Physical Sciences and Mathematics Commons^™

A Conceptual Decentralized Identity Solution For State Government, Martin Duclos

Theses and Dissertations

In recent years, state governments, exemplified by Mississippi, have significantly expanded their online service offerings to reduce costs and improve efficiency. However, this shift has led to challenges in managing digital identities effectively, with multiple fragmented solutions in use. This paper proposes a Self-Sovereign Identity (SSI) framework based on distributed ledger technology. SSI grants individuals control over their digital identities, enhancing privacy and security without relying on a centralized authority. The contributions of this research include increased efficiency, improved privacy and security, enhanced user satisfaction, and reduced costs in state government digital identity management. The paper provides background on digital …

Quantifying And Enhancing The Security Of Federated Learning, Virat Vishnu Shejwalkar

Doctoral Dissertations

Federated learning is an emerging distributed learning paradigm that allows multiple users to collaboratively train a joint machine learning model without having to share their private data with any third party. Due to many of its attractive properties, federated learning has received significant attention from academia as well as industry and now powers major applications, e.g., Google's Gboard and Assistant, Apple's Siri, Owkin's health diagnostics, etc. However, federated learning is yet to see widespread adoption due to a number of challenges. One such challenge is its susceptibility to poisoning by malicious users who aim to manipulate the joint machine learning …

Intrusion Detection: Machine Learning Techniques For Software Defined Networks, Jacob S. Rodriguez

Masters Theses

In recent years, software defined networking (SDN) has gained popularity as a novel approach towards network management and architecture. Compared to traditional network architectures, this software-based approach offers greater flexibility, programmability, and automation. However, despite the advantages of this system, there still remains the possibility that it could be compromised. As we continue to explore new approaches to network management, we must also develop new ways of protecting those systems from threats. Throughout this paper, I will describe and test a network intrusion detection system (NIDS), and how it can be implemented within a software defined network. This system will …

Phishing, Irda Voli

Mathematics and Computer Science Capstones

Phishing is a cybercrime that involves a hacker identifying as a real person or institution that targets people over text message, phone calls, and emails. The hacker tries to scam the target into giving up personal information. People are targeted through text messages, phone calls, and emails. More recently in 2020 when covid became a major issue, phishing started becoming more and more popular for ways to scam. The messages became more specific, and job sites became more believable. According to article “Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies”, David Warburton says:

COVID-19 continues to significantly …

Secure And Efficient Federated Learning, Xingyu Li

Theses and Dissertations

In the past 10 years, the growth of machine learning technology has been significant, largely due to the availability of large datasets for training. However, gathering a sufficient amount of data on a central server can be challenging. Additionally, with the rise of mobile networking and the large amounts of data generated by IoT devices, privacy and security issues have become a concern, resulting in government regulations such as GDPR, HIPAA, CCPA, and ADPPA. Under these circumstances, traditional centralized machine learning methods face a problem in that sensitive data must be kept locally for privacy reasons, making it difficult to …

Performance Analysis Of Zero Trust In Cloud Native Systems, Simone Rodigari

Theses

Critical applications demand strong security implementations, low latency and high availability at constant rates, however, the performance of a software system is affected by the implementation of security. This research measures the performance overhead and possible mitigation in cloud native systems secured with a service mesh, which allows enabling security policies for the authentication, authorization and encryption of traffic within distributed systems. The side-car proxy is a core component of this architecture, acting as a policy enforcement point and intercepting networking communication from/to applications part of the mesh, consequently affecting the performance of applications hosted in the cloud. Physical resources …

Mitigation Of Cache Attacks On Cloud Services, Mudassiruddin Mohammed

All Student Theses

Cloud computing is frequently used due to its low cost and flexibility, but it also raises security issues to cloud service providers and customers. Cache attacks are a critical security risk in cloud computing. Cache attacks use weaknesses in cloud servers' cache memory to steal sensitive information, interrupt services, and decrease cloud performance. This study examines the many forms of cache attacks, their possible effects, and known mitigation measures. The study approach includes a review of current methods and their effectiveness in combating cache attack. The report also suggests future research topics for developing more effective and economical methods for …

Unlocking User Identity: A Study On Mouse Dynamics In Dual Gaming Environments For Continuous Authentication, Marcho Setiawan Handoko

All Graduate Theses, Dissertations, and Other Capstone Projects

With the surge in information management technology reliance and the looming presence of cyber threats, user authentication has become paramount in computer security. Traditional static or one-time authentication has its limitations, prompting the emergence of continuous authentication as a frontline approach for enhanced security. Continuous authentication taps into behavior-based metrics for ongoing user identity validation, predominantly utilizing machine learning techniques to continually model user behaviors. This study elucidates the potential of mouse movement dynamics as a key metric for continuous authentication. By examining mouse movement patterns across two contrasting gaming scenarios - the high-intensity "Team Fortress" and the low-intensity strategic …

Insecure Deserialization Detection In Python, Aneesh Verma

Master's Projects

The importance of Cyber Security is increasing every single day. From the emergence of new ransomware to major data breaches, the online world is getting dangerous. A multinational non- profit group devoted to online application security is called OWASP, or the Open Web Application Security Project. The OWASP Top 10 is a frequently updated report that highlights the ten most important vulnerabilities to web application security. Among these 10 vulnerabilities, there exists a vulnerability called Software and Data Integrity Failures. A subset of this vulnerability is Insecure Deserialization. An object is transformed into a stream of bytes through the serialization …