Physical Sciences and Mathematics Commons^™

Simple Implementation Of An Elgamal Digital Signature And A Brute Force Attack On It, Valeriia Laryoshyna

Student Works

This study is an attempt to show a basic mathematical usage of the concepts behind digital signatures and to provide a simple approach and understanding to cracking basic digital signatures. The approach takes on simple C programming of the ElGamal digital signature to identify some limits that can be encountered and provide considerations for making more complex code. Additionally, there is a literature review of the ElGamal digital signature and the brute force attack.

The research component of this project provides a list of possible ways to crack the basic implementations and classifies the different approaches that could be taken …

Breaking Into The Vault: Privacy, Security And Forensic Analysis Of Android Vault Applications, Xiaolu Zhang, Ibrahim Baggili, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

In this work we share the first account for the forensic analysis, security and privacy of Android vault applications. Vaults are designed to be privacy enhancing as they allow users to hide personal data but may also be misused to hide incriminating files. Our work has already helped law enforcement in the state of Connecticut to reconstruct 66 incriminating images and 18 videos in a single criminal case. We present case studies and results from analyzing 18 Android vault applications (accounting for nearly 220 million downloads from the Google Play store) by reverse engineering them and examining the forensic artifacts …

Development And Implementation Of An Optimization Model To Improve Airport Security., Kassandra Guajardo, Angela Waterworth, Robert Brigantic Ph.D.

STAR Program Research Presentations

What if airport security teams across the world could quantify and then minimize the amount of risk throughout areas of an airport? The Operations Research Team at the Pacific Northwest National Laboratory is developing and implementing an optimization model called ARAM (Airport Risk Analysis Model) for the Seattle-Tacoma International Airport. ARAM will provide a recommended optimal deployment of security assets to reduce risk in areas of an airport. The model is based on a risk equation that considers consequences, vulnerabilities, and threat magnitudes at airports. ARAM will also provide the estimated risk buy down percentage, which is how much risk …

On The Security Of Information Dissemination In The Internet-Of-Vehicles, Danda B. Rawat, Moses Garuba, Lei Chen, Qing Yang

Department of Information Technology Faculty Publications

Internet of Vehicles (IoV) is regarded as an emerging paradigm for connected vehicles to exchange their information with other vehicles using vehicle-to-vehicle (V2V) communications by forming a vehicular ad hoc networks (VANETs), with roadside units using vehicle-to-roadside (V2R) communications. IoV offers several benefits such as road safety, traffic efficiency, and infotainment by forwarding up-to-date traffic information about upcoming traffic. For instance, IoV is regarded as a technology that could help reduce the number of deaths caused by road accidents, and reduce fuel costs and travel time on the road. Vehicles could rapidly learn about the road condition and promptly respond …

A Privacy Preserving Framework For Rfid Based Healthcare Systems, Farzana Rahman, Anwarul A. Bhuiyan, Sheikh Iqbal Ahamed

Mathematics, Statistics and Computer Science Faculty Research and Publications

RFID (Radio Frequency IDentification) is anticipated to be a core technology that will be used in many practical applications of our life in near future. It has received considerable attention within the healthcare for almost a decade now. The technology’s promise to efficiently track hospital supplies, medical equipment, medications and patients is an attractive proposition to the healthcare industry. However, the prospect of wide spread use of RFID tags in the healthcare area has also triggered discussions regarding privacy, particularly because RFID data in transit may easily be intercepted and can be send to track its user (owner). In a …

Investigating Security For Ubiquitous Sensor Networks, Alfredo J. Perez, Sherali Zeadally, Nafaa Jabeur

Information Science Faculty Publications

The availability of powerful and sensor-enabled mobile and Internet-connected devices have enabled the advent of the ubiquitous sensor network paradigm which is providing various types of solutions to the community and the individual user in various sectors including environmental monitoring, entertainment, transportation, security, and healthcare. We explore and compare the features of wireless sensor networks and ubiquitous sensor networks and based on the differences between these two types of systems, we classify the security-related challenges of ubiquitous sensor networks. We identify and discuss solutions available to address these challenges. Finally, we briefly discuss open challenges that need to be addressed …

Bystanders' Privacy, Alfredo J. Perez, Sherali Zeadally, Scott Griffith

Computer Science Faculty Publications

The growing adoption of Internet-connected devices has given rise to significant privacy issues not only for users but also for bystanders. The authors explore privacy concerns related to bystanders' privacy and present a taxonomy of the solutions found in the literature to handle this issue. They also explore open issues that must be addressed in the future.

Breathprint: Breathing Acoustics-Based User Authentication, Jagmohan Chauhan, Yining Hu, Suranga Sereviratne, Archan Misra, Aruna Sereviratne, Youngki Lee

Research Collection School Of Computing and Information Systems

We propose BreathPrint, a new behavioural biometric signature based on audio features derived from an individual's commonplace breathing gestures. Specifically, BreathPrint uses the audio signatures associated with the three individual gestures: sniff, normal, and deep breathing, which are sufficiently different across individuals. Using these three breathing gestures, we develop the processing pipeline that identifies users via the microphone sensor on smartphones and wearable devices. In BreathPrint, a user performs breathing gestures while holding the device very close to their nose. Using off-the-shelf hardware, we experimentally evaluate the BreathPrint prototype with 10 users, observed over seven days. We show that users …

Lighttouch: Securely Connecting Wearables To Ambient Displays With User Intent, Xiaohui Liang, Tianlong Yun, Ronald Peterson, David Kotz

Dartmouth Scholarship

Wearables are small and have limited user interfaces, so they often wirelessly interface with a personal smartphone/computer to relay information from the wearable for display or other interactions. In this paper, we envision a new method, LightTouch, by which a wearable can establish a secure connection to an ambient display, such as a television or a computer monitor, while ensuring the user's intention to connect to the display. LightTouch uses standard RF methods (like Bluetooth) for communicating the data to display, securely bootstrapped via the visible-light communication (the brightness channel) from the display to the low-cost, low-power, ambient light sensor …

Anonpri: A Secure Anonymous Private Authentication Protocol For Rfid Systems, Farzana Rahman, Md. Endadul Hoque, Sheikh Iqbal Ahamed

Mathematics, Statistics and Computer Science Faculty Research and Publications

Privacy preservation in RFID systems is a very important issue in modern day world. Privacy activists have been worried about the invasion of user privacy while using various RFID systems and services. Hence, significant efforts have been made to design RFID systems that preserve users' privacy. Majority of the privacy preserving protocols for RFID systems require the reader to search all tags in the system in order to identify a single RFID tag which not efficient for large scale systems. In order to achieve high-speed authentication in large-scale RFID systems, researchers propose tree-based approaches, in which any pair of tags …

Evaluating Ip Surveillance Camera Vulnerabilities, Brian Cusack, Zhuang Tian

Australian Information Security Management Conference

Hacking of IP surveillance camera systems came to public attention in 2016 when the high bandwidth and resources were exploited for a massive DDoS attack that affected one third of all US Internet services. A review of previous studies show that a vast number of IP cameras have been hacked because the default usernames and passwords have not been changed from the factory defaults. In this research we asked, What are the vulnerabilities of an IP surveillance camera? The purpose of the study was to provide identification of vulnerabilities and guidance for the protection of surveillance camera systems. The research …

Neurosecurity For Brainware Devices, Brian Cusack, Kaushik Sundararajan, Reza Khaleghparast

Australian Information Security Management Conference

Brainware has a long history of development down into the present day where very simple and usable devices are available to train for the control of games and services. One of the big areas of application has been in the health sciences to provide compensatory control to humans who may lack the usual capabilities. Our concern has been the protection of information in brainware so that a human intention may have confidentiality, integrity, and accessibility to the required implementation mechanisms for services. The research question was: What are the consequences of security failure in brainware? Our research tested a brainware …

The Proceedings Of 15th Australian Information Security Management Conference, 5-6 December, 2017, Edith Cowan University, Perth, Australia, Craig Valli (Ed.)

Australian Information Security Management Conference

Conference Foreword

The annual Security Congress, run by the Security Research Institute at Edith Cowan University, includes the Australian Information Security and Management Conference. Now in its fifteenth year, the conference remains popular for its diverse content and mixture of technical research and discussion papers. The area of information security and management continues to be varied, as is reflected by the wide variety of subject matter covered by the papers this year. The papers cover topics from vulnerabilities in “Internet of Things” protocols through to improvements in biometric identification algorithms and surveillance camera weaknesses. The conference has drawn interest and …

Cyber Security Incidents On Critical Infrastructure And Industrial Networks, Robert Ighodaro Ogie

SMART Infrastructure Facility - Papers

National critical infrastructure and industrial processes are heavily reliant on automation, monitoring and control technologies, including the widely used Supervisory Control and Data Acquisition (SCADA) systems. The growing interconnection of these systems with corporate networks exposes them to cyber attacks, with several security incidents reported over the last few decades. This study provides a classification scheme for categorising security incidents related to critical infrastructure and industrial control systems. The classification scheme is applied to analyse 242 security incidents on critical infrastructure and industrial control networks, which were reported between 1982 and 2014. The results show interesting patterns, with key points …