Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Discipline
-
- Computer Sciences (42)
- Information Security (13)
- Engineering (10)
- Electrical and Computer Engineering (5)
- Computer Engineering (3)
-
- Databases and Information Systems (2)
- Operations Research, Systems Engineering and Industrial Engineering (2)
- Artificial Intelligence and Robotics (1)
- Bioinformatics (1)
- Computational Engineering (1)
- Electrical and Electronics (1)
- Industrial Engineering (1)
- Life Sciences (1)
- OS and Networks (1)
- Other Operations Research, Systems Engineering and Industrial Engineering (1)
- Psychology (1)
- Social and Behavioral Sciences (1)
- Software Engineering (1)
- Statistics and Probability (1)
- Systems and Communications (1)
- Institution
-
- Brigham Young University (11)
- Nova Southeastern University (3)
- Singapore Management University (3)
- University of Central Florida (3)
- James Madison University (2)
-
- Louisiana Tech University (2)
- Marquette University (2)
- South Dakota State University (2)
- University of Kentucky (2)
- University of South Florida (2)
- Air Force Institute of Technology (1)
- California Polytechnic State University, San Luis Obispo (1)
- Clemson University (1)
- Missouri University of Science and Technology (1)
- Munster Technological University (1)
- Purdue University (1)
- The University of Southern Mississippi (1)
- University of Louisville (1)
- University of South Carolina (1)
- Walden University (1)
- Washington University in St. Louis (1)
- Western University (1)
- Publication Year
- Publication
-
- Theses and Dissertations (13)
- Electronic Theses and Dissertations (6)
- CCE Theses and Dissertations (3)
- Dissertations and Theses Collection (Open Access) (3)
- Doctoral Dissertations (2)
-
- USF Tampa Graduate Theses and Dissertations (2)
- All Dissertations (1)
- Computer Science and Software Engineering (1)
- Dissertations (1)
- Dissertations (1934 -) (1)
- Electronic Thesis and Dissertation Repository (1)
- Master's Theses (2009 -) (1)
- Masters Theses (1)
- Masters Theses, 2010-2019 (1)
- Masters Theses, 2020-current (1)
- McKelvey School of Engineering Theses & Dissertations (1)
- Open Access Theses (1)
- Theses (1)
- Theses and Dissertations--Computer Science (1)
- University of Kentucky Doctoral Dissertations (1)
- Walden Dissertations and Doctoral Studies (1)
Articles 1 - 30 of 44
Full-Text Articles in Physical Sciences and Mathematics
Usability-Driven Security Enhancements In Person-To-Person Communication, Tarun Kumar Yadav
Usability-Driven Security Enhancements In Person-To-Person Communication, Tarun Kumar Yadav
Theses and Dissertations
In the contemporary digital landscape, ensuring secure communication amid widespread data exchange is imperative. This dissertation focuses on enhancing the security and privacy of end-to-end encryption (E2EE) applications while maintaining or improving usability. The dissertation first investigates and proposes improvements in two areas of existing E2EE applications: countering man-in-the-middle and impersonation attacks through automated key verification and studying user perceptions of cryptographic deniability. Insights from privacy-conscious users reveal concerns about the lack of E2EE support, app siloing, and data accessibility by client apps. To address these issues, we propose an innovative user-controlled encryption system, enabling encryption before data reaches the …
Performance Analysis Of Zero Trust In Cloud Native Systems, Simone Rodigari
Performance Analysis Of Zero Trust In Cloud Native Systems, Simone Rodigari
Theses
Critical applications demand strong security implementations, low latency and high availability at constant rates, however, the performance of a software system is affected by the implementation of security. This research measures the performance overhead and possible mitigation in cloud native systems secured with a service mesh, which allows enabling security policies for the authentication, authorization and encryption of traffic within distributed systems. The side-car proxy is a core component of this architecture, acting as a policy enforcement point and intercepting networking communication from/to applications part of the mesh, consequently affecting the performance of applications hosted in the cloud. Physical resources …
Software Protection And Secure Authentication For Autonomous Vehicular Cloud Computing, Muhammad Hataba
Software Protection And Secure Authentication For Autonomous Vehicular Cloud Computing, Muhammad Hataba
Dissertations
Artificial Intelligence (AI) is changing every technology we deal with. Autonomy has been a sought-after goal in vehicles, and now more than ever we are very close to that goal. Vehicles before were dumb mechanical devices, now they are becoming smart, computerized, and connected coined as Autonomous Vehicles (AVs). Moreover, researchers found a way to make more use of these enormous capabilities and introduced Autonomous Vehicles Cloud Computing (AVCC). In these platforms, vehicles can lend their unused resources and sensory data to join AVCC.
In this dissertation, we investigate security and privacy issues in AVCC. As background, we built our …
Lightweight Mutual Authentication And Privacy Preservation Schemes For Iot Systems., Samah Mansour
Lightweight Mutual Authentication And Privacy Preservation Schemes For Iot Systems., Samah Mansour
Electronic Theses and Dissertations
Internet of Things (IoT) presents a holistic and transformative approach for providing services in different domains. IoT creates an atmosphere of interaction between humans and the surrounding physical world through various technologies such as sensors, actuators, and the cloud. Theoretically, when everything is connected, everything is at risk. The rapid growth of IoT with the heterogeneous devices that are connected to the Internet generates new challenges in protecting and preserving user’s privacy and ensuring the security of our lives. IoT systems face considerable challenges in deploying robust authentication protocols because some of the IoT devices are resource-constrained with limited computation …
Lightweight Encryption Based Security Package For Wireless Body Area Network, Sangwon Shin
Lightweight Encryption Based Security Package For Wireless Body Area Network, Sangwon Shin
Electronic Theses and Dissertations
As the demand of individual health monitoring rose, Wireless Body Area Networks (WBAN) are becoming highly distinctive within health applications. Nowadays, WBAN is much easier to access then what it used to be. However, due to WBAN’s limitation, properly sophisticated security protocols do not exist. As WBAN devices deal with sensitive data and could be used as a threat to the owner of the data or their family, securing individual devices is highly important. Despite the importance in securing data, existing WBAN security methods are focused on providing light weight security methods. This led to most security methods for WBAN …
Smart Sensing Enabled Secure And Usable Pairing And Authentication, Xiaopeng Li
Smart Sensing Enabled Secure And Usable Pairing And Authentication, Xiaopeng Li
Theses and Dissertations
Internet of Things (IoT) technologies have made our lives more convenient and better informed by sensing and monitoring our surroundings. Security applications, such as device pairing and user authentication, are the fundamentals for building a trustworthy smart environment. A secure and convenient pairing approach is critical to IoT enabled applications, as pairing is to establish a secure wireless communication channel for devices. Besides, a smart environment usually has multiple people (e.g., patients and doctors in a hospital), who have physical access to the deployed IoT devices and sensitive dumb objects (e.g., a cabinet storing medical records); but not all of …
Mitigating Real-Time Relay Phishing Attacks Against Mobile Push Notification Based Two-Factor Authentication Systems, Casey Silver
Mitigating Real-Time Relay Phishing Attacks Against Mobile Push Notification Based Two-Factor Authentication Systems, Casey Silver
Masters Theses, 2020-current
This paper explores how existing push notification based two-factor authentication systems are susceptible to real-time man-in-the-middle relay attacks and proposes a system for mitigating such attacks. A fully functional reference system of the proposed mitigation was built and compared to an existing push notification two-factor authentication system while undergoing a real-time man-in-the-middle relay attack. The reference systems used cloud infrastructure for hosting, an Apple iPhone as the notification receiver, and Apple’s push notification service to send notifications. A publicly available tool for conducting real-time man-in-the-middle relay attacks was used to conduct the attacks. The results of the tests were recorded …
Poisoning Attacks On Learning-Based Keystroke Authentication And A Residue Feature Based Defense, Zibo Wang
Poisoning Attacks On Learning-Based Keystroke Authentication And A Residue Feature Based Defense, Zibo Wang
Doctoral Dissertations
Behavioral biometrics, such as keystroke dynamics, are characterized by relatively large variation in the input samples as compared to physiological biometrics such as fingerprints and iris. Recent advances in machine learning have resulted in behaviorbased pattern learning methods that obviate the effects of variation by mapping the variable behavior patterns to a unique identity with high accuracy. However, it has also exposed the learning systems to attacks that use updating mechanisms in learning by injecting imposter samples to deliberately drift the data to impostors’ patterns. Using the principles of adversarial drift, we develop a class of poisoning attacks, named Frog-Boiling …
Automatic Detection And Prevention Of Fake Key Attacks In Signal, Tarun Kumar Yadav
Automatic Detection And Prevention Of Fake Key Attacks In Signal, Tarun Kumar Yadav
Theses and Dissertations
The Signal protocol provides end-to-end encryption for billions of users in popular instant messaging applications like WhatsApp, Facebook Messenger, and Google Allo. The protocol relies on an app-specific central server to distribute public keys and relay encrypted messages between the users. Signal prevents passive attacks. However, it is vulnerable to some active attacks due to its reliance on a trusted key server. A malicious key server can distribute fake keys to users to perform man-in-the-middle or impersonation attacks. Signal applications support an authentication ceremony to detect these active attacks. However, this places an undue burden on the users to manually …
When Keystroke Meets Password: Attacks And Defenses, Ximing Liu
When Keystroke Meets Password: Attacks And Defenses, Ximing Liu
Dissertations and Theses Collection (Open Access)
Password is a prevalent means used for user authentication in pervasive computing environments since it is simple to be deployed and convenient to use. However, the use of password has intrinsic problems due to the involvement of keystroke. Keystroke behaviors may emit various side-channel information, including timing, acoustic, and visual information, which can be easily collected by an adversary and leveraged for the keystroke inference. On the other hand, those keystroke-related information can also be used to protect a user's credentials via two-factor authentication and biometrics authentication schemes. This dissertation focuses on investigating the PIN inference due to the side-channel …
Malicious Manipulation In Service-Oriented Network, Software, And Mobile Systems: Threats And Defenses, Dakun Shen
Malicious Manipulation In Service-Oriented Network, Software, And Mobile Systems: Threats And Defenses, Dakun Shen
USF Tampa Graduate Theses and Dissertations
This dissertation includes three approaches we have been designed to tackle threats and challenges in network, software, and mobile security. The first approach demonstrates a new class of content masking attacks against the Adobe PDF standard, causing documents to appear to humans dissimilar to the underlying content extracted by information-based services. The second work protects sensitive data in binaries from being corrupted by cyber attackers. The last work proposes a mechanism which utilizes the unique walking patterns inherent to humans and differentiate our work from other walking behavior studies by using it as first-order authentication and developing matching methods fast …
Self-Powered Time-Keeping And Time-Of-Occurrence Sensing, Liang Zhou
Self-Powered Time-Keeping And Time-Of-Occurrence Sensing, Liang Zhou
McKelvey School of Engineering Theses & Dissertations
Self-powered and passive Internet-of-Things (IoT) devices (e.g. RFID tags, financial assets, wireless sensors and surface-mount devices) have been widely deployed in our everyday and industrial applications. While diverse functionalities have been implemented in passive systems, the lack of a reference clock limits the design space of such devices used for applications such as time-stamping sensing, recording and dynamic authentication. Self-powered time-keeping in passive systems has been challenging because they do not have access to continuous power sources. While energy transducers can harvest power from ambient environment, the intermittent power cannot support continuous operation for reference clocks. The thesis of this …
Message-Layer Encryption In Ricochet, Liam B. Kirsh
Message-Layer Encryption In Ricochet, Liam B. Kirsh
Computer Science and Software Engineering
My intention for this project was to implement encryption and authentication on Ricochet's message layer. This provides two major benefits. The first is a higher level of encryption in the event that a flaw is found in the existing channel-layer encryption, or if increases in computing power make attacks on that encryption feasible. Tor is used by the military, journalists, law enforcement, researchers, and activists, whose communications may be interesting to state-level adversaries and criminal organizations with access to great amount of computing resources. Additionally, message-layer encryption would allow users to specify relay nodes that can temporarily store messages and …
Uface: Your Universal Password No One Can See, Nicholas Steven Hilbert
Uface: Your Universal Password No One Can See, Nicholas Steven Hilbert
Masters Theses
"With the advantage of not having to memorize long passwords, facial authentication has become a topic of interest among researchers. However, since many users store images containing their face on social networking sites, a new challenge emerges in preventing attackers from impersonating these users by using these online photos. Another problem with most current facial authentication protocols is that they require an unencrypted image of each registered user's face to compare against. Moreover, they might require the user's device to execute computationally expensive multiparty protocols which presents a problem for mobile devices with limited processing power. Finally, these authentication protocols …
Towards Using Certificate-Based Authentication As A Defense Against Evil Twins In 802.11 Networks, Travis S. Hendershot
Towards Using Certificate-Based Authentication As A Defense Against Evil Twins In 802.11 Networks, Travis S. Hendershot
Theses and Dissertations
Wireless clients are vulnerable to exploitation by evil twins due to flaws in the authentication process of 802.11 Wi-Fi networks. Current certificate-based wireless authentication protocols present a potential solution, but are limited in their ability to provide a secure and usable platform for certificate validation. Our work seeks to mitigate these limitations by exploring a client-side strategy for utilizing alternative trust models in wireless network authentication. We compile a taxonomy of various trust models for conducting certificate-based authentication of wireless networks and methodically evaluate each model according to desirable properties of security, usability, and deployability. We then build a platform …
Hardware Accelerated Authentication System For Dynamic Time-Critical Networks, Ankush Singla
Hardware Accelerated Authentication System For Dynamic Time-Critical Networks, Ankush Singla
Open Access Theses
The secure and efficient operation of time-critical networks, such as vehicular networks, smart-grid and other smart-infrastructures, is of primary importance in today’s society. It is crucial to minimize the impact of security mechanisms over such networks so that the safe and reliable operations of time-critical systems are not being interfered.
Even though there are several security mechanisms, their application to smart-infrastructure and Internet of Things (IoT) deployments may not meet the ubiquitous and time-sensitive needs of these systems. That is, existing security mechanisms either introduce a significant computation and communication overhead, or they are not scalable for a large number …
Secure Communication Scheme In Smart Home Environment, Hari Krishna Jonnalagadda
Secure Communication Scheme In Smart Home Environment, Hari Krishna Jonnalagadda
USF Tampa Graduate Theses and Dissertations
Internet of Things, has started to mark its existence from past few years. Right from its inception with a coke machine at Carnegie Mellon University, it has come a long way, connecting billions of devices to internet. This journey is well supported by the advancements in networking, hardware miniaturization and sensing capabilities. Diverse nature of applications of Internet of Things, has cut the communication barriers between the varieties of fields ranging from manufacturing industry to health-care industry. Smart Home is one such application of Internet of Things. Connectivity of home appliances, to achieve automation in living, defines Smart Home. Out …
Towards Secure Online Distribution Of Multimedia Codestreams, Swee Won Lo
Towards Secure Online Distribution Of Multimedia Codestreams, Swee Won Lo
Dissertations and Theses Collection (Open Access)
Multimedia codestreams distributed through open and insecure networks are subjected to attacks such as malicious content tampering and unauthorized accesses. This dissertation first addresses the issue of authentication as a mean to integrity - protect multimedia codestreams against malicious tampering. Two cryptographic-based authentication schemes are proposed to authenticate generic scalable video codestreams with a multi-layered structure. The first scheme combines the salient features of hash-chaining and double error correction coding to achieve loss resiliency with low communication overhead and proxy-transparency. The second scheme further improves computation cost by replacing digital signature with a hash-based message authentication code to achieve packet-level …
New Secure Solutions For Privacy And Access Control In Health Information Exchange, Ahmed Fouad Shedeed Ibrahim
New Secure Solutions For Privacy And Access Control In Health Information Exchange, Ahmed Fouad Shedeed Ibrahim
Theses and Dissertations--Computer Science
In the current digital age, almost every healthcare organization (HCO) has moved from storing patient health records on paper to storing them electronically. Health Information Exchange (HIE) is the ability to share (or transfer) patients’ health information between different HCOs while maintaining national security standards like the Health Insurance Portability and Accountability Act (HIPAA) of 1996. Over the past few years, research has been conducted to develop privacy and access control frameworks for HIE systems. The goal of this dissertation is to address the privacy and access control concerns by building practical and efficient HIE frameworks to secure the sharing …
Product Authentication Using Hash Chains And Printed Qr Codes, Harshith R. Keni
Product Authentication Using Hash Chains And Printed Qr Codes, Harshith R. Keni
Electronic Theses and Dissertations
This thesis explores the usage of simple printed tags for authenticating products. Printed tags are a cheap alternative to RFID and other tag based systems and do not require specialized equipment. Due to the simplistic nature of such printed codes, many security issues like tag impersonation, server impersonation, reader impersonation, replay attacks and denial of service present in RFID based solutions need to be handled differently. An algorithm that utilizes hash chains to secure such simple tags while still keeping cost low is discussed. The security characteristics of this scheme as well as other product authentication schemes that use RFID …
An Experimental Study On The Role Of Password Strength And Cognitive Load On Employee Productivity, Stephen Mujeye
An Experimental Study On The Role Of Password Strength And Cognitive Load On Employee Productivity, Stephen Mujeye
CCE Theses and Dissertations
The proliferation of information systems (IS) over the past decades has increased the demand for system authentication. While the majority of system authentications are password-based, it is well documented that passwords have significant limitations. To address this issue, companies have been placing increased requirements on the user to ensure their passwords are more complex and consequently stronger. In addition to meeting a certain complexity threshold, the password must also be changed on a regular basis. As the cognitive load increases on the employees using complex passwords and changing them often, they may have difficulty recalling their passwords. As such, the …
Analysis Of Real-World Passwords For Social Media Sites, Mark J. Quinn
Analysis Of Real-World Passwords For Social Media Sites, Mark J. Quinn
Masters Theses, 2010-2019
Textual passwords have dominated all other entity authentication mechanisms since they were introduced in the early 1960’s. Despite an inherent weakness against social engineering, keylogging, shoulder surfing, dictionary, and brute-force attacks, password authentication continues to grow as the Internet expands. Existing research on password authentication proves that dictionary attacks are successful because users make poor choices when creating passwords. To make passwords easier to remember, users select character strings that are shorter in length and contain memorable content, like personal identity information, common words found in a dictionary, backward spellings of common words, recognizable sequences, and easily guessed mnemonic phrases. …
A Dynamic Behavioral Biometric Approach To Authenticate Users Employing Their Fingers To Interact With Touchscreen Devices, Arturo Ponce
A Dynamic Behavioral Biometric Approach To Authenticate Users Employing Their Fingers To Interact With Touchscreen Devices, Arturo Ponce
CCE Theses and Dissertations
The use of mobile devices has extended to all areas of human life and has changed the way people work and socialize. Mobile devices are susceptible to getting lost, stolen, or compromised. Several approaches have been adopted to protect the information stored on these devices. One of these approaches is user authentication. The two most popular methods of user authentication are knowledge based and token based methods but they present different kinds of problems.
Biometric authentication methods have emerged in recent years as a way to deal with these problems. They use an individual’s unique characteristics for identification and have …
Authentication Melee: A Usability Analysis Of Seven Web Authentication Systems, Scott Ruoti
Authentication Melee: A Usability Analysis Of Seven Web Authentication Systems, Scott Ruoti
Theses and Dissertations
Passwords continue to dominate the authentication landscape in spite of numerous proposals to replace them. Even though usability is a key factor in replacing passwords, very few alternatives have been subjected to formal usability studies and even fewer have been analyzed using a standard metric. We report the results of four within-subjects usability studies for seven web authentication systems. These systems span federated, smartphone, paper tokens, and email-based approaches. Our results indicate that participants prefer single sign-on systems. We utilize the Systems Usability Scale (SUS) as a standard metric for empirical analysis and find that it produces reliable, replicable results. …
An Electroencephalogram (Eeg) Based Biometrics Investigation For Authentication: A Human-Computer Interaction (Hci) Approach, Ricardo J. Rodriguez
An Electroencephalogram (Eeg) Based Biometrics Investigation For Authentication: A Human-Computer Interaction (Hci) Approach, Ricardo J. Rodriguez
CCE Theses and Dissertations
Encephalogram (EEG) devices are one of the active research areas in human-computer interaction (HCI). They provide a unique brain-machine interface (BMI) for interacting with a growing number of applications. EEG devices interface with computational systems, including traditional desktop computers and more recently mobile devices. These computational systems can be targeted by malicious users. There is clearly an opportunity to leverage EEG capabilities for increasing the efficiency of access control mechanisms, which are the first line of defense in any computational system.
Access control mechanisms rely on a number of authenticators, including “what you know”, “what you have”, and “what you …
Framework To Implement Authentication, Authorization And Secure Communications In A Multiuser Collaborative Cax Environment, Francis Mensah
Framework To Implement Authentication, Authorization And Secure Communications In A Multiuser Collaborative Cax Environment, Francis Mensah
Theses and Dissertations
Computer Aided Design (CAD) applications have historically been based on a single user per application architecture. Although this architecture is still popular to date, it does have several drawbacks. First of all the single user CAD architecture inhibits a concurrent engineering design process where several designers can work on the same model simultaneously. This limitation introduces time inefficiency especially when a project involves geographically dispersed designers. A solution to these drawbacks could be a transition from the traditional single user CAD architecture to a multiuser collaborative architecture. Advances in computer networking technologies, especially relating to the Internet, have provided the …
Integrating Visual Mnemonics And Input Feedback With Passphrases To Improve The Usability And Security Of Digital Authentication, Kevin Juang
All Dissertations
The need for both usable and secure authentication is more pronounced than ever before. Security researchers and professionals will need to have a deep understanding of human factors to address these issues. Due to their ubiquity, recoverability, and low barrier of entry, passwords remain the most common means of digital authentication. However, fundamental human nature dictates that it is exceedingly difficult for people to generate secure passwords on their own. System-generated random passwords can be secure but are often unusable, which is why most passwords are still created by humans. We developed a simple system for automatically generating mnemonic phrases …
Towards Usable End-User Authentication, Mohammad Tanviruzzaman
Towards Usable End-User Authentication, Mohammad Tanviruzzaman
Dissertations (1934 -)
Authentication is the process of validating the identity of an entity, e.g., a person, a machine, etc.; the entity usually provides a proof of identity in order to be authenticated. When the entity - to be authenticated - is a human, the authentication process is called end-user authentication. Making an end-user authentication usable entails making it easy for a human to obtain, manage, and input the proof of identity in a secure manner. In machine-to-machine authentication, both ends have comparable memory and computational power to securely carry out the authentication process using cryptographic primitives and protocols. On the contrary, as …
Improved Internet Security Protocols Using Cryptographic One-Way Hash Chains, Amerah Alabrah
Improved Internet Security Protocols Using Cryptographic One-Way Hash Chains, Amerah Alabrah
Electronic Theses and Dissertations
In this dissertation, new approaches that utilize the one-way cryptographic hash functions in designing improved network security protocols are investigated. The proposed approaches are designed to be scalable and easy to implement in modern technology. The first contribution explores session cookies with emphasis on the threat of session hijacking attacks resulting from session cookie theft or sniffing. In the proposed scheme, these cookies are replaced by easily computed authentication credentials using Lamport's well-known one-time passwords. The basic idea in this scheme revolves around utilizing sparse caching units, where authentication credentials pertaining to cookies are stored and fetched once needed, thereby, …
Vulnerability Analysis Of Cyber-Behavioral Biometric Authentication, Abdul Serwadda
Vulnerability Analysis Of Cyber-Behavioral Biometric Authentication, Abdul Serwadda
Doctoral Dissertations
Research on cyber-behavioral biometric authentication has traditionally assumed naïve (or zero-effort) impostors who make no attempt to generate sophisticated forgeries of biometric samples. Given the plethora of adversarial technologies on the Internet, it is questionable as to whether the zero-effort threat model provides a realistic estimate of how these authentication systems would perform in the wake of adversity. To better evaluate the efficiency of these authentication systems, there is need for research on algorithmic attacks which simulate the state-of-the-art threats.
To tackle this problem, we took the case of keystroke and touch-based authentication and developed a new family of algorithmic …