Master Degree / Yüksek Lisans Tezleri

Permanent URI for this collectionhttps://hdl.handle.net/11147/3008

Browse

Filters

2001 - 20106

Settings

Access Right: Open AccessSubject: search.filters.subject.Computer security

Search Results

Now showing 1 - 6 of 6
  • Master Thesis
    A Turkish Password Cracker for Unix Based Operating Systems
    (Izmir Institute of Technology, 2001) Tahaoğlu, Osman Okyar; Koltuksuz, Ahmet; Koltuksuz, Ahmet Hasan
    UNIX and UNIX-based operating systems have been widely utilized in local area and wide area network systems that supply application and development chain of users through remote access as well as online connections. Although UNIX operating system has got powerful tools which have secure methods for user authentication, user management and for password storage, weak password choices of the users affect the entire system security negatively. This study aims to crack the password hashes which are encrypted by DES using the method of dictionary attack. The developed application is introduced and compared with the previous utilities. Password encryption, password storage, and the structure which was developed against a possible dictionary attack of UNIX are examined. The good password choosing method for the users and the system administrator are given.
  • Master Thesis
    Comparison of Recovery Requirements With Investigation Requirements for Intrusion Management Systems
    (Izmir Institute of Technology, 2002) Arpaçay Tapucu, Dilek; Tuğlular, Tuğkan
    Computer systems resources and all data contained in the system may need to be protected against the increasing number of unauthorized access, manipulation and malicious intrusions. This thesis is concerned with intrusion management systems and specially with their investigation and recovery subsystems. The goals of these systems are to investigate intrusion attempts and recover from intrusions as fast as possible. In order to achieve these goals me should observe the fact that some of the intrusion attempts will be eventually successful should be accepted and necessary precautions should be taken.After an intrusion has taken place, the focus should be on the assessment:looking at what damage has occurred, how it happened, what changes can be made to prevent such attacks in the future. In this thesis, requirements of investigation and recovery process are determined and related guidelines developed. The similarities and differences between these guidelines are explained.
  • Master Thesis
    Anomaly Detection Using Network Traffic Characterization
    (Izmir Institute of Technology, 2009) Yarımtepe, Oğuz; Tuğlular, Tuğkan; Tuğlular, Tuğkan
    Detecting suspicious traffic and anomaly sources are a general tendency about approaching the traffic analyzing. Since the necessity of detecting anomalies, different approaches are developed with their software candidates. Either event based or signature based anomaly detection mechanism can be applied to analyze network traffic. Signature based approaches require the detected signatures of the past anomalies though event based approaches propose a more flexible approach that is defining application level abnormal anomalies is possible. Both approach focus on the implementing and defining abnormal traffic. The problem about anomaly is that there is not a common definition of anomaly for all protocols or malicious attacks. In this thesis it is aimed to define the non-malicious traffic and extract it, so that the rest is marked as suspicious traffic for further traffic. To achieve this approach, a method and its software application to identify IP sessions, based on statistical metrics of the packet flows are presented. An adaptive network flow knowledge-base is derived. The knowledge-base is constructed using calculated flows attributes. A method to define known traffic is displayed by using the derived flow attributes. By using the attributes, analyzed flow is categorized as a known application level protocol. It is also explained a mathematical model to analyze the undefined traffic to display network traffic anomalies. The mathematical model is based on principle component analysis which is applied on the origindestination pair flows. By using metric based traffic characterization and principle component analysis it is observed that network traffic can be analyzed and some anomalies can be detected.
  • Master Thesis
    Development of a Quality Assurance Prototype for Intrusion Detection Systems
    (Izmir Institute of Technology, 2002) Yüksel, Ulaş; Tuğlular, Tuğkan
    Quality assurance is an essential activity for any business interacting with consumers. There are considerable number of projects going on to develop intrusion detection systems (IDSs). However, efforts to establish standards and practices to ensure the quality of such systems are comparatively less significant. The quality assurance activities for IDSs should ensure the conformance of explicitly stated functional and performance requirements as well as implicit characteristics that are expected from information security tools. This dissertation establishes guidelines to review, evaluate and possibly to develop an IDS. To establish guidelines, generic IDS and software requirements, software quality factors and design principles are used which are available in related literature and these requirements are presented both on developed generic IDS model and in Common Criteria Protection Profile format. First, the guidelines are developed, then they are implemented on a specific IDS product evaluation.
  • Master Thesis
    Defining a Sample Template for Governmental Procurements of Cryptographic Products
    (Izmir Institute of Technology, 2006) Taş, Levent; Koltuksuz, Ahmet Hasan
    It is a well-known truth that nobody can easily find a law, act, directive, code or a publicly available technical specification which describe crytopgraphic-based security systems and/or cryptographic modules in Turkey. Besides that, from the international aspect, the only government released standarts take place in the "Federal Information Standarts Publication (FIPS) 140-2", published by United States "National Institute of Standarts and Technology (NIST)" on May 25th, 2001 (which became the international standart after Final Commitee Document accepted as "ISO/IEC 19790:2006" on March 9th, 2006) which specifies the security requirements that should be satisfied by a cryptographic module.Since the protection of sensitive and valuable (sometimes lifecritical) data transfered via critical governmental cryptographic systems is very important and requires high confidentiality, the need for defining a sample template technical specification of those cryptographic systems is that much high.The sample template specification which is made up in this study aims to be a starting point or initiative for preparing a cryptographic module specification in governmental procurements.
  • Master Thesis
    Development of a Static Analysis Tool To Find Securty Vulnerabilities in Java Applications
    (Izmir Institute of Technology, 2010) Topuz, Bertan; Tuğlular, Tuğkan
    The scope of this thesis is to enhance a static analysis tool in order to find security limitations in java applications. This will contribute to the removal of some of the existing limitations related with the lack of java source codes. The generally used tools for a static analysis are FindBugs, Jlint, PMD, ESC/Java2, Checkstyle. In this study, it is aimed to utilize PMD static analysis tool which already has been developed to find defects Possible bugs (empty try/catch/finally/switch statements), Dead code (unused local variables, parameters and private methods), Suboptimal code (wasteful String/StringBuffer usage), Overcomplicated expressions (unnecessary if statements for loops that could be while loops), Duplicate code (copied/pasted code means copied/pasted bugs). On the other hand, faults possible unexpected exception, length may be less than zero, division by zero, stream not closed on all paths and should be a static inner class cases were not implemented by PMD static analysis tool. PMD performs syntactic checks and dataflow analysis on program source code.In addition to some detection of clearly erroneous code, many of the .bugs. PMD looks for are stylistic conventions whose violation might be suspicious under some circumstances. For example, having a try statement with an empty catch block might indicate that the caught error is incorrectly discarded. Because PMD includes many detectors for bugs that depend on programming style, PMD includes support for selecting which detectors or groups of detectors should be run. While PMD.s main structure was conserved, boundary overflow vulnerability rules have been implemented to PMD.