Master Degree / Yüksek Lisans Tezleri

Permanent URI for this collectionhttps://hdl.handle.net/11147/3008

Browse

Filters

2002 - 200917

Settings

Author: search.filters.author.Tuğlular, TuğkanEnd date: 2009

Search Results

Now showing 1 - 10 of 17
  • Master Thesis
    Access Monitoring System for Distributed Firewall Policies
    (Izmir Institute of Technology, 2008) Çakı, Oğuzhan; Tuğlular, Tuğkan
    Internet has provided several benefits in terms of information sharing. However, Internet is an insecure environment that can cause threats to private networks. As a result, network security becomes a critical issue. One of the important tools used in network security is firewall. Firewalls protect a private network from external threats by restricting network traffic according to predefined security rules. Basically, firewalls apply these rules to each packet that passes over them. Distributed firewalls are a new approach to firewall to overcome some drawbacks of traditional firewalls. Distributed firewall design is based on the idea of enforcing the policy rules at the endpoints rather than a single entry point to network. Management of policy rules is a critical issue in both traditional and distributed firewalls. We propose a monitoring application for distributed firewall policies to keep track of actions (create, read. update, delete) performed on policy rule set. The resulting data produced by the monitoring application will be very helpful in policy management process.
  • Master Thesis
    Standards and Practices Necessary To Implement a Successful Security Review Program for Intrusion Management Systems
    (Izmir Institute of Technology, 2002) Doruk, Alpay; Tuğlular, Tuğkan; Tuğlular, Tuğkan
    Intrusion Management Systems are being used to prevent the information systems from successful intrusions and their consequences. They also have detection features. They try to detect intrusions, which have passed the implemented measures. Also the recovery of the system after a successful intrusion is made by the Intrusion Management Systems. The investigation of the intrusion is made by Intrusion Management Systems also. These functions can be existent in an intrusion management system model, which has a four layers architecture. The layers of the model are avoidance, assurance, detection and recovery. At the avoidance layer necessary policies, standards and practices are implemented to prevent the information system from successful intrusions. At the avoidance layer, the effectiveness of implemented measures are measured by some test and reviews. At the detection layer the identification of an intrusion or intrusion attempt is made in the real time. The recovery layer is responsible from restoring the information system after a successful intrusion. It has also functions to investigate the intrusion. Intrusion Management Systems are used to protect information and computer assets from intrusions. An organization aiming to protect its assets must use such a system. After the implementation of the system, continuous reviews must be conducted in order to ensure the effectiveness of the measures taken. Such a review can achieve its goal by using principles and standards. In this thesis, the principles necessary to implement a successful review program for Intrusion Management Systems have been developed in the guidance of Generally Accepted System Security Principles (GASSP). These example principles are developed for tools of each Intrusion Management System layer. These tools are firewalls for avoidance layer, vulnerability scanners for assurance layer, intrusion detection systems for detection layer and integrity checkers for recovery layer of Intrusion Management Systems.
  • Master Thesis
    Analysis of Intrusion Prevention Methods
    (Izmir Institute of Technology, 2004) Semerci, Hakan; Tuğlular, Tuğkan
    Today, the pace of the technological development and improvements has compelled the development of new and more complex applications. The obligatory of application development in a short time to rapidly changing requirements causes skipping of some stages, mostly the testing stage, in the software development cycle thus, leads to the production of applications with defects. These defects are, later, discovered by intruders to be used to penetrate into computer systems. Current security technologies, such as firewalls, intrusion detection systems, honeypots, network-based antivirus systems, are insufficient to protect systems against those, continuously increasing and rapid-spreading attacks. Intrusion Prevention System (IPS) is a new technology developed to block today.s application-specific, data-driven attacks that spread in the speed of communication. IPS is the evolved and integrated state of the existing technologies; it is not a new approach to network security. In this thesis, IPS products of various computer security appliance developer companies have been analyzed in details. At the end of these analyses, the requirements of network-based IPSs have been identified and an architecture that fits those requirements has been proposed. Also, a sample network-based IPS has been developed by modifying the open source application Snort.
  • Master Thesis
    Development of a Web Services Security Archhitecture Based on .net Framework
    (Izmir Institute of Technology, 2008) Bacı, Recep; Tuğlular, Tuğkan
    Service Oriented Architecture (SOA) is an architectural style which allows interaction of diverse applications regardless of their platform, implementation languages and locations by utilizing generic and reliable services that can be used as application building block. SOA includes methodologies and strategies to follow in order to develop sophisticated applications and information systems. SOA is different from the traditional architectures as it has its own unique architectural characteristics and regulations, which needs to be analyzed and clarified so as to apply the information that should be included in the architectural model of SOA correctly to service based application development. The newest technology for SOA is web service technology which gains more and more importance as a technology to develop distributed serviceoriented applications. Web services are an emergent paradigm for implementing business collaborations over the web. Each service has an interface that is accessible through standard protocols and that describes the interaction capabilities of the service.This master's thesis primarily examines the web services concept of the .NET platform having the emphasis on secure communication. A case study demonstrates securing the communication between a web service and its clients through RIJNDAEL, 3DES and RSA algorithms implemented on code based structure which uses the identity token, provided from identity web service, to validate the identity of the client and the status token provided from status web service in order to validate the status of the client.A number of tests are performed using different cryptographic algorithms and network settings for the communication in order to obtain operational values of these algorithms.
  • Master Thesis
    Traffic Generator for Firewall Testing
    (Izmir Institute of Technology, 2009) Kaya, Özgür; Tuğlular, Tuğkan
    Firewalls lead at the front line of a computer network to restrict unauthorized access. The desired security level is determined by a policy and implemented by a firewall which not only has to be effective but also stable and reliable service is expected. In order to verify the level of security of the system, testing is required. The objective of this thesis is to test a firewall with software testing techniques taking into consideration the nominated policy and the firewall. Iptables software was examined and tested by two different algorithms that were modified according to software testing techniques, and the results were observed. Packets sent through the Firewall Under Test (FUT) are compared to packets passed through the FUT and test results were observed. The security performance of the modified algorithms proved to be successful.
  • Master Thesis
    Web Services Security: a Proposed Architecture for Interdomain Trust Relationship
    (Izmir Institute of Technology, 2006) Hendrickson, Selim L.Y.; Tuğlular, Tuğkan
    Web services technology is vulnerable to security threats similar to other technologies which are based on communication over internet. Some applications working over internet typically require strong authentication. The security requirements of a scenario may involve interdomain authentication mechanisms. These domains may be operating using different technologies. In order to enable such scenarios, we leverage existing approaches with emerging standards and propose an architecture. Our proposed architecture takes advantage of XML technology and emerging SAML standard. The most important aim of the proposed architecture is platform indepedence. Our proposed architecture includes a Security Token Service and a protocol for communication between token requesters, consumers and issuers. Although, the exact flow of execution depends on the scenario, we believe our approaches can be used as common ground for implementation.
  • Master Thesis
    Comparison of Recovery Requirements With Investigation Requirements for Intrusion Management Systems
    (Izmir Institute of Technology, 2002) Arpaçay Tapucu, Dilek; Tuğlular, Tuğkan
    Computer systems resources and all data contained in the system may need to be protected against the increasing number of unauthorized access, manipulation and malicious intrusions. This thesis is concerned with intrusion management systems and specially with their investigation and recovery subsystems. The goals of these systems are to investigate intrusion attempts and recover from intrusions as fast as possible. In order to achieve these goals me should observe the fact that some of the intrusion attempts will be eventually successful should be accepted and necessary precautions should be taken.After an intrusion has taken place, the focus should be on the assessment:looking at what damage has occurred, how it happened, what changes can be made to prevent such attacks in the future. In this thesis, requirements of investigation and recovery process are determined and related guidelines developed. The similarities and differences between these guidelines are explained.
  • Master Thesis
    Anomaly Detection Using Network Traffic Characterization
    (Izmir Institute of Technology, 2009) Yarımtepe, Oğuz; Tuğlular, Tuğkan; Tuğlular, Tuğkan
    Detecting suspicious traffic and anomaly sources are a general tendency about approaching the traffic analyzing. Since the necessity of detecting anomalies, different approaches are developed with their software candidates. Either event based or signature based anomaly detection mechanism can be applied to analyze network traffic. Signature based approaches require the detected signatures of the past anomalies though event based approaches propose a more flexible approach that is defining application level abnormal anomalies is possible. Both approach focus on the implementing and defining abnormal traffic. The problem about anomaly is that there is not a common definition of anomaly for all protocols or malicious attacks. In this thesis it is aimed to define the non-malicious traffic and extract it, so that the rest is marked as suspicious traffic for further traffic. To achieve this approach, a method and its software application to identify IP sessions, based on statistical metrics of the packet flows are presented. An adaptive network flow knowledge-base is derived. The knowledge-base is constructed using calculated flows attributes. A method to define known traffic is displayed by using the derived flow attributes. By using the attributes, analyzed flow is categorized as a known application level protocol. It is also explained a mathematical model to analyze the undefined traffic to display network traffic anomalies. The mathematical model is based on principle component analysis which is applied on the origindestination pair flows. By using metric based traffic characterization and principle component analysis it is observed that network traffic can be analyzed and some anomalies can be detected.
  • Master Thesis
    Developing a Security Mechanism for Software Agents
    (Izmir Institute of Technology, 2006) Tekbacak, Fatih; Tuğlular, Tuğkan
    This thesis proposes a message security solution on multi-agent systems. A general security analysis based on properties of software agents is presented along with an overview of security measures applicable to multi-agent systems. A security design and implementation has been developed to protect communication among agents. And this implementation scheme has been applied to Seagent, a semantic web enabled multi-agent framework. Hence, a set of agent security mechanisms have been adapted for Seagent and have been implemented for message confidentiality, integrity, authentication and nonrepudiation. Then these mechanisms have been tested for communication performance on Seagent.
  • Master Thesis
    Development of a Quality Assurance Prototype for Intrusion Detection Systems
    (Izmir Institute of Technology, 2002) Yüksel, Ulaş; Tuğlular, Tuğkan
    Quality assurance is an essential activity for any business interacting with consumers. There are considerable number of projects going on to develop intrusion detection systems (IDSs). However, efforts to establish standards and practices to ensure the quality of such systems are comparatively less significant. The quality assurance activities for IDSs should ensure the conformance of explicitly stated functional and performance requirements as well as implicit characteristics that are expected from information security tools. This dissertation establishes guidelines to review, evaluate and possibly to develop an IDS. To establish guidelines, generic IDS and software requirements, software quality factors and design principles are used which are available in related literature and these requirements are presented both on developed generic IDS model and in Common Criteria Protection Profile format. First, the guidelines are developed, then they are implemented on a specific IDS product evaluation.