Loading...
Search for:
information-security
0.006 seconds
Analysis and Development of Security Enhancements in Layer 2 Ethernet Based Networks
, M.Sc. Thesis Sharif University of Technology ; Pakravan, Mohammad Reza (Supervisor)
Abstract
Ethernet is among the most popular forms of data networking in the world. It has been widely used for local area networks and recently, it has also become very popular in metro area networks. As the usage of Ethernet grows, security and privacy of data transport using Ethernet becomes more important. As a result, there have been a lot of developments in improving security of Ethernet. In this thesis, we first provide a brief introduction of data security concepts. Then we briefly review important encryption standards. We focus on IEEE MACsec standard to provide the required security for Ethernet data transport. We have implemented the core encryption/decryption algorithms using HDL codes. We...
Multiple access wiretap channels with strong secrecy
, Article 2010 IEEE Information Theory Workshop, ITW 2010 - Proceedings, 30 August 2010 through 3 September 2010, Dublin ; 2010 ; 9781424482641 (ISBN) ; Aref, M. R ; Sharif University of Technology
2010
Abstract
The problem of secure communication over multiple-Access Wiretap channel (MAC-WTC) under strong secrecy criterion is investigated. A new technique based on channel output statistics approximation is developed for establishing the strong security over multi-user channels. In particular, this technique shows that how simple wiretap coding results in secure communication under strong secrecy criterion instead of weak secrecy criterion. As a side result of the paper, two results on the output statistics of MAC are provided. Such results can be used to approximate the mutual information between input and output of MAC with respect to a given codebook of arbitrary rate
An improved version of persian/arabic text steganography using "La" word
, Article Proceedings of IEEE 2008 6th National Conference on Telecommunication Technologies and IEEE 2008 2nd Malaysia Conference on Photonics, NCTT-MCP 2008, 26 August 2008 through 28 August 2008, Putrajaya ; 2008 , Pages 372-376 ; 9781424422159 (ISBN) ; Shirali Shahreza, M. H ; Sharif University of Technology
2008
Abstract
By expanding communication, in some cases there is a need for hidden communication. Steganography is one of the methods used for hidden exchange of information. Steganography is a method to hide the information under a cover media such as image or text. One of the text steganography methods for Persian and Arabic texts is "La" steganography method. But that method increases the file size and changes the apparent of the text. In this paper a method for solving these problems is proposed. In Persian and Arabic, each letter can have four different shapes regarding to its position in the word. In this method by using this feature of Persian and Arabic languages and the way which documents are...
Developing a Correspondent Information Security Management System for Electronic Banking in Iran
, M.Sc. Thesis Sharif University of Technology ; Vosughi Vahdat, Bijan (Supervisor)
Abstract
Growing need for the use of modern technologies in the field of information and communication reveals the necessity to establish an information security management system more than before. It is totally proven that information is an asset which, like other important assets of the organization is so momentous that should be crucially protected. Nowadays, with the proliferation of security threats, which can lead to undesirable events with possible damage to systems or organizations intentionally or inadvertently, by human factors or inhuman cause, existence of a safe structure has become more necessary for all organizations and agencies. One of the most critical areas of information security...
Analysis and Evaluation of Intrusion Detection Datasets and Providing a Solution to Make Them Real
, M.Sc. Thesis Sharif University of Technology ; Jahangir, Amir Hossein (Supervisor)
Abstract
The rapid advancement of information technology and computer networks raised concerns of the users and network administrators regarding security. The development of computer networks and the increase in the number of specialists in this field led to the increase in the number of people who seek to abuse these networks, people known as attackers. The attackers look for security defects in a network to penetrate and abuse it proportionate to their needs. Considering the risks of these attacks, it is necessary to have an intrusion detection system (IDS). IDSs are capable of detecting attack traffic or suspected traffic, then, they alert the network administrators, and consequently, stop the...
New method for risk management in CRM security management
, Article Third International Conference on Information Technology: New Generations, ITNG 2006, Las Vegas, NV, 10 April 2006 through 12 April 2006 ; Volume 2006 , 2006 , Pages 440-445 ; 0769524974 (ISBN); 9780769524979 (ISBN) ; Sharif University of Technology
2006
Abstract
In an increasing competitive world, marketing survival can be depended simply on timely new information on customers and market trend. One of the most important strategies in CRM (Customer Relationship Management) is to capture enough information from customers and using this information carefully [17, 19]. Of course security of this information is very important in CRM data management [2]. Data management is a method for scheduling and controlling data saving, recovering and processing. This activity has been done continually or periodically [2]. Security level of this information depends on the security policy of the organization. CRM security policy is the directives and practices for...
Encountering to DDoS Attack
, M.Sc. Thesis Sharif University of Technology ; Kharrazi, Mehdi (Supervisor) ; Movaghar Rahimabadi, Ali (Co-Advisor)
Abstract
Distributed Denial of Service (DDoS) is one of the more important attacks in computer networks. DDoS attacks can be categorized in to two categories: high rate and low rate. In the high rate DDoS category, the attacker tries to fill up all the link’s bandwidth capacity by flooding the link with packets. On the other hand, in the low rate DDoS category (i.e. LDDoS), the attacker executes a DDoS attack while keeping a low average transmission rate. TCP LDDoS is a low rate DDoS attack in which the attacker exploits the TCP congestion control behavior.
In this thesis, we investigate a system for defending against the TCP LDDoS attack and propose a novel method for doing so. We present some...
In this thesis, we investigate a system for defending against the TCP LDDoS attack and propose a novel method for doing so. We present some...
Mathematical Model of Protecting Information Technology based Organizations Against Cyber Attacks
, M.Sc. Thesis Sharif University of Technology ; Eshghi, Kourosh (Supervisor)
Abstract
According to the expanding of technology and information technology, organizations today are forced to collaborate and share knowledge with each other in order to obtain competitive advantages, and have innovation. This information sharing, in addition to its benefits, makes organizations vulnerable to loss of information in various ways by hackers, competitors or other agents through security breaches.In this research, the issue of protecting IT-based organizations from cyberattacks is discussed by using a concept of attack graphs interdiction. At first, after defining the problem precisely, it is modeled as a bi-level mathematical programming. In this problem, the attacker is looking for...
Physical Layer Secure Image Transmission Based on Machine Learning Methods
, M.Sc. Thesis Sharif University of Technology ; Behroozi, Hamid (Supervisor) ; Hossein Khalaj, Babak (Co-Supervisor)
Abstract
The rapid development of wireless communications, e.g., the sixth generation (6G) networks, together with the emergence of various technologies for exchanging data has made the information security a big concern. In other words, today’s decentralized wireless networks face with major challenges in terms of key distribution and management of traditional cryptographic techniques. In contrast, the approach of PHY layer security, which wisely utilizes the inherent characteristics of wireless links, has been introduced to address provable and lightweight security mechanisms. In addition, learning-based techniques have shown to be able to provide well-established mechanisms in enhancing the...
An access and inference control model for time series databases
, Article Future Generation Computer Systems ; Volume 92 , 2019 , Pages 93-108 ; 0167739X (ISSN) ; Amini, M ; Sharif University of Technology
Elsevier B.V
2019
Abstract
Today, many applications produce and use time series data. The data of this type may contain sensitive information. So they should be protected against unauthorized accesses. In this paper, security issues of time series data are identified and an access and inference control model for satisfying the identified security requirements is proposed. Using this model, administrators can define authorization rules based on various time-based granularities (e.g. day or month) and apply value-based constraints over the accessed times series data. Furthermore, they can define policy rules over the composition of multiple time-series other than the base time-series data. Detecting and resolving...
Use of the Blockchain to Improve the Security of Patients’ Health Records in Electronic Health Systems
, M.Sc. Thesis Sharif University of Technology ; Aref, Mohammad Reza (Supervisor)
Abstract
This thesis aims to create an electronic health system for transferring, verifying, and monitoring patient data. Blockchain technology is used in this system. In this system, the patient can communicate with the relevant hospital via an authentication protocol and transmit his data to the hospital. The hospital levels the patient's data creates the patient's treatment prescription and shares it with the pharmacy and insurance company to facilitate the patient's effective treatment. Blockchain technology has been used in a variety of electronic health systems. There are several problems with these systems, including the incorrect use of blockchain, a lack of comprehensiveness, a lack of...
Protecting Deep Neural Networks Against Black-box Adversarial Attacks
, M.Sc. Thesis Sharif University of Technology ; Jalili, Rasoul (Supervisor)
Abstract
Recent advances in Machine Learning and specially Deep Learning, have caused a dramatic increase in the use of these algorithms in different applications, such as sickness diagnosis, anomaly detection, malware detection, and etc. Since training deep neural networks requires a high cost in terms of both gathering loads of labeled data and computing and human resources, deep learning models are a part of an organization’s intellectual property and so, the importance of securing these models is increasing. One of the most important types of attacks that compromises the security of deep neural networks is black-box adversarial example attack. In adversarial example attacks, the adversary...
Text steganography in SMS
, Article 2nd International Conference on Convergent Information Technology, ICCIT 07, Gyongju, 21 November 2007 through 23 November 2007 ; 2007 , Pages 2260-2265 ; 0769530389 (ISBN); 9780769530383 (ISBN) ; Shirali Shahreza, M. H ; Sharif University of Technology
2007
Abstract
One of the services used in mobile phone is the short message service (SMS) which is widely used by the public in all parts of the world especially in Asia and Europe. This service enables people to write and exchange short messages via mobile phone. Due to the limited size of SMS, lack of a proper keyboard on the mobile phone and to improve the speed of typing, new abbreviations have been invented for different words and phrases which has lead to the invention of a new language called SMS-Textlng. One of the main issues in communication is information security and privacy. There are many methods for secret communication and many researchers are working on steganography. In steganography the...
Risk management in CRM security management
, Article 3rd Australian Information Security Management Conference, AISM, Perth, WA, 30 September 2005 through 30 September 2005 ; 2005 , Pages 95-102 ; 0729806111 (ISBN); 9780729806114 (ISBN) ; Sharif University of Technology
2005
Abstract
In an increasing competitive world, marketing survival can be depended simply on timely new information on customers and market trend. One of the most important strategies in CRM (Customer Relationship Management) is to capture enough information from customers and using this information carefully [Ryals, Tinsley]. Of course security of this information is very important in CRM data management [Bryan]. Data management is a method for scheduling and controlling data saving, recovering and processing. This activity has been done continually or periodically[Bryan]. Security level of this information depends on the security policy of the organization. CRM security policy is the directives and...