Sharif Digital Repository

Security has become more important in IT systems. Thus, to protect such systems from related potential threats and harms, robust and dependable security solutions should be devised. In designing security systems, a number of other issues such as assurance and verifiability are also of concern. Due to their mathematical nature, formal methods are very suitable for the above purposes. Using these methods, one can accurately define a system, its boundaries, and the requirements from design. It also makes it possible to verify that the design meets the requirements. In this dissertation, we propose a general IT security system using RAISE specification method. To do so, the specification... 

Wireless sensor networks have many applications, vary in size, and are deployed in a wide variety of areas. They are often deployed in potentially adverse or even hostile environment so security issues are of much concern in these networks. Key management is a fundamental security issue in sensor networks. In this thesis, we are mainly focusing on key establishment and group rekeying schemes aspects of key management. Due to limited resources of sensor networks, key pre-distribution schemes are currently viewed as the most promising solution. Key predistribution in sensor networks refers to the problem of distributing secret keys among sensor nodes prior to deployment. Recently, many key... 

A major goal in image steganography is to preserve the statistical properties of the host image to thwart statistical based steganalysis. However, most steganography methods introduce some distortions into the host signal’s statistical properties that have been used, as a certain indication of manipulation of the signal, by steganalysis algorithms. In order to overcome such a methodical vulnerability, a new generation of data hiding algorithms has been proposed in the literature to preserve histogram of the host signal. In this thesis we present a novel image steganographic technique to preserve one-dimensional and two-dimensional histograms of the host image. Experimental results show that... 

With improving of technology, using of Wireless Sensor Networks (WSN) is rapidly increasing. In some application, wireless sensor network do need to supply realtimeness. In the other hand, in many cases, sensor networks are in risky environments distributed. Therefore, security is a key factor in sensor networks to performing their works properly optimized and maximum. Hence, both security and realtimeness features are important features of sensor networks. But because of common resource use, increasing efficiency of a feature will result in decreasing efficiency of other feature. In this thesis, we indicated to study mutual effect of security and realtimeness in Wireless Sensor Networks in... 

For increasing safety of driving, intelligent vehicles in vehicular ad hoc networks (VANETs) communicate with each other by sending announcements. The existence of a system that guarantees the trustworthiness of these announcements seems necessary. The proposed system generating announcements should be preserved from internal and external attackers that attempt to send fake messages. In this thesis, we use a group-based endorsement mechanism based on threshold signatures against internal attackers. We choose NTRUSign as a public key cryptosystem for implementing the Public Key Infrastructure (PKI) for decreasing signature generation and verification times. This approach optimizes the network... 

Wireless sensor networks (WSN) is a new technology, foreseen to be used increasingly in the near future, and security is an important issue for it. However because of nodes resource limitations, other schemes proposed for securing general ad hoc networks, are not appropriate for WSNs. Usually some nodes act maliciously and they are able to do different kinds of DoS attacks. In order to make the network more secure, malicious nodes should be isolated from the network. In this thesis, we model the interaction of nodes in WSN and intrusion detection system (IDS) as a Bayesian game formulation and use this idea to make a secure routing protocol. By this approach nodes are motivated to act... 

Vehicular ad hoc networks (VANETs) are currently attracting the attention of researchers around the world. They offer a wide range of applications improving road safety and driving comfort. Since VANET applications affect safety-of-life, data security in a vehicular system is mandatory. VANET is a special case of Mobile Ad hoc Network (MANET). Routing in VANET is a controversial issue. Furthermore, Security at routing level is so important because if the routing is compromised, other protocol layers on top of the network layer are also compromised. In this thesis, DSDV, DSR and AODV routing protocols are simulated to understand which of these protocols are suitable for VANET. Finding... 

Wireless sensor networks (WSNs) use many tiny sensors to monitor phenomena such as temperature, humidity, brightness and traffic, and then transmit this information to a base station using wireless channels. WSNs find applications in military, ecological, urban and health related areas. Hierarchical wireless sensor networks are kind of sensor networks that use communication entities with different capabilities in terms of energy, processing power, bandwidth, communication range and etc. In this thesis, an introduction to WSNs and their applications, characteristics and designing factors is expressed. It continues on studying the infrastructures and the role of cryptography in enhancing... 

Computational grids consist of hardware and software infrastructures which can provide end users with the power of computational networks in a ubiquitous and cheaper manner. In fact, computational grids provide the ability to use the computational power of geographically distributed and heterogeneous resources. One of the new challenges facing researchers in this area involves security in grid environment which is somehow hard to achieve, because of the distributed nature of grid resources and fast changes in resource availabilities. Since availability, integrity and confidentiality are key factors of security and system’s fault tolerance capability is directly related to resource... 

TETRA (TErrestrial Trunked RAdio) is one of the mobile telecommunication standards which has improved in several aspects (voice, data, video, coverage, etc.), especially the security section during the last two decades. Although communication could be quite secure in TETRA when the encryption is used, however, attackers create new ways to bypass the encryption without the knowledge of the legitimate user. Security is performed in different levels and forms to create reliable operation and to protect information through the transmission path from interception and tampering. Since most of the TETRA users require the highest possible level of security, in this thesis we introduce a new... 

With the proliferation of Internet-based applications and malicious attacks, security has become one of the most influential aspects in the network and, it should be considered from the beginning steps of designing the network infrastructure. Based on the fact that pattern matching is considered as one of the most important roles of security devices or applications, it becomes an important procedure in firewalls that have been classified as security equipments which adopt a security mechanism in order to restrict the traffic exchanged between networks and particular users or certain applications. While the trend of using compressed traffic is drastically increasing, this type of traffic is... 

In today's world in which a major part of information is digitalized and a large portion of the communication is done via computer networks, entities authentication while maintaining privacy is a concern with the growing importance and value. To meet this goal, during the past two decades, anonymous authentication protocols with different approaches for use in various applications has presented and developed. These protocols enable users to authenticate based on some of their properties, without revealing their own identities. Secret handshake protocols are considered as type of anonymous authentication protocols. This protocol has the unique feature of hiding users' affiliation to the... 

Nowadays, extensive use of Hardware Trojan Horses (HTH) or backdoors is more prevalent than ever. We could count disruption, disabling, eavesdropping and sending out internal information as misuse.
In this project, we embed hardware trojan in a Programmable Logic Controller, and present different methods to detect and neutralize them. This is an important issue, as PLCs should work in a safe environment especially in industrial environments while keeping the information intact is significant as even a slight intentional malfunction could cause data to be lost or disclosed, and result in a catastrophe. Subsequently, features of hardware of PLCs should be examined and the right place of... 

This millennium could be named as a world of relationship and connection which these two terms impacts on each of our business and daily life dimensions, in the world of marketing , consumer relationship management (CRM) was the notion that introduced in 1995 and emphasize on the importance of 1 to 1 interaction. wide perspective and golden target of CRM makes this concept more desirable for all organizations which everyone hope to be achieved it and this is a gains of not just more sales but more profit, in fact CRM focused on the emotional interaction between to part of deals and tries to locked the consumer in the system by creation of sentimental dependence in consumer which drives the... 

Security is an important issue in Vehicular Ad Hoc Networks (VANETs),which are mainly aimed at enhancing safety. Analysis of security mechanisms can help design and implement secure communication establishment methods in such networks. Formal verification is an analysis approach, with the purpose of proving the correctness of a system based on defined precise assumptions. Formal verification is applicable to a vast range of systems, such as time-critical reactive systems. Timed formal verification of cryptographic protocols is a subject that has gained a lot of attention in the recent two decades. The TESLA broadcast authentication protocol is on one hand an efficient, standardized method... 

One of the most intrinsic challenges of flash-based Solid State Drives (SSDs) is erasebefore-write limitation and the limited endurance of flash chips. Wear leveling and garbage collection are two mechanisms implemented in SSD’s controller to enhance endurance and performance. While wear leveling attempts to distribute erasures across all blocks in an even manner, it imposes a new security challenge on SSD,which leads to the presence of invalid data blocks in flash chips. Therefore, some data blocks that are logically deleted by the user are still available in flash chips and can be recovered by software or hardware recovery tools.
In this paper, a new criteria named vulnerability time... 

Recently, security of integrated circuits has received more attention as ICs have become more complex and their usage has increased in safety critical systems. Many orgeniaztions use the ICs that made by third party companies. This is due to the high costs to build and maintain state-of-the-art semiconductor factories. This subject puts the trustworthiness of the ICs under the question. The chips might be maliciously modified in each stage of the manufacturing chain. This threat is called hardware backdoor in scientific community. The aim of this project is to assess the features embedded in a microprocessor and evaluate the side channel effect of various hardware backdoors. hardware... 

Vehicular ad hoc networks are types of mobile ad hoc networks in which each automobile acts as an intelligent node and can have links to other automobiles and with equipments that are beside the road. The main difference between vehicular ad hoc networks and mobile ad hoc networks are in terms of higher speed of their components, extent, span and scale. One of the main concerns about designing vehicular ad hoc networks is users' security and protection of their privacy policy. Althoug a lot of protocols have been suggested for improvement of securities in these networks up to now, many research challenges regarding users' security and their privacy have been left and need to be considered... 

One of the biggest challenges in online communication is privacy of individuals. Although anonymous communication (AC) protocols has been the subject of several security and anonymity analyses recently, there are still few frameworks for analyzing such complex systems (e.g. Tor) and their anonymity properties in a unified manner. In this study, an overview of anonymity features and techniques will be discussed by examining various protocols that provide undetectable network communication. Afterwards, the Tor network is described more precisely. Furthermore, the literature of formal methods is briefly reviewed, and the Universal Composable (UC) framework for the analysis of cryptography... 

Security protocols may be provable secure when used alone, but these protocols lose their security under composition operation. Universal Composition framework (UC) is a tool for analyzing security protocols under composition. UC framework guarantees that the cryptographic protocols keep their security under this composition operation. In this paper we state a modeling for key-evolving signature protocol within the UC framework as a case study. To do this, the ideal functionality is proposed for key-evolving signature scheme that keeps the security requirements of this scheme. Finally, we show that UC definition of security is equivalent to definition of security which is termed here as...