MSc.ISS Theses and Dissertations (2021)

Permanent URI for this collection

http://hdl.handle.net/11071/12800

Browse

Browsing MSc.ISS Theses and Dissertations (2021) by Title

Now showing 1 - 7 of 7
  • Thumbnail Image
    Item
    A Platform to analyze android application components for vulnerabilities
    (Strathmore University, 2021) Muchoki, Macharia Benson
    Past research has shown that developers ·make mistakes in writing Android application configuration files, resulting to multiple vulnerabilities in these applications. More often, these vulnerabilities go unnoticed and the affected applications are installed in many end user’s devices. One typical security vulnerability is related to misconfiguration of Android application components. Source code obfuscation is increasingly becoming popular and was found in this study to be limiting the accuracy of most Android applications auditing tools. This study was aimed at designing, developing, and testing a platform called MobiSec. MobiSec employs a hybrid analysis technique that examines both static and dynamic features to aid Android application developers and security analysts in identifying vulnerable Android application components. The MobiSec platform was designed, developed, and tested employing the agile methodology for fast delivery. Functional, compatibility and performance tests were carried out by analysing popular Android mobile applications from Google Play Store. Performance and validation testing results showed that the MobiSec platform could be used reliably with 95% accuracy to identify vulnerable Android application components.
  • Thumbnail Image
    Item
    Application for enhancing confidentiality and availability for sensitive user data using AES algorithm in smartphone devices
    (Strathmore University, 2021) Nyamwaro, Valentine Nyaboke
    Today’s world has seen a rapid increase in the number of users of mobile devices. Since the first mobile launch in the last quarter of the 19th century, mobile devices have evolved from their weight cost and functionalities to become pervasive tools. Mobile technology has provided us with mobile and flexible tools to work with, communicate, and store data. As mobility and flexibility increase, so are the risks to the information accessed from mobile devices. The devices host a lot of sensitive personal data which attackers can illegally access. The sensitive personal data focuses on a category of select data, which the user gets to identify as sensitive on the mobile devices in the format of contacts, text messages, audios, videos, and documents such as word, pdf, excel, among others. Once exposed to unauthorised personnel or access by applications can cause exposure or harm to the user and the subjects related. Mobile devices and their storage have come under increasing attack, putting the sensitive data on the device in jeopardy. In addition, the data in the device's local storage is at risk of threats associated with the mobile, such as spam, virus, spyware, theft and loss of device and unauthorised access due to non-utilisation of the basic security measures deployed by mobile manufacturers. The proposed solution is an Android application tool that secures all sensitive personal data on mobile devices by securely storing them in the remote cloud using cryptographic techniques. The research adopted the Agile methodology to develop the proposed solution. The methodology is more flexible and adaptable with making changes to the tool while allowing for faster delivery within a short time. The tool uses the AES 256 algorithm, and this is because from analysis of the symmetric algorithms, it is secure and with high computational complexity, and thus, any access to the encrypted data by an intruder requires comparatively more time decrypting. The tested and validated prototype provides a mechanism for restricting user access to the data with a set of authentications in the system. The tests evaluated the system performance in which it showed the encryption process and access of data averaged to a few seconds depending on the size of the file, leading to a high rating of performance. Furthermore, it exhibited a high accuracy result for confidentiality in the storage of data in the system. Compatibility tests further showed that the tool could be accessible in the different versions of the Android operating system.
  • Thumbnail Image
    Item
    Application of browser fingerprinting using JA3 hashes in digital forensics
    (Strathmore University, 2021) Mathii, Pius Muisyo
    Web-based communication has become more secure in recent years as a result of Transport Layer Security (TLS) encapsulation. TLS increases user security by encrypting transmitted data; however, it restricts network monitoring and data capturing, which is important for digital forensics. With the constant evolution of TLS protocol suites, creating unique and stable TLS fingerprints for forensic purposes is difficult. Furthem1ore, content advertising and tracking plugins contribute to "communication noise," limiting the use of TLS fingerprinting. This paper describes an experiment using JA3 hashes for TLS fingerprinting of network applications and focuses on fingerprinting of browsers, specifically the stability, reliability, and uniqueness of JA3 fingerprints. The study also looks at the applicability of JA3 fingerprints in digital forensics. Agile software development methodology was used to achieve the design, implementation, testing and validation aspects of the solution. The final product was an interactive shell script that examines an unknown network capture file and identifies the identity of the browser that was used based on JA3 algorithm. The performance of the tool was good overall based on extensive testing and evaluation.
  • Thumbnail Image
    Item
    Detecting zero-day attacks using Recurrent Neural Network
    (Strathmore University, 2021) Ndungu, George Muchiri
    The development of Information and Communications Technology (ICT) and an increase in the use of mobile technology has enabled organisations to implement and adopt the use of information and management systems to conduct their day to day activities. However, as cyber-attacks against organisations are becoming more frequent and more sophisticated there is a need for advanced measures to help prevent against the known cybersecurity attacks and zero day attacks. In view of the above shortcoming, this study developed an anomaly-based cybersecurity threats detection model using the Recurrent Neural Network (RNN) technique that can be used to detect zero-day vulnerabilities. This approach functions with the assumption that a cybersecurity attack is different from a normal system activity of a legitimate user and can be detected by a system that identifies the differences. The RNN algorithm has a strong modelling ability for anomaly detection, and high accuracy in both binary and multiclass classification. Compared to traditional classification methods its performance includes a higher detection accuracy rate with a low false-positive rate. This research adopts RAD methodology, which heavily emphasizes rapid prototyping and iterative delivery, to develop the RNN system for anomaly detection. This research aimed to develop an RNN model which will be used to detect zero-day vulnerabilities. The predictive model had an accuracy of 93% which was achieved through tests using model demo data. The main objective of the research was met and it proved that the Neural Network Algorithm can be used to detect zero-day attacks in a network.
  • Thumbnail Image
    Item
    A Model to detect and prevent rogue DHCP attacks on wireless LAN communication
    (Strathmore University, 2021) Wachira, Fiona Njeri
    WLAN technology is a crucial component of computer networks. The use of Wi-Fi communication has grown due to the increasing population of end devices, which includes smartphones, tablets, laptops etc. This has significantly increased the number of internet users. When mobile hosts move from one network to another, they require new system configurations in order to communicate hence the use of WLAN. Dynamic Host Configuration Protocol (DHCP) supports automatic configuration of hosts. With respect to DHCP processes, one of the internal attacks that majorly affects WLAN security is rogue DHCP server. Due to the nature of DHCP communication, it is easy for an attacker to introduce a rogue DHCP server. This is possible since a client can receive DHCPOFFER messages from more than one DHCP server. To address this issue, the study proposes a custom IDS that detects rogue DHCP server attacks by monitoring and analysing DHCP transaction messages. The study implements an experimental design that involves setting up a test network containing both rogue and genuine DHCP servers. Packet characteristics of rogue DHCP are collected and analyzed to identify the parameters to be used by the IDS. To validate the proposed solution, the offered IP addresses by the rogue DHCP server are checked against the report generated by the IDS. From the findings, it was confirmed that the IDS has 100% detection rate since all offered IP addresses by rogue DHCP server were detected by the IDS.
  • Thumbnail Image
    Item
    An Online neural network based password prediction, generation, and storage scheme
    (Strathmore University, 2021) Mbaka, Winnie Bahati
    The gradual change from traditional workplaces to online platforms has been attributed to shifting user requirements, economic factors, and lifestyle differences. Perhaps the most significant factor attributed to this change may be the advent of the 2019 outbreak of the Coronavirus pandemic making the topic of physical interaction among some of the severely affected aspects of life. To remedy this situation, all knowledge and employment institutions adopted various online platforms as a means of maintaining a continued learning and working processes. However, these technical advances presented the issue of upholding information integrity of individuals accessing materials over the Internet as they were required to authenticate themselves prior to gaining access to secured resources. However, authentication processes such as the use of passwords are prone to guessing attacks, one of the biggest challenges in modern computing. Such attacks occur because of the vulnerabilities of human-chosen passwords. Research indicated that despite innovation on other safer authentication mechanisms, passwords continue to dominate the authentication space because they are memorable, free and user-generated. In view of the above shortcomings, this study sought to develop an online scheme that is geared towards helping Internet users, generate stronger passphrases based on how predictable their preferred passwords are. To understand the underlying technologies in the creation of stronger passwords, the study analysed existing literature on the character composition of human-created passwords and available tools that can be used to perform predictive analysis and generation of complex secret words. Additionally, password managers were studied to realise their functionality in securely storing complex passphrases. Analysis of the findings of the research asserted the need to incorporate neural networks, integrated data-driven insights, and derived concepts from the Markov chain model in the development of an online password predictive and generative scheme with an embedded password manager that allowed users to store the complex secret words. The resulting accuracy score after the scheme was trained using 50 epochs stood at 0.90332413, equivalent to 90.3%.
  • Thumbnail Image
    Item
    A Prototype to identify fraudulent sim card registration using Public Key infrastructure verification approach
    (Strathmore University, 2021) Wanja, Gate Maureen
    Identifying a legitimate subscriber is important for the Mobile Network Operators during the SIM card registration and verification process. Over the years, the use of Mobile devices has grown steadily, increasing the numbers of subscribers to the different MNOS significantly. The MNOs are the owners of the SIM cards which they issue to their subscribers. The SIM card stores critical information belonging to the user, and information such as the IMSI number is unique to identifying the module. Different governments have approached the issue of SIM card registration differently. In some countries, SIM card registration is mandatory, and there is a requirement to provide identification during the registration process, while this is not a requirement for other countries. The Mobile Network Operators must have the Know Your Customer policies to validate the users as they activate the SIM modules. The research objective was to design, develop and test a prototype used by the mobile network operators and the users for self-registration of SIM cards. This objective was achieved by creating a verification platform for the users to activate their SIM modules after purchasing them from MNOs. Activating the SIM would be done after a user has been issued with a signed public key by a certificate Authority. The prototype used the functionalities of the PKI that ensured the integrity and authentication of the legitimate users. Unit and usability tests were conducted to validate if the prototype achieved its main objective. Different users involved in the data collection phase gave their recommendations, which formed the requirements for developing the prototype and furthering this research work. Each of the specific objectives was also discussed to show how each was achieved.