Engineering Commons^™

Vulnerability Analysis And Security Framework For Zigbee Communication In Iot, Charbel Azzi

UNLV Theses, Dissertations, Professional Papers, and Capstones

Securing IoT (Internet of Things) systems in general, regardless of the communication technology used, has been the concern of many researchers and private companies. As for ZigBee security concerns, much research and many experiments have been conducted to better predict the nature of potential security threats. In this research we are addressing several ZigBee vulnerabilities by performing first hand experiments and attack simulations on ZigBee protocol. This will allow us to better understand the security issues surveyed and find ways to mitigate them. Based on the attack simulations performed and the survey conducted, we have developed a ZigBee IoT framework …

Context-Sensitive Auto-Sanitization For Php, Jared M. Smith, Richard J. Connor, David P. Cunningham, Kyle G. Bashour, Walter T. Work

Chancellor’s Honors Program Projects

No abstract provided.

Protecting Controllers Against Denial-Of-Service Attacks In Software-Defined Networks, Jingrui Li

Masters Theses

Connection setup in software-defined networks (SDN) requires considerable amounts of processing, communication, and memory resources. Attackers can target SDN controllers defense mechanism based on a proof-of-work protocol. This thesis proposes a new protocol to protect controllers against such attacks, shows implementation of the system and analyze the its performance. The key characteristics of this protocol, namely its one-way operation, its requirement for freshness in proofs of work, its adjustable difficulty, its ability to work withmultiple network providers, and its use of existing TCP/IP header fields, ensure that this approach can be used in practice.

Threshold Voltage Defined Switches And Gates To Prevent Reverse Engineering, Ithihasa Reddy Nirmala

USF Tampa Graduate Theses and Dissertations

¹Semiconductor supply chain is increasingly getting exposed to variety of security attacks such as Trojan insertion, cloning, counterfeiting, reverse engineering (RE), piracy of Intellectual Property (IP) or Integrated Circuit (IC) and side-channel analysis due to involvement of untrusted parties. In this thesis, we use threshold voltage-defined switches to design a logic gate that will camouflage the conventional logic gates both logically and physically to resist RE and IP piracy. The proposed gate can function as NAND, AND, NOR, OR, XOR, and XNOR robustly using threshold defined switches. We also propose a flavor of camouflaged gate that represents reduced functionality …

Improving The Security Of Wireless Sensor Networks, Mauricio Tellez Nava

Masters Theses, 2010-2019

With the rapid technological advancements of sensors, Wireless Sensor Networks (WSNs) have become the main technology for the Internet of Things (IoT). We investigated the security of WSNs in an environmental monitoring system with the goal to improve the overall security. We implemented a Secure Temperature Monitoring System (STMS), which served as our investigational environment. Our results revealed a security flaw found in the bootstrap loader (BSL) password used to protect firmware in the MSP430 MCU chips. We demonstrated how the BSL password could be brute forced in a matter of days. Furthermore, we illustrate how an attacker can reverse …

Ground Vehicle Platooning Control And Sensing In An Adversarial Environment, Samuel A. Mitchell

All Graduate Theses and Dissertations, Spring 1920 to Summer 2023

In the past few years, automated cars have ceased to be part of science fiction, and have instead become a technology that has been implemented, with partially automated systems currently available to customers.

One benefit of automated vehicle technology is the consistent driving patterns due to automation, instead of the inconsistency of distractible humans. Passengers of automated vehicles will be exposed to much less danger than the passengers of human-driven vehicles.

These statements will only be true as automated vehicle systems are scrutinized by experts to find flaws in the system. Security enthusiasts have already hijacked control of an automated …

Enterprise Network Design And Implementation For Airports, Ashraf H. Ali

Information Technology Master Theses

The aim of this project was airports network design and implementation and the introduction of a suitable network for most airports around the world. The following project focused on three main parts: security, quality, and safety. The project has been provided with different utilities to introduce a network with a high security level for the airport. These utilities are hardware firewalls, an IP access control list, Mac address port security, a domain server and s proxy server. All of these utilities have been configured to provide a secure environment for the entire network and to prevent hackers from entering sensitive …

Product Authentication Using Hash Chains And Printed Qr Codes, Harshith R. Keni

Electronic Theses and Dissertations

This thesis explores the usage of simple printed tags for authenticating products. Printed tags are a cheap alternative to RFID and other tag based systems and do not require specialized equipment. Due to the simplistic nature of such printed codes, many security issues like tag impersonation, server impersonation, reader impersonation, replay attacks and denial of service present in RFID based solutions need to be handled differently. An algorithm that utilizes hash chains to secure such simple tags while still keeping cost low is discussed. The security characteristics of this scheme as well as other product authentication schemes that use RFID …

Determining Unique Agents By Evaluating Web Form Interaction, Ben Cooley

Electronic Theses and Dissertations

Because of the inherent risks in today’s online activities, it becomes imperative to identify a malicious user masquerading as someone else. Incorporating biometric analysis enhances the confidence of authenticating valid users over the Internet while providing additional layers of security with no hindrance to the end user. Through the analysis of traffic patterns and HTTP Header analysis, the detection and early refusal of robot agents plays a great role in reducing fraudulent login attempts.