Physical Sciences and Mathematics Commons^™

Future Trends And Directions For Secure Infrastructure Architecture In The Education Sector: A Systematic Review Of Recent Evidence, Isaac Atta Senior Ampofo, Isaac Atta Junior Ampofo

Journal of Research Initiatives

The most efficient approach to giving large numbers of students’ access to computational resources is through a data center. A contemporary method for building the data center's computer infrastructure is the software-defined model, which enables user tasks to be processed in a reasonable amount of time and at a reasonable cost. The researcher examines potential directions and trends for a secured infrastructure design in this article. Additionally, interoperable, highly reusable modules that can include the newest trends in the education industry are made possible by cloud-based educational software. The Reference Architecture for University Education System Using AWS Services is presented …

Unmasking Deception In Vanets: A Decentralized Approach To Verifying Truth In Motion, Susan Zehra, Syed R. Rizvi, Steven Olariu

College of Sciences Posters

VANET, which stands for "Vehicular Ad Hoc Network," is a wireless network that allows vehicles to communicate with each other and with infrastructure, such as Roadside Units (RSUs), with the aim of enhancing road safety and improving the overall driving experience through real-time exchange of information and data. VANET has various applications, including traffic management, road safety alerts, and navigation. However, the security of VANET can be compromised if a malicious user alters the content of messages transmitted, which can harm both individual vehicles and the overall trust in VANET technology. Ensuring the correctness of messages is crucial for the …

Torsh: Obfuscating Consumer Internet-Of-Things Traffic With A Collaborative Smart-Home Router Network, Adam Vandenbussche

Dartmouth College Undergraduate Theses

When consumers install Internet-connected "smart devices" in their homes, metadata arising from the communications between these devices and their cloud-based service providers enables adversaries privy to this traffic to profile users, even when adequate encryption is used. Internet service providers (ISPs) are one potential adversary privy to users’ incom- ing and outgoing Internet traffic and either currently use this insight to assemble and sell consumer advertising profiles or may in the future do so. With existing defenses against such profiling falling short of meeting user preferences and abilities, there is a need for a novel solution that empowers consumers to …

Security Hardening Of Intelligent Reflecting Surfaces Against Adversarial Machine Learning Attacks, Ferhat Ozgur Catak, Murat Kuzlu, Haolin Tang, Evren Catak, Yanxiao Zhao

Engineering Technology Faculty Publications

Next-generation communication networks, also known as NextG or 5G and beyond, are the future data transmission systems that aim to connect a large amount of Internet of Things (IoT) devices, systems, applications, and consumers at high-speed data transmission and low latency. Fortunately, NextG networks can achieve these goals with advanced telecommunication, computing, and Artificial Intelligence (AI) technologies in the last decades and support a wide range of new applications. Among advanced technologies, AI has a significant and unique contribution to achieving these goals for beamforming, channel estimation, and Intelligent Reflecting Surfaces (IRS) applications of 5G and beyond networks. However, the …

Ggnb: Graph-Based Gaussian Naive Bayes Intrusion Detection System For Can Bus, Riadul Islam, Maloy K. Devnath, Manar D. Samad, Syed Md Jaffrey Al Kadry

Computer Science Faculty Research

The national highway traffic safety administration (NHTSA) identified cybersecurity of the automobile systems are more critical than the security of other information systems. Researchers already demonstrated remote attacks on critical vehicular electronic control units (ECUs) using controller area network (CAN). Besides, existing intrusion detection systems (IDSs) often propose to tackle a specific type of attack, which may leave a system vulnerable to numerous other types of attacks. A generalizable IDS that can identify a wide range of attacks within the shortest possible time has more practical value than attack-specific IDSs, which is not a trivial task to accomplish. In this …

Sofi: Reflection-Augmented Fuzzing For Javascript Engines, Xiaoyu He, Xiaofei Xie, Yuekang Li, Jianwen Sun, Feng Li, Wei Zou, Yang Liu, Lei Yu, Jianhua Zhou, Wenchang Shi, Wei Huo

Research Collection School Of Computing and Information Systems

JavaScript engines have been shown prone to security vulnerabilities, which can lead to serious consequences due to their popularity. Fuzzing is an effective testing technique to discover vulnerabilities. The main challenge of fuzzing JavaScript engines is to generate syntactically and semantically valid inputs such that deep functionalities can be explored. However, due to the dynamic nature of JavaScript and the special features of different engines, it is quite challenging to generate semantically meaningful test inputs.We observed that state-of-the-art semantic-aware JavaScript fuzzers usually require manually written rules to analyze the semantics for a JavaScript engine, which is labor-intensive, incomplete and engine-specific. …

Trust Models And Risk In The Internet Of Things, Jeffrey Hemmes

Regis University Faculty Publications

The Internet of Things (IoT) is envisaged to be a large-scale, massively heterogeneous ecosystem of devices with varying purposes and capabilities. While architectures and frameworks have focused on functionality and performance, security is a critical aspect that must be integrated into system design. This work proposes a method of risk assessment of devices using both trust models and static capability profiles to determine the level of risk each device poses. By combining the concepts of trust and secure device fingerprinting, security mechanisms can be more efficiently allocated across networked IoT devices. Simultaneously, devices can be allowed a greater degree of …

Concentration Inequalities In The Wild: Case Studies In Blockchain & Reinforcement Learning, A. Pinar Ozisik

Doctoral Dissertations

Concentration inequalities (CIs) are a powerful tool that provide probability bounds on how a random variable deviates from its expectation. In this dissertation, first I describe a blockchain protocol that I have developed, called Graphene, which uses CIs to provide probabilistic guarantees on performance. Second, I analyze the extent to which CIs are robust when the assumptions they require are violated, using Reinforcement Learning (RL) as the domain. Graphene is a method for interactive set reconciliation among peers in blockchains and related distributed systems. Through the novel combination of a Bloom filter and an Invertible Bloom Lookup Table, Graphene uses …

Improved Secure And Low Computation Authentication Protocol For Wireless Body Area Network With Ecc And 2d Hash Chain, Soohyeon Choi

Electronic Theses and Dissertations

Since technologies have been developing rapidly, Wireless Body Area Network (WBAN) has emerged as a promising technique for healthcare systems. People can monitor patients’ body condition and collect data remotely and continuously by using WBAN with small and compact wearable sensors. These sensors can be located in, on, and around the patient’s body and measure the patient’s health condition. Afterwards sensor nodes send the data via short-range wireless communication techniques to an intermediate node. The WBANs deal with critical health data, therefore, secure communication within the WBAN is important. There are important criteria in designing a security protocol for a …

Lightweight Encryption Based Security Package For Wireless Body Area Network, Sangwon Shin

Electronic Theses and Dissertations

As the demand of individual health monitoring rose, Wireless Body Area Networks (WBAN) are becoming highly distinctive within health applications. Nowadays, WBAN is much easier to access then what it used to be. However, due to WBAN’s limitation, properly sophisticated security protocols do not exist. As WBAN devices deal with sensitive data and could be used as a threat to the owner of the data or their family, securing individual devices is highly important. Despite the importance in securing data, existing WBAN security methods are focused on providing light weight security methods. This led to most security methods for WBAN …

A Performance-Sensitive Malware Detection System Using Deep Learning On Mobile Devices, Ruitao Feng, Sen Chen, Xiaofei Xie, Guozhu Meng, Shang-Wei Lin, Yang Liu

Research Collection School Of Computing and Information Systems

Currently, Android malware detection is mostly performed on server side against the increasing number of malware. Powerful computing resource provides more exhaustive protection for app markets than maintaining detection by a single user. However, apart from the applications (apps) provided by the official market (i.e., Google Play Store), apps from unofficial markets and third-party resources are always causing serious security threats to end-users. Meanwhile, it is a time-consuming task if the app is downloaded first and then uploaded to the server side for detection, because the network transmission has a lot of overhead. In addition, the uploading process also suffers …

Design And Implementation Of Path Finding And Verification In The Internet, Hao Cai

Doctoral Dissertations

In the Internet, network traffic between endpoints typically follows one path that is determined by the control plane. Endpoints have little control over the choice of which path their network traffic takes and little ability to verify if the traffic indeed follows a specific path. With the emergence of software-defined networking (SDN), more control over connections can be exercised, and thus the opportunity for novel solutions exists. However, there remain concerns about the attack surface exposed by fine-grained control, which may allow attackers to inject and redirect traffic. To address these opportunities and concerns, we consider two specific challenges: (1) …

A Simplified Secure Programming Platform For Internet Of Things Devices, Halim Burak Yesilyurt

FIU Electronic Theses and Dissertations

The emerging Internet of Things (IoT) revolution has introduced many useful applications that are utilized in our daily lives. Users can program these devices in order to develop their own IoT applications; however, the platforms and languages that are used during development are abounding, complicated, and time-consuming. The software solution provided in this thesis, PROVIZ+, is a secure sensor application development software suite that helps users create sophisticated and secure IoT applications with little software and hardware experience. Moreover, a simple and efficient domain-specific programming language, namely Panther language, was designed for IoT application development to unify existing programming languages. …

Malware For Macintosh, Nathan C. Shinabarger, Josiah E. Bills, Richard W. Lively, Noah S. Shinabarger

The Research and Scholarship Symposium (2013-2019)

Technology is a cornerstone of modern society. Unfortunately, it seems that every new piece of technology is accompanied by five computer-security breaches elsewhere. Most people associate hacks with Windows computers. This is a problem because Apple computers, and other non-Windows systems, are also extremely vulnerable to attacks and risk being compromised. Dolos is a piece of malware we developed intended to exploit the macOS Sierra operating system. It provides a framework for running exploits and comes built in with certain control and data exfiltration capabilities. Dolos also helps destroy the misconception of "the impenetrable Macintosh computer" by showing that Apple …

Techniques For Identifying Mobile Platform Vulnerabilities And Detecting Policy-Violating Applications, Mon Kywe Su

Dissertations and Theses Collection

Mobile systems are generally composed of three layers of software: application layer where third-party applications are installed, framework layer where Application Programming Interfaces (APIs) are exposed, and kernel layer where low-level system operations are executed. In this dissertation, we focus on security and vulnerability analysis of framework and application layers. Security mechanisms, such as Android’s sandbox and permission systems, exist in framework layer, while malware scanners protects application layer. However, there are rooms for improvement in both mechanisms. For instance, Android’s permission system is known to be implemented in ad-hoc manner and not well-tested for vulnerabilities. Application layer also focuses …

Data Verifications For Online Social Networks, Mahmudur Rahman

FIU Electronic Theses and Dissertations

Social networks are popular platforms that simplify user interaction and encourage collaboration. They collect large amounts of media from their users, often reported from mobile devices. The value and impact of social media makes it however an attractive attack target. In this thesis, we focus on the following social media vulnerabilities. First, review centered social networks such as Yelp and Google Play have been shown to be the targets of significant search rank and malware proliferation attacks. Detecting fraudulent behaviors is thus paramount to prevent not only public opinion bias, but also to curb the distribution of malware. Second, the …

Trust Based Privacy Policy Enforcement In Cloud Computing, Karthick Ramachandran

Electronic Thesis and Dissertation Repository

Cloud computing offers opportunities for organizations to reduce IT costs by using the computation and storage of a remote provider. Despite the benefits offered by cloud computing paradigm, organizations are still wary of delegating their computation and storage to a cloud service provider due to trust concerns. The trust issues with the cloud can be addressed by a combination of regulatory frameworks and supporting technologies. Privacy Enhancing Technologies (PET) and remote attestation provide the technologies for addressing the trust concerns. PET provides proactive measures through cryptography and selective dissemination of data to the client. Remote attestation mechanisms provides reactive measures …

Ios Device Forensics, Lauren Drish

All Capstone Projects

Many people today have an iPhone, iPad or iPod. Not many would realize that valuable information is stored on these devices. When a crime occurs, an iOS Device could hold key information to help solve said crime that criminals are not aware are present on the device. This can include GPS information as well as application history on the device itself.

The project I wish to do and complete is to create a class where students can learn the about iOS Forensics. Student will be able to learn the basics of an iDevice, as well as how to work with …

A Secure And Effective Anonymous User Authentication Scheme For Roaming Service In Global Mobility Networks, Fengtong Wen, Willy Susilo, Guomin Yang

Research Collection School Of Computing and Information Systems

In global mobility networks, anonymous user authentication is an essential task for enabling roaming service. In a recent paper, Jiang et al. proposed a smart card based anonymous user authentication scheme for roaming service in global mobility networks. This scheme can protect user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Jiang et al.’s scheme, and show that the scheme is in fact insecure against the stolen-verifier attack and replay attack. Then, we …

Defeating Sql Injection, Lwin Khin Shar, Hee Beng Kuan Tan

Research Collection School Of Computing and Information Systems

The best strategy for combating SQL injection, which has emerged as the most widespread website security risk, calls for integrating defensive coding practices with both vulnerability detection and runtime attack prevention methods.

A Survey Of Mobile Computing Security Issues And Possible Solutions, Glenn Kimpell

All Capstone Projects

This project reviews security issues with mobile devices and offers possible solutions from Internet sources. (supplied by OPUS staff)

Networks - Ii: A Survey Of Data Management Issues & Frameworks For Mobile Ad Hoc Networks, Noman Islam, Zubair A. Shaikh

International Conference on Information and Communication Technologies

Data Management is the execution of a pool of activities on a set of data to conform to the end user data requisitions. MANET is an emerging discipline of computer networks in which a group of roaming hosts spontaneously establishes the network among themselves. The employment of data management in MANET can engender a number of useful applications. However, data management in MANET is a taxing job as it requires deliberation on a number of research issues (e.g. knowledge representation, knowledge discovery, caching, and security etc.). This paper provides a detailed account of the data management problem and its issues, …

A Study Of Wireless Network Security, Ningwei Sun

All Capstone Projects

I intend to make a survey in wireless data security since wireless networks are very common, both for organizations and individuals. Many laptop computers have wireless cards pre-installed. The ability to enter a wireless network has great benefits. However, wireless networking has many security issues. Hackers have found wireless networks relatively easy to break into, and even use wireless technology to crack into wired network. As a result, it's very important that enterprises define effective wireless security policies that guard against unauthorized access to important resources.

My survey research may involve these following aspects: wireless network architecture, data security in …

Wireless Networks: Improved Secure Network Authentication Protocol (Isnap) For Ieee 802.16, Raheel M. Hashmi, Arooj M. Siddiqui, M. Jabeen, K. Shehzad, A. Zubair, K. S. Alimgeer

International Conference on Information and Communication Technologies

Security is amongst one of the major issues in broadband wireless access (BWA) networks. After the launch of the IEEE 802.16 standard (WiMAX), a number of security issues were reported in several articles. Ever since the beginning, work has been in progress for the neutralization of these identified threats. In this paper, the analysis of the authentication protocols implemented in WiMAX has been presented along with the description of the threats posed to them. The paper also describes security sub-layer and limitations of the existing architecture. An approach has also been presented for the prevention of these threats like the …

Engineering A Suburban Ad-Hoc Network, Mike Tyson, Ronald D. Pose, Carlo Kopp, Mohammad Rokonuzzaman, Muhammad Mahmudul Islam

Australian Information Warfare and Security Conference

Networks are growing in popularity, as wireless communication hardware, both fixed and mobile, becomes more common and affordable. The Monash Suburban Ad-Hoc Network (SAHN) project has devised a system that provides a highly secure and survivable ad-hoc network, capable of delivering broadband speeds to co-operating users within a fixed environment, such as a residential neighbourhood, or a campus. The SAHN can be used by residents within a community to exchange information, to share access to the Internet, providing last-mile access, or for local telephony and video conferencing. SAHN nodes are designed to be self-configuring and selfmanaging, relying on no experienced …

Security Analysis And Improvement Of Return Routability Protocol, Ying Qiu, Jianying Zhou, Robert H. Deng

Research Collection School Of Computing and Information Systems

Mobile communication plays a more and more important role in computer networks. How to authenticate a new connecting address belonging to a said mobile node is one of the key issues in mobile networks. This paper analyzes the Return Routability (RR) protocol and proposes an improved security solution for the RR protocol without changing its architecture. With the improvement, three types of redirect attacks can be prevented.

Covert Shells, John Christian Smith

John Christian Smith

The potential for covert communications exist anywhere that legitimate communication channels are in use. In order to maintain control of the channel once exploited, the insertion of a backdoor Trojan horse server, to be used with a client that provides shell access, is often a necessary prerequisite to establishing and using a covert channel long term.

We discuss covert channel communications methods ranging from embedded channels to disguised protocols. What follows is a review of available covert shell tools. The underground, historical evolution of covert shells is reviewed, focusing on selected, available tools, which range from simple encapsulation methods to …