Physical Sciences and Mathematics Commons^™

A Domain Specific Language For Digital Forensics And Incident Response Analysis, Christopher D. Stelly

University of New Orleans Theses and Dissertations

One of the longstanding conceptual problems in digital forensics is the dichotomy between the need for verifiable and reproducible forensic investigations, and the lack of practical mechanisms to accomplish them. With nearly four decades of professional digital forensic practice, investigator notes are still the primary source of reproducibility information, and much of it is tied to the functions of specific, often proprietary, tools.

The lack of a formal means of specification for digital forensic operations results in three major problems. Specifically, there is a critical lack of:

a) standardized and automated means to scientifically verify accuracy of digital forensic tools; …

Image-Based Malware Classification With Convolutional Neural Networks And Extreme Learning Machines, Mugdha Jain

Master's Projects

Research in the field of malware classification often relies on machine learning models that are trained on high level features, such as opcodes, function calls, and control flow graphs. Extracting such features is costly, since disassembly or code execution is generally required. In this research, we conduct experiments to train and evaluate machine learning models for malware classification, based on features that can be obtained without disassembly or execution of code. Specifically, we visualize malware samples as images and employ image analysis techniques. In this context, we focus on two machine learning models, namely, Convolutional Neural Networks (CNN) and Extreme …

Hot Fusion Vs Cold Fusion For Malware Detection, Snehal Bichkar

Master's Projects

A fundamental problem in malware research consists of malware detection, that is, dis- tinguishing malware samples from benign samples. This problem becomes more challeng- ing when we consider multiple malware families. A typical approach to this multi-family detection problem is to train a machine learning model for each malware family and score each sample against all models. The resulting scores are then used for classification. We refer to this approach as “cold fusion,” since we combine previously-trained models—no retraining of these base models is required when additional malware families are considered. An alternative approach is to train a single model …

Rhetsec_ | Rhetorical Security, Jennifer Mead

Culminating Projects in English

Rhetsec_ examines the rhetorical situation, the rhetorical appeals, and how phishing emails simulate "real" emails in five categories of phishing emails. While the first focus of cybersecurity is security, you must also understand the language of computers to know how to secure them. Phishing is one way to compromise security using computers, and so the computer becomes a tool for malicious language (phishing emails and malware) to be transmitted. Therefore to be concerned with securing computers, then you must also be concerned with language. Language is rhetoric's domain, and the various rhetorical elements which create an identity of the phisher …

When Keystroke Meets Password: Attacks And Defenses, Ximing Liu

Dissertations and Theses Collection (Open Access)

Password is a prevalent means used for user authentication in pervasive computing environments since it is simple to be deployed and convenient to use. However, the use of password has intrinsic problems due to the involvement of keystroke. Keystroke behaviors may emit various side-channel information, including timing, acoustic, and visual information, which can be easily collected by an adversary and leveraged for the keystroke inference. On the other hand, those keystroke-related information can also be used to protect a user's credentials via two-factor authentication and biometrics authentication schemes. This dissertation focuses on investigating the PIN inference due to the side-channel …

Improving The Classification Of Tiny Images For Forensic Analysis, Roba Jafar Alharbi

Theses and Dissertations

Forensics can be defined as the approach that connects with and uses in governments and different organizations in order to detect any malicious activity. Digital forensics has become an essential approach to cyber investigation. Image forensics is one of the most beneficial ways that are used in digital forensics in order to help investigators in cybercrimes. Therefore, investigators can discover some new evidence besides what is already available on their systems when they use some digital forensics techniques. This thesis focuses on identifying an image based on its contents, especially tiny images. We investigated ways to improve the performance of …

Detection And Countermeasure Of Saturation Attacks In Software-Defined Networks, Samer Yousef Khamaiseh

Boise State University Theses and Dissertations

The decoupling of control and data planes in software-defined networking (SDN) facilitates orchestrating the network traffic. However, SDN suffers from critical security issues, such as DoS saturation attacks on the data plane. These attacks can exhaust the SDN component resources, including the computational resources of the control plane, create a high packet loss rate and a long delay in delivering the OpenFlow messages due to the bandwidth consumption of the OpenFlow connection channel, and exhausting the buffer memory of the data plane.

Currently, most of the existing machine learning detection methods rely on a predefined time-window to start analyzing the …

Bullynet: Unmasking Cyberbullies On Social Networks, Aparna Sankaran

Boise State University Theses and Dissertations

Social media has changed the way people communicate with each other, and consecutively affected people's ability to empathize in both positive and negative ways. One of the most harmful consequences of social media is the rise of cyberbullying, which tends to be more sinister than traditional bullying given that online records typically live on the internet for quite a long time and are hard to control. In this thesis, we present a three-phase algorithm, called BullyNet, for detecting cyberbullies on Twitter social network. We exploit bullying tendencies by proposing a robust method for constructing a cyberbullying signed network. BullyNet analyzes …

Countering Cybersecurity Vulnerabilities In The Power System, Fengli Zhang

Graduate Theses and Dissertations

Security vulnerabilities in software pose an important threat to power grid security, which can be exploited by attackers if not properly addressed. Every month, many vulnerabilities are discovered and all the vulnerabilities must be remediated in a timely manner to reduce the chance of being exploited by attackers. In current practice, security operators have to manually analyze each vulnerability present in their assets and determine the remediation actions in a short time period, which involves a tremendous amount of human resources for electric utilities. To solve this problem, we propose a machine learning-based automation framework to automate vulnerability analysis and …

Building Datasets From Publicly Accessible Social Media Images For Biometric Analysis, Giordano Roberto Benitez Torres

Theses and Dissertations

The world is developing at a rapid pace, and some of its advancement can be accredited to technological innovations that are affecting many aspects of society. A field within computer science that is increasingly reaching many industries is Biometrics, specifically the area face recognition. Researchers, scientists, and organizations actively try to improve the performance of tools and algorithms. Nevertheless, for it to occur, there is a need for high-quality datasets to test and develop new techniques. Never had humanity, in the course of the history of civilization, produced massive amounts of data as it currently does. Social media networks play …

A Taxonomy Of Security Features For The Comparison Of Home Automation Protocols, Amal Abdullah Alasiri

Theses and Dissertations

Both academia and industry environments are getting significant attention to the Internet-of-Things (IoT) technology because of the unlimited benefits that this technology can bring to the environment. The technology presents a vision of a future Internet where computing systems, nodes, users, and daily nodes such as sensors and actuators cooperate with unprecedented convenience and economic benefits. The umbrella of IoT covers various applications as the following (smart home, transport, community, and national applications). Most of the studies focus on its technical and usage more than the security perspective. Especially, there are limited papers focus on smart home protocols security regarding …

Evaluating The Resiliency Of Industrial Internet Of Things Process Control Using Protocol Agnostic Attacks, Hector L. Roldan

Theses and Dissertations

Improving and defending our nation's critical infrastructure has been a challenge for quite some time. A malfunctioning or stoppage of any one of these systems could result in hazardous conditions on its supporting populace leading to widespread damage, injury, and even death. The protection of such systems has been mandated by the Office of the President of the United States of America in Presidential Policy Directive Order 21. Current research now focuses on securing and improving the management and efficiency of Industrial Control Systems (ICS). IIoT promises a solution in enhancement of efficiency in ICS. However, the presence of IIoT …

Innovative Business Model For Smart Healthcare Insurance, Maryam Hasan Abdullah Al Thawadi

Information Security Theses

Information revolution and technology growth have made a considerable contribution to restraining the cost expansion and empowering the customer. They disrupted most business models in different industries. The customer-centric business model has pervaded the different sectors. Smart healthcare has made an enormous shift in patient life and raised their expectations of healthcare services quality. Healthcare insurance is an essential business in the healthcare sector; patients expect a new business model to meet their needs and enhance their wellness. This research develops a holistic smart healthcare architecture based on the recent development of information and communications technology. Then develops a disruptive …

Franklin Township Municipal Broadband And Wireless Network, William Galtieri

Mathematics and Computer Science Capstones

Franklin Township is a municipality in Somerset County, New Jersey covering an area of approximately 46.15 square miles and a population of 62,300 as of the 2010 Census. The town relies on a cellular provider to provide data connections for computers in municipal vehicles such as police cars, public works vehicles, fire inspection trucks, building inspectors and other departments. Additionally, the municipality pays for connections for security cameras at remote facilities and for smart garbage can monitoring throughout the town. These services are costly for the municipality and create a dependency on service providers for access to information needed by …

Predictors Of Ransomware From Binary Analysis, Aaron M. Otis

Master's Theses

Ransomware, a type of malware that extorts payment from a victim by encrypting her data, is a growing threat that is becoming more sophisticated with each generation. Attackers have shifted from targeting individuals to entire organizations, raising extortions from hundreds of dollars to hundreds of thousands of dollars. In this work, we analyze a variety of ransomware and benign software binaries in order to identify indicators that may be used to detect ransomware. We find that several combinations of strings, cryptographic constants, and a large number loops are key indicators useful for detecting ransomware.

Blocks' Network: Redesign Architecture Based On Blockchain Technology, Moataz Hanif

Doctoral Dissertations and Master's Theses

The Internet is a global network that uses communication protocols. It is considered the most important system reached by humanity, which no one can abandon. However, this technology has become a weapon that threatens the privacy of users, especially in the client-server model, where data is stored and managed privately. Additionally, users have no power over their data that store in a private server, which means users’ data may interrupt by government or might be sold via service provider for-profit purposes. Furthermore, blockchain is a technology that we can rely on to solve issues related to client-server model if appropriately …

Suitability Of Finite State Automata To Model String Constraints In Probablistic Symbolic Execution, Andrew Harris

Boise State University Theses and Dissertations

Probabilistic Symbolic Execution (PSE) extends Symbolic Execution (SE), a path-sensitive static program analysis technique, by calculating the probabilities with which program paths are executed. PSE relies on the ability of the underlying symbolic models to accurately represent the execution paths of the program as the collection of input values following these paths. While researchers established PSE for numerical data types, PSE for complex data types such as strings is a novel area of research.

For string data types SE tools commonly utilize finite state automata to represent a symbolic string model. Thus, PSE inherits from SE automata-based symbolic string models …

Cybersecurity Education In Utah High Schools: An Analysis And Strategy For Teacher Adoption, Cariana June Cornel

Theses and Dissertations

The IT Education Specialist for the USBE, Brandon Jacobson, stated:I feel there is a deficiency of and therefore a need to teach Cybersecurity.Cybersecurity is the “activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and/or defended against damage, unauthorized use or modification, or exploitation” (NICE, 2018). Practicing cybersecurity can increase awareness of cybersecurity issues, such as theft of sensitive information. Current efforts, including but not limited to, cybersecurity camps, competitions, college courses, and conferences, have been created to better prepare cyber citizens nationwide for such cybersecurity occurrences. In …

Formally Designing And Implementing Cyber Security Mechanisms In Industrial Control Networks., Mehdi Sabraoui

Electronic Theses and Dissertations

This dissertation describes progress in the state-of-the-art for developing and deploying formally verified cyber security devices in industrial control networks. It begins by detailing the unique struggles that are faced in industrial control networks and why concepts and technologies developed for securing traditional networks might not be appropriate. It uses these unique struggles and examples of contemporary cyber-attacks targeting control systems to argue that progress in securing control systems is best met with formal verification of systems, their specifications, and their security properties. This dissertation then presents a development process and identifies two technologies, TLA+ and seL4, that can be …

An Architecture For Blockchain-Based Collaborative Signature-Based Intrusion Detection System, Daniel Laufenberg

Master of Science in Information Technology Theses

Collaborative intrusion detection system (CIDS), where IDS hosts work with each other and share resources, have been proposed to cope with the increasingly sophisticated cyberattacks. Despite the promising benefits such as expanded signature databases and alert data from multiple sites, trust management and consensus building remain as challenges for a CIDS to work effectively. The blockchain technology with built-in immutability and consensus building capability provides a viable solution to the issues of CIDS. In this paper, we introduce an architecture for a blockchain-enabled signature-based collaborative IDS, discuss the implementation strategy of the proposed architecture and developed a prototype using Hyperledger …

The Trust-Based Interactive Partially Observable Markov Decision Process, Richard S. Seymour

Theses and Dissertations

Cooperative agent and robot systems are designed so that each is working toward the same common good. The problem is that the software systems are extremely complex and can be subverted by an adversary to either break the system or potentially worse, create sneaky agents who are willing to cooperate when the stakes are low and take selfish, greedy actions when the rewards rise. This research focuses on the ability of a group of agents to reason about the trustworthiness of each other and make decisions about whether to cooperate. A trust-based interactive partially observable Markov decision process (TI-POMDP) is …

Preventing Browser Fingerprinting By Randomizing Canvas, Rianna Quiogue

Honors Theses

Whether users know it or not, their online behaviors are being tracked and stored by many of the websites they visit regularly through a technique called browser fingerprinting. Just like a person's physical fingerprint can identify them, users' browser fingerprints can identify them on the Internet. This thesis outlines the techniques used in browser fingerprinting and explains how although it can be used for good, it can also be a major threat to people's online privacy and security. Since browser fingerprinting has gained popularity among many websites and advertising companies, researchers have been developing ways to counteract its effectiveness by …

The Performance Cost Of Security, Lucy R. Bowen

Master's Theses

Historically, performance has been the most important feature when optimizing computer hardware. Modern processors are so highly optimized that every cycle of computation time matters. However, this practice of optimizing for performance at all costs has been called into question by new microarchitectural attacks, e.g. Meltdown and Spectre. Microarchitectural attacks exploit the effects of microarchitectural components or optimizations in order to leak data to an attacker. These attacks have caused processor manufacturers to introduce performance impacting mitigations in both software and silicon.

To investigate the performance impact of the various mitigations, a test suite of forty-seven different tests was created. …

Sql Injection Detection Using Machine Learning, Sonali Mishra

Master's Projects

Sharing information over the Internet over multiple platforms and web-applications has become a quite common phenomenon in the recent times. The web-based applications that accept critical information from users store this information in databases. These applications and the databases connected to them are susceptible to all kinds of information security threats due to being accessible through the Internet. The threats include attacks such as Cross Side Scripting (CSS), Denial of Service Attack (DoS0, and Structured Query Language (SQL) Injection attacks. SQL Injection attacks fall under the top ten vulnerabilities when we talk about web-based applications. Through this kind of attack, …

Intelligent Log Analysis For Anomaly Detection, Steven Yen

Master's Projects

Computer logs are a rich source of information that can be analyzed to detect various issues. The large volumes of logs limit the effectiveness of manual approaches to log analysis. The earliest automated log analysis tools take a rule-based approach, which can only detect known issues with existing rules. On the other hand, anomaly detection approaches can detect new or unknown issues. This is achieved by looking for unusual behavior different from the norm, often utilizing machine learning (ML) or deep learning (DL) models. In this project, we evaluated various ML and DL techniques used for log anomaly detection. We …

Breaking Audio Captcha Using Machine Learning/Deep Learning And Related Defense Mechanism, Heemany Shekhar

Master's Projects

CAPTCHA is a web-based authentication method used by websites to distinguish between humans (valid users) and bots(attackers). Audio captcha is an accessible captcha meant for the visually disabled section of users such as color-blind, blind, near-sighted users. In this project, I analyzed the security of audio captchas from attacks that employ machine learning and deep learning models. Audio captchas of varying lengths (5, 7 and 10) and varying background noise (no noise, medium noise or high noise) were analyzed. I found that audio captchas with no background noise or medium background noise were easily attacked with 99% - 100% accuracy. …

Measuring Malware Evolution Using Support Vector Machines, Mayuri Wadkar

Master's Projects

Malware is software that is designed to do harm to computer systems. Malware often evolves over a period of time as malware developers add new features and fix bugs. Thus, malware samples from the same family from different time periods can exhibit significantly different behavior. Differences between malware samples within a single family can originate from various code modifications designed to evade signature-based detection or changes that are made to alter the functionality of the malware itself. In this research, we apply feature ranking based on linear support vector machine (SVM) weights to identify, quantify, and track changes within malware …

Multifamily Malware Models, Samanvitha Basole

Master's Projects

When training a machine learning model, there is likely to be a tradeoff between the accuracy of the model and the generality of the dataset. Previous research has shown that if we train a model to detect one specific malware family, we obtain stronger results as compared to a case where we train a single model on multiple diverse families. During the detection phase, it would be more efficient to have a single model that could detect multiple families, rather than having to score each sample against multiple models. In this research, we conduct experiments to quantify the relationship between …

Deep Learning For Image Spam Detection, Tazmina Sharmin

Master's Projects

Spam can be defined as unsolicited bulk email. In an effort to evade text-based spam filters, spammers can embed their spam text in an image, which is referred to as image spam. In this research, we consider the problem of image spam detection, based on image analysis. We apply various machine learning and deep learning techniques to real-world image spam datasets, and to a challenge image spam-like dataset. We obtain results comparable to previous work for the real-world datasets, while our deep learning approach yields the best results to date for the challenge dataset.

Contract Builder Ethereum Application, Colin M. Fowler

Master's Projects

Developments in Blockchain, smart contract, and decentralized application (“dApps”) technology have enabled new types of software that can improve efficiency within law firms by increasing speed at which attorneys may draft and execute contracts. Smart contracts and dApps are self-executing software that reside on a blockchain. Custom smart contracts can be built in a modular manner in order to emulate contracts that are commonly generated and executed in law firms. Such contracts include those for the transfer of services, goods, and title. This article explores exactly how implementations of smart contracts for law firms may look.