Matching Items (7)
Filtering by

Clear all filters

187772-Thumbnail Image.png
Description
As computers and the Internet have become integral to daily life, the potential gains from exploiting these resources have increased significantly. The global landscape is now rife with highly skilled wrongdoers seeking to steal from and disrupt society. In order to safeguard society and its infrastructure, a comprehensive approach to

As computers and the Internet have become integral to daily life, the potential gains from exploiting these resources have increased significantly. The global landscape is now rife with highly skilled wrongdoers seeking to steal from and disrupt society. In order to safeguard society and its infrastructure, a comprehensive approach to research is essential. This work aims to enhance security from three unique viewpoints by expanding the resources available to educators, users, and analysts. For educators, a capture the flag as-a-service was developed to support cybersecurity education. This service minimizes the skill and time needed to establish the infrastructure for hands-on hacking experiences for cybersecurity students. For users, a tool called CloakX was created to improve online anonymity. CloakX prevents the identification of browser extensions by employing both static and dynamic rewriting techniques, thwarting contemporary methods of detecting installed extensions and thus protecting user identity. Lastly, for cybersecurity analysts, a tool named Witcher was developed to automate the process of crawling and exercising web applications while identifying web injection vulnerabilities. Overall, these contributions serve to strengthen security education, bolster privacy protection for users, and facilitate vulnerability discovery for cybersecurity analysts.
ContributorsTrickel, Erik (Author) / Doupe, Adam (Thesis advisor) / Shoshitaishvili, Yan (Thesis advisor) / Bao, Tiffany (Committee member) / Wang, Ruoyu (Committee member) / Arizona State University (Publisher)
Created2023
131235-Thumbnail Image.png
DescriptionA two-way deterministic finite pushdown automaton ("2PDA") is developed for the Lua language. This 2PDA is evaluated against both a purpose-built Lua syntax test suite and the test suite used by the reference implementation of Lua, and fully passes both.
ContributorsStevens, Kevin A (Author) / Shoshitaishvili, Yan (Thesis director) / Wang, Ruoyu (Committee member) / School of Mathematical and Statistical Sciences (Contributor) / Computer Science and Engineering Program (Contributor, Contributor) / Barrett, The Honors College (Contributor)
Created2020-05
165085-Thumbnail Image.png
Description
Wardriving is when prospective malicious hackers drive with a portable computer to sniff out and map potentially vulnerable networks. With the advent of smart homes and other Internet of Things devices, this poses the possibility of more unsecure targets. The hardware available to the public has also miniaturized and gotten

Wardriving is when prospective malicious hackers drive with a portable computer to sniff out and map potentially vulnerable networks. With the advent of smart homes and other Internet of Things devices, this poses the possibility of more unsecure targets. The hardware available to the public has also miniaturized and gotten more powerful. One no longer needs to carry a complete laptop to carry out network mapping. With this miniaturization and greater popularity of quadcopter technology, the two can be combined to create a more efficient wardriving setup in a potentially more target-rich environment. Thus, we set out to create a prototype as a proof of concept of this combination. By creating a bracket for a Raspberry Pi to be mounted to a drone with other wireless sniffing equipment, we demonstrate that one can use various off the shelf components to create a powerful network detection device. In this write up, we also outline some of the challenges encountered by combining these two technologies, as well as the solutions to those challenges. Adding payload weight to drones that are not initially designed for it causes detrimental effects to various characteristics such as flight behavior and power consumption. Less computing power is available due to the miniaturization that must take place for a drone-mounted solution. Communication between the miniature computer and a ground control computer is also essential in overall system operation. Below, we highlight solutions to these various problems as well as improvements that can be implemented for maximum system effectiveness.
ContributorsHer, Zachary (Author) / Walker, Elizabeth (Co-author) / Gupta, Sandeep (Thesis director) / Wang, Ruoyu (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor)
Created2022-05
165086-Thumbnail Image.png
Description

Wardriving is when prospective malicious hackers drive with a portable computer to sniff out and map potentially vulnerable networks. With the advent of smart homes and other Internet of Things devices, this poses the possibility of more unsecure targets. The hardware available to the public has also miniaturized and gotten

Wardriving is when prospective malicious hackers drive with a portable computer to sniff out and map potentially vulnerable networks. With the advent of smart homes and other Internet of Things devices, this poses the possibility of more unsecure targets. The hardware available to the public has also miniaturized and gotten more powerful. One no longer needs to carry a complete laptop to carry out network mapping. With this miniaturization and greater popularity of quadcopter technology, the two can be combined to create a more efficient wardriving setup in a potentially more target-rich environment. Thus, we set out to create a prototype as a proof of concept of this combination. By creating a bracket for a Raspberry Pi to be mounted to a drone with other wireless sniffing equipment, we demonstrate that one can use various off the shelf components to create a powerful network detection device. In this write up, we also outline some of the challenges encountered by combining these two technologies, as well as the solutions to those challenges. Adding payload weight to drones that are not initially designed for it causes detrimental effects to various characteristics such as flight behavior and power consumption. Less computing power is available due to the miniaturization that must take place for a drone-mounted solution. Communication between the miniature computer and a ground control computer is also essential in overall system operation. Below, we highlight solutions to these various problems as well as improvements that can be implemented for maximum system effectiveness.

ContributorsWalker, Elizabeth (Author) / Her, Zachary (Co-author) / Gupta, Sandeep (Thesis director) / Wang, Ruoyu (Committee member) / Barrett, The Honors College (Contributor) / Mechanical and Aerospace Engineering Program (Contributor)
Created2022-05
158251-Thumbnail Image.png
Description
The lack of fungibility in Bitcoin has forced its userbase to seek out tools that can heighten their anonymity. Third-party Bitcoin mixers utilize obfuscation techniques to protect participants from blockchain analysis. In recent years, various centralized and decentralized Bitcoin mixing implementations have been proposed in academic literature. Although these methods

The lack of fungibility in Bitcoin has forced its userbase to seek out tools that can heighten their anonymity. Third-party Bitcoin mixers utilize obfuscation techniques to protect participants from blockchain analysis. In recent years, various centralized and decentralized Bitcoin mixing implementations have been proposed in academic literature. Although these methods depict a threat-free environment for users to preserve their anonymity, public Bitcoin mixers continue to be associated with theft and poor implementation.

This research explores the public Bitcoin mixer ecosystem to identify if today's mixing services have adopted academically proposed solutions. This is done through real-world interactions with publicly available mixers to analyze both implementation and resistance to common threats in the mixing landscape. First, proposed decentralized and centralized mixing protocols found in literature are outlined. Then, data is presented from 19 publicly announced mixing services available on the deep web and clearnet. The services are categorized based on popularity with the Bitcoin community and experiments are conducted on five public mixing services: ChipMixer, MixTum, Bitcoin Mixer, CryptoMixer, and Sudoku Wallet.

The results of the experiments highlight a clear gap between public and proposed Bitcoin mixers in both implementation and security. Today's mixing services focus on presenting users with a false sense of control to gain their trust rather then employing secure mixing techniques. As a result, the five selected services lack implementation of academically proposed techniques and display poor resistance to common mixer-related threats.
ContributorsPakki, Jaswant (Author) / Doupe, Adam (Thesis advisor) / Shoshitaishvili, Yan (Committee member) / Wang, Ruoyu (Committee member) / Arizona State University (Publisher)
Created2020
171434-Thumbnail Image.png
Description
Recent advances in techniques allow the extraction of Cyber Threat Information (CTI) from online content, such as social media, blog articles, and posts in discussion forums. Most research work focuses on social media and blog posts since their content is often contributed by cybersecurity experts and is usually of cleaner

Recent advances in techniques allow the extraction of Cyber Threat Information (CTI) from online content, such as social media, blog articles, and posts in discussion forums. Most research work focuses on social media and blog posts since their content is often contributed by cybersecurity experts and is usually of cleaner formats. While posts in online forums are noisier and less structured, online forums attract more users than other sources and contain much valuable information that may help predict cyber threats. Therefore, effectively extracting CTI from online forum posts is an important task in today's data-driven cybersecurity defenses. Many Natural Language Processing (NLP) techniques are applied to the cybersecurity domains to extract the useful information, however, there is still space to improve. In this dissertation, a new Named Entity Recognition framework for cybersecurity domains and thread structure construction methods for unstructured forums are proposed to support the extraction of CTI. Then, extend them to filter the posts in the forums to eliminate non cybersecurity related topics with Cyber Attack Relevance Scale (CARS), extract the cybersecurity knowledgeable users to enhance more information for enhancing cybersecurity, and extract trending topic phrases related to cyber attacks in the hackers forums to find the clues for potential future attacks to predict them.
ContributorsKashihara, Kazuaki (Author) / Baral, Chitta (Thesis advisor) / Doupe, Adam (Committee member) / Blanco, Eduardo (Committee member) / Wang, Ruoyu (Committee member) / Arizona State University (Publisher)
Created2022
190728-Thumbnail Image.png
Description
Human civilization within the last two decades has largely transformed into an online one, with many of its associated activities taking place on computers and complex networked systems -- their analog and real-world equivalents having been rendered obsolete.These activities run the gamut from the ordinary and mundane, like ordering food,

Human civilization within the last two decades has largely transformed into an online one, with many of its associated activities taking place on computers and complex networked systems -- their analog and real-world equivalents having been rendered obsolete.These activities run the gamut from the ordinary and mundane, like ordering food, to complex and large-scale, such as those involving critical infrastructure or global trade and communications. Unfortunately, the activities of human civilization also involve criminal, adversarial, and malicious ones with the result that they also now have their digital equivalents. Ransomware, malware, and targeted cyberattacks are a fact of life today and are instigated not only by organized criminal gangs, but adversarial nation-states and organizations as well. Needless to say, such actions result in disastrous and harmful real-world consequences. As the complexity and variety of software has evolved, so too has the ingenuity of attacks that exploit them; for example modern cyberattacks typically involve sequential exploitation of multiple software vulnerabilities.Compared to a decade ago, modern software stacks on personal computers, laptops, servers, mobile phones, and even Internet of Things (IoT) devices involve a dizzying array of interdependent programs and software libraries, with each of these components presenting attractive attack-surfaces for adversarial actors. However, the responses to this still rely on paradigms that can neither react quickly enough nor scale to increasingly dynamic, ever-changing, and complex software environments. Better approaches are therefore needed, that can assess system readiness and vulnerabilities, identify potential attack vectors and strategies (including ways to counter them), and proactively detect vulnerabilities in complex software before they can be exploited. In this dissertation, I first present a mathematical model and associated algorithms to identify attacker strategies for sequential cyberattacks based on attacker state, attributes and publicly-available vulnerability information.Second, I extend the model and design algorithms to help identify defensive courses of action against attacker strategies. Finally, I present my work to enhance the ability of coverage-based fuzzers to identify software vulnerabilities by providing visibility into complex, internal program-states.
ContributorsPaliath, Vivin Suresh (Author) / Doupe, Adam (Thesis advisor) / Shoshitaishvili, Yan (Thesis advisor) / Wang, Ruoyu (Committee member) / Shakarian, Paulo (Committee member) / Arizona State University (Publisher)
Created2023