Global ETD Search

1	Fine-Grained Anomaly Detection For In Depth Data Protection Shagufta Mehnaz (9012230) 23 June 2020 (has links) Data represent a key resource for all organizations we may think of. Thus, it is not surprising that data are the main target of a large variety of attacks. Security vulnerabilities and phishing attacks make it possible for malicious software to steal business or privacy sensitive data and to undermine data availability such as in recent ransomware attacks.Apart from external malicious parties, insider attacks also pose serious threats to organizations with sensitive information, e.g., hospitals with patients’ sensitive information. Access control mechanisms are not always able to prevent insiders from misusing or stealing data as they often have data access permissions. Therefore, comprehensive solutions for data protection require combining access control mechanisms and other security techniques,such as encryption, with techniques for detecting anomalies in data accesses. In this the-sis, we develop fine-grained anomaly detection techniques for ensuring in depth protection of data from malicious software, specifically, ransomware, and from malicious insiders.While anomaly detection techniques are very useful, in many cases the data that is used for anomaly detection are very sensitive, e.g., health data being shared with untrusted service providers for anomaly detection. The owners of such data would not share their sensitive data in plain text with an untrusted service provider and this predicament undoubtedly hinders the desire of these individuals/organizations to become more data-driven. In this thesis, we have also built a privacy-preserving framework for real-time anomaly detection. Computer System Security anomaly detection Data Privacy
2	Adversarial Anomaly Detection Radhika Bhargava (7036556) 02 August 2019 (has links) <p>Considerable attention has been given to the vulnerability of machine learning to adversarial samples. This is particularly critical in anomaly detection; uses such as detecting fraud, intrusion, and malware must assume a malicious adversary. We specifically address poisoning attacks, where the adversary injects carefully crafted benign samples into the data, leading to concept drift that causes the anomaly detection to misclassify the actual attack as benign. Our goal is to estimate the vulnerability of an anomaly detection method to an unknown attack, in particular the expected</p> <p>minimum number of poison samples the adversary would need to succeed. Such an estimate is a necessary step in risk analysis: do we expect the anomaly detection to be sufficiently robust to be useful in the face of attacks? We analyze DBSCAN, LOF,</p> <p>one-class SVM as an anomaly detection method, and derive estimates for robustness to poisoning attacks. The analytical estimates are validated against the number of poison samples needed for the actual anomalies in standard anomaly detection test</p> <p>datasets. We then develop defense mechanism, based on the concept drift caused by the poisonous points, to identify that an attack is underway. We show that while it is possible to detect the attacks, it leads to a degradation in the performance of the</p> <p>anomaly detection method. Finally, we investigate whether the generated adversarial samples for one anomaly detection method transfer to another anomaly detection method.</p> Computer System Security Anomaly Detection Adversarial Machine Learning
3	Investigating Attacks on Industrial Control Systems Using Deterministic Replay Simulation Gregory Walkup (6623090) 10 June 2019 (has links) From factories to power grids, industrial systems are increasingly being digitally controlled and networked. While networking these systems together improves their efficiency and convenience, it also opens them up to attack by malicious actors. When these attacks occur, forensic investigators need to quickly be able to determine what was compromised and which corrective actions should be taken. In this thesis, a method is proposed for investigating attacks on industrial control systems by simulating the logged inputs of the system over time using a model constructed from the control programs that make up the system. When evaluated, this led to the detection of attacks which perturbed the normal operation of the system by comparing the simulated output to the actual output. It also allowed for dependency tracing between the inputs and outputs of the system, so that attacks could be traced from their unwanted effects to their source and vice-versa. This method can thus greatly aid investigators in recovering the complete attack story using only logs of inputs and outputs to an industrial control system. Simulation and Modelling Computer System Security industrial control systems cybersecurity simulation
4	Defending Against Adversarial Attacks Using Denoising Autoencoders Rehana Mahfuz (8617635) 24 April 2020 (has links) Gradient-based adversarial attacks on neural networks threaten extremely critical applications such as medical diagnosis and biometric authentication. These attacks use the gradient of the neural network to craft imperceptible perturbations to be added to the test data, in an attempt to decrease the accuracy of the network. We propose a defense to combat such attacks, which can be modified to reduce the training time of the network by as much as 71%, and can be further modified to reduce the training time of the defense by as much as 19%. Further, we address the threat of uncertain behavior on the part of the attacker, a threat previously overlooked in the literature that considers mostly white box scenarios. To combat uncertainty on the attacker's part, we train our defense with an ensemble of attacks, each generated with a different attack algorithm, and using gradients of distinct architecture types. Finally, we discuss how we can prevent the attacker from breaking the defense by estimating the gradient of the defense transformation. Computer System Security Adversarial Machine Learning
5	Analyzing Sensitive Data with Local Differential Privacy Tianhao Wang (10711713) 30 April 2021 (has links) <div>Vast amounts of sensitive personal information are collected by companies, institutions and governments. A key technological challenge is how to effectively extract knowledge from data while preserving the privacy of the individuals involved. In this dissertation, we address this challenge from the perspective of privacy-preserving data collection and analysis. We focus on investigation of a technique called local differential privacy (LDP) and studied several aspects of it. </div><div><br></div><div><br></div><div>In particular, the thesis serves as a comprehensive study of multiple aspects of the LDP field. We investigated the following seven problems: (1) We studied LDP primitives, i.e., the basic mechanisms that are used to build LDP protocols. (2) We then studied the problem when the domain size is very big (e.g., larger than $2^{32$), where finding the values with high frequency is a challenge, because one needs to enumerate through all values. (3) Another interesting setting is when each user possesses a set of values, instead of a single private value. (4) With the basic problems visited, we then aim to make the LDP protocols practical for real-world scenarios. We investigated the case where each user's data is high-dimensional (e.g., in the census survey, each user has multiple questions to answer), and the goal is to recover the joint distribution among the attributes. (5) We also built a system for companies to issue SQL queries over the data protected under LDP, where each user is associated with some public weights and holds some private values; an LDP version of the values is sent to the server from each user. (6) To further increase the accuracy of LDP, we study how to add post-processing steps to protocols to make them consistent while achieving high accuracy for a wide range of tasks, including frequencies of individual values, frequencies of the most frequent values, and frequencies of subsets of values. (7) Finally, we investigate a different model of LDP which is called the shuffler model. While users still use LDP algorithms to report their sensitive data, now there exists a semi-trusted shuffler that shuffles the users' reports and then send them to the server. This model provides better utility but at the cost of requiring more trust that the shuffler should not collude with the server.</div> Computer System Security Data Structures Database Management Local Differential privacy
6	COMPARING SOCIAL ENGINEERING TRAINING IN THE CONTEXT OF HEALTHCARE Giovanni Ordonez (12481197) 03 May 2022 (has links) <p>Social Engineering attacks have been a rising issue in recent years, affecting a multitude of industries. One industry that has been of great interest to hackers is the Healthcare industry due to the high value of patient information. Social Engineering attacks are mainly common because of the ease of execution and the high probability of victimization. A popular way of combatting Social Engineering attacks is by increasing the user’s ability to detect indicators of attack, which requires a level of cybersecurity education. While the number of cybersecurity training programs is increasing, Social Engineering attacks are still very successful. Therefore, education programs need to be improved to effectively increase the ability of users to notice indicators of attack. This research aimed to answer the question - what teaching method results in the greatest learning gains for understanding Social Engineering concepts? This was done by investigating text-based, gamification, and adversarial thinking teaching methods. These three teaching methods were used to deliver lessons on an online platform to a sample of Purdue students. After conducting analysis, both text-based and adversarial thinking showed significant improvement in the understanding of Social Engineering concepts within the student sample. After conducting a follow-up test, a single teaching method was not found to be better among the three teaching methods. However, this study did find two teaching methods that can be used to develop training programs to help decrease the total number of successful Social Engineering attacks across industries. </p> Computer System Security Social Engineering Teaching Methods Healthcare Security
7	Practical Type and Memory Safety Violation Detection Mechanisms Yuseok Jeon (9217391) 29 August 2020 (has links) System programming languages such as C and C++ are designed to give the programmer full control over the underlying hardware. However, this freedom comes at the cost of type and memory safety violations which may allow an attacker to compromise applications. In particular, type safety violation, also known as type confusion, is one of the major attack vectors to corrupt modern C++ applications. In the past years, several type confusion detectors have been proposed, but they are severely limited by high performance overhead, low detection coverage, and high false positive rates. To address these issues, we propose HexType and V-Type. First, we propose HexType, a tool that provides low-overhead disjoint metadata structures, compiler optimizations, and handles specific object allocation patterns. Thus, compared to prior work, HexType significantly improves detection coverage and reduces performance overhead. In addition, HexType discovers new type confusion bugs in real world programs such as Qt and Apache Xerces-C++. However, HexType still has considerable overhead from managing the disjoint metadata structure and tracking individual objects, and has false positives from imprecise object tracking, although HexType significantly reduces performance overhead and detection coverage. To address these issues, we propose a further advanced mechanism V-Type, which forcibly changes non-polymorphic types into polymorphic types to make sure all objects maintain type information. By doing this, V-Type removes the burden of tracking object allocation and deallocation and of managing a disjoint metadata structure, which reduces performance overhead and improves detection precision. Another major attack vector is memory safety violations, which attackers can take advantage of by accessing out of bound or deleted memory. For memory safety violation detection, combining a fuzzer with sanitizers is a popular and effective approach. However, we find that heavy metadata structure of current sanitizers hinders fuzzing effectiveness. Thus, we introduce FuZZan to optimize sanitizer metadata structures for fuzzing. Consequently, FuZZan improves fuzzing throughput, and this helps the tester to discover more unique paths given the same amount of time and to find bugs faster. In conclusion, my research aims to eliminate critical and common C/C++ memory and type safety violations through practical programming analysis techniques. For this goal, through these three projects, I contribute to our community to effectively detect type and memory safety violations. Computer System Security memory safety type safety sanitizer llvm fuzzing
8	Efficient Cryptographic Constructions For Resource-Constrained Blockchain Clients Duc Viet Le (11191410) 28 July 2021 (has links) <div><div>The blockchain offers a decentralized way to provide security guarantees for financial transactions. However, this ability comes with the cost of storing a large (distributed) blockchain state and introducing additional computation and communication overhead to all participants. All these drawbacks raise a challenging scalability problem, especially for resource-constrained blockchain clients. On the other hand, some scaling solutions typically require resource-constrained clients to rely on other nodes with higher computational and storage capabilities. However, such scaling solutions often expose the data of the clients to risks of compromise of the more powerful nodes they rely on (e.g., accidental, malicious through a break-in, insider misbehavior, or malware infestation). This potential for leakage raises a privacy concern for these constrained clients, in addition to other scaling-related concerns. This dissertation proposes several cryptographic constructions and system designs enabling resource-constrained devices to participate in the blockchain network securely and efficiently. </div><div><br></div><div>Our first proposal concerns the storage facet for which we propose two add-on privacy designs to address the scaling issue of storing a large blockchain state. </div><div>The first solution is an oblivious database framework, called T<sup>3</sup>, that allows resource-constrained clients to obliviously fetch blockchain data from potential malicious full clients. The second solution focuses on the problem of using and storing additional private-by-design blockchains (e.g., Monero or ZCash) to achieve privacy. We propose an add-on tumbler design, called AMR, that offers privacy directly to clients of non-private blockchains such as Ethereum without the cost of storing and using different blockchain states.</div><div><br></div><div>Our second proposal addresses the communication facet with focus on payment channels as a solution to address the communication overhead between the constrained clients and the blockchain network. A payment channel enables transactions between arbitrary pairs of constrained clients with a minimal communication overhead with the blockchain network. However, in popular blockchains like Ethereum and Bitcoin, the payment data of such channels are exposed to the public, which is undesirable for financial applications. Thus, to hide transaction data, one can use blockchains that are private by design like Monero. However, existing cryptographic primitives in Monero prevent the system from supporting any form of payment channels. Therefore, we present <i>Dual Linkable Spontaneous Anonymous Group Signature for Ad Hoc Groups (DLSAG),</i> a linkable ring signature scheme that enables, for the first time, off-chain scalability solutions in Monero. </div><div><br></div><div>To address the computation facet, we address the computation overhead of the gossip protocol used in all popular blockchain protocols. For this purpose, we propose a signature primitive called <i>Flexible Signature</i>. In a flexible signature scheme, the verification algorithm quantifies the validity of a signature based on the computational effort performed by the verifier. Thus, the resource-constrained devices can partially verify the signatures in the blockchain transactions before relaying transactions to other peers. This primitive allows the resource-constrained devices to prevent spam transactions from flooding the blockchain network with overhead that is consistent with their resource constraints. </div></div> Computer System Security blockchain cryptography Oblivious Database resource-constrained devices
9	Retrowrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization Sushant Dinesh (6640856) 10 June 2019 (has links) <div>End users of closed-source software currently cannot easily analyze the security</div><div>of programs or patch them if ﬂaws are found. Notably, end users can include devel</div><div>opers who use third party libraries. The current state of the art for coverage-guided</div><div>binary fuzzing or binary sanitization is dynamic binary translation, which results</div><div>in prohibitive overhead. Existing static rewriting techniques cannot fully recover</div><div>symbolization information, and so have diﬃculty modifying binaries to track code</div><div>coverage for fuzzing or add security checks for sanitizers.</div><div>The ideal solution for adding instrumentation is a static rewriter that can intel</div><div>ligently add in the required instrumentation as if it were inserted at compile time.</div><div>This requires analysis to statically disambiguate between references and scalars, a</div><div>problem known to be undecidable in the general case. We show that recovering this</div><div>information is possible in practice for the most common class of software and li</div><div>braries: 64 bit, position independent code. Based on our observation, we design a</div><div>binary-rewriting instrumentation to support American Fuzzy Lop (AFL) and Address</div><div>Sanitizer (ASan), and show that we achieve compiler levels of performance, while re</div><div>taining precision. Binaries rewritten for coverage-guided fuzzing using RetroWrite</div><div>are identical in performance to compiler-instrumented binaries and outperforms the</div><div>default QEMU-based instrumentation by 7.5x while triggering more bugs. Our im</div><div>plementation of binary-only Address Sanitizer is 3x faster than Valgrind memcheck,</div><div>the state-of-the-art binary-only memory checker, and detects 80% more bugs in our</div><div>security evaluation.</div> Computer System Security Programming Languages Program Analysis Binary Analysis fuzzing Sanitization
10	Security techniques for drones Jongho Won (5930405) 10 June 2019 (has links) <div>Unmanned Aerial Vehicles (UAVs), commonly known as drones, are aircrafts without a human pilot aboard. The flight of drones can be controlled with a remote control by an operator located at the ground station, or fully autonomously by onboard computers. Drones are mostly found in the military. However, over the recent years, they have attracted the interest of industry and civilian sectors. <br></div><div>With the recent advance of sensor and embedded device technologies, various sensors will be embedded in city infrastructure to monitor various city-related information. In this context, drones can be effectively utilized in many safety-critical applications for collecting data from sensors on the ground and transmitting configuration instructions or task requests to these sensors.</div><div> <br></div><div>However, drones, like many networked devices, are vulnerable to cyber and physical attacks.<br></div><div>Challenges for secure drone applications can be divided in four aspects: 1) securing communication between drones and sensors, 2) securing sensor localization when drones locate sensors, 3) providing secure drone platforms to protect sensitive data against physical capture attacks and detect modifications to drone software, and 4) protecting secret keys in drones under white-box attack environments.<br></div><div> <br></div><div>To address the first challenge, a suite of cryptographic protocols is proposed. The protocols are based on certificateless cryptography and support authenticated key agreement, non-repudiation and user revocation. To minimize the energy required by a drone, a dual channel strategy is introduced.<br></div><div>To address the second challenge, a drone positioning strategy and a technique that can filter out malicious location references are proposed.<br></div><div>The third challenge is addressed by a solution integrating techniques for software-based attestation and data encryption.<br></div><div>For attestation, free memory spaces are filled with pseudo-random numbers, which are also utilized to encrypt data collected by the drone like a stream cipher.<br></div>A dynamic white-box encryption scheme is proposed to address the fourth challenge. Short secret key are converted into large look-up tables and the tables are periodically shuffled by a shuffling mechanism which is secure against white-box attackers. Computer System Security Drones white-box encryption sensor localization software attestation

Search results