Theses and Dissertations

Permanent URI for this collectionhttp://ir.daiict.ac.in/handle/123456789/1

Browse

Subject: search.filters.subject.Data protection

Search Results

Now showing 1 - 3 of 3
  • Thumbnail Image
    ItemOpen Access
    Automatic Compact Alphanumeric Encoding of Shellcode
    (Dhirubhai Ambani Institute of Information and Communication Technology, 2016) Patel, Arohi; Anish Mathuria
    Shellcode is a machine code that is injected in the form of a string to exploit buffer overflows. It generally contains non-ASCII bytes as not all machine instructions have their encoding bytes in ASCII range. To mitigate shellcode injection, there are some filtering techniques that only accepts set of ASCII bytes as an input string. Alphanumeric shellcode helps attackers to bypass this filtering. It is a tedious task to generate alphanumeric shellcode manually from any arbitrary shellcode. There exist tools to automate this process. Existing tools to automatically generate alphanumeric shellcode works as follows : the bytes of shellcode are placed in encoded form and then recovered at runtime using selfmodifying code (also called as decoder). The alphanumeric shellcode generated using such tools has a larger size than original shellcode. The small shellcodes are useful as they fit into the small buffers and are more useful when there is a size restriction on input string. In this work, we present optimization techniques that focuses on optimizing the encoded form as well as decoding loop. One of the technique named as Dynamic Encoding, results into compact size of encodedshellcode, while another technique - Generating Alphanumeric Decoder - focuses onmaking decoding loop more compact. And by combining these two techniques,it produces more compact alphanumeric shellcode (decoder + encoded shellcode)than existing schemes for some shellcode with larger size (greater than 200 bytes).However, the size of output is bigger for some small shellcodes due to larger sizeof decoding loop.
  • Thumbnail Image
    ItemOpen Access
    Performance evaluation of kerberos cross-realm authentication using SIMNET
    (Dhirubhai Ambani Institute of Information and Communication Technology, 2011) Sethi, Ankit Kumar; Mathuria, Anish M.
    Today, the network is being implemented in such a manner that consist of geographi- cally diverse clients and distributed as well as centralized servers. To prevent unauthorized access to system resources such as servers, authentication is required. Kerberos is a trusted third party network authentication protocol which securely authenticates the users over insecure communication channel. Due to change in requirements and better utilization of resources, the client and server may reside across organizational boundary. To access such resources, a user has to authenticate itself. Cross-realm authentication is such a technique which facilitates authentication across the realms. In Cross-realm authentication, initially a user has to authenticate to it local Authentication Server (AS) and get the credentials. Acquired credentials are used to authenticate the user to the application server which resides over destination realm. Crescenzo and Kornievskaia designed an e cient protocol for cross-realm authentica- tion that decreases communication over the internet. They considered an extension to the original Kerberos protocol that enables cross-realm operations, identi ed its ine ciencies and proposed an alternative protocol called Fake Ticket Protocol (FTP). In FTP, local AS generates a ticket for the user to access the application server in destination realm and instead of sending it to destination AS, it is forwarded to the application server directly by user. Because application server cannot determine the legitimacy of ticket, it was named as Fake Ticket and so the protocol as Fake Ticket Protocol. Simnet is a network simulator which provides the functionality to simulate network security protocols. Using Simnet, we implemented Kerberos and FTP with their full capabilities. The aim of this thesis is to do the performance evaluation of the kerberos protocol vi and Fake Ticket Protocol for the Cross-Realm approach using Simnet. The simulation results show that in the scenario where a client repeatedly authen ticates to a stateless server using the same ticket, the original Kerberos cross-realm protocol performs better than FTP. In the case that the client authenticates to the server only once, FTP does better.
  • Thumbnail Image
    ItemOpen Access
    Formal analysis of two standardized protocols using standard spaces
    (Dhirubhai Ambani Institute of Information and Communication Technology, 2008) Soni, Shraddha; Mathuria, Anish M.
    To achieve secure communication it is critical to provide protocols which are secure against attacks. Formal methods are helpful in finding whether or not a protocol is secure. The first formal method for this task, namely BAN logic was proposed by Burrows, Abadi and Needham. However, it is well known to have deficiencies. The most recent deficiency was found by Teepe who showed that the hash inference rule of BAN logic is unsound. This rule was first used in the analysis of CCITT by Burrows, Abadi and Needham. Later it was also used in the analysis of SET by Agray, Hoek and Vink. This thesis proposes a simple modification to the BAN hash rule to remove its unsoundness. We demonstrate that the modified rule captures the inference that the original rule intended to capture for the above protocols. The deficiency of BAN in proving security guarantees cannot be overcome by just modifying the rules. It would therefore be preferable to have proof of security using alternate methods which are more rigorous than BAN logic. To this end, we provide proofs of correctness of the above protocols using the strand space technique proposed by Fabrega, Herzog and Guttman.