MS, University of Cincinnati, 2024, Engineering and Applied Science: Electrical Engineering

The advent of the single purpose microcontrollers, coupled with the evolution in battery technology and wireless communication has accelerated the development and widespread of IoT devices. These omnipresent devices, due to their inherent benefit, have been employed in every aspect of our lives including the very critical ones from medical devices to security and defense. Despite their myriads of benefits, IoT devices have for the few years been one of the favorite targets of bad cyber actors due to diverse reasons. Securing IoT devices is challenging because they are not only deployed in remote places where control and supervision is unfeasible, but they also have limited computation resources which renders the current security infrastructure obsolete. To fix this issue methodologies that use hardware malware detectors (HMD) have been employed. An HMD is a security device deployed to detect and combat malicious software by analyzing activities at the hardware level. This methodology uses either built in performance monitor units and machine learning algorithms to create models capable of detecting malware operation or malware detection units created using different heuristics capable of differentiating benign or malware programs. One such heuristic is the negative selection algorithm from the field of artificial immune system which allows to build a detector set capable of differentiating between self and non-self-samples. Since malware is spread in diverse families and its development tends to have a rapid evolution, it is necessary to find a way to store critical detection information without requiring too much memory to detect a vast array of attacks. A methodology for reducing the size of the detector set and a partial implementation in hardware to assess the power and area implication of the reduction is proposed in this work. The methodology entitled Reduction of Detector Set for a Hardware (open full item for complete abstract)

Committee: Ranganadha Vemuri Ph.D. (Committee Chair); John Emmert Ph.D. (Committee Member); Wen-Ben Jone Ph.D. (Committee Member) Subjects: Electrical Engineering

Master of Science, The Ohio State University, 2024, Computer Science and Engineering

Malware is the most persistent security threat to the modern information ecosystem. To mitigate the damage that malware inflicts, the most effective resource is a thorough understanding of its exact mechanisms and operations. For this reason, malware analysis safeguards the entire computing industry. However, the overall effectiveness and efficiency of this sector are increasingly being undermined by a combination of detrimental internal practices and external forces. The cybersecurity field must adapt and evolve in order to counteract and mitigate the impact of these threats. In this paper, I propose a new and superior model for the analysis of Linux and IoT malware with the introduction of IOTA (Invisible Observation \& Threat Analysis): A bare-metal process-tracing framework. By merging the superior quality of data that bare-metal analysis supplies with the superior quantity of data provided by process-tracing, IOTA is able to effortlessly accomplish what traditional malware analysis sandbox environments cannot: undetectable malware analysis. Notably, the unification of these two technologies facilitates a novel strategy of intentionally and iteratively triggering anti-analysis code segments, allowing IOTA to automatically reverse-engineer malware samples. Additionally, this unique approach provides data that can be used to harden devices and traditional malware analysis environments without reverse-engineering entire malware samples. All of these capabilities are supplemented by the regular suite of tools found in traditional sandbox environments. Moreover, IOTA is designed to be fully modular, allowing for the modification of existing code and the addition of new routines with ease. IOTA presents a novel malware analysis paradigm with less overhead, more accurate data collection, less susceptibility to sandbox evasion techniques, and leverages these anti-analysis routines to its advantage. To demonstrate the efficacy of bare-metal process-tracing, the vulner (open full item for complete abstract)

Committee: Carter Yagemann (Advisor) Subjects: Computer Engineering; Computer Science; Information Science

MS, Kent State University, 2024, College of Arts and Sciences / Department of Computer Science

Cryptography, derived from the Greek word meaning "to hide information," involves techniques for converting readable plaintext into unreadable ciphertext through a process called encryption. Cryptography algorithms are broadly categorized into two types: symmetric key cryptography and asymmetric key cryptography. Symmetric key cryptography is further divided into block ciphers and stream ciphers. Block ciphers, based on their structure, can be classified into two main categories: Substitution-Permutation Networks (SPN) and Feistel Networks (FN). This research focuses on SPN-based block ciphers. In 1949[1], Claude Shannon introduced two fundamental operations required for a robust cryptosystem: substitution and permutation. Substitution, the core component of SPN-based cryptography, is implemented through substitution boxes (S-Boxes), where each element in the plaintext is mapped to another element to achieve nonlinearity and provide the confusion property crucial for security. With the rise of constrained devices, such as the Internet of Things (IoT), there is an increasing demand for lightweight symmetric-key algorithms. However, in many cases, the S-Box contributes the most to the hardware complexity and computational load compared to other linear components. This research addresses this challenge by designing and optimizing a lightweight cryptosystem suitable for resource-limited environments. The thesis makes two key contributions to the field of lightweight cryptography. The first contribution is the development of chaos-based S-Boxes tailored for devices with restricted computational capabilities. By leveraging chaotic maps, the proposed S-Boxes achieve a high degree of nonlinearity and security while maintaining a minimal computational and hardware footprint, making them ideal for IoT and other constrained devices. These chaos-based S-Boxes introduce dynamic, unpredictable substitution patterns that enhance resistance to cryptanalysis techniques such as l (open full item for complete abstract)

Committee: Maha Allouzi Dr (Advisor); Younghun Chae Dr (Committee Member); Lei Xu Dr (Committee Member) Subjects: Computer Engineering; Computer Science

Master of Science, Miami University, 2024, Electrical and Computer Engineering

In this thesis, a thorough investigation into the optimization of user connectivity in ad hoc communication networks using robust policy creation and intelligent UAV location in stochastic environments is presented. In order to handle the dynamic and decentralized character of ad hoc networks, we identified the optimal UAV positions by applying a multi-agent deep Q-learning technique. To train stochastic environment-adaptive policies, a novel simple algorithm was devised with an emphasis on the usefulness of these policies under different scenarios. Through an empirical investigation, the study offered information on the generalizability and adaptability of learnt behaviors by examining how well policies based on one distribution of settings performed when applied to different, unseen distributions. In this thesis, we also explored the resilience of UAV networks against jamming attempts and propose a method for unaffected UAVs to self-adjust their placements. This approach ensured optimal user coverage even in adversarial situations. By demonstrating the potential of machine learning techniques to maximize network performance and enhance user connectivity in the face of environmental uncertainties and security risks, these contributions will collectively advance the field of UAV-assisted communication.

Committee: Dr. Bryan Van Scoy (Advisor); Dr. Mark Scott (Committee Member); Dr. Veena Chidurala (Committee Member) Subjects: Computer Engineering; Electrical Engineering

Doctor of Philosophy (Ph.D.), University of Dayton, 2024, Electrical and Computer Engineering

Internet of things (IoT), an all pervasive technology, is expected to reach 41 billions by 2027. Such a revolutionary technology is utilized in plethora of applications such as health, and agriculture. IoT offers numerous advantages in terms of computing, and intelligence. Such a growth of IoT devices lead to the proliferation of wireless technologies to cater to the growing demands of users. Such proliferation of wireless technologies pose multiple challenges such as higher interference, limited spectrum resources, compatibility issues between different standards, and higher power consumption. The existing approaches as well as their limitations are surveyed in addition to including end-to-end deep learning based frameworks to alleviate the challenges described above. The proposed framework is validated, and evaluated on open-source and real-time data respectively.

Committee: Bradley Ratliff (Committee Chair); Ying-Ju Chen (Committee Member); Dong Cao (Committee Member); Feng Ye (Committee Member) Subjects: Computer Engineering; Information Science; Information Technology; Mathematics

MS, University of Cincinnati, 2023, Education, Criminal Justice, and Human Services: Information Technology

This research proposes a cost-effective and reliable IoT-based system for real-time temperature monitoring using NodeMCU ESP8266 and ThingSpeak Cloud. The system can be deployed in healthcare settings, such as hospitals, clinics, and nursing homes, where accurate and reliable temperature monitoring is critical for patient care and comfort. The proposed system is capable of providing real-time environmental temperature readings and storing data on the cloud for remote access and analysis. In the proposed system, one ESP8266 is configured as an access point that wirelessly transmits temperature readings from a DS18B20 sensor to another ESP8266 configured as a client. The client ESP8266 sends the data to the ThingSpeak Cloud to display temperature readings and for analysis. The system can be integrated with medical alert systems to provide timely notifications to medical staff in case of any abnormalities. Overall, this system provides a cost-effective, reliable, and scalable solution for real-time temperature monitoring in healthcare settings.

Committee: Zaghloul Elsayed Ph.D. (Committee Chair); M. Murat Ozer Ph.D. (Committee Member); Nelly Elsayed Ph.D. (Committee Member) Subjects: Information Technology

MS, University of Cincinnati, 2023, Education, Criminal Justice, and Human Services: Information Technology-Distance Learning

People know about threats such as ransomware and data breaches potentially affecting healthcare providers through various articles on the news as well as being aware of the impact that the growing dependency of embedded devices has on our care. Given these two conditions, it's fair to ask: what else is being done to ensure public safety when someone's in with a serious medical condition? Who's ensuring that some entity isn't getting in and remotely changing settings on critical care components that could in turn possibly cause someone to needlessly die? All of these pose excellent questions that deserve to be answered. Yet, there's no easy solution out there. Very few enterprises, much less health systems, are capable of consistently providing more resources such as labor and tools as needed. While a majority of the nation's 5,000 healthcare systems are technically not-for-profit, budget crunches still nonetheless have an adverse impact on security operations. This adverse impact on security operations often means cyberattacks still persist, and we continue to hear about data breaches in the news. It's clear that something practical needs to be done, but what?

Committee: Zaghloul Elsayed Ph.D. (Committee Chair); M. Murat Ozer Ph.D. (Committee Member); Chengcheng Li Ph.D. (Committee Member) Subjects: Information Technology

Doctor of Philosophy (PhD), Wright State University, 2023, Computer Science and Engineering PhD

The Internet of Things (IoT) is used in many fields that generate sensitive data, such as healthcare and surveillance. Increased reliance on IoT raised serious information security concerns. This dissertation presents three systems for analyzing and classifying IoT traffic using Deep Learning (DL) models, and a large dataset is built for systems training and evaluation. The first system studies the effect of combining raw data and engineered features to optimize the classification of encrypted and compressed IoT traffic using Engineered Features Classification (EFC), Raw Data Classification (RDC), and combined Raw Data and Engineered Features Classification (RDEFC) approaches. Our results demonstrate that the EFC, RDC, and RDEFC models achieve a high classification accuracy of 80.94%, 86.45%, and 90.55%, respectively, outperforming systems reported in the literature with similar configurations. The second system uses three approaches of density estimation, which are histogram, Kernel Density Estimation (KDE), and Cumulative Distribution Function (CDF), to enhance encrypted and compressed variable-size IoT traffic classification. The results demonstrate that the KDE approach attains a significantly higher accuracy of 90.92% compared to 86.66% and 82.6% of the histogram and CDF, respectively. Furthermore, the KDE approach outperforms our RDEFC model in three aspects: variable file length, dataset complexity, and dimensionality reduction. The third system suggests a novel approach for file type classification of fragments in a compressed archive file for forensic digital investigation. Existing research in the literature classifies these files as archive file formats, such as .zip, with no further investigation of the compressed file types. In this system, an optimized modification of the Inception network is implemented. Two sets of filter sizes are implemented, and the attained accuracies are 73.18% and 75.24%, respectively. For future work, we suggest including (open full item for complete abstract)

Committee: Bin Wang Ph.D. (Advisor); Soon M. Chung Ph.D. (Committee Member); Liu Meilin Ph.D. (Committee Member); Wu Zhiqiang Ph.D. (Committee Member) Subjects: Artificial Intelligence; Computer Engineering; Computer Science; Engineering; Information Science; Information Technology

Doctor of Philosophy, University of Toledo, 2023, Engineering

Intrusion detection systems (IDSs) have evolved significantly since the first time they were introduced and have become one of the most essential defenses in a network. With the advent of machine learning (ML), several improvements and enhancements have been made to the capabilities of traditional IDSs. However, every advancement brings with it a range of new challenges and threats. Although ML expanded the abilities of IDSs, there are certain problems that need to be investigated and this research attempts to highlight and address some of the existing problems. One of the problems is that a major portion of the research progress involving IDSs has been achieved using decades-old datasets. This work aims to study recently published research IDS datasets and analyze the performances of ML-based IDS models when trained with such datasets. Another problem focused on in this research is the vulnerabilities of ML models to adversarial environments. The work identifies that a majority of research progress achieved relevant to ML-powered IDSs is toward the direction of improving the performance efficiency of the IDS models under normal settings, i.e., toward optimizing the detection rates with genuine data. Relatively little progress is made towards making the IDS models robust to adversarial environments and deceptive inputs that target the IDSs rather than the premises (networks or hosts) guarded by them. This is a serious concern in cybersecurity which needs more investigation and problem-solving. In regard to this concern, various types of adversarial attacks are studied, and the behaviors of IDSs in certain white-box adversarial settings are assessed when the models are trained with modern research datasets. The study extends further by developing a defense mechanism against a white-box evasion attack which is considered to be very powerful for image-classication-based models. As the IDS models deployed in real-world environments are more susceptible to black-bo (open full item for complete abstract)

Committee: Weiqing Sun (Advisor); Weiqing Sun (Committee Chair); Junghwan Kim (Committee Member); Mohammed Niamat (Committee Member); Devinder Kaur (Committee Member); Ahmad Javaid (Committee Co-Chair) Subjects: Computer Science

Master of Computer Science, Miami University, 2023, Computer Science and Software Engineering

The field of security is constantly evolving. One area of focus that has seen very little industry change in recent years is the area of fallback authentication. Industry standards continue to use insecure methods such as security questions and out-of-band services. Social authentication is a new type of fallback authentication which could improve security in many systems. In this thesis we first review various methods of trustee-based social authentica- tion (TBSA) and analyze them for security flaws. We then propose two different methods, knowledge verified and CAPTCHA-aided TBSA, to help solve the issues tied to recently proposed TBSA methods. Furthermore, we combine these two methods to propose a novel scheme called knowledge verified CAPTCHA-aided TBSA. Lastly, we describe the benefits and the applications of applying these methods in the field of Internet of Things (IoT). The implementation of knowledge verified TBSA, CAPTCHA, and video notarization backed by deepfake detection provide a robust and secure method of authentication that rivals any method of fallback authentication currently implemented in IoT and the rest of the industry.

Committee: Khodakhast Bibak (Advisor); Vaskar Raychoudhury (Committee Member); Suman Bhunia (Committee Member) Subjects: Computer Science

Master of Science in Computer Engineering, University of Dayton, 2023, Electrical and Computer Engineering

IoT (Internet of Things) frameworks are designed to simplify the development process of IoT devices and applications. However, like any technology, they also have some problems that need to be addressed. Some of the common problems associated with IoT frameworks include: • Security Concerns: IoT devices collect and transmit sensitive data, making them a prime target for cyberattacks. Many IoT frameworks lack built-in security features, making it easier for hackers to access the data. • Interoperability Issues: IoT devices from different manufacturers may use different protocols and standards, making it difficult for them to communicate with each other. • Scalability Challenges: IoT systems can involve large numbers of devices and applications, and the frameworks used to develop these systems need to be scalable. This requires significant computing power and data storage capacity, which can be a challenge for some IoT frameworks. • Complexity: IoT development can be complex, as it involves multiple components and technologies, such as cloud computing, big data analytics, and edge computing. The frameworks used to develop IoT systems need to be able to integrate these components and simplify the development process. • Cost: Developing and deploying IoT systems can be expensive, as it requires specialized hardware, software, and infrastructure. The cost of IoT frameworks can also be a barrier to adoption for some organizations. Just like commercial IoT frameworks, Department of Defense (DoD) unattended ground sensors (UGSs) come in many shapes and sizes and often have many different components. These components range from infrared cameras and magnetometers to communications equipment and embedded computers. The combination of these different components requires sophisticated software that is often time consuming to develop and difficult to reuse and have the same problems like commercial IoT systems. The US Army Research Laboratory (ARL) and the Defe (open full item for complete abstract)

Committee: Kevin Hallinan (Committee Chair); Andrew Rettig (Committee Member); Vijayan Asari (Committee Member) Subjects: Computer Engineering; Computer Science; Information Science; Information Systems

Master of Science, Miami University, 2023, Computer Science and Software Engineering

A botnet is an army of zombified computers infected with malware and controlled by malicious actors to carry out tasks such as Distributed Denial of Service (DDoS) attacks. Billions of Internet of Things (IoT) devices are primarily targeted to be infected as bots since they are configured with weak credentials or contain common vulnerabilities. Detecting botnet propagation by monitoring the network traffic is difficult as they easily blend in with regular network traffic. The traditional machine learning (ML) based Intrusion Detection System (IDS) requires the raw data to be captured and sent to the ML processor to detect intrusion. In this research, we examine the viability of a cross-device federated intrusion detection mechanism where each device runs the ML model on its data and updates the model weights to the central coordinator. This mechanism ensures the client's data is not shared with any third party, terminating privacy leakage. The model examines each data packet separately and predicts anomalies. We evaluate our proposed mechanism on a real botnet propagation dataset called MedBIoT. In addition, we also examined whether any device taking part in federated learning can employ a poisoning attack on the overall system.

Committee: Suman Bhunia (Advisor); Khodakhast Bibak (Committee Member); Daniela Inclezan (Committee Member) Subjects: Computer Science

Master of Sciences, Case Western Reserve University, 2022, EECS - Electrical Engineering

With the emergence of IoT applications, the threat of hacked devices is becoming more detrimental with the possibility of compromised networks and leaked passwords. These devices' security methods are limited by area, power, and computational resources because they are typically battery powered and portable. Physically unclonable functions are based on random process variations and have the potential to be easily implemented to meet these requirements. To realize their security applications, PUFs need to have a large number of challenge-response pairs while maintaining a lower area. This work proposes two embedded PUFs for a PLL that exploit transistor characteristics to increase the number of CRPs. The methods to increase entropy and CRPs in a system include reducing the applied voltages, biasing the transistor's body, and incorporating pass transistors. These added entropy methods were able to increase the number of challenge-response pairs with an exponential relationship without increasing the PUF's subunits.

Committee: Hossein Miri Lavasani (Advisor) Subjects: Electrical Engineering

MS, University of Cincinnati, 2022, Education, Criminal Justice, and Human Services: Information Technology

With families increasingly moving towards smart devices and home automation, the right security policies and access control are essential. However, in multi-person and family homes, several users are sharing an IoT device, bringing up the question of who's in control. We examine how smart-home owners share their IoT devices, and how they feel about using sharing features. In a global landscape, understanding cultural differences is key in every field, and IoT is no different. Using a mixture of survey and interview methods, we collect data regarding smart-home owners' IoT devices and which of these devices they share to understand their device sharing preferences. We then expand our findings by understanding the user demographics and cultural differences.

Committee: Nora McDonald Ph.D. (Committee Member); Jess Kropczynski Ph.D. (Committee Member) Subjects: Information Technology

Master of Science, The Ohio State University, 2022, Computer Science and Engineering

In recent years, there has been considerable interest in developing streaming applications for IoT (or Edge Computing) environments. In this context, several studies have (manually) deployed application components on different nodes in the path from the extreme edge to the cloud. It is desirable to automate this mapping process. However, when considering this problem in the context of heterogeneous multi-layer wireless networks, we see challenges like limited computing and battery power at the extreme edge, modest transmission bandwidth, and different processing powers for different nodes. Automatic deployment or partitioning for streaming applications considering these challenges has not been addressed in the previous work. In the first chapter, a framework for automated deployment is presented with an emphasis on optimizing latency in the presence of resource constraints. A dynamic programming-based deployment algorithm is developed to make deployment decisions. With battery power being a key constraint, a major component of our work is a power model to help assess the power consumption of the edge devices at the runtime. Using three applications, we show the large reductions in both power consumption and response latency with our framework, as compared to a baseline involving cloud-only execution. At the same time, such an edge or fog processing model is increasingly being used for critical applications, often in environments where devices can be compromised. The second chapter considers a number of attacks that can negatively impact streaming IoT applications, and develop solutions to verify the integrity of the applications. We focus on premature code execution and overwriting of devices generated outputs, and propose a minimalist logging scheme for periodic verification with the use of hash-chains and Merkle Hash Tree (MHT).

Committee: Feng Qin (Committee Member); Mircea-Radu Teodorescu (Advisor) Subjects: Computer Science

Master of Computer Science (M.C.S.), University of Dayton, 2021, Computer Science

Nowadays, real-time data originating from connected devices are crucial to the Internet of Things (IoT) real-world applications. IoT data are also shared with multiple parties and tenants for their business based on contract agreements. For instance, in smart cities, most stores and restaurants have indoor surveillance cameras for security purposes. Stores also use these camera systems to enhance their customer experience by analyzing customer's behaviors, usually performed by AI applications from third parties. At the same time, the cameras might be shared with the local police department in case of emergency events. Such sharing scenarios face many challenges, including heterogeneous IoT protocols and platforms, real-time or near real-time processing, and the privacy and security of the data. The existing IoT data marketplaces provide mechanisms to share data; however, they did not address the issues where sharing contracts are dynamically changed depending on the context. This thesis proposes a novel IoT Datahub architecture with a dynamic context-based policy enforcement framework that supports IoT data sharing based on dynamic contracts. Our enforcement framework allows IoT data providers to define extensible rules and metrics to govern the tenants in accessing the shared data based on policies defined in static and dynamic contexts. For example, for the same real-time data stream, we can define and enforce a policy that allows some authorized tenants to access while only allowing some other tenants to access the data in some circumstances, such as emergencies. We have developed a proof-of-concept prototype with a surveillance camera system to illustrate our proposed framework. Our system demonstrates that we can define and enforce dynamic policies for accessing camera data based on the context from the camera, e.g., the number of people currently captured in the camera after a given period for selected authorized tenants

Committee: Phu Phung (Advisor); James Buckley (Committee Member); Zhongmei Yao (Committee Member) Subjects: Information Technology

MARCH, University of Cincinnati, 2021, Design, Architecture, Art and Planning: Architecture

Technological (tech.) development has swept the country and globe. Innovation continues to revolutionize every facet of life. Whether it be an iPhone correcting spelling issues or Uber saving a person from a DUI, technology development plays a pivotal role in improving the quality of life. With the ever-expanding possibilities of technology, how can housing actively adapt and implement them? This document investigates an architecture of the home as it exists today and explores the possibilities of tech. enhancement. Tracing the historical evolution of homes illustrates how they arrived at the innovation-estranged form they take on today. From that, further gaps are highlighted in a comparison between technology of the home and that of an automobile. Sensors, micro-location, and the internet of things are detailed and interpreted in a living environment as a representation of a technologically thriving model for the receptive city of Austin, TX.

Committee: Michael McInturf M.Arch. (Committee Chair); Elizabeth Riorden M.Arch. (Committee Member) Subjects: Architecture

Master of Science, The Ohio State University, 2020, Computer Science and Engineering

Autonomous systems such as self driving cars, smart traffic lights, smart homes and smart cameras are increasingly being deployed. Such systems deployed at the edge make use of low-powered edge devices and machine learning techniques in order to process inferences faster. However, such AI inference consumes precious energy, drains batteries and shortens IoT lifetimes. A variety of factors such as AI algorithm used, hardware resources available, internet capacity, latency and number of applications determine the amount of energy consumed at the edge. When deploying an autonomous application at edge, careful selection of these factors is very crucial. Firstly, we built a fully autonomous aerial system (FAAS) which uses a model-driven approach to manage edge resources in order to complete missions with feasible energy consumption. Edge resources can affect where FAAS fly and which data they sense. Usage profiles can diverge greatly across edge management policies. Our model run on FAAS benchmarks predicted throughput with 4\% error across mission, software and hardware settings. We found that model-driven management for FAAS can boost mission throughput by 10X and reduce costs by 87\%. Secondly, we explore AI-driven IoT which uses AI inference to characterize data harvested from IoT sensors. AI inference consumes precious energy, drains batteries and shortens IoT lifetimes. Given a workload with alternating inference and idle time periods, we explore scheduling techniques to perform AI inference model updates in an energy efficient way. We implemented traditional scheduling techniques such as First-come-first-served (FCFS), shortest-job-first (SJF) and least-recently-used (LRU) to observe the scheduling pattern and energy footprint required to perform updates. We use random walks to explore the space of scheduling policies and 2$^kr$ design of experiments to quantify primary effects and interactions between factors. The best random-walk policy uses much less energy (open full item for complete abstract)

Committee: Christopher Stewart (Advisor); Yang Wang (Committee Member) Subjects: Computer Science

Master of Science, University of Toledo, 2020, Engineering (Computer Science)

Studies have shown the vulnerability of machine learning algorithms against adversarial samples in image classification problems in deep neural networks. However, there is a need for performing comprehensive studies of adversarial machine learning in the intrusion detection domain, where current research has been mainly conducted on the widely available KDD'99 and NSL-KDD datasets. In this study, we evaluate the vulnerability of contemporary datasets (in particular, UNSW-NB15 and Bot-IoT datasets) that represent the modern network environment against popular adversarial deep learning attack methods, and assess various machine learning classifiers' robustness against the generated adversarial examples. Our study shows the feasibility of the attacks for both datasets where adversarial samples successfully decreased the overall performance.

Committee: Weiqing Sun (Committee Chair); Ahmad Javaid (Committee Member); Devinder Kaur (Committee Member) Subjects: Computer Engineering; Computer Science

Master of Sciences, Case Western Reserve University, 2020, EECS - Computer and Information Sciences

The rapid expansion of Internet of Things (IoT) has brought unprecedented changes to our daily life. Among all, smart home technologies are the most widely adopted. They leverage various devices in home environment to build a connected network, over which automation is implemented for enhancing device interoperability. Such automations usually execute on platforms that are provided by device vendors, such as Samgsung, Google and Amazon. However, back-end cloud may not always be trustworthy due to malware, unknown third-party applications and possible side-channel attacks. Specifically for the IoT platforms, we identify two security threats that may gain unauthorized control of smart home devices: over privilege issue and spooking events. In this thesis, we presents SmartMon, a framework that is designed to detect such security violations by statically analyzing automation application (SmartApp) control logic and comparing them with dynamic execution patterns. Through evaluations, we demonstrate that SmartMon could achieve high precision (> 95%) in detecting both violations. We also evaluate its detection capability in more complex settings, where multiple SmartApps execute simultaneously, resulting in potential dependencies. The evaluation results show that SmartMon remains high accuracy in this scenario as well.

Committee: An Wang (Advisor); Pan Li (Committee Member); Shuai Xu (Committee Member) Subjects: Computer Science