Open Access. Powered by Scholars. Published by Universities.®

Computer Engineering Commons

Open Access. Powered by Scholars. Published by Universities.®

Articles 1 - 13 of 13

Full-Text Articles in Computer Engineering

Compact Hardware Implementation Of A Sha-3 Core For Wireless Body Sensor Networks, Yi Yang, Debiao He, Neeraj Kumar, Sherali Zeadally Jul 2018

Compact Hardware Implementation Of A Sha-3 Core For Wireless Body Sensor Networks, Yi Yang, Debiao He, Neeraj Kumar, Sherali Zeadally

Information Science Faculty Publications

One of the most important Internet of Things applications is the wireless body sensor network (WBSN), which can provide universal health care, disease prevention, and control. Due to large deployments of small scale smart sensors in WBSNs, security, and privacy guarantees (e.g., security and safety-critical data, sensitive private information) are becoming a challenging issue because these sensor nodes communicate using an open channel, i.e., Internet. We implement data integrity (to resist against malicious tampering) using the secure hash algorithm 3 (SHA-3) when smart sensors in WBSNs communicate with each other using the Internet. Due to the limited resources ...


A Simplified Secure Programming Platform For Internet Of Things Devices, Halim Burak Yesilyurt Jun 2018

A Simplified Secure Programming Platform For Internet Of Things Devices, Halim Burak Yesilyurt

FIU Electronic Theses and Dissertations

The emerging Internet of Things (IoT) revolution has introduced many useful applications that are utilized in our daily lives. Users can program these devices in order to develop their own IoT applications; however, the platforms and languages that are used during development are abounding, complicated, and time-consuming. The software solution provided in this thesis, PROVIZ+, is a secure sensor application development software suite that helps users create sophisticated and secure IoT applications with little software and hardware experience. Moreover, a simple and efficient domain-specific programming language, namely Panther language, was designed for IoT application development to unify existing programming languages ...


Security Analysis Of The Uconn Husky One Card, Trevor Phillips May 2018

Security Analysis Of The Uconn Husky One Card, Trevor Phillips

Honors Scholar Theses

The “Husky One Card” is the name given to student IDs at the University of Connecticut. It can identify students, faculty, and staff in a variety of situations. The One Card is used for meal plans, Husky Bucks (an equivalent of money, but valid only in the Storrs area), residence hall/ university facility access, and student health services. The current Husky One Card consists of a picture identification on the front and a standard 1-dimensional barcode and 3-track magnetic strip on the back.

The goal of this thesis is to investigate the feasibility of cloning Husky One Cards, the ease ...


Enabling User Space Secure Hardware, Aimee Mikaela Coughlin Apr 2018

Enabling User Space Secure Hardware, Aimee Mikaela Coughlin

Electrical, Computer & Energy Engineering Graduate Theses & Dissertations

User space software allows developers to customize applications beyond the limits of the privileged operating system. In this dissertation, we extend this concept to the hardware in the system, providing applications with the ability to define secure hardware; effectively enabling hardware to be treated as a user space resource. This addresses a significant challenge facing industry today, which has an increasing need for secure hardware. With the ever increasing leaks of private data, increasing use of a variety of computing platforms controlled by third parties, and increasing sophistication of attacks, secure hardware, now more than ever, is needed to provide ...


An Overview Of The Usage Of Default Passwords, Brandon Knierem, Xiaolu Zhang, Philip Levine, Frank Breitinger, Ibrahim Baggili Jan 2018

An Overview Of The Usage Of Default Passwords, Brandon Knierem, Xiaolu Zhang, Philip Levine, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

The recent Mirai botnet attack demonstrated the danger of using default passwords and showed it is still a major problem. In this study we investigated several common applications and their password policies. Specifically, we analyzed if these applications: (1) have default passwords or (2) allow the user to set a weak password (i.e., they do not properly enforce a password policy). Our study shows that default passwords are still a significant problem: 61% of applications inspected initially used a default or blank password. When changing the password, 58% allowed a blank password, 35% allowed a weak password of 1 ...


Implementing Cis Cybersecurity Controls For The Department Of Residence, Iowa State University, Vishwas Kaup Vijayananda Jan 2018

Implementing Cis Cybersecurity Controls For The Department Of Residence, Iowa State University, Vishwas Kaup Vijayananda

Creative Components

The Department of Residence (DoR) at Iowa State University houses over 13,000 students, and employs over 300 staff members. Department of Residence’s IT team is in charge of taking care of Information systems assets (data, servers, systems, IP Phones, networking devices, VMs and printers) that are used by the students and the staff members. It is imperative for the DoR to reduce total IT spending, and also to secure the infrastructure to keep hackers and cyber criminals at bay. Various cybersecurity solutions were discussed, and we finally decided to implement CIS-Security Framework. It was one of the most ...


Securing Soft Ips Against Hardware Trojan Insertion, Thao Phuong Le Jan 2018

Securing Soft Ips Against Hardware Trojan Insertion, Thao Phuong Le

Theses and Dissertations

Due to the increasing complexity of hardware designs, third-party hardware Intellectual Property (IP) blocks are often incorporated in order to alleviate the burden on hardware designers. However, the prevalence use of third-party IPs has raised security concerns such as Trojans inserted by attackers. Hardware Trojans in these soft IPs are extremely difficult to detect through functional testing and no single detection methodology has been able to completely address this issue. Based on a Register-Transfer Level (RTL) and gate-level soft IP analysis method named Structural Checking, this dissertation presents a hardware Trojan detection methodology and tool by detailing the implementation of ...


Towards Privacy-Aware Mobile-Based Continuous Authentication Systems, Mohammad Al-Rubaie Jan 2018

Towards Privacy-Aware Mobile-Based Continuous Authentication Systems, Mohammad Al-Rubaie

Graduate Theses and Dissertations

User authentication is used to verify the identify of individuals attempting to gain access to a certain system. It traditionally refers to the initial authentication using knowledge factors (e.g. passwords), or ownership factors (e.g. smart cards). However, initial authentication cannot protect the computer (or smartphone), if left unattended, after the initial login. Thus, continuous authentication was proposed to complement initial authentication by transparently and continuously testing the users' behavior against the stored profile (machine learning model).

Since continuous authentication utilizes users' behavioral data to build machine learning models, certain privacy and security concerns have to be addressed before ...


Comparing The Effectiveness Of Different Classification Techniques In Predicting Dns Tunnels, Patrick Walsh Jan 2018

Comparing The Effectiveness Of Different Classification Techniques In Predicting Dns Tunnels, Patrick Walsh

Dissertations

DNS is one of the most widely used protocols on the internet and is used in the translation of domain names into IP address in order to correctly route messages between computers. It presents an attractive attack vector for criminals as the service is not as closely monitored by security experts as other protocols such as HTTP or FTP. Its use as a covert means of communication has increased with the availability of tools that allow for the creation of DNS tunnels using the protocol. One of the primary motivations for using DNS tunnels is the illegal extraction of information ...


Towards Designing Energy Efficient Symmetric Key Protocols, Sai Raghu Talluri Jan 2018

Towards Designing Energy Efficient Symmetric Key Protocols, Sai Raghu Talluri

UNF Graduate Theses and Dissertations

Energy consumption by various modern symmetric key encryption protocols (DES,

3-DES, AES and, Blowfish) is studied from an algorithmic perspective. The work

is directed towards redesigning or modifying the underlying algorithms for these

protocols to make them consume less energy than they currently do. This research

takes the approach of reducing energy consumption by parallelizing the

consecutive memory accesses of symmetric key encryption algorithms. To achieve

parallelization, an existing energy complexity model is applied to symmetric key

encryption algorithms. Inspired by the popular DDR3 architecture, the model assumes

that main memory is divided into multiple banks, each of which can ...


On The Security And Quality Of Wireless Communications In Outdoor Mobile Environment, Sharaf J. Malebary Jan 2018

On The Security And Quality Of Wireless Communications In Outdoor Mobile Environment, Sharaf J. Malebary

Theses and Dissertations

The rapid advancement in wireless technology along with their low cost and ease of deployment have been attracting researchers academically and commercially. Researchers from private and public sectors are investing into enhancing the reliability, robustness, and security of radio frequency (RF) communications to accommodate the demand and enhance lifestyle. RF base communications -by nature- are slower and more exposed to attacks than a wired base (LAN). Deploying such networks in various cutting-edge mobile platforms (e.g. VANET, IoT, Autonomous robots) adds new challenges that impact the quality directly. Moreover, adopting such networks in public outdoor areas make them vulnerable to ...


Scalable And Modular Implementation Of Scenario-Based Cyber Attacks And Defense Methodologies On Cps Security Scada Testbed, Subramanian Arunachalam Jan 2018

Scalable And Modular Implementation Of Scenario-Based Cyber Attacks And Defense Methodologies On Cps Security Scada Testbed, Subramanian Arunachalam

Creative Components

The electric power grids in the United States are slowly being converted into Smart Grids, which deploy digital technology that facilitates two-way communication between utilities and the customers, detect and react to local changes in usage. This conversion opens up many vulnerabilities and security pitfalls that never existed before.A recent example of an attack that had major impacts on the Power Grid is the cyber attack on the Ukrainian power grid. To combat these kinds of cyber attacks on critical infrastructures, we present a realistic moderate-cost modular test bed and evaluate using two case studies: Black Energy attack (2015 ...


Continuous User Authentication Via Random Forest, Ting-Wei Chang Jan 2018

Continuous User Authentication Via Random Forest, Ting-Wei Chang

Creative Components

Random forest is an important technique in modern machine learning. It was first proposed in 1995, and with the increasing of the compute power, it became a popular method in this decade. In this paper, we present the background knowledge of random forest and also have comparison with other machine learning methods. We also have some discussion of data preprocessing and feature extraction. Then we study the application of random forest to a real world problem - an authentication system which for continuous user authentication approach for web services based on the user’s behavior. The dataset we used for evaluate ...