Engineering Commons^™

Designing High-Performance Identity-Based Quantum Signature Protocol With Strong Security, Sunil Prajapat, Pankaj Kumar, Sandeep Kumar, Ashok Kumar Das, Sachin Shetty, M. Shamim Hossain

VMASC Publications

Due to the rapid advancement of quantum computers, there has been a furious race for quantum technologies in academia and industry. Quantum cryptography is an important tool for achieving security services during quantum communication. Designated verifier signature, a variant of quantum cryptography, is very useful in applications like the Internet of Things (IoT) and auctions. An identity-based quantum-designated verifier signature (QDVS) scheme is suggested in this work. Our protocol features security attributes like eavesdropping, non-repudiation, designated verification, and hiding sources attacks. Additionally, it is protected from attacks on forgery, inter-resending, and impersonation. The proposed scheme benefits from the traditional designated …

Transfer Learning Using Infrared And Optical Full Motion Video Data For Gender Classification, Alexander M. Glandon, Joe Zalameda, Khan M. Iftekharuddin, Gabor F. Fulop (Ed.), David Z. Ting (Ed.), Lucy L. Zheng (Ed.)

Electrical & Computer Engineering Faculty Publications

This work is a review and extension of our ongoing research in human recognition analysis using multimodality motion sensor data. We review our work on hand crafted feature engineering for motion capture skeleton (MoCap) data, from the Air Force Research Lab for human gender followed by depth scan based skeleton extraction using LIDAR data from the Army Night Vision Lab for person identification. We then build on these works to demonstrate a transfer learning sensor fusion approach for using the larger MoCap and smaller LIDAR data for gender classification.

A Review Of Iot Security And Privacy Using Decentralized Blockchain Techniques, Vinay Gugueoth, Sunitha Safavat, Sachin Shetty, Danda Rawat

Electrical & Computer Engineering Faculty Publications

IoT security is one of the prominent issues that has gained significant attention among the researchers in recent times. The recent advancements in IoT introduces various critical security issues and increases the risk of privacy leakage of IoT data. Implementation of Blockchain can be a potential solution for the security issues in IoT. This review deeply investigates the security threats and issues in IoT which deteriorates the effectiveness of IoT systems. This paper presents a perceptible description of the security threats, Blockchain based solutions, security characteristics and challenges introduced during the integration of Blockchain with IoT. An analysis of different …

Security Of Internet Of Things (Iot) Using Federated Learning And Deep Learning — Recent Advancements, Issues And Prospects, Vinay Gugueoth, Sunitha Safavat, Sachin Shetty

Electrical & Computer Engineering Faculty Publications

There is a great demand for an efficient security framework which can secure IoT systems from potential adversarial attacks. However, it is challenging to design a suitable security model for IoT considering the dynamic and distributed nature of IoT. This motivates the researchers to focus more on investigating the role of machine learning (ML) in the designing of security models. A brief analysis of different ML algorithms for IoT security is discussed along with the advantages and limitations of ML algorithms. Existing studies state that ML algorithms suffer from the problem of high computational overhead and risk of privacy leakage. …

A Provable Secure And Efficient Authentication Framework For Smart Manufacturing Industry, Muhammad Hammad, Akhtar Badshah, Ghulam Abbas, Hisham Alasmary, Muhammad Waqas, Wasim A. Khan

Research outputs 2022 to 2026

Smart manufacturing is transforming the manufacturing industry by enhancing productivity and quality, driving growth in the global economy. The Internet of Things (IoT) has played a crucial role in realizing Industry 4.0, where machines can communicate and interact in real-time. Despite these advancements, security remains a major challenge in developing and deploying smart manufacturing. As cyber-attacks become more prevalent, researchers are making security a top priority. Although IoT and Industrial IoT (IIoT) are used to establish smart industries, these systems remain vulnerable to various types of attacks. To address these security issues, numerous authentication methods have been proposed. However, many …

Machine Learning-Based Device Type Classification For Iot Device Re- And Continuous Authentication, Kaustubh Gupta

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Today, the use of Internet of Things (IoT) devices is higher than ever and it is growing rapidly. Many IoT devices are usually manufactured by home appliance manufacturers where security and privacy are not the foremost concern. When an IoT device is connected to a network, currently there does not exist a strict authentication method that verifies the identity of the device, allowing any rogue IoT device to authenticate to an access point. This thesis addresses the issue by introducing methods for continuous and re-authentication of static and dynamic IoT devices, respectively. We introduce mechanisms and protocols for authenticating a …

Assessing Security Risks With The Internet Of Things, Faith Mosemann

Senior Honors Theses

For my honors thesis I have decided to study the security risks associated with the Internet of Things (IoT) and possible ways to secure them. I will focus on how corporate, and individuals use IoT devices and the security risks that come with their implementation. In my research, I found out that IoT gadgets tend to go unnoticed as a checkpoint for vulnerability. For example, often personal IoT devices tend to have the default username and password issued from the factory that a hacker could easily find through Google. IoT devices need security just as much as computers or servers …

Human Ergonomic Simulation To Support The Design Of An Exoskeleton For Lashing/De-Lashing Operations Of Containers Cargo, Francesco Longo, Antonio Padovano, Vittorio Solina, Virginia D' Augusta, Stefan Venzl, Roberto Calbi, Michele Bartuni, Ornella Anastasi, Rafael Diaz

VMASC Publications

Lashing and de-lashing operations of containers cargo on board containerships are considered as quite strenuous activities in which operators are required to work continuously over a 6 or 8 hours shift with very limited break. This is mostly because containerships need to leave the port as soon as possible and containers loading and unloading operations must be executed with very high productivity (stay moored in a port is a totally unproductive time for a ship and a loss-making business for a shipping company). Operators performing lashing and de-lashing operations are subjected to intense ergonomic stress and uncomfortable working postures. To …

A Probabilistic Perspective Of Human-Machine Interaction, Mustafa Canan, Mustafa Demir, Samuel Kovacic

Engineering Management & Systems Engineering Faculty Publications

Human-machine interaction (HMI) has become an essential part of the daily routine in organizations. Although the machines are designed with state-of-the-art Artificial Intelligence applications, they are limited in their ability to mimic human behavior. The human-human interaction occurs between two or more humans; when a machine replaces a human, the interaction dynamics are not the same. The results indicate that a machine that interacts with a human can increase the mental uncertainty that a human experiences. Developments in decision sciences indicate that using quantum probability theory (QPT) improves the understanding of human decision-making than merely using classical probability theory (CPT). …

Defensive Distillation-Based Adversarial Attack Mitigation Method For Channel Estimation Using Deep Learning Models In Next-Generation Wireless Networks, Ferhat Ozgur Catak, Murat Kuzlu, Evren Catak, Umit Cali, Ozgur Guler

Engineering Technology Faculty Publications

Future wireless networks (5G and beyond), also known as Next Generation or NextG, are the vision of forthcoming cellular systems, connecting billions of devices and people together. In the last decades, cellular networks have dramatically grown with advanced telecommunication technologies for high-speed data transmission, high cell capacity, and low latency. The main goal of those technologies is to support a wide range of new applications, such as virtual reality, metaverse, telehealth, online education, autonomous and flying vehicles, smart cities, smart grids, advanced manufacturing, and many more. The key motivation of NextG networks is to meet the high demand for those …

An Analysis On Network Flow-Based Iot Botnet Detection Using Weka, Cian Porteous

Dissertations

Botnets pose a significant and growing risk to modern networks. Detection of botnets remains an important area of open research in order to prevent the proliferation of botnets and to mitigate the damage that can be caused by botnets that have already been established. Botnet detection can be broadly categorised into two main categories: signature-based detection and anomaly-based detection. This paper sets out to measure the accuracy, false-positive rate, and false-negative rate of four algorithms that are available in Weka for anomaly-based detection of a dataset of HTTP and IRC botnet data. The algorithms that were selected to detect botnets …

Security Hardening Of Intelligent Reflecting Surfaces Against Adversarial Machine Learning Attacks, Ferhat Ozgur Catak, Murat Kuzlu, Haolin Tang, Evren Catak, Yanxiao Zhao

Engineering Technology Faculty Publications

Next-generation communication networks, also known as NextG or 5G and beyond, are the future data transmission systems that aim to connect a large amount of Internet of Things (IoT) devices, systems, applications, and consumers at high-speed data transmission and low latency. Fortunately, NextG networks can achieve these goals with advanced telecommunication, computing, and Artificial Intelligence (AI) technologies in the last decades and support a wide range of new applications. Among advanced technologies, AI has a significant and unique contribution to achieving these goals for beamforming, channel estimation, and Intelligent Reflecting Surfaces (IRS) applications of 5G and beyond networks. However, the …

Ggnb: Graph-Based Gaussian Naive Bayes Intrusion Detection System For Can Bus, Riadul Islam, Maloy K. Devnath, Manar D. Samad, Syed Md Jaffrey Al Kadry

Computer Science Faculty Research

The national highway traffic safety administration (NHTSA) identified cybersecurity of the automobile systems are more critical than the security of other information systems. Researchers already demonstrated remote attacks on critical vehicular electronic control units (ECUs) using controller area network (CAN). Besides, existing intrusion detection systems (IDSs) often propose to tackle a specific type of attack, which may leave a system vulnerable to numerous other types of attacks. A generalizable IDS that can identify a wide range of attacks within the shortest possible time has more practical value than attack-specific IDSs, which is not a trivial task to accomplish. In this …

Covid-19 And Biocybersecurity's Increasing Role On Defending Forward, Xavier Palmer, Lucas N. Potter, Saltuk Karahan

Electrical & Computer Engineering Faculty Publications

The evolving nature of warfare has been changing with cybersecurity and the use of advanced biotechnology in each aspect of the society is expanding and overlapping with the cyberworld. This intersection, which has been described as “biocybersecurity” (BCS), can become a major front of the 21st-century conflicts. There are three lines of BCS which make it a critical component of overall cybersecurity: (1) cyber operations within the area of BCS have life threatening consequences to a greater extent than other cyber operations, (2) the breach in health-related personal data is a significant tool for fatal attacks, and (3) health-related misinformation …

Advanced Security Analysis For Emergent Software Platforms, Mohannad Alhanahnah

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Emergent software ecosystems, boomed by the advent of smartphones and the Internet of Things (IoT) platforms, are perpetually sophisticated, deployed into highly dynamic environments, and facilitating interactions across heterogeneous domains. Accordingly, assessing the security thereof is a pressing need, yet requires high levels of scalability and reliability to handle the dynamism involved in such volatile ecosystems.

This dissertation seeks to enhance conventional security detection methods to cope with the emergent features of contemporary software ecosystems. In particular, it analyzes the security of Android and IoT ecosystems by developing rigorous vulnerability detection methods. A critical aspect of this work is the …

Ldakm-Eiot: Lightweight Device Authentication And Key Management Mechanism For Edge-Based Iot Deployment, Mohammad Wazid, Ashok Kumar Das, Sachin Shetty, Joel J. P. C. Rodrigues, Youngho Park

VMASC Publications

In recent years, edge computing has emerged as a new concept in the computing paradigm that empowers several future technologies, such as 5G, vehicle-to-vehicle communications, and the Internet of Things (IoT), by providing cloud computing facilities, as well as services to the end users. However, open communication among the entities in an edge based IoT environment makes it vulnerable to various potential attacks that are executed by an adversary. Device authentication is one of the prominent techniques in security that permits an IoT device to authenticate mutually with a cloud server with the help of an edge node. If authentication …

Iomt Malware Detection Approaches: Analysis And Research Challenges, Mohammad Wazid, Ashok Kumar Das, Joel J.P.C. Rodrigues, Sachin Shetty, Youngho Park

VMASC Publications

The advancement in Information and Communications Technology (ICT) has changed the entire paradigm of computing. Because of such advancement, we have new types of computing and communication environments, for example, Internet of Things (IoT) that is a collection of smart IoT devices. The Internet of Medical Things (IoMT) is a specific type of IoT communication environment which deals with communication through the smart healthcare (medical) devices. Though IoT communication environment facilitates and supports our day-to-day activities, but at the same time it has also certain drawbacks as it suffers from several security and privacy issues, such as replay, man-in-the-middle, impersonation, …

Feasibility And Security Analysis Of Wideband Ultrasonic Radio For Smart Home Applications, Qi Xia

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Smart home Internet-of-Things (IoT) accompanied by smart home apps has witnessed tremendous growth in the past few years. Yet, the security and privacy of the smart home IoT devices and apps have raised serious concerns, as they are getting increasingly complicated each day, expected to store and exchange extremely sensitive personal data, always on and connected, and commonly exposed to any users in a sensitive environment. Nowadays wireless smart home IoT devices rely on electromagnetic wave-based radio-frequency (RF) technology to establish fast and reliable quality network connections. However, RF has its limitations that can negatively affect the smart home user …

Frameup: An Incriminatory Attack On Storj: A Peer To Peer Blockchain Enabled Distributed Storage System, Xiaolu Zhang, Justin Grannis, Ibrahim Baggili, Nicole Lang Beebe

Electrical & Computer Engineering and Computer Science Faculty Publications

In this work we present a primary account of frameup, an incriminatory attack made possible because of existing implementations in distributed peer to peer storage. The frameup attack shows that an adversary has the ability to store unencrypted data on the hard drives of people renting out their hard drive space. This is important to forensic examiners as it opens the door for possibly framing an innocent victim. Our work employs Storj as an example technology, due to its popularity and market size. Storj is a blockchain enabled system that allows people to rent out their hard drive space …

Inception: Virtual Space In Memory Space In Real Space, Peter Casey, Rebecca Lindsay-Decusati, Ibrahim Baggili, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

Virtual Reality (VR) has become a reality. With the technology's increased use cases, comes its misuse. Malware affecting the Virtual Environment (VE) may prevent an investigator from ascertaining virtual information from a physical scene, or from traditional “dead” analysis. Following the trend of antiforensics, evidence of an attack may only be found in memory, along with many other volatile data points. Our work provides the primary account for the memory forensics of Immersive VR systems, and in specific the HTC Vive. Our approach is capable of reconstituting artifacts from memory that are relevant to the VE, and is also capable …

Forensic Analysis Of Immersive Virtual Reality Social Applications: A Primary Account, Ananya Yarramreddy, Peter Gromkowski, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Our work presents the primary account for exploring the forensics of immersive Virtual Reality (VR) systems and their social applications. The Social VR applications studied in this work include Bigscreen, Altspace VR, Rec Room and Facebook Spaces. We explored the two most widely adopted consumer VR systems: the HTC Vive and the Oculus Rift. Our tests examined the efficacy of reconstructing evidence from network traffic as well as the systems themselves. The results showed that a significant amount of forensically relevant data such as user names, user profile pictures, events, and system details may be recovered. We anticipate that this …

Compact Hardware Implementation Of A Sha-3 Core For Wireless Body Sensor Networks, Yi Yang, Debiao He, Neeraj Kumar, Sherali Zeadally

Information Science Faculty Publications

One of the most important Internet of Things applications is the wireless body sensor network (WBSN), which can provide universal health care, disease prevention, and control. Due to large deployments of small scale smart sensors in WBSNs, security, and privacy guarantees (e.g., security and safety-critical data, sensitive private information) are becoming a challenging issue because these sensor nodes communicate using an open channel, i.e., Internet. We implement data integrity (to resist against malicious tampering) using the secure hash algorithm 3 (SHA-3) when smart sensors in WBSNs communicate with each other using the Internet. Due to the limited resources (i.e., storage, …

A Simplified Secure Programming Platform For Internet Of Things Devices, Halim Burak Yesilyurt

FIU Electronic Theses and Dissertations

The emerging Internet of Things (IoT) revolution has introduced many useful applications that are utilized in our daily lives. Users can program these devices in order to develop their own IoT applications; however, the platforms and languages that are used during development are abounding, complicated, and time-consuming. The software solution provided in this thesis, PROVIZ+, is a secure sensor application development software suite that helps users create sophisticated and secure IoT applications with little software and hardware experience. Moreover, a simple and efficient domain-specific programming language, namely Panther language, was designed for IoT application development to unify existing programming languages. …

An Overview Of The Usage Of Default Passwords, Brandon Knierem, Xiaolu Zhang, Philip Levine, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

The recent Mirai botnet attack demonstrated the danger of using default passwords and showed it is still a major problem. In this study we investigated several common applications and their password policies. Specifically, we analyzed if these applications: (1) have default passwords or (2) allow the user to set a weak password (i.e., they do not properly enforce a password policy). Our study shows that default passwords are still a significant problem: 61% of applications inspected initially used a default or blank password. When changing the password, 58% allowed a blank password, 35% allowed a weak password of 1 character.

Simple Implementation Of An Elgamal Digital Signature And A Brute Force Attack On It, Valeriia Laryoshyna

Student Works

This study is an attempt to show a basic mathematical usage of the concepts behind digital signatures and to provide a simple approach and understanding to cracking basic digital signatures. The approach takes on simple C programming of the ElGamal digital signature to identify some limits that can be encountered and provide considerations for making more complex code. Additionally, there is a literature review of the ElGamal digital signature and the brute force attack.

The research component of this project provides a list of possible ways to crack the basic implementations and classifies the different approaches that could be taken …

Breaking Into The Vault: Privacy, Security And Forensic Analysis Of Android Vault Applications, Xiaolu Zhang, Ibrahim Baggili, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

In this work we share the first account for the forensic analysis, security and privacy of Android vault applications. Vaults are designed to be privacy enhancing as they allow users to hide personal data but may also be misused to hide incriminating files. Our work has already helped law enforcement in the state of Connecticut to reconstruct 66 incriminating images and 18 videos in a single criminal case. We present case studies and results from analyzing 18 Android vault applications (accounting for nearly 220 million downloads from the Google Play store) by reverse engineering them and examining the forensic artifacts …

Semeo: A Semantic Equivalence Analysis Framework For Obfuscated Android Applications, Zhen Hu

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Software repackaging is a common approach for creating malware. In this approach, malware authors inject malicious payloads into legitimate applications; then, to ren- der security analysis more difficult, they obfuscate most or all of the code. This forces analysts to spend a large amount of effort filtering out benign obfuscated methods in order to locate potentially malicious methods for further analysis. If an effective mechanism for filtering out benign obfuscated methods were available, the number of methods that must be analyzed could be reduced, allowing analysts to be more productive. In this thesis, we introduce SEMEO, a highly effective and …

Significant Permission Identification For Android Malware Detection, Lichao Sun

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

A recent report indicates that a newly developed malicious app for Android is introduced every 11 seconds. To combat this alarming rate of malware creation, we need a scalable malware detection approach that is effective and efficient. In this thesis, we introduce SigPID, a malware detection system based on permission analysis to cope with the rapid increase in the number of Android malware. Instead of analyzing all 135 Android permissions, our approach applies 3-level pruning by mining the permission data to identify only significant permissions that can be effective in distinguishing benign and malicious apps. Based on the identified significant …

Optical Fiber Sensors In Physical Intrusion Detection Systems: A Review, Gary Andrew Allwood, Graham Wild, Steven Hinkley

Research outputs 2014 to 2021

Fiber optic sensors have become a mainstream sensing technology within a large array of applications due to their inherent benefits. They are now used significantly in structural health monitoring, and are an essential solution for monitoring harsh environments. Since their first development over 30 years ago, they have also found promise in security applications. This paper reviews all of the optical fiber-based techniques used in physical intrusion detection systems. It details the different approaches used for sensing, interrogation, and networking, by research groups, attempting to secure both commercial and residential premises from physical security breaches. The advantages and the disadvantages …

Modeling Security And Resource Allocation For Mobile Multi-Hop Wireless Neworks Using Game Theory, Laurent L. Y. Njilla

FIU Electronic Theses and Dissertations

This dissertation presents novel approaches to modeling and analyzing security and resource allocation in mobile ad hoc networks (MANETs). The research involves the design, implementation and simulation of different models resulting in resource sharing and security’s strengthening of the network among mobile devices. Because of the mobility, the network topology may change quickly and unpredictably over time. Moreover, data-information sent from a source to a designated destination node, which is not nearby, has to route its information with the need of intermediary mobile nodes. However, not all intermediary nodes in the network are willing to participate in data-packet transfer of …