Foundational Forensic Techniques for Cellular and Ad Hoc Multi-hop Networks

The Internet has become an integral part of our nation's critical socio-economic infrastructure. With its heightened use and growing complexity however, organizations are at greater risk of cyber crimes. To aid in the investigation of crimes committed on or via the Internet, a network forensics analysis tool pulls together needed digital evidence. It provides a platform for performing deep network analysis by capturing, recording and analyzing network events to find out the source of a security attack or other information security incidents. Existing network forensics work has been mostly focused on the Internet and fixed networks. But the exponential growth and use of wireless technologies, coupled with their unprecedented characteristics, necessitates the development of new network forensic analysis tools. This dissertation fostered the emergence of a new research field in cellular and ad-hoc network forensics. It was one of the first works to identify this problem and offer fundamental techniques and tools that laid the groundwork for future research. In particular, it introduced novel methods to record network incidents and report logged incidents. For recording incidents, location is considered essential to documenting network incidents. However, in network topology spaces, location cannot be measured due to absence of a 'distance metric'. Therefore, a novel solution was proposed to label locations of nodes within network topology spaces, and then to authenticate the identity of nodes in ad hoc environments. For reporting logged incidents, a novel technique based on Distributed Hash Tables (DHT) was adopted. Although the direct use of DHTs for reporting logged incidents would result in an uncontrollably recursive traffic, a new mechanism was introduced that overcome this recursive process. These logging and reporting techniques aided forensics over cellular and ad-hoc networks, which in turn increased their ability to track and trace attacks to their source. These techniques were a starting point for further research and development that would result in equipping future ad hoc networks with forensic components to complement existing security mechanisms.

A novel neural network based system for assessing risks associated with information technology security breaches

Security remains a top priority for organizations as their information systems continue to be plagued by security breaches. This dissertation developed a unique approach to assess the security risks associated with information systems based on dynamic neural network architecture. The risks that are considered encompass the production computing environment and the client machine environment. The risks are established as metrics that define how susceptible each of the computing environments is to security breaches. ^ The merit of the approach developed in this dissertation is based on the design and implementation of Artificial Neural Networks to assess the risks in the computing and client machine environments. The datasets that were utilized in the implementation and validation of the model were obtained from business organizations using a web survey tool hosted by Microsoft. This site was designed as a host site for anonymous surveys that were devised specifically as part of this dissertation. Microsoft customers can login to the website and submit their responses to the questionnaire. ^ This work asserted that security in information systems is not dependent exclusively on technology but rather on the triumvirate people, process and technology. The questionnaire and consequently the developed neural network architecture accounted for all three key factors that impact information systems security. ^ As part of the study, a methodology on how to develop, train and validate such a predictive model was devised and successfully deployed. This methodology prescribed how to determine the optimal topology, activation function, and associated parameters for this security based scenario. The assessment of the effects of security breaches to the information systems has traditionally been post-mortem whereas this dissertation provided a predictive solution where organizations can determine how susceptible their environments are to security breaches in a proactive way. ^

Defense against node compromise in sensor network security

Recent advances in electronic and computer technologies lead to wide-spread deployment of wireless sensor networks (WSNs). WSNs have wide range applications, including military sensing and tracking, environment monitoring, smart environments, etc. Many WSNs have mission-critical tasks, such as military applications. Thus, the security issues in WSNs are kept in the foreground among research areas. Compared with other wireless networks, such as ad hoc, and cellular networks, security in WSNs is more complicated due to the constrained capabilities of sensor nodes and the properties of the deployment, such as large scale, hostile environment, etc. Security issues mainly come from attacks. In general, the attacks in WSNs can be classified as external attacks and internal attacks. In an external attack, the attacking node is not an authorized participant of the sensor network. Cryptography and other security methods can prevent some of external attacks. However, node compromise, the major and unique problem that leads to internal attacks, will eliminate all the efforts to prevent attacks. Knowing the probability of node compromise will help systems to detect and defend against it. Although there are some approaches that can be used to detect and defend against node compromise, few of them have the ability to estimate the probability of node compromise. Hence, we develop basic uniform, basic gradient, intelligent uniform and intelligent gradient models for node compromise distribution in order to adapt to different application environments by using probability theory. These models allow systems to estimate the probability of node compromise. Applying these models in system security designs can improve system security and decrease the overheads nearly in every security area. Moreover, based on these models, we design a novel secure routing algorithm to defend against the routing security issue that comes from the nodes that have already been compromised but have not been detected by the node compromise detecting mechanism. The routing paths in our algorithm detour those nodes which have already been detected as compromised nodes or have larger probabilities of being compromised. Simulation results show that our algorithm is effective to protect routing paths from node compromise whether detected or not.

Development of local homeland security networks in the state of Florida: A social network analysis approach

How do local homeland security organizations respond to catastrophic events such as hurricanes and acts of terrorism? Among the most important aspects of this response are these organizations ability to adapt to the uncertain nature of these "focusing events" (Birkland 1997). They are often behind the curve, seeing response as a linear process, when in fact it is a complex, multifaceted process that requires understanding the interactions between the fiscal pressures facing local governments, the institutional pressures of working within a new regulatory framework and the political pressures of bringing together different levels of government with different perspectives and agendas. ^ This dissertation has focused on tracing the factors affecting the individuals and institutions planning, preparing, responding and recovering from natural and man-made disasters. Using social network analysis, my study analyzes the interactions between the individuals and institutions that respond to these "focusing events." In practice, it is the combination of budgetary, institutional, and political pressures or constraints interacting with each other which resembles a Complex Adaptive System (CAS). ^ To investigate this system, my study evaluates the evolution of two separate sets of organizations composed of first responders (Fire Chiefs, Emergency Management Coordinators) and community volunteers organized in the state of Florida over the last fifteen years. Using a social network analysis approach, my dissertation analyzes the interactions between Citizen Corps Councils (CCCs) and Community Emergency Response Teams (CERTs) in the state of Florida from 1996–2011. It is the pattern of interconnections that occur over time that are the focus of this study. ^ The social network analysis revealed an increase in the amount and density of connections between these organizations over the last fifteen years. The analysis also exposed the underlying patterns in these connections; that as the networks became more complex they also became more decentralized though not in any uniform manner. The present study brings to light a story of how communities have adapted to the ever changing circumstances that are sine qua non of natural and man-made disasters.^

Defense Against Node Compromise in Sensor Network Security

Recent advances in electronic and computer technologies lead to wide-spread deployment of wireless sensor networks (WSNs). WSNs have wide range applications, including military sensing and tracking, environment monitoring, smart environments, etc. Many WSNs have mission-critical tasks, such as military applications. Thus, the security issues in WSNs are kept in the foreground among research areas. Compared with other wireless networks, such as ad hoc, and cellular networks, security in WSNs is more complicated due to the constrained capabilities of sensor nodes and the properties of the deployment, such as large scale, hostile environment, etc. Security issues mainly come from attacks. In general, the attacks in WSNs can be classified as external attacks and internal attacks. In an external attack, the attacking node is not an authorized participant of the sensor network. Cryptography and other security methods can prevent some of external attacks. However, node compromise, the major and unique problem that leads to internal attacks, will eliminate all the efforts to prevent attacks. Knowing the probability of node compromise will help systems to detect and defend against it. Although there are some approaches that can be used to detect and defend against node compromise, few of them have the ability to estimate the probability of node compromise. Hence, we develop basic uniform, basic gradient, intelligent uniform and intelligent gradient models for node compromise distribution in order to adapt to different application environments by using probability theory. These models allow systems to estimate the probability of node compromise. Applying these models in system security designs can improve system security and decrease the overheads nearly in every security area. Moreover, based on these models, we design a novel secure routing algorithm to defend against the routing security issue that comes from the nodes that have already been compromised but have not been detected by the node compromise detecting mechanism. The routing paths in our algorithm detour those nodes which have already been detected as compromised nodes or have larger probabilities of being compromised. Simulation results show that our algorithm is effective to protect routing paths from node compromise whether detected or not.

Against small arms: An analysis of an international network

Small Arms and Light Weapons (SALW) proliferation was undertaken by the Non-Governmental Organizations (NGOs) as the next important issue in international relations after the success of the International Campaign to Ban Landmines (ICBL). This dissertation focuses on the reasons why the issue of SALW resulted in an Action Program rather than an international convention. Thus, this result was considered as unsuccessful by the advocates of regulating the illicit trade in SALW. The study provides a social movement theoretical approach, using framing, political opportunity and network analysis to explain why the advocates of regulating the illicit trade in SALW did no succeed in their goals. The UN is taken as the arena in which NGOs, States and International Governmental Organizations (IGOs) discussed the illicit trade in SALW. ^ The findings of the study indicate that the political opportunity for the issue of SALW was not ideal. The network of NGOs, States and IGOs was not strong. The NGOs advocating regulation of SALW were divided over the approach of the issue and were part of different coalitions with differing objectives. Despite initial widespread interest among States, only a couple of States were fully committed to the issue till the end. The regional IGOs approached the issue based on their regional priorities and were less interested in an international covenant. The advocates of regulating illicit trade in SALW attempted to frame SALW as a humanitarian issue rather than as a security issue. Thus they were not able to use frame alignment to convince states to treat SALW as a humanitarian issue. In conclusion it can be said that all three items, framing, political opportunity and the network, play a role in the lack of success of advocates for regulating the illicit trade in SALW. ^

Trust based security mechanisms for wireless sensor networks

Wireless sensor networks are emerging as effective tools in the gathering and dissemination of data. They can be applied in many fields including health, environmental monitoring, home automation and the military. Like all other computing systems it is necessary to include security features, so that security sensitive data traversing the network is protected. However, traditional security techniques cannot be applied to wireless sensor networks. This is due to the constraints of battery power, memory, and the computational capacities of the miniature wireless sensor nodes. Therefore, to address this need, it becomes necessary to develop new lightweight security protocols. This dissertation focuses on designing a suite of lightweight trust-based security mechanisms and a cooperation enforcement protocol for wireless sensor networks. This dissertation presents a trust-based cluster head election mechanism used to elect new cluster heads. This solution prevents a major security breach against the routing protocol, namely, the election of malicious or compromised cluster heads. This dissertation also describes a location-aware, trust-based, compromise node detection, and isolation mechanism. Both of these mechanisms rely on the ability of a node to monitor its neighbors. Using neighbor monitoring techniques, the nodes are able to determine their neighbors’ reputation and trust level through probabilistic modeling. The mechanisms were designed to mitigate internal attacks within wireless sensor networks. The feasibility of the approach is demonstrated through extensive simulations. The dissertation also addresses non-cooperation problems in multi-user wireless sensor networks. A scalable lightweight enforcement algorithm using evolutionary game theory is also designed. The effectiveness of this cooperation enforcement algorithm is validated through mathematical analysis and simulation. This research has advanced the knowledge of wireless sensor network security and cooperation by developing new techniques based on mathematical models. By doing this, we have enabled others to build on our work towards the creation of highly trusted wireless sensor networks. This would facilitate its full utilization in many fields ranging from civilian to military applications.

Modeling security and cooperation in wireless networks using game theory

This research involves the design, development, and theoretical demonstration of models resulting in integrated misbehavior resolution protocols for ad hoc networked devices. Game theory was used to analyze strategic interaction among independent devices with conflicting interests. Packet forwarding at the routing layer of autonomous ad hoc networks was investigated. Unlike existing reputation based or payment schemes, this model is based on repeated interactions. To enforce cooperation, a community enforcement mechanism was used, whereby selfish nodes that drop packets were punished not only by the victim, but also by all nodes in the network. Then, a stochastic packet forwarding game strategy was introduced. Our solution relaxed the uniform traffic demand that was pervasive in other works. To address the concerns of imperfect private monitoring in resource aware ad hoc networks, a belief-free equilibrium scheme was developed that reduces the impact of noise in cooperation. This scheme also eliminated the need to infer the private history of other nodes. Moreover, it simplified the computation of an optimal strategy. The belief-free approach reduced the node overhead and was easily tractable. Hence it made the system operation feasible. Motivated by the versatile nature of evolutionary game theory, the assumption of a rational node is relaxed, leading to the development of a framework for mitigating routing selfishness and misbehavior in Multi hop networks. This is accomplished by setting nodes to play a fixed strategy rather than independently choosing a rational strategy. A range of simulations was carried out that showed improved cooperation between selfish nodes when compared to older results. Cooperation among ad hoc nodes can also protect a network from malicious attacks. In the absence of a central trusted entity, many security mechanisms and privacy protections require cooperation among ad hoc nodes to protect a network from malicious attacks. Therefore, using game theory and evolutionary game theory, a mathematical framework has been developed that explores trust mechanisms to achieve security in the network. This framework is one of the first steps towards the synthesis of an integrated solution that demonstrates that security solely depends on the initial trust level that nodes have for each other.^

Women-led community development organizations (CDOs) in Miami-Dade County: A model of community development efforts impacting the economic security of women

Recent studies on the economic status of women in Miami-Dade County (MDC) reveal an alarming rate of economic insecurity and significant obstacles for women to achieve economic security. Consistent barriers to women's economic security affect not only the health and wellbeing of women and their families, but also economic prospects for the community. A key study reveals in Miami-Dade County, "Thirty-nine percent of single female-headed families with at least one child are living at or below the federal poverty level" and "over half of working women do not earn adequate income to cover their basic necessities" (Brion 2009, 1). Moreover, conventional measures of poverty do not adequately capture women's struggles to support themselves and their families, nor do they document the numbers of women seeking basic self-sufficiency. Even though there is lack of accurate data on women in the county, which is a critical problem, there is also a dearth of social science research on existing efforts to enhance women's economic security in Miami-Dade County. My research contributes to closing the information gap by examining the characteristics and strategies of women-led community development organizations (CDOs) in MDC, working to address women's economic insecurity. The research is informed by a framework developed by Marilyn Gittell, who pioneered an approach to study women-led CDOs in the United States. On the basis of research in nine U.S. cities, she concluded that women-led groups increased community participation and "by creating community networks and civic action, they represent a model for community development efforts" (Gittell, et al. 2000, 123). My study documents the strategies and networks of women-led CDOs in MDC that prioritize women's economic security. Their strategies are especially important during these times of economic recession and government reductions in funding towards social services. The focus of the research is women-led CDOs that work to improve social services access, economic opportunity, civic participation and capacity, and women's rights. Although many women-led CDOs prioritize building social infrastructures that promote change, inequalities in economic and political status for women without economic security remain a challenge (Young 2004). My research supports previous studies by Gittell, et al., finding that women-led CDOs in Miami-Dade County have key characteristics of a model of community development efforts that use networking and collaboration to strengthen their broad, integrated approach. The resulting community partnerships, coupled with participation by constituents in the development process, build a foundation to influence policy decisions for social change. In addition, my findings show that women-led CDOs in Miami-Dade County have a major focus on alleviating poverty and economic insecurity, particularly that of women. Finally, it was found that a majority of the five organizations network transnationally, using lessons learned to inform their work of expanding the agency of their constituents and placing the economic empowerment of women as central in the process of family and community development.

Trust Based Security Mechanisms for Wireless Sensor Networks

Wireless sensor networks are emerging as effective tools in the gathering and dissemination of data. They can be applied in many fields including health, environmental monitoring, home automation and the military. Like all other computing systems it is necessary to include security features, so that security sensitive data traversing the network is protected. However, traditional security techniques cannot be applied to wireless sensor networks. This is due to the constraints of battery power, memory, and the computational capacities of the miniature wireless sensor nodes. Therefore, to address this need, it becomes necessary to develop new lightweight security protocols. This dissertation focuses on designing a suite of lightweight trust-based security mechanisms and a cooperation enforcement protocol for wireless sensor networks. This dissertation presents a trust-based cluster head election mechanism used to elect new cluster heads. This solution prevents a major security breach against the routing protocol, namely, the election of malicious or compromised cluster heads. This dissertation also describes a location-aware, trust-based, compromise node detection, and isolation mechanism. Both of these mechanisms rely on the ability of a node to monitor its neighbors. Using neighbor monitoring techniques, the nodes are able to determine their neighbors’ reputation and trust level through probabilistic modeling. The mechanisms were designed to mitigate internal attacks within wireless sensor networks. The feasibility of the approach is demonstrated through extensive simulations. The dissertation also addresses non-cooperation problems in multi-user wireless sensor networks. A scalable lightweight enforcement algorithm using evolutionary game theory is also designed. The effectiveness of this cooperation enforcement algorithm is validated through mathematical analysis and simulation. This research has advanced the knowledge of wireless sensor network security and cooperation by developing new techniques based on mathematical models. By doing this, we have enabled others to build on our work towards the creation of highly trusted wireless sensor networks. This would facilitate its full utilization in many fields ranging from civilian to military applications.

Women-led Community Development Organizations (CDOs) in Miami-Dade County: A Model of Community Development Efforts Impacting the Economic Security of Women

Recent studies on the economic status of women in Miami-Dade County (MDC) reveal an alarming rate of economic insecurity and significant obstacles for women to achieve economic security. Consistent barriers to women’s economic security affect not only the health and wellbeing of women and their families, but also economic prospects for the community. A key study reveals in Miami-Dade County, “Thirty-nine percent of single female-headed families with at least one child are living at or below the federal poverty level” and “over half of working women do not earn adequate income to cover their basic necessities” (Brion 2009, 1). Moreover, conventional measures of poverty do not adequately capture women’s struggles to support themselves and their families, nor do they document the numbers of women seeking basic self-sufficiency. Even though there is lack of accurate data on women in the county, which is a critical problem, there is also a dearth of social science research on existing efforts to enhance women’s economic security in Miami-Dade County. My research contributes to closing the information gap by examining the characteristics and strategies of women-led community development organizations (CDOs) in MDC, working to address women’s economic insecurity. The research is informed by a framework developed by Marilyn Gittell, who pioneered an approach to study women-led CDOs in the United States. On the basis of research in nine U.S. cities, she concluded that women-led groups increased community participation and “by creating community networks and civic action, they represent a model for community development efforts” (Gittell, et al. 2000, 123). My study documents the strategies and networks of women-led CDOs in MDC that prioritize women’s economic security. Their strategies are especially important during these times of economic recession and government reductions in funding towards social services. The focus of the research is women-led CDOs that work to improve social services access, economic opportunity, civic participation and capacity, and women’s rights. Although many women-led CDOs prioritize building social infrastructures that promote change, inequalities in economic and political status for women without economic security remain a challenge (Young 2004). My research supports previous studies by Gittell, et al., finding that women-led CDOs in Miami-Dade County have key characteristics of a model of community development efforts that use networking and collaboration to strengthen their broad, integrated approach. The resulting community partnerships, coupled with participation by constituents in the development process, build a foundation to influence policy decisions for social change. In addition, my findings show that women-led CDOs in Miami-Dade County have a major focus on alleviating poverty and economic insecurity, particularly that of women. Finally, it was found that a majority of the five organizations network transnationally, using lessons learned to inform their work of expanding the agency of their constituents and placing the economic empowerment of women as central in the process of family and community development.