This note presents a new model for classifying vulnerabilities in computer systems. The model is structurally different than earlier models, It decomposes vulnerabilities into small parts, called "primitive conditions. " Our hypothesis is that by examining systems for these conditions, we can detect vulnerabilities. By preventing these conditions from holding, we can prevent vulnerabilities from occurring, even if we do not know that the vulnerability exists. A formal basis for this model is presented. An informal, experimental method of validation for non- secure systems is described. If the model accurately describes existing systems, it guides the development of tools to analyze systems for vulnerabilities. 1.

This paper describes the SCYLLARUS approach to fusing reports from multiple intrusion detection systems (IDSes) to provide an overall approach to intrusion situation awareness. The overall view provided by SCYLLARUS centers around the site's security goals, aggregating large numbers of individual IDS reports based on their impact The overall view reduces information overload by aggregating multiple IDS reports in a top-down view; and by reducing false positives by weighing evidence provided by multiple IDSes and other information sources. Unlike previous efforts in this area, SCYLLARUS is centered around its Intrusion Reference Model (IRM). The SCYLLARUS IRM contains both dynamic and static (configuration) information. A Network Entity/Relationship Database (NERD), providing information about the site's hardware and software; a Security Goal Database, describing the site's objectives and security policy; and an Event Dictionary, describing important events, both intrusions and benign; comprise the static portion of the IRM. The set of IDS reports; the events SCYLLARUS hypothesizes to explain them; and the resulting judgment of the state of site security goals comprise the dynamic part of the IRM. 1.

strong and steady yet unassuming guidance made me what I am today. I miss him dearly. ACKNOWLEDGMENTS I owe a great deal of my success to the values instilled in me by my family. First, I would like to thank my parents, Grace Marie Jones Daniels and Thomas Arthur Daniels, who always encouraged me to make a better life for myself through advancing my education. Second, I would like to thank my uncle and aunt, Clarence and Betty Jones, for stressing that education was the way to go further in life. Third, I thank my in–laws, the Martin and Martha Walker family, for helping my wife and I numerous times during our many years of post-secondary education. Fourth, I thank my uncle and aunt, Jesse and the late Mary Ellen (Daniels) Masters, for their moral and monetary support to continue my education. Finally, I do not know what I would have done without the constant loving support and friendship of my wife, Dr. Jennifer Lea Walker–Daniels. She has given me two wonderful children and the emotional and practical support to complete this work. Many people at the Center for Education and Research in Information Assurance

Abstract- This chapter gives an overview of the major types of electronic attacks encountered today and likely to continue into the foreseeable future. A comprehensive understanding of attackers, their motives, and their methods is a prerequisite for digital crime investigation. The range of possible cyber attacks is almost unlimited, but many attacks generally follow the basic steps of reconnaissance, gaining access, and coverup. We highlight common methods and tools used by attackers in each step. In addition, attacks are not necessarily directed toward specific targets. Viruses, worms, and spam are examples of large-scale attacks directed at compromising as many systems as possible.

creativity. Subject area: Internet studies, new media studies, Russian studies, history, ethnography, creativity theory. The study investigates manifestations of creativity in the history of the Russian Internet. It seeks to discover internal logic of the development of creative forms, to identify the factors that account for change and to analyse the relationship between Internet creativity and wider sociocultural contexts. Creativity is defined as production and communication of cultural value. On this basis an operational concept of Internet creativity is developed which allows identifying regularities in the phenomena which have been usually studied separately. Case studies concern the evolution of Russian online media, the virtual persona as an artistic genre, the Russian community on LiveJournal and Jokes from Russia web site. The theoretical issues include the role of cultural identity and social context as a shaping force of Internet culture; motivation for creativity; user contribution, collaboration and the interplay between personal and collective creativity; the opposition between official and non-official spheres in Russian culture; issues of censorship and free speech. The study develops theories which challenge or expand concepts established in research literature and provide a model for further research. iii TABLE OF CONTENTS Certificate of acceptance i

802.11 is a set of developing IEEE standards for wireless local area networks (WLAN). The IEEE fosters the development of standards that often become national and international standards. The organization publishes a number of journals, has many local chapters, and several large societies in special areas, such as the IEEE Computer Society. For further information on the IEEE and the IEEE Computer Society, see

Abstract not found

Surveillance of Internet communications is increasingly common. As a greater and greater percentage of communication occurs over the Internet, the desire by law enforcement, intelligence agencies, criminals, and others to access these communications grows. In recent years, motivated by updated legislation, we have seen the first large-scale systems for intercepting Internet communications deployed, and there is increasing pressure for more such systems to be developed and put to use. Such systems raise a number of obvious questions for the security research community. Unfortunately, nearly all the systems that have been developed are closed and proprietary, and their inner workings closely guarded for commercial and “security ” reasons. Very little research exists in the open academic literature exploring the technical aspects of Internet surveillance, and (to our knowledge) none which focuses on security or reliability. In this work we examine one specific problem, that of performing reliable capture of Internet communications. This work has three main contributions which address some, but by no means all, of the open questions relating to reliable capture in Internet surveillance. First, we provide a survey of the current state of practice for Internet capture in the public literature. Second, we examine a number of ways in which existing capture solutions fall short of perfect capture, and the consequences, namely theoretical vulnerabilities as well as practical attacks on the accuracy and completeness of information analyzed. Finally, we construct a set of improved capture tools which provide stronger, more reliable results when used in conjunction with existing tools. This document represents a dissertation in progress.