Computer Engineering Commons^™

Splicecube Architecture: An Extensible Wi-Fi Monitoring Architecture For Smart-Home Networks, Namya Malik

Dartmouth College Master’s Theses

The vision of smart homes is rapidly becoming a reality, as the Internet of Things and other smart devices are deployed widely. Although smart devices offer convenience, they also create a significant management problem for home residents. With a large number and variety of devices in the home, residents may find it difficult to monitor, or even locate, devices. A central controller that brings all the home’s smart devices under secure management and a unified interface would help homeowners and residents track and manage their devices.

We envision a solution called the SPLICEcube whose goal is to detect smart devices, …

Dismantling The “Black Opticon”: Privacy, Race Equity, And Online Data-Protection Reform, Anita L. Allen

All Faculty Scholarship

African Americans online face three distinguishable but related categories of vulnerability to bias and discrimination that I dub the “Black Opticon”: discriminatory oversurveillance, discriminatory exclusion, and discriminatory predation. Escaping the Black Opticon is unlikely without acknowledgement of privacy’s unequal distribution and privacy law’s outmoded and unduly race-neutral façade. African Americans could benefit from race-conscious efforts to shape a more equitable digital public sphere through improved laws and legal institutions. This Essay critically elaborates the Black Opticon triad and considers whether the Virginia Consumer Data Protection Act (2021), the federal Data Protection Act (2021), and new resources for the Federal Trade …

A Proportionality-Based Framework For Government Regulation Of Digital Tracing Apps In Times Of Emergency, Sharon Bassan

Dickinson Law Review (2017-Present)

Times of emergency present an inherent conflict between the public interest and the preservation of individual rights. Such times require granting emergency powers to the government on behalf of the public interest and relaxing safeguards against government actions that infringe rights. The lack of theoretical framework to assess governmental decisions in times of emergency leads to a polarized and politicized discourse about potential policies, and often, to public distrust and lack of compliance.

Such a discourse was evident regarding Digital Tracing Apps (“DTAs”), which are apps installed on cellular phones to alert users that they were exposed to people who …

Book Review: This Is How They Tell Me The World Ends: The Cyberweapons Arms Race (2020) By Nicole Perlroth, Amy C. Gaudion

Dickinson Law Review (2017-Present)

No abstract provided.

Towards A Federated Identity And Access Management Across Universities, Jameel Alsulami

Doctoral Dissertations and Master's Theses

Many research projects are too complex to yield the efforts of a single investigator and require a coordinated effort from interdisciplinary research teams across universities and industries. The research data, documents, experimental testbeds, high-end computing equipment, etc. is a critical component of any large-scale project and hence the cooperation and resource sharing across universities become very important for timely and budget-friendly execution of these projects. However, it is extremely challenging to frequently and effectively access data and other resources across universities without creating new identities for the users. In this thesis, we propose Federated Identity Management (FIM) approach for facilitating …

Icts For Surveillance And Suppression: The Case Of The Indian Emergency 1975-1977, Ramesh Subramanian

Journal of International Technology and Information Management

Information and Communications technologies (ICT) pervade society. The Internet, wireless communication, and social media are ubiquitous in and indispensable in society today. As they continue to grow and mushroom, there are new and increased calls from various segments of the society such as technologists, activists, sociologists, and legal experts, who issue warnings on the more nefarious and undesirable uses of ICTs, especially by governments. In fact, government control and surveillance using ICTs is not a new phenomenon. By looking at history, we are able to see several instances when ICTs have been used by governments to control, surveil, and infringe …

The First Amendment, Common Carriers, And Public Accommodations: Net Neutrality, Digital Platforms, And Privacy, Christopher S. Yoo

All Faculty Scholarship

Recent prominent judicial opinions have assumed that common carriers have few to no First Amendment rights and that calling an actor a common carrier or public accommodation could justify limiting its right to exclude and mandating that it provide nondiscriminatory access. A review of the history reveals that the underlying law is richer than these simple statements would suggest. The principles for determining what constitutes a common carrier or a public accommodation and the level of First Amendment protection both turn on whether the actor holds itself out as serving all members of the public or whether it asserts editorial …

The Law Of Black Mirror - Syllabus, Yafit Lev-Aretz, Nizan Packin

Open Educational Resources

Using episodes from the show Black Mirror as a study tool - a show that features tales that explore techno-paranoia - the course analyzes legal and policy considerations of futuristic or hypothetical case studies. The case studies tap into the collective unease about the modern world and bring up a variety of fascinating key philosophical, legal, and economic-based questions.

Traffic Privacy Study On Internet Of Things – Smart Home Applications, Ayan Patel

Master's Theses

Internet of Things (IoT) devices have been widely adopted in many different applications in recent years, such as smart home applications. An adversary can capture the network traffic of IoT devices and analyze it to reveal user activities even if the traffic is encrypted. Therefore, traffic privacy is a major concern, especially in smart home applications. Traffic shaping can be used to obfuscate the traffic so that no meaningful predictions can be drawn through traffic analysis. Current traffic shaping methods have many tunable variables that are difficult to optimize to balance bandwidth overheads and latencies. In this thesis, we study …

From Protecting To Performing Privacy, Garfield Benjamin

The Journal of Sociotechnical Critique

Privacy is increasingly important in an age of facial recognition technologies, mass data collection, and algorithmic decision-making. Yet it persists as a contested term, a behavioural paradox, and often fails users in practice. This article critiques current methods of thinking privacy in protectionist terms, building on Deleuze's conception of the society of control, through its problematic relation to freedom, property and power. Instead, a new mode of understanding privacy in terms of performativity is provided, drawing on Butler and Sedgwick as well as Cohen and Nissenbaum. This new form of privacy is based on identity, consent and collective action, a …

The Data Market: A Proposal To Control Data About You, David Shaw, Daniel W. Engels

SMU Data Science Review

The current legal and economic infrastructure facilitating data collection practices and data analysis has led to extreme over-collection of data and the overall loss of personal privacy. Data over-collection has led to a secondary market for consumer data that is invisible to the consumer and results in a person's data being distributed far beyond their knowledge or control. In this paper, we propose a Data Market framework and design for personal data management and privacy protection in which the individual controls and profits from the dissemination of their data. Our proposed Data Market uses a market-based approach utilizing blockchain distributed …

Privacy-Aware Security Applications In The Era Of Internet Of Things, Abbas Acar

FIU Electronic Theses and Dissertations

In this dissertation, we introduce several novel privacy-aware security applications. We split these contributions into three main categories: First, to strengthen the current authentication mechanisms, we designed two novel privacy-aware alternative complementary authentication mechanisms, Continuous Authentication (CA) and Multi-factor Authentication (MFA). Our first system is Wearable-assisted Continuous Authentication (WACA), where we used the sensor data collected from a wrist-worn device to authenticate users continuously. Then, we improved WACA by integrating a noise-tolerant template matching technique called NTT-Sec to make it privacy-aware as the collected data can be sensitive. We also designed a novel, lightweight, Privacy-aware Continuous Authentication (PACA) protocol. PACA …

Deepmag+ : Sniffing Mobile Apps In Magnetic Field Through Deep Learning, Rui Ning, Cong Wang, Chunsheng Xin, Jiang Li, Hongyi Wu

Electrical & Computer Engineering Faculty Publications

This paper reports a new side-channel attack to smartphones using the unrestricted magnetic sensor data. We demonstrate that attackers can effectively infer the Apps being used on a smartphone with an accuracy of over 80%, through training a deep Convolutional Neural Networks (CNN). Various signal processing strategies have been studied for feature extractions, including a tempogram based scheme. Moreover, by further exploiting the unrestricted motion sensor to cluster magnetometer data, the sniffing accuracy can increase to as high as 98%. To mitigate such attacks, we propose a noise injection scheme that can effectively reduce the App sniffing accuracy to only …

Assessing The Competing Characteristics Of Privacy And Safety Within Vehicular Ad Hoc Networks, Jacob W. Connors

Theses and Dissertations

The introduction of Vehicle-to-Vehicle (V2V) communication has the promise of decreasing vehicle collisions, congestion, and emissions. However, this technology places safety and privacy at odds; an increase of safety applications will likely result in the decrease of consumer privacy. The National Highway Traffic Safety Administration (NHTSA) has proposed the Security Credential Management System (SCMS) as the back end infrastructure for maintaining, distributing, and revoking vehicle certificates attached to every Basic Safety Message (BSM). This Public Key Infrastructure (PKI) scheme is designed around the philosophy of maintaining user privacy through the separation of functions to prevent any one subcomponent from identifying …

Modeling Adversarial Insider Vehicles In Mix Zones, Nicholas Plewtong

Master's Theses

Security is a necessity when dealing with new forms of technology that may not have been analyzed from a security perspective. One of the latest growing technological advances are Vehicular Ad-Hoc Networks (VANETs). VANETs allow vehicles to communicate information to each other wirelessly which allows for an increase in safety and efficiency for vehicles. However, with this new type of computerized system comes the need to maintain security on top of it.

In order to try to protect location privacy of the vehicles in the system, vehicles change pseudonyms or identifiers at areas known as mix zones. This thesis implements …

Privacy Risks And Security Threats In Mhealth Apps, Brinda Hansraj Sampat, Bala Prabhakar

Journal of International Technology and Information Management

mHealth (Mobile Health) applications (apps) have transformed the doctor-patient relationship. They help users with varied functionalities such as monitoring their health, understanding specific health conditions, consulting doctors online and achieving fitness goals. Whilst these apps provide an option of equitable and convenient access to healthcare, a lot of personal and sensitive data about users is collected, stored and shared to achieve these functionalities. Little is known about the privacy and security concerns these apps address. Based on literature review, this paper identifies the privacy risks and security features for evaluating thirty apps in the Medical category across two app distribution …

Lightweight Three-Factor Authentication And Key Agreement Protocol For Internet-Integrated Wireless Sensor Networks, Qi Jiang, Sherali Zeadally, Jianfeng Ma, Debiao He

Information Science Faculty Publications

Wireless sensor networks (WSNs) will be integrated into the future Internet as one of the components of the Internet of Things, and will become globally addressable by any entity connected to the Internet. Despite the great potential of this integration, it also brings new threats, such as the exposure of sensor nodes to attacks originating from the Internet. In this context, lightweight authentication and key agreement protocols must be in place to enable end-to-end secure communication. Recently, Amin et al. proposed a three-factor mutual authentication protocol for WSNs. However, we identified several flaws in their protocol. We found that their …

Privacy And The Information Age: A Longitudinal View, Charles E. Downing

Journal of International Technology and Information Management

As information systems and data storage capacity become increasingly sophisticated, an important ethical question for organizations is “What can/will/should be done with the personal information that has been and can be collected?” Individuals’ privacy is certainly important, but so is less costly and more targeted business processes. As this conflict intensifies, consumers, managers and policy makers are left wondering: What privacy principles are important to guide organizations in self-regulation? For example, do consumers view the five rights originally stated in the European Data Protection Directive as important? Comprehensive? Is there a product discount point where consumers would forsake these principles? …

Longer Than A Telephone Wire - Voice Firewalls To Counter Ubiquitous Lie Detection, Carl Reynolds, Matt Smith, Mark Woodman

The ITB Journal

Mobile computing and communication devices are open to surreptitious privacy attacks using emotion detection techniques; largely utilising work carried out in the area of voice stress analysis (VSA). This paper extends some work in the area of removing emotion cues in the voice, specifically focusing on lie detection and presents the results of a pilot study indicating that the use of mobile phones in situations of stress is common and that awareness of VSA is low. Existing strategies for the removal or modification of emotion cues, based on models of synthesis are considered and weaknesses are identified.

An Innovative Approach Towards Applying Chaum Mixing To Sms, Matthew Patrick Rothmeyer

Graduate Theses and Dissertations

Currently there are few user-friendly applications for anonymous communication across multiple platforms, leaving data that is often both personal and private vulnerable to malicious activity. Mobile devices such as smartphones are prime candidates for such an application as they are pervasive and have standardized communication protocols. Through the application of mixing techniques, these devices can provide anonymity for groups of individuals numbering 30 to 40 members. In this work, a Chaum mix inspired, smartphone based network that uses the Short Message Service (SMS) is described first in theory and then in implementation. This system leverages both techniques used by current …

A Novel Defense Mechanism Against Web Crawler Intrusion, Alireza Aghamohammadi

Master's Theses and Doctoral Dissertations

Web robots also known as crawlers or spiders are used by search engines, hackers and spammers to gather information about web pages. Timely detection and prevention of unwanted crawlers increases privacy and security of websites. In this research, a novel method to identify web crawlers is proposed to prevent unwanted crawler to access websites. The proposed method suggests a five-factor identification process to detect unwanted crawlers. This study provides the pretest and posttest results along with a systematic evaluation of web pages with the proposed identification technique versus web pages without the proposed identification process. An experiment was performed with …

Trajectory Privacy Preservation In Mobile Wireless Sensor Networks, Xinyu Jin

FIU Electronic Theses and Dissertations

In recent years, there has been an enormous growth of location-aware devices, such as GPS embedded cell phones, mobile sensors and radio-frequency identification tags. The age of combining sensing, processing and communication in one device, gives rise to a vast number of applications leading to endless possibilities and a realization of mobile Wireless Sensor Network (mWSN) applications. As computing, sensing and communication become more ubiquitous, trajectory privacy becomes a critical piece of information and an important factor for commercial success. While on the move, sensor nodes continuously transmit data streams of sensed values and spatiotemporal information, known as ``trajectory information". …

When Antitrust Met Facebook, Christopher S. Yoo

All Faculty Scholarship

Social networks are among the hottest phenomena on the Internet. Facebook eclipsed Google as the most visited website in both 2010 and 2011. Moreover, according to Nielsen estimates, as of the end of 2011 the average American spent nearly seven hours per month on Facebook, which is more time than they spent on Google, Yahoo!, YouTube, Microsoft, and Wikipedia combined. LinkedIn’s May 19, 2011 initial public offering (“IPO”) surpassed expectations, placing the value of the company at nearly $9 billion, and approximately a year later, its stock price had risen another 20 percent. Facebook followed suit a year later with …

On The Applications Of Deterministic Chaos For Encrypting Data On The Cloud, Jonathan Blackledge, Nikolai Ptitsyn

Conference papers

Cloud computing is expected to grow considerably in the future because it has so many advantages with regard to sale and cost, change management, next generation architectures, choice and agility. However, one of the principal concerns for users of the Cloud is lack of control and above all, data security. This paper considers an approach to encrypting information before it is ‘placed’ on the Cloud where each user has access to their own encryption algorithm, an algorithm that is based on a set of iterated function systems that outputs a chaotic number stream, designed to produce a cryptographically secure cipher. …

The Changing Patterns Of Internet Usage, Christopher S. Yoo

All Faculty Scholarship

The Internet unquestionably represents one of the most important technological developments in recent history. It has revolutionized the way people communicate with one another and obtain information and created an unimaginable variety of commercial and leisure activities. Interestingly, many members of the engineering community often observe that the current network is ill-suited to handle the demands that end users are placing on it. Indeed, engineering researchers often describe the network as ossified and impervious to significant architectural change. As a result, both the U.S. and the European Commission are sponsoring “clean slate” projects to study how the Internet might be …

A Taxonomy For And Analysis Of Anonymous Communications Networks, Douglas J. Kelly

Theses and Dissertations

Any entity operating in cyberspace is susceptible to debilitating attacks. With cyber attacks intended to gather intelligence and disrupt communications rapidly replacing the threat of conventional and nuclear attacks, a new age of warfare is at hand. In 2003, the United States acknowledged that the speed and anonymity of cyber attacks makes distinguishing among the actions of terrorists, criminals, and nation states difficult. Even President Obama’s Cybersecurity Chief-elect recognizes the challenge of increasingly sophisticated cyber attacks. Now through April 2009, the White House is reviewing federal cyber initiatives to protect US citizen privacy rights. Indeed, the rising quantity and ubiquity …

Analysis Of Information Remaining On Hand Held Devices For Sale On The Second Hand Market, Andrew Jones, Craig Valli, Iain Sutherland

Research outputs pre 2011

The ownership and use of mobile phones, Personal Digital Assistants and other hand held devices is now ubiquitous both for home and business use. The majority of these devices have a high initial cost, a relatively short period before they become obsolescent and a relatively low second hand value. As a result of this, when the devices are replaced, there are indications that they tend to be discarded. As technology has continued to develop, it has led to an increasing diversity in the number and type of devices that are available, and the processing power and the storage capacity of …