Engineering Commons^™

Control Flow Integrity For Real-Time Embedded Systems, Yuqian Huo

McKelvey School of Engineering Theses & Dissertations

Devices built on embedded systems are widely used in our daily lives. Nowadays, firmware typically uses C and C++ for efficiency and durability. However, those languages are unsafe which can lead to many software and system security issues. Attackers can easily corrupt a system by issuing various memory corruption attacks on a vulnerable program. Control-flow integrity is one of the most prevalent mechanisms used to protect against memory corruption. Most research papers and prototypes focus on using CFI on high-performance chips such as Intel and ARM Cortex-A. However, many embedded systems targeting time critical services are built on resource constrained …

Single-Rail Adiabatic Logic For Energy-Efficient And Cpa-Resistant Cryptographic Circuit In Low-Frequency Medical Devices, Amit Degada, Himanshu Thapliyal

Electrical and Computer Engineering Graduate Research

Designing energy-efficient and secure cryptographic circuits in low-frequency medical devices are challenging due to low-energy requirements. Also, the conventional CMOS logic-based cryptographic circuits solutions in medical devices can be vulnerable to side-channel attacks (e.g. correlation power analysis (CPA)). In this article, we explored single-rail Clocked CMOS Adiabatic Logic (CCAL) to design an energy-efficient and secure cryptographic circuit for low-frequency medical devices. The performance of the CCAL logic-based circuits was checked with a power clock generator (2N2P-PCG) integrated into the design for the frequency range of 50 kHz to 250 kHz. The CCAL logic gates show an average of approximately 48% …

Feasibility Analysis Of Smart Home Devices - A Domestic Consumer Perspective, A Vittaleswar

Manipal Journal of Science and Technology

The internet of things (IoT) is a relatively new technology that establishes a global network of machines and devices capable of communicating and exchanging data over the internet. However, IoT and the internet are not the same things. IoT generates, analyzes, and makes decisions about connected objects; in other words, the IoT is smarter than the internet. One of the most common applications that make use of the IoT infrastructure to connect multiple sensors is the smart home. The sensors can detect and collect information from the environment, which is then used to control various home systems such as lighting …

Ggnb: Graph-Based Gaussian Naive Bayes Intrusion Detection System For Can Bus, Riadul Islam, Maloy K. Devnath, Manar D. Samad, Syed Md Jaffrey Al Kadry

Computer Science Faculty Research

The national highway traffic safety administration (NHTSA) identified cybersecurity of the automobile systems are more critical than the security of other information systems. Researchers already demonstrated remote attacks on critical vehicular electronic control units (ECUs) using controller area network (CAN). Besides, existing intrusion detection systems (IDSs) often propose to tackle a specific type of attack, which may leave a system vulnerable to numerous other types of attacks. A generalizable IDS that can identify a wide range of attacks within the shortest possible time has more practical value than attack-specific IDSs, which is not a trivial task to accomplish. In this …

Study On P-Wave Velocity And Mechanical Response Characteristic Of Rock In Coal Seam Roof With Supercritical Co2 Injection, Chen Chen, He Xingyi, Niu Qinghe, Yu Hongxu, Xie Xiangyu

Coal Geology & Exploration

Deep coal seam CO₂ geological sequestration and enhanced CH₄ recovery(CO₂-ECBM) can both increase CBM recovery and achieve carbon emission reduction, possessing dual benefits of energy and environment. The geochemical reactions between supercritical CO₂(ScCO₂), water and coal seam roof can change its physical-mechanical properties and increase the risk of CO₂ leakage. In this paper, taking the roof rock of No.3 coal seam in Hudi Mine from Qinshui Basin as the research area, the ScCO₂-water-rock geochemical reaction simulation experiment was carried out to explore the geochemical reaction process of ScCO_{2 …}

The Impact Of Cloud Computing On Academic Libraries, Sivankalai S

Library Philosophy and Practice (e-journal)

With the introduction of computers and other forms of communication technology, library services have undergone a significant transformation. Libraries have been automated, networked, and are currently being converted into virtual or paperless libraries. This article is dedicated to many aspects of cloud computing, including different kinds and applications. There is a discussion about the advantages and drawbacks of cloud computing in academic libraries. The article also includes recommendations for professional librarians and academic libraries across the globe on how to take advantage of cloud computing resources. This article may be of use in the development of cloud-based services for university …

Internet Of Things Security Case Studies And Internet Of Things Core Service Comparions, Jaseong Koo

Electronic Theses, Projects, and Dissertations

This culminating project conducted an analysis of IoT security breach case studies. The analysis identified numerous vulnerable points: software failure, node tampering attack, eavesdropping, code injection, unauthorized access, social engineering attack, hardware exploitation, and node insertion. It therefor seems that even with the proper tests conducted on vulnerabilities to discover solutions, regular end users are unable to apply patches or other technical solutions to protect themselves. This project solely focuses on analyzing of comprehensive IoT security services that come with devices connected to home network. The devices are those provided by the big three: Amazon, Google, and Microsoft, on the …

A Meta-Level Approach For Multilingual Taint Analysis, Damian Lyons, Dino Becaj

Faculty Publications

It is increasingly common for software developers to leverage the features and ease-of-use of different languages in building software systems. Nonetheless, interaction between different languages has proven to be a source of software engineering concerns. Existing static analysis tools handle the software engineering concerns of monolingual software but there is little general work for multilingual systems despite the increasing visibility of these systems. While recent work in this area has greatly extended the scope of multilingual static analysis systems, the focus has still been on a primary, host language interacting with subsidiary, guest language functions. In this paper we propose …

Recent Trends In Software-Defined Networking: A Bibliometric Review, Jones Jefferson, Harikrishnan R

Library Philosophy and Practice (e-journal)

Software-Defined Networking is referred to as the next big thing in the field of networking. Legacy networks contain various components such as switches, routers, etc. with a variety of complex protocols. A network administrator is responsible for configuring all these various components. Apart from complex network management, network security is also a persistent issue in the field of networking. SDN promises simplicity in network management while also dramatically improving the security of networks. This paper gives an analysis of the current trends in in SDN as well as Security challenges with SDN. A bibliometric review on SDN has also been …

Dependencyvis: Helping Developers Visualize Software Dependency Information, Nathan Lui

Master's Theses

The use of dependencies have been increasing in popularity over the past decade, especially as package managers such as JavaScript's npm has made getting these packages a simple command to run. However, while incidents such as the left-pad incident has increased awareness of how vulnerable relying on these packages are, there is still some work to be done when it comes to getting developers to take the extra research step to determine if a package is up to standards. Finding metrics of different packages and comparing them is always a difficult and time consuming task, especially since potential vulnerabilities are …

Exploring The Performance Impacts Of Harmful Fpga Configurations, Tanner Gaskin

Theses and Dissertations

In this work a new technique for accelerating the aging of FPGA devices is proposed and demonstrated. The proposed technique uses harmful configurations (short circuits) to accelerate the aging process on targeted portions of an FPGA chip. A testbed is developed for the purpose of measuring FPGA degradation. Using this testbed it is shown that implementing thousands of short circuits in FPGA fabric generates enough heat to cause significant damage to the chip, reducing switching speeds by up to 8%. It is also demonstrated that different parts of the FPGA fabric can be aged at different rates, with some parts …

Towards Secure Deep Neural Networks For Cyber-Physical Systems, Jiangnan Li

Doctoral Dissertations

In recent years, deep neural networks (DNNs) are increasingly investigated in the literature to be employed in cyber-physical systems (CPSs). DNNs own inherent advantages in complex pattern identifying and achieve state-of-the-art performances in many important CPS applications. However, DNN-based systems usually require large datasets for model training, which introduces new data management issues. Meanwhile, research in the computer vision domain demonstrated that the DNNs are highly vulnerable to adversarial examples. Therefore, the security risks of employing DNNs in CPSs applications are of concern.

In this dissertation, we study the security of employing DNNs in CPSs from both the data domain …

An Analysis Of Modern Password Manager Security And Usage On Desktop And Mobile Devices, Timothy Oesch

Doctoral Dissertations

Security experts recommend password managers to help users generate, store, and enter strong, unique passwords. Prior research confirms that managers do help users move towards these objectives, but it also identified usability and security issues that had the potential to leak user data or prevent users from making full use of their manager. In this dissertation, I set out to measure to what extent modern managers have addressed these security issues on both desktop and mobile environments. Additionally, I have interviewed individuals to understand their password management behavior.

I begin my analysis by conducting the first security evaluation of the …

A Bibliometric Analysis Of Authentication Based Access Control In Cloud Using Blockchain, Yogesh Gajmal, Udayakumar R.

Library Philosophy and Practice (e-journal)

Access Control is mentioned to as the imprisonment of particular activities of an individual to carry out an action. Cloud storing similar to any other untrusted surroundings wants the capacity to protect the shared data. The one of the apparatus of access mechanism is ciphertext-policy attribute-based encryption system over and done with dynamic characteristics. With a blockchain based distributed ledger, the scheme offers immutable log of whole significant safety events, for example key generation, change or revocation, access policy assignment, access request etc. Number of different problems similar to single point of failure, security and privacy etc. were targeted through …

Bibliometric Survey On Zero-Knowledge Proof For Authentication, Adwait Pathak, Tejas Patil, Shubham Pawar, Piyush Raut, Smita Khairnar, Dr. Shilpa Gite

Library Philosophy and Practice (e-journal)

Background: Zero Knowledge Proof is a persuasive cryptographic protocol employed to provide data security by keeping the user's identity, using the services anonymously. Zero Knowledge Proof can be the preferred option to use in multiple circumstances. Instead of using the public key cryptographic protocols, the zero-knowledge proof usage does not expose or leak confidential data or information during the transmission. Zero Knowledge Proof protocols are comparatively lightweight; this results in making it efficient in terms of memory. Zero Knowledge Proof applications can reside in authentication, identity management, cryptocurrency transactions, and many more. Traditional authentication schemes are vulnerable to attacks …

Time Series Data Analysis Using Machine Learning-(Ml) Approach, Mvv Prasad Kantipudi Dr., Pradeep Kumar N.S Dr., S.Sreenath Kashyap Dr., Ss Anusha Vemuri Ms

Library Philosophy and Practice (e-journal)

Healthcare benefits related to continuous monitoring of human movement and physical activity can potentially reduce the risk of accidents associated with elderly living alone at home. Based on the literature review, it is found that many studies focus on human activity recognition and are still active towards achieving practical solutions to support the elderly care system. The proposed system has introduced a joint approach of machine learning and signal processing technology for the recognition of human's physical movements using signal data generated by accelerometer sensors. The framework adopts the concept of DSP to select very descriptive feature sets and uses …

Cyber-Physical Security Assessment And Resilience Of A Microgrid Testbed, Said Ahmed-Zaid, Sin Ming Loo, Andres Valdepena-Delgado, Theron Beam

Electrical and Computer Engineering Faculty Publications and Presentations

In order to identify potential weakness in communication and data in transit, a microgrid testbed is being developed at Boise State University. This testbed will be used to verify microgrid models and communication methods in an effort to increase the resiliency of these systems to cyber-attacks. If vulnerabilities are found in these communication methods, then risk mitigation techniques will be developed to address them.

Improved Secure And Low Computation Authentication Protocol For Wireless Body Area Network With Ecc And 2d Hash Chain, Soohyeon Choi

Electronic Theses and Dissertations

Since technologies have been developing rapidly, Wireless Body Area Network (WBAN) has emerged as a promising technique for healthcare systems. People can monitor patients’ body condition and collect data remotely and continuously by using WBAN with small and compact wearable sensors. These sensors can be located in, on, and around the patient’s body and measure the patient’s health condition. Afterwards sensor nodes send the data via short-range wireless communication techniques to an intermediate node. The WBANs deal with critical health data, therefore, secure communication within the WBAN is important. There are important criteria in designing a security protocol for a …

Lightweight Encryption Based Security Package For Wireless Body Area Network, Sangwon Shin

Electronic Theses and Dissertations

As the demand of individual health monitoring rose, Wireless Body Area Networks (WBAN) are becoming highly distinctive within health applications. Nowadays, WBAN is much easier to access then what it used to be. However, due to WBAN’s limitation, properly sophisticated security protocols do not exist. As WBAN devices deal with sensitive data and could be used as a threat to the owner of the data or their family, securing individual devices is highly important. Despite the importance in securing data, existing WBAN security methods are focused on providing light weight security methods. This led to most security methods for WBAN …

Biocybersecurity: A Converging Threat As An Auxiliary To War, Lucas Potter, Orlando Ayala, Xavier-Lewis Palmer

Engineering Technology Faculty Publications

Biodefense is the discipline of ensuring biosecurity with respect to select groups of organisms and limiting their spread. This field has increasingly been challenged by novel threats from nature that have been weaponized such as SARS, Anthrax, and similar pathogens, but has emerged victorious through collaboration of national and world health groups. However, it may come under additional stress in the 21st century as the field intersects with the cyberworld-- a world where governments have already been struggling to keep up with cyber attacks from small to state-level actors as cyberthreats have been relied on to level the playing field …

Covid-19 And Biocybersecurity's Increasing Role On Defending Forward, Xavier Palmer, Lucas N. Potter, Saltuk Karahan

Electrical & Computer Engineering Faculty Publications

The evolving nature of warfare has been changing with cybersecurity and the use of advanced biotechnology in each aspect of the society is expanding and overlapping with the cyberworld. This intersection, which has been described as “biocybersecurity” (BCS), can become a major front of the 21st-century conflicts. There are three lines of BCS which make it a critical component of overall cybersecurity: (1) cyber operations within the area of BCS have life threatening consequences to a greater extent than other cyber operations, (2) the breach in health-related personal data is a significant tool for fatal attacks, and (3) health-related misinformation …

Mitigating Insider Threats In A Cooperative Adaptive Cruise Control System Using Local Intra-Vehicle Data, Alexander Francis Colon

Graduate Theses, Dissertations, and Problem Reports

With the rise of Connected-and-Automated-Vehicle (CAV) technologies on roadways, transportation networks have become increasingly connected through Vehicle-to-Everything (V2X) systems. With access to the additional data from V2X, modern cruise control systems like Adaptive Cruise Control (ACC) are further improved upon to develop systems like Cooperative ACC (CACC) which reduces traffic congestion and increases driver safety and energy efficiency. With that increased connectivity, previously closed vehicle systems are now vulnerable to new security threats which pose new technical challenges. Significant research has been done to strengthen the network against external threats such as denial-of-service attacks (DoS) or passive eavesdropping attacks using …