Computer Engineering Commons^™

Dp-Smote: Integrating Differential Privacy And Oversampling Technique To Preserve Privacy In Smart Homes, Amr Tarek Elsayed, Almohammady Sobhi Alsharkawy, Mohamed Sayed Farag, Shaban Ebrahim Abu Yusuf

Al-Azhar Bulletin of Science

Smart homes represent intelligent environments where interconnected devices gather information, enhancing users’ living experiences by ensuring comfort, safety, and efficient energy management. To enhance the quality of life, companies in the smart device industry collect user data, including activities, preferences, and power consumption. However, sharing such data necessitates privacy-preserving practices. This paper introduces a robust method for secure sharing of data to service providers, grounded in differential privacy (DP). This empowers smart home residents to contribute usage statistics while safeguarding their privacy. The approach incorporates the Synthetic Minority Oversampling technique (SMOTe) and seamlessly integrates Gaussian noise to generate synthetic data, …

Lsav: Lightweight Source Address Validation In Sdn To Counteract Ip Spoofing-Based Ddos Attacks, Ali̇ Karakoç, Fati̇h Alagöz

Turkish Journal of Electrical Engineering and Computer Sciences

In this paper, we propose a design to detect and prevent IP spoofing-based distributed denial of service (DDoS) attacks on software-defined networks (SDNs). DDoS attacks are still one of the significant problems for internet service providers (ISPs) and individual users. These attacks can disrupt customer services by targeting the availability of the system, and in some cases, they can completely shut down the target infrastructure. Protecting the system against DDoS attacks is therefore crucial for ensuring the reliability and availability of internet services. To address this problem, we propose a lightweight source address validation (LSAV) framework that leverages the flexibility …

Security Datasets For Network Research, Bruce Hartpence, Bill Stackpole, Daryl Johnson

Data

This document describes the content of the security traffic datasets included in this collection and the conditions under which the packets were collected. These datasets were assembled from 2023 onward. There will be periodic updates or additions to the dataset collection. The current collection includes a variety of nmap intense scans, an Address Resolution Protocol Man in the Middle (ARP MITM) attack, an Internet Control Message Protocol (ICMP) Redirect MITM and an active directory enumeration attack.

When referencing these datasets, please use the following DOI: 10.57673/gccis-qj60

Towards Reliable Multi-Path Routing : An Integrated Cooperation Model For Drones, Ibtihel Baddari, Abdelhak Mesbah, Maohamed Amine Riahla

Emirates Journal for Engineering Research

Ad-hoc networks have evolved into a vital wireless communication component by offering an adaptable infrastructure suitable for various scenarios in our increasingly interconnected and mobile world. However, this adaptability also exposes these networks to security challenges, given their dynamic nature, where nodes frequently join and leave. This dynamism is advantageous but presents resource constraints and vulnerability to malicious nodes, impacting data transmission reliability and security.

In this context, this article explores the development of a secure routing protocol for Ad-hoc networks based on a cooperation reinforcement model to reduce the degradation of routing performance. We leverage the reputation of nodes …

Secure State Estimation Of Distribution Network Based On Kalman Filter Decomposition, Xinghua Liu, Siwen Dong, Jiaqiang Tian

Journal of System Simulation

A new state estimation algorithm is proposed to improve the accuracy to obtain the optimal state estimation of distribution network against FDI attack. In the case of phasor measurement units being attacked and the measurement results being altered,the optimal Kalman estimate can be decomposed into a weighted sum of local state estimates. Focusing on the insecurity of the weighted sum method,a convex optimization based on local estimation is proposed to replace the method and combine the local estimation into a secure state estimation. The simulation results show that the proposed estimator is consistent with the Kalman …

Software-Defined Networking Security Techniques And The Digital Forensics Of The Sdn Control Plane, Abdullah Alshaya

LSU Doctoral Dissertations

Software-Defined Networking (SDN) is an efficient networking design that decouples the network's control plane from the data plane. When compared to the traditional network architecture, the SDN architecture shares many of the same security issues. The centralized SDN controller makes it easier to control, easier to program in real-time, and more flexible, but this comes at the cost of more security risks. An attack on the control plane layer of the SDN controller is a major security concern.

First, centralized design and the existence of a single point of failure in the control plane compromise the accessibility and availability of …

Secure And Efficient Federated Learning, Xingyu Li

Theses and Dissertations

In the past 10 years, the growth of machine learning technology has been significant, largely due to the availability of large datasets for training. However, gathering a sufficient amount of data on a central server can be challenging. Additionally, with the rise of mobile networking and the large amounts of data generated by IoT devices, privacy and security issues have become a concern, resulting in government regulations such as GDPR, HIPAA, CCPA, and ADPPA. Under these circumstances, traditional centralized machine learning methods face a problem in that sensitive data must be kept locally for privacy reasons, making it difficult to …

Adversarial Deep Learning And Security With A Hardware Perspective, Joseph Clements

All Dissertations

Adversarial deep learning is the field of study which analyzes deep learning in the presence of adversarial entities. This entails understanding the capabilities, objectives, and attack scenarios available to the adversary to develop defensive mechanisms and avenues of robustness available to the benign parties. Understanding this facet of deep learning helps us improve the safety of the deep learning systems against external threats from adversaries. However, of equal importance, this perspective also helps the industry understand and respond to critical failures in the technology. The expectation of future success has driven significant interest in developing this technology broadly. Adversarial deep …

Proposed Mitigation Framework For The Internet Of Insecure Things, Mahmoud M. Elgindy, Sally M. Elghamrawy, Ali I. El-Desouky

Mansoura Engineering Journal

Intrusion detection systems IDS are increasingly utilizing machine learning methods. IDSs are important tools for ensuring the security of network data and resources. The Internet of Things (IoT) is an expanding network of intelligent machines and sensors. However, they are vulnerable to attackers because of the ubiquitous and extensive IoT networks. Datasets from intrusion detection systems (IDS) have been analyzed deep learning methods such as Bidirectional long-short term memory (BiLSTM). This research presents an BiLSTM intrusion detection framework with Principal Component Analysis PCA (PCA-LSTM-IDS). The PCA-LSTM-IDS is comprised of two layers: extracting layer which using PCA, and the anomaly BiLSTM …

Security Of Internet Of Things (Iot) Using Federated Learning And Deep Learning — Recent Advancements, Issues And Prospects, Vinay Gugueoth, Sunitha Safavat, Sachin Shetty

Electrical & Computer Engineering Faculty Publications

There is a great demand for an efficient security framework which can secure IoT systems from potential adversarial attacks. However, it is challenging to design a suitable security model for IoT considering the dynamic and distributed nature of IoT. This motivates the researchers to focus more on investigating the role of machine learning (ML) in the designing of security models. A brief analysis of different ML algorithms for IoT security is discussed along with the advantages and limitations of ML algorithms. Existing studies state that ML algorithms suffer from the problem of high computational overhead and risk of privacy leakage. …

Multifaceted Cybersecurity Analysis: Reconnaissance, Exploitation And Mitigation In A Controlled Network Environment, Austin Coontz

Williams Honors College, Honors Research Projects

This report details a network penetration test in a simulated environment using GNS3, focusing on the configuration of routers, switches, and hosts. The project successfully identified and exploited network vulnerabilities, including FTP access, misconfigured sudo permissions, and SMB protocol weaknesses. The penetration testing process utilized tools like fping and nmap for reconnaissance and vulnerability scanning, revealing the importance of device configurations in network security. The project concluded with mitigation strategies, emphasizing the need for secure access, robust password policies, and security controls. The experience underscored the significance of continuous learning and adaptation in the ever-evolving field of cybersecurity. The project …

Blockchain-Enabled Authenticated Key Agreement Scheme For Mobile Vehicles-Assisted Precision Agricultural Iot Networks, Anusha Vangala, Ashok Kumar Das, Ankush Mitra, Sajal K. Das, Youngho Park

Computer Science Faculty Research & Creative Works

Precision Farming Has a Positive Potential in the Agricultural Industry Regarding Water Conservation, Increased Productivity, Better Development of Rural Areas, and Increased Income. Blockchain Technology is a Better Alternative for Storing and Sharing Farm Data as It is Reliable, Transparent, Immutable, and Decentralized. Remote Monitoring of an Agricultural Field Requires Security Systems to Ensure that Any Sensitive Information is Exchanged Only among Authenticated Entities in the Network. to This End, We Design an Efficient Blockchain-Enabled Authenticated Key Agreement Scheme for Mobile Vehicles-Assisted Precision Agricultural Internet of Things (IoT) Networks Called AgroMobiBlock. the Limited Existing Work on Authentication in Agricultural Networks …

Software Protection And Secure Authentication For Autonomous Vehicular Cloud Computing, Muhammad Hataba

Dissertations

Artificial Intelligence (AI) is changing every technology we deal with. Autonomy has been a sought-after goal in vehicles, and now more than ever we are very close to that goal. Vehicles before were dumb mechanical devices, now they are becoming smart, computerized, and connected coined as Autonomous Vehicles (AVs). Moreover, researchers found a way to make more use of these enormous capabilities and introduced Autonomous Vehicles Cloud Computing (AVCC). In these platforms, vehicles can lend their unused resources and sensory data to join AVCC.

In this dissertation, we investigate security and privacy issues in AVCC. As background, we built our …

Presenting A Method To Detect Intrusion In Iot Through Private Blockchain, Rezvan Mahmoudie, Saeed Parsa, Amir Masoud Rahmani

Turkish Journal of Electrical Engineering and Computer Sciences

Blockchain (BC) has been used as a new solution to overcome security and privacy challenges in the Internet of Things (IoT). However, recent studies have indicated that the BC has a limited scalability and is computationally costly. Also, it has significant overhead and delay in the network, which is not suitable to the nature of IoT. This article aims at implementing BC in the IoT context for smart home management, as the integration of these two technologies ensures the IoT's security and privacy. Therefore, we proposed an overlay network in private BC to optimize its compatibility with IoT by increasing …

A New Implementation Of Federated Learning For Privacy And Security Enhancement, Xiang Ma, Haijian Sun, Rose Qingyang Hu, Yi Qian

Department of Electrical and Computer Engineering: Faculty Publications

Motivated by the ever-increasing concerns on personal data privacy and the rapidly growing data volume at local clients, federated learning (FL) has emerged as a new machine learning setting. An FL system is comprised of a central parameter server and multiple local clients. It keeps data at local clients and learns a centralized model by sharing the model parameters learned locally. No local data needs to be shared, and privacy can be well protected. Nevertheless, since it is the model instead of the raw data that is shared, the system can be exposed to the poisoning model attacks launched by …

Splicecube Architecture: An Extensible Wi-Fi Monitoring Architecture For Smart-Home Networks, Namya Malik

Dartmouth College Master’s Theses

The vision of smart homes is rapidly becoming a reality, as the Internet of Things and other smart devices are deployed widely. Although smart devices offer convenience, they also create a significant management problem for home residents. With a large number and variety of devices in the home, residents may find it difficult to monitor, or even locate, devices. A central controller that brings all the home’s smart devices under secure management and a unified interface would help homeowners and residents track and manage their devices.

We envision a solution called the SPLICEcube whose goal is to detect smart devices, …

Optimized Damage Assessment And Recovery Through Data Categorization In Critical Infrastructure System., Shruthi Ramakrishnan

Graduate Theses and Dissertations

Critical infrastructures (CI) play a vital role in majority of the fields and sectors worldwide. It contributes a lot towards the economy of nations and towards the wellbeing of the society. They are highly coupled, interconnected and their interdependencies make them more complex systems. Thus, when a damage occurs in a CI system, its complex interdependencies make it get subjected to cascading effects which propagates faster from one infrastructure to another resulting in wide service degradations which in turn causes economic and societal effects. The propagation of cascading effects of disruptive events could be handled efficiently if the assessment and …

Machine Learning-Based Device Type Classification For Iot Device Re- And Continuous Authentication, Kaustubh Gupta

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Today, the use of Internet of Things (IoT) devices is higher than ever and it is growing rapidly. Many IoT devices are usually manufactured by home appliance manufacturers where security and privacy are not the foremost concern. When an IoT device is connected to a network, currently there does not exist a strict authentication method that verifies the identity of the device, allowing any rogue IoT device to authenticate to an access point. This thesis addresses the issue by introducing methods for continuous and re-authentication of static and dynamic IoT devices, respectively. We introduce mechanisms and protocols for authenticating a …

Society Dilemma Of Computer Technology Management In Today's World, Iwasan D. Kejawa Ed.D

School of Computing: Faculty Publications

Abstract - Is it true that some of the inhabitants of the world’s today are still hesitant in using computers? Research has shown that today many people are still against the use of computers. Computer technology management can be said to be obliterated by security problems. Research shows that some people in society feel reluctant or afraid to use computers because of errors and exposure of their privacy and their sophistication, which sometimes are caused by computer hackers and malfunction of the computers. The dilemma of not utilizing computer technology at all or, to its utmost, by certain people in …

Assessing Security Risks With The Internet Of Things, Faith Mosemann

Senior Honors Theses

For my honors thesis I have decided to study the security risks associated with the Internet of Things (IoT) and possible ways to secure them. I will focus on how corporate, and individuals use IoT devices and the security risks that come with their implementation. In my research, I found out that IoT gadgets tend to go unnoticed as a checkpoint for vulnerability. For example, often personal IoT devices tend to have the default username and password issued from the factory that a hacker could easily find through Google. IoT devices need security just as much as computers or servers …

Permissioned Blockchain Based Remote Electronic Examination, Öznur Kalkar, İsa Sertkaya

Turkish Journal of Electrical Engineering and Computer Sciences

Recent coronavirus pandemic transformed almost all aspects of daily life including educational institutions and learning environments. As a result, this transformation brought remote electronic examination (shortly e-exam) concepts back into consideration. In this study, we revisit secure and privacy preserving e-exam protocol proposals and propose an e-exam protocol that utilizes decentralized identity-based verifiable credentials for proof of authentication and public-permissioned blockchain for immutably storing records. In regard to the previously proposed e-exam schemes, our scheme offers both privacy enhancement and better efficiency. More concretely, the proposed solution satisfies test answer authentication, examiner authentication, anonymous marking, anonymous examiner, question secrecy, question …

Protocols And Architecture For Privacy-Preserving Authentication And Secure Message Dissemination In Vehicular Ad Hoc Networks, Shafika Showkat Moni

Theses and Dissertations--Computer Science

The rapid development in the automotive industry and wireless communication technologies have enhanced the popularity of Vehicular ad hoc networks (VANETs). Today, the automobile industry is developing sophisticated sensors that can provide a wide range of assistive features, including accident avoidance, automatic lane tracking, semi-autonomous driving, suggested lane changes, and more. VANETs can provide drivers a safer and more comfortable driving experience, as well as many other useful services by leveraging such technological advancements. Even though this networking technology enables smart and autonomous driving, it also introduces a plethora of attack vectors. However, the main issues to be sorted out …

Lapnitor: A Web Service That Protects Your Laptop From Theft., Michael Ameteku

Williams Honors College, Honors Research Projects

Laptop theft is an issue worldwide. According to an article from 2018, Security Boulevard stated that a laptop is stolen every 53 seconds. Using a laptop's camera, we can monitor the surroundings of the laptop and reduce a laptop's probability of being stolen. According to the University of Pittsburgh, a laptop has a 1-in- 10 chance of being stolen and nearly half of these thefts occur in offices or classrooms. These thefts mostly occur when a laptop owner leaves their device unattended for a certain period of time to maybe go visit the restroom or attend to a call when …

An Analysis On Network Flow-Based Iot Botnet Detection Using Weka, Cian Porteous

Dissertations

Botnets pose a significant and growing risk to modern networks. Detection of botnets remains an important area of open research in order to prevent the proliferation of botnets and to mitigate the damage that can be caused by botnets that have already been established. Botnet detection can be broadly categorised into two main categories: signature-based detection and anomaly-based detection. This paper sets out to measure the accuracy, false-positive rate, and false-negative rate of four algorithms that are available in Weka for anomaly-based detection of a dataset of HTTP and IRC botnet data. The algorithms that were selected to detect botnets …

Ggnb: Graph-Based Gaussian Naive Bayes Intrusion Detection System For Can Bus, Riadul Islam, Maloy K. Devnath, Manar D. Samad, Syed Md Jaffrey Al Kadry

Computer Science Faculty Research

The national highway traffic safety administration (NHTSA) identified cybersecurity of the automobile systems are more critical than the security of other information systems. Researchers already demonstrated remote attacks on critical vehicular electronic control units (ECUs) using controller area network (CAN). Besides, existing intrusion detection systems (IDSs) often propose to tackle a specific type of attack, which may leave a system vulnerable to numerous other types of attacks. A generalizable IDS that can identify a wide range of attacks within the shortest possible time has more practical value than attack-specific IDSs, which is not a trivial task to accomplish. In this …

The Impact Of Cloud Computing On Academic Libraries, Sivankalai S

Library Philosophy and Practice (e-journal)

With the introduction of computers and other forms of communication technology, library services have undergone a significant transformation. Libraries have been automated, networked, and are currently being converted into virtual or paperless libraries. This article is dedicated to many aspects of cloud computing, including different kinds and applications. There is a discussion about the advantages and drawbacks of cloud computing in academic libraries. The article also includes recommendations for professional librarians and academic libraries across the globe on how to take advantage of cloud computing resources. This article may be of use in the development of cloud-based services for university …

Internet Of Things Security Case Studies And Internet Of Things Core Service Comparions, Jaseong Koo

Electronic Theses, Projects, and Dissertations

This culminating project conducted an analysis of IoT security breach case studies. The analysis identified numerous vulnerable points: software failure, node tampering attack, eavesdropping, code injection, unauthorized access, social engineering attack, hardware exploitation, and node insertion. It therefor seems that even with the proper tests conducted on vulnerabilities to discover solutions, regular end users are unable to apply patches or other technical solutions to protect themselves. This project solely focuses on analyzing of comprehensive IoT security services that come with devices connected to home network. The devices are those provided by the big three: Amazon, Google, and Microsoft, on the …

A Meta-Level Approach For Multilingual Taint Analysis, Damian Lyons, Dino Becaj

Faculty Publications

It is increasingly common for software developers to leverage the features and ease-of-use of different languages in building software systems. Nonetheless, interaction between different languages has proven to be a source of software engineering concerns. Existing static analysis tools handle the software engineering concerns of monolingual software but there is little general work for multilingual systems despite the increasing visibility of these systems. While recent work in this area has greatly extended the scope of multilingual static analysis systems, the focus has still been on a primary, host language interacting with subsidiary, guest language functions. In this paper we propose …

Dependencyvis: Helping Developers Visualize Software Dependency Information, Nathan Lui

Master's Theses

The use of dependencies have been increasing in popularity over the past decade, especially as package managers such as JavaScript's npm has made getting these packages a simple command to run. However, while incidents such as the left-pad incident has increased awareness of how vulnerable relying on these packages are, there is still some work to be done when it comes to getting developers to take the extra research step to determine if a package is up to standards. Finding metrics of different packages and comparing them is always a difficult and time consuming task, especially since potential vulnerabilities are …

Towards Secure Deep Neural Networks For Cyber-Physical Systems, Jiangnan Li

Doctoral Dissertations

In recent years, deep neural networks (DNNs) are increasingly investigated in the literature to be employed in cyber-physical systems (CPSs). DNNs own inherent advantages in complex pattern identifying and achieve state-of-the-art performances in many important CPS applications. However, DNN-based systems usually require large datasets for model training, which introduces new data management issues. Meanwhile, research in the computer vision domain demonstrated that the DNNs are highly vulnerable to adversarial examples. Therefore, the security risks of employing DNNs in CPSs applications are of concern.

In this dissertation, we study the security of employing DNNs in CPSs from both the data domain …