Computer Engineering Commons^™

A Design Science Approach To Investigating Decentralized Identity Technology, Janelle Krupicka

Cybersecurity Undergraduate Research Showcase

The internet needs secure forms of identity authentication to function properly, but identity authentication is not a core part of the internet’s architecture. Instead, approaches to identity verification vary, often using centralized stores of identity information that are targets of cyber attacks. Decentralized identity is a secure way to manage identity online that puts users’ identities in their own hands and that has the potential to become a core part of cybersecurity. However, decentralized identity technology is new and continually evolving, which makes implementing this technology in an organizational setting challenging. This paper suggests that, in the future, decentralized identity …

Anonymous Attribute-Based Broadcast Encryption With Hidden Multiple Access Structures, Tran Viet Xuan Phuong

School of Cybersecurity Faculty Publications

Due to the high demands of data communication, the broadcasting system streams the data daily. This service not only sends out the message to the correct participant but also respects the security of the identity user. In addition, when delivered, all the information must be protected for the party who employs the broadcasting service. Currently, Attribute-Based Broadcast Encryption (ABBE) is useful to apply for the broadcasting service. (ABBE) is a combination of Attribute-Based Encryption (ABE) and Broadcast Encryption (BE), which allows a broadcaster (or encrypter) to broadcast an encrypted message, including a predefined user set and specified access policy to …

Potential Security Vulnerabilities In Raspberry Pi Devices With Mitigation Strategies, Briana Tolleson

Cybersecurity Undergraduate Research Showcase

For this research project I used a Raspberry Pi device and conducted online research to investigate potential security vulnerabilities along with mitigation strategies. I configured the Raspberry Pi by using the proper peripherals such as an HDMI cord, a microUSB adapter that provided 5V and at least 700mA of current, a TV monitor, PiSwitch, SD Card, keyboard, and mouse. I installed the Rasbian operating system (OS). The process to install the Rasbian took about 10 minutes to boot starting at 21:08 on 10/27/2023 and ending at 21:18. 1,513 megabytes (MB) was written to the SD card running at (2.5 MB/sec). …

Reinforcing Digital Trust For Cloud Manufacturing Through Data Provenance Using Ethereum Smart Contracts, Trupti Narayan Rane

Engineering Management & Systems Engineering Theses & Dissertations

Cloud Manufacturing(CMfg) is an advanced manufacturing model that caters to fast-paced agile requirements (Putnik, 2012). For manufacturing complex products that require extensive resources, manufacturers explore advanced manufacturing techniques like CMfg as it becomes infeasible to achieve high standards through complete ownership of manufacturing artifacts (Kuan et al., 2011). CMfg, with other names such as Manufacturing as a Service (MaaS) and Cyber Manufacturing (NSF, 2020), addresses the shortcoming of traditional manufacturing by building a virtual cyber enterprise of geographically distributed entities that manufacture custom products through collaboration.

With manufacturing venturing into cyberspace, Digital Trust issues concerning product quality, data, and intellectual …

Iot Health Devices: Exploring Security Risks In The Connected Landscape, Abasi-Amefon Obot Affia, Hilary Finch, Woosub Jung, Issah Abubakari Samori, Lucas Potter, Xavier-Lewis Palmer

School of Cybersecurity Faculty Publications

The concept of the Internet of Things (IoT) spans decades, and the same can be said for its inclusion in healthcare. The IoT is an attractive target in medicine; it offers considerable potential in expanding care. However, the application of the IoT in healthcare is fraught with an array of challenges, and also, through it, numerous vulnerabilities that translate to wider attack surfaces and deeper degrees of damage possible to both consumers and their confidence within health systems, as a result of patient-specific data being available to access. Further, when IoT health devices (IoTHDs) are developed, a diverse range of …

Role Of Ai In Threat Detection And Zero-Day Attacks, Kelly Morgan

Cybersecurity Undergraduate Research Showcase

Cybercrime and attack methods have been steadily increasing since the 2019 pandemic. In the years following 2019, the number of victims and attacks per hour rapidly increased as businesses and organizations transitioned to digital environments for business continuity amidst lockdowns. In most scenarios cybercriminals continued to use conventional attack methods and known vulnerabilities that would cause minimal damage to an organization with a robust cyber security posture. However, zero-day exploits have skyrocketed across all industries with an increasingly growing technological landscape encompassing internet of things (IoT), cloud hosting, and more advanced mobile technologies. Reports by Mandiant Threat Intelligence (2022) concluded …

Leveraging Artificial Intelligence And Machine Learning For Enhanced Cybersecurity: A Proposal To Defeat Malware, Emmanuel Boateng

Cybersecurity Undergraduate Research Showcase

Cybersecurity is very crucial in the digital age in order to safeguard the availability, confidentiality, and integrity of data and systems. Mitigation techniques used in the industry include Multi-factor Authentication (MFA), Incident Response Planning (IRP), Security Information and Event Management (SIEM), and Signature-based and Heuristic Detection.

MFA is employed as an additional layer of protection in several sectors to help prevent unauthorized access to sensitive data. IRP is a plan in place to address cybersecurity problems efficiently and expeditiously. SIEM offers real-time analysis and alerts the system of threats and vulnerabilities. Heuristic-based detection relies on detecting anomalies when it comes …

The Rise And Risks Of Internet Of Things, Diamond E. Hicks

Cybersecurity Undergraduate Research Showcase

Internet of Things (IoT) has become a necessary part of our everyday lives. IoT is the network in which many different devices communicate, connect, and share data. Though how IoT got to where it is today, the issues it faced, and how it affects our lives today is not common knowledge. Despite the fact that IoT has advanced our technology to what it is today, people do not completely understand what it does.

Security Of Internet Of Things (Iot) Using Federated Learning And Deep Learning — Recent Advancements, Issues And Prospects, Vinay Gugueoth, Sunitha Safavat, Sachin Shetty

Electrical & Computer Engineering Faculty Publications

There is a great demand for an efficient security framework which can secure IoT systems from potential adversarial attacks. However, it is challenging to design a suitable security model for IoT considering the dynamic and distributed nature of IoT. This motivates the researchers to focus more on investigating the role of machine learning (ML) in the designing of security models. A brief analysis of different ML algorithms for IoT security is discussed along with the advantages and limitations of ML algorithms. Existing studies state that ML algorithms suffer from the problem of high computational overhead and risk of privacy leakage. …

An Optimized And Scalable Blockchain-Based Distributed Learning Platform For Consumer Iot, Zhaocheng Wang, Xueying Liu, Xinming Shao, Abdullah Alghamdi, Md. Shirajum Munir, Sujit Biswas

School of Cybersecurity Faculty Publications

Consumer Internet of Things (CIoT) manufacturers seek customer feedback to enhance their products and services, creating a smart ecosystem, like a smart home. Due to security and privacy concerns, blockchain-based federated learning (BCFL) ecosystems can let CIoT manufacturers update their machine learning (ML) models using end-user data. Federated learning (FL) uses privacy-preserving ML techniques to forecast customers' needs and consumption habits, and blockchain replaces the centralized aggregator to safeguard the ecosystem. However, blockchain technology (BCT) struggles with scalability and quick ledger expansion. In BCFL, local model generation and secure aggregation are other issues. This research introduces a novel architecture, emphasizing …

Robustembed: Robust Sentence Embeddings Using Self-Supervised Contrastive Pre-Training, Javad Asl, Eduardo Blanco, Daniel Takabi

School of Cybersecurity Faculty Publications

Pre-trained language models (PLMs) have demonstrated their exceptional performance across a wide range of natural language processing tasks. The utilization of PLM-based sentence embeddings enables the generation of contextual representations that capture rich semantic information. However, despite their success with unseen samples, current PLM-based representations suffer from poor robustness in adversarial scenarios. In this paper, we propose RobustEmbed, a self-supervised sentence embedding framework that enhances both generalization and robustness in various text representation tasks and against diverse adversarial attacks. By generating high-risk adversarial perturbations to promote higher invariance in the embedding space and leveraging the perturbation within a novel contrastive …

A Brief Review Of Dns, Root Servers, Vulnerabilities And Decentralization, Mallory Runyan

Cybersecurity Undergraduate Research Showcase

Since the 1980’s and creation of the World Wide Web, Internet utilization is a common and arguably, necessary, part of daily life. The internet is young and still relatively new, but as of 2016, 3.4 billion people were online, and that number has since grown [1]. This is a significant number, but as such a common part of daily life, how elements of the internet or its infrastructure work is complex. The world would very likely be thrown into dark ages if DNS or any other significant aspect of the internet's infrastructure were to succumb to an attack. The Colonial …

Applications Of Blockchain In Business Processes: A Comprehensive Review, Wattana Viriyasitavat, Li Xu, Dusit Niyato, Zhuming Bi, Danupol Hoonsopon

Information Technology & Decision Sciences Faculty Publications

Blockchain (BC), as an emerging technology, is revolutionizing Business Process Management (BPM) in multiple ways. The main adoption is to serve as a trusted infrastructure to guarantee the trust of collaborations among multiple partners in trustless environments. Especially, BC enables trust of information by using Distributed Ledger Technology (DLT). With the power of smart contracts, BC enforces the obligations of counterparties that transact in a business process (BP) by programming the contracts as transactions. This paper aims to study the state-of-the-art of BC technologies by (1) exploring its applications in BPM with the focus on how BC provides the trust …

Cyber Deception For Critical Infrastructure Resiliency, Md Ali Reza Al Amin

Computational Modeling & Simulation Engineering Theses & Dissertations

The high connectivity of modern cyber networks and devices has brought many improvements to the functionality and efficiency of networked systems. Unfortunately, these benefits have come with many new entry points for attackers, making systems much more vulnerable to intrusions. Thus, it is critically important to protect cyber infrastructure against cyber attacks. The static nature of cyber infrastructure leads to adversaries performing reconnaissance activities and identifying potential threats. Threats related to software vulnerabilities can be mitigated upon discovering a vulnerability and-, developing and releasing a patch to remove the vulnerability. Unfortunately, the period between discovering a vulnerability and applying a …

Deapsecure Computational Training For Cybersecurity: Third-Year Improvements And Impacts, Bahador Dodge, Jacob Strother, Rosby Asiamah, Karina Arcaute, Wirawan Purwanto, Masha Sosonkina, Hongyi Wu

Modeling, Simulation and Visualization Student Capstone Conference

The Data-Enabled Advanced Training Program for Cybersecurity Research and Education (DeapSECURE) was introduced in 2018 as a non-degree training consisting of six modules covering a broad range of cyberinfrastructure techniques, including high performance computing, big data, machine learning and advanced cryptography, aimed at reducing the gap between current cybersecurity curricula and requirements needed for advanced research and industrial projects. By its third year, DeapSECURE, like many other educational endeavors, experienced abrupt changes brought by the COVID-19 pandemic. The training had to be retooled to adapt to fully online delivery. Hands-on activities were reformatted to accommodate self-paced learning. In this paper, …

Cova Cci Undergrad Cyber Research, Nana Jeffrey

Cybersecurity Undergraduate Research Showcase

Is your digital assistant your worst enemy? Modern technology has impacted our lives in a positive way making tasks that were once time consuming become more convenient. For example a few years ago writing down your grocery list with a paper and pen was a norm, now with technology we have access to IoT devices such as smart fridges that can inform us on what items are low in stock, send a message to our digital assistants such as iOS Siri and Amazon's Alexa to remind us to buy those groceries. Although these digital assistants have helped make our daily …

Ransombuster Iot: A Intrusion Detection And Dataset Creation Tool For Ransomware Attacks Within Iot Networks, Jackson M. Walker

Cybersecurity Undergraduate Research Showcase

The proposed research follows the design-science guidelines(Hevner, 2004). This paper uses these design-science methods for developing the guidelines for the implementation of the proposed architecture, understanding previous research contributions, and evaluating of research. This paper proposes a network artifact for studying ransomware IoT intrusion detection techniques and offers a proposed network architecture to serve as a framework for creating a publicly available dataset for IoT research on ransomware.

Deepfakes: Ai Technology Of The Future, Hosanna Root

Cybersecurity Undergraduate Research Showcase

Deepfakes technology’s danger stems from its ability to create realistic but fake synthesized media that people often identify as something that is real. With this powerful technology in the wrong hands, deepfakes can cause devastating havoc through information warfare, election campaign disruptions, and more, creating distrust in society. Disinformation is already rampant today, even without wide deployments of deepfakes, which is concerning given the fact that deepfakes’ nefarious full potentials are yet to be reached.

Corporate Cybersecurity In The Context Of M&A Transactions, Cameron Beck

Cybersecurity Undergraduate Research Showcase

The rapid rise of digital devices has unlocked a new dimension of innovation and prosperity in the 21st century. Computers are now an integrated and ubiquitous part of our global culture. You would be hard-pressed to walk into any given room without several computer chips humming inaudibly inside the machines that facilitate our modern world. Even lightbulbs and doorbells are connected to the Internet, capturing information from the world around them and sending that information to the Cloud. The Internet expands access to communication, international marketplaces, entertainment, professional resources, and nearly every book in the world.

Bfv-Based Homomorphic Encryption For Privacy-Preserving Cnn Models, Febrianti Wibawa, Ferhat Ozgur Catak, Salih Sarp, Murat Kuzlu

Engineering Technology Faculty Publications

Medical data is frequently quite sensitive in terms of data privacy and security. Federated learning has been used to increase the privacy and security of medical data, which is a sort of machine learning technique. The training data is disseminated across numerous machines in federated learning, and the learning process is collaborative. There are numerous privacy attacks on deep learning (DL) models that attackers can use to obtain sensitive information. As a result, the DL model should be safeguarded from adversarial attacks, particularly in medical data applications. Homomorphic encryption-based model security from the adversarial collaborator is one of the answers …

Modeling Iot Solutions: A Lack Of Iot Device Security, And User Education, Benjamin Newlin

Cybersecurity Undergraduate Research Showcase

The Internet of Things, more commonly known as IoT devices, is an ever growing topic, both in the marketplace and in cyber security. While new devices are released into the public every year, a lack of standardized security concepts is also growing ever so clear. By having a model or standard for IoT devices and manufacturers to follow, the customer-base of these devices will have an easier time identifying trustworthy devices as well as how to secure their own devices.

Security Issues With Network Connected Scada Systems, Chad Holm

Cybersecurity Undergraduate Research Showcase

The use of Supervisory Control and Data Acquisition (SCADA) systems has become common place and are being used in several different industries. These have evolved as the technology has progressed. The use of Internet of Things (IOT) devices makes for less human intervention to run daily operations in these industries. This can also allow hackers to gain access to these devices due to security holes that are overlooked. There have several different ways that have been exploited on SCADA networks and the goal is to recognize and secure them so hackers cannot gain access to them.

Protection Of Patient Privacy On Mobile Device Machine Learning, Matthew Nguyen

Cybersecurity Undergraduate Research Showcase

An existing StudentLife Study mobile dataset was evaluated and organized to be applied to different machine learning methods. Different variables like user activity, exercise, sleep, study space, social, and stress levels are optimized to train a model that could predict user stress level. The different machine learning methods would test if both patient data privacy and training efficiency can be ensured.

Effects Of Cloud Computing In The Workforce, Kevin Rossi Acosta

Cybersecurity Undergraduate Research Showcase

In recent years, the incorporation of cloud computing and cloud services has increased in many different types of organizations and companies. This paper will focus on the philosophical, economical, and political factors that cloud computing and cloud services have in the workforce and different organizations. Based on various scholarly articles and resources it was observed that organizations used cloud computing and cloud services to increase their overall productivity as well as decrease the overall cost of their operations, as well as the different policies that were created by lawmakers to control the realm of cloud computing. The results of this …

Role Of Artificial Intelligence In The Internet Of Things (Iot) Cybersecurity, Murat Kuzlu, Corinne Fair, Ozgur Guler

Engineering Technology Faculty Publications

In recent years, the use of the Internet of Things (IoT) has increased exponentially, and cybersecurity concerns have increased along with it. On the cutting edge of cybersecurity is Artificial Intelligence (AI), which is used for the development of complex algorithms to protect networks and systems, including IoT systems. However, cyber-attackers have figured out how to exploit AI and have even begun to use adversarial AI in order to carry out cybersecurity attacks. This review paper compiles information from several other surveys and research papers regarding IoT, AI, and attacks with and against AI and explores the relationship between these …

Simulation For Cybersecurity: State Of The Art And Future Directions, Hamdi Kavak, Jose J. Padilla, Daniele Vernon-Bido, Saikou Y. Diallo, Ross Gore, Sachin Shetty

VMASC Publications

In this article, we provide an introduction to simulation for cybersecurity and focus on three themes: (1) an overview of the cybersecurity domain; (2) a summary of notable simulation research efforts for cybersecurity; and (3) a proposed way forward on how simulations could broaden cybersecurity efforts. The overview of cybersecurity provides readers with a foundational perspective of cybersecurity in the light of targets, threats, and preventive measures. The simulation research section details the current role that simulation plays in cybersecurity, which mainly falls on representative environment building; test, evaluate, and explore; training and exercises; risk analysis and assessment; and humans …

A Monte-Carlo Analysis Of Monetary Impact Of Mega Data Breaches, Mustafa Canan, Omer Ilker Poyraz, Anthony Akil

Engineering Management & Systems Engineering Faculty Publications

The monetary impact of mega data breaches has been a significant concern for enterprises. The study of data breach risk assessment is a necessity for organizations to have effective cybersecurity risk management. Due to the lack of available data, it is not easy to obtain a comprehensive understanding of the interactions among factors that affect the cost of mega data breaches. The Monte Carlo analysis results were used to explicate the interactions among independent variables and emerging patterns in the variation of the total data breach cost. The findings of this study are as follows: The total data breach cost …

Covid-19 And Biocybersecurity's Increasing Role On Defending Forward, Xavier Palmer, Lucas N. Potter, Saltuk Karahan

Electrical & Computer Engineering Faculty Publications

The evolving nature of warfare has been changing with cybersecurity and the use of advanced biotechnology in each aspect of the society is expanding and overlapping with the cyberworld. This intersection, which has been described as “biocybersecurity” (BCS), can become a major front of the 21st-century conflicts. There are three lines of BCS which make it a critical component of overall cybersecurity: (1) cyber operations within the area of BCS have life threatening consequences to a greater extent than other cyber operations, (2) the breach in health-related personal data is a significant tool for fatal attacks, and (3) health-related misinformation …

Hidden Markov Model And Cyber Deception For The Prevention Of Adversarial Lateral Movement, Md Ali Reza Al Amin, Sachin Shetty, Laurent Njilla, Deepak K. Tosh, Charles Kamhoua

Computational Modeling & Simulation Engineering Faculty Publications

Advanced persistent threats (APTs) have emerged as multi-stage attacks that have targeted nation-states and their associated entities, including private and corporate sectors. Cyber deception has emerged as a defense approach to secure our cyber infrastructure from APTs. Practical deployment of cyber deception relies on defenders' ability to place decoy nodes along the APT path optimally. This paper presents a cyber deception approach focused on predicting the most likely sequence of attack paths and deploying decoy nodes along the predicted path. Our proposed approach combines reactive (graph analysis) and proactive (cyber deception technology) defense to thwart the adversaries' lateral movement. The …

On The Usage And Vulnerabilities Of Api Systems, Conner D. Yu

Cybersecurity Undergraduate Research Showcase

To some, Application Programming Interface (API) is one of many buzzwords that seem to be blanketed in obscurity because not many people are overly familiar with this term. This obscurity is unfortunate, as APIs play a crucial role in today’s modern infrastructure by serving as one of the most fundamental communication methods for web services. Many businesses use APIs in some capacity, but one often overlooked aspect is cybersecurity. This aspect is most evident in the 2018 misuse case by Facebook, which led to the leakage of 50 million users’ records.1 During the 2018 Facebook data breach incident, threat actors …