Open Access. Powered by Scholars. Published by Universities.®

Physical Sciences and Mathematics Commons

Open Access. Powered by Scholars. Published by Universities.®

Information Security

Theses and Dissertations

Articles 1 - 30 of 198

Full-Text Articles in Physical Sciences and Mathematics

Designing An Artificial Immune Inspired Intrusion Detection System, William Hosier Anderson Dec 2023

Designing An Artificial Immune Inspired Intrusion Detection System, William Hosier Anderson

Theses and Dissertations

The domain of Intrusion Detection Systems (IDS) has witnessed growing interest in recent years due to the escalating threats posed by cyberattacks. As Internet of Things (IoT) becomes increasingly integrated into our every day lives, we widen our attack surface and expose more of our personal lives to risk. In the same way the Human Immune System (HIS) safeguards our physical self, a similar solution is needed to safeguard our digital self. This thesis presents the Artificial Immune inspired Intrusion Detection System (AIS-IDS), an IDS modeled after the HIS. This thesis proposes an architecture for AIS-IDS, instantiates an AIS-IDS model …

Go to article

A Conceptual Decentralized Identity Solution For State Government, Martin Duclos Dec 2023

A Conceptual Decentralized Identity Solution For State Government, Martin Duclos

Theses and Dissertations

In recent years, state governments, exemplified by Mississippi, have significantly expanded their online service offerings to reduce costs and improve efficiency. However, this shift has led to challenges in managing digital identities effectively, with multiple fragmented solutions in use. This paper proposes a Self-Sovereign Identity (SSI) framework based on distributed ledger technology. SSI grants individuals control over their digital identities, enhancing privacy and security without relying on a centralized authority. The contributions of this research include increased efficiency, improved privacy and security, enhanced user satisfaction, and reduced costs in state government digital identity management. The paper provides background on digital …

Go to article

Identity Management Pki System Using Blockchain, Mohamed Abdel Fattah Abdel Baki Awad Sep 2023

Identity Management Pki System Using Blockchain, Mohamed Abdel Fattah Abdel Baki Awad

Theses and Dissertations

Identity management is one of the most important topics in the security field. Public Key Infrastructure (PKI) is the most commonly used approach in legally identity management systems. PKI systems have many centralized services that might affect the availability and trustworthiness of the system. Issues related to certificate verification methods such as Certificate Revocation List (CRL) and Online Certificate Status Protocol (OCSP) can be avoided if blockchain is used. Blockchain is a decentralized trusted system where data can only be appended to a public ledger. Edits are not allowed in blockchain. Blockchain consists of several nodes all of them have …

Go to article

A Multimodal Immune System Inspired Defense Architecture For Detecting And Deterring Digital Pathogens In Container Hosted Web Services, Islam Khalil Jun 2023

A Multimodal Immune System Inspired Defense Architecture For Detecting And Deterring Digital Pathogens In Container Hosted Web Services, Islam Khalil

Theses and Dissertations

With the increased use of web technologies, microservices, and Application Programming Interface (API) for integration between systems, and with the development of containerization of services on operating system level as a method of isolating system execution and for easing the deployment and scaling of systems, there is a growing need as well as opportunities for providing platforms that improve the security of such services. In our work, we propose an architecture for a containerization platform that utilizes various concepts derived from the human immune system. The goal of the proposed containerization platform is to introduce the concept of slowing down …

Go to article

Towards Privacy-Preserving Social Media Networks: Protecting The Facial Privacy Of Images Uploaded On Social Media, Ahsi Lo May 2023

Towards Privacy-Preserving Social Media Networks: Protecting The Facial Privacy Of Images Uploaded On Social Media, Ahsi Lo

Theses and Dissertations

Since the 2000s, social media has allowed individuals the ability to communicate online. As the popularity of social media increased, the sharing of information such as pictures increased as well. Recently, there have been privacy concerns about the information shared online such as cases where third parties were able to gain access to users’ information without being given explicit access through scraping or other means. When user images are scraped from social media, there is a risk that these individuals can be identified o✏ine. Bystanders, who may be captured in images also run this risk of identification. This research investigates …

Go to article

The Effect Of Cybersecurity Training On Government Employee’S Knowledge Of Cybersecurity Issues And Practices, Juan Jaime Saldana Ii May 2023

The Effect Of Cybersecurity Training On Government Employee’S Knowledge Of Cybersecurity Issues And Practices, Juan Jaime Saldana Ii

Theses and Dissertations

There is an ever-pressing need for cybersecurity awareness and implementation of learning strategies in the workplace to mitigate the increased threat posed by cyber-attacks and exacerbated by an untrained workforce. The lack of cybersecurity knowledge amongst government employees has increased to critical levels due to the amount of sensitive information their agencies are responsible for. The digital compromise of a government entity often leads to a compromise of constituent data along with the disruption of public services (Axelrod, 2019; Yazdanpanahi, 2021). The need for awareness is further complicated by agencies looking to cater to a digital culture looking for a …

Go to article

Intel Total Memory Encryption: Functional Verification And Performance Analysis, Tallas Tian Sheng Goo Mar 2023

Intel Total Memory Encryption: Functional Verification And Performance Analysis, Tallas Tian Sheng Goo

Theses and Dissertations

While more attention is generally focused on software security, computer hardware security remains an important effort. Should an attacker gain direct physical access, computers with little to no hardware security can quickly be compromised via a manner of methods. One such attacker method is to steal information directly from the active memory of a locked, powered-on computer. To counter this attack, a hardware security method was developed called memory encryption. Memory encryption, as the name suggests, protects against adversary methods like cold boot attacks by encrypting all of memory. This research evaluates the efficacy and performance specifically of Intel TME. …

Go to article

Characterizing Location-Based Electromagnetic Leakage Of Computing Devices Using Convolutional Neural Networks To Increase The Effectiveness Of Side-Channel Analysis Attacks, Ian C. Heffron Mar 2023

Characterizing Location-Based Electromagnetic Leakage Of Computing Devices Using Convolutional Neural Networks To Increase The Effectiveness Of Side-Channel Analysis Attacks, Ian C. Heffron

Theses and Dissertations

SCA attacks aim to recover some sort of secret information, often in the form of a cipher key, from a target device. Some of these attacks focus on either power-based leakage, or EM-based leakage. Neural networks have recently gained in popularity as tools in SCA attacks. Near-field EM probes with high-spatial resolution enable attackers to isolate physical locations above a processor. This enables attackers to exploit the spatial dependencies of algorithms running on said processor. These spatial dependencies result in different physical locations above a chip emanating different signal strengths. The strengths of different locations can be mapped using the …

Go to article

Air Force Digital Badges, Jacob Chan Mar 2023

Air Force Digital Badges, Jacob Chan

Theses and Dissertations

The Air Force talent management and force development systems are antiquated. Airmen records are often stored on different Air Force information systems. Existing records sometimes lack granularity and context to recognize Airmen skills. Digital badges are a newer technology utilized by academia and industry to recognize member skills. However, military badging research is sparse and existing studies do not provide sufficient evidence on the value of digital badging to the Air Force. The studies: (1) lack background research on badging; (2) do not provide quantitative data on the effects of badging; and (3) issued badges through commercial entities which may …

Go to article

Material Extrusion-Based Additive Manufacturing: G-Code And Firmware Attacks And Defense Frameworks, Haris Rais Jan 2023

Material Extrusion-Based Additive Manufacturing: G-Code And Firmware Attacks And Defense Frameworks, Haris Rais

Theses and Dissertations

Additive Manufacturing (AM) refers to a group of manufacturing processes that create physical objects by sequentially depositing thin layers. AM enables highly customized production with minimal material wastage, rapid and inexpensive prototyping, and the production of complex assemblies as single parts in smaller production facilities. These features make AM an essential component of Industry 4.0 or Smart Manufacturing. It is now used to print functional components for aircraft, rocket engines, automobiles, medical implants, and more. However, the increased popularity of AM also raises concerns about cybersecurity. Researchers have demonstrated strength degradation attacks on printed objects by injecting cavities in the …

Go to article

Formal Verification Applications For The Treekem Continuous Group Key Agreement Protocol, Alexander J. Washburn Jul 2022

Formal Verification Applications For The Treekem Continuous Group Key Agreement Protocol, Alexander J. Washburn

Theses and Dissertations

The features of Secure Group Messaging, the security guarantees of Message Layer Security, and the TreeKEM protocol designed to satisfy these guarantees and features are explored. A motivation and methodology for verification via explicit model checking is presented. Subsequently, a translation of the TreeKEM protocol into a Promela reference model is described, examining the nuances explicit model checking brings. Finally the results of the formal verification methods are discussed.

Go to article

Asynchronous Messaging In A P2p System: Defending Against A Storage Exhaustion Attack On Kademlia Dht, Maxim Biro Jul 2022

Asynchronous Messaging In A P2p System: Defending Against A Storage Exhaustion Attack On Kademlia Dht, Maxim Biro

Theses and Dissertations

An instant messaging service designed using a peer to peer distributed network architecture has many appealing properties it gets for free: high scalability, cheap operational cost and no reliance on a third party to provide the service. However, the nature of the distributed network architecture makes implementing some of the instant messaging features rather challenging, asynchronous messaging being one of them. The asynchronous messaging requires that peers store arbitrary data on behalf of other peers for prolonged periods of time, often measured in days, which, if not kept in check, can be easily abused by malicious actors by spamming the …

Go to article

Dds-Cerberus: Improving Security In Dds Middleware Using Kerberos Tickets, Andrew T. Park Mar 2022

Dds-Cerberus: Improving Security In Dds Middleware Using Kerberos Tickets, Andrew T. Park

Theses and Dissertations

The military deploys many IoT in battlefield operations to provide information on terrain and enemy combatants. It also deploys automated robots or UAVs where securing and trusting collected data is essential. Choosing the middleware that handles this message transfer is crucial for real-time operations. Networks with multiple entities, including IoT devices, UAVs, and small computers, require robust middleware facilitating message sending in real-time. Ideally, the middleware would provide QoS to handle lost packets and retransmissions in lossy environments, especially between low-power machines. DDS is a middleware that implements real-time and QoS capabilities by sending messages, not based on endpoints but …

Go to article

Evaluating Secure Enclave Firmware Development For Contemporary Risc-V Workstations, Samuel D. Chadwick Mar 2022

Evaluating Secure Enclave Firmware Development For Contemporary Risc-V Workstations, Samuel D. Chadwick

Theses and Dissertations

The emergence of the open-source RISC-V ISA empowers developers and engineers, device manufactures, industry leaders, nation-states, adversaries and allies alike with the unique opportunity to re-evaluate existing Trusted Computing paradigms. Emerging open-source security mechanisms facilitate the proliferation of Confidential Computing principles. These technology standards aim to provide secure enclave computing as a fundamental computing attribute, inherent within the RISC-V ISA specification. Security enforcement within these enclaves are handled by performing computation in memory-isolated, hardware-based, software-defined TEEs. This research evaluates the firmware development procedures required to implement Keystone Enclave on new unsupported hardware. Expressly, this effort extends Keystone SM firmware components …

Go to article

Securing Infiniband Networks With End-Point Encryption, Noah B. Diamond Mar 2022

Securing Infiniband Networks With End-Point Encryption, Noah B. Diamond

Theses and Dissertations

The NVIDIA-Mellanox Bluefield-2 is a 100 Gbps high-performance network interface which offers hardware offload and acceleration features that can operate directly on network traffic without routine involvement from the ARM CPU. This allows the ARM multi-core CPU to orchestrate the hardware to perform operations on both Ethernet and RDMA traffic at high rates rather than processing all the traffic directly. A testbed called TNAP was created for performance testing and a MiTM verification process called MiTMVMP is used to ensure proper network configuration. The hardware accelerators of the Bluefield-2 support a throughput of nearly 86 Gbps when using IPsec to …

Go to article

Malware Detection Using Electromagnetic Side-Channel Analysis, Matthew A. Bergstedt Mar 2022

Malware Detection Using Electromagnetic Side-Channel Analysis, Matthew A. Bergstedt

Theses and Dissertations

Many physical systems control or monitor important applications without the capacity to monitor for malware using on-device resources. Thus, it becomes valuable to explore malware detection methods for these systems utilizing external or off-device resources. This research investigates the viability of employing EM SCA to determine whether a performed operation is normal or malicious. A Raspberry Pi 3 was set up as a simulated motor controller with code paths for a normal or malicious operation. While the normal path only calculated the motor speed before updating the motor, the malicious path added a line of code to modify the calculated …

Go to article

An Assessment Of Image-Cloaking Techniques Against Automated Face Recognition For Biometric Privacy, Brandon Scott Ledford Dec 2021

An Assessment Of Image-Cloaking Techniques Against Automated Face Recognition For Biometric Privacy, Brandon Scott Ledford

Theses and Dissertations

Over the past two decades, Americans have aggressively increased the amount of facial data uploaded to the internet primarily via social media. This data is largely unprotected due to the dire lack of existing regulations protecting users from large scale face recognition in the United States, where the value of data trade is in the tens of billions. In its current state, facial privacy in the United States depends on American corporations opting not to collect the public data, an option rarely chosen. Much research has been done in the area of suppressing recognition abilities, giving users the ability to …

Go to article

Determining Physical Characteristics Through Information Leakage In 802.11ac Beamforming, Albert D. Taglieri Sep 2021

Determining Physical Characteristics Through Information Leakage In 802.11ac Beamforming, Albert D. Taglieri

Theses and Dissertations

The risk of information leakage in 802.11ac allows an eavesdropper to monitor wireless traffic and correlate physical locations between devices, as well as environment changes such as the motion of a person. Previous pattern-analysis mitigation methods, which used nonexistent devices to fool an eavesdropper, are not effective in an 802.11ac network, because devices on the network can be correlated to their physical location, which a nonexistent device does not have. Further, additional information about motion in the target environment can be observed and analyzed, providing a new potential for pattern analysis and sensing. 802.11ac makes it possible to plug in …

Go to article

Enterprise Resource Allocation For Intruder Detection And Interception, Adam B. Haywood Sep 2021

Enterprise Resource Allocation For Intruder Detection And Interception, Adam B. Haywood

Theses and Dissertations

This research considers the problem of an intruder attempting to traverse a defender's territory in which the defender locates and employs disparate sets of resources to lower the probability of a successful intrusion. The research is conducted in the form of three related research components. The first component examines the problem in which the defender subdivides their territory into spatial stages and knows the plan of intrusion. Alternative resource-probability modeling techniques as well as variable bounding techniques are examined to improve the convergence of global solvers for this nonlinear, nonconvex optimization problem. The second component studies a similar problem but …

Go to article

Measuring The Relationship Of Gender Misclassification And Automated Face Recognition Match Accuracy Relative To Skin Tone, Afi Edem-Edi Gbekevi Jul 2021

Measuring The Relationship Of Gender Misclassification And Automated Face Recognition Match Accuracy Relative To Skin Tone, Afi Edem-Edi Gbekevi

Theses and Dissertations

The gap of accuracy observed in some commercial face analytic systems based on race and gender raised questions about the equity and fairness of those systems. Since these systems are part of several applications today, some more critical than others, it urges designers to detect and mitigate any sources of bias. In this thesis, we begin by clarifying the confusion between face analytic, face recognition, and face processing systems. Then, we analyze gender classification accuracy using two datasets and three classifiers. The Pilot Parliaments Benchmark dataset is examined with an open-source algorithm to corroborate the gender shade. Secondly, the Morph …

Go to article

Remote Monitoring Of Memory Data Structures For Malware Detection In A Talos Ii Architecture, Robert A. Willburn Mar 2021

Remote Monitoring Of Memory Data Structures For Malware Detection In A Talos Ii Architecture, Robert A. Willburn

Theses and Dissertations

New forms of malware, namely xC;leless malware and rootkits, pose a threat to traditional anti-malware. In particular, Rootkits have the capacity to obscure the present state of memory from the user space of a target machine. If thishappens, anti-malware running in the user space of an axB;ected machine cannot be trusted to operate properly. To combat this threat, this research proposes the remote monitoring of memory from a second, secure processor runningOpenBMC, serving as a baseboard management controller for a POWER9 processor, which is assumed vulnerable to exploitation. The baseboard management controller includes an application called pdbg, used for debugging …

Go to article

Infiniband Network Monitoring: Challenges And Possibilities, Kyle D. Hintze Mar 2021

Infiniband Network Monitoring: Challenges And Possibilities, Kyle D. Hintze

Theses and Dissertations

Within the realm of High Performance Computing, the InfiniBand Architecture is among the leading interconnects used today. Capable of providing high bandwidth and low latency, InfiniBand is finding applications outside the High Performance Computing domain. One of these is critical infrastructure, encompassing almost all essential sectors as the work force becomes more connected. InfiniBand is not immune to security risks, as prior research has shown that common traffic analyzing tools cannot effectively monitor InfiniBand traffic transmitted between hosts, due to the kernel bypass nature of the IBA in conjunction with Remote Direct Memory Access operations. If Remote Direct Memory Access …

Go to article

Moving Target Network Steganography, Tapan Soni Nov 2020

Moving Target Network Steganography, Tapan Soni

Theses and Dissertations

A branch of information hiding that has gained traction in recent years is network steganography. Network steganography uses network protocols are carriers to hide and transmit data. Storage channel network steganography manipulates values in protocol header and data fields and stores covert data inside them. The timing channel modulates the timing of events in the protocol to transfer covert information. Many current storage channel network steganography methods have low bandwidths and they hide covert data directly into the protocol which allows discoverers of the channel to read the confidential information. A new type of storage channel network steganography method is …

Go to article

A Web-Based User-Interface For Internet Of Things Device Management, Leena Mansour Alghamdi Jul 2020

A Web-Based User-Interface For Internet Of Things Device Management, Leena Mansour Alghamdi

Theses and Dissertations

With the growing advances in the Internet of Things (IoT) technology, which combines various devices with distinct functions, capabilities, and communication protocols, it is essential to provide a platform that enables IoT users to interact with their IoT devices directly and be able to manage them effortlessly via that platform from various locations at any time in order to protect their privacy when using IoT devices. In this study, we are aiming to provide a web-based user interface that can address that challenges and provide real-time data control; hence, we have created a user interface prototype, which can demonstrate the …

Go to article

A Blockchain Approach For Negotiating Trust In Iot, Skailer Knezevic May 2020

A Blockchain Approach For Negotiating Trust In Iot, Skailer Knezevic

Theses and Dissertations

“The internet is no longer a web that we connect to. Instead, its a computerized, networked, and interconnected world that we live in. This is the future, and what were calling the Internet of Things.”- Bruce Schneier, 2019 The Internet of Things is becoming a big part of our lives. Every year there are more devices with the capability to connect on the internet and communicate with each other. Today there are over 400 million IoT devices in the world, and this number is predicted to grow to 1.5 billion devices by 2022 [14]. It is becoming more difficult to …

Go to article

Near Real-Time Zigbee Device Discrimination Using Cb-Dna Features, Yousuke Z. Matsui Mar 2020

Near Real-Time Zigbee Device Discrimination Using Cb-Dna Features, Yousuke Z. Matsui

Theses and Dissertations

Currently, Low-Rate Wireless Personal Area Networks (LR-WPAN) based on the Institute of Electrical and Electronics Engineers (IEEE) 802.15.4 standard are at risk due to open-source tools which allow bad actors to exploit unauthorized network access through various cyberattacks by falsifying bit-level credentials. This research investigates implementing a Radio Frequency (RF) air monitor to perform Near RealTime (NRT) discrimination of Zigbee devices using the IEEE 802.15.4 standard. The air monitor employed a Multiple Discriminant Analysis/Euclidean Distance classifier to discriminate Zigbee devices based upon Constellation-Based Distinct Native Attribute (CB-DNA) fingerprints. Through the use of CB-DNA fingerprints, Physical Layer (PHY) characteristics unique to …

Go to article

Honeyhive - A Network Intrusion Detection System Framework Utilizing Distributed Internet Of Things Honeypot Sensors, Zachary D. Madison Mar 2020

Honeyhive - A Network Intrusion Detection System Framework Utilizing Distributed Internet Of Things Honeypot Sensors, Zachary D. Madison

Theses and Dissertations

Exploding over the past decade, the number of Internet of Things (IoT) devices connected to the Internet jumped from 3.8 billion in 2015 to 17.8 billion in 2018. Because so many IoT devices remain upatched, unmonitored, and left on, they have become a tantalizing target for attackers to gain network access or add another device to their botnet. HoneyHive is a framework that uses distributed IoT honeypots as Network Intrusion Detection Systems (NIDS) sensors that beacon back to a centralized Command and Control (C2) server. The tests in this experiment involve four types of scans and four levels of active …

Go to article

Developing A Serious Game To Explore Joint All Domain Command And Control, Nathaniel W. Flack Mar 2020

Developing A Serious Game To Explore Joint All Domain Command And Control, Nathaniel W. Flack

Theses and Dissertations

Changes in the geopolitical landscape and increasing technological complexity have prompted the U.S. Military to coin Multi-Domain Operations (MDO) and Joint All-Domain Command and Control as terms to describe an over-arching strategy that frames the complexity of warfare across both traditional and emerging warfighting domains. Teaching new and advanced concepts associated with these terms requires both innovation as well as distinct education and training tools in order to realize the cultural change advocated by senior military leaders. BSN, a Collectible Card Game, was developed to teach concepts integral to MDO and initiate discussion on military strategy.

Go to article

Interoperable Ads-B Confidentiality, Brandon C. Burfeind Mar 2020

Interoperable Ads-B Confidentiality, Brandon C. Burfeind

Theses and Dissertations

The worldwide air traffic infrastructure is in the late stages of transition from legacy transponder systems to Automatic Dependent Surveillance - Broadcast (ADS-B) based systems. ADS-B relies on position information from GNSS and requires aircraft to transmit their identification, state, and position. ADS-B promises the availability of high-fidelity air traffic information; however, position and identification data are not secured via authentication or encryption. This lack of security for ADS-B allows non-participants to observe and collect data on both government and private flight activity. This is a proposal for a lightweight, interoperable ADS-B confidentiality protocol which uses existing format preserving encryption …

Go to article

Cyber Risk Assessment And Scoring Model For Small Unmanned Aerial Vehicles, Dillon M. Pettit Mar 2020

Cyber Risk Assessment And Scoring Model For Small Unmanned Aerial Vehicles, Dillon M. Pettit

Theses and Dissertations

The commercial-off-the-shelf small Unmanned Aerial Vehicle (UAV) market is expanding rapidly in response to interest from hobbyists, commercial businesses, and military operators. The core commercial mission set directly relates to many current military requirements and strategies, with a priority on short range, low cost, real time aerial imaging, and limited modular payloads. These small vehicles present small radar cross sections, low heat signatures, and carry a variety of sensors and payloads. As with many new technologies, security seems secondary to the goal of reaching the market as soon as innovation is viable. Research indicates a growth in exploits and vulnerabilities …

Go to article

Next Last