ASU Electronic Theses and Dissertations
This collection includes most of the ASU Theses and Dissertations from 2011 to present. ASU Theses and Dissertations are available in downloadable PDF format; however, a small percentage of items are under embargo. Information about the dissertations/theses includes degree information, committee members, an abstract, supporting data or media.
In addition to the electronic theses found in the ASU Digital Repository, ASU Theses and Dissertations can be found in the ASU Library Catalog.
Dissertations and Theses granted by Arizona State University are archived and made available through a joint effort of the ASU Graduate College and the ASU Libraries. For more information or questions about this collection contact or visit the Digital Repository ETD Library Guide or contact the ASU Graduate College at gradformat@asu.edu.
Displaying 1 - 10 of 191
Filtering by
- Creators: Ahn, Gail-Joon
- Creators: Shen, Wei
- Creators: Seo, Jae-Sun
Description
Answer Set Programming (ASP) is one of the most prominent and successful knowledge representation paradigms. The success of ASP is due to its expressive non-monotonic modeling language and its efficient computational methods originating from building propositional satisfiability solvers. The wide adoption of ASP has motivated several extensions to its modeling language in order to enhance expressivity, such as incorporating aggregates and interfaces with ontologies. Also, in order to overcome the grounding bottleneck of computation in ASP, there are increasing interests in integrating ASP with other computing paradigms, such as Constraint Programming (CP) and Satisfiability Modulo Theories (SMT). Due to the non-monotonic nature of the ASP semantics, such enhancements turned out to be non-trivial and the existing extensions are not fully satisfactory. We observe that one main reason for the difficulties rooted in the propositional semantics of ASP, which is limited in handling first-order constructs (such as aggregates and ontologies) and functions (such as constraint variables in CP and SMT) in natural ways. This dissertation presents a unifying view on these extensions by viewing them as instances of formulas with generalized quantifiers and intensional functions. We extend the first-order stable model semantics by by Ferraris, Lee, and Lifschitz to allow generalized quantifiers, which cover aggregate, DL-atoms, constraints and SMT theory atoms as special cases. Using this unifying framework, we study and relate different extensions of ASP. We also present a tight integration of ASP with SMT, based on which we enhance action language C+ to handle reasoning about continuous changes. Our framework yields a systematic approach to study and extend non-monotonic languages.
ContributorsMeng, Yunsong (Author) / Lee, Joohyung (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Baral, Chitta (Committee member) / Fainekos, Georgios (Committee member) / Lifschitz, Vladimir (Committee member) / Arizona State University (Publisher)
Created2013
Description
With the growth of IT products and sophisticated software in various operating systems, I observe that security risks in systems are skyrocketing constantly. Consequently, Security Assessment is now considered as one of primary security mechanisms to measure assurance of systems since systems that are not compliant with security requirements may lead adversaries to access critical information by circumventing security practices. In order to ensure security, considerable efforts have been spent to develop security regulations by facilitating security best-practices. Applying shared security standards to the system is critical to understand vulnerabilities and prevent well-known threats from exploiting vulnerabilities. However, many end users tend to change configurations of their systems without paying attention to the security. Hence, it is not straightforward to protect systems from being changed by unconscious users in a timely manner. Detecting the installation of harmful applications is not sufficient since attackers may exploit risky software as well as commonly used software. In addition, checking the assurance of security configurations periodically is disadvantageous in terms of time and cost due to zero-day attacks and the timing attacks that can leverage the window between each security checks. Therefore, event-driven monitoring approach is critical to continuously assess security of a target system without ignoring a particular window between security checks and lessen the burden of exhausted task to inspect the entire configurations in the system. Furthermore, the system should be able to generate a vulnerability report for any change initiated by a user if such changes refer to the requirements in the standards and turn out to be vulnerable. Assessing various systems in distributed environments also requires to consistently applying standards to each environment. Such a uniformed consistent assessment is important because the way of assessment approach for detecting security vulnerabilities may vary across applications and operating systems. In this thesis, I introduce an automated event-driven security assessment framework to overcome and accommodate the aforementioned issues. I also discuss the implementation details that are based on the commercial-off-the-self technologies and testbed being established to evaluate approach. Besides, I describe evaluation results that demonstrate the effectiveness and practicality of the approaches.
ContributorsSeo, Jeong-Jin (Author) / Ahn, Gail-Joon (Thesis advisor) / Yau, Stephen S. (Committee member) / Lee, Joohyung (Committee member) / Arizona State University (Publisher)
Created2014
Description
Access control is necessary for information assurance in many of today's applications such as banking and electronic health record. Access control breaches are critical security problems that can result from unintended and improper implementation of security policies. Security testing can help identify security vulnerabilities early and avoid unexpected expensive cost in handling breaches for security architects and security engineers. The process of security testing which involves creating tests that effectively examine vulnerabilities is a challenging task. Role-Based Access Control (RBAC) has been widely adopted to support fine-grained access control. However, in practice, due to its complexity including role management, role hierarchy with hundreds of roles, and their associated privileges and users, systematically testing RBAC systems is crucial to ensure the security in various domains ranging from cyber-infrastructure to mission-critical applications. In this thesis, we introduce i) a security testing technique for RBAC systems considering the principle of maximum privileges, the structure of the role hierarchy, and a new security test coverage criterion; ii) a MTBDD (Multi-Terminal Binary Decision Diagram) based representation of RBAC security policy including RHMTBDD (Role Hierarchy MTBDD) to efficiently generate effective positive and negative security test cases; and iii) a security testing framework which takes an XACML-based RBAC security policy as an input, parses it into a RHMTBDD representation and then generates positive and negative test cases. We also demonstrate the efficacy of our approach through case studies.
ContributorsGupta, Poonam (Author) / Ahn, Gail-Joon (Thesis advisor) / Collofello, James (Committee member) / Huang, Dijiang (Committee member) / Arizona State University (Publisher)
Created2014
Description
The digital forensics community has neglected email forensics as a process, despite the fact that email remains an important tool in the commission of crime. Current forensic practices focus mostly on that of disk forensics, while email forensics is left as an analysis task stemming from that practice. As there is no well-defined process to be used for email forensics the comprehensiveness, extensibility of tools, uniformity of evidence, usefulness in collaborative/distributed environments, and consistency of investigations are hindered. At present, there exists little support for discovering, acquiring, and representing web-based email, despite its widespread use. To remedy this, a systematic process which includes discovering, acquiring, and representing web-based email for email forensics which is integrated into the normal forensic analysis workflow, and which accommodates the distinct characteristics of email evidence will be presented. This process focuses on detecting the presence of non-obvious artifacts related to email accounts, retrieving the data from the service provider, and representing email in a well-structured format based on existing standards. As a result, developers and organizations can collaboratively create and use analysis tools that can analyze email evidence from any source in the same fashion and the examiner can access additional data relevant to their forensic cases. Following, an extensible framework implementing this novel process-driven approach has been implemented in an attempt to address the problems of comprehensiveness, extensibility, uniformity, collaboration/distribution, and consistency within forensic investigations involving email evidence.
ContributorsPaglierani, Justin W (Author) / Ahn, Gail-Joon (Thesis advisor) / Yau, Stephen S. (Committee member) / Santanam, Raghu T (Committee member) / Arizona State University (Publisher)
Created2013
Description
Attribute Based Access Control (ABAC) mechanisms have been attracting a lot of interest from the research community in recent times. This is especially because of the flexibility and extensibility it provides by using attributes assigned to subjects as the basis for access control. ABAC enables an administrator of a server to enforce access policies on the data, services and other such resources fairly easily. It also accommodates new policies and changes to existing policies gracefully, thereby making it a potentially good mechanism for implementing access control in large systems, particularly in today's age of Cloud Computing. However management of the attributes in ABAC environment is an area that has been little touched upon. Having a mechanism to allow multiple ABAC based systems to share data and resources can go a long way in making ABAC scalable. At the same time each system should be able to specify their own attribute sets independently. In the research presented in this document a new mechanism is proposed that would enable users to share resources and data in a cloud environment using ABAC techniques in a distributed manner. The focus is mainly on decentralizing the access policy specifications for the shared data so that each data owner can specify the access policy independent of others. The concept of ontologies and semantic web is introduced in the ABAC paradigm that would help in giving a scalable structure to the attributes and also allow systems having different sets of attributes to communicate and share resources.
ContributorsPrabhu Verleker, Ashwin Narayan (Author) / Huang, Dijiang (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Dasgupta, Partha (Committee member) / Arizona State University (Publisher)
Created2014
Description
This thesis addresses the ever increasing threat of botnets in the smartphone domain and focuses on the Android platform and the botnets using Online Social Networks (OSNs) as Command and Control (C&C;) medium. With any botnet, C&C; is one of the components on which the survival of botnet depends. Individual bots use the C&C; channel to receive commands and send the data. This thesis develops active host based approach for identifying the presence of bot based on the anomalies in the usage patterns of the user before and after the bot is installed on the user smartphone and alerting the user to the presence of the bot. A profile is constructed for each user based on the regular web usage patterns (achieved by intercepting the http(s) traffic) and implementing machine learning techniques to continuously learn the user's behavior and changes in the behavior and all the while looking for any anomalies in the user behavior above a threshold which will cause the user to be notified of the anomalous traffic. A prototype bot which uses OSN s as C&C; channel is constructed and used for testing. Users are given smartphones(Nexus 4 and Galaxy Nexus) running Application proxy which intercepts http(s) traffic and relay it to a server which uses the traffic and constructs the model for a particular user and look for any signs of anomalies. This approach lays the groundwork for the future host-based counter measures for smartphone botnets using OSN s as C&C; channel.
ContributorsKilari, Vishnu Teja (Author) / Xue, Guoliang (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Dasgupta, Partha (Committee member) / Arizona State University (Publisher)
Created2013
Description
To uncover the neural correlates to go-directed behavior, single unit action potentials are considered fundamental computing units and have been examined by different analytical methodologies under a broad set of hypotheses. Using a behaving rat performing a directional choice learning task, we aim to study changes in rat's cortical neural patterns while he improved his task performance accuracy from chance to 80% or higher. Specifically, simultaneous multi-channel single unit neural recordings from the rat's agranular medial (AGm) and Agranular lateral (AGl) cortices were analyzed using joint peristimulus time histogram (JPSTHs), which effectively unveils firing coincidences in neural action potentials. My results based on data from six rats revealed that coincidences of pair-wise neural action potentials are higher when rats were performing the task than they were not at the learning stage, and this trend abated after the rats learned the task. Another finding is that the coincidences at the learning stage are stronger than that when the rats learned the task especially when they were performing the task. Therefore, this coincidence measure is the highest when the rats were performing the task at the learning stage. This may suggest that neural coincidences play a role in the coordination and communication among populations of neurons engaged in a purposeful act. Additionally, attention and working memory may have contributed to the modulation of neural coincidences during the designed task.
ContributorsCheng, Bing (Author) / Si, Jennie (Thesis advisor) / Chae, Junseok (Committee member) / Seo, Jae-Sun (Committee member) / Arizona State University (Publisher)
Created2014
Description
Photovoltaic (PV) systems are affected by converter losses, partial shading and other mismatches in the panels. This dissertation introduces a sub-panel maximum power point tracking (MPPT) architecture together with an integrated CMOS current sensor circuit on a chip to reduce the mismatch effects, losses and increase the efficiency of the PV system. The sub-panel MPPT increases the efficiency of the PV during the shading and replaces the bypass diodes in the panels with an integrated MPPT and DC-DC regulator. For the integrated MPPT and regulator, the research developed an integrated standard CMOS low power and high common mode range Current-to-Digital Converter (IDC) circuit and its application for DC-DC regulator and MPPT. The proposed charge based CMOS switched-capacitor circuit directly digitizes the output current of the DC-DC regulator without an analog-to-digital converter (ADC) and the need for high-voltage process technology. Compared to the resistor based current-sensing methods that requires current-to-voltage circuit, gain block and ADC, the proposed CMOS IDC is a low-power efficient integrated circuit that achieves high resolution, lower complexity, and lower power consumption. The IDC circuit is fabricated on a 0.7 um CMOS process, occupies 2mm x 2mm and consumes less than 27mW. The IDC circuit has been tested and used for boost DC-DC regulator and MPPT for photo-voltaic system. The DC-DC converter has an efficiency of 95%. The sub-module level power optimization improves the output power of a shaded panel by up to 20%, compared to panel MPPT with bypass diodes.
ContributorsMarti-Arbona, Edgar (Author) / Kiaei, Sayfe (Thesis advisor) / Bakkaloglu, Bertan (Committee member) / Kitchen, Jennifer (Committee member) / Seo, Jae-Sun (Committee member) / Arizona State University (Publisher)
Created2014
Description
The widespread adoption of mobile devices gives rise to new opportunities and challenges for authentication mechanisms. Many traditional authentication mechanisms become unsuitable for smart devices. For example, while password is widely used on computers as user identity authentication, inputting password on small smartphone screen is error-prone and not convenient. In the meantime, there are emerging demands for new types of authentication. Proximity authentication is an example, which is not needed for computers but quite necessary for smart devices. These challenges motivate me to study and develop novel authentication mechanisms specific for smart devices.
In this dissertation, I am interested in the special authentication demands of smart devices and about to satisfy the demands. First, I study how the features of smart devices affect user identity authentications. For identity authentication domain, I aim to design a continuous, forge-resistant authentication mechanism that does not interrupt user-device interactions. I propose a mechanism that authenticates user identity based on the user's finger movement patterns. Next, I study a smart-device-specific authentication, proximity authentication, which authenticates whether two devices are in close proximity. For prox- imity authentication domain, I aim to design a user-friendly authentication mechanism that can defend against relay attacks. In addition, I restrict the authenticated distance to the scale of near field, i.e., a few centimeters. My first design utilizes a user's coherent two-finger movement on smart device screen to restrict the distance. To achieve a fully-automated system, I explore acoustic communications and propose a novel near field authentication system.
In this dissertation, I am interested in the special authentication demands of smart devices and about to satisfy the demands. First, I study how the features of smart devices affect user identity authentications. For identity authentication domain, I aim to design a continuous, forge-resistant authentication mechanism that does not interrupt user-device interactions. I propose a mechanism that authenticates user identity based on the user's finger movement patterns. Next, I study a smart-device-specific authentication, proximity authentication, which authenticates whether two devices are in close proximity. For prox- imity authentication domain, I aim to design a user-friendly authentication mechanism that can defend against relay attacks. In addition, I restrict the authenticated distance to the scale of near field, i.e., a few centimeters. My first design utilizes a user's coherent two-finger movement on smart device screen to restrict the distance. To achieve a fully-automated system, I explore acoustic communications and propose a novel near field authentication system.
ContributorsLi, Lingjun (Author) / Xue, Guoliang (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Ye, Jieping (Committee member) / Zhang, Yanchao (Committee member) / Arizona State University (Publisher)
Created2014
Description
This work describes the development of automated flows to generate pad rings, mixed signal power grids, and mega cells in a multi-project test chip. There were three major design flows that were created to create the test chip. The first was the pad ring which was used as the staring block for creating the test chip. This flow put all of the signals for the chip in the order that was wanted along the outside of the die along with creation of the power ring that is used to supply the chip with a robust power source.
The second flow that was created was used to put together a flash block that is based off of a XILIX XCFXXP. This flow was somewhat similar to how the pad ring flow worked except that optimizations and a clock tree was added into the flow. There was a couple of design redoes due to timing and orientation constraints.
Finally, the last flow that was created was the top level flow which is where all of the components are combined together to create a finished test chip ready for fabrication. The main components that were used were the finished flash block, HERMES, test structures, and a clock instance along with the pad ring flow for the creation of the pad ring and power ring.
Also discussed is some work that was done on a previous multi-project test chip. The work that was done was the creation of power gaters that were used like switches to turn the power on and off for some flash modules. To control the power gaters the functionality change of some pad drivers was done so that they output a higher voltage than what is seen in the core of the chip.
The second flow that was created was used to put together a flash block that is based off of a XILIX XCFXXP. This flow was somewhat similar to how the pad ring flow worked except that optimizations and a clock tree was added into the flow. There was a couple of design redoes due to timing and orientation constraints.
Finally, the last flow that was created was the top level flow which is where all of the components are combined together to create a finished test chip ready for fabrication. The main components that were used were the finished flash block, HERMES, test structures, and a clock instance along with the pad ring flow for the creation of the pad ring and power ring.
Also discussed is some work that was done on a previous multi-project test chip. The work that was done was the creation of power gaters that were used like switches to turn the power on and off for some flash modules. To control the power gaters the functionality change of some pad drivers was done so that they output a higher voltage than what is seen in the core of the chip.
ContributorsLieb, Christopher (Author) / Clark, Lawrence (Thesis advisor) / Holbert, Keith E. (Committee member) / Seo, Jae-Sun (Committee member) / Arizona State University (Publisher)
Created2015