Open Access. Powered by Scholars. Published by Universities.®

Physical Sciences and Mathematics Commons

Open Access. Powered by Scholars. Published by Universities.®

Computer Sciences

Air Force Institute of Technology

2022

Articles 1 - 30 of 60

Full-Text Articles in Physical Sciences and Mathematics

Evaluating Deep Learning Explanations On Risc-V Assembly As A Reverse Engineering Aid, Daniel F. Koranek Dec 2022

Evaluating Deep Learning Explanations On Risc-V Assembly As A Reverse Engineering Aid, Daniel F. Koranek

Theses and Dissertations

This dissertation addresses several problems surrounding the detection of malware using deep learning models trained on assembly language examples. First, it examines the feasibility of detecting examples of malice using deep learning models trained on RISC-V instruction traces. Next, it examines whether models for detecting trace features and code features in RISC-V assembly can be made explainable (providing rationale for a model’s decision based upon the model’s internal workings) or interpretable (providing additional rationale as model output to support a human’s agreement with the model output). Third, this work examines ways in which it is possible to give additional contextual …

Go to article

Generating Realistic Cyber Data For Training And Evaluating Machine Learning Classifiers For Network Intrusion Detection Systems, Marc W. Chalé, Nathaniel D. Bastian Nov 2022

Generating Realistic Cyber Data For Training And Evaluating Machine Learning Classifiers For Network Intrusion Detection Systems, Marc W. Chalé, Nathaniel D. Bastian

Faculty Publications

No abstract provided.

Go to article

Quantifying Dds-Cerberus Network Control Overhead, Andrew T. Park, Nathaniel R. Peck, Richard Dill, Douglas D. Hodson, Michael R. Grimaila, Wayne C. Henry Sep 2022

Quantifying Dds-Cerberus Network Control Overhead, Andrew T. Park, Nathaniel R. Peck, Richard Dill, Douglas D. Hodson, Michael R. Grimaila, Wayne C. Henry

Faculty Publications

Securing distributed device communication is critical because the private industry and the military depend on these resources. One area that adversaries target is the middleware, which is the medium that connects different systems. This paper evaluates a novel security layer, DDS-Cerberus (DDS-C), that protects in-transit data and improves communication efficiency on data-first distribution systems. This research contributes a distributed robotics operating system testbed and designs a multifactorial performance-based experiment to evaluate DDS-C efficiency and security by assessing total packet traffic generated in a robotics network. The performance experiment follows a 2:1 publisher to subscriber node ratio, varying the number of …

Go to article

Distribution Of Dds-Cerberus Authenticated Facial Recognition Streams, Andrew T. Park, Nathaniel Peck, Richard Dill, Douglas D. Hodson, Michael R. Grimaila, Wayne C. Henry Sep 2022

Distribution Of Dds-Cerberus Authenticated Facial Recognition Streams, Andrew T. Park, Nathaniel Peck, Richard Dill, Douglas D. Hodson, Michael R. Grimaila, Wayne C. Henry

Faculty Publications

Successful missions in the field often rely upon communication technologies for tactics and coordination. One middleware used in securing these communication channels is Data Distribution Service (DDS) which employs a publish-subscribe model. However, researchers have found several security vulnerabilities in DDS implementations. DDS-Cerberus (DDS-C) is a security layer implemented into DDS to mitigate impersonation attacks using Kerberos authentication and ticketing. Even with the addition of DDS-C, the real-time message sending of DDS also needs to be upheld. This paper extends our previous work to analyze DDS-C’s impact on performance in a use case implementation. The use case covers an artificial …

Go to article

Analyzing Microarchitectural Residue In Various Privilege Strata To Identify Computing Tasks, Tor J. Langehaug Sep 2022

Analyzing Microarchitectural Residue In Various Privilege Strata To Identify Computing Tasks, Tor J. Langehaug

Theses and Dissertations

Modern multi-tasking computer systems run numerous applications simultaneously. These applications must share hardware resources including the Central Processing Unit (CPU) and memory while maximizing each application’s performance. Tasks executing in this shared environment leave residue which should not reveal information. This dissertation applies machine learning and statistical analysis to evaluate task residue as footprints which can be correlated to identify tasks. The concept of privilege strata, drawn from an analogy with physical geology, organizes the investigation into the User, Operating System, and Hardware privilege strata. In the User Stratum, an adversary perspective is taken to build an interrogator program that …

Go to article

Learning Robust Radio Frequency Fingerprints Using Deep Convolutional Neural Networks, Jose A. Gutierrez Del Arroyo Sep 2022

Learning Robust Radio Frequency Fingerprints Using Deep Convolutional Neural Networks, Jose A. Gutierrez Del Arroyo

Theses and Dissertations

Radio Frequency Fingerprinting (RFF) techniques, which attribute uniquely identifiable signal distortions to emitters via Machine Learning (ML) classifiers, are limited by fingerprint variability under different operational conditions. First, this work studied the effect of frequency channel for typical RFF techniques. Performance characterization using the multi-class Matthews Correlation Coefficient (MCC) revealed that using frequency channels other than those used to train the models leads to deterioration in MCC to under 0.05 (random guess), indicating that single-channel models are inadequate for realistic operation. Second, this work presented a novel way of studying fingerprint variability through Fingerprint Extraction through Distortion Reconstruction (FEDR), a …

Go to article

Leveraging Subject Matter Expertise To Optimize Machine Learning Techniques For Air And Space Applications, Philip Y. Cho Sep 2022

Leveraging Subject Matter Expertise To Optimize Machine Learning Techniques For Air And Space Applications, Philip Y. Cho

Theses and Dissertations

We develop new machine learning and statistical methods that are tailored for Air and Space applications through the incorporation of subject matter expertise. In particular, we focus on three separate research thrusts that each represents a different type of subject matter knowledge, modeling approach, and application. In our first thrust, we incorporate knowledge of natural phenomena to design a neural network algorithm for localizing point defects in transmission electron microscopy (TEM) images of crystalline materials. In our second research thrust, we use Bayesian feature selection and regression to analyze the relationship between fighter pilot attributes and flight mishap rates. We …

Go to article

Development Of A Security-Focused Multi-Channel Communication Protocol And Associated Quality Of Secure Service (Qoss) Metrics, Paul M. Simon Sep 2022

Development Of A Security-Focused Multi-Channel Communication Protocol And Associated Quality Of Secure Service (Qoss) Metrics, Paul M. Simon

Theses and Dissertations

The threat of eavesdropping, and the challenge of recognizing and correcting for corrupted or suppressed information in communication systems is a consistent challenge. Effectively managing protection mechanisms requires an ability to accurately gauge the likelihood or severity of a threat, and adapt the security features available in a system to mitigate the threat. This research focuses on the design and development of a security-focused communication protocol at the session-layer based on a re-prioritized communication architecture model and associated metrics. From a probabilistic model that considers data leakage and data corruption as surrogates for breaches of confidentiality and integrity, a set …

Go to article

Quantum Error Detection Without Using Ancilla Qubits, Nicolas Guerrero Sep 2022

Quantum Error Detection Without Using Ancilla Qubits, Nicolas Guerrero

Theses and Dissertations

Quantum computers are beset by errors from a variety of sources. Although quantum error correction and detection codes have been developed since the 1990s, these codes require mid-circuit measurements in order to operate. In order to avoid these measurements we have developed a new error detection code that only requires state collapses at the end of the circuit, which we call no ancilla error detection (NAED). We investigate some of the mathematics behind NAED such as which codes can detect which errors. We then run NAED on three separate types of circuits: Greenberger–Horne–Zeilinger circuits, phase dependent circuits, and a quantum …

Go to article

Analysis Of Graph Layout Algorithms For Use In Command And Control Network Graphs, Matthew R. Stone Sep 2022

Analysis Of Graph Layout Algorithms For Use In Command And Control Network Graphs, Matthew R. Stone

Theses and Dissertations

This research is intended to determine which styles of layout algorithm are well suited to Command and Control (C2) network graphs to replace current manual layout methods. Manual methods are time intensive and an automated layout algorithm should decrease the time spent creating network graphs. Simulations on realistic synthetically generated graphs provide information to help infer which algorithms perform better than others on this problem. Data is generated using statistics drawn from multiple real world C2 network graphs. The three algorithms tested against this data are the Spectral algorithm, the Dot algorithm, and the Fruchterman-Reingold algorithm. The results include a …

Go to article

Generative Methods, Meta-Learning, And Meta-Heuristics For Robust Cyber Defense, Marc W. Chale Sep 2022

Generative Methods, Meta-Learning, And Meta-Heuristics For Robust Cyber Defense, Marc W. Chale

Theses and Dissertations

Cyberspace is the digital communications network that supports the internet of battlefield things (IoBT), the model by which defense-centric sensors, computers, actuators and humans are digitally connected. A secure IoBT infrastructure facilitates real time implementation of the observe, orient, decide, act (OODA) loop across distributed subsystems. Successful hacking efforts by cyber criminals and strategic adversaries suggest that cyber systems such as the IoBT are not secure. Three lines of effort demonstrate a path towards a more robust IoBT. First, a baseline data set of enterprise cyber network traffic was collected and modelled with generative methods allowing the generation of realistic, …

Go to article

Analytic Case Study Using Unsupervised Event Detection In Multivariate Time Series Data, Jeremy M. Wightman Sep 2022

Analytic Case Study Using Unsupervised Event Detection In Multivariate Time Series Data, Jeremy M. Wightman

Theses and Dissertations

Analysis of cyber-physical systems (CPS) has emerged as a critical domain for providing US Air Force and Space Force leadership decision advantage in air, space, and cyberspace. Legacy methods have been outpaced by evolving battlespaces and global peer-level challengers. Automation provides one way to decrease the time that analysis currently takes. This thesis presents an event detection automation system (EDAS) which utilizes deep learning models, distance metrics, and static thresholding to detect events. The EDAS automation is evaluated with case study of CPS domain experts in two parts. Part 1 uses the current methods for CPS analysis with a qualitative …

Go to article

Artificial Neural Networks And Gradient Boosted Machines Used For Regression To Evaluate Gasification Processes: A Review, Owen Sedej, Eric Mbonimpa, Trevor Sleight, Jeremy M. Slagley Aug 2022

Artificial Neural Networks And Gradient Boosted Machines Used For Regression To Evaluate Gasification Processes: A Review, Owen Sedej, Eric Mbonimpa, Trevor Sleight, Jeremy M. Slagley

Faculty Publications

Waste-to-Energy technologies have the potential to dramatically improve both the natural and human environment. One type of waste-to-energy technology that has been successful is gasification. There are numerous types of gasification processes and in order to drive understanding and the optimization of these systems, traditional approaches like computational fluid dynamics software have been utilized to model these systems. The modern advent of machine learning models has allowed for accurate and computationally efficient predictions for gasification systems that are informed by numerous experimental and numerical solutions. Two types of machine learning models that have been widely used to solve for quantitative …

Go to article

Active 2d-Dna Fingerprinting Of Wirelesshart Adapters To Ensure Operational Integrity In Industrial Systems, Willie H. Mims, Michael A. Temple, Robert F. Mills Jun 2022

Active 2d-Dna Fingerprinting Of Wirelesshart Adapters To Ensure Operational Integrity In Industrial Systems, Willie H. Mims, Michael A. Temple, Robert F. Mills

Faculty Publications

The need for reliable communications in industrial systems becomes more evident as industries strive to increase reliance on automation. This trend has sustained the adoption of WirelessHART communications as a key enabling technology and its operational integrity must be ensured. This paper focuses on demonstrating pre-deployment counterfeit detection using active 2D Distinct Native Attribute (2D-DNA) fingerprinting. Counterfeit detection is demonstrated using experimentally collected signals from eight commercial WirelessHART adapters. Adapter fingerprints are used to train 56 Multiple Discriminant Analysis (MDA) models with each representing five authentic network devices. The three non-modeled devices are introduced as counterfeits and a total of …

Go to article

A Unified View Of A Human Digital Twin, Michael Miller, Emily Spatz Jun 2022

A Unified View Of A Human Digital Twin, Michael Miller, Emily Spatz

Faculty Publications

The term human digital twin has recently been applied in many domains, including medical and manufacturing. This term extends the digital twin concept, which has been illustrated to provide enhanced system performance as it combines system models and analyses with real-time measurements for an individual system to improve system maintenance. Human digital twins have the potential to change the practice of human system integration as these systems employ real-time sensing and feedback to tightly couple measurements of human performance, behavior, and environmental influences throughout a product’s life cycle to human models to improve system design and performance. However, as this …

Go to article

Scheduling For Space Tracking And Heterogeneous Sensor Environments, Gabriel H. Greve Jun 2022

Scheduling For Space Tracking And Heterogeneous Sensor Environments, Gabriel H. Greve

Theses and Dissertations

This dissertation draws on the fields of heuristic and meta-heuristic algorithm development, resource allocation problems, and scheduling to address key Air Force problems. The world runs on many schedules. People depend upon them and expect these schedules to be accurate. A process is needed where schedules can be dynamically adjusted to allow tasks to be completed efficiently. For example, the Space Surveillance Network relies on a schedule to track objects in space. The schedule must use sensor resources to track as many high-priority satellites as possible to obtain orbit paths and to warn of collision paths. Any collisions that occurred …

Go to article

Automated Computer Network Exploitation With Bayesian Decision Networks, Graeme Roberts, Gilbert L. Peterson May 2022

Automated Computer Network Exploitation With Bayesian Decision Networks, Graeme Roberts, Gilbert L. Peterson

Faculty Publications

Penetration Testing (pentesting) is the process of using tactics and techniques to penetrate computer systems and networks to expose any issues in their cybersecurity \cite{rsa}. It is currently a manual process requiring significant experience and time that are in limited supply. One way to supplement the shortage is through automation. This paper presents the Automated Network Discovery and Exploitation System (ANDES) which demonstrates that it is feasible to automate the pentesting process. The uniqueness of ANDES is the use of Bayesian decision networks to represent the pentesting domain and subject matter expert knowledge. ANDES conducts multiple execution cycles, which build …

Go to article

Factored Beliefs For Machine Agents In Decentralized Partially Observable Markov Decision Processes, Joshua Lapso, Gilbert L. Peterson May 2022

Factored Beliefs For Machine Agents In Decentralized Partially Observable Markov Decision Processes, Joshua Lapso, Gilbert L. Peterson

Faculty Publications

A shared mental model (SMM) is a foundational structure in high performing, task-oriented teams and aid humans in determining their teammate's goals and intentions. Higher levels of mental alignment between teammates can reduce the direct dialogue required for team success. For decision-making teams, a transactive memory system (TMS) offers team members a map of specialized knowledge, indicating source of knowledge and the source's credibility. SMM and TMS formulations aid human-agent team performance in their intended team types. However, neither improve team performance with a project team--one that requires both behavioral and knowledge integration. We present a hybrid cognitive model (HCM) …

Go to article

Evolution Of Combined Arms Tactics In Heterogeneous Multi-Agent Teams, Robert J. Wilson, David W. King, Gilbert L. Peterson May 2022

Evolution Of Combined Arms Tactics In Heterogeneous Multi-Agent Teams, Robert J. Wilson, David W. King, Gilbert L. Peterson

Faculty Publications

Multi-agent systems research is concerned with the emergence of system-level behaviors from relatively simple agent interactions. Multi-agent systems research to date is primarily concerned with systems of homogeneous agents, with member agents both physically and behaviorally identical. Systems of heterogeneous agents with differing physical or behavioral characteristics may be able to accomplish tasks more efficiently than homogeneous teams, via cooperation between mutually complementary agent types. In this article, we compare the performance of homogeneous and heterogeneous teams in combined arms situations. Combined arms theory proposes that the application of heterogeneous forces, en masse, can generate effects far greater than outcomes …

Go to article

Considerations For Radio Frequency Fingerprinting Across Multiple Frequency Channels, Jose A. Gutierrez Del Arroyo, Brett J. Borghetti, Michael A. Temple Mar 2022

Considerations For Radio Frequency Fingerprinting Across Multiple Frequency Channels, Jose A. Gutierrez Del Arroyo, Brett J. Borghetti, Michael A. Temple

Faculty Publications

Radio Frequency Fingerprinting (RFF) is often proposed as an authentication mechanism for wireless device security, but application of existing techniques in multi-channel scenarios is limited because prior models were created and evaluated using bursts from a single frequency channel without considering the effects of multi-channel operation. Our research evaluated the multi-channel performance of four single-channel models with increasing complexity, to include a simple discriminant analysis model and three neural networks. Performance characterization using the multi-class Matthews Correlation Coefficient (MCC) revealed that using frequency channels other than those used to train the models can lead to a deterioration in performance from …

Go to article

Malware Detection Using Electromagnetic Side-Channel Analysis, Matthew A. Bergstedt Mar 2022

Malware Detection Using Electromagnetic Side-Channel Analysis, Matthew A. Bergstedt

Theses and Dissertations

Many physical systems control or monitor important applications without the capacity to monitor for malware using on-device resources. Thus, it becomes valuable to explore malware detection methods for these systems utilizing external or off-device resources. This research investigates the viability of employing EM SCA to determine whether a performed operation is normal or malicious. A Raspberry Pi 3 was set up as a simulated motor controller with code paths for a normal or malicious operation. While the normal path only calculated the motor speed before updating the motor, the malicious path added a line of code to modify the calculated …

Go to article

Evaluating Semantic Matching Techniques For Technical Documents, Rain F. Dartt Mar 2022

Evaluating Semantic Matching Techniques For Technical Documents, Rain F. Dartt

Theses and Dissertations

Machine learning models that employ NLP techniques have become more widely accessible, making them an attractive solution for text and document classification tasks traditionally accomplished by humans. Two such use cases are matching the specialized experience required for a job to statements in applicant resumes, and finding and labelling clauses in legal contracts The AFMC has an immediate need for solutions to civilian hiring. However, there is currently no truth data to validate against. A similar task is contract understanding for which there is the CUAD, a recently published repository of 510 contracts manually labelled by legal experts. The presented …

Go to article

Securing Infiniband Networks With End-Point Encryption, Noah B. Diamond Mar 2022

Securing Infiniband Networks With End-Point Encryption, Noah B. Diamond

Theses and Dissertations

The NVIDIA-Mellanox Bluefield-2 is a 100 Gbps high-performance network interface which offers hardware offload and acceleration features that can operate directly on network traffic without routine involvement from the ARM CPU. This allows the ARM multi-core CPU to orchestrate the hardware to perform operations on both Ethernet and RDMA traffic at high rates rather than processing all the traffic directly. A testbed called TNAP was created for performance testing and a MiTM verification process called MiTMVMP is used to ensure proper network configuration. The hardware accelerators of the Bluefield-2 support a throughput of nearly 86 Gbps when using IPsec to …

Go to article

Exploiting The Iot Through Network-Based Covert Channels, Kyle S. Harris Mar 2022

Exploiting The Iot Through Network-Based Covert Channels, Kyle S. Harris

Theses and Dissertations

Information leaks are a top concern to industry and government leaders. The IoT is a technology capable of sensing real-world events. A method for exfiltrating data from these devices is by covert channel. This research designs a novel IoT CTC without the need for inter-packet delays to encode data. Instead, it encodes data within preexisting network information, namely ports or addresses. Additionally, the CTC can be implemented in two different modes: Stealth and Bandwidth. Performance is measured using throughput and detectability. The Stealth methods mimic legitimate traffic captures while the Bandwidth methods forgo this approach for maximum throughput. Detection results …

Go to article

Automated Reconstructions For The Digital Forensic Examiner Workflow, Ryan P. Montgomery Mar 2022

Automated Reconstructions For The Digital Forensic Examiner Workflow, Ryan P. Montgomery

Theses and Dissertations

One product of a digital forensics examination is a reconstruction of events recorded in the media. A reconstruction places all of the case relevant trace into temporal, identity and associative relationships. Creating this reconstruction is a manual and time consuming process for the examiner. This thesis presents AIER. AIER integrates automation, abstraction and visualization into the Autopsy forensic software to improve the reconstruction process. The integration utilizes a custom Autopsy ingest module to extract and abstract artifact data and an interactive graph-based timeline visualization module. These improvements to the forensic examiner workflow are evaluated through a series of use cases.

Go to article

Exploring Learning Classifier System Behaviors In Multi-Action, Turn-Based Wargames, Garth J.S. Terlizzi Iii Mar 2022

Exploring Learning Classifier System Behaviors In Multi-Action, Turn-Based Wargames, Garth J.S. Terlizzi Iii

Theses and Dissertations

State of the art game-playing Artificial Intelligence research focuses heavily on non-symbolic learning methods. These methods offer little explainable insight into their decision-making processes. Learning Classifier Systems (LCSs) provide an alternative. LCSs use rule-based learning, guided by a Genetic Algorithm (GA), to produce a human-readable rule-set. This thesis explores LCS usefulness in game-playing agents for multi-agent wargames. Several Multi-Agent Learning Classifier System (MALCS) variants are implemented in the wargame Stratagem MIST: a Zeroeth-Level Classifier System (ZCS), an extended Classifier System (XCS), and an Adaptive Pittsburgh Classifier System (APCS). These algorithms were tested against baseline agents as well as the Online …

Go to article

Incorporating Armed Escorts To The Military Medical Evacuation Dispatching Problem Via Stochastic Optimization And Reinforcement Learning, Andrew G. Gelbard Mar 2022

Incorporating Armed Escorts To The Military Medical Evacuation Dispatching Problem Via Stochastic Optimization And Reinforcement Learning, Andrew G. Gelbard

Theses and Dissertations

The military medical evacuation (MEDEVAC) dispatching problem seeks to determine high-quality dispatching policies to maximize the survivability of casualties within contingency operations. This research leverages applied operations research and machine learning techniques to solve the MEDEVAC dispatching problem and evaluate system performance. More specifically, we develop an infinite-horizon, continuous-time Markov decision process (MDP) model and approximate dynamic programming (ADP) solution approach to generate high-quality policies. The ADP solution approach utilizes an approximate value iteration algorithm strategy incorporating gradient descent Q-learning to approximate the value function. A notional, synthetically-generated scenario in Africa based around the capital city of Niger, Niamey is …

Go to article

Approximate Dynamic Programming For An Unmanned Aerial Vehicle Routing Problem With Obstacles And Stochastic Target Arrivals, Kassie M. Gurnell Mar 2022

Approximate Dynamic Programming For An Unmanned Aerial Vehicle Routing Problem With Obstacles And Stochastic Target Arrivals, Kassie M. Gurnell

Theses and Dissertations

The United States Air Force is investing in artificial intelligence (AI) to speed analysis in efforts to modernize the use of autonomous unmanned combat aerial vehicles (AUCAVs) in strike coordination and reconnaissance (SCAR) missions. This research examines an AUCAVs ability to execute target strikes and provide reconnaissance in a SCAR mission. An orienteering problem is formulated as anMarkov decision process (MDP) model wherein a single AUCAV must optimize its target route to aid in eliminating time-sensitive targets and collect imagery of requested named areas of interest while evading surface-to-air missile (SAM) battery threats imposed as obstacles. The AUCAV adjusts its …

Go to article

An Investigation Of Data Storage In Entity-Component Systems, Bailey V. Compton Mar 2022

An Investigation Of Data Storage In Entity-Component Systems, Bailey V. Compton

Theses and Dissertations

Entity-Component Systems (ECS) have grown vastly in application since their introduction more than 20 years ago. Providing the ability to efficiently manage data and optimize program execution, ECSs, as well as the wider field of data-oriented design, have attained popularity in the realms of modeling, simulation, and gaming. This manuscript aims to elucidate and document the storage frameworks commonly found in ECSs, as well as suggesting conceptual connections between ECSs and relational databases. This formal documentation of the in-memory storage formats of entity-component systems affords the United States Air Force, the Department of Defense, and the software engineering community a …

Go to article

An Entity-Component System Based, Ieee Dis Interoperability Interface, Noah W. Scott Mar 2022

An Entity-Component System Based, Ieee Dis Interoperability Interface, Noah W. Scott

Theses and Dissertations

In practice, there are several different methods of organizing data within a given software to fulfil its function. The method known as the Entity-Component System (ECS) is a software architecture where data components define entities. These components are stored as organized lists which are operated upon by systems to inject the system's desired behavior. Data is sent across the networks to communicate between simulation nodes as Protocol Data Units (PDUs). When sending PDUs across a network protocol, each simulation represents a common understanding of the world at the desired level of detail. DIS-compliant simulations are commonly written using an Object-Oriented …

Go to article

Next Last