OS and Networks Commons^™

An In-Network Approach For Pmu Missing Data Recovery With Data Plane Programmability, Jack Norris

Computer Science and Computer Engineering Undergraduate Honors Theses

Phasor measurement unit (PMU) systems often experience unavoidable missing and erroneous measurements, which undermine power system observability and operational effectiveness. Traditional solutions for recovering missing PMU data employ a centralized approach at the control center, resulting in lengthy recovery times due to data transmission and aggregation. In this work, we leverage P4-based programmable networks to expedite missing data recovery. Our approach utilizes the data plane programmability offered by P4 to present an in-network solution for PMU data recovery. We establish a data-plane pipeline on P4 switches, featuring a customized PMU protocol parser, a missing data detection module, and an auto-regressive …

Side Channel Detection Of Pc Rootkits Using Nonlinear Phase Space, Rebecca Clark

Undergraduate Honors Theses

Cyberattacks are increasing in size and scope yearly, and the most effective and common means of attack is through malicious software executed on target devices of interest. Malware threats vary widely in terms of behavior and impact and, thus, effective methods of detection are constantly being sought from the academic research community to offset both volume and complexity. Rootkits are malware that represent a highly feared threat because they can change operating system integrity and alter otherwise normally functioning software. Although normal methods of detection that are based on signatures of known malware code are the standard line of defense, …

A Design Science Approach To Investigating Decentralized Identity Technology, Janelle Krupicka

Cybersecurity Undergraduate Research Showcase

The internet needs secure forms of identity authentication to function properly, but identity authentication is not a core part of the internet’s architecture. Instead, approaches to identity verification vary, often using centralized stores of identity information that are targets of cyber attacks. Decentralized identity is a secure way to manage identity online that puts users’ identities in their own hands and that has the potential to become a core part of cybersecurity. However, decentralized identity technology is new and continually evolving, which makes implementing this technology in an organizational setting challenging. This paper suggests that, in the future, decentralized identity …

Sigmadiff: Semantics-Aware Deep Graph Matching For Pseudocode Diffing, Lian Gao, Yu Qu, Sheng Yu, Yue Duan, Heng Yin

Research Collection School Of Computing and Information Systems

Pseudocode diffing precisely locates similar parts and captures differences between the decompiled pseudocode of two given binaries. It is particularly useful in many security scenarios such as code plagiarism detection, lineage analysis, patch, vulnerability analysis, etc. However, existing pseudocode diffing and binary diffing tools suffer from low accuracy and poor scalability, since they either rely on manually-designed heuristics (e.g., Diaphora) or heavy computations like matrix factorization (e.g., DeepBinDiff). To address the limitations, in this paper, we propose a semantics-aware, deep neural network-based model called SIGMADIFF. SIGMADIFF first constructs IR (Intermediate Representation) level interprocedural program dependency graphs (IPDGs). Then it uses …

Age Of Sensing Empowered Holographic Isac Framework For Nextg Wireless Networks: A Vae And Drl Approach, Apurba Adhikary, Avi Deb Raha, Yu Qiao, Md. Shirajum Munir, Monishanker Halder, Choong Seon Hong

School of Cybersecurity Faculty Publications

This paper proposes an artificial intelligence (AI) framework that leverages integrated sensing and communication (ISAC), aided by the age of sensing (AoS) to ensure the timely location updates of the users for a holographic MIMO (HMIMO)- enabled wireless network. The AI-driven framework guarantees optimal power allocation for efficient beamforming by activating the minimal number of grids from the HMIMO base station. An optimization problem is formulated to maximize the sensing utility function, aiming to maximize the signal-to-interference-plus-noise ratio (SINR) of the received signal, beam-pattern gains to improve the sensing SINR of reflected echo signals and maximizing the evidence lower bound …

Potential Security Vulnerabilities In Raspberry Pi Devices With Mitigation Strategies, Briana Tolleson

Cybersecurity Undergraduate Research Showcase

For this research project I used a Raspberry Pi device and conducted online research to investigate potential security vulnerabilities along with mitigation strategies. I configured the Raspberry Pi by using the proper peripherals such as an HDMI cord, a microUSB adapter that provided 5V and at least 700mA of current, a TV monitor, PiSwitch, SD Card, keyboard, and mouse. I installed the Rasbian operating system (OS). The process to install the Rasbian took about 10 minutes to boot starting at 21:08 on 10/27/2023 and ending at 21:18. 1,513 megabytes (MB) was written to the SD card running at (2.5 MB/sec). …

The Propagation And Execution Of Malware In Images, Piper Hall

Cybersecurity Undergraduate Research Showcase

Malware has become increasingly prolific and severe in its consequences as information systems mature and users become more reliant on computing in their daily lives. As cybercrime becomes more complex in its strategies, an often-overlooked manner of propagation is through images. In recent years, several high-profile vulnerabilities in image libraries have opened the door for threat actors to steal money and information from unsuspecting users. This paper will explore the mechanisms by which these exploits function and how they can be avoided.

Future Trends And Directions For Secure Infrastructure Architecture In The Education Sector: A Systematic Review Of Recent Evidence, Isaac Atta Senior Ampofo, Isaac Atta Junior Ampofo

Journal of Research Initiatives

The most efficient approach to giving large numbers of students’ access to computational resources is through a data center. A contemporary method for building the data center's computer infrastructure is the software-defined model, which enables user tasks to be processed in a reasonable amount of time and at a reasonable cost. The researcher examines potential directions and trends for a secured infrastructure design in this article. Additionally, interoperable, highly reusable modules that can include the newest trends in the education industry are made possible by cloud-based educational software. The Reference Architecture for University Education System Using AWS Services is presented …

A Multimodal Immune System Inspired Defense Architecture For Detecting And Deterring Digital Pathogens In Container Hosted Web Services, Islam Khalil

Theses and Dissertations

With the increased use of web technologies, microservices, and Application Programming Interface (API) for integration between systems, and with the development of containerization of services on operating system level as a method of isolating system execution and for easing the deployment and scaling of systems, there is a growing need as well as opportunities for providing platforms that improve the security of such services. In our work, we propose an architecture for a containerization platform that utilizes various concepts derived from the human immune system. The goal of the proposed containerization platform is to introduce the concept of slowing down …

Linux Malware Obfuscation, Brian Roden

Computer Science and Computer Engineering Undergraduate Honors Theses

Many forms of malicious software use techniques and tools that make it harder for their functionality to be parsed, both by antivirus software and reverse-engineering methods. Historically, the vast majority of malware has been written for the Windows operating system due to its large user base. As such, most efforts made for malware detection and analysis have been performed on that platform. However, in recent years, we have seen an increase in malware targeting servers running Linux and other Unix-like operating systems resulting in more emphasis of malware research on these platforms. In this work, several obfuscation techniques for Linux …

Analysis Of Honeypots In Detecting Tactics, Techniques, And Procedure (Ttp) Changes In Threat Actors Based On Source Ip Address, Carson Reynolds, Andy Green

Symposium of Student Scholars

The financial and national security impacts of cybercrime globally are well documented. According to the 2020 FBI Internet Crime Report, financially motivated threat actors committed 86% of reported breaches, resulting in a total loss of approximately $4.1 billion in the United States alone. In order to combat this, our research seeks to determine if threat actors change their tactics, techniques, and procedures (TTPs) based on the geolocation of their target’s IP address. We will construct a honeypot network distributed across multiple continents to collect attack data from geographically separate locations concurrently to answer this research question. We will configure the …

Self-Learning Algorithms For Intrusion Detection And Prevention Systems (Idps), Juan E. Nunez, Roger W. Tchegui Donfack, Rohit Rohit, Hayley Horn

SMU Data Science Review

Today, there is an increased risk to data privacy and information security due to cyberattacks that compromise data reliability and accessibility. New machine learning models are needed to detect and prevent these cyberattacks. One application of these models is cybersecurity threat detection and prevention systems that can create a baseline of a network's traffic patterns to detect anomalies without needing pre-labeled data; thus, enabling the identification of abnormal network events as threats. This research explored algorithms that can help automate anomaly detection on an enterprise network using Canadian Institute for Cybersecurity data. This study demonstrates that Neural Networks with Bayesian …

Chatgpt As Metamorphosis Designer For The Future Of Artificial Intelligence (Ai): A Conceptual Investigation, Amarjit Kumar Singh (Library Assistant), Dr. Pankaj Mathur (Deputy Librarian)

Library Philosophy and Practice (e-journal)

Abstract

Purpose: The purpose of this research paper is to explore ChatGPT’s potential as an innovative designer tool for the future development of artificial intelligence. Specifically, this conceptual investigation aims to analyze ChatGPT’s capabilities as a tool for designing and developing near about human intelligent systems for futuristic used and developed in the field of Artificial Intelligence (AI). Also with the helps of this paper, researchers are analyzed the strengths and weaknesses of ChatGPT as a tool, and identify possible areas for improvement in its development and implementation. This investigation focused on the various features and functions of ChatGPT that …

Finding Forensic Evidence In The Operating System's Graphical User Interface, Edward X. Wilson Mr.

LSU Master's Theses

A branch of cyber security known as memory forensics focuses on extracting meaningful evidence from system memory. This analysis is often referred to as volatile memory analysis, and is generally performed on memory captures acquired from target systems. Inside of a memory capture is the complete state of a system under investigation, including the contents of currently running as well as previously executed applications. Analysis of this data can reveal a significant amount of activity that occurred on a system since the last reboot. For this research, the Windows operating system is targeted. In particular, the graphical user interface component …

Unmasking Deception In Vanets: A Decentralized Approach To Verifying Truth In Motion, Susan Zehra, Syed R. Rizvi, Steven Olariu

College of Sciences Posters

VANET, which stands for "Vehicular Ad Hoc Network," is a wireless network that allows vehicles to communicate with each other and with infrastructure, such as Roadside Units (RSUs), with the aim of enhancing road safety and improving the overall driving experience through real-time exchange of information and data. VANET has various applications, including traffic management, road safety alerts, and navigation. However, the security of VANET can be compromised if a malicious user alters the content of messages transmitted, which can harm both individual vehicles and the overall trust in VANET technology. Ensuring the correctness of messages is crucial for the …

A Secure And Distributed Architecture For Vehicular Cloud And Protocols For Privacy-Preserving Message Dissemination In Vehicular Ad Hoc Networks, Hassan Mistareehi

Theses and Dissertations--Computer Science

Given the enormous interest in self-driving cars, Vehicular Ad hoc NETworks (VANETs) are likely to be widely deployed in the near future. Cloud computing is also gaining widespread deployment. Marriage between cloud computing and VANETs would help solve many of the needs of drivers, law enforcement agencies, traffic management, etc. The contributions of this dissertation are summarized as follows: A Secure and Distributed Architecture for Vehicular Cloud: Ensuring security and privacy is an important issue in the vehicular cloud; if information exchanged between entities is modified by a malicious vehicle, serious consequences such as traffic congestion and accidents can …

Dial "N" For Nxdomain: The Scale, Origin, And Security Implications Of Dns Queries To Non-Existent Domains, Gunnan Liu, Lin Jin, Shuai Hao, Yubao Zhang, Daiping Liu, Angelos Stavrou, Haining Wang

Computer Science Faculty Publications

Non-Existent Domain (NXDomain) is one type of the Domain Name System (DNS) error responses, indicating that the queried domain name does not exist and cannot be resolved. Unfortunately, little research has focused on understanding why and how NXDomain responses are generated, utilized, and exploited. In this paper, we conduct the first comprehensive and systematic study on NXDomain by investigating its scale, origin, and security implications. Utilizing a large-scale passive DNS database, we identify 146,363,745,785 NXDomains queried by DNS users between 2014 and 2022. Within these 146 billion NXDomains, 91 million of them hold historic WHOIS records, of which 5.3 million …

Defending Ai-Based Automatic Modulation Recognition Models Against Adversarial Attacks, Haolin Tang, Ferhat Ozgur Catak, Murat Kuzlu, Evren Catak, Yanxiao Zhao

Engineering Technology Faculty Publications

Automatic Modulation Recognition (AMR) is one of the critical steps in the signal processing chain of wireless networks, which can significantly improve communication performance. AMR detects the modulation scheme of the received signal without any prior information. Recently, many Artificial Intelligence (AI) based AMR methods have been proposed, inspired by the considerable progress of AI methods in various fields. On the one hand, AI-based AMR methods can outperform traditional methods in terms of accuracy and efficiency. On the other hand, they are susceptible to new types of cyberattacks, such as model poisoning or adversarial attacks. This paper explores the vulnerabilities …

Defense Of A Small Network, Isabella Adkins

Williams Honors College, Honors Research Projects

A sample network will be virtually created consisting of three routers, one switch, and three hosts. The network will be secured using various methods such as enabling passwords and encryption. After the network has been properly secured, various attacks will be attempted with the goal of breaking into the network. These attacks include reconnaissance (gathering information), penetrating the network using the tool Metasploit, and attempting to get a credential phishing email to end users. If successful in the attacks, the network will be revisited and analyzed for any weaknesses or oversights.

Small Business Office Network, Michael Gerome

Williams Honors College, Honors Research Projects

This project will emulate a small office network environment. The project will demonstrate the process of building and configuring the network to meet the requirements laid out in the project plan. This network includes four subnets with Windows 10 end devices and a Kali Linux device, it also includes five Cisco layer 2 switches and three Cisco routers. There are also three subnets connecting the routers to each other to enable routing between the subnets. After the network environment is set up, various penetration tests are performed from the Kali Linux device to gather information. The Nmap reconnaissance tool is …

A Different Way To Penetrate Nba Defenses, Trey Trucksis

Williams Honors College, Honors Research Projects

This project proposal will document the design, configuration, and penetration testing of a network consisting of three routers (labeled as Lakers, Celtics, Cavaliers), one switch (labeled as NBA), and three end devices (labeled as Kali, Windows 10, and Ubuntu) each connected to one of three routers present on the network. Each router will be attached to a different subnet on the network. The network will be secured using encrypted passwords on the router interfaces, OSPF MD5 authentication between the routers, port security on the switch, as well as Access Control Lists to to control the privileges of each subnetwork accordingly. …

Secure Cloud-Based Iot Water Quality Gathering For Analysis And Visualization, Soin Abdoul Kassif Baba M Traore

Symposium of Student Scholars

Water quality refers to measurable water characteristics, including chemical, biological, physical, and radiological characteristics usually relative to human needs. Dumping waste and untreated sewage are the reasons for water pollution and several diseases to the living hood. The quality of water can also have a significant impact on animals and plant ecosystems. Therefore, keeping track of water quality is a substantial national interest. Much research has been done for measuring water quality using sensors to prevent water pollution. In summary, those systems are built based on online and reagent-free water monitoring SCADA systems in wired networks. However, centralized servers, transmission …

Are You Really Muted?: A Privacy Analysis Of Mute Buttons In Video Conferencing Apps, Yucheng Yang, Jack West, George K. Thiruvathukal, Neil Klingensmith, Kassem Fawaz

Computer Science: Faculty Publications and Other Works

In the post-pandemic era, video conferencing apps (VCAs) have converted previously private spaces — bedrooms, living rooms, and kitchens — into semi-public extensions of the office. And for the most part, users have accepted these apps in their personal space, without much thought about the permission models that govern the use of their personal data during meetings. While access to a device’s video camera is carefully controlled, little has been done to ensure the same level of privacy for accessing the microphone. In this work, we ask the question: what happens to the microphone data when a user clicks the …

Enhancing Security Patch Identification By Capturing Structures In Commits, Bozhi Wu, Shangqing Liu, Ruitao Feng, Xiaofei Xie, Jingkai Siow, Shang-Wei Lin

Research Collection School Of Computing and Information Systems

With the rapid increasing number of open source software (OSS), the majority of the software vulnerabilities in the open source components are fixed silently, which leads to the deployed software that integrated them being unable to get a timely update. Hence, it is critical to design a security patch identification system to ensure the security of the utilized software. However, most of the existing works for security patch identification just consider the changed code and the commit message of a commit as a flat sequence of tokens with simple neural networks to learn its semantics, while the structure information is …

Torsh: Obfuscating Consumer Internet-Of-Things Traffic With A Collaborative Smart-Home Router Network, Adam Vandenbussche

Dartmouth College Undergraduate Theses

When consumers install Internet-connected "smart devices" in their homes, metadata arising from the communications between these devices and their cloud-based service providers enables adversaries privy to this traffic to profile users, even when adequate encryption is used. Internet service providers (ISPs) are one potential adversary privy to users’ incom- ing and outgoing Internet traffic and either currently use this insight to assemble and sell consumer advertising profiles or may in the future do so. With existing defenses against such profiling falling short of meeting user preferences and abilities, there is a need for a novel solution that empowers consumers to …

Privacy Assessment Breakthrough: A Design Science Approach To Creating A Unified Methodology, Lisa Mckee

Masters Theses & Doctoral Dissertations

Recent changes have increased the need for and awareness of privacy assessments. Organizations focus primarily on Privacy Impact Assessments (PIA) and Data Protection Impact Assessments (DPIA) but rarely take a comprehensive approach to assessments or integrate the results into a privacy risk program. There are numerous industry standards and regulations for privacy assessments, but the industry lacks a simple unified methodology with steps to perform privacy assessments. The objectives of this research project are to create a new privacy assessment methodology model using the design science methodology, update industry standards and present training for conducting privacy assessments that can be …

A Dark Web Pharma Framework For A More Efficient Investigation Of Dark Web Covid-19 Vaccine Products., Francisca Afua Opoku-Boateng

Masters Theses & Doctoral Dissertations

Globally, as the COVID-19 pandemic persists, it has not just imposed a significant impact on the general well-being of individuals, exposing them to unprecedented financial hardships and online information deception. However, it has also forced consumers, buyers, and suppliers to look toward a darkened economic world – the Dark Web world – a sinister complement to the internet, driven by financial gains, where illegal goods and services are advertised sold. As the Dark Web gains an increase in recognition by normal web users during this pandemic, how to perform cybercrime investigations on the Dark Web becomes challenging for manufacturers, investigators, …

Canary: An Automated Approach To Security Scanning And Remediation, David Wiles

Masters Theses & Specialist Projects

Modern software has a smaller attack surface today than in the past. Memory-safe languages, container runtimes, virtual machines, and a mature web stack all contribute to the relative safety of the web and software in general compared to years ago. Despite this, we still see high-profile bugs, hacks, and outages which affect major companies and widely-used technologies. The extensive work that has gone into hardening virtualization, containerization, and commonly used applications such as Nginx still depends on the end-user to configure correctly to prevent a compromised machine.

In this paper, I introduce a tool, which I call Canary, which can …

A Machine Learning Approach For Reconnaissance Detection To Enhance Network Security, Rachel Bakaletz

Electronic Theses and Dissertations

Before cyber-crime can happen, attackers must research the targeted organization to collect vital information about the target and pave the way for the subsequent attack phases. This cyber-attack phase is called reconnaissance or enumeration. This malicious phase allows attackers to discover information about a target to be leveraged and used in an exploit. Information such as the version of the operating system and installed applications, open ports can be detected using various tools during the reconnaissance phase. By knowing such information cyber attackers can exploit vulnerabilities that are often unique to a specific version.

In this work, we develop an …

Malware And Memory Forensics On M1 Macs, Charles E. Glass

LSU Master's Theses

As malware continues to evolve, infection mechanisms that can only be seen in memory are increasingly commonplace. These techniques evade traditional forensic analysis, requiring the use of memory forensics. Memory forensics allows for the recovery of historical data created by running malware, including information that it tries to hide. Memory analysis capabilities have lagged behind on Apple's new M1 architecture while the number of malicious programs only grows. To make matters worse, Apple has developed Rosetta 2, the translation layer for running x86_64 binaries on an M1 Mac. As a result, all malware compiled for Intel Macs is theoretically functional …