Engineering Commons^™

3rd Party Ip Encryption From Netlist To Bitstream For Xilinx 7-Series Fpgas, Daniel Hutchings

Theses and Dissertations

IP vendors need to keep the internal designs of their IP secret from the IP user for security or commercial reasons. The CAD tools provided by FPGA vendors have some built-in functionality to encrypt the IP. However, the IP is consequently decrypted by the CAD tools in order to run the IP through the design flow. An IP user can use APIs provided by the CAD tools to recreate the IP in an unencrypted state. An IP user could also easily learn the internals of a protected IP with the advent of new open-source bitstream to netlist tools. The user …

Secure And Efficient Federated Learning, Xingyu Li

Theses and Dissertations

In the past 10 years, the growth of machine learning technology has been significant, largely due to the availability of large datasets for training. However, gathering a sufficient amount of data on a central server can be challenging. Additionally, with the rise of mobile networking and the large amounts of data generated by IoT devices, privacy and security issues have become a concern, resulting in government regulations such as GDPR, HIPAA, CCPA, and ADPPA. Under these circumstances, traditional centralized machine learning methods face a problem in that sensitive data must be kept locally for privacy reasons, making it difficult to …

Exploring The Performance Impacts Of Harmful Fpga Configurations, Tanner Gaskin

Theses and Dissertations

In this work a new technique for accelerating the aging of FPGA devices is proposed and demonstrated. The proposed technique uses harmful configurations (short circuits) to accelerate the aging process on targeted portions of an FPGA chip. A testbed is developed for the purpose of measuring FPGA degradation. Using this testbed it is shown that implementing thousands of short circuits in FPGA fabric generates enough heat to cause significant damage to the chip, reducing switching speeds by up to 8%. It is also demonstrated that different parts of the FPGA fabric can be aged at different rates, with some parts …

Dbknot: A Transparent And Seamless, Pluggable Tamper Evident Database, Islam Khalil

Theses and Dissertations

Database integrity is crucial to organizations that rely on databases of important data. They suffer from the vulnerability to internal fraud. Database tampering by internal malicious employees with high technical authorization to their infrastructure or even compromised by externals is one of the important attack vectors.

This thesis addresses such challenge in a class of problems where data is appended only and is immutable. Examples of operations where data does not change is a) financial institutions (banks, accounting systems, stock market, etc., b) registries and notary systems where important data is kept but is never subject to change, and c) …

Exploring The Efficiency Of Software-Defined Radios In 3d Heat Mapping, Andrew Scott Thomas

Theses and Dissertations

A common method of connecting to the internet is a wireless network. These networks can be monitored to discover the area of their coverage, but commercial receivers don't always provide the most accurate results. A software-defined radio was programmed to sniff wireless signals and tested against a commercial receiver and the results were compared. The results suggest that the software-defined radio performs at least as well as the commercial receiver in distance measurements and significantly better in samples taken per minute. It was determined that the software-defined radio is a viable replacement for a commercial receiver in 3D heat mapping.

Challenges In Large-Scale Machine Learning Systems: Security And Correctness, Emad Alsuwat

Theses and Dissertations

In this research, we address the impact of data integrity on machine learning algorithms. We study how an adversary could corrupt Bayesian network structure learning algorithms by inserting contaminated data items. We investigate the resilience of two commonly used Bayesian network structure learning algorithms, namely the PC and LCD algorithms, against data poisoning attacks that aim to corrupt the learned Bayesian network model.

Data poisoning attacks are one of the most important emerging security threats against machine learning systems. These attacks aim to corrupt machine learning models by con- taminating datasets in the training phase. The lack of resilience of …

The Sap Link: A Controller Architecture For Secure Industrial Control Systems, Matthew Cody Wyman

Theses and Dissertations

Industrial Control Systems are essential to modern life. They are utilized in hundreds of processes including power distribution, water treatment, manufacturing, traffic management, and amusement park ride control. These systems are an essential part of modern life and if compromised, could result in significant economic loss, safety impacts, damage to the environment, and even loss of life. Unfortunately, many of these systems are not properly secured from a cyber attack. It is likely that a well-funded and motivated attack from a nation-state will successfully compromise an industrial control system's network. As cyber war becomes more prevalent, it is becoming more …

Securing Critical Infrastructure: A Ransomware Study, Blaine M. Jeffries

Theses and Dissertations

This thesis reviews traditional ransomware attack trends in order to present a taxonomy for ransomware targeting industrial control systems. After reviewing a critical infrastructure ransomware attack methodology, a corresponding response and recovery plan is described. The plan emphasizes security through redundancy, specifically the incorporation of standby programmable logic controllers. This thesis goes on to describe a set of experiments conducted to test the viability of defending against a specialized ransomware attack with a redundant controller network. Results support that specific redundancy schemes are effective in recovering from a successful attack. Further experimentation is conducted to test the feasibility of industrial …

On The Security And Quality Of Wireless Communications In Outdoor Mobile Environment, Sharaf J. Malebary

Theses and Dissertations

The rapid advancement in wireless technology along with their low cost and ease of deployment have been attracting researchers academically and commercially. Researchers from private and public sectors are investing into enhancing the reliability, robustness, and security of radio frequency (RF) communications to accommodate the demand and enhance lifestyle. RF base communications -by nature- are slower and more exposed to attacks than a wired base (LAN). Deploying such networks in various cutting-edge mobile platforms (e.g. VANET, IoT, Autonomous robots) adds new challenges that impact the quality directly. Moreover, adopting such networks in public outdoor areas make them vulnerable to various …

Social Engineering Knowledge Measured As A Security Countermeasure, Christopher Artejus Sanders

Theses and Dissertations

Social Engineering has become a significant threat to the security of business, government, and academic institutions. As vulnerabilities to social engineering attacks increase, organizations must incorporate risk mitigation strategies to their portfolios of Information Systems Security Countermeasures (ISSC). The goal is to implement mitigation strategies that balance the cost of implementation, the privacy of employees, and the resulting expected costs of social engineering attacks. In this paper we develop an analytical model that calculates the total cost of protection, including the trade-off between the cost of implementing protection strategies and the resulting expected cost of social engineering attacks. We use …

Measuring The Robustness Of Forensic Tools' Ability To Detect Data Hiding Techniques, Samuel Isaiah Moses

Theses and Dissertations

The goal of this research is to create a methodology that measures the robustness and effectiveness of forensic tools' ability to detect data hiding. First, an extensive search for any existing guidelines testing against data hiding was performed. After finding none, existing guidelines and frameworks in cybersecurity and cyber forensics were reviewed. Next, I created the methodology in this thesis. This methodology includes a set of steps that a user should take to evaluate a forensic tool. The methodology has been designed to be flexible and scalable so as new anti-forensic data hiding methods are discovered and developed, they can …

A Security Evaluation Methodology For Container Images, Brendan Michael Abbott

Theses and Dissertations

The goal of this research is to create a methodology that evaluates the security posture of container images and helps improve container security. This was done by first searching for any guidelines or standards that focus on container images and security. After finding none, I decided to create an evaluative methodology. The methodology is composed of actions that users should take to evaluate the security of a container image. The methodology was created through in-depth research on container images and the build instructions used to create them and is referred to as the Security Evaluation Methodology for Container Images. The …

A Secure, Reliable And Performance-Enhancing Storage Architecture Integrating Local And Cloud-Based Storage, Christopher Glenn Hansen

Theses and Dissertations

The constant evolution of new varieties of computing systems - cloud computing, mobile devices, and Internet of Things, to name a few - have necessitated a growing need for highly reliable, available, secure, and high-performing storage systems. While CPU performance has typically scaled with Moore's Law, data storage is much less consistent in how quickly performance increases over time. One method of improving storage performance is through the use of special storage architectures. Such architectures often include redundant arrays of independent disks (RAID). RAID provides a meaningful way to increase storage performance on a variety of levels, some higher-performing than …

Router Security Effect On Performance Of A Network, David L. Leal

Theses and Dissertations

Recently many of the devices that create a computer network offer security to help protect networks from hackers, such as computers, servers, firewalls and even routers. In most cases when protecting a network from hackers having more security is not always the best, because the more resources of the device is used by the security in inspecting connections, and it can compromise performance of the network.

This thesis investigates performance benefit of having security on a router and its impact on the connection rate of the network when it is under security attacks. In this thesis, different security features and …

Evaluating The Security Of Smart Home Hubs, Steven A. Christiaens

Theses and Dissertations

The goal of this research is to improve the security of smart home hubs by developing a standard against which hubs can be evaluated. This was done by first reviewing existing standards, guides, and collections of best practices. I determined that adapting or extending an existing standard was the best way to proceed. Potential candidates were selected, and after thorough comparison, I chose to extend the OWASP Application Security Verification Standard (ASVS). Extensions were composed of additional security requirements to address smart home hub functionality not covered by the existing requirements of the ASVS. These additional requirements were developed based …

Privacy Protection On Cloud Computing, Min Li

Theses and Dissertations

Cloud is becoming the most popular computing infrastructure because it can attract more and more traditional companies due to flexibility and cost-effectiveness. However, privacy concern is the major issue that prevents users from deploying on public clouds. My research focuses on protecting user's privacy in cloud computing. I will present a hardware-based and a migration-based approach to protect user's privacy. The root cause of the privacy problem is current cloud privilege design gives too much power to cloud providers. Once the control virtual machine (installed by cloud providers) is compromised, external adversaries will breach users’ privacy. Malicious cloud administrators are …

Multi-Rotor--Aided Three-Dimensional 802.11 Wireless Heat Mapping, Scott James Pack

Theses and Dissertations

Traditional wireless site surveys produce a heat-map of link strength or quality over a target area, usually on the ground plane. In recent years research has gone into using aerial drones in network attack and surveillance, making three dimensional awareness of wireless coverage areas of interest. A multi-rotor drone and data collection module were built and tested as part of this research. Site assessments were conducted both in open space and near structures. Collected data was interpolated across the target area, and visualized as points and contours. These visualizations were exported to a Keyhole Markup Language (KML) for visualization in …

Improved Channel Probing For Secret Key Generation With Multiple Antenna Systems, Britton T. Quist

Theses and Dissertations

Establishing secret keys from the commonly-observed randomness of reciprocal wireless propagation channels has recently received considerable attention. In this work we propose improved strategies for channel estimation between MIMO or beamforming systems for secret key generation. The amount of mutual information that can be extracted from the channel matrix estimates is determined by the quality of channel matrix estimates. By allocating increased energy to channel estimation for higher gain beamforming combinations at the expense of low-gain combinations, key establishment performance can be increased. Formalizing the notion of preferential energy allocation to the most efficient excitations is the central theme of …

The Program Pathing Trust Model For Critical System Process Authorization, Robert Dahlberg

Theses and Dissertations

Since computers are relied upon to run critical infrastructures – from nuclear power plants to electronic battlefield simulations – the concept of a “trusted” or tamperproof system has become even more important. Some applications have become so critical that it is imperative that they run as intended, without interference. The consequences of these systems not running as intended could be catastrophic. This research offers a solution for a key element for protecting these critical servers – validating process invocation sequences. The purpose of this research is to increase operating system security by detecting, validating, and enforcing process invocation sequences within …

Secret Key Establishment Using Wireless Channels As Common Randomness In Time-Variant Mimo Systems, Chan Chen

Theses and Dissertations

Encryption of confidential data with a secret key has become a widespread technique for securing wireless transmissions. However, existing key distribution methods that either deliver the secret key with a key distribution center or exchange the secret key using public-key cryptosystems are unable to establish perfect secret keys necessary for symmetric encryption techniques. This research considers secret key establishment, under the broad research area of information theoretic security, using the reciprocal wireless channel as common randomness for the extraction of perfect secret keys in multiple-input multiple-output (MIMO)communication systems. The presentation discusses the fundamental characteristics of the time-variant MIMO wireless channel …