MSc.ISS Theses and Dissertations

Permanent URI for this community

http://hdl.handle.net/11071/5612

Browse

Browsing MSc.ISS Theses and Dissertations by Title

Now showing 1 - 20 of 34
  • Thumbnail Image
    Item
    A Platform to analyze android application components for vulnerabilities
    (Strathmore University, 2021) Muchoki, Macharia Benson
    Past research has shown that developers ·make mistakes in writing Android application configuration files, resulting to multiple vulnerabilities in these applications. More often, these vulnerabilities go unnoticed and the affected applications are installed in many end user’s devices. One typical security vulnerability is related to misconfiguration of Android application components. Source code obfuscation is increasingly becoming popular and was found in this study to be limiting the accuracy of most Android applications auditing tools. This study was aimed at designing, developing, and testing a platform called MobiSec. MobiSec employs a hybrid analysis technique that examines both static and dynamic features to aid Android application developers and security analysts in identifying vulnerable Android application components. The MobiSec platform was designed, developed, and tested employing the agile methodology for fast delivery. Functional, compatibility and performance tests were carried out by analysing popular Android mobile applications from Google Play Store. Performance and validation testing results showed that the MobiSec platform could be used reliably with 95% accuracy to identify vulnerable Android application components.
  • Thumbnail Image
    Item
    Access controls on IP based cameras in IoT ecosystem
    (Strathmore University, 2019) Muya, Mary Wairimu
    Internet of things (IoT) is a concept of connected things that allows embedded devices, sensors and actuators to interconnect and share data thus bridging the gap between physical devices and virtual objects. The concept of IoT started gaining popularity in 2010, with its popularity impressively outgrowing other concepts up to date. The growth of IoT has seen more than 30% companies globally initiating the process of deploying IoT. IoT security has been a challenge due to its nascent market where manufacturers focus much on getting the product to the market rather than building security from start. Internet Protocol (IP) based cameras are among the most popular IoT devices. Governments, corporations to small business and homeowners are using cameras for surveillance among other activities, with their popularity growing due to their ability to collect and transmit data remotely. As cameras are expected to perform sophisticated tasks, it is important to protect the cameras and data they handle.The focus of this dissertation is to come up with an access control solution for IP based cameras, in efforts to reduce vulnerabilities associated with identity and access management. This dissertation adopted Rapid Application Development (RAD) methodology to develop the proposed solution. The methodology provided flexibility in changing requirements and testing the prototype at an early stage to continuously improve the system. Must, Should, Could, Would Not (MoSCoW) method was used to identify and rank requirements in evaluating the gaps that existed in the market, as this dissertation could not address all the vulnerabilities the method helped in picking the vulnerabilities to be handled first.The tested and validated prototype provides a mechanism to restrict factory set authentication credentials, system access lockouts and sending of alerts in cases of suspicious login attempts. The prototype demonstrate how Integrity of camera feeds can be maintained by using a combination of interplanetary file system (IPFS) and Blockchain. The solution also records and stores system logs in immutable format to support forensic investigations
  • Thumbnail Image
    Item
    Application for enhancing confidentiality and availability for sensitive user data using AES algorithm in smartphone devices
    (Strathmore University, 2021) Nyamwaro, Valentine Nyaboke
    Today’s world has seen a rapid increase in the number of users of mobile devices. Since the first mobile launch in the last quarter of the 19th century, mobile devices have evolved from their weight cost and functionalities to become pervasive tools. Mobile technology has provided us with mobile and flexible tools to work with, communicate, and store data. As mobility and flexibility increase, so are the risks to the information accessed from mobile devices. The devices host a lot of sensitive personal data which attackers can illegally access. The sensitive personal data focuses on a category of select data, which the user gets to identify as sensitive on the mobile devices in the format of contacts, text messages, audios, videos, and documents such as word, pdf, excel, among others. Once exposed to unauthorised personnel or access by applications can cause exposure or harm to the user and the subjects related. Mobile devices and their storage have come under increasing attack, putting the sensitive data on the device in jeopardy. In addition, the data in the device's local storage is at risk of threats associated with the mobile, such as spam, virus, spyware, theft and loss of device and unauthorised access due to non-utilisation of the basic security measures deployed by mobile manufacturers. The proposed solution is an Android application tool that secures all sensitive personal data on mobile devices by securely storing them in the remote cloud using cryptographic techniques. The research adopted the Agile methodology to develop the proposed solution. The methodology is more flexible and adaptable with making changes to the tool while allowing for faster delivery within a short time. The tool uses the AES 256 algorithm, and this is because from analysis of the symmetric algorithms, it is secure and with high computational complexity, and thus, any access to the encrypted data by an intruder requires comparatively more time decrypting. The tested and validated prototype provides a mechanism for restricting user access to the data with a set of authentications in the system. The tests evaluated the system performance in which it showed the encryption process and access of data averaged to a few seconds depending on the size of the file, leading to a high rating of performance. Furthermore, it exhibited a high accuracy result for confidentiality in the storage of data in the system. Compatibility tests further showed that the tool could be accessible in the different versions of the Android operating system.
  • Thumbnail Image
    Item
    Application of approximate matching on industrial control system (ICS) network communication using ssdeep algorithm
    (Strathmore University, 2020) Mutua, Nelson Makau
    Industrial Control Systems (ICSs) are significant for functioning of numerous critical infrastructures for instance power plants, water treatment facilities and gas pipelines. In spite of the fact that security of such systems deserves attention, application of thorough security intelligence approaches to ICS is not a standard practice. ICS are becoming more and more connected, so they require heightened security. Intrusion Detection Systems (IDSs) do not work well to secure ICSs because they mostly work on a signature basis and there are not many known signatures to detect attacks on ICSs. Network communication is associated with many security challenges. Changes in Internet technologies have allowed for an increase in networked devices, the complexity of cybercrimes and the transfer of huge amounts of data, which can easily be intercepted and manipulated by attackers. Due to vulnerabilities in IDS used in ICS, there is need for a solution that can detect attacks at a higher rate. There have been several real-world documented incidents and cyber-attacks affecting ICSs which clearly illustrates critical infrastructure vulnerabilities. These reported incidents demonstrate that cyber-attacks on ICSs might cause a variety of financial damage and harmful events to humans and their environment. Based on the aforementioned challenges, the solution was actualized by implementing a technique for International Electrotechnical Commission (IEC) 60870-5 also known as IEC 104 network communication protocol analysis based on approximate pattern matching. This protocol was intentionally selected in this study because it is crucial for the communication control and the controlled stations in many ICSs. ICS profile was computed from normal ICS network communication. To detect anomalies, unknown ICS communication was compared to the profile using approximate pattern matching algorithm. This prototype applied Agile Software Methodology, for building of an evaluation tool. It provides opportunities to assess the project progress and direction throughout the development lifecycle. This is achieved though iterations and more frequent release with subsequent feedback. A python-based application was developed, tested and validated.
  • Thumbnail Image
    Item
    Application of browser fingerprinting using JA3 hashes in digital forensics
    (Strathmore University, 2021) Mathii, Pius Muisyo
    Web-based communication has become more secure in recent years as a result of Transport Layer Security (TLS) encapsulation. TLS increases user security by encrypting transmitted data; however, it restricts network monitoring and data capturing, which is important for digital forensics. With the constant evolution of TLS protocol suites, creating unique and stable TLS fingerprints for forensic purposes is difficult. Furthem1ore, content advertising and tracking plugins contribute to "communication noise," limiting the use of TLS fingerprinting. This paper describes an experiment using JA3 hashes for TLS fingerprinting of network applications and focuses on fingerprinting of browsers, specifically the stability, reliability, and uniqueness of JA3 fingerprints. The study also looks at the applicability of JA3 fingerprints in digital forensics. Agile software development methodology was used to achieve the design, implementation, testing and validation aspects of the solution. The final product was an interactive shell script that examines an unknown network capture file and identifies the identity of the browser that was used based on JA3 algorithm. The performance of the tool was good overall based on extensive testing and evaluation.
  • Thumbnail Image
    Item
    Blockchain enabled drug traceability solution: a case of drug counterfeiting in a pharmaceutical supply chain
    (Strathmore University, 2020) Ogwel, Patricia Tanya
    The pharmaceutical industry deals with manufacturing, packaging and supply of drugs to the end consumers. Being one of the major industries in Kenya, it plays a big role in the Kenyan economy as well. Most countries are tackling this menace of fake drugs penetrating their markets at a high rate. The drug cartels have embarked on this business and are growing their wings to various parts of the world. The drugs packaging is so similar to the original manufacturer’s Product that at first glance one cannot tell the difference between a legit Product and a counterfeit one. Unfortunately, most drug users over the years have been on these fake medications and as a result some of them have not been successful in the treatment of their diseases. In the direst of situations, some patients have aggravated their conditions with the worst-case scenarios resulting to death. The main objective of this dissertation was to come up with a blockchain enabled drug traceability solution that enabled visibility in the supply chain. This solution ensured the drug registered by the company was genuine, and that the end user will be able to see who handled the Product before reaching them. In a way, this will aid in reducing, eventually eradicating the challenge of drug counterfeits in the market. The dissertation area of focus was a pharmaceutical manufacturing company’s supply chain setup and the Waterfall Approach was the SDLC (Software Development Life Cycle) approach used. The study devised a solution that can aid in drug traceability of the drug issued to an end user thus a patient in the drug chain. This helped a patient determine if the drug they are purchasing is genuine. The study used blockchain technology to come up with the application.
  • Thumbnail Image
    Item
    A Client based email phishing detection algorithm: case of phishing attacks in the banking industry
    (Strathmore University, 2017) Oroko, Edwin Orina
    Today, the banking sector has been a target for many phishing attackers. The use of email as an electronic means of communication during working hours and mostly for official purposes has made it a lucrative attack vector. With the rapid growth of technology, phishing techniques have advanced as seen in the millions of cash lost by banks through email phishing yearly. This continues to be the case despite investments in spam filtering tools, monitoring tools as well as creating user awareness, through training of banking staff on how they can easily identify a phishing email. To protect bank users and prevent the financial loses through phishing attacks, it important to understand how phishing works as well as the techniques used to achieve it. Moreover, there is a great need to implement an anti-phishing algorithm that collectively checks against phishing linguistic techniques, existence of malicious links and malicious attachments. This can lead to an increase in the performance and accuracy of the designed tool towards detecting and flagging phishing emails thus preventing them from being read by target. Evolutionary prototyping methodology was applied during this research. The advantages are in the fact that it enabled continuous analysis and supervised learning of the algorithm development until the desired outcome was achieved. This research aimed at understanding the characteristic of phishing emails, towards achieving defence in depth through creation of an algorithm for detecting and flagging phishing emails. In this research, we have implemented a client-based anti-phishing algorithm. The algorithm is able to analyse phishing links, identify malicious email attachments and perform text classification using a Naïve Bayes classifier to identify phishing terms in a new unread email. It then flags the email as malicious and sends it to the spam folder. Therefore the user only gets clean emails in the inbox folder.
  • Thumbnail Image
    Item
    A Collaborative tool to prevent fraudulent usage of financial cards
    (Strathmore University, 2018) Gitau, Wilson Ndungi
    Technology usage has advanced a great deal in banking and telecommunication sectors. With the continuous improving infrastructures in information technology, new technological dimensions have been opened up to ease processes in these sectors, for example people do not travel to pass communication, to shop and in banking people do not necessarily walk in to the banks to facilitate their financial transactions. Despite this advancement there are dire consequences of possible fraud or crime when we lose our banking identity documents and financial cards. Compromised, lost and stolen credit cards, debit cards, SIM cards, identity cards can be used in crimes. Due to vast adoption of this technology it has increased the surface of this kinds of crime, thereby causing financial loses and posing a challenge when tracking and preventing fraudulent events of the compromised financial cards. This study proposes and implements a system that: prevents fraudulent usage of compromised and lost financial identity items. These items include credit cards, debit cards, and SIM cards. The system will work towards assisting the authorities in investigating crime caused by financial cards. The system provides a blacklist API to the card industry, banking, merchant’s systems and individuals to back-list lost financial identity cards, an alert interfaces that reports usage of blacklist financial cards and a comprehensive reporting tool that helps in investigation of the crime. Agile methodology was adopted as the software methodology for the solution development. A prototype was developed to test the proposed solution. The system was populated with the relevant sample data for evaluation and validation.
  • Thumbnail Image
    Item
    Design and implementation of a private certificate authority: a case study of Telkom Kenya limited
    (Strathmore University, 2018) Moraa, Deborah Rioba
    Public Key Infrastructure (PKI) provides confidentiality and integrity to an enterprise and its customers. Applications accessed through corporate network needs to be protected when in transit and hence the need for a Certificate Authority (CA). Most enterprises currently purchase digital certificates from other Certificate Authorities, for instance Comodo, Symantec, Digicert, Thwate, GoDadddy, etc. Others purchase through third parties for instance Cloud Productivity Solutions in Kenya who then get their digital certificates from GeoTrust. These certificates are used to guarantee secure communication when accessing services on servers within an organization. The main challenge of buying of the certificates is the high purchase cost of single or Subject Alternative Name (SAN) certificates. By having their own Certificate Authority, digital certificates would cost less and give an enterprise the means to control large numbers of Digital Certificates for SSL, authentication, document signing, S/MIME (Secure/Multipurpose Internet Mail Extensions) and other usages of digital signatures. This implies that costs would be reduced by generation of enterprise-owned digital certificates instead of purchasing them. By understanding the current infrastructure in place, a CA was created for generation distribution and revocation of SSL certificates. This would replace purchasing of certificates signed by other public Certificate Authorities. This dissertation sought to design, develop and implement a comprehensive CA as per the X.509 standard for the purpose of generation of certificates for internal use for corporates and selling of the same to generate revenue so as to cut on costs incurred on purchase of digital certificates. Also a proof of concept of a private CA was used to validate the certificate authority with security of the Certificate Authority being considered.
  • Thumbnail Image
    Item
    Detecting zero-day attacks using Recurrent Neural Network
    (Strathmore University, 2021) Ndungu, George Muchiri
    The development of Information and Communications Technology (ICT) and an increase in the use of mobile technology has enabled organisations to implement and adopt the use of information and management systems to conduct their day to day activities. However, as cyber-attacks against organisations are becoming more frequent and more sophisticated there is a need for advanced measures to help prevent against the known cybersecurity attacks and zero day attacks. In view of the above shortcoming, this study developed an anomaly-based cybersecurity threats detection model using the Recurrent Neural Network (RNN) technique that can be used to detect zero-day vulnerabilities. This approach functions with the assumption that a cybersecurity attack is different from a normal system activity of a legitimate user and can be detected by a system that identifies the differences. The RNN algorithm has a strong modelling ability for anomaly detection, and high accuracy in both binary and multiclass classification. Compared to traditional classification methods its performance includes a higher detection accuracy rate with a low false-positive rate. This research adopts RAD methodology, which heavily emphasizes rapid prototyping and iterative delivery, to develop the RNN system for anomaly detection. This research aimed to develop an RNN model which will be used to detect zero-day vulnerabilities. The predictive model had an accuracy of 93% which was achieved through tests using model demo data. The main objective of the research was met and it proved that the Neural Network Algorithm can be used to detect zero-day attacks in a network.
  • Thumbnail Image
    Item
    Developing an automated malware detection, analysis and reporting tool for MS-Windows
    (Strathmore University, 2019) Mutyethau, David Matingi
    Memory and computer forensics is a field that has witnessed a lot of advancements in the recent past. Memory forensics enables investigators acquire and investigate the content of a computer’s RAM while computer forensics enable the investigator to acquire information from the hard drive. While valuable artifacts can be extracted from computers, the use of this technique presents several challenges, such as, data acquisition, searching for artifacts and data analysis of extracted information. The variants of malware families share typical behavioral patterns reflecting their origin and purpose. The behavioral patterns obtained either statically or dynamically can be exploited to detect and classify unknown malwares into their known families using machine learning techniques. This dissertation aims to create a malware detection, analysis and reporting tool that shall be open source, user friendly, intuitive and automated for MS Windows. The tool shall assist forensic investigators in discovering crucial information in the suspect computer such as malware present. The tool shall analyse content stored in the computer’s hard drive and captured memory images. This shall include analysis of single files, folders, hard disk partitions and the entire hard disk. For live memory, the tool shall aim to determine processes and files that were open or present at time of live analysis.
  • Thumbnail Image
    Item
    Digital content security: video streaming digital rights management system
    (Strathmore University, 2018) Owenda, Benjamin Odonya
    The usability and applicability of digital videos, especially through the Internet, offers great opportunities for Kenyan content creators to further their careers as the platform enables them to share ideas which contributes to knowledge in the field which in turn generates wealth in the industry as new and efficient ways of creating the content are discovered making the production and distribution process cost effective. The Internet is however proving to be a double-edged sword as there have been multiple reports and incidences of copyright infringement within the country. This can be largely attributed to the fact that the platforms available to the average user provide a convenient environment for them to make several copies of the protected media file and distribute them as they wish: which facilitates misuse, piracy and plagiarism. The purpose of this project was to mitigate the unlawful replication and dissemination on an enormous scale of digital videos that are owned by practitioners in the education industry and presented to end users over the Internet. This followed a move by the players in the industry to convert their content into a digital format to meet the demand for online classes. Popular avenues that have been used to acquire copies of the digital streams include by use of standalone file grabbing software such as Internet Download Manager or browser plugins such as DownThemAll. These software implementations are extremely simple to use and allow users to create local copies of the streams through a single click of a button. They therefore present a threat to an entire ecosystem as content creators are heavily dependent on revenues generated from their material. This study seeks to develop a solution in the form of a Digital Rights Management (DRM) system that can be used to secure video streams and, in the process, preserve their economic value. A DRM system secures and implements the rights associated with the use of digital content by use of a set of access control technologies, which ensures that the videos are consumed as intended, and no illegal duplicates are created. Rapid Application Software Development Methodology were leveraged to accomplish the objectives
  • Thumbnail Image
    Item
    Distributed fuzzing for software vulnerability discovery
    (Strathmore University, 2018) Maalim, Farhiya Osman
    Information Security is concerned with effectively protecting the confidentiality, integrity and availability of data. Software bugs/defects threaten these three elements of information security. By failing to identify and focus upon the root causes of risks such as software vulnerabilities, there is a danger that the response to Information Security compromises become solely reactive. Fuzzing is a software testing technique that is used to discover software vulnerabilities. The project undertaken is a Distributed Fuzzer that runs on multiple computing environments in the cloud. The advantage of distributed fuzzing compared to regular fuzzing is the ability to run multiple test cases concurrently thus increasing the efficiency of fuzzing. The aim of this project is to improve fuzzing in order to increase the efficiency of discovering vulnerabilities and software defects. This will ultimately increase the security of a software/application. The research study was accomplished by using Ansible as a system orchestration tool to run AFL Fuzzers on multiple computing environments in the cloud. The results were collected and presented in this study.
  • Thumbnail Image
    Item
    Employee awareness on social engineering threats in the financial sector
    (Strathmore University, 2019) Wokabi, Francis Mwangi
    Despite the great gains that have been achieved through use of the Internet, a lot of threats have also emanated in equal measure from its increased usage. Some of the threats are largely associated with cyber-attacks. From identity theft, phishing, tailgating, shoulder surfing and google hacking among others. Generally, most of these attacks would typically begin with the very basic stage or phase known as social engineering. Financial institutions are at high risk today as attackers use various forms of attacks to social engineer the employees that work in the financial sector. The use of trickery and deception by cyber criminals to gain the trust of employees has made them the most vulnerable element of a computer system. The aim of this study was to identify the various forms of social engineering attacks in the financial sector and to develop a web-based assessment tool that will enable financial institutions to enhance the preparedness of their employees by assessing their awareness levels with respect to social engineering threats. The tool was used to achieve this by administering assessment tests to employees and the results from the assessment tests were used to determine training requirements for the employees. The proposed tool was developed using the Rapid Application Development (RAD) approach or methodology through a series of continuous testing and integration phases to ensure that the final product met the specified requirements. The results from the testing phases of the development revealed that the system is robust enough to handle requests from more than 80 users and it’s performance is not degraded even as the number of users increase. The system has an accuracy rate of 100% when it comes to scoring questions. In addition to this, the tests showed that the system has an overall average response time of between one to five minutes when responding to user requests.
  • Thumbnail Image
    Item
    Forensic analysis of office open XML spreadsheets
    (Strathmore University, 2017) Godiah, David Odhiambo
    Digital Forensics is the science of acquiring, preserving, analysing and presenting digital evidence from computers, digital devices and networks in a manner that is admissible in a court of law to support an investigation. Microsoft Office, LibreOffice, OpenOffice, NeoOffice and Google documents spreadsheets and presentations are widely used to store and circulate data and information especially within organisations. They are often rich in information deeply embedded in them that can be retrieved by examining metadata or deleted material still present in the files.OOXML is a standard developed by Microsoft and registered by ECMA (as ECMA-376), and approved by the ISO and IEC (as ISO/IEC 29500:2008) as an open standard for the development of Office documents, spreadsheets and presentations. Documents, spreadsheets and presentations created using this standard consist of zipped file containers, parts and relationships which upon extraction and analysis reveals forensically interesting information. Existing forensic tools have limitations as far as extracting and analysing OOXML spreadsheet metadata is concerned in that most of them can extract only limited and basic metadata.The objective of this research is to carry out forensic analysis of metadata in OOXML spreadsheets by studying limitations of existing forensic tools in extracting and analysing metadata in OOXML spreadsheets and designing and developing a Proof of Concept (PoC) implementation of a forensic tool that supports automated forensic analysis of OOXML spreadsheets with improved visualization, efficiency and advanced reporting functionality. This research adopts a methodology to review OOXML spreadsheet metadata extraction and analysis capabilities of existing forensic tools using sample spreadsheet datasets, carry out system analysis, design and PoC implementation of a forensic tool. In addition, the research carries out manual, functional, and security tests; quality assurance; and validation of the developed Proof of Concept implementation. The developed tool is able to extract and analyse relevant metadata from OOXML spreadsheets and present results in a forensic report.
  • Thumbnail Image
    Item
    A Framework to secure data transmission in wearable heart-rate monitors using Elliptic Curve Cryptography (ECC)
    (Strathmore University, 2022) Onyango, Oscar Omondi
    The wearable technology refers to biological sensors which are conveniently attached to the patient’s body to collect data about their heart rates, body temperature, oxygen levels, and physical activities. They mostly include smart watches. Unfortunately, maintaining data security in terms of integrity, confidentiality, and authenticity of the data during transfer in these wearables is becoming a challenge. Since cyber-criminals are always looking for new avenues to exploit, particularly in a sensitive field like healthcare, wearables can become their next big targets. This study designs and implements an application-based security framework that uses Elliptic Curve Cryptography (ECC) to secure patient data during transmission from wearable heart-rate monitors. The study used integrative and methodological reviews to understand wearable technology by considering the technologies that support patient data sharing, techniques used to abstract data to enhance security during data transmission in wearable devices, and suitable public key encryption algorithms that can be implemented to ensure data security. It then proceeds to apply the Elliptic-Curve Cryptography (ECC) to develop the encryption application-based framework. The results showed that Wi-Fi, Bluetooth, Global Positioning System (GPS), and Cellular Communication are the primary technologies supporting the wearables' data sharing. Data abstraction in wearables is achieved through differences in data models, data names, and counters. ECC was suitable for the implementation because it has smaller keys and can be computed substantially faster. The system’s provision of authentication, confidentiality, and integrity was tested and validated through user tests. It was noted that data in the wearable devices regarding the heart-rate measurement were saved in an encrypted format using the user-generated cryptographic keys. Thus, an unauthorized person could not have access to the data. The passwords, keys, and usernames the user-created were stored using the SHA-hash algorithm in the server. The encrypted were uploaded to the server and could only be viewed or modified after decryption to ensure integrity.
  • Thumbnail Image
    Item
    Integrated personal data protection tool
    (Strathmore University, 2023) Wangui, E. W.
    The privacy of personal data is an important focus area in today’s information world, where personal data is easily collected, stored, processed, and shared. In recent years personal data protection has regularly featured as a topic of concern in the media and has become the target of legislation around the country. Organizations are collecting, re-using, and processing personal data on an unprecedented scale, without observing data limits, this has led to an increasing concern about the effectiveness of the existing data protection law and the need for a comprehensive framework for personal data protection. Based on the challenges, this study was aimed at designing, developing, and testing an integrated personal data protection tool. The tool employed an integrated approach that utilizes data encryption, one-time passwords and opt-in and opt-out mechanisms to ensure secure collection, secure storage, secure access, and secure sharing of personal data. Moreover, the tool was designed, developed, and tested using the agile software development methodology. Functional and performance tests were carried out to determine the performance and accuracy of the tool in protecting personal data. Validation testing results showed that the integrated tool could be used effectively in protecting personal data with 96 % accuracy. Keywords . Personal data; Personal data protection; Organizations; Data subject
  • Thumbnail Image
    Item
    Investigating keystroke dynamics as a two-factor biometric security
    (Strathmore University, 2018) Njogholo, Brian Mwandau
    Keystroke dynamics is the study of how people can be distinguished based on their typing rhythms. This proposal aims at investigating user authentication approaches and how keystroke dynamics can be used to enhance user authentication and access control. With more users embracing technologies and using applications without necessarily understanding the security repercussions, a further protection mechanism needs to be employed. It emphasizes on the need of an additional layer of security, through keystroke dynamics, on top of the traditional username-password combination to enhance security during authentication. It also proposes the use of a machine learning classifier for possible application in keystroke dynamics to verify and validate the legitimacy of a user during authentication.
  • Thumbnail Image
    Item
    LAN security vulnerability analysis framework: case of National Irrigation Board
    (Strathmore University, 2019) Wambugu, Nancy Muthoni
    In today’s environment, many organisation like National Irrigation Board, have adopted open policies on the utilization of LAN where users may plug in unknown devices. Without the right network frameworks, it is difficult to manage network devices that are connected to the Local Area Network in an ad hoc manner. These LAN devices may have vulnerabilities that can expose entire network to security threats. The study used case study research design and applied existing network exploration frameworks and security policies to collect data for analysis. Network exploration was carried out on the devices connected to the LAN of National Irrigation Board. Research findings showed the need for implementing a framework that checks the security vulnerability of devices connected to the LAN of National Irrigation Board. The framework was developed to allow a Network Administrator identify devices that are plugged into the LAN, analyse vulnerabilities and take remedial action based on the analysis outcome. This ensured that the devices connected to the LAN do not pose a security threat to the entire network. The framework used policy-based network security metrics that were generated from an Institution’s ICT Security Policy. Using the regression method, the metrics were quantified, weighted and applied on each computer on the LAN to generate the Security Score Index. Based on the outcome of the analysis, a decision was made on whether to allow or disconnect the LAN device from the network.
  • Thumbnail Image
    Item
    Maintaining a bitcoin address repository through focused web crawling
    (Strathmore University, 2017) Macharia, Caroline Wanjira
    There has been an increase in the use of cryptocurrencies such as Bitcoin (BTC). Bitcoin allow for cross-border payments, for large and small items at little or no transaction fee. It is a groundbreaking technology that is not restricted by the current Anti-Money Laundering (AML) and Countering Financing of Terrorism (CFT). The decentralised nature of Bitcoin provides for anonymity through possible use of multiple identities that are not linked to personally identifiable information. Bitcoin offers a convenient solution for criminals who are restricted by the conventional money transfer systems. Bitcoin has been linked to drug dealers, gold bugs, fraudsters, terrorists, whistleblowers, pornographers, Internet freedom activists and unregulated gaming enterprises (Simser, 2015). Other cybercrimes that are facilitated by Bitcoin include ransomware. This research identified a gap in acquiring digital evidence related to Bitcoin transactions. The data was obtained from case laws and secondary materials relating to Bitcoin forensics. We suggest a solution of maintaining a Bitcoin address repository through regular crawling of cryptocurrency sites. A web crawler that visits a list of user defined cryptocurrency sites was developed to solve the identified problem. The crawled sites include websites of interest to investigators. Results are stored in an XML file which can be exported to any database. The addresses and metadata collected from webpages can be used by investigators when building a case for Bitcoin related crimes. Transaction data about the collected addresses is available on the Bitcoin blockchain.