Secure and Privacypreserving V2X multicast DNS

Atif, Ayub, Arieltan, Justin

January 2020

The Domain Name System is a hierarchical naming system that provides information of network resources or services given domain names. DNS applications in vehicular networks raise new challenges with regards to security and privacy of vehicles. In particular, vehicular communications outside the coverage of roadside infrastructure needs to be preserved. Multicast DNS is proposed as a method to restrict queries to vehicles in a Vehicle-to-Everything environment which could include other connected devices. Contemporary DNS applications rely on robust security protocols provided by the DNS Security Extensions to authenticate responses and verify resource records. Vehicular DNS communications need authentication to verify the source and legitimacy of DNS resource records. This can be achieved through multihop Vehicle- to-Vehicle communications to reach a name server supplemented by a novel approach to verify records using the Bloom filter.In this thesis, we analyze the security and privacy risks posed by a non-authenticated baseline communication protocol. We then build a secure and privacy-preserving networked system based on pseudonym certificate-based public key infrastructure solution. The experimental analysis confirmed the improvement on security and privacy at the cost of communication and computation overhead. / Domännamnssystemet är en hierarkisk benämningssystem som ger information om nätverksresurser eller tjänster för givna domännamn. DNS application i fordon nätverk framkallar nya utmaningar när det handlar om datasäkerhet och fordons integritet. Det är särskilt fordon kommunikation utanför vägkant-infrastrukturens räckvidd som behöver bevara och försäkra operationer av DNS applikation i fordon nätverk. Multicast DNS är en föreslagen metod för att begränsa förfrågan till fordon i en fordon-till-all-miljö som kan inkludera andra anslutna enheter. Nuvarande applikationer förlitar sig på en robust säkerhetsprotokoll som kommer från DNS säkerhetsförlängning för att autentisera svar och verifiera resurs rekord. Fordon DNS kommunikationer behöver autentisering för att verifiera källor och legitimitet av DNS resurs rekord. Detta kan uppnås genom multihop fordon-till-fordon kommunikation för att ansluta sig till en namn server med hjälp av en ny metod för att verifiera uppgifter med hjälp av bloomfilter datastruktur.I tesen analyserar vi risken som finns i en icke-autentiserad integritets-läckande kommunikationsprotokoll. Vi bygger sedan ett nätverk och använder en pseudonym certifikatbaserad publik nyckel infrastruktur lösning för att undersöka förbättringar inom säkerhet och integritet. Analysen från experimenten visar att det finns en förbättring för säkerhet och integritet i utbyte mot tidsprestanda, vilket är en intressant kompromiss.

Vehicular Communications

DNS

Security and Privacy

PKI

Pseudonym

Bloom Filter

Vehicle Multi-hop Protocol

Fordonskommunikation

DNS

Säkerhet och integritet

PKI

Pseudonym

Bloom filter

Fordons multihopp-protokoll

Computer and Information Sciences

Data- och informationsvetenskap

Adapting E–Commerce Success Factors to Service-Oriented E–Business : A Comparative Analysis

Guzman Bacarreza, Victor, Al-Hakimi, Mazen

January 2024

This thesis explores the potential for integrating established e-commerce success factors (ECSF) into service-oriented e-business (SOEB). It examines whether traditional e-commerce principles can be adapted to SOEB practices. The research follows a dual-path approach, analyzing the SOEB literature and comparing empirical data from SOEB practices with this literature, as well as conducting a parallel comparative analysis of ECSF to determine which factors are relevant in the context of SOEB. Our findings reveal that while ECSF cannot be directly replicated in SOEB due to different operational contexts, many ECSF are naturally aligned with SOEB domain needs, but require contextual adaptation. Key success factors such as customer relationship management & customer support, personalized service delivery, platform usability, and robust security measures are important for both domains. The study also highlights the growing importance of servitization and social sustainability in SOEB, reflecting a shift in consumer values toward more socially responsible business practices. A theoretical model was developed to illustrate the transferability of ECSF to SOEB. This model distinguishes foundational factors already integrated to SOEB and identifies new factors for future exploration. It serves as a practical framework for industry practitioners seeking to extend SOEB operations through the use of e-commerce strategies. The research contributes to the academic discussion by bridging the unexplored gap between e-commerce and SOEB literature and presents an approach to incorporate ECSF to SOEB contexts. Future research directions include empirically testing the theoretical model, exploring additional e-commerce success factors, and investigating the role of emerging technologies and social sustainability in SOEB.

E-Commerce Success Factors (ECSF)

Service-Oriented E-Business (SOEB)

Customer Relationship Management (CRM)

Web/Platform Design & Usability

Digitalization

Service Quality

System Quality

Servitization

Personalization

Trust

Security & Privacy

Social Sustainability

Övrig annan teknik

An Image-based ML Approach for Wi-Fi Intrusion Detection System and Education Modules for Security and Privacy in ML

Rayed Suhail Ahmad (18476697)

02 May 2024

<p dir="ltr">The research work presented in this thesis focuses on two highly important topics in the modern age. The first topic of research is the development of various image-based Network Intrusion Detection Systems (NIDSs) and performing a comprehensive analysis of their performance. Wi-Fi networks have become ubiquitous in enterprise and home networks which creates opportunities for attackers to target the networks. These attackers exploit various vulnerabilities in Wi-Fi networks to gain unauthorized access to a network or extract data from end users' devices. The deployment of an NIDS helps detect these attacks before they can cause any significant damages to the network's functionalities or security. Within the scope of our research, we provide a comparative analysis of various deep learning (DL)-based NIDSs that utilize various imaging techniques to detect anomalous traffic in a Wi-Fi network. The second topic in this thesis is the development of learning modules for security and privacy in Machine Learning (ML). The increasing integration of ML in various domains raises concerns about its security and privacy. In order to effectively address such concerns, students learning about the basics of ML need to be made aware of the steps that are taken to develop robust and secure ML-based systems. As part of this, we introduce a set of hands-on learning modules designed to educate students on the importance of security and privacy in ML. The modules provide a theoretical learning experience through presentations and practical experience using Python Notebooks. The modules are developed in a manner that allows students to easily absorb the concepts regarding privacy and security of ML models and implement it in real-life scenarios. The efficacy of this process will be obtained from the results of the surveys conducted before and after providing the learning modules. Positive results from the survey will demonstrate the learning modules were effective in imparting knowledge to the students and the need to incorporate security and privacy concepts in introductory ML courses.</p>

Data and information privacy

Data security and protection

System and network security

Adversarial machine learning

Deep learning

adversarial machine learning (AdvML)

Adversarial Machine Learning

Privacy Preserving Machine Learning

PPML

AML

Cyber Security

AWID

AWID3

Cybersecurity Education

Intrusion Detection

Wi-Fi Networks

Deep Learning

Wireless Intrusion Detection

Security and Privacy