Repository logo

Masters Degrees (Computer Science)

Permanent URI for this collectionhttps://hdl.handle.net/10413/7114

Browse

Browsing Masters Degrees (Computer Science) by Author "Blackledge, Jonathan Michael."

Filter results by typing the first few letters
Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    Application of artificial intelligence for detecting derived viruses.
    (2017) Asiru, Omotayo Fausat.; Blackledge, Jonathan Michael.; Dlamini, Moses Thandokuhle.
    A lot of new viruses are being created each and every day. However, some of these viruses are not completely new per se. Most of the supposedly ‘new’ viruses are not necessarily created from scratch with completely new (something novel that has never been seen before) mechanisms. For example, some of these viruses just change their forms and come up with new signatures to avoid detection. Hence, such viruses cannot be argued to be new. This research refers to such as derived viruses. Just like new viruses, we argue that derived viruses are hard to detect with current scanning-detection methods. Many virus detection methods exist in the literature, but very few address the detection of derived viruses. Hence, the ultimate research question that this study aims to answer is; how might we improve the detection rate of derived computer viruses? The proposed system integrates a mutation engine together with a neural network to detect derived viruses. Derived viruses come from existing viruses that change their forms. They do so by adding some irrelevant instructions that will not alter the intended purpose of the virus. A mutation engine is used to group existing virus signatures based on their similarities. The engine then creates derivatives of groups of signatures. This is done up until the third generation (of mutations). The existing virus signatures and the created derivatives are both used to train the neural network. The derived signatures that are not used for the training are used to determine the effectiveness of the neural network. Ten experiments were conducted on each of the three derived virus generations. The first generation showed the highest derived virus detection rate compared to the other two generations. The second generation also showed a slightly higher detection rate than the third generation which has the least detection rate. Experimental results show that the proposed model can detect derived viruses with an average accuracy detection rate of 80% (This includes a 91% success rate on first generation, 83% success rate on second generation and 65% success rate on third generation). The results further show that the correlation between the original virus signature and its derivatives decreases with the generations. This means that after many generations of a virus changing form, its variants will no longer look like the original. Instead the variants look like a completely new virus even though the variants and the original virus will always have the same behaviour and operational characteristics with similar effects.
  • Thumbnail Image
    Item
    Client-side encryption and key management: enforcing data confidentiality in the cloud.
    (2016) Mosola, Napo Nathnael.; Blackledge, Jonathan Michael.; Dlamini, Moses Thandokuhle.
    Cloud computing brings flexible, scalable and cost effective services. This is a computing paradigm whose services are driven by the concept of virtualization and multi-tenancy. These concepts bring various attractive benefits to the cloud. Among the benefits is reduction in capital costs, pay-per-use model, enormous storage capacity etc. However, there are overwhelming concerns over data confidentiality on the cloud. These concerns arise from various attacks that are directed towards compromising data confidentiality in virtual machines (VMs). The attacks may include inter-VM and VM sprawls. Moreover, weaknesses or lack of data encryption make such attacks to thrive. Hence, this dissertation presents a novel client-side cryptosystem derived from evolutionary computing concepts. The proposed solution makes use of chaotic random noise to generate a fitness function. The fitness function is used to generate strong symmetric keys. The strength of the encryption key is derived from the chaotic and randomness properties of the input noise. Such properties increase the strength of the key without necessarily increasing its length. However, having the strongest key does not guarantee confidentiality if the key management system is flawed. For example, encryption has little value if key management processes are not vigorously enforced. Hence, one of the challenges of cloud-based encryption is key management. Therefore, this dissertation also makes an attempt to address the prevalent key management problem. It uses a counter propagation neural network (CPNN) to perform key provision and revocation. Neural networks are used to design ciphers. Using both supervised and unsupervised machine learning processes, the solution incorporates a CPNN to learn a crypto key. Using this technique there is no need for users to store or retain a key which could be compromised. Furthermore, in a multi-tenant and distributed environment such as the cloud, data can be shared among multiple cloud users or even systems. Based on Shamir's secret sharing algorithm, this research proposes a secret sharing scheme to ensure a seamless and convenient sharing environment. The proposed solution is implemented on a live openNebula cloud infrastructure to demonstrate and illustrate is practicability.