Master of Science in Computer Engineering (MSCE), Wright State University, 2009, Computer Engineering

Wireless sensor networks (WSNs) as an emerging technology faces numerous challenges. Sensor nodes are usually resource constrained. Sensor nodes are also vulnerable to physical attacks or node compromises. Answering queries over data is one of the basic functionalities of WSNs. Both resource constraints and security issues make designing mechanisms for data aggregation particularly challenging. In this thesis, we first explore the various security techniques for data aggregation in WSNs then we design and demonstrate the feasibility of an innovative reputation-based framework rooted in rigorous statistical theory and belief theory to characterize the trustworthiness of individual nodes and data queries in WSNs. Detecting security vulnerabilities is an imperative task. Visualization techniques have been developed over decades and are powerful when employed in the field of network security. In this thesis, we present a novel security visualization tool called “SecVizer”.

Committee: Bin Wang PhD (Advisor); Yong Pei PhD (Committee Member); Thomas Wischgoll PhD (Committee Member) Subjects: Computer Science

Master of Science (MS), Ohio University, 2006, Computer Science (Engineering)

Research in Intrusion Response has shown that the success rate of an attack increases with time. With attacks becoming sophisticated and automated, the response to these attacks still remains a time-consuming manual process. An active response system is a mechanism that can be used in conjunction with an intrusion detection system (IDS) to provide a network administrator with the capability to respond to an attack automatically when it has been detected. Active Real-time RespOnse System (ARROS) is an active, distributed, adaptive, and real-time Intrusion Response System (IRS) that provides Intrusion Response capabilities to INBOUNDS (Integrated Network Based Ohio University Network Detective Service), a network-based, real-time, hierarchical intrusion detection and response system being developed at Ohio University. ARROS consists of distributed autonomous agents that run at various different points on the network it protects. Agents communicate with each other to share information about the network, intrusions, and co-ordinate the response. Each ARROS agent is a fully functional autonomous unit capable of responding to intrusions in a distributed fashion. Coupled with priority queuing for ARROS traffic, distributed response capabilities, and time-bound response the ARROS system is able to provide real-time active Intrusion Response while minimizing adverse effects to the host network.

Committee: Shawn Ostermann (Advisor) Subjects: Computer Science

MS, Kent State University, 2024, College of Arts and Sciences / Department of Computer Science

The Deep Space Network (DSN) is the backbone of all communications between Earth and devices beyond its orbit. The DSN consists of three primary ground stations, located in California, Spain, and Australia, as well as the very resource-constrained spacecraft that use it to communicate with Earth. However, the DSN's mission has expanded far beyond its original scope, leading to the network being overburdened by the number of missions it must support. In this research, the aim is to provide a way to ease the burden on the DSN through modifications to its network layer security. Currently, DSN security in the network layer is based on Internet Protocol Security (IPSec), a suite of protocols designed to provide network security, originally released in 1995. DSN security using IPSec consists of creating a Virtual Private Network (VPN) between the station on Earth and the spacecraft that is being contacted. IPSec has long been one of the primary choices for creating a VPN, however, its cryptographic agility and many configuration options make its implementation highly complex. A recently proposed protocol, WireGuard, offers a simpler and faster solution for setting up VPNs. WireGuard trades the configuration options of IPSec to offer a “common case fast” approach to creating VPNs. By offering the most used features of a VPN as the default and only configuration option, WireGuard reduces the codebase and complexity of its implementation significantly, while retaining the performance of IPSec. In this research, the performance of WireGuard is compared to IPSec in terms of its throughput, CPU usage and RAM usage. The complexity of setup and amount of storage required to house the files for the protocols is also analyzed. It is determined that WireGuard does offer superior throughput and lower RAM usage than IPSec. However, while WireGuard has better performance on the server, i.e., the device sending data, it performs worse than IPSec on the client machine by large amou (open full item for complete abstract)

Committee: Younghun Chae (Advisor); Maha Allouzi (Committee Member); Raiful Hasan (Committee Member) Subjects: Computer Science

Doctor of Philosophy (Ph.D.), University of Dayton, 2023, Electrical Engineering

Emerging Artificial Intelligence (AI) techniques, including both Machine Learning algorithms and Deep Learning models, have become viable solutions to support network measurement and management. As the fundamental of network analytics, network traffic classification has recently been studied with the adoption of AI techniques. For example, widely studied AI-based traffic classifiers, developed based on artificial neural networks such as convolutional neural networks (CNNs) and long short-term memory networks (LSTMs), have demonstrated high classification accuracy. However, their performance is limited to the coverage of the knowledge databases, which restricts their effectiveness in dealing with updated or new network applications. To address the limitations, model update mechanisms are introduced, which allow AI-based traffic classification models to sustain high performance by creating a new knowledge base. These mechanisms enable the AI-based network traffic classification models to adapt to those evolving network applications in dynamic network environments. Additionally, the dissertation discusses the challenges of AI performance in network security and resolves them by leveraging the proposed mechanisms.

Committee: Eric Balster (Committee Chair); Hui Wang (Committee Member); Brad Ratliff (Committee Member); Feng Ye (Committee Member) Subjects: Computer Engineering; Electrical Engineering

Master of Science, University of Toledo, 2018, Engineering (Computer Science)

Cognitive Radio Network (CRN) technology has offered the opportunistic solution for the spectrum scarcity problem in wireless communication. The Dynamic Spectrum Access (DSA) solution enables radio system to sense and learn the spectrum and reconfigure the parameters to apply cognitive decisions. With these properties, the technology is threatened by attackers and malicious users trying to exploit the network operation and its learning capabilities. Along with traditional threats, a few specific threats have been inadvertently \textit{created} by this technology due to its characteristic behavior and operation. This thesis provides a brief discussion on the threats and attacks with recent contributions on the security of CRN and proposes a security algorithm that uses the Artificial Neural Network (ANN) based machine learning methods to verify incumbent signals in a CRN. The proposed model is trained using Levenberg-Marquardt (LM) algorithm and Scaled Conjugate Gradient (SCG) algorithms to implement signal identification in two sub-categories, namely, known and unknown signals. Signal datasets were collected from the popular NASA Space Communications and Navigation (SCaN) testbed located at international space station (ISS) and also generated from a small in-lab Software Defined Radio (SDR) device to train and test the proposed model. The performances of the two algorithms on multiple datasets were compared using confusion matrices and mean squared error (MSE). Our study concluded that the best performing model exhibits MSE as low as 0.018 and the confusion matrix shows promising results of more than 98\% as the percentage of accurate prediction. The proposed model can be used in a CRN to monitor the signal activity of the users in the network and verify them for genuineness. The model can also alert the system when an unknown user is operating in the network for further security evaluations.

Committee: Ahmad Y. Javaid (Advisor); Weiqing Sun (Committee Co-Chair); Mansoor Alam (Committee Member) Subjects: Computer Science; Electrical Engineering

PhD, University of Cincinnati, 2008, Engineering : Computer Science and Engineering

Wireless Ad Hoc Networks have emerged as an advanced networking paradigm based on collaborative efforts among multiple self-organized wireless communication devices. Without the requirement of a fixed infrastructure support, wireless ad hoc networks can be quickly deployed anywhere at any time when needed. The decentralized nature, minimal configuration and quick deployment of wireless ad hoc networks make them suitable for various applications, from disaster rescue, target tracking to military conflicts. Wireless ad hoc networks can be further categorized into mobile ad hoc networks (MANETs), wireless sensor networks (WSNs), and wireless mesh networks (WMNs) depending on their applications.Security is a big challenge in wireless ad hoc networks due to the lack of any infrastructure support, dynamic network topology, shared radio medium, and resource-constrained wireless users. Most existing security mechanisms applied for the Internet or traditional wireless networks are neither applicable nor suitable for wireless ad hoc network environments. In MANETs, routing security is an extremely important issue, as the majority of the standard routing protocols assume non-hostile environments. Once deployed in a hostile environment and working in an unattended mode, existing routing protocols are vulnerable to various attacks. To address these concerns, we propose an anonymous secure routing protocol for MANETs in this dissertation, which can be incorporated with existing routing protocols and achieve enhanced routing security with minimum additional overheads. In WSNs, key distribution and management is the core issue of any security approaches. Due to extremely resource-constrained sensor nodes and lack of any infrastructure support, traditional public-key based key distribution and management mechanisms are commonly considered as too expensive to be employed in WSNs. In this dissertation, we propose two efficient pairwise key pre-distribution and management mechanisms f (open full item for complete abstract)

Committee: Dharma Agrawal (Committee Chair); Jerome Paul (Committee Member); Wen-Ben Jone (Committee Member); Chia-Yung Han (Committee Member); Ernest Hall (Committee Member) Subjects: Communication; Computer Science

PhD, University of Cincinnati, 2008, Engineering : Computer Science and Engineering

Currently, Peer-to-Peer overlays can be classified into two main categories: unstructured and structured ones. Unstructured overlays are simple, robust, and powerful in keyword search. Structured ones can scale to very large systems in terms of node number and geography, and guarantee to locate an object within O(Log N) hops. However, both of them face difficulties in efficiency and security of overlays. For unstructured ones, the efficiency problem presented is poor scalability. For structured ones, it is long routing latency and enormous overhead on handling system churn. Moreover, both of them are vulnerable to malicious attacks. Peer-to-Peer overlays belong to application-level network. To a great extension, overlay network designs ignore physical characteristics. As the result, their structures are far from underlying physical network or the distribution pattern of overlay peers. These inconsistencies induce system common operations costly, such as routing and lookup. On the other hand, most peers are assumed to have uniform resources and similar behaviors. Thus, Peer-to-Peer protocols were designed to be symmetric. However, in the realistic environment, peers' resources and behaviors are highly skewed. Symmetric protocols actually compromise system performance. Frequently joining and leaving of peers generates enormous traffic. The significant fraction of peers with high latency/low bandwidth links increase lookup latency. Moreover, under the environment without mutual trust, Peer-to-Peer systems are very vulnerable for varied attacks because they lack a practical authentication mechanism. From a different perspective, this dissertation proposes to construct a highly efficient and secure Peer-to-Peer overlay based on the physical network structure of the Internet and network locality of overlay peers. By naturally integrating different network-aware techniques into the Peer-to-Peer overlay, a novel SNSA (Scalable Network Structure Aware) technique has been dev (open full item for complete abstract)

Committee: Dr. Yiming Hu (Advisor) Subjects: Computer Science

PhD, University of Cincinnati, 2004, Engineering : Electrical Engineering

Wireless ad hoc networks have emerged as a new information-transmission paradigm based on collaborative efforts of multiple self-organized mobile nodes. Without the support from any fixed infrastructure, this type of network provides an extremely flexible method for establishing communications in situations where geographical or terrestrial constraints demand totally distributed network system. While the inherent characteristics of an ad hoc network make it useful for many applications, they also bring in a lot of research challenges. One of the important issues is the security, since conventional security approaches adopted for traditional networks are not directly applicable to ad hoc networks. Secure ad hoc network is critical to the development of any real application of wireless ad hoc networks. In this dissertation, we attempt to develop an integrated and distributed security scheme with resource-awareness to enhance the security of ad hoc networks. Our scheme can be logically divided into two parts. An efficient intrusion prevention mechanism is developed to prevent the various attacks from external intruders, and an intrusion detection mechanism is used to provide a second line of defense for the misbehaviors of internal intruders. In the intrusion prevention mechanism, the identity-based cryptography, bivariate polynomial-based pairwise key and one way hash chain techniques are used to provide various security goals, such as availability, integrity, confidentiality, authentication and non-repudiation. Considering the self-organizing property of ad hoc networks, the intrusion detection is implemented in a distributed fashion, in which the behavior of each node is monitored and analyzed using a cooperative functions involved in the network. The intrusion detection scheme can detect both the internal and external attacks, but it pays more attention on the attacks that cannot handled by the intrusion prevention approach, and the result of intrusion detection wo (open full item for complete abstract)

Committee: Dr. Dharma Agrawal (Advisor) Subjects:

PhD, University of Cincinnati, 2024, Engineering and Applied Science: Electrical Engineering

Modern heterogeneous architectures contain multiple cores that perform a variety of processing, storage, and communication tasks. The complexity of interactions among the cores and of the cores themselves introduces potential security vulnerabilities that can be exploited by malicious actors to mount a variety of attacks. To address these vulnerabilities, it is critical to conduct systematic security analysis, enforce relevant security policies, and verify designs through formal methods before fabrication. However, current SoC designs require a time-consuming and resource-intensive process to identify and verify security assets against applicable security policies. This gap highlights the need for efficient abstraction techniques that streamline the specification and verification of security policies, reducing both the verification cost and design overhead. As these complex architectures rely on information transfer between the cores, the significance of a well-established interconnect such as Network-on-Chip (NoC) is paramount. NoC architectures have gained prominence in modern computing systems for their scalability and efficiency. However, the globalization of NoC design and fabrication exposes them to security threats. The shared hardware resources between secure and malicious IPs in NoC create vulnerabilities that are exploited by the attacker to implement explicit and implicit data leakages. Quantitative analysis plays an important role in exposing vulnerabilities by quantifying packet information and traffic flow across components and pathways. It uses numerical data and mathematical models to understand complex systems, revealing patterns, and anomalies through qualitative methods. This dissertation introduces a comprehensive methodology to address the challenges associated with SoC and NoC security. First, we propose a systematic approach for security analysis using Assertion-Based Verification (ABV), focusing on cataloging SoC vulnerabilities and d (open full item for complete abstract)

Committee: Ranganadha Vemuri Ph.D. (Committee Chair); Wen-Ben Jone Ph.D. (Committee Member); Suyuan Chen Ph.D. (Committee Member); Mike Borowczak Ph.D. (Committee Member); John Emmert Ph.D. (Committee Member) Subjects: Electrical Engineering

Doctor of Philosophy, The Ohio State University, 2024, Computer Science and Engineering

The widespread adoption of wireless communication technologies underscores the need to ensure security in these systems. Within wireless communications, channel measurement plays a critical role in enabling successful communication. Additionally, the rapid uncorrelation over space of wireless channel makes it an ideal source for various physical layer security applications, such as secret key generation and source authentication protocols. However, existing research has demonstrated that a malicious full-duplex relay, which receives and retransmits signals almost simultaneously at the same frequency band, can manipulate the receivers' channel estimations by actively relaying the pilot signals used for channel measurement. This thesis aims to investigate novel attacks involving malicious full-duplex relays and explore defenses against these attacks. The thesis focuses on two specific works. The first work concentrates on defending against malicious amplify-and-forward full-duplex relays. To address the emerging threat posed by full-duplex relay attackers to physical-layer wireless security protocols, we propose RelayShield, a system designed to detect such malicious relays and recover the channels manipulated by them. Unlike previous approaches that rely on previously-collected signature channels, RelayShield analyzes signal path information derived from input channels to detect relays and recover channels. RelayShield achieves over 95% detection accuracy with channels collected in two typical indoor environments. The recovered channels can support a wide range of applications. The second work focuses on the vulnerabilities of the channel estimation process in downlink MU-MIMO transmissions. While MU-MIMO technology offers significant benefits, it also opens avenues for potential attacks. In this work, we propose an active eavesdropping attack targeting downlink MU-MIMO transmissions. The attack consists of two phases. First, the attacker sends a forged pilot p (open full item for complete abstract)

Committee: Kannan Athreya (Advisor); Srinivasan Parthasarathy (Committee Member); Zhiqiang Lin (Committee Member); Jennifer Bogner (Committee Member) Subjects: Computer Science

PhD, University of Cincinnati, 2024, Engineering and Applied Science: Computer Science and Engineering

This work explores the explainability of features used for classification of malicious binaries in machine learning systems based on semantic representations of data dependency graphs. This work demonstrates that explainable features can be used with comparable classification accuracy in real-time through non-parametric learning. This work defines operational semantics in terms of data dependency isomorphism, and quantifies the network structure of the graphs present in static features of binaries. This work shows that a bottom-up analysis holds across levels in the architectural hierarchy, and can be performed across system architectures. This work shows that semantic representations can be used for search and retrieval of malicious binaries based on their behavior. This work shows that unknown vulnerabilities can be predicted through descriptions of structure and semantics.

Committee: Anca Ralescu Ph.D. (Committee Chair); Kenneth Berman Ph.D. (Committee Member); Alina Campan Ph.D M.A B.A. (Committee Member); Boyang Wang Ph.D. (Committee Member); Dan Ralescu Ph.D. (Committee Member) Subjects: Artificial Intelligence

Doctor of Philosophy (PhD), Ohio University, 2024, Mechanical and Systems Engineering (Engineering and Technology)

The world is currently experiencing a shortage of semiconductor chips. This shortage is affecting different industries that rely on electronic components that involve semiconductor chips to manufacture their products. Due to the shortage of chips, manufacturers are unable to complete the final assembly of their products, resulting in a delay in delivering the finished products to their customers. To address this issue, the US Congress passed the "Creating Helpful Incentives to Produce Semiconductors (CHIPS) and Science Act of 2022" on 9th August, 2022. This act aims to improve the competitiveness, innovation, and national security of the US. This dissertation focuses on addressing the chip shortage through the reduction of chronic semiconductor manufacturing process quality problems caused by wafer map surface defects. The proposed solution involves detecting mixed-type wafer map surface defect patterns using Ensemble Deformable Convolutional Neural Networks. The framework for defect detection proposed in this dissertation outperforms other machine learning models from literature, such as Conv-Pool-CNN, All-CNN, NIN-CNN, DCNN-v1, and DCNN-v2, in terms of F1-score. The proposed framework uses an industrial wafer map dataset (MixedWM38) from a semiconductor wafer manufacturing process to train the base models for the ensemble method. The results show that the proposed framework accurately identifies multi-pattern defects from the surface of wafer maps. This dissertation will contribute to advancing academic literature for the new field of detecting mixed-type defect patterns from the surface of wafer maps. Defects are indicators of process problems, and preventing quality defects in advance is the best approach to achieving positive yield. The efficient and accurate detection of wafer map mixed-type surface defect patterns is important for addressing chronic manufacturing process quality problems. The proposed framework can be used by semiconductor manufacturer (open full item for complete abstract)

Committee: Tao Yuan (Advisor); Gary Weckman (Committee Member); Ashley Metcalf (Committee Member); William Young (Committee Member); Saeed Ghanbartehrani (Committee Member); Omar Alhawari (Committee Member) Subjects: Artificial Intelligence; Computer Science; Engineering; Industrial Engineering; Mathematics; Mechanical Engineering; Nanotechnology; Operations Research; Statistics; Systems Design

Master of Science (MS), Wright State University, 2023, Computer Science

The Industrial Internet of Things (IIoT) refers to a set of smart devices, i.e., actuators, detectors, smart sensors, and autonomous systems connected throughout the Internet to help achieve the purpose of various industrial applications. Unfortunately, IIoT applications are increasingly integrated into insecure physical environments leading to greater exposure to new cyber and physical system attacks. In the current IIoT security realm, effective anomaly detection is crucial for ensuring the integrity and reliability of critical infrastructure. Traditional security solutions may not apply to IIoT due to new dimensions, including extreme energy constraints in IIoT devices. Deep learning (DL) techniques like Convolutional Neural Networks (CNN), Gated Recurrent Units (GRU), and Long Short-Term Memory (LSTM) have been the focus of recent research to increase the precision and effectiveness of anomaly identification. This Thesis initially investigates a unique hybrid DL-enabled approach that provide the needed security analysis before successful attacks are launched against IIoT infrastructure. For that, different hybrid models are developed, trained, tested, and validated using Convolutional Neural Networks (CNN), Gated Recurrent Units (GRU), Short-Term Memory (LSTM), Autoencoder, and XGBoost algorithms. Experimental results show that the proposed XGBoost ML model exhibits the highest performance, as compared to other models, and excels across multiple metrics, including recall, precision, F1-score, and false alarm rate (FAR). The results also show that hybrid CNN+GRU model is closely behind, which exhibited strong performance in accurately detecting anomalies in encrypted IoT traffic. Specifically, Our experimental results show that the developed hybrid CNN+GRU model outperforms the others, achieving an accuracy of 94.94%, a recall of 92.29%, a precision of 98.49%, an F1 score of 95.24%, and a low false alarm rate of 0.001. However, it is (open full item for complete abstract)

Committee: Fathi Amsaad Ph.D. (Advisor); Lingwei Chen Ph.D. (Committee Member); Michael L. Raymer Ph.D. (Committee Member); Anton Netchaev Ph.D. (Committee Member) Subjects: Computer Science

PhD, University of Cincinnati, 2023, Engineering and Applied Science: Computer Science and Engineering

Users' privacy and data security are under unprecedented threat because of the growing use of the Internet and digital devices, one example of such threat is side-channel attacks. The side-channel attacks are a class of cyber-attacks in which the attacker tries to exploit physical side-channel information leakage to recover critical information of a user. The research on side-channel attacks has made significant progress and remains a hot topic. Deep learning based side-channel attack methods have shown advantages in many aspects. But these methods are facing critical limitations -- insufficient labeled training data and data distribution shifts, which will cause side-channel attack failure. Our research focuses on these problems and investigates two specific side-channel attacks: 1) side-channel attack over encrypted network traffic (also called website fingerprinting); 2) side-channel attack to power consumption on micro-controllers (also called side-channel attack). My main focus and contributions are 3 fold: Firstly, we studied website fingerprinting in a more real-world scenario: the attacker and the user have different network setups and website content updates frequently, which causes the well-trained model outdated in a few days, but the collection of labeled data could take more than 2 weeks. Due to this reason, the attacker cannot obtain enough labeled training data to perform the attack. Facing this challenge, we designed a novel website fingerprinting attack method based on the adversarial domain adaption technique, which can enable the attacker to perform the attack with less than 20 traces per website and achieve over 80\% accuracy when the network setup is different. Secondly, we studied the side-channel attack when the attacker cannot obtain a sufficient number of training traces, which will cause the traditional deep learning based methods to fail to recover the key. To address this limitation, we proposed a novel side-channel attack b (open full item for complete abstract)

Committee: Boyang Wang Ph.D. (Committee Chair); Wen-Ben Jone Ph.D. (Committee Member); Wenhai Sun Ph.D. (Committee Member); Nan Niu Ph.D. (Committee Member); Seokki Lee Ph.D. (Committee Member) Subjects: Computer Engineering

Doctor of Philosophy, The Ohio State University, 2022, Computer Science and Engineering

ML applications are driving the next computing revolution. In this context both performance and security are crucial. We propose hardware/software co-design solutions for addressing both. First, we propose RNNFast, an accelerator for Recurrent Neural Networks (RNNs). RNNs are particularly well suited for machine learning problems in which context is important, such as language translation. RNNFast leverages an emerging class of non-volatile memory called domain-wall memory (DWM). We show that DWM is very well suited for RNN acceleration due to its very high density and low read/write energy. RNNFast is very efficient and highly scalable, with a flexible mapping of logical neurons to RNN hardware blocks. The accelerator is designed to minimize data movement by closely interleaving DWM storage and computation. We compare our design with a state-of-the-art GPGPU and find 21.8X higher performance with 70X lower energy. Second, we brought ML security into ML accelerator design for more efficiency and robustness. Deep Neural Networks (DNNs) are employed in an increasing number of applications, some of which are safety-critical. Unfortunately, DNNs are known to be vulnerable to so-called adversarial attacks. In general, the proposed defenses have high overhead, some require attack-specific re-training of the model or careful tuning to adapt to different attacks. We show that these approaches, while successful for a range of inputs, are insufficient to address stronger, high-confidence adversarial attacks. To address this, we propose HASI and DNNShield, two hardware-accelerated defenses that adapt the strength of the response to the confidence of the adversarial input. Both techniques rely on approximation or random noise deliberately introduced into the model. HASI uses direct noise injection into the model at inference. DNNShield uses approximation that relies on dynamic and random sparsification of the DNN model to achieve inference approximation efficiently and wi (open full item for complete abstract)

Committee: Radu Teoderescu (Advisor); Yang Wang (Committee Member); Wei-Lun Chao (Committee Member) Subjects: Computer Engineering; Computer Science

Doctor of Philosophy, University of Toledo, 2022, Engineering

With the increasing trend of outsourcing the fabrication process of Integrated Circuits (ICs) to foreign foundries, hardware security threats have significantly increased. Of particular concern is the infiltration of the IC supply chain with compromised and counterfeit chips by untrusted and dubious foundries. In recent years, the use of programmable devices such as Field Programmable Gate Arrays (FPGAs) has rapidly increased. The increased deployment of these devices in mission-critical computing systems such as communication networks, smart grids, defense equipment, and internet of things; has led hackers to continually devise new techniques to breach the security of these devices. Of serious concern is the implantation of a spurious circuitry, known as a Trojan, to steal or degrade the function of the chip. These tampered chips can subsequently act as ‘spy chips' for collecting confidential data by adversaries and hackers. To counter such attacks, a chip designer can embed additional security layers in these devices using Physical Unclonable Functions (PUFs). Although PUFs are supposed to be unclonable and unbreakable, researchers have found that they are vulnerable to Machine Learning (ML) attacks. From a subset of challenge-response pairs (CRPs), the remaining CRPs can be effectively predicted using different machine learning algorithms. This research presents a comprehensive vulnerability analysis of different FPGA based PUFs to various Swarm Intelligence (SI) based ANN Algorithms (SI) attacks; namely, Dragonfly Algorithm (DA), Gravitational Search Algorithm (GSA), Cuckoo Search Algorithm (CS), Particle Swarm Optimization (PSO), and the Grey Wolf Optimizer (GWO) algorithms. These algorithms are used to build Artificial Neural Network models to analyze the vulnerability of the different PUFs for modeling attacks. The training algorithms adjust the weights and biases of the ANN to obtain the highest response prediction accuracy by finding their optimum set. To (open full item for complete abstract)

Committee: Mohammed Niamat PhD (Committee Chair); Richard Molyet PhD (Committee Member); Weiqing Sun PhD (Committee Member); Ahmad Javaid PhD (Committee Member); Junghwan Kim PhD (Committee Member) Subjects: Artificial Intelligence; Computer Engineering; Electrical Engineering; Systems Design

Master of Science, The Ohio State University, 2021, Electrical and Computer Engineering

Recent advances in machine learning, such as deep neural networks, have enabled applications like Autonomous Driving (AD), that are becoming increasingly popular. AD is one promising technology that has become the primary area of interest for the machine learning research communities as well as the industry in the current decade. It is clearly evident that self-driving vehicles could significantly aid in reducing road accidents and also make driving more efficient. Deep neural networks are used in solving challenging tasks in AD such as image and object recognition, motion planning, and behavior prediction. But the application of deep learning to self-driving turns out to be much more complicated than in other areas due to the high amount of uncertainty in the surrounding dynamic environment. Despite the complexities involved, there has been significant progress in this field and the self-driving pipeline is rapidly evolving. In this thesis, we address the problem of Semantic Segmentation and Traffic Sign Recognition (TSR) in an Autonomous Vehicle (AV). By addressing these issues, we tackle the problem of cybersecurity (in sensors) in AVs. Autonomous vehicles, as we know them, are cyber-physical systems that comprise various subsystems that communicate with one another to enable a vehicle to demonstrate autonomous behavior. The perception systems perceive the environment and pass data to the decision-making systems or compute units and these, in turn, feed the actuation decision to the actuation system. This amount of coupling between various sub-systems of an autonomous vehicle allows them to be vulnerable to malicious attacks from outside. Owing to the fact that most industries are headed towards fully autonomous vehicles in the near future, ensuring the safety and security of these vehicles is of utmost importance and hence paves way for a new area of research among the research communities as well as commercial companies. After discussing different approa (open full item for complete abstract)

Committee: Qadeer Ahmed (Advisor); Eylem Ekici (Committee Member) Subjects: Computer Engineering; Electrical Engineering

MS, University of Cincinnati, 2021, Engineering and Applied Science: Electrical Engineering

Black hat hackers can launch an attack anytime, on any type of system, whether the system is connected to a local network or to the internet. Therefore, the security for any cyber-physical system is a major concern. This common security threat is shared amongst many companies and other platforms across a variety of different industries that use interconnected devices controlled by programmable logic controllers (PLCs). Once an attacker has access to a system, he or she could cause devastating impacts such as cutting power to an entire city's traffic light system or stopping a city's water supply. Attackers' sophisticated methods are improving much faster than the security technologies we put in our PLCs and local networks. The present work utilized simulated attacks on a PLC testbed to investigate methods of providing an extra layer of security in two cases—one on the PLCs and the other one in the local network.

Committee: Carla Purdy Ph.D. (Committee Chair); Massoud (Max) Rabiee Ph.D. (Committee Member); Boyang Wang (Committee Member) Subjects: Engineering

Master of Science (MS), Bowling Green State University, 2021, Computer Science

Along with the immense popularity of Android applications, the Android ecosystem is under constant threat of malware attacks. This issue warrants developing efficient tools to detect malware apps. There is a large body of work in the literature that has applied static analysis for malware detection. For instance, one popular idea has been to extract API-calls from the app code and then to use those API-calls as artifacts to train machine learning models to classify malware and benign apps. However, most of this line of work does not incorporate the true execution sequence of the API-calls, and thus misses out to capture a potentially rich signature. Furthermore, while evaluating the vetting accuracy, many of the prior work report their primary results on a randomly selected test set that are not spatially consistent (malware percentage in the test set approximating real-world scenario) and/or temporally consistent (having correct time split of train and test data) which artificially inflates the performance of the model. In this thesis, we explore if tracking the true sequence of the API-calls improves the effectiveness of the vetting process and present results ranging from testing on a random test set to a spatially and temporally consistent test set. We perform deep learning-based malware classification using a graph that we name API sequence graph which preserves the true sequence of API calls. The experiments show that our best performing model achieves AuPRC ranging from 0.977 to 0.86 and an F1-score of 0.955 to 0.83 depending on the consistency of the test set. The results show that our best-performing model, based on the true sequence of API calls, outperforms a quasi-sequence-based model.

Committee: Sankardas Roy Ph.D. (Advisor); Jong Kwan Lee Ph.D. (Committee Member); Qing Tian Ph.D. (Committee Member) Subjects: Computer Science

MS, University of Cincinnati, 2020, Education, Criminal Justice, and Human Services: Information Technology

Literature has shown that social groups play an important role in the ways that individuals learn about and change behaviors related to privacy and security management on digital devices. The term tech caregiver has recently been used to describe individuals that oer direct support to friends and family in need of help managing digital devices. This thesis investigates the role of these tech caregivers to support privacy and security management in small groups. To do this, 112 individuals were surveyed across the United States of America. These 112 participants belonged to 20 small groups comprising of technology caregivers and the technology caregivees. The results show that technology caregivers tend to be younger adults (age 19-25). Technology caregivers reported significantly higher levels of self-ecacy for privacy and security and power usage than technology caregivees. Qualitative feedback shows that participants primarily used text messages and phone calls to communicate to receive support on the topics of troubleshooting and device setup and the explanation of a new device. This work helps to characterize the role of technology caregivers within small groups when it comes to social support for digital privacy and security and describes design implications for creating a mobile platform that supports the work of tech caregivers in their social groups.

Committee: Jess Kropczynski Ph.D. (Committee Chair); Shane Halse Ph.D. (Committee Member) Subjects: Information Technology