Computer Engineering Commons^™

Critical Infrastructure Workforce Development Pods For Teaching Cybersecurity Using Netlab+, Gideon Sutterfield

Computer Science and Computer Engineering Undergraduate Honors Theses

As digital automation for Industrial Control Systems has grown, so has its
vulnerability to cyberattacks. The world of industry has responded effectively to this, but the world of academia is still lagging as its emphasis is still almost entirely on information technology. Considering this, we created a workforce development pod that serves as a hands-on learning module for teaching students key cybersecurity ideas surrounding operational technology using the NETLAB+ platform. A pod serves as the virtual environment where the learning exercise takes place. This project’s implementation involved the creation of a segmented network within the pod where a student starts …

Analysis Of Gpu Memory Vulnerabilities, Jarrett Hoover

Computer Science and Computer Engineering Undergraduate Honors Theses

Graphics processing units (GPUs) have become a widely used technology for various purposes. While their intended use is accelerating graphics rendering, their parallel computing capabilities have expanded their use into other areas. They are used in computer gaming, deep learning for artificial intelligence and mining cryptocurrencies. Their rise in popularity led to research involving several security aspects, including this paper’s focus, memory vulnerabilities. Research documented many vulnerabilities, including GPUs not implementing address space layout randomization, not zeroing out memory after deallocation, and not initializing newly allocated memory. These vulnerabilities can lead to a victim’s sensitive data being leaked to an …

Comparative Study Of Snort 3 And Suricata Intrusion Detection Systems, Cole Hoover

Computer Science and Computer Engineering Undergraduate Honors Theses

Network Intrusion Detection Systems (NIDS) are one layer of defense that can be used to protect a network from cyber-attacks. They monitor a network for any malicious activity and send alerts if suspicious traffic is detected. Two of the most common open-source NIDS are Snort and Suricata. Snort was first released in 1999 and became the industry standard. The one major drawback of Snort has been its single-threaded architecture. Because of this, Suricata was released in 2009 and uses a multithreaded architecture. Snort released Snort 3 last year with major improvements from earlier versions, including implementing a new multithreaded architecture …

Optimized Damage Assessment And Recovery Through Data Categorization In Critical Infrastructure System., Shruthi Ramakrishnan

Graduate Theses and Dissertations

Critical infrastructures (CI) play a vital role in majority of the fields and sectors worldwide. It contributes a lot towards the economy of nations and towards the wellbeing of the society. They are highly coupled, interconnected and their interdependencies make them more complex systems. Thus, when a damage occurs in a CI system, its complex interdependencies make it get subjected to cascading effects which propagates faster from one infrastructure to another resulting in wide service degradations which in turn causes economic and societal effects. The propagation of cascading effects of disruptive events could be handled efficiently if the assessment and …

Side-Channel Analysis On Post-Quantum Cryptography Algorithms, Tristen Teague

Computer Science and Computer Engineering Undergraduate Honors Theses

The advancements of quantum computers brings us closer to the threat of our current asymmetric cryptography algorithms being broken by Shor's Algorithm. NIST proposed a standardization effort in creating a new class of asymmetric cryptography named Post-Quantum Cryptography (PQC). These new algorithms will be resistant against both classical computers and sufficiently powerful quantum computers. Although the new algorithms seem mathematically secure, they can possibly be broken by a class of attacks known as side-channels attacks (SCA). Side-channel attacks involve exploiting the hardware that the algorithm runs on to figure out secret values that could break the security of the system. …

Privacy-Preserving Cloud-Assisted Data Analytics, Wei Bao

Graduate Theses and Dissertations

Nowadays industries are collecting a massive and exponentially growing amount of data that can be utilized to extract useful insights for improving various aspects of our life. Data analytics (e.g., via the use of machine learning) has been extensively applied to make important decisions in various real world applications. However, it is challenging for resource-limited clients to analyze their data in an efficient way when its scale is large. Additionally, the data resources are increasingly distributed among different owners. Nonetheless, users' data may contain private information that needs to be protected.

Cloud computing has become more and more popular in …

Securing Fog Federation From Behavior Of Rogue Nodes, Mohammed Saleh H. Alshehri

Graduate Theses and Dissertations

As the technological revolution advanced information security evolved with an increased need for confidential data protection on the internet. Individuals and organizations typically prefer outsourcing their confidential data to the cloud for processing and storage. As promising as the cloud computing paradigm is, it creates challenges; everything from data security to time latency issues with data computation and delivery to end-users. In response to these challenges CISCO introduced the fog computing paradigm in 2012. The intent was to overcome issues such as time latency and communication overhead and to bring computing and storage resources close to the ground and the …

Data Forgery Detection In Automatic Generation Control: Exploration Of Automated Parameter Generation And Low-Rate Attacks, Yatish R. Dubasi

Computer Science and Computer Engineering Undergraduate Honors Theses

Automatic Generation Control (AGC) is a key control system utilized in electric power systems. AGC uses frequency and tie-line power flow measurements to determine the Area Control Error (ACE). ACE is then used by the AGC to adjust power generation and maintain an acceptable power system frequency. Attackers might inject false frequency and/or tie-line power flow measurements to mislead AGC into falsely adjusting power generation, which can harm power system operations. Various data forgery detection models are studied in this thesis. First, to make the use of predictive detection models easier for users, we propose a method for automated generation …

Development Of A Reference Design For Intrusion Detection Using Neural Networks For A Smart Inverter, Ammar Mohammad Khan

Graduate Theses and Dissertations

The purpose of this thesis is to develop a reference design for a base level implementation of an intrusion detection module using artificial neural networks that is deployed onto an inverter and runs on live data for cybersecurity purposes, leveraging the latest deep learning algorithms and tools. Cybersecurity in the smart grid industry focuses on maintaining optimal standards of security in the system and a key component of this is being able to detect cyberattacks. Although researchers and engineers aim to design such devices with embedded security, attacks can and do still occur. The foundation for eventually mitigating these attacks …

Hardware Ip Classification Through Weighted Characteristics, Brendan Mcgeehan

Graduate Theses and Dissertations

Today’s business model for hardware designs frequently incorporates third-party Intellectual Property (IP) due to the many benefits it can bring to a company. For instance, outsourcing certain components of an overall design can reduce time-to-market by allowing each party to specialize and perfect a specific part of the overall design. However, allowing third-party involvement also increases the possibility of malicious attacks, such as hardware Trojan insertion. Trojan insertion is a particularly dangerous security threat because testing the functionality of an IP can often leave the Trojan undetected. Therefore, this thesis work provides an improvement on a Trojan detection method known …

Hardware Trojan Detection Via Golden Reference Library Matching, Lucas Weaver

Graduate Theses and Dissertations

Due to the proliferation of hardware Trojans in third party Intellectual Property (IP) designs, the issue of hardware security has risen to the forefront of computer engineering. Because of the miniscule size yet devastating effects of hardware Trojans, few detection methods have been presented that adequately address this problem facing the hardware industry. One such method with the ability to detect hardware Trojans is Structural Checking. This methodology analyzes a soft IP at the register-transfer level to discover malicious inclusions. An extension of this methodology is presented that expands the list of signal functionalities, termed assets, in addition to introducing …