Engineering Commons^™

Analysis And Improvement Of The Security Building At Pg&E Diablo Canyon Nuclear Power Plant, Alyssa Carter, Natalie Christa, Phuong Anh Pham Dinh

Industrial and Manufacturing Engineering

A new Security building was recently designed and built at the Pacific Gas and Electric (PG&E) Diablo Canyon Power Plant (DCPP).This building’s staff and equipment are responsible for performing routine inspections on all personnel entering the facility in order to prevent security-related incidents from occurring at the nuclear power plant. Similar to airport security procedures, the DCPP security building routine inspections include the use of x-ray machines, metal detectors, and explosive detectors.

The Power Plant periodically experiences pre-planned, preventive maintenance outages, that last 4-6 weeks. During an outage, a power plant reactor is shut down for maintenance, repair, and re-fueling. …

On Modeling Eavesdropping Attacks In Wireless Networks, Xuran Li, Jianlong Xu, Hong-Ning Dai, Qinglin Zhao, Chak Fong Cheang, Qiu Wang

Hong-Ning Dai

This paper concerns the eavesdropping attacks from the eavesdroppers’ perspective, which is new since most of current studies consider the problem from the good nodes’ perspective. In this paper, we originally propose an analytical framework to quantify the effective area and the probability of the eavesdropping attacks. This framework enables us to theoretically evaluate the impact of node density, antenna model, and wireless channel model on the eavesdropping attacks. We verify via extensive simulations that the proposed analytical framework is very accurate. Our results show that the probability of eavesdropping attacks significantly vary, depending on the wireless environments (such as …

Operation Optimization And Water Quality Simulation Of Potable Water Distribution System, Xiongfei Xie

USF Tampa Graduate Theses and Dissertations

A potable water distribution system (WDS) consists of pipes, pumps, valves, storage tanks, control and supporting components. Traditionally, it has two basic functions. First, provides end users with potable water at sufficient pressures and good water quality. Second, provides sufficient pressure and flow for fire fighting. Currently, potable water is still the least expensive material for fire fighting. To accomplish these two goals, water utilities have to consider the integrity and security of the water network. As a result, this research selected three research topics that are closely related to the daily operation of water utilities and water quality simulation. …

Dg Mosfet, Mojtaba Mehrdad Nasehi Phd In Electronics, Computer Networks

mojtaba nasehi

No abstract provided.

Fault Tree Analysis For Safety/Security Verification In Aviation Software, Andrew J. Kornecki, Mingye Liu

Andrew J. Kornecki

The Next Generation Air Traffic Management system (NextGen) is a blueprint of the future National Airspace System. Supporting NextGen is a nation-wide Aviation Simulation Network (ASN), which allows integration of a variety of real-time simulations to facilitate development and validation of the NextGen software by simulating a wide range of operational scenarios. The ASN system is an environment, including both simulated and human-in-the-loop real-life components (pilots and air traffic controllers).Real Time Distributed Simulation (RTDS) developed at Embry-Riddle Aeronautical University, a suite of applications providing low and medium fidelity en-route simulation capabilities, is one of the simulations contributing to the ASN. …

Development Of A Master Of Software Assurance Reference Curriculum, Andrew J. Kornecki, James Mcdonald, Julia H. Allen, Mark Ardis, Nancy Mead, Richard Linger, Thomas B. Hilburn

Andrew J. Kornecki

The Next Generation Air Traffic Management system (NextGen) is a blueprint of the future National Airspace System. Supporting NextGen is a nation-wide Aviation Simulation Network (ASN), which allows integration of a variety of real-time simulations to facilitate development and validation of the NextGen software by simulating a wide range of operational scenarios. The ASN system is an environment, including both simulated and human-in-the-loop real-life components (pilots and air traffic controllers).Real Time Distributed Simulation (RTDS) developed at Embry-Riddle Aeronautical University, a suite of applications providing low and medium fidelity en-route simulation capabilities, is one of the simulations contributing to the ASN. …

Public Street Surveillance: A Psychometric Study On The Perceived Social Risk, David J. Brooks

David J Brooks Dr.

Public street surveillance, a domain of Closed Circuit Television (CCTV), has grown enormously and is becoming common place with increasing utilization in society as an all-purpose security tool. Previous authors (Ditton, 1999; Davies, 1998; Horne, 1998; Tomkins, 1998) have raised concern over social, civil and privacy issues, but there has been limited research to quantify these concerns. There are a number of core aspects that could relocate the risk perception and therefore, social support of public street surveillance. This study utilized the psychometric paradigm to quantitatively measure the social risk perception of public street surveillance. The psychometric paradigm is a …

Security Questions Abound As Autonomous Vehicles Emerge, Usu College Of Engineering

College of Engineering News

With the rollout of Google’s self-driving car, computer security experts at Utah State University are posing new questions about the hardware and software features that will drive tomorrow’s fleets of autonomous vehicles.

Integrating Visual Mnemonics And Input Feedback With Passphrases To Improve The Usability And Security Of Digital Authentication, Kevin Juang

All Dissertations

The need for both usable and secure authentication is more pronounced than ever before. Security researchers and professionals will need to have a deep understanding of human factors to address these issues. Due to their ubiquity, recoverability, and low barrier of entry, passwords remain the most common means of digital authentication. However, fundamental human nature dictates that it is exceedingly difficult for people to generate secure passwords on their own. System-generated random passwords can be secure but are often unusable, which is why most passwords are still created by humans. We developed a simple system for automatically generating mnemonic phrases …

Streets: Game-Theoretic Traffic Patrolling With Exploration And Exploitation, Matthew Brown, Sandhya Saisubramanian, Pradeep Varakantham, Milind Tambe

Research Collection School Of Computing and Information Systems

To dissuade reckless driving and mitigate accidents, cities deploy resources to patrol roads. In this paper, we present STREETS, an application developed for the city of Singapore, which models the problem of computing randomized traffic patrol strategies as a defenderattacker Stackelberg game. Previous work on Stackelberg security games has focused extensively on counterterrorism settings. STREETS moves beyond counterterrorism and represents the first use of Stackelberg games for traffic patrolling, in the process providing a novel algorithm for solving such games that addresses three major challenges in modeling and scale-up. First, there exists a high degree of unpredictability in travel times …

Perceived Barriers For Implanting Microchips In Humans: A Transnational Study, Christine Perakslis, Katina Michael, M.G. Michael, Robert Gable

Professor Katina Michael

This quantitative, descriptive study investigated if there was a relationship between countries of residence of small business owners (N = 453) within four countries (Australia, India, UK, and the USA) with respect to perceived barriers to RFID (radio frequency identification) transponders being implanted into humans for employee ID. Participants were asked what they believed were the greatest barriers in instituting chip implants for access control in organizations. Participants had six options from which to select. There were significant chi-square analyses reported relative to respondents’ countries and: 1) a perceived barrier of technological issues (χ2 = 11.86, df = 3, p …

Attacks And Countermeasures For Webview On Mobile Systems, Tongbo Luo

Dissertations - ALL

ABSTRACT

All the mainstream mobile operating systems provide a web container, called ``WebView''. This Web-based interface can be included as part of the mobile application to retrieve and display web contents from remote servers. WebView not only provides the same functionalities as web browser, more importantly, it enables rich interactions between mobile apps and webpages loaded inside WebView. Through its APIs, WebView enables the two-way interaction. However, the design of WebView changes the landscape of the Web, especially from the security perspective.

This dissertation conducts a comprehensive and systematic study of WebView's impact on web security, with a particular focus …

Wireless Network Intrusion Detection System, Calvin Jia Liang

Computer Engineering

The Wireless Network Intrusion Detection System is a network-based intrusion detection system (IDS) that listens on a wireless network. The IDS device is a self-contained single-board-computer capable of monitoring the user’s wireless network, detecting suspicious network traffic, and reporting to the user via email. The device has two network interfaces: the wireless interface is used to monitor network traffic, and the wired interface is used to configure the system and to send out detection alerts. The system requires minimal setup, configuration, and maintenance. It is a relatively inexpensive device that tries to improve user’s situational-awareness of one’s wireless network.

Improved Forensic Medical Device Security Through Eating Detection, Nathan Lee Henry

Masters Theses

Patients are increasingly reliant on implantable medical device systems today. For patients with diabetes, an implantable insulin pump system or artificial pancreas can greatly improve quality of life. As with any device, these devices can and do suffer from software and hardware issues, often reported as a safety event. For a forensic investigator, a safety event is indistinguishable from a potential security event. In this thesis, we show a new sensor system that can be transparently integrated into existing and future electronic diabetes therapy systems while providing additional forensic data to help distinguish between safety and security events. We demonstrate …

Cloud-Based Storage Applications For Smart Phones: Forensic Investigation Of Cloud Storage Applications, Radoslaw Ochrymowicz

Dissertations

The proliferation of smart phones across the globe, development of 4G network standards and its progressing implementation along with shift towards cloud computing bring risks to smart phone users who avail of these service. Security of cloud storage mobile applications should be essential to smart phone users. Enterprises’ move to huge data centres and availing of their infrastructure, platform and service is an advantage but poses a risk. Users use corporate resources managed and administered with security in mind of policy makers but it is still possible to use unsecure, designed for users services without business being aware of it. …

Multi-Rotor--Aided Three-Dimensional 802.11 Wireless Heat Mapping, Scott James Pack

Theses and Dissertations

Traditional wireless site surveys produce a heat-map of link strength or quality over a target area, usually on the ground plane. In recent years research has gone into using aerial drones in network attack and surveillance, making three dimensional awareness of wireless coverage areas of interest. A multi-rotor drone and data collection module were built and tested as part of this research. Site assessments were conducted both in open space and near structures. Collected data was interpolated across the target area, and visualized as points and contours. These visualizations were exported to a Keyhole Markup Language (KML) for visualization in …

On The Security Of Auditing Mechanisms For Secure Cloud Storage, Yong Yu, Lei Niu, Guomin Yang, Yi Mu, Willy Susilo

Professor Willy Susilo

Cloud computing is a novel computing model that enables convenient and on-demand access to a shared pool of configurable computing resources. Auditing services are highly essential to make sure that the data is correctly hosted in the cloud. In this paper, we investigate the active adversary attacks in three auditing mechanisms for shared data in the cloud, including two identity privacy-preserving auditing mechanisms called Oruta and Knox, and a distributed storage integrity auditing mechanism. We show that these schemes become insecure when active adversaries are involved in the cloud storage. Specifically, an active adversary can arbitrarily alter the cloud data …

Security Pitfalls Of An Efficient Threshold Proxy Signature Scheme For Mobile Agents, Yong Yu, Yi Mu, Willy Susilo, Man Ho Au

Professor Willy Susilo

A (t,n) threashold proxy signature scheme enables an original signer to delegate his/her signing power to n proxy signers such that any t or more proxy signers can sign messages on behalf of the original signer, but t-1 or less of them cannot produce a valid proxy signature. Based on the RSA cryptosystem, Hong proposed an efficient (t,n) threshold proxy signature for mobile agents. Cai et al. found that the scheme due to Hong is proxy-unprotected , meaning that the original signer can generate a valid proxy signature by himself. However, it is unclear whether the scheme can be used …

Keeping The Skies Safe, Massood Towhidnejad, Andrew J. Kornecki

Department of Electrical Engineering and Computer Science - Daytona Beach

Professors Massood Towhidnejad and Andrew Kornecki shine a light on how their lab is helping government and the aviation industry to enhance the safety and security of software-intensive systems.

Evidentiary Power And Propriety Of Digital Identifiers And The Impact On Privacy Rights In The United States, Michael Losavio, Deborah Keeling

Journal of Digital Forensics, Security and Law

Media and network systems capture and store data about electronic activity in new, sometimes unprecedented ways; computational systems make for new means of analysis and knowledge development. These new forms offer new, powerful tactical tools for investigations of electronic malfeasance under traditional legal regulation of state power, particular that of Fourth Amendment limitations on police searches and seizures under the U.S. Constitution. But autonomy, identity and authenticity concerns with electronic data raise issues of public policy, privacy and proper police oversight of civil society. We examine those issues and their implications for digital and computational forensics

Lll For Ideal Lattices Re-Evaluation Of The Security Of Gentry-Halevi's Fhe Scheme, Thomas Plantard, Willy Susilo, Zhenfei Zhang

Faculty of Engineering and Information Sciences - Papers: Part A

The LLL algorithm, named after its inventors, Lenstra, Lenstra and Lovász, is one of themost popular lattice reduction algorithms in the literature. In this paper, we propose the first variant of LLL algorithm that is dedicated for ideal lattices, namely, the iLLL algorithm. Our iLLL algorithm takes advantage of the fact that within LLL procedures, previously reduced vectors can be re-used for further reductions. Using this method, we prove that the iLLL is at least as fast as the LLL algorithm, and it outputs a basis with the same quality. We also provide a heuristic approach that accelerates the re-use …

On The Security Of Auditing Mechanisms For Secure Cloud Storage, Yong Yu, Lei Niu, Guomin Yang, Yi Mu, Willy Susilo

Faculty of Engineering and Information Sciences - Papers: Part A

Cloud computing is a novel computing model that enables convenient and on-demand access to a shared pool of configurable computing resources. Auditing services are highly essential to make sure that the data is correctly hosted in the cloud. In this paper, we investigate the active adversary attacks in three auditing mechanisms for shared data in the cloud, including two identity privacy-preserving auditing mechanisms called Oruta and Knox, and a distributed storage integrity auditing mechanism. We show that these schemes become insecure when active adversaries are involved in the cloud storage. Specifically, an active adversary can arbitrarily alter the cloud data …

A Multi-Criteria Methodology For Measuring The Resilience Of Transportation Assets And Prioritizing Security Investments, Michelle S. Dojutrek, Samuel Labi, J Eric Dietz

International Institute for Infrastructure Resilience and Reconstruction (I3R2) Conference

Transportation project prioritization uses performance measures that are related to the transportation asset, its operations, and its environment. However, in the state of practice, evaluation does not consider directly the likelihood of natural or man-made threats, the infrastructure resilience, or the consequences of the infrastructure damage in the event that the threat occurs. Thus, during the prioritization of investments, assets of low security do not receive the due attention they deserve. In defining security as the lack of risk of damage from threats due to inherent structure or functional resilience, this paper is based on the premise that the inclusion …

Detection And Control Of Small Civilian Uavs, Matthew Peacock

Theses : Honours

With the increasing proliferation of small civilian Unmanned Aerial Vehicles (UAVs), the threat to critical infrastructure (CI) security and privacy is now widely recognised and must be addressed. These devices are easily available at a low cost, with their usage largely unrestricted allowing users to have no accountability. Further, current implementations of UAVs have little to no security measures applied to their control interfaces. To combat the threat raised by small UAVs, being aware of their presence is required, a task that can be challenging and often requires customised hardware.

This thesis aimed to address the threats posed by the …

On The Security Of Text-Based 3d Captchas, Vu Duc Nguyen, Yang-Wai Chow, Willy Susilo

Faculty of Engineering and Information Sciences - Papers: Part A

CAPTCHAs have become a standard security mechanism that are used to deter automated abuse of online services intended for humans. However, many existing CAPTCHA schemes to date have been successfully broken. As such, a number of CAPTCHA developers have explored alternative methods of designing CAPTCHAs. 3D CAPTCHAs is a design alternative that has been proposed to overcome the limitations of traditional CAPTCHAs. These CAPTCHAs are designed to capitalize on the human visual system's natural ability to perceive 3D objects from an image. The underlying security assumption is that it is difficult for a computer program to identify the 3D content. …

Security Pitfalls Of An Efficient Threshold Proxy Signature Scheme For Mobile Agents, Yong Yu, Yi Mu, Willy Susilo, Man Ho Au

Faculty of Engineering and Information Sciences - Papers: Part A

A (t,n) threashold proxy signature scheme enables an original signer to delegate his/her signing power to n proxy signers such that any t or more proxy signers can sign messages on behalf of the original signer, but t-1 or less of them cannot produce a valid proxy signature. Based on the RSA cryptosystem, Hong proposed an efficient (t,n) threshold proxy signature for mobile agents. Cai et al. found that the scheme due to Hong is proxy-unprotected , meaning that the original signer can generate a valid proxy signature by himself. However, it is unclear whether the scheme can be used …

Distribution Expansion Planning Considering Reliability And Security Of Energy Using Modified Pso (Particle Swarm Optimization) Algorithm, Jamshid Aghaei, Kashem M. Muttaqi, Ali Azizivahed, Mohsen Gitizadeh

Faculty of Engineering and Information Sciences - Papers: Part A

Distribution feeders and substations need to provide additional capacity to serve the growing electrical demand of customers without compromising the reliability of the electrical networks. Also, more control devices, such as DG (Distributed Generation) units are being integrated into distribution feeders. Distribution networks were not planned to host these intermittent generation units before construction of the systems. Therefore, additional distribution facilities are needed to be planned and prepared for the future growth of the electrical demand as well as the increase of network hosting capacity by DG units. This paper presents a multiobjective optimization algorithm for the MDEP (Multi-Stage Distribution …

The Future Of National And International Security On The Internet, Maurice Dawson, Marwan Omar, Jonathan Abramson, Dustin Bessette

Maurice Dawson

Hyperconnectivity is a growing trend that is driving cyber security experts to develop new security architectures for multiple platforms such as mobile devices, laptops, and even wearable displays. The futures of national and international security rely on complex countermeasures to ensure that a proper security posture is maintained during this state of hyperconnectivity. To protect these systems from exploitation of vulnerabilities it is essential to understand current and future threats to include the laws that drive their need to be secured. Examined within this chapter are the potential security-related threats with the use of social media, mobile devices, virtual worlds, …