Computer Engineering Commons^™

Software Protection And Secure Authentication For Autonomous Vehicular Cloud Computing, Muhammad Hataba

Dissertations

Artificial Intelligence (AI) is changing every technology we deal with. Autonomy has been a sought-after goal in vehicles, and now more than ever we are very close to that goal. Vehicles before were dumb mechanical devices, now they are becoming smart, computerized, and connected coined as Autonomous Vehicles (AVs). Moreover, researchers found a way to make more use of these enormous capabilities and introduced Autonomous Vehicles Cloud Computing (AVCC). In these platforms, vehicles can lend their unused resources and sensory data to join AVCC.

In this dissertation, we investigate security and privacy issues in AVCC. As background, we built our …

Machine Learning-Based Device Type Classification For Iot Device Re- And Continuous Authentication, Kaustubh Gupta

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Today, the use of Internet of Things (IoT) devices is higher than ever and it is growing rapidly. Many IoT devices are usually manufactured by home appliance manufacturers where security and privacy are not the foremost concern. When an IoT device is connected to a network, currently there does not exist a strict authentication method that verifies the identity of the device, allowing any rogue IoT device to authenticate to an access point. This thesis addresses the issue by introducing methods for continuous and re-authentication of static and dynamic IoT devices, respectively. We introduce mechanisms and protocols for authenticating a …

Ultrapin: Inferring Pin Entries Via Ultrasound, Liu, Ximing, Robert H. Deng, Robert H. Deng

Research Collection School Of Computing and Information Systems

While PIN-based user authentication systems such as ATM have long been considered to be secure enough, they are facing new attacks, named UltraPIN, which can be launched from commodity smartphones. As a target user enters a PIN on a PIN-based user authentication system, an attacker may use UltraPIN to infer the PIN from a short distance (50 cm to 100 cm). In this process, UltraPIN leverages smartphone speakers to issue human-inaudible ultrasound signals and uses smartphone microphones to keep recording acoustic signals. It applies a series of signal processing techniques to extract high-quality feature vectors from low-energy and high-noise signals …

Single Sign-On Model Based On Trusted-Daa Connection, Xiaohui Yang, Lijun Jiang, Wang Hong, Siyuan Chang

Journal of System Simulation

Abstract: Traditional single sign-on (SSO) models adopt SSL connections in the cloud computing environments, while there exist several problems such as certificates cannot be updated in time, certificate updating needs a third party CA, etc.. To solve above problems, TPM was introduced between cloud identity providers and cloud service providers, and a trusted DAA connection (T-D-SSL) was designed by adopting the DAA authentication method to implementation cross platform trusted authentication, secure channel establishment, and certificate updating operation. Combining with T-D-SSL, SAML2.0, and ID-FF1.2, a new SSO model of the cloud computing environments was proposed, which could make sure the system …

Ldakm-Eiot: Lightweight Device Authentication And Key Management Mechanism For Edge-Based Iot Deployment, Mohammad Wazid, Ashok Kumar Das, Sachin Shetty, Joel J. P. C. Rodrigues, Youngho Park

VMASC Publications

In recent years, edge computing has emerged as a new concept in the computing paradigm that empowers several future technologies, such as 5G, vehicle-to-vehicle communications, and the Internet of Things (IoT), by providing cloud computing facilities, as well as services to the end users. However, open communication among the entities in an edge based IoT environment makes it vulnerable to various potential attacks that are executed by an adversary. Device authentication is one of the prominent techniques in security that permits an IoT device to authenticate mutually with a cloud server with the help of an edge node. If authentication …

A Privacy Framework For Decentralized Applications Using Blockchains And Zero Knowledge Proofs, David Gabay

FIU Electronic Theses and Dissertations

With the increasing interest in connected vehicles along with electrification opportunities, there is an ongoing effort to automate the charging process of electric vehicles (EVs) through their capabilities to communicate with the infrastructure and each other. However, charging EVs takes time and thus in-advance scheduling is needed. As this process is done frequently due to limited mileage of EVs, it may expose the locations and charging pattern of the EV to the service providers, raising privacy concerns for their users. Nevertheless, the EV still needs to be authenticated to charging providers, which means some information will need to be provided …

Work-In-Progress: Iot Device Signature Validation, Jeffrey Hemmes

Regis University Faculty Publications

Device fingerprinting is an area of security that has received renewed attention in recent years, with a number of classification methods proposed that rely on characteristics unique to a particular vendor or device type. Current works are limited to determining device type for purposes of access control and MAC address spoof prevention. This work synthesizes multiple sources of information to verify device capabilities in a device profile, which can be used in a number of applications not limited to authentication and authorization. The approach proposed in this paper relies on existing protocols and methods proposed in the literature, using a …

Formally Analyzed M-Coupon Protocol With Confirmation Code (Mcwcc), Keri̇m Yildirim, Gökhan Dalkiliç, Nevci̇han Duru

Turkish Journal of Electrical Engineering and Computer Sciences

There are many marketing methods used to attract customers' attention and customers search for special discounts and conduct research to get products cheaper. Using discount coupons is one of the widely used methods for obtaining discounts. With the development of technology, classical paper-based discount coupons become e-coupons and then turn into mobile coupons (m-coupons). It is inevitable that retailers will use m-coupon technology to attract customers while mobile devices are used in daily life. As a result, m-coupon technology is a promising technology. One of the significant problems with using m-coupons is security. Here it is necessary to ensure the …

Invisible Watermarking Framework That Authenticates And Prevents The Visualization Of Anaglyph Images For Copyright Protection, David-Octavio Muñoz-Ramirez, Volodymyr Ponomaryov, Rogelio Reyes-Reyes, Clara Cruz-Ramos, Beatriz-Paulina Garcia-Salgado

Turkish Journal of Electrical Engineering and Computer Sciences

In this work, a watermarking framework to authenticate and protect the copyright that prevents the visualization of nonauthorized anaglyph images is proposed. Designed scheme embeds a binary watermark and the Blue channel of the anaglyph image into the discrete cosine transform domain of the original image. The proposed method applies the quantization index modulation-dither modulation algorithm and a combination of Bose-Chaudhuri-Hocquenghem with repetition codes, which permit to increase the capability in recovering the watermark. Additionally, Hash algorithm is used to scramble the component where the watermark should be embedding, guaranteeing a higher security performance of the scheme. This new technique …

Blockchain Based Efficient And Robust Fair Payment For Outsourcing Services In Cloud Computing, Yinghui Zhang, Robert H. Deng, Ximeng Liu, Dong Zheng

Research Collection School Of Computing and Information Systems

As an attractive business model of cloud computing, outsourcing services usually involve online payment and security issues. The mutual distrust between users and outsourcing service providers may severely impede the wide adoption of cloud computing. Nevertheless, most existing payment solutions only consider a specific type of outsourcing service and rely on a trusted third-party to realize fairness. In this paper, in order to realize secure and fair payment of outsourcing services in general without relying on any third-party, trusted or not, we introduce BCPay, a blockchain based fair payment framework for outsourcing services in cloud computing. We first present the …

Self-Powered Time-Keeping And Time-Of-Occurrence Sensing, Liang Zhou

McKelvey School of Engineering Theses & Dissertations

Self-powered and passive Internet-of-Things (IoT) devices (e.g. RFID tags, financial assets, wireless sensors and surface-mount devices) have been widely deployed in our everyday and industrial applications. While diverse functionalities have been implemented in passive systems, the lack of a reference clock limits the design space of such devices used for applications such as time-stamping sensing, recording and dynamic authentication. Self-powered time-keeping in passive systems has been challenging because they do not have access to continuous power sources. While energy transducers can harvest power from ambient environment, the intermittent power cannot support continuous operation for reference clocks. The thesis of this …

Application Of 3d Delaunay Triangulation In Fingerprint Authentication System, Wencheng Yang, Ahmed Ibrahim, Junaid Chaudhry, Song Wang, Jiankun Hu, Craig Valli

Research outputs 2014 to 2021

Biometric security has found many applications in Internet of Things (IoT) security. Many mobile devices including smart phones have supplied fingerprint authentication function. However, the authentication performance in such restricted environment has been downgraded significantly. A number of methods based on Delaunay triangulation have been proposed for minutiae-based fingerprint matching, due to some favorable properties of the Delaunay triangulation under image distortion. However, all existing methods are based on 2D pattern, of which each unit, a Delaunay triangle, can only provide limited discrimination ability and could cause low matching performance. In this paper, we propose a 3D Delaunay triangulation based …

Lightweight Three-Factor Authentication And Key Agreement Protocol For Internet-Integrated Wireless Sensor Networks, Qi Jiang, Sherali Zeadally, Jianfeng Ma, Debiao He

Information Science Faculty Publications

Wireless sensor networks (WSNs) will be integrated into the future Internet as one of the components of the Internet of Things, and will become globally addressable by any entity connected to the Internet. Despite the great potential of this integration, it also brings new threats, such as the exposure of sensor nodes to attacks originating from the Internet. In this context, lightweight authentication and key agreement protocols must be in place to enable end-to-end secure communication. Recently, Amin et al. proposed a three-factor mutual authentication protocol for WSNs. However, we identified several flaws in their protocol. We found that their …

Token-Based Authentication Method For M2m Platforms, Hüseyi̇n Polat, Saadi̇n Oyucu

Turkish Journal of Electrical Engineering and Computer Sciences

Nowadays the fields in which machine-to-machine (M2M) applications are used and the numbers of M2M devices and users are increasing gradually. In an M2M application, M2M platforms are used in order to follow and analyze the data presented by M2M devices. The communication of multiple users and devices via an M2M platform causes some problems in terms of security. In this study, an M2M platform has been developed by using RestFul web services and NoSQL database. On this platform a token-based authentication method was used for multiple users and devices. In this method, an authorized request approach was adopted for …

Product Authentication Using Hash Chains And Printed Qr Codes, Harshith R. Keni

Electronic Theses and Dissertations

This thesis explores the usage of simple printed tags for authenticating products. Printed tags are a cheap alternative to RFID and other tag based systems and do not require specialized equipment. Due to the simplistic nature of such printed codes, many security issues like tag impersonation, server impersonation, reader impersonation, replay attacks and denial of service present in RFID based solutions need to be handled differently. An algorithm that utilizes hash chains to secure such simple tags while still keeping cost low is discussed. The security characteristics of this scheme as well as other product authentication schemes that use RFID …

Authentication Of Uncertain Data Based On K-Means Clustering, Levent Ünver, Taflan İmre Gündem

Turkish Journal of Electrical Engineering and Computer Sciences

No abstract provided.

An Improved Security Framework For Web Service-Based Resources, Wenbin Jiang, Hui Xu, Hao Dong, Hai Jin, Xiaofei Liao

Turkish Journal of Electrical Engineering and Computer Sciences

Web service-based application has become one of the dominative ones of the Internet. This trend brings more and more security challenges in reliability, confidentiality, and data nonrepudiation, especially in some systems that have massive diversified resources. An improved framework for secure accesses of Web resources is presented and implemented by extending and enhancing the Spring Security framework. It improves the security level of systems for identity authentication, authorized access, and secure transmission. The highly safe authentication is based on the integration of an improved authentication module of Spring Security with a U-key method and a RSA algorithm. For authorized access, …

Efficient Id-Based Authentication And Key Agreement Protocols For The Session Initiation Protocol, Haci Hakan Kilinç, Yolguly Allaberdiyev, Tuğrul Yanik, Serdar Süer Erdem

Turkish Journal of Electrical Engineering and Computer Sciences

In a widely deployed VoIP system tens of thousands of clients compete for the SIP proxy server's authentication service. SIP protocol implementations have to meet certain QoS and security requirements. In this study new ID-based protocols are proposed for the SIP authentication and key agreement protocols. These protocols minimize the use of expensive pairing functions but still resist notable attacks. The security of the proposed protocols are analyzed and demonstrated with security proofs based on the BJM security model. Finally, the performance overhead of the proposed protocols are compared to ID-based SIP authentication and key agreement protocols given in the …

Evidentiary Power And Propriety Of Digital Identifiers And The Impact On Privacy Rights In The United States, Michael Losavio, Deborah Keeling

Journal of Digital Forensics, Security and Law

Media and network systems capture and store data about electronic activity in new, sometimes unprecedented ways; computational systems make for new means of analysis and knowledge development. These new forms offer new, powerful tactical tools for investigations of electronic malfeasance under traditional legal regulation of state power, particular that of Fourth Amendment limitations on police searches and seizures under the U.S. Constitution. But autonomy, identity and authenticity concerns with electronic data raise issues of public policy, privacy and proper police oversight of civil society. We examine those issues and their implications for digital and computational forensics

Network Security: A Review Of Salient Security Aspects Of The Universal Mobile Telecommunication System (Umts), F. Imran, M. Hussain

International Conference on Information and Communication Technologies

Wireless communication is known as key to global development. Wireless and mobile communication is gaining more importance in our life. Protecting information is one the aspects which we need to focus on the wireless networks. Universal mobile telecommunication system (UMTS) is evolution of the third generation mobile communication system. It was built on the success of global system for mobile communication (GSM). Universal mobile telecommunication system's security is also built on global system for mobile communication (GSM). The paper reviews the literature of the security aspects of the Universal mobile telecommunication system. A critical evaluation of the proposed solutions is …

Remote Mutual Authentication And Key Agreement Scheme Based On Elliptic Curve Cryptosystem, Eunjun Yoon

Turkish Journal of Electrical Engineering and Computer Sciences

Remote mutual authentication is an important part of security, along with confidentiality and integrity, for systems that allow remote access over untrustworthy networks, like the Internet. In 2006, Shieh-Wang pointed out the weakness of Juang's remote mutual authentication scheme using smart card and further proposed a novel remote user authentication scheme using smart card. However, this paper demonstrates that Shieh-Wang's scheme still does not provide perfect forward secrecy and is vulnerable to a privileged insider's attack. We also present an improved scheme based on the Elliptic Curve Diffie-Hellman problem (ECDHP) and secure one-way hash function, in order to isolate such …

Self-Authentication Of Audio Signals By Chirp Coding, Jonathan Blackledge, Eugene Coyle

Conference papers

This paper discusses a new approach to ‘watermarking’ digital signals using linear frequency modulated or ‘chirp’ coding. The principles underlying this approach are based on the use of a matched filter to provide a reconstruction of a chirped code that is uniquely robust in the case of signals with very low signal-to-noise ratios. Chirp coding for authenticating data is generic in the sense that it can be used for a range of data types and applications (the authentication of speech and audio signals, for example). The theoretical and computational aspects of the matched filter and the properties of a chirp …

A Covert Encryption Method For Applications In Electronic Data Interchange, Jonathan Blackledge, Dmitry Dubovitskiy

Articles

A principal weakness of all encryption systems is that the output data can be ‘seen’ to be encrypted. In other words, encrypted data provides a ‘flag’ on the potential value of the information that has been encrypted. In this paper, we provide a new approach to ‘hiding’ encrypted data in a digital image.

In conventional (symmetric) encryption, the plaintext is usually represented as a binary stream and encrypted using an XOR type operation with a binary cipher. The algorithm used is ideally designed to: (i) generate a maximum entropy cipher so that there is no bias with regard to any …

Improving The Security And Flexibility Of One-Time Passwords By Signature Chains, Kemal Biçakci, Nazi̇fe Baykal

Turkish Journal of Electrical Engineering and Computer Sciences

While the classical attack of ``monitor the network and intercept the password'' can be avoided by advanced protocols like SSH, one-time passwords are still considered a viable alternative or a supplement for software authentication since they are the only ones that safeguard against attacks on insecure client machines. In this paper by using public-key techniques we present a method called signature chain alternative to Lamport's hash chain to improve security and flexibility of one-time passwords. Our proposition improves the security because first, like other public-key authentication protocols, the server and the user do not share a secret, thereby eliminating attacks …