Engineering Commons^™

Advanced Security Analysis For Emergent Software Platforms, Mohannad Alhanahnah

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Emergent software ecosystems, boomed by the advent of smartphones and the Internet of Things (IoT) platforms, are perpetually sophisticated, deployed into highly dynamic environments, and facilitating interactions across heterogeneous domains. Accordingly, assessing the security thereof is a pressing need, yet requires high levels of scalability and reliability to handle the dynamism involved in such volatile ecosystems.

This dissertation seeks to enhance conventional security detection methods to cope with the emergent features of contemporary software ecosystems. In particular, it analyzes the security of Android and IoT ecosystems by developing rigorous vulnerability detection methods. A critical aspect of this work is the …

Ldakm-Eiot: Lightweight Device Authentication And Key Management Mechanism For Edge-Based Iot Deployment, Mohammad Wazid, Ashok Kumar Das, Sachin Shetty, Joel J. P. C. Rodrigues, Youngho Park

VMASC Publications

In recent years, edge computing has emerged as a new concept in the computing paradigm that empowers several future technologies, such as 5G, vehicle-to-vehicle communications, and the Internet of Things (IoT), by providing cloud computing facilities, as well as services to the end users. However, open communication among the entities in an edge based IoT environment makes it vulnerable to various potential attacks that are executed by an adversary. Device authentication is one of the prominent techniques in security that permits an IoT device to authenticate mutually with a cloud server with the help of an edge node. If authentication …

Iomt Malware Detection Approaches: Analysis And Research Challenges, Mohammad Wazid, Ashok Kumar Das, Joel J.P.C. Rodrigues, Sachin Shetty, Youngho Park

VMASC Publications

The advancement in Information and Communications Technology (ICT) has changed the entire paradigm of computing. Because of such advancement, we have new types of computing and communication environments, for example, Internet of Things (IoT) that is a collection of smart IoT devices. The Internet of Medical Things (IoMT) is a specific type of IoT communication environment which deals with communication through the smart healthcare (medical) devices. Though IoT communication environment facilitates and supports our day-to-day activities, but at the same time it has also certain drawbacks as it suffers from several security and privacy issues, such as replay, man-in-the-middle, impersonation, …

Gr802.11 Jamming Detector, Grant A. Blake

Computer Engineering

One important component of a jamming-resistant 802.11 network is detecting the presence of a jammer during normal operation. This is required so that communications on the network can operate at full efficiency when no jammer is present, but switch to a less efficient, but more resilient protocol when the network is under attack. This paper describes a potential method for detecting some common forms of jamming, lays out a plan to test the effectiveness of the detection method, and summarizes the implementation and results of the test plan.

Different Approaches To Blurring Digital Images And Their Effect On Facial Detection, Erich-Matthew Pulfer

Computer Science and Computer Engineering Undergraduate Honors Theses

The purpose of this thesis is to analyze the usage of multiple image blurring techniques and determine their effectiveness in combatting facial detection algorithms. This type of analysis is anticipated to reveal potential flaws in the privacy expected from blurring images or, rather, portions of images. Three different blurring algorithms were designed and implemented: a box blurring method, a Gaussian blurring method, and a differential privacy-based pixilation method. Datasets of images were collected from multiple sources, including the AT&T Database of Faces. Each of these three methods were implemented via their own original method, but, because of how common they …

Compliance Of Open Source Ehr Applications With Hipaa And Onc Security And Privacy Requirements, Maryam Farhadi, Hisham Haddad, Hossain Shahriar

Master of Science in Computer Science Theses

Electronic Health Records (EHRs) are digital versions of paper-based patient's health information. EHR applications are increasingly being adopted in many countries. They have resulted in improved quality in healthcare, convenient access to histories of patient medication and clinic visits, easier follow up of patient treatment plans, and precise medical decision-making process. EHR applications are guided by measures of the Health Insurance Portability and Accountability Act (HIPAA) to ensure confidentiality, integrity, and availability. However, there have been reported breaches of Protected Health Identifier (PHI) data stored by EHR applications. In many reported breaches, improper use of EHRs has resulted in disclosure …

Feasibility And Security Analysis Of Wideband Ultrasonic Radio For Smart Home Applications, Qi Xia

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Smart home Internet-of-Things (IoT) accompanied by smart home apps has witnessed tremendous growth in the past few years. Yet, the security and privacy of the smart home IoT devices and apps have raised serious concerns, as they are getting increasingly complicated each day, expected to store and exchange extremely sensitive personal data, always on and connected, and commonly exposed to any users in a sensitive environment. Nowadays wireless smart home IoT devices rely on electromagnetic wave-based radio-frequency (RF) technology to establish fast and reliable quality network connections. However, RF has its limitations that can negatively affect the smart home user …

Cyber Security- A New Secured Password Generation Algorithm With Graphical Authentication And Alphanumeric Passwords Along With Encryption, Akash Rao

Electrical & Computer Engineering Theses & Dissertations

Graphical passwords are always considered as an alternative of alphanumeric passwords for their better memorability and usability [1]. Alphanumeric passwords provide an adequate amount of satisfaction, but they do not offer better memorability compared to graphical passwords [1].

On the other hand, graphical passwords are considered less secured and provide better memorability [1]. Therefore many researchers have researched on graphical passwords to overcome the vulnerability. One of the most significant weaknesses of the graphical passwords is "Shoulder Surfing Attack," which means, sneaking into a victim's computer to learn the whole password or part of password or some confidential information. Such …

An Extensive Game-Based Resource Allocation For Securing D2d Underlay Communications, Oleksii Rudenko, Yuhong Liu, Chenwei Wang, Susanto Rahardja

Computer Science and Engineering

Device-to-device (D2D) communication has been increasingly attractive due to its great potential to improve cellular communication performance. While resource allocation optimization for improving the spectrum efficiency is of interest in the D2D-related work, communication security, as a key issue in the system design, has not been well investigated yet. Recently, a few studies have shown that D2D users can actually serve as friendly jammers to help enhance the security of cellular user communication against eavesdropping attacks. However, only a few studies considered the security of D2D communications. In this paper, we consider the secure resource allocation problem, particularly, how to …

Frameup: An Incriminatory Attack On Storj: A Peer To Peer Blockchain Enabled Distributed Storage System, Xiaolu Zhang, Justin Grannis, Ibrahim Baggili, Nicole Lang Beebe

Electrical & Computer Engineering and Computer Science Faculty Publications

In this work we present a primary account of frameup, an incriminatory attack made possible because of existing implementations in distributed peer to peer storage. The frameup attack shows that an adversary has the ability to store unencrypted data on the hard drives of people renting out their hard drive space. This is important to forensic examiners as it opens the door for possibly framing an innocent victim. Our work employs Storj as an example technology, due to its popularity and market size. Storj is a blockchain enabled system that allows people to rent out their hard drive space …

Project Insight: A Granular Approach To Enterprise Cybersecurity, Sunna Quazi, Adam Baca, Sam Darsche

SMU Data Science Review

In this paper, we disambiguate risky activity corporate users are propagating with their software in real time by creating an enterprise security visualization solution for system administrators. The current problem in this domain is the lag in cyber intelligence that inhibits preventative security measure execution. This is partially due to the overemphasis of network activity, which is a nonfinite dataset and is difficult to comprehensively ingest with analytics. We address these concerns by elaborating on the beta of a software called "Insight" created by Felix Security. The overall solution leverages endpoint data along with preexisting whitelist/blacklist designations to unambiguously communicate …

Securing Modern Cyberspace Using A Multi-Faceted Approach, Yu Li

Browse all Theses and Dissertations

Security has become one of the most significant concerns for our cyberspace. Securing the cyberspace, however, becomes increasingly challenging. This can be attributed to the rapidly growing diversities and complexity of the modern cyberspace. Specifically, it is not any more dominated by connected personal computers (PCs); instead, it is greatly characterized by cyber-physical systems (CPS), embedded systems, dynamic services, and human-computer interactions. Securing modern cyberspace therefore calls for a multi-faceted approach capable of systematically integrating these emerging characteristics. This dissertation presents our novel and significant solutions towards this direction. Specifically, we have devised automated, systematic security solutions to three critical …

Inception: Virtual Space In Memory Space In Real Space, Peter Casey, Rebecca Lindsay-Decusati, Ibrahim Baggili, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

Virtual Reality (VR) has become a reality. With the technology's increased use cases, comes its misuse. Malware affecting the Virtual Environment (VE) may prevent an investigator from ascertaining virtual information from a physical scene, or from traditional “dead” analysis. Following the trend of antiforensics, evidence of an attack may only be found in memory, along with many other volatile data points. Our work provides the primary account for the memory forensics of Immersive VR systems, and in specific the HTC Vive. Our approach is capable of reconstituting artifacts from memory that are relevant to the VE, and is also capable …

Comprehending The Safety Paradox And Privacy Concerns With Medical Device Remote Patient Monitoring, Marc Doyle

CCE Theses and Dissertations

Medical literature identifies a number of technology-driven improvements in disease management such as implantable medical devices (IMDs) that are a standard treatment for candidates with specific diseases. Among patients using implantable cardiac defibrillators (ICD), for example, problems and issues are being discovered faster compared to patients without monitoring, improving safety. What is not known is why patients report not feeling safer, creating a safety paradox, and why patients identify privacy concerns in ICD monitoring.

There is a major gap in the literature regarding the factors that contribute to perceived safety and privacy in remote patient monitoring (RPM). To address this …

A Light-Weight Solution For Blackhole Attacks In Wireless Sensor Networks, Bi̇lal Erman Bi̇lgi̇n, Selçuk Baktir

Turkish Journal of Electrical Engineering and Computer Sciences

Wireless sensors, which are smaller and cheaper, have started being used in many different applications. Military applications, health care and industrial monitoring, environmental applications, smart grids, and vehicular ad-hoc networks are some of the best known applications of wireless sensors. In some applications, especially military, environmental, and health care applications, it is required that the communication between sensor nodes be encrypted to achieve privacy and confidentiality. In this work, some modifications have been made to the ad-hoc on-demand distance vector routing protocol, mostly preferred in wireless sensor networks, to make data communications more reliable. The proposed routing protocol is shown …