Computer Engineering Commons^™

Infiniband Network Monitoring: Challenges And Possibilities, Kyle D. Hintze

Theses and Dissertations

Within the realm of High Performance Computing, the InfiniBand Architecture is among the leading interconnects used today. Capable of providing high bandwidth and low latency, InfiniBand is finding applications outside the High Performance Computing domain. One of these is critical infrastructure, encompassing almost all essential sectors as the work force becomes more connected. InfiniBand is not immune to security risks, as prior research has shown that common traffic analyzing tools cannot effectively monitor InfiniBand traffic transmitted between hosts, due to the kernel bypass nature of the IBA in conjunction with Remote Direct Memory Access operations. If Remote Direct Memory Access …

A Study Of Execution Performance For Rust-Based Object Vs Data Oriented Architectures, Joseph A. Vagedes

Theses and Dissertations

To investigate the Data-Oriented Design (DOD) paradigm, in particular, an architecture built off its principles: the Entity-Component-System (ECS). ECS is commonly used by video game engines due to its ability to store data in a way that is optimal for the cache to access. Additionally, the structure of this paradigm produces a code-base that is simple to parallelize as the workload can be distributed across a thread-pool based on the data used with little to no need for data safety measures such as mutexes and locks. A final benefit, although not easily measured, is that the DOD paradigm produces a …

A Quantitative Analysis Of The Fusion Of 3-D Scanning Lidar Systems And 2-D Imaging Systems, Michael F. Milton Jr.

Theses and Dissertations

This research will demonstrate the feasibility of fusing the superior spatial resolution of a 2-D imaging system with the precise range to target information of a 3-D imaging system to create a LIDAR imaging system that can accurately find what and where a target is. The 3-D imaging system will use a scanning method as opposed to a flash method that has been used in similar research. The goal of this research is to improve performance of scanning LIDAR so it has better spatial resolution. The research in this thesis proves that incorporating 2-D imaging data into 3-D scanning LIDAR …

A Multi-Vehicle Cooperative Localization Approach For An Autonomy Framework, Edwin A. Mora

Theses and Dissertations

Offensive techniques produced by technological advancement present opportunities for adversaries to threaten the operational advantages of our joint and allied forces. Combating these new methodologies requires continuous and rapid development towards our own set of \game-changing" technologies. Through focused development of unmanned systems and autonomy, the Air Force can strive to maintain its technological superiority. Furthermore, creating a robust framework capable of testing and evaluating the principles that define autonomy allows for the exploration of future capabilities. This research presents development towards a hybrid reactive/deliberative architecture that will allow for the testing of the principles of task, cognitive, and peer …

A Framework For Cyber Vulnerability Assessments Of Infiniband Networks, Daryl W. Schmitt

Theses and Dissertations

InfiniBand is a popular Input/Output interconnect technology used in High Performance Computing clusters. It is employed in over a quarter of the world’s 500 fastest computer systems. Although it was created to provide extremely low network latency with a high Quality of Service, the cybersecurity aspects of InfiniBand have yet to be thoroughly investigated. The InfiniBand Architecture was designed as a data center technology, logically separated from the Internet, so defensive mechanisms such as packet encryption were not implemented. Cyber communities do not appear to have taken an interest in InfiniBand, but that is likely to change as attackers branch …

Unresolved Object Detection Using Synthetic Data Generation And Artificial Neural Networks, Yong U. Sinn

Theses and Dissertations

This research presents and solves constrained real-world problems of using synthetic data to train artificial neural networks (ANNs) to detect unresolved moving objects in wide field of view (WFOV) electro-optical/infrared (EO/IR) satellite motion imagery. Objectives include demonstrating the use of the Air Force Institute of Technology (AFIT) Sensor and Scene Emulation Tool (ASSET) as an effective tool for generating EO/IR motion imagery representative of real WFOV sensors and describing the ANN architectures, training, and testing results obtained. Deep learning using a 3-D convolutional neural network (3D ConvNet), long short term memory (LSTM) network, and U-Net are used to solve the …

A Stochastic Game Theoretical Model For Cyber Security, Michael T. Larkin

Theses and Dissertations

The resiliency of systems integrated through cyber networks is of utmost importance due to the reliance on these systems for critical services such as industrial control systems, nuclear production, and military weapons systems. Current research in cyber resiliency remains largely limited to methodologies utilizing a singular technique that is predominantly theoretical with limited examples given. This research uses notional data in presenting a novel approach to cyber system analysis and network resource allocation by leveraging multiple techniques including game theory, stochastic processes, and mathematical programming. An operational network security problem consisting of 20 tactical normal form games provides an assessment …

Digital Forensics Event Graph Reconstruction, Daniel J. Schelkoph

Theses and Dissertations

Ontological data representation and data normalization can provide a structured way to correlate digital artifacts. This can reduce the amount of data that a forensics examiner needs to process in order to understand the sequence of events that happened on the system. However, ontology processing suffers from large disk consumption and a high computational cost. This paper presents Property Graph Event Reconstruction (PGER), a novel data normalization and event correlation system that leverages a native graph database to improve the speed of queries common in ontological data. PGER reduces the processing time of event correlation grammars and maintains accuracy over …

Cyber Data Anomaly Detection Using Autoencoder Neural Networks, Spencer A. Butt

Theses and Dissertations

The Department of Defense requires a secure presence in the cyber domain to successfully execute its stated mission of deterring war and protecting the security of the United States. With potentially millions of logged network events occurring on defended networks daily, a limited staff of cyber analysts require the capability to identify novel network actions for security adjudication. The detection methodology proposed uses an autoencoder neural network optimized via design of experiments for the identification of anomalous network events. Once trained, each logged network event is analyzed by the neural network and assigned an outlier score. The network events with …

An Analysis Of Multi-Domain Command And Control And The Development Of Software Solutions Through Devops Toolsets And Practices, Mason R. Bruza

Theses and Dissertations

Multi-Domain Command and Control (MDC2) is the exercise of command and control over forces in multiple operational domains (namely air, land, sea, space, and cyberspace) in order to produce synergistic effects in the battlespace, and enhancing this capability has become a major focus area for the United States Air Force (USAF). In order to meet demands for MDC2 software, solutions need to be acquired and/or developed in a timely manner, information technology infrastructure needs to be adaptable to new software requirements, and user feedback needs to drive iterative updates to fielded software. In commercial organizations, agile software development methodologies and …

Sentiment Analysis Of Twitter Data, Evan L. Munson

Theses and Dissertations

The rapid expansion and acceptance of social media has opened doors into users’ opinions and perceptions that were never as accessible as they are with today's prevalence of mobile technology. Harvested data, analyzed for opinions and sentiment can provide powerful insight into a population. This research utilizes Twitter data due to its widespread global use, in order to examine the sentiment associated with tweets. An approach utilizing Twitter #hashtags and Latent Dirichlet Allocation topic modeling were utilized to differentiate between tweet topics. A lexicographical dictionary was then utilized to classify sentiment. This method provides a framework for an analyst to …

A Framework For Understanding, Prioritizing, And Applying Systems Security Engineering Processes, Activities, And Tasks, Stephen Khou

Theses and Dissertations

Current systems security practices lack an effective approach to prioritize and tailor systems security efforts to develop and field secure systems in challenging operational environments, which results in business and mission stakeholders becoming more susceptible to an array of disruptive events. This work informs Systems Engineers on recent developments in the field of system security engineering and provides a framework for more fully understanding the application of Systems Security Engineering (SSE) processes, activities, and tasks as described in the recently released National Institute of Standards and Technology (NIST) Special Publication 800-160. This SSE framework uniquely offers a repeatable and tailorable …

Development Of The Architecture Cost Effectiveness Framework And Application To Open Systems Architectures, Donald A. Barrett

Theses and Dissertations

The Modular Open System Approach (MOSA) is an initiative to, among other things, reduce cost and schedule for acquisitions programs. While programs have experienced savings using MOSA, the majority of programs have not, in part due to a lack of a logical method for evaluating architecture alternatives. This research develops the Architecture Cost Effectiveness Framework (ACEF), which combines multi-attribute utility analysis with cost effectiveness analysis throughout the program lifecycle. Step 1 is the establishment of a business strategy that includes an Attribute Hierarchy of selected operational requirements. The business strategy also defines Lifecycle Utility Reference Profiles (LURPs) that document changing …

Evaluation Of Cyber Sensors For Enhancing Situational Awareness In The Ics Environment, Jeremy R. Otis

Theses and Dissertations

Industrial Control Systems (ICS) monitor and control operations associated with the national critical infrastructure (e.g., electric power grid, oil and gas pipelines and water treatment facilities). These systems rely on technologies and architectures that were designed for system reliability and availability. Security associated with ICS was never an inherent concern, primarily due to the protections afforded by network isolation. However, a trend in ICS operations is to migrate to commercial networks via TCP/IP in order to leverage commodity benefits and cost savings. As a result, system vulnerabilities are now exposed to the online community. Indeed, recent research has demonstrated that …

Machine Conscious Architecture For State Exploitation And Decision Making, Mark M. Derriso

Theses and Dissertations

This research addressed a critical limitation in the area of computational intelligence by developing a general purpose architecture for information processing and decision making. Traditional computational intelligence methods are best suited for well-defined problems with extensive, long-term knowledge of the environmental and operational conditions the system will encounter during operation. These traditional approaches typically generate quick answers (i.e., reflexive responses) using pattern recognition methods. Most pattern recognition techniques are static processes which consist of a predefined series of computations. For these pattern recognition approaches to be effective, training data is required from all anticipated environments and operating conditions. The proposed …

Estimating And Measuring Application Latency Of Typical Distributed Interactive Simulation (Dis) - Based Simulation Architecture, Ryan L. Drinkwater

Theses and Dissertations

One of the challenges in a distributed virtual environment stems from the requirement to simultaneously execute the simulations in realtime to support human interaction, in conjunction with maintaining a consistent view of the shared simulated environment. Maintaining a consistent set of simulation state data in the presence of network latency is difficult if individual data items are updated frequently. The principle application of DIS-based simulation environments has been in the domain of training where a consistent view or its correctness is often judged in subjective terms such as the simulation looking and feeling correct. New application areas for these systems …

An Architecture For Coexistence With Multiple Users In Frequency Hopping Cognitive Radio Networks, Ryan K. Mclean

Theses and Dissertations

The radio frequency (RF) spectrum is a limited resource. Spectrum allotment disputes stem from this scarcity as many radio devices are con confined to a fixed frequency or frequency sequence. One alternative is to incorporate cognition within a configurable radio platform, therefore enabling the radio to adapt to dynamic RF spectrum environments. In this way, the radio is able to actively observe the RF spectrum, orient itself to the current RF environment, decide on a mode of operation, and act accordingly, thereby sharing the spectrum and operating in more flexible manner. This research presents a novel framework for incorporating several …

Characterization And Dynamic Analysis Of Long-Cavity Multi-Section Gain-Levered Quantum-Dot Lasers, John R. Schmidt

Theses and Dissertations

This research investigates the impact of different device architectures on the frequency response of long-cavity multi-section quantum-dot lasers. This work focused on a novel 8.3-mm multi-section quantum-dot device which possessed the flexibility to be configured either as a single- or multi-section device having gain-to-modulation section ratios of 14:2 and 15:1. The long-cavity device design facilitated the testing of increased gain-to-modulation section length ratios previously unexplored in the context of the gain-lever effect. The investigation of the gain-lever effect showed improvements to both the modulation efficiency and modulation bandwidth of the device under test. The modulation efficiency and modulation bandwidth were …

A Study Of Executable Model Based Systems Engineering From Dodaf Using Simulink, Weston J. Hanoka, Michael H. Ryan

Theses and Dissertations

Diagrams and visuals often cannot adequately capture a complex system’s architecture for analysis. The Department of Defense Architectural Framework (DoDAF), written to follow the Unified Modeling Language (UML), is a collection of mandated common architectural products for interoperability among the DoD components. In this study, DoDAF products from as-is Remotely Piloted Aircraft (RPA) Satellite Communication (SATCOM) systems have been utilized for the creation of executable architectures as part of an Executable Model Based Systems Engineering (EMBSE) process. EMBSE was achieved using Simulink, a software tool for modeling, simulating and analyzing dynamic systems.

This study has demonstrated that DoDAF products can …

Effects Of Architecture On Information Leakage Of A Hardware Advanced Encryption Standard Implementation, Eric A. Koziel

Theses and Dissertations

Side-channel analysis (SCA) is a threat to many modern cryptosystems. Many countermeasures exist, but are costly to implement and still do not provide complete protection against SCA. A plausible alternative is to design the cryptosystem using architectures that are known to leak little information about the cryptosystem's operations. This research uses several common primitive architectures for the Advanced Encryption Standard (AES) and assesses the susceptibility of the full AES system to side-channel attack for various primitive configurations. A combined encryption/decryption core is also evaluated to determine if variation of high-level architectures affects leakage characteristics. These different configurations are evaluated under …

A Real-Time Strategy Agent Framework And Strategy Classifier For Computer Generated Forces, Lyall J. Di Trapani

Theses and Dissertations

This research effort is concerned with the advancement of computer generated forces AI for Department of Defense (DoD) military training and education. The vision of this work is agents capable of perceiving and intelligently responding to opponent strategies in real-time. Our research goal is to lay the foundations for such an agent. Six research objectives are defined: 1) Formulate a strategy definition schema effective in defining a range of RTS strategies. 2) Create eight strategy definitions via the schema. 3) Design a real-time agent framework that plays the game according to the given strategy definition. 4) Generate an RTS data …

Twitter Malware Collection System: An Automated Url Extraction And Examination Platform, Benjamin B. Kuhar

Theses and Dissertations

As the world becomes more interconnected through various technological services and methods, the threat of malware is increasingly looming overhead. One avenue in particular that is examined in this research is the social networking service Twitter. This research develops the Twitter Malware Collection System (TMCS). This system gathers Uniform Resource Locators (URLs) posted on Twitter and scans them to determine if any are hosting malware. This scanning process is performed by a cluster of Virtual Machines (VMs) running a specified software configuration and the execution prevention system known as ESCAPE, which detects malicious code. When a URL is detected by …

Host-Based Systemic Network Obfuscation System For Windows, Kevin E. Huber

Theses and Dissertations

Network traffic identifies the operating system and services of the host that created the traffic. Current obfuscation programs focus solely on the Transport and Internet layer protocols of the TCP/IP model. Few obfuscation programs were developed to run on a Windows operating system to provide host-based obfuscation. Systemic Network Obfuscation System (SNOS) was developed to provide a thorough obfuscation process for network traffic on the Windows operating system. SNOS modifies the protocols found at all layers of the TCP/IP model to effectively obfuscate the Windows operating system and services running on the host.

Adaptive Quality Of Service Engine With Dynamic Queue Control, James D. Haught

Theses and Dissertations

While the current routing and congestion control algorithms in use today are often sufficient for networks with relatively static topology, these algorithms may not be sufficient for military networks where a certain level of quality of service (QoS) needs to be achieved to complete a mission. Current networking technology limits a network's ability to adapt to changes and interactions in the network, often resulting in sub-optimal performance. This research investigates the use of queue size predictions to create a network controller to optimize computer networks. These queue size predictions are made possible through the use of Kalman filters to detect …

Covert Channels Within Irc, Wayne C. Henry

Theses and Dissertations

The exploration of advanced information hiding techniques is important to understand and defend against illicit data extractions over networks. Many techniques have been developed to covertly transmit data over networks, each differing in their capabilities, methods, and levels of complexity. This research introduces a new class of information hiding techniques for use over Internet Relay Chat (IRC), called the Variable Advanced Network IRC Stealth Handler (VANISH) system. Three methods for concealing information are developed under this framework to suit the needs of an attacker. These methods are referred to as the Throughput, Stealth, and Baseline scenarios. Each is designed for …

An Architecture For Improving Timeliness And Relevance Of Cyber Incident Notifications, James L. Miller

Theses and Dissertations

This research proposes a communications architecture to deliver timely and relevant cyber incident notifications to dependent mission stakeholders. This architecture, modeled in Unified Modeling Language (UML), eschews the traditional method of pushing notifications via message as dictated in Air Force Instruction 33-138. It instead shifts to a pull or publish and subscribe method of making notifications. Shifting this paradigm improves the notification process by empowering mission owners to identify those resources on which they depend for mission accomplishment, provides a direct conduit between providing and dependent mission owners for notifications when an incident occurs, and provides a shared representation for …

Trust Management And Security In Satellite Telecommand Processing, Mark C. Duncan

Theses and Dissertations

New standards and initiatives in satellite system architecture are moving the space industry to more open and efficient mission operations. Primarily, these standards allow multiple missions to share standard ground and space based resources to reduce mission development and sustainment costs. With the benefits of these new concepts comes added risk associated with threats to the security of our critical space assets in a contested space and cyberspace domain. As one method to mitigate threats to space missions, this research develops, implements, and tests the Consolidated Trust Management System (CTMS) for satellite flight software. The CTMS architecture was developed using …

Dynamic Polymorphic Reconfiguration To Effectively “Cloak” A Circuit’S Function, Jeffrey L. Falkinburg

Theses and Dissertations

Today's society has become more dependent on the integrity and protection of digital information used in daily transactions resulting in an ever increasing need for information security. Additionally, the need for faster and more secure cryptographic algorithms to provide this information security has become paramount. Hardware implementations of cryptographic algorithms provide the necessary increase in throughput, but at a cost of leaking critical information. Side Channel Analysis (SCA) attacks allow an attacker to exploit the regular and predictable power signatures leaked by cryptographic functions used in algorithms such as RSA. In this research the focus on a means to counteract …

A Multi Agent System For Flow-Based Intrusion Detection Using Reputation And Evolutionary Computation, David Hancock

Theses and Dissertations

The rising sophistication of cyber threats as well as the improvement of physical computer network properties present increasing challenges to contemporary Intrusion Detection (ID) techniques. To respond to these challenges, a multi agent system (MAS) coupled with flow-based ID techniques may effectively complement traditional ID systems. This paper develops: 1) a scalable software architecture for a new, self-organized, multi agent, flow-based ID system; and 2) a network simulation environment suitable for evaluating implementations of this MAS architecture and for other research purposes. Self-organization is achieved via 1) a reputation system that influences agent mobility in the search for effective vantage …

Spear Phishing Attack Detection, David T. Merritt

Theses and Dissertations

This thesis addresses the problem of identifying email spear phishing attacks, which are indicative of cyber espionage. Spear phishing consists of targeted emails sent to entice a victim to open a malicious file attachment or click on a malicious link that leads to a compromise of their computer. Current detection methods fail to detect emails of this kind consistently. The SPEar phishing Attack Detection system (SPEAD) is developed to analyze all incoming emails on a network for the presence of spear phishing attacks. SPEAD analyzes the following file types: Windows Portable Executable and Common Object File Format (PE/COFF), Adobe Reader, …