Digital Commons Network^™

Cyber Attack Surface Mapping For Offensive Security Testing, Douglas Everson

All Dissertations

Security testing consists of automated processes, like Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST), as well as manual offensive security testing, like Penetration Testing and Red Teaming. This nonautomated testing is frequently time-constrained and difficult to scale. Previous literature suggests that most research is spent in support of improving fully automated processes or in finding specific vulnerabilities, with little time spent improving the interpretation of the scanned attack surface critical to nonautomated testing. In this work, agglomerative hierarchical clustering is used to compress the Internet-facing hosts of 13 representative companies as collected by the Shodan search …

An Ml Based Digital Forensics Software For Triage Analysis Through Face Recognition, Gaurav Gogia, Parag H. Rughani

Journal of Digital Forensics, Security and Law

Since the past few years, the complexity and heterogeneity of digital crimes has increased exponentially, which has made the digital evidence & digital forensics paramount for both criminal investigation and civil litigation cases. Some of the routine digital forensic analysis tasks are cumbersome and can increase the number of pending cases especially when there is a shortage of domain experts. While the work is not very complex, the sheer scale can be taxing. With the current scenarios and future predictions, crimes are only going to become more complex and the precedent of collecting and examining digital evidence is only going …

A Survey Of Using Machine Learning In Iot Security And The Challenges Faced By Researchers, Khawlah M. Harahsheh, Chung-Hao Chen

Electrical & Computer Engineering Faculty Publications

The Internet of Things (IoT) has become more popular in the last 15 years as it has significantly improved and gained control in multiple fields. We are nowadays surrounded by billions of IoT devices that directly integrate with our lives, some of them are at the center of our homes, and others control sensitive data such as military fields, healthcare, and datacenters, among others. This popularity makes factories and companies compete to produce and develop many types of those devices without caring about how secure they are. On the other hand, IoT is considered a good insecure environment for cyber …

Design Of Robust Blockchain-Envisioned Authenticated Key Management Mechanism For Smart Healthcare Applications, Siddhant Thapiyal, Mohammad Wazid, Devesh Pratap Singh, Ashok Kumar Das, Sachin Shetty

VMASC Publications

The healthcare sector is a very crucial and important sector of any society, and with the evolution of the various deployed technologies, like the Internet of Things (IoT), machine learning and blockchain it has numerous advantages. However, in this section, the data is much more vulnerable than others, because the data is strictly private and confidential, and it requires a highly secured framework for the transmission of data between entities. In this article, we aim to design a blockchain-envisioned authentication and key management mechanism for the IoMT-based smart healthcare applications (in short, we call it SBAKM-HS). We compare the various …

Divide-And-Conquer Distributed Learning: Privacy-Preserving Offloading Of Neural Network Computations, Lewis C.L. Brown

Graduate Theses and Dissertations

Machine learning has become a highly utilized technology to perform decision making on high dimensional data. As dataset sizes have become increasingly large so too have the neural networks to learn the complex patterns hidden within. This expansion has continued to the degree that it may be infeasible to train a model from a singular device due to computational or memory limitations of underlying hardware. Purpose built computing clusters for training large models are commonplace while access to networks of heterogeneous devices is still typically more accessible. In addition, with the rise of 5G networks, computation at the edge becoming …

Privacy-Preserving Cloud-Assisted Data Analytics, Wei Bao

Graduate Theses and Dissertations

Nowadays industries are collecting a massive and exponentially growing amount of data that can be utilized to extract useful insights for improving various aspects of our life. Data analytics (e.g., via the use of machine learning) has been extensively applied to make important decisions in various real world applications. However, it is challenging for resource-limited clients to analyze their data in an efficient way when its scale is large. Additionally, the data resources are increasingly distributed among different owners. Nonetheless, users' data may contain private information that needs to be protected.

Cloud computing has become more and more popular in …

Improving A Wireless Localization System Via Machine Learning Techniques And Security Protocols, Zachary Yorio

Masters Theses, 2020-current

The recent advancements made in Internet of Things (IoT) devices have brought forth new opportunities for technologies and systems to be integrated into our everyday life. In this work, we investigate how edge nodes can effectively utilize 802.11 wireless beacon frames being broadcast from pre-existing access points in a building to achieve room-level localization. We explain the needed hardware and software for this system and demonstrate a proof of concept with experimental data analysis. Improvements to localization accuracy are shown via machine learning by implementing the random forest algorithm. Using this algorithm, historical data can train the model and make …

Transfer Learning For Detecting Unknown Network Attacks, Juan Zhao, Sachin Shetty, Jan Wei Pan, Charles Kamhoua, Kevin Kwiat

VMASC Publications

Network attacks are serious concerns in today’s increasingly interconnected society. Recent studies have applied conventional machine learning to network attack detection by learning the patterns of the network behaviors and training a classification model. These models usually require large labeled datasets; however, the rapid pace and unpredictability of cyber attacks make this labeling impossible in real time. To address these problems, we proposed utilizing transfer learning for detecting new and unseen attacks by transferring the knowledge of the known attacks. In our previous work, we have proposed a transfer learning-enabled framework and approach, called HeTL, which can find the common …

Machine Learning With Personal Data: Is Data Protection Law Smart Enough To Meet The Challenge?, Fred H. Cate, Christopher Kuner, Dan Jerker B. Svantesson, Orla Lynskey, Christopher Millard

Articles by Maurer Faculty

No abstract provided.

Exploring Privacy Leakage From The Resource Usage Patterns Of Mobile Apps, Amin Rois Sinung Nugroho

Graduate Theses and Dissertations

Due to the popularity of smart phones and mobile apps, a potential privacy risk with the usage of mobile apps is that, from the usage information of mobile apps (e.g., how many hours a user plays mobile games in each day), private information about a user’s living habits and personal activities can be inferred. To assess this risk, this thesis answers the following research question: can the type of a mobile app (e.g., email, web browsing, mobile game, music streaming, etc.) used by a user be inferred from the resource (e.g., CPU, memory, network, etc.) usage patterns of the mobile …