Current Search: poster (x) » Fernandez, Eduardo B. (x) » Jofre, Michael A. (x)
View All Items
- Title
- A Misuse Pattern for Flame.
- Creator
- Lewis, Paul, Singh, Sanjay, Fernandez, Eduardo B.
- Abstract/Description
-
Flame is a computer worm that is being used for targeted cyber espionage in Middle Eastern countries. It is considered one of the most complex malware ever found. Flame can record audio, screenshots, keyboard activity and network traffic. It also has a kill switch to erase itself. Its program modules are encrypted. We are writing a misuse pattern to describe its architecture. A pattern is a solution to a recurrent problem in a given context. A pattern embodies the knowledge and experience of...
Show moreFlame is a computer worm that is being used for targeted cyber espionage in Middle Eastern countries. It is considered one of the most complex malware ever found. Flame can record audio, screenshots, keyboard activity and network traffic. It also has a kill switch to erase itself. Its program modules are encrypted. We are writing a misuse pattern to describe its architecture. A pattern is a solution to a recurrent problem in a given context. A pattern embodies the knowledge and experience of software developers and can be reused in new applications. A security pattern describes a mechanism or procedure to defend against an attack. A misuse pattern describes how a misuse is performed from the point of view of the attacker. It defines the environment where the attack is performed, countermeasures to stop it, and provides forensic information in order to trace the attack once it happens.
Show less - Date Issued
- 2014
- PURL
- http://purl.flvc.org/fau/fd/FA0005027
- Subject Headings
- College students --Research --United States.
- Format
- Document (PDF)
- Title
- Multi-factor Authentication.
- Creator
- Callahan, Colin, Fernandez, Eduardo B., College of Engineering and Computer Science
- Abstract/Description
-
An important authentication method is multi-factor authentication (MFA). Products such as Enterprise Office 365 are already using it, available for any user in Office 365 Midsize Business, Enterprise, Academic, and Nonprofit plans as well as the standalone versions of Exchange Online and SharePoint Online. The log-in verification feature is aimed at reducing users' vulnerability to online identity theft, phishing, and other scams by adding a second level of authentication to an account log-in...
Show moreAn important authentication method is multi-factor authentication (MFA). Products such as Enterprise Office 365 are already using it, available for any user in Office 365 Midsize Business, Enterprise, Academic, and Nonprofit plans as well as the standalone versions of Exchange Online and SharePoint Online. The log-in verification feature is aimed at reducing users' vulnerability to online identity theft, phishing, and other scams by adding a second level of authentication to an account log-in. Twitter, Apple, PayPal, Google, Facebook, and other vendors already have implemented it. After correctly entering their username and password, users need to acknowledge a phone call, text message, or an app notification on their smartphone before they can gain access to their account. Two-factor authentication is the most common form of MFA and requires the use of two of the three authentication factors: Something only the user knows, something the user has, and something only the user is. In this work we will analyze some varieties, do UML models of their structure and dynamics, and compare MFA to other authentication approaches.
Show less - Date Issued
- 2015
- PURL
- http://purl.flvc.org/fau/fd/FA00005179
- Subject Headings
- College students --Research --United States.
- Format
- Document (PDF)
- Title
- Misuse Pattern: Keyboard Injection Through The USB Human Interface Device Class.
- Creator
- To, Dyllan, Fernandez, Eduardo B., College of Engineering and Computer Science
- Abstract/Description
-
We are presenting a misuse pattern, Keyboard Injection through the USB Human Interface Device(HID) class. This paper describes how such a misuse is performed from the view from an attacker, describes the systems involved in the misuse, analyzes methods of stopping or preventing the attack through potential security patterns, and details techniques that can be used to detect or trace such an attack after it has occurred. Such a pattern can inform IT managers, device manufacturers, or even...
Show moreWe are presenting a misuse pattern, Keyboard Injection through the USB Human Interface Device(HID) class. This paper describes how such a misuse is performed from the view from an attacker, describes the systems involved in the misuse, analyzes methods of stopping or preventing the attack through potential security patterns, and details techniques that can be used to detect or trace such an attack after it has occurred. Such a pattern can inform IT managers, device manufacturers, or even device driver developers of the vulnerability, as well as detail methods or security patterns that can prevent an attack. A keyboard injection misuse attempts to infiltrate a system or network through a variety of techniques. Such a misuse impersonates a keyboard HID, which most systems inherently trust.
Show less - Date Issued
- 2015
- PURL
- http://purl.flvc.org/fau/fd/FA00005214
- Subject Headings
- College students --Research --United States.
- Format
- Document (PDF)
- Title
- A Misuse Pattern for Retrieving Data from a Database Using SQL Injection.
- Creator
- Alder, Ernst, Bagley, Richard, Fernandez, Eduardo B.
- Abstract/Description
-
FAU's Office of Undergraduate Research and Inquiry hosts an annual symposium where students engaged in undergraduate research may present their findings either through a poster presentation or an oral presentation.
- Date Issued
- 2011
- PURL
- http://purl.flvc.org/fau/fd/FA00005426
- Format
- Document (PDF)