Ashley Chonka

Learn More
As part of the security within distributed systems, various services and resources need protection from unauthorized use. Remote authentication is the most commonly used method to determine the identity of a remote client. This paper investigates a systematic approach for authenticating clients by three factors, namely password, smart card, and biometrics.(More)
Cyber-Physical Systems allow for the interaction of the cyber world and physical worlds using as a central service called Cloud Web Services. Cloud Web Services can sit well within three models of Cyber-Physical Systems, Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and Infrastructure-as-a-Service (IaaS). With any Cyber-Physical system use(More)
Today it is an inescapably fact that the internet and cloud computing are the future revenue generators for businesses and corporations, hence why organisation like IBM are heavily investing in providing better service oriented products to facilitate the demands. One of the most serious threats to these future revenues and to cloud computing itself comes(More)
Service oriented architecture (SOA) is a way of reorganizing software infrastructure into a set of service abstracts. In the area of applying SOA to Web service security, there have been some well defined security dimensions. However, current Web security systems, like WS-Security are not efficient enough to handle distributed denial of service (DDoS)(More)
Over the last couple of months a large number of distributed denial of service (DDoS) attacks have occurred across the world, especially targeting those who provide Web services. IP traceback, a counter measure against DDoS, is the ability to trace IP packets back to the true source/s of the attack. In this paper, an IP traceback scheme using a machine(More)
Grid Web Services are still relevantly a new to business systems, and as more systems are being attached to it, any threat to it could bring collapse and huge harm. Some of these potential threats to Grid Web services come in a new form of a new denial of service attack (DoS), called XML Denial of Service or XDOS attacks. Though, as yet, there have not been(More)
For at least a decade or more, multimedia developers have taken for granted, that each generation of microprocessors would lead them to modify their application, in order make them run substantially faster. This so-called 'free' ride seems to be coming to an end, with results in increased clock speeds, the widening of the gap in processor and memory(More)
DDoS attack traffic is difficult to differentiate from legitimate network traffic during transit from the attacker, or zombies, to the victim. In this paper, we use the theory of network self-similarity to differentiate DDoS flooding attack traffic from legitimate self-similar traffic in the network. We observed that DDoS traffic causes a strange attractor(More)
Previous work, in the area of defense systems has focused on developing a firewall like structure, in order to protect applications from attacks. The major drawback for implementing security in general, is that it affects the performance of the application they are trying to protect. In fact, most developers avoid implementing security at all. With the(More)
Distributed Denial of Service attacks is one of the most challenging areas to deal with in Security. Not only do security managers have to deal with flood and vulnerability attacks. They also have to consider whether they are from legitimate or malicious attackers. In our previous work we developed a framework called bodyguard, which is to help security(More)