Open Access. Powered by Scholars. Published by Universities.®

Computer Engineering Commons

Open Access. Powered by Scholars. Published by Universities.®

Series

Information Security

Institution
Keyword
Publication Year
Publication

Articles 1 - 30 of 99

Full-Text Articles in Computer Engineering

Map My Murder: A Digital Forensic Study Of Mobile Health And Fitness Applications, Courtney Hassenfeldt, Shabana Baig, Ibrahim Baggili, Xiaolu Zhang Aug 2019

Map My Murder: A Digital Forensic Study Of Mobile Health And Fitness Applications, Courtney Hassenfeldt, Shabana Baig, Ibrahim Baggili, Xiaolu Zhang

Electrical & Computer Engineering and Computer Science Faculty Publications

The ongoing popularity of health and fitness applications catalyzes

the need for exploring forensic artifacts produced by them. Sensitive

Personal Identifiable Information (PII) is requested by the applications

during account creation. Augmenting that with ongoing

user activities, such as the user’s walking paths, could potentially

create exculpatory or inculpatory digital evidence. We conducted

extensive manual analysis and explored forensic artifacts produced

by (n = 13) popular Android mobile health and fitness applications.

We also developed and implemented a tool that aided in the timely

acquisition and identification of artifacts from the examined applications.

Additionally, our work explored the type of ...


Iot Ignorance Is Digital Forensics Research Bliss: A Survey To Understand Iot Forensics Definitions, Challenges And Future Research Directions, Tina Wu, Frank Breitinger, Ibrahim Baggili Aug 2019

Iot Ignorance Is Digital Forensics Research Bliss: A Survey To Understand Iot Forensics Definitions, Challenges And Future Research Directions, Tina Wu, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Interactions with IoT devices generates vast amounts of personal data that can be used as a source of evidence in digital investigations. Currently, there are many challenges in IoT forensics such as the difficulty in acquiring and analysing IoT data/devices and the lack IoT forensic tools. Besides technical challenges, there are many concepts in IoT forensics that have yet to be explored such as definitions, experience and capability in the analysis of IoT data/devices and current/future challenges. A deeper understanding of these various concepts will help progress the field. To achieve this goal, we conducted a survey ...


Design Of Personnel Big Data Management System Based On Blockchain, Houbing Song, Jian Chen, Zhihan Lv Jul 2019

Design Of Personnel Big Data Management System Based On Blockchain, Houbing Song, Jian Chen, Zhihan Lv

Publications

With the continuous development of information technology, enterprises, universities and governments are constantly stepping up the construction of electronic personnel information management system. The information of hundreds of thousands or even millions of people’s information are collected and stored into the system. So much information provides the cornerstone for the development of big data, if such data is tampered with or leaked, it will cause irreparable serious damage. However, in recent years, electronic archives have exposed a series of problems such as information leakage, information tampering, and information loss, which has made the reform of personnel information management more ...


On Efficiency Of Artifact Lookup Strategies In Digital Forensics, Lorenz Liebler, Patrick Schmitt, Harald Baier, Frank Breitinger Apr 2019

On Efficiency Of Artifact Lookup Strategies In Digital Forensics, Lorenz Liebler, Patrick Schmitt, Harald Baier, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

In recent years different strategies have been proposed to handle the problem of ever-growing digital forensic databases. One concept to deal with this data overload is data reduction, which essentially means to separate the wheat from the chaff, e.g., to filter in forensically relevant data. A prominent technique in the context of data reduction are hash-based solutions. Data reduction is achieved because hash values (of possibly large data input) are much smaller than the original input. Today's approaches of storing hash-based data fragments reach from large scale multithreaded databases to simple Bloom filter representations. One main focus was ...


The New Geopolitical Space In The Information Era: A Neuroscientific Approach To National Security, Naomi Silverstein Apr 2019

The New Geopolitical Space In The Information Era: A Neuroscientific Approach To National Security, Naomi Silverstein

Independent Study Project (ISP) Collection

Cognitive Warfare is the interdisciplinary use of technology and an understanding of the brain’s natural processes to influence opinion and behavior. Also known as sharp power, these methods are more technical and accurate than Cold War-age propaganda, and more personal than typical information warfare. With tools like disinformation and big data, outsiders have the ability to exploit vulnerabilities, manipulate belief formation and disseminate a chosen narrative on the grand scale. Examples of events that utilized cognitive warfare to influence sentiment include the 2016 U.S. Presidential election, Russian annexation of Crimea, and the UK’s vote to withdraw from ...


Lowering Legal Barriers To Rpki Adoption, Christopher S. Yoo, David A. Wishnick Jan 2019

Lowering Legal Barriers To Rpki Adoption, Christopher S. Yoo, David A. Wishnick

Faculty Scholarship at Penn Law

Across the Internet, mistaken and malicious routing announcements impose significant costs on users and network operators. To make routing announcements more reliable and secure, Internet coordination bodies have encouraged network operators to adopt the Resource Public Key Infrastructure (“RPKI”) framework. Despite this encouragement, RPKI’s adoption rates are low, especially in North America.

This report presents the results of a year-long investigation into the hypothesis—widespread within the network operator community—that legal issues pose barriers to RPKI adoption and are one cause of the disparities between North America and other regions of the world. On the basis of interviews ...


A Practitioner Survey Exploring The Value Of Forensic Tools, Ai, Filtering, & Safer Presentation For Investigating Child Sexual Abuse Material, Laura Sanchez, Cinthya Grajeda, Ibrahim Baggili, Cory Hall Jan 2019

A Practitioner Survey Exploring The Value Of Forensic Tools, Ai, Filtering, & Safer Presentation For Investigating Child Sexual Abuse Material, Laura Sanchez, Cinthya Grajeda, Ibrahim Baggili, Cory Hall

Electrical & Computer Engineering and Computer Science Faculty Publications

For those investigating cases of Child Sexual Abuse Material (CSAM), there is the potential harm of experiencing trauma after illicit content exposure over a period of time. Research has shown that those working on such cases can experience psychological distress. As a result, there has been a greater effort to create and implement technologies that reduce exposure to CSAM. However, not much work has explored gathering insight regarding the functionality, effectiveness, accuracy, and importance of digital forensic tools and data science technologies from practitioners who use them. This study focused specifically on examining the value practitioners give to the tools ...


Inception: Virtual Space In Memory Space In Real Space, Peter Casey, Rebecca Lindsay-Decusati, Ibrahim Baggili, Frank Breitinger Jan 2019

Inception: Virtual Space In Memory Space In Real Space, Peter Casey, Rebecca Lindsay-Decusati, Ibrahim Baggili, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

Virtual Reality (VR) has become a reality. With the technology's increased use cases, comes its misuse. Malware affecting the Virtual Environment (VE) may prevent an investigator from ascertaining virtual information from a physical scene, or from traditional “dead” analysis. Following the trend of antiforensics, evidence of an attack may only be found in memory, along with many other volatile data points. Our work provides the primary account for the memory forensics of Immersive VR systems, and in specific the HTC Vive. Our approach is capable of reconstituting artifacts from memory that are relevant to the VE, and is also ...


Sec-Lib: Protecting Scholarly Digital Libraries From Infected Papers Using Active Machine Learning Framework, Nir Nissim, Aviad Cohen, Jian Wu, Andrea Lanzi, Lior Rokach, Yuval Elovici, Lee Giles Jan 2019

Sec-Lib: Protecting Scholarly Digital Libraries From Infected Papers Using Active Machine Learning Framework, Nir Nissim, Aviad Cohen, Jian Wu, Andrea Lanzi, Lior Rokach, Yuval Elovici, Lee Giles

Computer Science Faculty Publications

Researchers from academia and the corporate-sector rely on scholarly digital libraries to access articles. Attackers take advantage of innocent users who consider the articles' files safe and thus open PDF-files with little concern. In addition, researchers consider scholarly libraries a reliable, trusted, and untainted corpus of papers. For these reasons, scholarly digital libraries are an attractive-target and inadvertently support the proliferation of cyber-attacks launched via malicious PDF-files. In this study, we present related vulnerabilities and malware distribution approaches that exploit the vulnerabilities of scholarly digital libraries. We evaluated over two-million scholarly papers in the CiteSeerX library and found the library ...


Paul Baran, Network Theory, And The Past, Present, And Future Of Internet, Christopher S. Yoo Dec 2018

Paul Baran, Network Theory, And The Past, Present, And Future Of Internet, Christopher S. Yoo

Faculty Scholarship at Penn Law

Paul Baran’s seminal 1964 article “On Distributed Communications Networks” that first proposed packet switching also advanced an underappreciated vision of network architecture: a lattice-like, distributed network, in which each node of the Internet would be homogeneous and equal in status to all other nodes. Scholars who have subsequently embraced the concept of a lattice-like network approach have largely overlooked the extent to which it is both inconsistent with network theory (associated with the work of Duncan Watts and Albert-László Barabási), which emphasizes the importance of short cuts and hubs in enabling networks to scale, and the actual way, the ...


Facepet: Enhancing Bystanders' Facial Privacy With Smart Wearables/Internet Of Things, Alfredo J. Perez, Sherali Zeadally, Luis Y. Matos Garcia, Jaouad A. Mouloud, Scott Griffith Dec 2018

Facepet: Enhancing Bystanders' Facial Privacy With Smart Wearables/Internet Of Things, Alfredo J. Perez, Sherali Zeadally, Luis Y. Matos Garcia, Jaouad A. Mouloud, Scott Griffith

Information Science Faculty Publications

Given the availability of cameras in mobile phones, drones and Internet-connected devices, facial privacy has become an area of major interest in the last few years, especially when photos are captured and can be used to identify bystanders’ faces who may have not given consent for these photos to be taken and be identified. Some solutions to protect facial privacy in photos currently exist. However, many of these solutions do not give a choice to bystanders because they rely on algorithms that de-identify photos or protocols to deactivate devices and systems not controlled by bystanders, thereby being dependent on the ...


Phasorsec: Protocol Security Filters For Wide Area Measurement Systems, Prashant Anantharaman, Kartik Palani, Rafael Brantley, Sergey Bratus, Sean W. Smith Oct 2018

Phasorsec: Protocol Security Filters For Wide Area Measurement Systems, Prashant Anantharaman, Kartik Palani, Rafael Brantley, Sergey Bratus, Sean W. Smith

Open Dartmouth: Faculty Open Access Scholarship

The addition of synchrophasors to the power grid to improve observability comes at the cost of an increased attack surface: the wide area measurement system. A common source of zero-days, that can be used to exploit the system, is improper input validation. The strict availability and timing requirements of the grid make it critical that input validation be done right and in a timely fashion. PhasorSec is a hardened security filter for the synchrophasor communication protocol, C37.118. PhasorSec is built using language theoretic principles which treat all input as a language with a specific grammar that defines what input ...


Blockchain Based Efficient And Robust Fair Payment For Outsourcing Services In Cloud Computing, Yinghui Zhang, Robert H. Deng, Ximeng Liu, Dong Zheng Sep 2018

Blockchain Based Efficient And Robust Fair Payment For Outsourcing Services In Cloud Computing, Yinghui Zhang, Robert H. Deng, Ximeng Liu, Dong Zheng

Research Collection School Of Information Systems

As an attractive business model of cloud computing, outsourcing services usually involve online payment and security issues. The mutual distrust between users and outsourcing service providers may severely impede the wide adoption of cloud computing. Nevertheless, most existing payment solutions only consider a specific type of outsourcing service and rely on a trusted third-party to realize fairness. In this paper, in order to realize secure and fair payment of outsourcing services in general without relying on any third-party, trusted or not, we introduce BCPay, a blockchain based fair payment framework for outsourcing services in cloud computing. We first present the ...


I Know What You Did Last Summer: Your Smart Home Internet Of Things And Your Iphone Forensically Ratting You Out, Gokila Dorai, Shiva Houshmand, Ibrahim Baggili Aug 2018

I Know What You Did Last Summer: Your Smart Home Internet Of Things And Your Iphone Forensically Ratting You Out, Gokila Dorai, Shiva Houshmand, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

The adoption of smart home Internet of Things (IoT) devices continues to grow. What if your devices can snitch on you and let us know where you are at any given point in time? In this work we examined the forensic artifacts produced by Nest devices, and in specific, we examined the logical backup structure of an iPhone used to control a Nest thermostat, Nest Indoor Camera and a Nest Outdoor Camera. We also integrated the Google Home Mini as another method of controlling the studied Smart Home devices. Our work is the primary account for the examination of Nest ...


Digital Forensics In The Next Five Years, Laoise Luciano, Ibrahim Baggili, Mateusz Topor, Peter Casey, Frank Breitinger Aug 2018

Digital Forensics In The Next Five Years, Laoise Luciano, Ibrahim Baggili, Mateusz Topor, Peter Casey, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

Cyber forensics has encountered major obstacles over the last decade and is at a crossroads. This paper presents data that was obtained during the National Workshop on Redefining Cyber Forensics (NWRCF) on May 23-24, 2017 supported by the National Science Foundation and organized by the University of New Haven. Qualitative and quantitative data were analyzed from twenty-four cyber forensics expert panel members. This work identified important themes that need to be addressed by the community, focusing on (1) where the domain currently is; (2) where it needs to go and; (3) steps needed to improve it. Furthermore, based on the ...


Compact Hardware Implementation Of A Sha-3 Core For Wireless Body Sensor Networks, Yi Yang, Debiao He, Neeraj Kumar, Sherali Zeadally Jul 2018

Compact Hardware Implementation Of A Sha-3 Core For Wireless Body Sensor Networks, Yi Yang, Debiao He, Neeraj Kumar, Sherali Zeadally

Information Science Faculty Publications

One of the most important Internet of Things applications is the wireless body sensor network (WBSN), which can provide universal health care, disease prevention, and control. Due to large deployments of small scale smart sensors in WBSNs, security, and privacy guarantees (e.g., security and safety-critical data, sensitive private information) are becoming a challenging issue because these sensor nodes communicate using an open channel, i.e., Internet. We implement data integrity (to resist against malicious tampering) using the secure hash algorithm 3 (SHA-3) when smart sensors in WBSNs communicate with each other using the Internet. Due to the limited resources ...


Survey Results On Adults And Cybersecurity Education, Frank Breitinger, Joseph Ricci, Ibrahim Baggili Jul 2018

Survey Results On Adults And Cybersecurity Education, Frank Breitinger, Joseph Ricci, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Cyberattacks and identity theft are common problems nowadays where researchers often say that humans are the weakest link in the security chain. Therefore, this survey focused on analyzing the interest for adults for ‘cyber threat education seminars’, e.g., how to project themselves and their loved ones. Specifically, we asked questions to understand a possible audience, willingness for paying / time commitment, or fields of interest as well as background and previous training experience. The survey was conducted in late 2016 and taken by 233 participants. The results show that many are worried about cyber threats and about their children exploring ...


Experience Constructing The Artifact Genome Project (Agp): Managing The Domain's Knowledge One Artifact At A Time, Cinthya Grajeda, Laura Sanchez, Ibrahim Baggili, Devon R. Clark, Frank Breitinger Jul 2018

Experience Constructing The Artifact Genome Project (Agp): Managing The Domain's Knowledge One Artifact At A Time, Cinthya Grajeda, Laura Sanchez, Ibrahim Baggili, Devon R. Clark, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

While various tools have been created to assist the digital forensics community with acquiring, processing, and organizing evidence and indicating the existence of artifacts, very few attempts have been made to establish a centralized system for archiving artifacts. The Artifact Genome Project (AGP) has aimed to create the largest vetted and freely available digital forensics repository for Curated Forensic Artifacts (CuFAs). This paper details the experience of building, implementing, and maintaining such a system by sharing design decisions, lessons learned, and future work. We also discuss the impact of AGP in both the professional and academic realms of digital forensics ...


Privacy-Preserving Mining Of Association Rule On Outsourced Cloud Data From Multiple Parties, Lin Liu, Jinshu Su, Rongmao Chen, Ximeng Liu, Xiaofeng Wang, Shuhui Chen, Ho-Fung Fung Leung Jul 2018

Privacy-Preserving Mining Of Association Rule On Outsourced Cloud Data From Multiple Parties, Lin Liu, Jinshu Su, Rongmao Chen, Ximeng Liu, Xiaofeng Wang, Shuhui Chen, Ho-Fung Fung Leung

Research Collection School Of Information Systems

It has been widely recognized as a challenge to carry out data analysis and meanwhile preserve its privacy in the cloud. In this work, we mainly focus on a well-known data analysis approach namely association rule mining. We found that the data privacy in this mining approach have not been well considered so far. To address this problem, we propose a scheme for privacy-preserving association rule mining on outsourced cloud data which are uploaded from multiple parties in a twin-cloud architecture. In particular, we mainly consider the scenario where the data owners and miners have different encryption keys that are ...


A Simplified Secure Programming Platform For Internet Of Things Devices, Halim Burak Yesilyurt Jun 2018

A Simplified Secure Programming Platform For Internet Of Things Devices, Halim Burak Yesilyurt

FIU Electronic Theses and Dissertations

The emerging Internet of Things (IoT) revolution has introduced many useful applications that are utilized in our daily lives. Users can program these devices in order to develop their own IoT applications; however, the platforms and languages that are used during development are abounding, complicated, and time-consuming. The software solution provided in this thesis, PROVIZ+, is a secure sensor application development software suite that helps users create sophisticated and secure IoT applications with little software and hardware experience. Moreover, a simple and efficient domain-specific programming language, namely Panther language, was designed for IoT application development to unify existing programming languages ...


User-Centric Privacy Preservation In Mobile And Location-Aware Applications, Mingming Guo Apr 2018

User-Centric Privacy Preservation In Mobile And Location-Aware Applications, Mingming Guo

FIU Electronic Theses and Dissertations

The mobile and wireless community has brought a significant growth of location-aware devices including smart phones, connected vehicles and IoT devices. The combination of location-aware sensing, data processing and wireless communication in these devices leads to the rapid development of mobile and location-aware applications. Meanwhile, user privacy is becoming an indispensable concern. These mobile and location-aware applications, which collect data from mobile sensors carried by users or vehicles, return valuable data collection services (e.g., health condition monitoring, traffic monitoring, and natural disaster forecasting) in real time. The sequential spatial-temporal data queries sent by users provide their location trajectory information ...


Application Of Huffman Data Compression Algorithm In Hashing Computation, Lakshmi Narasimha Devulapalli Venkata, Apr 2018

Application Of Huffman Data Compression Algorithm In Hashing Computation, Lakshmi Narasimha Devulapalli Venkata,

Masters Theses & Specialist Projects

Cryptography is the art of protecting information by encrypting the original message into an unreadable format. A cryptographic hash function is a hash function which takes an arbitrary length of the text message as input and converts that text into a fixed length of encrypted characters which is infeasible to invert. The values returned by the hash function are called as the message digest or simply hash values. Because of its versatility, hash functions are used in many applications such as message authentication, digital signatures, and password hashing [Thomsen and Knudsen, 2005].

The purpose of this study is to apply ...


An Overview Of The Usage Of Default Passwords, Brandon Knierem, Xiaolu Zhang, Philip Levine, Frank Breitinger, Ibrahim Baggili Jan 2018

An Overview Of The Usage Of Default Passwords, Brandon Knierem, Xiaolu Zhang, Philip Levine, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

The recent Mirai botnet attack demonstrated the danger of using default passwords and showed it is still a major problem. In this study we investigated several common applications and their password policies. Specifically, we analyzed if these applications: (1) have default passwords or (2) allow the user to set a weak password (i.e., they do not properly enforce a password policy). Our study shows that default passwords are still a significant problem: 61% of applications inspected initially used a default or blank password. When changing the password, 58% allowed a blank password, 35% allowed a weak password of 1 ...


If I Had A Million Cryptos: Cryptowallet Application Analysis And A Trojan Proof-Of-Concept, Trevor Haigh, Frank Breitinger, Ibrahim Baggili Jan 2018

If I Had A Million Cryptos: Cryptowallet Application Analysis And A Trojan Proof-Of-Concept, Trevor Haigh, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Cryptocurrencies have gained wide adoption by enthusiasts and investors. In this work, we examine seven different Android cryptowallet applications for forensic artifacts, but we also assess their security against tampering and reverse engineering. Some of the biggest benefits of cryptocurrency is its security and relative anonymity. For this reason it is vital that wallet applications share the same properties. Our work, however, indicates that this is not the case. Five of the seven applications we tested do not implement basic security measures against reverse engineering. Three of the applications stored sensitive information, like wallet private keys, insecurely and one was ...


A Reliable Data Provenance And Privacy Preservation Architecture For Business-Driven Cyber-Physical Systems Using Blockchain, Xueping Liang, Sachin Shetty, Deepak K. Tosh, Juan Zhao, Danyi Li, Jihong Liu Jan 2018

A Reliable Data Provenance And Privacy Preservation Architecture For Business-Driven Cyber-Physical Systems Using Blockchain, Xueping Liang, Sachin Shetty, Deepak K. Tosh, Juan Zhao, Danyi Li, Jihong Liu

VMASC Publications

Cyber-physical systems (CPS) including power systems, transportation, industrial control systems, etc. support both advanced control and communications among system components. Frequent data operations could introduce random failures and malicious attacks or even bring down the whole system. The dependency on a central authority increases the risk of single point of failure. To establish an immutable data provenance scheme for CPS, the authors adopt blockchain and propose a decentralized architecture to assure data integrity. In business-driven CPS, end users are required to share their personal information with multiple third parties. To prevent data leakage and preserve user privacy, the authors isolate ...


User-Friendly Deniable Storage For Mobile Devices, Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, Wen-Tao Zhu, Yanju Liu, Zhan Wang Jan 2018

User-Friendly Deniable Storage For Mobile Devices, Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, Wen-Tao Zhu, Yanju Liu, Zhan Wang

Research Collection School Of Information Systems

Mobile devices are prevalently used to process sensitive data, but traditional encryption may not work when an adversary is able to coerce the device owners to disclose the encryption keys. Plausibly Deniable Encryption (PDE) is thus designed to protect sensitive data against this powerful adversary. In this paper, we present MobiPluto, a user-friendly PDE scheme for denying the existence of sensitive data stored on mobile devices. A salient difference between MobiPluto and the existing PDE systems is that any block-based file systems can be deployed on top of it. To further improve usability and deniability of MobiPluto, we introduce a ...


Vkse-Mo: Verifiable Keyword Search Over Encrypted Data In Multi-Owner Settings, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Junwei Zhang, Zhiquan Liu Dec 2017

Vkse-Mo: Verifiable Keyword Search Over Encrypted Data In Multi-Owner Settings, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Junwei Zhang, Zhiquan Liu

Research Collection School Of Information Systems

Searchable encryption (SE) techniques allow cloud clients to easily store data and search encrypted data in a privacy-preserving manner, where most of SE schemes treat the cloud server as honest-but-curious. However, in practice, the cloud server is a semi-honest-but-curious third-party, which only executes a fraction of search operations and returns a fraction of false search results to save its computational and bandwidth resources. Thus, it is important to provide a results verification method to guarantee the correctness of the search results. Existing SE schemes allow multiple data owners to upload different records to the cloud server, but these schemes have ...


Benchmarking Estonia's Cyber Security: An On-Ramping Methodology For Rapid Adoption And Implementation, Ernest Wong, Nan Porter, Mckinnon Hokanson, Bing Bing Xie Oct 2017

Benchmarking Estonia's Cyber Security: An On-Ramping Methodology For Rapid Adoption And Implementation, Ernest Wong, Nan Porter, Mckinnon Hokanson, Bing Bing Xie

Research Papers

In April of 2007, Estonia fell victim to a series of distributed denial of service (DDoS) attacks that crippled its government websites, email servers, media outlets, and banking system for nearly a month. Due to the devastating effects of these cyber attacks, Estonia took great efforts to strengthen its cyber security protocols. This research analyzes the reforms that Estonia has implemented in its domestic and foreign policies and attempts to determine if any of it systemic improvements can help to also bolster cyber security in the United States (US). The findings from this research are that Estonia’s policy reforms ...


Simple Implementation Of An Elgamal Digital Signature And A Brute Force Attack On It, Valeriia Laryoshyna Oct 2017

Simple Implementation Of An Elgamal Digital Signature And A Brute Force Attack On It, Valeriia Laryoshyna

Student Works

This study is an attempt to show a basic mathematical usage of the concepts behind digital signatures and to provide a simple approach and understanding to cracking basic digital signatures. The approach takes on simple C programming of the ElGamal digital signature to identify some limits that can be encountered and provide considerations for making more complex code. Additionally, there is a literature review of the ElGamal digital signature and the brute force attack.

The research component of this project provides a list of possible ways to crack the basic implementations and classifies the different approaches that could be taken ...


Forensic State Acquisition From Internet Of Things (Fsaiot): A General Framework And Practical Approach For Iot Forensics Through Iot Device State Acquisition, Christopher S. Meffert, Devon R. Clark, Ibrahim Baggili, Frank Breitinger Aug 2017

Forensic State Acquisition From Internet Of Things (Fsaiot): A General Framework And Practical Approach For Iot Forensics Through Iot Device State Acquisition, Christopher S. Meffert, Devon R. Clark, Ibrahim Baggili, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

IoT device forensics is a difficult problem given that manufactured IoT devices are not standardized, many store little to no historical data, and are always connected; making them extremely volatile. The goal of this paper was to address these challenges by presenting a primary account for a general framework and practical approach we term Forensic State Acquisition from Internet of Things (FSAIoT). We argue that by leveraging the acquisition of the state of IoT devices (e.g. if an IoT lock is open or locked), it becomes possible to paint a clear picture of events that have occurred. To this ...