Master Degree / Yüksek Lisans Tezleri

Permanent URI for this collectionhttps://hdl.handle.net/11147/3008

Browse

Filters

1999 - 199912000 - 200972010 - 20131

Settings

Subject: search.filters.subject.Computer networks--Security measuresWoS Q: search.filters.wosQuartile.N/A

Search Results

Now showing 1 - 9 of 9
  • Master Thesis
    A Firewall Design for Academic Environments
    (Izmir Institute of Technology, 2001) Tok, Metin; Koltuksuz, Ahmet Hasan
    Computer networks in academic environments could have many secUlity problems if there weren't enough precaution. The source of these problems is generally vulnerabilities of TCP/IP protocol and Internet. Vulnerabilities can cause threats. These threats will be analyzed in this thesis. There are many kind of countelmeasures to prevent the assets of the academic networks. Firewalls are a kind of countermeasure against these attacks. In this thesis, these countelmeasures will be also analyzed and a firewall will be designed and proposed for academic environments against these threats.
  • Master Thesis
    An Approch To the Security Problems in the Tcp/Ip Protocol Suite for a Network Security Monitor Design
    (Izmir Institute of Technology, 1999) Mutaf, Pars; Koltuksuz, Ahmet Hasan
    There are a number of security problems in the TCP/IP protocol suite. In this thesis these problems will be analyzed in detail. The problems in several existing prevention methods will be analyzed as well in order to show that security policies based merely on preventive measures are not completely secure and convenient. Therefore, "network security moniJoring" will be proposed as an alternative and supplementary approach against Internet attacks.
  • Master Thesis
    Analysis of Intrusion Prevention Methods
    (Izmir Institute of Technology, 2004) Semerci, Hakan; Tuğlular, Tuğkan
    Today, the pace of the technological development and improvements has compelled the development of new and more complex applications. The obligatory of application development in a short time to rapidly changing requirements causes skipping of some stages, mostly the testing stage, in the software development cycle thus, leads to the production of applications with defects. These defects are, later, discovered by intruders to be used to penetrate into computer systems. Current security technologies, such as firewalls, intrusion detection systems, honeypots, network-based antivirus systems, are insufficient to protect systems against those, continuously increasing and rapid-spreading attacks. Intrusion Prevention System (IPS) is a new technology developed to block today.s application-specific, data-driven attacks that spread in the speed of communication. IPS is the evolved and integrated state of the existing technologies; it is not a new approach to network security. In this thesis, IPS products of various computer security appliance developer companies have been analyzed in details. At the end of these analyses, the requirements of network-based IPSs have been identified and an architecture that fits those requirements has been proposed. Also, a sample network-based IPS has been developed by modifying the open source application Snort.
  • Master Thesis
    Group Key Establishment Protocols: Pairing Cryptography and Verifiable Secret Sharing Scheme
    (Izmir Institute of Technology, 2013) Aslanoğlu, Rabia; Şahin, Serap
    The aim of this study is to establish a common secret key over an open network for a group of user to be used then symmetrical secure communication between them. There are two methods of GKE protocol which are key agreement and key distribution. Key agreement is a mechanism whereby the parties jointly establish a common secret. As to key distribution, it is a mechanism whereby one of the parties creates or obtains a secret value and then securely distributes it to other parties. In this study, both methods is applied and analyzed in two different GKE protocols. Desirable properties of a GKE are security and efficiency. Security is attributed in terms of preventing attacks against passive and active adversary. Efficiency is quantified in terms of computation, communication and round complexity. When constructing a GKE, the challenge is to provide security and efficiency according to attributed and quantified terms. Two main cryptographic tools are selected in order to handle the defined challenge. One of them is bilinear pairing which is based on elliptic curve cryptography and another is verifiable secret sharing which is based on multiparty computation. In this thesis, constructions of these two GKE protocols are studied along with their communication models, security and efficiency analysis. Also, an implementation of four-user group size is developed utilizing PBC, GMP and OpenSSL Libraries for both two protocols.
  • Master Thesis
    Comparison of Recovery Requirements With Investigation Requirements for Intrusion Management Systems
    (Izmir Institute of Technology, 2002) Arpaçay Tapucu, Dilek; Tuğlular, Tuğkan
    Computer systems resources and all data contained in the system may need to be protected against the increasing number of unauthorized access, manipulation and malicious intrusions. This thesis is concerned with intrusion management systems and specially with their investigation and recovery subsystems. The goals of these systems are to investigate intrusion attempts and recover from intrusions as fast as possible. In order to achieve these goals me should observe the fact that some of the intrusion attempts will be eventually successful should be accepted and necessary precautions should be taken.After an intrusion has taken place, the focus should be on the assessment:looking at what damage has occurred, how it happened, what changes can be made to prevent such attacks in the future. In this thesis, requirements of investigation and recovery process are determined and related guidelines developed. The similarities and differences between these guidelines are explained.
  • Master Thesis
    Development of a Quality Assurance Prototype for Intrusion Detection Systems
    (Izmir Institute of Technology, 2002) Yüksel, Ulaş; Tuğlular, Tuğkan
    Quality assurance is an essential activity for any business interacting with consumers. There are considerable number of projects going on to develop intrusion detection systems (IDSs). However, efforts to establish standards and practices to ensure the quality of such systems are comparatively less significant. The quality assurance activities for IDSs should ensure the conformance of explicitly stated functional and performance requirements as well as implicit characteristics that are expected from information security tools. This dissertation establishes guidelines to review, evaluate and possibly to develop an IDS. To establish guidelines, generic IDS and software requirements, software quality factors and design principles are used which are available in related literature and these requirements are presented both on developed generic IDS model and in Common Criteria Protection Profile format. First, the guidelines are developed, then they are implemented on a specific IDS product evaluation.
  • Master Thesis
    Statistical Methods Used for Intrusion Detection
    (Izmir Institute of Technology, 2006) Özardıç, Onur; Püskülcü, Halis
    Computer networks are being attacked everyday. Intrusion detection systems are used to detect and reduce effects of these attacks. Signature based intrusion detection systems can only identify known attacks and are ineffective against novel and unknown attacks. Intrusion detection using anomaly detection aims to detect unknown attacks and there exist algorithms developed for this goal. In this study, performance of five anomaly detection algorithms and a signature based intrusion detection system is demonstrated on synthetic and real data sets. A portion of attacks are detected using Snort and SPADE algorithms. PHAD and other algorithms could not detect considerable portion of the attacks in tests due to lack of sufficiently long enough training data.
  • Master Thesis
    Firewall monitoring using intrusion detection systems
    (Izmir Institute of Technology, 2005) Asarcıklı, Şükran; Tuğlular, Tuğkan
    Most organizations have intranet, they know the benefits of connecting their private LAN to the Internet. However, Internet is inherently an insecure network. That makes the security of the computer systems an imported problem. The first step of network security is firewalls. Firewalls are used to protect internal networks from external attacks through restricting network access according to the rules. The firewall must apply previously defined rules to each packet reaching to its network interface. If the application of rules are prohibited due to malfunction or hacking, internal network may be open to attacks and this situation should be recovered as fast as possible. In order to be sure about the firewall working properly, we proposed to use Intrusion Detection Systems (IDS)to monitor firewall operation. The architecture of our experimental environment is composed of a firewall and two IDSs. One IDS is between external network and firewall, while the other is between firewall and private network. Those two IDSs are invisible to the both networks and they send their information to a monitoring server, which decides, based on two observations, whether the firewall is working properly or not.
  • Master Thesis
    Improving Misuse Detection With Neural Networks
    (Izmir Institute of Technology, 2005) Demiray, Sadettin; Tuğlular, Tuğkan
    Misuse Intrusion Detection Systems are rule-based systems that search attack patterns in the data source. Detection ability of misuse detectors is limited to known attack patterns; hence unknown attacks may be missed. In addition, writing new signatures for novel attacks can be troublesome and time consuming. Similarly behavior based IDSs suffered from high rates of false alarms. Artificial neural networks have generalization ability, thus they can be used with intrusion detection system in order to identify normal and attack packets without the need of writing rules. We proposed to use neural networks with network-based IDS. To achieve this, system was trained and tested with both normal and malicious network packets. Backpropagation and Levenberg-Marquardt algorithms were used to train neural networks. For each of these training algorithms a 3-layer and a 4-layer MLP network sets were generated. In addition, self-organizing maps were used to classify attack instances. DARPA 1999 Intrusion Detection Evaluation dataset was used for training and testing, but lack of enough attack patterns in evaluation dataset made us to create a testbed to obtain sufficient malicious traffic. After training was completed, trained neural networks were tested against training dataset and test dataset, which is not part of the training dataset. Results of the experiments showed that, none of the trained backpropagation networks could identify attacks in training and/or testing data sets. But results of the Levenberg-Marquardt networks were more promising as nine of the trained Levenberg-Marquardt networks could identify attack and normal network packets in training and test datasets.