Computer Engineering Commons^™

Injecting Control Commands Through Sensory Channel: Attack And Defense, Farhad Rasapour

Boise State University Theses and Dissertations

Industrial Control System (ICS) is responsible for controlling and managing critical infrastructures like nuclear plants and power plants. ICS is equipped with various devices like communication media, Programmable Logic Controller (PLC), actuators, and sensors. Sensors are used to measure a physical phenomenon and send these measurements through the sensory channel to the control devices so they can make decisions on the movements of the actuators in the systems. While tampering with the sensor measurements has been the focus of many studies, there is some research that has concentrated on misusing a sensor and sensory channel as an axillary attack device …

Forensic Analysis Of Immersive Virtual Reality Social Applications: A Primary Account, Ananya Yarramreddy, Peter Gromkowski, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Our work presents the primary account for exploring the forensics of immersive Virtual Reality (VR) systems and their social applications. The Social VR applications studied in this work include Bigscreen, Altspace VR, Rec Room and Facebook Spaces. We explored the two most widely adopted consumer VR systems: the HTC Vive and the Oculus Rift. Our tests examined the efficacy of reconstructing evidence from network traffic as well as the systems themselves. The results showed that a significant amount of forensically relevant data such as user names, user profile pictures, events, and system details may be recovered. We anticipate that this …

Compact Hardware Implementation Of A Sha-3 Core For Wireless Body Sensor Networks, Yi Yang, Debiao He, Neeraj Kumar, Sherali Zeadally

Information Science Faculty Publications

One of the most important Internet of Things applications is the wireless body sensor network (WBSN), which can provide universal health care, disease prevention, and control. Due to large deployments of small scale smart sensors in WBSNs, security, and privacy guarantees (e.g., security and safety-critical data, sensitive private information) are becoming a challenging issue because these sensor nodes communicate using an open channel, i.e., Internet. We implement data integrity (to resist against malicious tampering) using the secure hash algorithm 3 (SHA-3) when smart sensors in WBSNs communicate with each other using the Internet. Due to the limited resources (i.e., storage, …

A Simplified Secure Programming Platform For Internet Of Things Devices, Halim Burak Yesilyurt

FIU Electronic Theses and Dissertations

The emerging Internet of Things (IoT) revolution has introduced many useful applications that are utilized in our daily lives. Users can program these devices in order to develop their own IoT applications; however, the platforms and languages that are used during development are abounding, complicated, and time-consuming. The software solution provided in this thesis, PROVIZ+, is a secure sensor application development software suite that helps users create sophisticated and secure IoT applications with little software and hardware experience. Moreover, a simple and efficient domain-specific programming language, namely Panther language, was designed for IoT application development to unify existing programming languages. …

Security Analysis Of The Uconn Husky One Card, Trevor Phillips

Honors Scholar Theses

The “Husky One Card” is the name given to student IDs at the University of Connecticut. It can identify students, faculty, and staff in a variety of situations. The One Card is used for meal plans, Husky Bucks (an equivalent of money, but valid only in the Storrs area), residence hall/ university facility access, and student health services. The current Husky One Card consists of a picture identification on the front and a standard 1-dimensional barcode and 3-track magnetic strip on the back.

The goal of this thesis is to investigate the feasibility of cloning Husky One Cards, the ease …

An Overview Of The Usage Of Default Passwords, Brandon Knierem, Xiaolu Zhang, Philip Levine, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

The recent Mirai botnet attack demonstrated the danger of using default passwords and showed it is still a major problem. In this study we investigated several common applications and their password policies. Specifically, we analyzed if these applications: (1) have default passwords or (2) allow the user to set a weak password (i.e., they do not properly enforce a password policy). Our study shows that default passwords are still a significant problem: 61% of applications inspected initially used a default or blank password. When changing the password, 58% allowed a blank password, 35% allowed a weak password of 1 character.

Genetic Programming-Based Pseudorandom Number Generator For Wireless Identification And Sensing Platform, Cem Kösemen, Gökhan Dalkiliç, Ömer Aydin

Turkish Journal of Electrical Engineering and Computer Sciences

The need for security in lightweight devices such as radio frequency identification tags is increasing and a pseudorandom number generator (PRNG) constitutes an essential part of the authentication protocols that provide security. The main aim of this research is to produce a lightweight PRNG for cryptographic applications in wireless identification and sensing platform family devices, and other related lightweight devices. This PRNG is produced with genetic programming methods using entropy calculation as the fitness function, and it is tested with the NIST statistical test suite. Moreover, it satisfies the requirements of the EPCGen2 standards.

Securing Soft Ips Against Hardware Trojan Insertion, Thao Phuong Le

Graduate Theses and Dissertations

Due to the increasing complexity of hardware designs, third-party hardware Intellectual Property (IP) blocks are often incorporated in order to alleviate the burden on hardware designers. However, the prevalence use of third-party IPs has raised security concerns such as Trojans inserted by attackers. Hardware Trojans in these soft IPs are extremely difficult to detect through functional testing and no single detection methodology has been able to completely address this issue. Based on a Register-Transfer Level (RTL) and gate-level soft IP analysis method named Structural Checking, this dissertation presents a hardware Trojan detection methodology and tool by detailing the implementation of …

Comparing The Effectiveness Of Different Classification Techniques In Predicting Dns Tunnels, Patrick Walsh

Dissertations

DNS is one of the most widely used protocols on the internet and is used in the translation of domain names into IP address in order to correctly route messages between computers. It presents an attractive attack vector for criminals as the service is not as closely monitored by security experts as other protocols such as HTTP or FTP. Its use as a covert means of communication has increased with the availability of tools that allow for the creation of DNS tunnels using the protocol. One of the primary motivations for using DNS tunnels is the illegal extraction of information …

On The Security And Quality Of Wireless Communications In Outdoor Mobile Environment, Sharaf J. Malebary

Theses and Dissertations

The rapid advancement in wireless technology along with their low cost and ease of deployment have been attracting researchers academically and commercially. Researchers from private and public sectors are investing into enhancing the reliability, robustness, and security of radio frequency (RF) communications to accommodate the demand and enhance lifestyle. RF base communications -by nature- are slower and more exposed to attacks than a wired base (LAN). Deploying such networks in various cutting-edge mobile platforms (e.g. VANET, IoT, Autonomous robots) adds new challenges that impact the quality directly. Moreover, adopting such networks in public outdoor areas make them vulnerable to various …