Physical Sciences and Mathematics Commons^™

Detection Of Jamming Attacks In Vanets, Thomas Justice

Undergraduate Honors Theses

A vehicular network is a type of communication network that enables vehicles to communicate with each other and the roadside infrastructure. The roadside infrastructure consists of fixed nodes such as roadside units (RSUs), traffic lights, road signs, toll booths, and so on. RSUs are devices equipped with communication capabilities that allow vehicles to obtain and share real-time information about traffic conditions, weather, road hazards, and other relevant information. These infrastructures assist in traffic management, emergency response, smart parking, autonomous driving, and public transportation to improve roadside safety, reduce traffic congestion, and enhance the overall driving experience. However, communication between the …

Security And Interpretability In Large Language Models, Lydia Danas

Undergraduate Honors Theses

Large Language Models (LLMs) have the capability to model long-term dependencies in sequences of tokens, and are consequently often utilized to generate text through language modeling. These capabilities are increasingly being used for code generation tasks; however, LLM-powered code generation tools such as GitHub's Copilot have been generating insecure code and thus pose a cybersecurity risk. To generate secure code we must first understand why LLMs are generating insecure code. This non-trivial task can be realized through interpretability methods, which investigate the hidden state of a neural network to explain model outputs. A new interpretability method is rationales, which obtains …

Rbac Attack Exposure Auditor. Tracking User Risk Exposure Per Role-Based Access Control Permissions, Adelaide Damrau

Undergraduate Honors Theses

Access control models and implementation guidelines for determining, provisioning, and de-provisioning user permissions are challenging due to the differing approaches, unique for each organization, the lack of information provided by case studies concerning the organization’s security policies, and no standard means of implementation procedures or best practices. Although there are multiple access control models, one stands out, role-based access control (RBAC). RBAC simplifies maintenance by enabling administrators to group users with similar permissions. This approach to managing user permissions supports the principle of least privilege and separation of duties, which are needed to ensure an organization maintains acceptable user access …

Detecting The Intensity Of Denial-Of-Service Cyber Attacks Using Supervised Machine Learning, Abigail Hubbard

Undergraduate Honors Theses

Denial-of-Service (DoS) attacks are aimed at shutting a machine or network down to block users from accessing it. These attacks can be difficult to detect and can cost millions in damages or lost earnings. Since the first DoS attack occurred in 1999, the way DoS attacks have been launched has become more complicated, making them more elusive and harder to detect. The first step to detect and mitigate a DoS attack is for a system to identify the malicious traffic.

In this experiment, we aim to identify the malicious traffic within ten seconds. To do this the project was divided …

User Attitudes About Duo Two-Factor Authentication At Byu, Jonathan Dutson

Undergraduate Honors Theses

Simple password-based authentication provides insufficient protection against increasingly common incidents of online identity theft and data loss. Although two-factor authentication (2FA) provides users with increased protection against attackers, users have mixed feelings about the usability of 2FA. We surveyed the students, faculty, and staff of Brigham Young University (BYU) to measure user sentiment about DUO Security, the 2FA system adopted by BYU in 2017. We find that most users consider DUO to be annoying, and about half of those surveyed expressed a preference for authentication without using a second-factor. About half of all participants reported at least one instance of …

File Fragment Classification Using Neural Networks With Lossless Representations, Luke Hiester

Undergraduate Honors Theses

This study explores the use of neural networks as universal models for classifying file fragments. This approach differs from previous work in its lossless feature representation, with fragments’ bits as direct input, and its use of feedforward, recurrent, and convolutional networks as classifiers, whereas previous work has only tested feedforward networks. Due to the study’s exploratory nature, the models were not directly evaluated in a practical setting; rather, easily reproducible experiments were performed to attempt to answer the initial question of whether this approach is worthwhile to pursue further, especially due to its high computational cost. The experiments tested classification …

Capturing And Analyzing Network Traffic From Common Mobile Devices For Security And Privacy, Billy Overton

Undergraduate Honors Theses

Mobile devices such as tablets and smartphones are becoming more common, and they are holding more information. This includes private information such as contacts, financial data, and passwords. At the same time these devices have network capability with access to the Internet being a prime feature. Little research has been done in observing the network traffic produced by these mobile devices. To determine if private information was being transmitted without user knowledge, the mobile capture lab and a set of procedures have been created to observe, capture and analyze the network traffic produced by mobile devices. The effectiveness of the …