ASU Electronic Theses and Dissertations
This collection includes most of the ASU Theses and Dissertations from 2011 to present. ASU Theses and Dissertations are available in downloadable PDF format; however, a small percentage of items are under embargo. Information about the dissertations/theses includes degree information, committee members, an abstract, supporting data or media.
In addition to the electronic theses found in the ASU Digital Repository, ASU Theses and Dissertations can be found in the ASU Library Catalog.
Dissertations and Theses granted by Arizona State University are archived and made available through a joint effort of the ASU Graduate College and the ASU Libraries. For more information or questions about this collection contact or visit the Digital Repository ETD Library Guide or contact the ASU Graduate College at gradformat@asu.edu.
Displaying 121 - 123 of 123
Filtering by
- Creators: Ahn, Gail-Joon
- Creators: Mobasher, Barzin
Description
Despite extensive research by the security community, cyberattacks such as phishing and Internet of Things (IoT) attacks remain profitable to criminals and continue to cause substantial damage not only to the victim users that they target, but also the organizations they impersonate. In recent years, phishing websites have taken the place of malware websites as the most prevalent web-based threat. Even though technical countermeasures effectively mitigate web-based malware, phishing websites continue to grow in sophistication and successfully slip past modern defenses. Phishing attack and its countermeasure have entered into a new era, where one side has upgraded their weapon, attempting to conquer the other. In addition, the amount and usage of IoT devices increases rapidly because of the development and deployment of 5G network. Although researchers have proposed secure execution environment, attacks targeting those devices can often succeed. Therefore, the security community desperately needs detection and prevention methodologies to fight against phishing and IoT attacks. In this dissertation, I design a framework, named CrawlPhish, to understand the prevalence and nature of such sophistications, including cloaking, in phishing attacks, which evade detections from the anti-phishing ecosystem by distinguishing the traffic between a crawler and a real Internet user and hence maximize the return-on-investment from phishing attacks. CrawlPhish also detects and categorizes client-side cloaking techniques in phishing with scalability and automation. Furthermore, I focus on the analysis redirection abuse in advanced phishing websites and hence propose mitigations to classify malicious redirection use via machine learning algorithms. Based on the observations from previous work, from the perspective of prevention, I design a novel anti-phishing system called Spartacus that can be deployed from the user end to completely neutralize phishing attacks.
Lastly, inspired by Spartacus, I propose iCore, which proactively monitors the operations in the trusted execution environment to identify any maliciousness.
ContributorsZhang, Penghui (Author) / Ahn, Gail-Joon (Thesis advisor) / Doupe, Adam (Thesis advisor) / Oest, Adam (Committee member) / Kapravelos, Alexandros (Committee member) / Arizona State University (Publisher)
Created2022
Description
Studies on underground forums can significantly advance the understanding of cybercrime workflow and underground economies. However, research on underground forums has concentrated on public information with little attention paid to users’ private interactions. Since detailed information will be discussed privately, the failure to investigate private interactions may miss critical intelligence and even misunderstand the entire underground economy. Furthermore, underground forums have evolved into criminal freelance markets where criminals trade illicit products and cybercrime services, allowing unsophisticated people to launch sophisticated cyber attacks. However, current research rarely examines and explores how criminals interact with each other, which makes researchers miss the opportunities to detect new cybercrime patterns proactively. Moreover, in clearnet, criminals are active in exploiting human vulnerabilities to conduct various attacks, and the phishing attack is one of the most prevalent types of cybercrime. Phishing awareness training has been proven to decrease the rate of clicking phishing emails. However, the rate of reporting phishing attacks is unexpectedly low based on recent studies, leaving phishing websites with hours of additional active time before being detected. In this dissertation, I first present an analysis of private interactions in underground forums and introduce machine learning-based approaches to detect hidden connections between users. Secondly, I analyze how criminals collaborate with each other in an emerging scam service in underground forums that exploits the return policies of merchants to get a refund or a replacement without returning the purchased products. Finally, I conduct a comprehensive evaluation of the phishing reporting ecosystem to identify the critical challenges while reporting phishing attacks to enable people to fight against phishers proactively.
ContributorsSun, Zhibo (Author) / Ahn, Gail-Joon (Thesis advisor) / Doupe, Adam (Thesis advisor) / Bao, Tiffany (Committee member) / Benjamin, Victor (Committee member) / Arizona State University (Publisher)
Created2022
Description
Alkali-activated aluminosilicates, commonly known as "geopolymers", are being increasingly studied as a potential replacement for Portland cement. These binders use an alkaline activator, typically alkali silicates, alkali hydroxides or a combination of both along with a silica-and-alumina rich material, such as fly ash or slag, to form a final product with properties comparable to or better than those of ordinary Portland cement. The kinetics of alkali activation is highly dependent on the chemical composition of the binder material and the activator concentration. The influence of binder composition (slag, fly ash or both), different levels of alkalinity, expressed using the ratios of Na2O-to-binders (n) and activator SiO2-to-Na2O ratios (Ms), on the early age behavior in sodium silicate solution (waterglass) activated fly ash-slag blended systems is discussed in this thesis. Optimal binder composition and the n values are selected based on the setting times. Higher activator alkalinity (n value) is required when the amount of slag in the fly ash-slag blended mixtures is reduced. Isothermal calorimetry is performed to evaluate the early age hydration process and to understand the reaction kinetics of the alkali activated systems. The differences in the calorimetric signatures between waterglass activated slag and fly ash-slag blends facilitate an understanding of the impact of the binder composition on the reaction rates. Kinetic modeling is used to quantify the differences in reaction kinetics using the Exponential as well as the Knudsen method. The influence of temperature on the reaction kinetics of activated slag and fly ash-slag blends based on the hydration parameters are discussed. Very high compressive strengths can be obtained both at early ages as well as later ages (more than 70 MPa) with waterglass activated slag mortars. Compressive strength decreases with the increase in the fly ash content. A qualitative evidence of leaching is presented through the electrical conductivity changes in the saturating solution. The impact of leaching and the strength loss is found to be generally higher for the mixtures made using a higher activator Ms and a higher n value. Attenuated Total Reflectance-Fourier Transform Infrared Spectroscopy (ATR-FTIR) is used to obtain information about the reaction products.
ContributorsChithiraputhiran, Sundara Raman (Author) / Neithalath, Narayanan (Thesis advisor) / Rajan, Subramaniyam D (Committee member) / Mobasher, Barzin (Committee member) / Arizona State University (Publisher)
Created2012