Computer and Systems Architecture Commons^™

Multifaceted Cybersecurity Analysis: Reconnaissance, Exploitation And Mitigation In A Controlled Network Environment, Austin Coontz

Williams Honors College, Honors Research Projects

This report details a network penetration test in a simulated environment using GNS3, focusing on the configuration of routers, switches, and hosts. The project successfully identified and exploited network vulnerabilities, including FTP access, misconfigured sudo permissions, and SMB protocol weaknesses. The penetration testing process utilized tools like fping and nmap for reconnaissance and vulnerability scanning, revealing the importance of device configurations in network security. The project concluded with mitigation strategies, emphasizing the need for secure access, robust password policies, and security controls. The experience underscored the significance of continuous learning and adaptation in the ever-evolving field of cybersecurity. The project …

Splicecube Architecture: An Extensible Wi-Fi Monitoring Architecture For Smart-Home Networks, Namya Malik

Dartmouth College Master’s Theses

The vision of smart homes is rapidly becoming a reality, as the Internet of Things and other smart devices are deployed widely. Although smart devices offer convenience, they also create a significant management problem for home residents. With a large number and variety of devices in the home, residents may find it difficult to monitor, or even locate, devices. A central controller that brings all the home’s smart devices under secure management and a unified interface would help homeowners and residents track and manage their devices.

We envision a solution called the SPLICEcube whose goal is to detect smart devices, …

Optimized Damage Assessment And Recovery Through Data Categorization In Critical Infrastructure System., Shruthi Ramakrishnan

Graduate Theses and Dissertations

Critical infrastructures (CI) play a vital role in majority of the fields and sectors worldwide. It contributes a lot towards the economy of nations and towards the wellbeing of the society. They are highly coupled, interconnected and their interdependencies make them more complex systems. Thus, when a damage occurs in a CI system, its complex interdependencies make it get subjected to cascading effects which propagates faster from one infrastructure to another resulting in wide service degradations which in turn causes economic and societal effects. The propagation of cascading effects of disruptive events could be handled efficiently if the assessment and …

Lapnitor: A Web Service That Protects Your Laptop From Theft., Michael Ameteku

Williams Honors College, Honors Research Projects

Laptop theft is an issue worldwide. According to an article from 2018, Security Boulevard stated that a laptop is stolen every 53 seconds. Using a laptop's camera, we can monitor the surroundings of the laptop and reduce a laptop's probability of being stolen. According to the University of Pittsburgh, a laptop has a 1-in- 10 chance of being stolen and nearly half of these thefts occur in offices or classrooms. These thefts mostly occur when a laptop owner leaves their device unattended for a certain period of time to maybe go visit the restroom or attend to a call when …

Dbknot: A Transparent And Seamless, Pluggable Tamper Evident Database, Islam Khalil

Theses and Dissertations

Database integrity is crucial to organizations that rely on databases of important data. They suffer from the vulnerability to internal fraud. Database tampering by internal malicious employees with high technical authorization to their infrastructure or even compromised by externals is one of the important attack vectors.

This thesis addresses such challenge in a class of problems where data is appended only and is immutable. Examples of operations where data does not change is a) financial institutions (banks, accounting systems, stock market, etc., b) registries and notary systems where important data is kept but is never subject to change, and c) …

Design And Implementation Of Path Finding And Verification In The Internet, Hao Cai

Doctoral Dissertations

In the Internet, network traffic between endpoints typically follows one path that is determined by the control plane. Endpoints have little control over the choice of which path their network traffic takes and little ability to verify if the traffic indeed follows a specific path. With the emergence of software-defined networking (SDN), more control over connections can be exercised, and thus the opportunity for novel solutions exists. However, there remain concerns about the attack surface exposed by fine-grained control, which may allow attackers to inject and redirect traffic. To address these opportunities and concerns, we consider two specific challenges: (1) …

Trustworthy Systems And Protocols For The Internet Of Things, Arman Pouraghily

Doctoral Dissertations

Processor-based embedded systems are integrated into many aspects of everyday life such as industrial control, automotive systems, healthcare, the Internet of Things, etc. As Moore’s law progresses, these embedded systems have moved from simple microcontrollers to full-scale embedded computing systems with multiple processor cores and operating systems support. At the same time, the security of these devices has also become a key concern. Our main focus in this work is the security and privacy of the embedded systems used in IoT systems. In the first part of this work, we take a look at the security of embedded systems from …

Does The Age Of An It Executive Impact Adoption Levels Of Cloud Computing Services?, Marcus L. Smith

Faculty Publications

This author researched previously the personal decision factors considered by information technology (IT) executives when making the cloud computing services adoptionchoice. The conclusions in that work (Smith, Jr., 2016) supported four hypotheses, namely, (a) advancement, recognition and satisfaction from accomplishments, (b) top management support, (c) diminishment of personal image, and (d) a pattern of technology readiness have a positive influence on business intentions to adopt cloud computing services. Interestingly, a fifth hypothesis, diminishment of personal image, was found to have a negative influence on business intentions. The relationship between age of the survey respondents and adoption levels was highlighted in …

Emergent Ai, Social Robots And The Law: Security, Privacy And Policy Issues, Ramesh Subramanian

Journal of International Technology and Information Management

The rapid growth of AI systems has implications on a wide variety of fields. It can prove to be a boon to disparate fields such as healthcare, education, global logistics and transportation, to name a few. However, these systems will also bring forth far-reaching changes in employment, economy and security. As AI systems gain acceptance and become more commonplace, certain critical questions arise: What are the legal and security ramifications of the use of these new technologies? Who can use them, and under what circumstances? What is the safety of these systems? Should their commercialization be regulated? What are the …

Context-Sensitive Auto-Sanitization For Php, Jared M. Smith, Richard J. Connor, David P. Cunningham, Kyle G. Bashour, Walter T. Work

Chancellor’s Honors Program Projects

No abstract provided.

An Exploration Of Mobile Device Security Artifacts At Institutions Of Higher Education, Amita Goyal Chin, Diania Mcrae, Beth H. Jones, Mark A. Harris

Journal of International Technology and Information Management

The explosive growth and rapid proliferation of smartphones and other mobile

devices that access data over communication networks has necessitated advocating

and implementing security constraints for the purpose of abetting safe computing.

Remote data access using mobile devices is particularly popular among students at

institutions of higher education. To ensure safe harbor for constituents, it is

imperative for colleges and universities to establish, disseminate, and enforce

mobile device security artifacts, where artifacts is defined as policies, procedures,

guidelines or other documented or undocumented protocols. The purpose of this

study is to explore the existence of, specific content of, and the …

Improving The Security Of Wireless Sensor Networks, Mauricio Tellez Nava

Masters Theses, 2010-2019

With the rapid technological advancements of sensors, Wireless Sensor Networks (WSNs) have become the main technology for the Internet of Things (IoT). We investigated the security of WSNs in an environmental monitoring system with the goal to improve the overall security. We implemented a Secure Temperature Monitoring System (STMS), which served as our investigational environment. Our results revealed a security flaw found in the bootstrap loader (BSL) password used to protect firmware in the MSP430 MCU chips. We demonstrated how the BSL password could be brute forced in a matter of days. Furthermore, we illustrate how an attacker can reverse …

Toward The Systematization Of Active Authentication Research, Daniel Fleming Gerrity

Master's Theses

Authentication is the vital link between your real self and your digital self. As our digital selves become ever more powerful, the price of failing authentication grows. The most common authentication protocols are static data and employed only once at login. This allows for authentication to be spoofed just once to gain access to an entire user session. Behaviometric protocols continuously consume a user’s behavior as a token of authentication and can be applied throughout a session, thereby eliminating a fixed token to spoof. Research into these protocols as viable forms of authentication is relatively recent and is being conducted …

Pinpoint: Efficient And Effective Resource Isolation For Mobile Security And Privacy, Paul Ratazzi, Ashok Bommisetti, Nian Ji, Wenliang Du

Electrical Engineering and Computer Science - All Scholarship

Virtualization is frequently used to isolate untrusted processes and control their access to sensitive resources. However, isolation usually carries a price in terms of less resource sharing and reduced inter-process communication. In an open architecture such as Android, this price and its impact on performance, usability, and transparency must be carefully considered. Although previous efforts in developing general-purpose isolation solutions have shown that some of these negative sideeffects can be mitigated, doing so involves overcoming significant design challenges by incorporating numerous additional platform complexities not directly related to improved security. Thus, the general purpose solutions become inefficient and burdensome if …

Data Integrity Verification In Cloud Computing, Katanosh Morovat

Graduate Theses and Dissertations

Cloud computing is an architecture model which provides computing and storage capacity as a service over the internet. Cloud computing should provide secure services for users and owners of data as well. Cloud computing services are a completely internet-based technology where data are stored and maintained in the data center of a cloud provider. Lack of appropriate control over the data might incur several security issues. As a result, some data stored in the cloud must be protected at all times. These types of data are called sensitive data. Sensitive data is defined as data that must be protected against …

Cumulonimbus Computing Concerns: Information Security In Public, Private, And Hybrid Cloud Computing, Daniel Adams

Senior Honors Theses

Companies of all sizes operating in all markets are moving toward cloud computing for greater flexibility, efficiency, and cost savings. The decision of how to adopt the cloud is a question of major security concern due to the fact that control is relinquished over certain portions of the IT ecosystem. This thesis presents the position that the main security decision in moving to cloud computing is choosing which type of cloud to employ for each portion of the network – the hybrid cloud approach. Vulnerabilities that exist on a public cloud will be explored, and recommendations on decision factors will …

A Human-Centered Credit-Banking System For Convenient, Fair And Secure Carpooling Among Members Of An Association, H.-S. Jacob Tsao, Magdalini Eirinaki

Faculty Publications

This paper proposes an unconventional carpool-matching system concept that is different from existing systems with four innovative operational features: (F1) The proposed matching system will be used by members of an association and sponsored by the association, e.g., the employees of a company, members of a homeowner association, employees of a shopping center. This expands the scope beyond commute trips. Such associations can also voluntarily form alliances to increase the number of possible carpool partners and geographical reach. (F2) Service provided by a driver or received by a rider incurs credit or debt to a bank centrally and fairly managed …

Privacy Protection On Cloud Computing, Min Li

Theses and Dissertations

Cloud is becoming the most popular computing infrastructure because it can attract more and more traditional companies due to flexibility and cost-effectiveness. However, privacy concern is the major issue that prevents users from deploying on public clouds. My research focuses on protecting user's privacy in cloud computing. I will present a hardware-based and a migration-based approach to protect user's privacy. The root cause of the privacy problem is current cloud privilege design gives too much power to cloud providers. Once the control virtual machine (installed by cloud providers) is compromised, external adversaries will breach users’ privacy. Malicious cloud administrators are …

Keeping The Skies Safe, Massood Towhidnejad, Andrew J. Kornecki

Department of Electrical Engineering and Computer Science - Daytona Beach

Professors Massood Towhidnejad and Andrew Kornecki shine a light on how their lab is helping government and the aviation industry to enhance the safety and security of software-intensive systems.

Paris: A Parallel Rsa-Prime Inspection Tool, Joseph R. White

Master's Theses

Modern-day computer security relies heavily on cryptography as a means to protect the data that we have become increasingly reliant on. As the Internet becomes more ubiquitous, methods of security must be better than ever. Validation tools can be leveraged to help increase our confidence and accountability for methods we employ to secure our systems.

Security validation, however, can be difficult and time-consuming. As our computational ability increases, calculations that were once considered “hard” due to length of computation, can now be done in minutes. We are constantly increasing the size of our keys and attempting to make computations harder …

Categorization Of Security Design Patterns, Jeremiah Y. Dangler

Electronic Theses and Dissertations

Strategies for software development often slight security-related considerations, due to the difficulty of developing realizable requirements, identifying and applying appropriate techniques, and teaching secure design. This work describes a three-part strategy for addressing these concerns. Part 1 provides detailed questions, derived from a two-level characterization of system security based on work by Chung et. al., to elicit precise requirements. Part 2 uses a novel framework for relating this characterization to previously published strategies, or patterns, for secure software development. Included case studies suggest the framework's effectiveness, involving the application of three patterns for secure design (Limited View, Role-Based Access Control, …

Eavesdropping Security In Wireless Ad Hoc Networks With Directional Antennas, Qiu Wang, Hong-Ning Dai, Qinglin Zhao

Hong-Ning Dai

The eavesdropping security of wireless ad hoc networks has attracted considerable attention recently. However, most of current studies only consider OMN networks, where each node is mounted with a single omni-directional antenna, which radiates radio signals in all directions and consequently leads to the high eavesdropping possibility. Compared with an omnidirectional antenna, a directional antenna can concentrate the radio signals on some desired directions so that it can potentially reduce the eavesdropping possibility. This paper investigates the eavesdropping security of wireless ad hoc networks equipped with directional antennas. In particular, we study the eavesdropping possibility of OMN networks, SDA networks …

Cloud Computing: Architectural And Policy Implications, Christopher S. Yoo

All Faculty Scholarship

Cloud computing has emerged as perhaps the hottest development in information technology. Despite all of the attention that it has garnered, existing analyses focus almost exclusively on the issues that surround data privacy without exploring cloud computing’s architectural and policy implications. This article offers an initial exploratory analysis in that direction. It begins by introducing key cloud computing concepts, such as service-oriented architectures, thin clients, and virtualization, and discusses the leading delivery models and deployment strategies that are being pursued by cloud computing providers. It next analyzes the economics of cloud computing in terms of reducing costs, transforming capital expenditures …

Rough Consensus And Running Code: Integrating Engineering Principles Into Internet Policy Debates, Christopher S. Yoo

All Faculty Scholarship

This is the introduction to a symposium issue for a conference designed to bring the engineering community, policymakers, legal academics, and industry participants together in an attempt to provide policymakers with a better understanding of the Internet’s technical aspects and to explore emerging issues of particular importance to current broadband policy.

Exploring Security Improvement Of Wireless Networks With Directional Antennas, Hong-Ning Dai, Dong Li, Raymond Chi-Wing Wong

Hong-Ning Dai

There are a number of studies on using directional antennas in wireless networks. Many of them concentrate on analyzing the theoretical capacity improvement by using directional antennas. Other studies focus on designing proper Medium Access Control (MAC) protocols to improve the practical network throughput. There are few works on the security improvement using directional antennas. In this paper, we explore the benefits of directional antennas in security improvements on both singlehop and multi-hop wireless networks. In particular, we found that using directional antennas in wireless networks can significantly reduce the eavesdropping probabilities of both single-hop transmissions as well as multi-hop …

Defending Privacy: The Development And Deployment Of A Darknet, Conor Mcmanamon, Fredrick Mtenzi

Conference papers

New measures imposed by governments, Internet service providers and other third parties which threaten the state of privacy are also opening new avenues to protecting it. The unwarranted scrutiny of legitimate services such as file hosters and the BitTorrent protocol, once relatively unknown to the casual Internet user, is becoming more obvious. The darknet is a rising contender against these new measures and will preserve the default right to privacy of Internet users. A darknet is defined in the context of file sharing as a network which operates on top of another network such as the Internet for the purpose …

The Changing Patterns Of Internet Usage, Christopher S. Yoo

All Faculty Scholarship

The Internet unquestionably represents one of the most important technological developments in recent history. It has revolutionized the way people communicate with one another and obtain information and created an unimaginable variety of commercial and leisure activities. Interestingly, many members of the engineering community often observe that the current network is ill-suited to handle the demands that end users are placing on it. Indeed, engineering researchers often describe the network as ossified and impervious to significant architectural change. As a result, both the U.S. and the European Commission are sponsoring “clean slate” projects to study how the Internet might be …

Mitigation Of Control Channel Jamming Under Node Capture Attacks, Patrick Tague, Mingya Li, Radha Poovendran

Patrick Tague

Availability of service in many wireless networks depends on the ability for network users to establish and maintain communication channels using control messages from base stations and other users. An adversary with knowledge of the underlying communication protocol can mount an efficient denial of service attack by jamming the communication channels used to exchange control messages. The use of spread spectrum techniques can deter an external adversary from such control channel jamming attacks. However, malicious colluding insiders or an adversary who captures or compromises system users are not deterred by spread spectrum, as they know the required spreading sequences. For …

Information Security System Rating And Ranking, Rayford B. Vaughn Jr., Ambareen Sira, David A. Dampier

Computer Sciences and Electrical Engineering Faculty Research

The term assurance has been used for decades in trusted system development to express the notion of confidence in the strength of a specific system or system of systems. The unsolved problem that security engineers must struggle with is the adoption of measures or metrics that can reliably depict the assurance associated with a specific hardware and software architecture. This article reports on a recent attempt to focus needs in this area and suggests various categories of information assurance metrics that may be helpful to an organization that is deciding which set is useful for a specific application.