Engineering Commons^™

Federated Agentless Detection Of Endpoints Using Behavioral And Characteristic Modeling, Hansaka Angel Dias Edirisinghe Kodituwakku

Doctoral Dissertations

During the past two decades computer networks and security have evolved that, even though we use the same TCP/IP stack, network traffic behaviors and security needs have significantly changed. To secure modern computer networks, complete and accurate data must be gathered in a structured manner pertaining to the network and endpoint behavior. Security operations teams struggle to keep up with the ever-increasing number of devices and network attacks daily. Often the security aspect of networks gets managed reactively instead of providing proactive protection. Data collected at the backbone are becoming inadequate during security incidents. Incident response teams require data that …

Addressing Security And Privacy Issues By Analyzing Vulnerabilities In Iot Applications, Francsico Javier Candelario Burgoa

Open Access Theses & Dissertations

The Internet of Things (IoT) environment has been expanding rapidly for the past few years into several areas of our lives, from factories, to stores and even into our own homes. All these new devices in our homes make our day-to-day lives easier and more comfortable with less effort on our part, converting our simple houses into smart homes. This increase in inter-connectivity brings multiple benefits including the improvement in energy efficiency in our homes, however it also brings with it some potential dangers since more points of connection mean more potential vulnerabilities in our grid. These vulnerabilities bring security …

Analysis Of Deep Learning Methods For Wired Ethernet Physical Layer Security Of Operational Technology, Lucas Torlay

All Theses

The cybersecurity of power systems is jeopardized by the threat of spoofing and man-in-the-middle style attacks due to a lack of physical layer device authentication techniques for operational technology (OT) communication networks. OT networks cannot support the active probing cybersecurity methods that are popular in information technology (IT) networks. Furthermore, both active and passive scanning techniques are susceptible to medium access control (MAC) address spoofing when operating at Layer 2 of the Open Systems Interconnection (OSI) model. This thesis aims to analyze the role of deep learning in passively authenticating Ethernet devices by their communication signals. This method operates at …

Cybert: Cybersecurity Claim Classification By Fine-Tuning The Bert Language Model, Kimia Ameri, Michael Hempel, Hamid Sharif, Juan Lopez Jr., Kalyan Perumalla

Department of Electrical and Computer Engineering: Faculty Publications

We introduce CyBERT, a cybersecurity feature claims classifier based on bidirectional encoder representations from transformers and a key component in our semi-automated cybersecurity vetting for industrial control systems (ICS). To train CyBERT, we created a corpus of labeled sequences from ICS device documentation collected across a wide range of vendors and devices. This corpus provides the foundation for fine-tuning BERT’s language model, including a prediction-guided relabeling process. We propose an approach to obtain optimal hyperparameters, including the learning rate, the number of dense layers, and their configuration, to increase the accuracy of our classifier. Fine-tuning all hyperparameters of the resulting …

Third Party Risk Management And Cyber Supply Chain Risk Management, Jerald Garner

Operations Management Presentations

Today’s business environment continues to be a challenge. Businesses whether small, or large leverage third-party vendors to provide critical services like data handling (security, transmitting, and storage), cloud storage/applications, and systems security monitoring.

Each business must ask themselves a few simple questions about one of their most valuable assets “Data”. If or when it leaves your secure working environment:

• How secure is your customer data in transit and storage?
• Do your third-party vendors handle your “critical information”?
  • Provide a secure environment for processing?
  • Comply with a proven Cyber Security Framework?
  • Perform a “Due Diligence” on-boarding step for the Nth vendors …

Another Brick In The Wall: An Exploratory Analysis Of Digital Forensics Programs In The United States, Syria Mccullough, Stella Abudu, Ebere Onwubuariri, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

We present a comprehensive review of digital forensics programs offered by universities across the United States (U.S.). While numerous studies on digital forensics standards and curriculum exist, few, if any, have examined digital forensics courses offered across the nation. Since digital forensics courses vary from university to university, online course catalogs for academic institutions were evaluated to curate a dataset. Universities were selected based on online searches, similar to those that would be made by prospective students. Ninety-seven (n = 97) degree programs in the U.S. were evaluated. Overall, results showed that advanced technical courses are missing from curricula. We …

Industrial Control System Data Resiliency, Daniel A. Bovard

Boise State University Theses and Dissertations

This thesis identifies and fortifies against a critical vulnerability in industrial control system (ICS) security. A properly designed ICS security framework consists of a multi-layered approach starting with heavy fortifications in information technology and ending with control information of operational technology. Currently, ICS security frameworks lack visibility and place blind trust in devices at the lowest level of the control hierarchy. Attaining control data visibility at the lowest level of the control hierarchy is critical to increasing the resiliency of an ICS security posture. This thesis demonstrates how this data can be captured at the lowest level of the control …

The Cyber Security Evaluation Of A Wireless And Wired Smart Electric Meter, Patrick Nnaji

Theses and Dissertations

In this thesis, an Experimental cyber security evaluation of Wireless Smart Electric Meter has been performed under cyber security attacks. The security integrity of data collection from EPM 6100 Power Quality Wireless Smart Electric Meter under a wireless cyber-attack was evaluated. After which the security integrity of data collection from the same Wireless Smart Electric Meter was evaluated under a different configuration. In this Thesis, we tested three different smart meters for their connectivity under different cybersecurity attacks. We compared the security integrity of the three different smart meters to measure their response under different cybersecurity attacks.

Security Attacks And Defenses In Cyber Systems: From An Ai Perspective, Zhengping Luo

USF Tampa Graduate Theses and Dissertations

Security of real-world cyber systems has drawn a lot of attention in recent years, especially when machine learning techniques are widely deployed into different layers of cyber systems. With the technology of machine learning, especially adversarial machine learning techniques, the attacks and defenses in cyber systems have shown a lot of new characteristics. In this dissertation, two major works regarding the attacks and defenses in real world cyber systems including dynamic spectrum sensing systems and High Performance Computing (HPC) systems and software systems are discussed.

In the first work, we revisit this security vulnerability of cooperative spectrum sensing as an …

Reference Design Of An Online Emulation And Hot-Patching Approach For Power Electronic Controller Validation, Estefano Soria Pearson

Graduate Theses and Dissertations

This thesis aims to develop a reference design of an online security system approach embedded in a power electronic controller for cybersecurity purposes. Cybersecurity in power electronics focuses on reducing vulnerabilities in the system, where most reside in the communication with the hardware devices. Although methods to secure communications lessen the probability and effects of cyber-attacks, discovering vulnerabilities is inevitable. This thesis attempts to provide a fail-safe approach to securing the system by targeting the safety of the power-electronic controller. This approach applies an additional security layer in case of a malicious or accidental controller firmware malfunction.

The online security …

Implications Between Uav And Atm Systems In Commercial Airspace Incorporation, Linda Vee Weiland

Publications

The integration of sUAS in commercial airspace is complicated and faces many challenges to ensure a safe and secure incorporation into the National Airspace System (NAS). This research analyzes the interconnectedness between the air traffic controller and the sUAS through HF implications when sUAS enter the NAS. To mitigate negative consequences in the integration, it examined the human performance of the controllers, the sUAS operators, commercial pilots, and the equipment. This study used a quantitative research approach from both the Software Hardware Environment, Liveware, and Liveware (SHELL), and the Swiss Cheese models (SCM) for analysis of UAS sightings that are …

Quantifying Cyber Risk By Integrating Attack Graph And Impact Graph, Omer F. Keskin

Engineering Management & Systems Engineering Theses & Dissertations

Being a relatively new risk source, models to quantify cyber risks are not well developed; therefore, cyber risk management in most businesses depends on qualitative assessments. With the increase in the economic consequences of cyber incidents, the importance of quantifying cyber risks has increased. Cyber risk quantification is also needed to establish communication among decision-makers of different levels of an enterprise, from technical personnel to top management.

The goal of this research is to build a probabilistic cybersecurity risk analysis model that relates attack propagation with impact propagation through internal dependencies and allows temporal analysis.

The contributions of the developed …

Network Intrusion Detection System Using Deep Learning, Lirim Ashiku, Cihan H. Dagli

Engineering Management and Systems Engineering Faculty Research & Creative Works

The widespread use of interconnectivity and interoperability of computing systems have become an indispensable necessity to enhance our daily activities. Simultaneously, it opens a path to exploitable vulnerabilities that go well beyond human control capability. The vulnerabilities deem cyber-security mechanisms essential to assume communication exchange. Secure communication requires security measures to combat the threats and needs advancements to security measures that counter evolving security threats. This paper proposes the use of deep learning architectures to develop an adaptive and resilient network intrusion detection system (IDS) to detect and classify network attacks. The emphasis is how deep learning or deep neural …

Class-Incremental Learning For Wireless Device Identification In Iot, Yongxin Liu, Jian Wang, Jianqiang Li, Shuteng Niu, Houbing Song

Publications

Deep Learning (DL) has been utilized pervasively in the Internet of Things (IoT). One typical application of DL in IoT is device identification from wireless signals, namely Noncryptographic Device Identification (NDI). However, learning components in NDI systems have to evolve to adapt to operational variations, such a paradigm is termed as Incremental Learning (IL). Various IL algorithms have been proposed and many of them require dedicated space to store the increasing amount of historical data, and therefore, they are not suitable for IoT or mobile applications. However, conventional IL schemes can not provide satisfying performance when historical data are not …

A Framework To Detect The Susceptibility Of Employees To Social Engineering Attacks, Hashim H. Alneami

Doctoral Dissertations and Master's Theses

Social engineering attacks (SE-attacks) in enterprises are hastily growing and are becoming increasingly sophisticated. Generally, SE-attacks involve the psychological manipulation of employees into revealing confidential and valuable company data to cybercriminals. The ramifications could bring devastating financial and irreparable reputation loss to the companies. Because SE-attacks involve a human element, preventing these attacks can be tricky and challenging and has become a topic of interest for many researchers and security experts. While methods exist for detecting SE-attacks, our literature review of existing methods identified many crucial factors such as the national cultural, organizational, and personality traits of employees that enable …

Cross Domain Iw Threats To Sof Maritime Missions: Implications For U.S. Sof, Gary C. Kessler, Diane M. Zorri

Publications

As cyber vulnerabilities proliferate with the expansion of connected devices, wherein security is often forsaken for ease of use, Special Operations Forces (SOF) cannot escape the obvious, massive risk that they are assuming by incorporating emerging technologies into their toolkits. This is especially true in the maritime sector where SOF operates nearshore in littoral zones. As SOF—in support to the U.S. Navy— increasingly operate in these contested maritime environments, they will gradually encounter more hostile actors looking to exploit digital vulnerabilities. As such, this monograph comes at a perfect time as the world becomes more interconnected but also more vulnerable.

Authentication Schemes' Impact On Working Memory, Janine D. Mator

Psychology Theses & Dissertations

Authentication is the process by which a computing system validates a user’s identity. Although this process is necessary for system security, users view authentication as a frequent disruption to their primary tasks. During this disruption, primary task information must be actively maintained in working memory. As a result, primary task information stored in working memory is at risk of being lost or corrupted while users authenticate. For over two decades, researchers have focused on developing more memorable passwords by replacing alphanumeric text with visual graphics (Biddle et al., 2012). However, very little attention has been given to the impact authentication …

Cybersecurity Risk Assessment Using Graph Theoretical Anomaly Detection And Machine Learning, Goksel Kucukkaya

Engineering Management & Systems Engineering Theses & Dissertations

The cyber domain is a great business enabler providing many types of enterprises new opportunities such as scaling up services, obtaining customer insights, identifying end-user profiles, sharing data, and expanding to new communities. However, the cyber domain also comes with its own set of risks. Cybersecurity risk assessment helps enterprises explore these new opportunities and, at the same time, proportionately manage the risks by establishing cyber situational awareness and identifying potential consequences. Anomaly detection is a mechanism to enable situational awareness in the cyber domain. However, anomaly detection also requires one of the most extensive sets of data and features …

Digital Twin-Based Cooperative Control Techniques For Secure And Intelligent Operation Of Distributed Microgrids, Ahmed Aly Saad Ahmed

FIU Electronic Theses and Dissertations

Networked microgrids play a key role in constructing future active distribution networks for providing the power system with resiliency and reliability against catastrophic physical and cyber incidents. Motivated by the increasing penetration of renewable resources and energy storage systems in the distribution grids, utility companies are encouraged to unleash the capabilities of the distributed microgrid to work as virtual power plants that can support the power systems. The microgrids nature is transforming the grid and their control systems from centralized architecture into distributed architectures. The distributed networked microgrids introduced many benefits to the future smart grids, it created many challenges …

Infiniband Network Monitoring: Challenges And Possibilities, Kyle D. Hintze

Theses and Dissertations

Within the realm of High Performance Computing, the InfiniBand Architecture is among the leading interconnects used today. Capable of providing high bandwidth and low latency, InfiniBand is finding applications outside the High Performance Computing domain. One of these is critical infrastructure, encompassing almost all essential sectors as the work force becomes more connected. InfiniBand is not immune to security risks, as prior research has shown that common traffic analyzing tools cannot effectively monitor InfiniBand traffic transmitted between hosts, due to the kernel bypass nature of the IBA in conjunction with Remote Direct Memory Access operations. If Remote Direct Memory Access …

Disruptive Technologies With Applications In Airline & Marine And Defense Industries, Randall K. Nichols, Hans C. Mumm, Wayne Lonstein, Suzanne Sincavage, Candice M. Carter, John-Paul Hood, Randall Mai, Mark Jackson, Bart Shields

NPP eBooks

Disruptive Technologies With Applications in Airline, Marine, Defense Industries is our fifth textbook in a series covering the world of Unmanned Vehicle Systems Applications & Operations On Air, Sea, and Land. The authors have expanded their purview beyond UAS / CUAS / UUV systems that we have written extensively about in our previous four textbooks. Our new title shows our concern for the emergence of Disruptive Technologies and how they apply to the Airline, Marine and Defense industries. Emerging technologies are technologies whose development, practical applications, or both are still largely unrealized, such that they are figuratively emerging into prominence …

Role Of Artificial Intelligence In The Internet Of Things (Iot) Cybersecurity, Murat Kuzlu, Corinne Fair, Ozgur Guler

Engineering Technology Faculty Publications

In recent years, the use of the Internet of Things (IoT) has increased exponentially, and cybersecurity concerns have increased along with it. On the cutting edge of cybersecurity is Artificial Intelligence (AI), which is used for the development of complex algorithms to protect networks and systems, including IoT systems. However, cyber-attackers have figured out how to exploit AI and have even begun to use adversarial AI in order to carry out cybersecurity attacks. This review paper compiles information from several other surveys and research papers regarding IoT, AI, and attacks with and against AI and explores the relationship between these …

Bibliometric Survey On Zero-Knowledge Proof For Authentication, Adwait Pathak, Tejas Patil, Shubham Pawar, Piyush Raut, Smita Khairnar, Dr. Shilpa Gite

Library Philosophy and Practice (e-journal)

Background: Zero Knowledge Proof is a persuasive cryptographic protocol employed to provide data security by keeping the user's identity, using the services anonymously. Zero Knowledge Proof can be the preferred option to use in multiple circumstances. Instead of using the public key cryptographic protocols, the zero-knowledge proof usage does not expose or leak confidential data or information during the transmission. Zero Knowledge Proof protocols are comparatively lightweight; this results in making it efficient in terms of memory. Zero Knowledge Proof applications can reside in authentication, identity management, cryptocurrency transactions, and many more. Traditional authentication schemes are vulnerable to attacks …

Transdisciplinary Ai Observatory—Retrospective Analyses And Future-Oriented Contradistinctions, Nadisha Marie Aliman, Leon Kester, Roman Yampolskiy

Faculty Scholarship

In the last years, artificial intelligence (AI) safety gained international recognition in the light of heterogeneous safety-critical and ethical issues that risk overshadowing the broad beneficial impacts of AI. In this context, the implementation of AI observatory endeavors represents one key research direction. This paper motivates the need for an inherently transdisciplinary AI observatory approach integrating diverse retrospective and counterfactual views. We delineate aims and limitations while providing hands-on-advice utilizing concrete practical examples. Distinguishing between unintentionally and intentionally triggered AI risks with diverse socio-psycho-technological impacts, we exemplify a retrospective descriptive analysis followed by a retrospective counterfactual risk analysis. Building on …

Blockchain-Based Architecture For Secured Cyberattack Signatures And Features Distribution, Oluwaseyi J. Ajayi

Dissertations and Theses

One effective way of detecting malicious traffic in computer networks is intrusion detection systems (IDS). Despite the increased accuracy of IDSs, distributed or coordinated attacks can still go undetected because of the single vantage point of the IDSs. Due to this reason, there is a need for attack characteristics' exchange among different IDS nodes. Another reason for IDS coordination is that a zero-day attack (an attack without a known signature) experienced in organizations located in different regions is not the same. Collaborative efforts of the participating IDS nodes can stop more attack threats if IDS nodes exchange these attack characteristics …

Research Framework Of Human Factors Interactions With Technical And Security Factors In Cloud Computing, Hongjiang Xu, Sakthi Mahenthiran

Scholarship and Professional Work - Business

There are many advantages to adopt cloud computing, however, some important issues need to be addressed, such as cybersecurity, cost-saving, trust, implementation complexity, and cloud provider’s reliability. This study developed a research framework to study the human factors that interact with technical and cybersecurity factors to affect the cloud-computing provider’s performance from the user’s perspective. Research hypotheses were developed and a survey was conducted to test the hypotheses and validate the research framework.

Pause For A Cybersecurity Cause: Assessing The Influence Of A Waiting Period On User Habituation In Mitigation Of Phishing Attacks, Amy Antonucci

CCE Theses and Dissertations

Social engineering costs organizations billions of dollars a year. Social engineering exploits the weakest link of information security systems, the people who are using them. Phishing is a form of social engineering in which the perpetrator depends on the victim’s instinctual thinking towards an email designed to create a fear or excitement response. It is well-documented in literature that users continue to click on phishing emails costing them and their employers significant monetary resources and data loss. Training does not appear to mitigate the effects of phishing much; other solutions are necessary to mitigate phishing.

Kahneman introduced the concepts of …

Energy Considerations In Blockchain-Enabled Applications, Cesar Enrique Castellon Escobar

UNF Graduate Theses and Dissertations

Blockchain-powered smart systems deployed in different industrial applications promise operational efficiencies and improved yields, while mitigating significant cybersecurity risks pertaining to the main application. Associated tradeoffs between availability and security arise at implementation, however, triggered by the additional resources (e.g., memory, computation) required by each blockchain-enabled host. This thesis applies an energy-reducing algorithmic engineering technique for Merkle Tree root and Proof of Work calculations, two principal elements of blockchain computations, as a means to preserve the promised security benefits but with less compromise to system availability. Using pyRAPL, a python library to measure computational energy, we experiment with both the …

An Empirical Assessment Of Users' Information Security Protection Behavior Towards Social Engineering Breaches, Nisha Jatin Patel

CCE Theses and Dissertations

User behavior is one of the most significant information security risks. Information Security is all about being aware of who and what to trust and behaving accordingly. Due to technology becoming an integral part of nearly everything in people's daily lives, the organization's need for protection from security threats has continuously increased. Social engineering is the act of tricking a user into revealing information or taking action. One of the riskiest aspects of social engineering is that it depends mainly upon user errors and is not necessarily a technology shortcoming. User behavior should be one of the first apprehensions when …

Data Driven Analysis And Characterization Of Modern Android Malware, Qian Han

Dartmouth College Ph.D Dissertations

Google’s Android operating system was first announced to the public in 2007 and was installed on more than three billion mobile devices by 2019. With the prevalence of Android OS, Android malware has since proliferated. Android malware is malicious software designed to exploit Android operating systems running on smart devices. Some variants of Android malware have the capability of disabling the device, allowing a malicious actor to remotely control the device, track the user’s activity, lock the device, and so on. Moreover, the evolution and sophistication of modern Android malware obfuscation and detection bypassing methods have significantly improved in recent …