Engineering Commons^™

Side Channel Detection Of Pc Rootkits Using Nonlinear Phase Space, Rebecca Clark

Honors Theses

Cyberattacks are increasing in size and scope yearly, and the most effective and common means of attack is through malicious software executed on target devices of interest. Malware threats vary widely in terms of behavior and impact and, thus, effective methods of detection are constantly being sought from the academic research community to offset both volume and complexity. Rootkits are malware that represent a highly feared threat because they can change operating system integrity and alter otherwise normally functioning software. Although normal methods of detection that are based on signatures of known malware code are the standard line of defense, …

An Efficient Privacy-Preserving Framework For Video Analytics, Tian Zhou

Doctoral Dissertations

With the proliferation of video content from surveillance cameras, social media, and live streaming services, the need for efficient video analytics has grown immensely. In recent years, machine learning based computer vision algorithms have shown great success in various video analytic tasks. Specifically, neural network models have dominated in visual tasks such as image and video classification, object recognition, object detection, and object tracking. However, compared with classic computer vision algorithms, machine learning based methods are usually much more compute-intensive. Powerful servers are required by many state-of-the-art machine learning models. With the development of cloud computing infrastructures, people are able …

Ensuring Non-Repudiation In Long-Distance Constrained Devices, Ethan Blum

Honors Theses

Satellite communication is essential for the exploration and study of space. Satellites allow communications with many devices and systems residing in space and on the surface of celestial bodies from ground stations on Earth. However, with the rise of Ground Station as a Service (GsaaS), the ability to efficiently send action commands to distant satellites must ensure non-repudiation such that an attacker is unable to send malicious commands to distant satellites. Distant satellites are also constrained devices and rely on limited power, meaning security on these devices is minimal. Therefore, this study attempted to propose a novel algorithm to allow …

Reinforcing Digital Trust For Cloud Manufacturing Through Data Provenance Using Ethereum Smart Contracts, Trupti Narayan Rane

Engineering Management & Systems Engineering Theses & Dissertations

Cloud Manufacturing(CMfg) is an advanced manufacturing model that caters to fast-paced agile requirements (Putnik, 2012). For manufacturing complex products that require extensive resources, manufacturers explore advanced manufacturing techniques like CMfg as it becomes infeasible to achieve high standards through complete ownership of manufacturing artifacts (Kuan et al., 2011). CMfg, with other names such as Manufacturing as a Service (MaaS) and Cyber Manufacturing (NSF, 2020), addresses the shortcoming of traditional manufacturing by building a virtual cyber enterprise of geographically distributed entities that manufacture custom products through collaboration.

With manufacturing venturing into cyberspace, Digital Trust issues concerning product quality, data, and intellectual …

Framework For Assessing Information System Security Posture Risks, Syed Waqas Hamdani

Electronic Thesis and Dissertation Repository

In today’s data-driven world, Information Systems, particularly the ones operating in regulated industries, require comprehensive security frameworks to protect against loss of confidentiality, integrity, or availability of data, whether due to malice, accident or otherwise. Once such a security framework is in place, an organization must constantly monitor and assess the overall compliance of its systems to detect and rectify any issues found. This thesis presents a technique and a supporting toolkit to first model dependencies between security policies (referred to as controls) and, second, devise models that associate risk with policy violations. Third, devise algorithms that propagate risk when …

Blockchain Security: Double-Spending Attack And Prevention, William Henry Scott Iii

Electronic Theses and Dissertations

This thesis shows that distributed consensus systems based on proof of work are vulnerable to hashrate-based double-spending attacks due to abuse of majority rule. Through building a private fork of Litecoin and executing a double-spending attack this thesis examines the mechanics and principles behind the attack. This thesis also conducts a survey of preventative measures used to deter double-spending attacks, concluding that a decentralized peer-to-peer network using proof of work is best protected by the addition of an observer system whether internal or external.

Rattus Norvegicus As A Biological Detector Of Clandestine Remains And The Use Of Ultrasonic Vocalizations As A Locating Mechanism, Gabrielle M. Johnston

Master's Theses

In investigations, locating missing persons and clandestine remains are imperative. One way that first responder and police agencies can search for the remains is by using cadaver dogs as biological detectors. Cadaver dogs are typically used due to their olfactory sensitivity and ability to detect low concentrations of volatile organic compounds produced by biological remains. Cadaver dogs are typically chosen for their stamina, agility, and olfactory sensitivity. However, what is not taken into account often is the size of the animal and the expense of maintaining and training the animal. Cadaver dogs are typically large breeds that cannot fit in …

Trace Dna Detection Using Diamond Dye: A Recovery Technique To Yield More Dna, Leah Davis

Master's Theses

This study aspires to find a new screening approach to trace DNA recovery techniques to yield a higher quantity of trace DNA from larger items of evidence. It takes the path of visualizing trace DNA on items of evidence with potential DNA so analysts can swab a more localized area rather than attempting to recover trace DNA through the general swabbing technique currently used for trace DNA recovery. The first and second parts consisted of observing trace DNA interaction with Diamond Dye on porous and non-porous surfaces.

The third part involved applying the Diamond Dye solution by spraying it onto …

Reverse Engineering Post-Quantum Cryptography Schemes To Find Rowhammer Exploits, Sam Lefforge

Computer Science and Computer Engineering Undergraduate Honors Theses

Post-quantum cryptography is a necessary countermeasure to protect against attacks from quantum computer. However, the post-quantum cryptography schemes are potentially vulnerable to side channel attacks. One such method of attacking involves creating bit-flips in victim memory through a process called Rowhammer. These attacks can vary in nature, but can involve rowhammering bits to raise the encryption scheme's decryption failure rate, or modifying the scheme's random seed. With a high enough decryption failure rate, it becomes feasible to generate sufficient information about the secret key to perform a key recovery attack. This thesis proposed two attacks on proposed post-quantum cryptography algorithms, …

Critical Infrastructure Workforce Development Pods For Teaching Cybersecurity Using Netlab+, Gideon Sutterfield

Computer Science and Computer Engineering Undergraduate Honors Theses

As digital automation for Industrial Control Systems has grown, so has its
vulnerability to cyberattacks. The world of industry has responded effectively to this, but the world of academia is still lagging as its emphasis is still almost entirely on information technology. Considering this, we created a workforce development pod that serves as a hands-on learning module for teaching students key cybersecurity ideas surrounding operational technology using the NETLAB+ platform. A pod serves as the virtual environment where the learning exercise takes place. This project’s implementation involved the creation of a segmented network within the pod where a student starts …

A Secure And Distributed Architecture For Vehicular Cloud And Protocols For Privacy-Preserving Message Dissemination In Vehicular Ad Hoc Networks, Hassan Mistareehi

Theses and Dissertations--Computer Science

Given the enormous interest in self-driving cars, Vehicular Ad hoc NETworks (VANETs) are likely to be widely deployed in the near future. Cloud computing is also gaining widespread deployment. Marriage between cloud computing and VANETs would help solve many of the needs of drivers, law enforcement agencies, traffic management, etc. The contributions of this dissertation are summarized as follows: A Secure and Distributed Architecture for Vehicular Cloud: Ensuring security and privacy is an important issue in the vehicular cloud; if information exchanged between entities is modified by a malicious vehicle, serious consequences such as traffic congestion and accidents can …

Defense Of A Small Network, Isabella Adkins

Williams Honors College, Honors Research Projects

A sample network will be virtually created consisting of three routers, one switch, and three hosts. The network will be secured using various methods such as enabling passwords and encryption. After the network has been properly secured, various attacks will be attempted with the goal of breaking into the network. These attacks include reconnaissance (gathering information), penetrating the network using the tool Metasploit, and attempting to get a credential phishing email to end users. If successful in the attacks, the network will be revisited and analyzed for any weaknesses or oversights.

Small Business Office Network, Michael Gerome

Williams Honors College, Honors Research Projects

This project will emulate a small office network environment. The project will demonstrate the process of building and configuring the network to meet the requirements laid out in the project plan. This network includes four subnets with Windows 10 end devices and a Kali Linux device, it also includes five Cisco layer 2 switches and three Cisco routers. There are also three subnets connecting the routers to each other to enable routing between the subnets. After the network environment is set up, various penetration tests are performed from the Kali Linux device to gather information. The Nmap reconnaissance tool is …

Material Extrusion-Based Additive Manufacturing: G-Code And Firmware Attacks And Defense Frameworks, Haris Rais

Theses and Dissertations

Additive Manufacturing (AM) refers to a group of manufacturing processes that create physical objects by sequentially depositing thin layers. AM enables highly customized production with minimal material wastage, rapid and inexpensive prototyping, and the production of complex assemblies as single parts in smaller production facilities. These features make AM an essential component of Industry 4.0 or Smart Manufacturing. It is now used to print functional components for aircraft, rocket engines, automobiles, medical implants, and more. However, the increased popularity of AM also raises concerns about cybersecurity. Researchers have demonstrated strength degradation attacks on printed objects by injecting cavities in the …

Supporting The Discovery, Reuse, And Validation Of Cybersecurity Requirements At The Early Stages Of The Software Development Lifecycle, Jessica Antonia Steinmann

Doctoral Dissertations and Master's Theses

The focus of this research is to develop an approach that enhances the elicitation and specification of reusable cybersecurity requirements. Cybersecurity has become a global concern as cyber-attacks are projected to cost damages totaling more than $10.5 trillion dollars by 2025. Cybersecurity requirements are more challenging to elicit than other requirements because they are nonfunctional requirements that requires cybersecurity expertise and knowledge of the proposed system. The goal of this research is to generate cybersecurity requirements based on knowledge acquired from requirements elicitation and analysis activities, to provide cybersecurity specifications without requiring the specialized knowledge of a cybersecurity expert, and …

Cyber Deception For Critical Infrastructure Resiliency, Md Ali Reza Al Amin

Computational Modeling & Simulation Engineering Theses & Dissertations

The high connectivity of modern cyber networks and devices has brought many improvements to the functionality and efficiency of networked systems. Unfortunately, these benefits have come with many new entry points for attackers, making systems much more vulnerable to intrusions. Thus, it is critically important to protect cyber infrastructure against cyber attacks. The static nature of cyber infrastructure leads to adversaries performing reconnaissance activities and identifying potential threats. Threats related to software vulnerabilities can be mitigated upon discovering a vulnerability and-, developing and releasing a patch to remove the vulnerability. Unfortunately, the period between discovering a vulnerability and applying a …

Predictors Of Email Response: Determinants Of The Intention Of Not Following Security Recommendations, Miguel Angel Toro-Jarrin

Engineering Management & Systems Engineering Theses & Dissertations

Organizations and government leaders are concerned about cyber incidents. For some time, researchers have studied what motivates people to act in ways that put the confidentiality, integrity, and availability of information in organizations at risk. Still, several areas remained unexplored, including the role of employees’ evaluation of the organizational systems and the role of value orientation at work as precursors of secure and insecure actions in relation to information technologies (information security [IS] action). The objective of this research project was to examine how the evaluations of formal and informal security norms are associated with the intention to follow them …

Privacy Assessment Breakthrough: A Design Science Approach To Creating A Unified Methodology, Lisa Mckee

Masters Theses & Doctoral Dissertations

Recent changes have increased the need for and awareness of privacy assessments. Organizations focus primarily on Privacy Impact Assessments (PIA) and Data Protection Impact Assessments (DPIA) but rarely take a comprehensive approach to assessments or integrate the results into a privacy risk program. There are numerous industry standards and regulations for privacy assessments, but the industry lacks a simple unified methodology with steps to perform privacy assessments. The objectives of this research project are to create a new privacy assessment methodology model using the design science methodology, update industry standards and present training for conducting privacy assessments that can be …

Comparative Study Of Snort 3 And Suricata Intrusion Detection Systems, Cole Hoover

Computer Science and Computer Engineering Undergraduate Honors Theses

Network Intrusion Detection Systems (NIDS) are one layer of defense that can be used to protect a network from cyber-attacks. They monitor a network for any malicious activity and send alerts if suspicious traffic is detected. Two of the most common open-source NIDS are Snort and Suricata. Snort was first released in 1999 and became the industry standard. The one major drawback of Snort has been its single-threaded architecture. Because of this, Suricata was released in 2009 and uses a multithreaded architecture. Snort released Snort 3 last year with major improvements from earlier versions, including implementing a new multithreaded architecture …

Optimized Damage Assessment And Recovery Through Data Categorization In Critical Infrastructure System., Shruthi Ramakrishnan

Graduate Theses and Dissertations

Critical infrastructures (CI) play a vital role in majority of the fields and sectors worldwide. It contributes a lot towards the economy of nations and towards the wellbeing of the society. They are highly coupled, interconnected and their interdependencies make them more complex systems. Thus, when a damage occurs in a CI system, its complex interdependencies make it get subjected to cascading effects which propagates faster from one infrastructure to another resulting in wide service degradations which in turn causes economic and societal effects. The propagation of cascading effects of disruptive events could be handled efficiently if the assessment and …

Side-Channel Analysis On Post-Quantum Cryptography Algorithms, Tristen Teague

Computer Science and Computer Engineering Undergraduate Honors Theses

The advancements of quantum computers brings us closer to the threat of our current asymmetric cryptography algorithms being broken by Shor's Algorithm. NIST proposed a standardization effort in creating a new class of asymmetric cryptography named Post-Quantum Cryptography (PQC). These new algorithms will be resistant against both classical computers and sufficiently powerful quantum computers. Although the new algorithms seem mathematically secure, they can possibly be broken by a class of attacks known as side-channels attacks (SCA). Side-channel attacks involve exploiting the hardware that the algorithm runs on to figure out secret values that could break the security of the system. …

Framework Of Hardware Trojan Detection Leveraging Structural Checking Tool, Rafael Dacanay Del Carmen

Graduate Theses and Dissertations

Since there is a significant demand for obtaining third-party soft Intellectual Property (IP) by first-party integrated circuit (IC) vendors, it is becoming easier for adversaries to insert malicious logic known as hardware Trojans into designs. Due to this, vendors need to find ways to screen the third-party IPs for possible security threats and then mitigate them. The development of the Structural Checking (SC) tool provides a solution to this issue. This tool analyzes the structure of an unknown soft IP design and creates a network of all the signals within the design and how they are connected to each other. …

Analysis Of Gpu Memory Vulnerabilities, Jarrett Hoover

Computer Science and Computer Engineering Undergraduate Honors Theses

Graphics processing units (GPUs) have become a widely used technology for various purposes. While their intended use is accelerating graphics rendering, their parallel computing capabilities have expanded their use into other areas. They are used in computer gaming, deep learning for artificial intelligence and mining cryptocurrencies. Their rise in popularity led to research involving several security aspects, including this paper’s focus, memory vulnerabilities. Research documented many vulnerabilities, including GPUs not implementing address space layout randomization, not zeroing out memory after deallocation, and not initializing newly allocated memory. These vulnerabilities can lead to a victim’s sensitive data being leaked to an …

Securing Infiniband Networks With End-Point Encryption, Noah B. Diamond

Theses and Dissertations

The NVIDIA-Mellanox Bluefield-2 is a 100 Gbps high-performance network interface which offers hardware offload and acceleration features that can operate directly on network traffic without routine involvement from the ARM CPU. This allows the ARM multi-core CPU to orchestrate the hardware to perform operations on both Ethernet and RDMA traffic at high rates rather than processing all the traffic directly. A testbed called TNAP was created for performance testing and a MiTM verification process called MiTMVMP is used to ensure proper network configuration. The hardware accelerators of the Bluefield-2 support a throughput of nearly 86 Gbps when using IPsec to …

Malware Detection Using Electromagnetic Side-Channel Analysis, Matthew A. Bergstedt

Theses and Dissertations

Many physical systems control or monitor important applications without the capacity to monitor for malware using on-device resources. Thus, it becomes valuable to explore malware detection methods for these systems utilizing external or off-device resources. This research investigates the viability of employing EM SCA to determine whether a performed operation is normal or malicious. A Raspberry Pi 3 was set up as a simulated motor controller with code paths for a normal or malicious operation. While the normal path only calculated the motor speed before updating the motor, the malicious path added a line of code to modify the calculated …

Examining Cooperative System Responses Against Grid Integrity Attacks, Alexander D. Parady

Honors Undergraduate Theses

Smart grid technologies are integral to society’s transition to sustainable energy sources, but they do not come without a cost. As the energy sector shifts away from a century’s reliance on fossil fuels and centralized generation, technology that actively monitors and controls every aspect of the power infrastructure has been widely adopted, resulting in a plethora of new vulnerabilities that have already wreaked havoc on critical infrastructure. Integrity attacks that feedback false data through industrial control systems, which result in possible catastrophic overcorrections and ensuing failures, have plagued grid infrastructure over the past several years. This threat is now at …

Evaluating Similarity Of Cross-Architecture Basic Blocks, Elijah L. Meyer

Browse all Theses and Dissertations

Vulnerabilities in source code can be compiled for multiple processor architectures and make their way into several different devices. Security researchers frequently have no way to obtain this source code to analyze for vulnerabilities. Therefore, the ability to effectively analyze binary code is essential. Similarity detection is one facet of binary code analysis. Because source code can be compiled for different architectures, the need can arise for detecting code similarity across architectures. This need is especially apparent when analyzing firmware from embedded computing environments such as Internet of Things devices, where the processor architecture is dependent on the product and …

Secure Authenticated Key Exchange For Enhancing The Security Of Routing Protocol For Low-Power And Lossy Networks, Sarah Mohammed Alzahrani

Browse all Theses and Dissertations

The current Routing Protocol for Low Power and Lossy Networks (RPL) standard provides three security modes Unsecured Mode (UM), Preinstalled Secure Mode (PSM), and Authenticated Secure Mode (ASM). The PSM and ASM are designed to prevent external routing attacks and specific replay attacks through an optional replay protection mechanism. RPL's PSM mode does not support key replacement when a malicious party obtains the key via differential cryptanalysis since it considers the key to be provided to nodes during the configuration of the network. This thesis presents an approach to implementing a secure authenticated key exchange mechanism for RPL, which ensures …

Integration Of Blockchain Technology Into Automobiles To Prevent And Study The Causes Of Accidents, John Kim

Electronic Theses, Projects, and Dissertations

Automobile collisions occur daily. We now live in an information-driven world, one where technology is quickly evolving. Blockchain technology can change the automotive industry, the safety of the motoring public and its surrounding environment by incorporating this vast array of information. It can place safety and efficiency at the forefront to pedestrians, public establishments, and provide public agencies with pertinent information securely and efficiently. Other industries where Blockchain technology has been effective in are as follows: supply chain management, logistics, and banking. This paper reviews some statistical information regarding automobile collisions, Blockchain technology, Smart Contracts, Smart Cities; assesses the feasibility …

Analysis Of Deep Learning Methods For Wired Ethernet Physical Layer Security Of Operational Technology, Lucas Torlay

All Theses

The cybersecurity of power systems is jeopardized by the threat of spoofing and man-in-the-middle style attacks due to a lack of physical layer device authentication techniques for operational technology (OT) communication networks. OT networks cannot support the active probing cybersecurity methods that are popular in information technology (IT) networks. Furthermore, both active and passive scanning techniques are susceptible to medium access control (MAC) address spoofing when operating at Layer 2 of the Open Systems Interconnection (OSI) model. This thesis aims to analyze the role of deep learning in passively authenticating Ethernet devices by their communication signals. This method operates at …