission of these registered data to a computer, they will be analysed, and hopefully we can use it to uniquely authenticate a person.
Byfuglien, Mats
A mobile single sign-on system
- Thesis (pdf)
- Presentation
Today users have to manage a set of usernames and passwords for every service they are using. As the number of passwords grow people start writing them down, use easily guessable passwords or use the same password on different accounts. This severely reduces the security passwords provide and a better password managements system is needed. Single sign-on (SSO) is proposed as a solution to the password management problem. These solutions allow users to store their passwords in one place, and the user only has to remember one master password. Most of the SSO solutions available on the market today are either too expensive and complex for the common user or they lack mobility.
The goal of this thesis is to propose a new mobile singe sign-on system that automates logins for the user. The passwords will be stored on a mobile phone and transferred via Bluetooth to a USB unit connected to the PC. This unit will be configured as a keyboard and emulate keystrokes as if the user was typing them on a conventional keyboard.
The main contribution from this thesis will be to perform a technical feasibility study to show if it is possible to implement the proposed concept. The result is a prototype of the solution with only the functional features implemented. A security analysis has been conducted on the prototype. The aim of the analysis was to find what security measures should be implemented to assure the security of the solution.
Also a user test was conducted to see how the concept was received by the potential users of the system. Results from the test show that a majority of the participants liked the concept and would like to use it on a daily basis. Keywords: Single sign-on, Bluetooth, Adversary modeling, usability testing, USB, Java.
Egeberg, Tommy
Storage of sensitive data in a Java enabled cell phone
- Thesis (pdf)
- Presentation
Today’s people often need to remember many different passwords to get access to a variety of services. To make the password management task easier, single sign-on solutions SSO) are implemented. A new idea for SSO implementation is to store the passwords on a Java enabled cellular phone.
The idea is that a Java application on a cellular phone communicates with a PC through a special USB Bluetooth device. A hacker will in this situation need both the Bluetooth device and access to the cell phone application to be able to obtain the passwords.
This thesis will present how suited these mobile devices are to store sensitive information like passwords from a SSO solution. It will identify vulnerabilities and threats associated with this way of doing single sign-on. A prototype formed as a digital safe will be implemented. An analysis of this prototype will then be performed, to find it’s strengths and weaknesses.
The aim of this investigation is to find out if this new SSO idea will be robust enough and therefore can be a new trend in SSO, as well as identify the ways a Java enabled cellular phone can keep confidential information secure.
Gilberg, Frode Petter
Can Network Security be Fun? An agent-based Simulation Model and Game proposal
- Thesis (pdf)
- Presentation
Too often, people’s knowledge about network- and information- security is built from their own experiences with accidents, or through “learning by burning”. This could be very costly affair. Most Internet users lack the motivation and knowledge needed to have appropriate protection. It is hard to seek knowledge from the literature when you don’t know what to look for. We want to investigate to what extent a computer game related to network- and information- security could motivate and increase people’s knowledge, and hence improve their decision making. We want to design a game, both model and prototype, and evaluate its efficiency as a learning tool – how users gets motivated and how well knowledge can be built through gaming. Significant knowledge built from gaming would be a proof-of-concept.
Grønland, Vidar Ajaxon
Building IDS signatures by means of a honeypot
- Thesis (pdf)
- Presentation
In todays society people become more and more dependent on computer systems. It is therefor vital that such systems are up and running at all times. One factor that has the power to destroy the availability is computer network attacks (CNA). (CNA are defined as "methods aimed at destroying, altering or obstructing information in computers, computer networks or the networks themselves"). To try to minimize this threat, it would be nice to have a security system that has the possibility to see new attacks and block them. This thesis will focus on seeing how much user interaction is needed to generate new signature rules for new attacks, and what type of honeypot is best suited for obtaining useful data. This will be based on data collected by a network intrusion detection system named SNORT, honeyd and tcpdump. Expected contributions and results are to make it easier to make new signatures for SNORT and determine what honeypot type which gives the simplest and most complete dataset to make signatures from.
Hasli, Håvard
The use of Situation Assessment in a Wireless Intrusion Detection System
Situation assessment (SA) is the procedure of mapping a label to the current state of a system based on data from different sources. It is a general approach and can be used in many situations like predicting and handling of emergencies, monitoring and securing computer systems and infrastructure like power grids/plants. We use Situation assessment in a wireless intrusion detection system (WIDS), where detection of both physical and network level events is needed. Since such events may be asynchronous Situation assessment is ideal as it is specially designed to handle it. The thesis shows how it is possible to use Situation assessment in WIDS and how to make an implementation of it. This research task was proposed by professor in information security, Slobodan Petroviã
Hayati-Karun, Hossein
Security incidents handling and organizational models
- Thesis (pdf)
- Presentation
Managing security incidents has become a part of daily life of almost any organisation, regardless of the organisational model. Routines for managing security incidents varies between organisations, depending on their organisational model. The need for achieving and maintaining a high level of security increases the focus on routines for handling security incidents. Inspite of this focus, the routines for handling security incidents are not sufficiently efficient. Having that in mind, this master thesis will explore possible method(s) for increasing the efficiency of these routines.
Herland, Turid
The use of k-best path algorithms in clock control sequence reconstruction
Thesis (pdf)
Presentation
Keystream generators based on clock-controlled linear feedback shift registers are often used in stream cipher systems. Cryptanalysis of such generators can be divided into two stages: In the first stage the initial state of the LFSR is found; the second stage reconstructs the clock control sequence. A set of candidate initial states for the LFSR can be found by computing the edit distance between the sequences produced by every possible initial state and the observed ciphertex, keeping the candidates that give distances below a given threshold. The edit distance is computed recursively, and a matrix of partial edit distances is filled out during these computations. Clock control sequence reconstruction can be done by finding paths back through the edit distance matrix.
In the known plaintext scenario an optimal path, which can be found very efficiently, would give the correct clock control sequence. However, when the plaintext is not known, it behaves like noise in the cryptanalytic process, and this noise makes it necessary to also consider suboptimal paths through the matrices. This thesis uses a k-best paths algorithm to extract the k shortest paths from the matrix, in order to find the path that represents the correct clock control sequence.
It is shown, through experimental results, that the attack is successful, and that it performs better than a similar depth-first search attack when there is no noise. However, in the presence of noise, the depth-first search performs slightly better than the k-best paths attack, on average.
Jahr, Stian
Security versus Power Consumption
Thesis (pdf)
Presentation
In many cases there are trade-offs between security and user-friendliness, or security versus speed. Our society is moving towards a more wireless community. This thesis will cover an aspect of security versus user-friendliness in the form of how do the security implementations in battery-powered devices affect the battery life. Do we need to charge the batteries more often when we implement security? Other authors has found the power consumptions of several security implementations. Previous work presents their results in joule, however, the user-friendliness cannot be measured in joule. A better unit for measuring the decreased charge interval. This thesis presents a theoretical model to find the decrement of the charge interval when security is implemented.
The model is used in a case study to find how much the charge interval is decreased when we implement a PGP inspired encryption of SMSes. The results shows that the charge interval is reduced by 42\% (from 202 hour to 117 hours) with an RSA key of 2048 bits and we send 20 encrypted SMSes each day. The main reason for the decreased charge interval is the use of the resource demanding RSA algorithm, however it is shown that the sending of extra bits due to the expansion of the message when PGP is applied played an important role in the decrement.
Knashaug, Kenneth
Personvernspørsmål ved innføringen av biometri i norske pass
Thesis (pdf)
Presentation
Denne masteroppgavens rapport retter s¸kelyset mot beskyttelsen av personvernet ved bruk av biometriske pass. Ved å se på nettopp dette, søker vi å kartlegge hvilket kunnskapsnivå brukerne har innen personvern, hvor bevisste de er på behandlingen av denne typen informasjon, og hvilke holdninger de har til dette. Vi ønsker også å finne ut om det eksisterer motstand mot de nye biometriske passene, og da også mulige begrunnelser for denne motstanden. I tillegg kan vi finne svar på om Datatilsynets bekymring rundt personvernet ved innf¸ringen av biometri i norske pass er berettiget.
For å kunne finne svar på dette, må det unders¸kes hva brukerne av de nye biometriske passene mener. En spørreundersøkelse er gjennomf¸rt ved Flesland lufthavn i Bergen og ved Nycomed Pharma(produksjonsbedrift for medisiner) i Elverum. Totalt er 196 besvarelser samlet inn fra mange typer mennesker i forskjellig alder, både menn og kvinner, med forskjellig etnisk bakgrunn, ulik utdanning, ulike synspunkter, ulikt kunnskapsnivå, og med forskjellige reisevaner.
Utvalget i denne spørreunders¸kelsen vil med bakgrunn i ovennevnte være representert ved en variert mengde personer, som verken er randomisert eller representativt for norsk befolkning generelt. Utvalget representerer allikevel en målgruppe som i høyeste grad berøres av de problemstillingene som tas opp i denne oppgaven.
Den gjennomførte studien i rapporten er også knyttes opp til relevant litteratur og forskning innen temaene informasjonssikkerhet, biometri, personvern og måling generelt.
Rapportens bidrag er å gi nye erfaringer om brukernes bevissthet, kunnskap og holdninger til beskyttelsen av eget personvern ved bruk av nye biometriske pass. Den gir også svar på om de nye passene er akseptert blant brukerne, og hva folk begrunner en eventuell motstand med. I tillegg kan vi undersøke om Datatilsynets bekymring knyttet til personvern og innf¸ring av biometri i norske pass er berettiget.
På bakgrunn av gjennomført studie, kommer det klart frem at de fleste har hørt om personvern, biometri og de nye passene generelt. Allikevel er de færreste inneforstått med hvordan bruken av de nye passene vil kunne påvirke personvernet.
Kristiansen, Tommy
Trusted Path in Client-server application
The WWW is now widely used in e-commerce, voting, e-bank, electronic signatures and online gambling applications, these applications often require the user to enter private information such as credit card number, pin, username and password into forms in client-server applications. In such environment it’s important to assure integrity of the information and the transactions. It’s also important to be sure of the authenticity of the users input. We need to know that it’s the user who enter the e.g. enter the password and keep the integrity of what the user see and interacts with. Another security issue is to keep the integrity of the transactions so the information is not changed on it’s way to the receiver. If an attacker can insert an Trojan horse application they easily can monitor the users keystrokes, synthesise them or redirect the user to a bogus remote page and violate what we want to achieve. We will in this report look at a countermeasure to this called trusted path. We will try to create a clientserver trusted path application using widely employed COTS(Commercial Off The Shelf) software, DirectX and ActiveX on the Win32 API to make it more difficult to for the attacker to violate the integrity and authenticity in such environment.
Lid, Sjur Ringheim
Visualizating intrusion detection
Intrusion detection is a hot topic in the security community at the moment. It's being developed new systems for detecting these types of computer crime all the time and a lot of research is done. A new way of seeing at intrusion detection has emerged the latest years, this is the use of visualization of network flow for detecting attacks being performed on a computer network. This is a fairly new way of looking at protection of computer networks as it involves the operator of these networks much more in the detection of attacks versus the traditional way of detection where a computer program does everything up to the point of stopping the attacker. In this thesis we are developing a system to visualize network flow based using only the Internet protocol (IP) addresses and port numbers of the packets going through the network, and testing if this can be used to detect intrusions on the
Mandt, Tarjei Kristoffer
Certificateless Authenticated Two-Party Key Agreement Protocols
Thesis (pdf)
Presentation
Certificateless public key cryptography (CL-PKC) was proposed to overcome the weaknesses of the public key infrastructure (PKI) and identity-based cryptography (ID-PKC). In PKI, certificates are used to provide the authenticity of public keys. However, a PKI faces many challenges in practice, such as the scalability of the infrastructure and certificate management (distribution, revocation, storage, and validation costs). ID-PKC does not use certificates, but employs a key generation center (KGC) that will know every user’s private key. Hence, the KGC will also be able to trace each user transaction and may cause loss of privacy if it’s not trusted. In CL-PKC, on the other hand, the KGC does not have this information. Thus, CL-PKC is often considered a cross between PKI and ID-PKC.
In their seminal paper on CL-PKC, Al-Riyami and Paterson (AP) proposed a certificateless authenticated key agreement protocol. Key agreement protocols are one of the fundamental primitives of cryptography, and allow two or more parties to establish secret keys securely in the presence of an eavesdropping adversary. AP’s protocol, the only certificateless key agreement protocol proposed so far, essentially requires each party to compute four bilinear pairings. Such pairings can be computationally intensive to compute, and should therefore be used moderately in protocols. In this thesis, we propose a new certificateless authenticated two-party key agreement protocol that only requires each party to compute two pairings. We perform a security analysis and heuristically argue that the protocol obtains the desired security attributes. We also show that our protocol can be used to establish keys between members of distinct domains (under different KGCs). Finally, we compare the protocol’s efficiency to current identity-based and certificateless protocols.
Moe, Espen Langvegg
Avsløre uærlige brukere, basert på akselerasjon i signatur
Today there exist some methods and tools to verify an signature. Most of these make use of a press sensitive pad and a pen. This is solutions that consist of many components, this leads to that higher prize and that the flexibility is getting lower. In this report I whish to lock at the possibility to make a system that only measures the acceleration in a pen. This while make it possible that user only write his signature whit what’s locks like a normal pen. This while make it possible to create a cheaper solution to verify a user whit his signature, which exists to day.
Nilsen, Tom
Managing the development of secure electronic banking
Thesis (pdf)
Presentation
Security has always been important to banks. With Electronic banking, it has become even more important, as Internet banking may supersede the retail outlets as a distribution channel for financial products and services. The further growth of electronic banking is dependent on the level of trust from customers, the society and media, and this trust may be reduced by security incidents and bad publicity. The bank has regularly been improving the security process in developing new IT systems. This area got increased focus with the introduction of Internet banking and e-commerce. The vision for this security process is a proper balance between:
- Business needs - including Confidenciality, Integrity and Availability
- Security and risk management requirements
- Ease of use
- Ease of (security) administration
The bank has good reasons to believe that the process and analysis early in the project phase constitutes a right approach. But, the Bank does not know what contribution the security process and analysis have had on that result. The Bank therefore needs to develop a security metric to measure the security status of the system when it is delivered from the development process. The primary function of the metric is to:
- Document the security status for risk management and compliance purposes
- Measure the effect of the security process and indicate areas of improvement
The main goal of working with security is to manage operational risk assosiated with IT systems. Analyses of the areas of non compliance, the associated risk and the root cause will be important parts of the Bank's risk management.
Pettersen, Jon Fredrik
Sårbarhetsanalyse av utvalgte deler av norske biometriske pass
Thesis (pdf)
Presentation
Etter mange terrorhendelser de siste årene, har det blitt st¸rre fokus på å sikre seg mot identitetstyveri. I dag er forfalskning og misbruk av pass et alvorlig problem. Ved bruk av biometriske pass ønsker en å gjøre verifiseringen av reisende mer sikker og effektiv, i tillegg til å hindre ulovlig innvandring og potensiell terrorisme.
I Norge har Datatilsynet vært ute og kritisert innf¸ringen av passene. De mener at sikkerheten og personvernet ikke har blitt tatt nok hensyn til. De mener også at det burde vært gjort flere risikovurderinger i henhold til Personopplysningsloven. Derfor vil vi i denne oppgaven se på sårbarheten til ulike aspekter ved de norske biometriske passene.
Det første vi har gjort er å beskrive og illustrere hvordan passystemet fungerer, samt en diskusjon av sikkerheten i de ulike prosessene. Deretter gjennomførte vi en protokollanalyse av protokollen som brukes til å sikre kommunikasjonen mellom pass og passleser. Det neste vi gjorde var å se på hvor gjennomførbart det var å gjøre et brute-force angrep på den samme protokollen, da både med og uten prosesseringstiden på smartkort leseren. Det siste vi gjorde var å se hvorvidt det var mulig å kopiere innholdet i passet.
Resultatene viser at protokollanalysen av Basic Access Control protokollen er sikker.
Vi har gjort et eksperiment som viser at gjennomf¸rbarheten av et brute-force angrep med prosesseringstid, ikke er gjennomførbart i løpet av passets gyldighetstid. Vi har også vist at et brute-force angrep som ikke tar hensyn til prosesseseringstiden på smartkort-leseren, kan gjennomføres på en PC i løpet av dager.
Seeberg, Vidar Evenrud
Anonymization of real data for IDS benchmarking
Thesis (pdf)
Presentation
Most IDS evaluation approaches use simulated network traffic as base for the test data sets used in the evaluation. Simulated network traffic lacks the diversities characteristic to a real world network. These diversities may be caused by non-standard implementations of protocols or abnormal protocol behavior, like unfinished threeway TCP handshakes and teardowns.
For realistic IDS evaluations, there is a need for test data sets based on real recorded network traffic. Such data sets must also be distributable since a valid test should be possible to reproduce by other evaluators. Due to legal concerns test data sets based on real recorded traffic must be anonymized.
This thesis presents a methodology for anonymization of real network data. The methodology focuses on information at the application layer, and HTTP/1.1 in particular. A prototype, called Anonymator, is implemented based on the methodology. A data set anonymized using such a methodology can be used in IDS evaluations, providing more realistic evaluations. It can also be distributed since identifying information is anonymized. This way evaluations can be validated by third parties. The methodology and prototype are tested thoroughly through experiments using a data set consisting of HTTP traffic mixed with attacks. The prototype implements different anonymization strengths that can be chosen by the operator. The experiments show the differences between the anonymization schemes. The differences are carefully explained. Results show that the two strongest anonymization schemes give good level of anonymity without losing too much realism.
Skar, Rune Linchausen
Systemdynamisk tilnærming for risikoanalyse av Nettverksbasert Forsvar
Den senere tids utvikling innen informasjonsteknologi har gitt et grunnlag for nye doktrinelle tiln¿rminger for hvordan fremtidens krigf¸ring vil utf¸res. Tiln¿rmingen benevnes Nettverksbasert forsvar (NbF) og den medf¸rer en ¸kt avhengighet av informasjon og informasjonsinfrastruktur for ut¸velse av milit¿re operasjoner. Den ¸kte avhengigheten for en fungerende informasjsonsinfrastruktur har ledet til at man n°a anser ”cyber-space” som det femte element for ut¸velse av krig (de tradisjonelle er; land, sj¸, luft og verdensrommet). Dette nye elementet krever egne konsepter og doktriner for hvordan en skal utf¸re angrep og forsvar. Flere nasjoner har utviklet slike doktriner. Norge har ogs°a behov for°a utvikle slike. Det eksisterer noe informasjon p°a dette omr°adet, men det er begrenset i omfang og mangelfult forankret i norske forhold. M°alet med denne oppgaven er derfor °a legge grunnlaget for et konsept, forankret i norske forhold, for forsvar av den datamaskin-baserte delen av Forsvarets informajonsinfrastruktur.
Smestad, Mats Erik
Kernighan-Lin Heuristic in an IDS
Thesis (pdf)
Presentation
With the need for organizations to stay online and connected to the World Wide Web, the need for security measures is stronger than ever. One important security feature is the utilization of an Intrusion Detection System, IDS. But as this is a relatively new technology it is still hazed in a grey cloud of confuse and misunderstanding. This thesis will focus on giving the reader an insight of IDS and methods used. The Intrusion Detection Systems of today have yet to prove their full potential. An especially strong feature of an IDS is to alert currently unknown attacks/misuse as it detects traffic that is outside the normal boundaries. Unfortunately this kind of IDS have a tendency to produce a high number of alerts on normal traffic as well. This thesis will investigate if the Kernighan-Lin algorithm may be used in an Intrusion Detection System and compare the results with the k-means algorithm. The Kernighan-Lin has not been used in an IDS, but k-means have already been implemented and tested. The study of Kernighan-Lin heuristic will hopefully reveal if it can perform better than the k-means regarding accuracy without a significant loss in speed.
The testing of the two algorithms, Kernighan-Lin and k-means, shows that Kernighan-Lin has a good potential as a classifier in an IDS. It does have some limitations, but they can be solved or circumvented. The true strength of Kernighan-Lin was the accuracy it provided. It managed to correctly identify each attack. However the tests done do favor the Kernighan-Lin in some degree.
Storvik, Eskild
Konsekvenser ved samlokalisering av IKT-systemer innen helsesektoren
Thesis (pdf)
Presentation
Another contribution is to describe the procedure of performing a risk analysis. There is a relative small number of detailed documentation about how to choose a method, employ a method and perform a risk analyse. Often the whole process and result are kept confidential within an organization or consultant firm. The theses give a detailed description on how to choose, perform and analyse the results.
In modern society, current treatment and management of information is a constant question about security. Raised demand of improving the efficiency of operations, leads frequently to centralization and convergence of unequal systems. A frequently challenge is to fulfil the demand of sufficient security and information security. For example, when information is exchanged in a network, or there are given access to information from different systems. The information will have the same security requirements. Because of this, information and security must be managed in a complete and satisfactory way.
The management decide whether the organization have sufficient information security. The management often base such decision on analysis, investigation or exploration. A risk analysis could confirm that the organization fulfil the demands of sufficient security. A risk analysis could also ensure a quality in the project and could confirm that the deliverance is in accordance defined by the management. Different kind of factors identified as critical to a project are affecting the choice of methods. The increasing human impact, beside increasing complexity and convergence often requires knowledge about how to choose the most suitable method. The methods are effective tools for analyzing systems, in order to reduce the likelihood that critical and crucial threats remain unidentified. Such might be achieved by choosing the most effective and suitable method for the project and the organization. For example, qualitative methodologies for analyzing risk lack the ability to account the dependencies between events, but are effective in identifying potential hazards and failures within the system, whereas tree-based techniques take into consideration the dependencies between each event.
The thesis describes the use of two different methods suited for analyzing a health-care organization. The two chosen methods are, the quick and easy method, and the heavier method. These methods are used to uncover the consequences of centralizing critical ICT-systems. The thesis also carries out an experiment by using FTA as a method within information security. Beside, uncovering the benefit of choosing a quick and easy method, instead of an extensive one, the thesis will also analyse the result in each method, to disclose in which degree there are subjective or objective parts in the results.
Another contribution is to describe the procedure of performing a risk analysis. There is a relative small number of detailed documentation about how to choose a method, employ a method and perform a risk analyse. Often the whole process and result are kept confidential within an organization or consultant firm. The theses give a detailed description on how to choose, perform and analyse the results.
Terkelsen, Harald
Data collection on security flaws caused by design errors
Security is often not given enough consideration in the design phase of the software development process. Past vulnerabilities caused by design errors will be analyzed in this thesis. A classification scheme for design error vulnerabilities is expected to be built, and vulnerabilities from vulnerability databases will be classified according to this classification. The gathered data will then be analyzed to learn more about design vulnerabilities.
Trontveit, Jan Inge
Clock Control Sequence Reconstruction in the Generalized Shrinking Generator
Thesis (pdf)
Presentation
The shrinking generator is a popular representation of pseudorandom sequence generators (PRSGs) that employ so-called irregular clocking. This familiy of PRSGs is characterized by having one or more linear feedback shift registers (LFSRs), whose clocking is controlled by the output sequence of one of the subgenerators. Such a sequence is called clock-control sequence.
In this thesis, an algorithm is presented that reconstructs the clock-control sequence in the generalized shrinking generator in the presence of noise. The shrinking generator is first reduced to a step1-stepE generator (another class of PRSGs with irregular clocking), where E depends on the maximum length of runs of zeros in the output sequence of the clocking part of the generator. Then a directed depth-first like search for optimal and suboptimal paths in the edit distance matrix corresponding to the generator is performed.
The permitted path weight deviation from the optimum is determined by the noise level in the statistical model of the generator. Influence of inadequate estimation of the length of the output sequence of the clocked LFSR without irregular clocking on the level of equivalent noise is discussed. The experimental results that are presented show that the total number of candidate clock-control sequences increases moderately as the necessary clock-control sequence length increases. The advantage of this attack over the other attacks reported in the litterature is that this attack is effective even if the noise level is relatively high and that the solution is guaranteed to be found.
Vesterås, Brita
Analysis of security in Key Agreement protocols
Thesis (pdf)
Presentation
This master's thesis study the recently proposed key agreement protocols. Since they are so new, there has not been any detailed analysis of them; hence one cannot be sure of how secure they really are. The security of these protocols is essential; since they are responsible for the integrity and confidentiality of all transactions from the moment the protocol is employed. If the key agreement procedure contains security flaws, unintended parties can get hold of the key and use it to decrypt all the transmitted messages that are encrypted with this key.
In order to secure the systems, one is always interested in finding the key agreement protocol that achieve the highest possible level of security. Because of this, new protocols are suggested all the time. Some of these does not have any security proof, and even those protocols that have been through an analysis may still contain flaws.
This master's thesis analyse a few of these protocols and try to detect their weaknesses and find what kind of attacks that can be a threat to each of the protocols. We also try to enhance the protocols in which we find weaknesses.
