Matching Items (13)
Filtering by
- All Subjects: Computer Engineering
- All Subjects: Game Theory
- Creators: Xue, Guoliang
Description
Android is currently the most widely used mobile operating system. The permission model in Android governs the resource access privileges of applications. The permission model however is amenable to various attacks, including re-delegation attacks, background snooping attacks and disclosure of private information. This thesis is aimed at understanding, analyzing and performing forensics on application behavior. This research sheds light on several security aspects, including the use of inter-process communications (IPC) to perform permission re-delegation attacks.
Android permission system is more of app-driven rather than user controlled, which means it is the applications that specify their permission requirement and the only thing which the user can do is choose not to install a particular application based on the requirements. Given the all or nothing choice, users succumb to pressures and needs to accept permissions requested. This thesis proposes a couple of ways for providing the users finer grained control of application privileges. The same methods can be used to evade the Permission Re-delegation attack.
This thesis also proposes and implements a novel methodology in Android that can be used to control the access privileges of an Android application, taking into consideration the context of the running application. This application-context based permission usage is further used to analyze a set of sample applications. We found the evidence of applications spoofing or divulging user sensitive information such as location information, contact information, phone id and numbers, in the background. Such activities can be used to track users for a variety of privacy-intrusive purposes. We have developed implementations that minimize several forms of privacy leaks that are routinely done by stock applications.
Android permission system is more of app-driven rather than user controlled, which means it is the applications that specify their permission requirement and the only thing which the user can do is choose not to install a particular application based on the requirements. Given the all or nothing choice, users succumb to pressures and needs to accept permissions requested. This thesis proposes a couple of ways for providing the users finer grained control of application privileges. The same methods can be used to evade the Permission Re-delegation attack.
This thesis also proposes and implements a novel methodology in Android that can be used to control the access privileges of an Android application, taking into consideration the context of the running application. This application-context based permission usage is further used to analyze a set of sample applications. We found the evidence of applications spoofing or divulging user sensitive information such as location information, contact information, phone id and numbers, in the background. Such activities can be used to track users for a variety of privacy-intrusive purposes. We have developed implementations that minimize several forms of privacy leaks that are routinely done by stock applications.
ContributorsGollapudi, Narasimha Aditya (Author) / Dasgupta, Partha (Thesis advisor) / Xue, Guoliang (Committee member) / Doupe, Adam (Committee member) / Arizona State University (Publisher)
Created2014
Description
Need-based transfers (NBTs) are a form of risk-pooling in which binary welfare exchanges
occur to preserve the viable participation of individuals in an economy, e.g. reciprocal gifting
of cattle among East African herders or food sharing among vampire bats. With the
broad goal of better understanding the mathematics of such binary welfare and risk pooling,
agent-based simulations are conducted to explore socially optimal transfer policies
and sharing network structures, kinetic exchange models that utilize tools from the kinetic
theory of gas dynamics are utilized to characterize the wealth distribution of an NBT economy,
and a variant of repeated prisoner’s dilemma is analyzed to determine whether and
why individuals would participate in such a system of reciprocal altruism.
From agent-based simulation and kinetic exchange models, it is found that regressive
NBT wealth redistribution acts as a cutting stock optimization heuristic that most efficiently
matches deficits to surpluses to improve short-term survival; however, progressive
redistribution leads to a wealth distribution that is more stable in volatile environments and
therefore is optimal for long-term survival. Homogeneous sharing networks with low variance
in degree are found to be ideal for maintaining community viability as the burden and
benefit of NBTs is equally shared. Also, phrasing NBTs as a survivor’s dilemma reveals
parameter regions where the repeated game becomes equivalent to a stag hunt or harmony
game, and thus where cooperation is evolutionarily stable.
occur to preserve the viable participation of individuals in an economy, e.g. reciprocal gifting
of cattle among East African herders or food sharing among vampire bats. With the
broad goal of better understanding the mathematics of such binary welfare and risk pooling,
agent-based simulations are conducted to explore socially optimal transfer policies
and sharing network structures, kinetic exchange models that utilize tools from the kinetic
theory of gas dynamics are utilized to characterize the wealth distribution of an NBT economy,
and a variant of repeated prisoner’s dilemma is analyzed to determine whether and
why individuals would participate in such a system of reciprocal altruism.
From agent-based simulation and kinetic exchange models, it is found that regressive
NBT wealth redistribution acts as a cutting stock optimization heuristic that most efficiently
matches deficits to surpluses to improve short-term survival; however, progressive
redistribution leads to a wealth distribution that is more stable in volatile environments and
therefore is optimal for long-term survival. Homogeneous sharing networks with low variance
in degree are found to be ideal for maintaining community viability as the burden and
benefit of NBTs is equally shared. Also, phrasing NBTs as a survivor’s dilemma reveals
parameter regions where the repeated game becomes equivalent to a stag hunt or harmony
game, and thus where cooperation is evolutionarily stable.
ContributorsKayser, Kirk (Author) / Armbruster, Dieter (Thesis advisor) / Lampert, Adam (Committee member) / Ringhofer, Christian (Committee member) / Motsch, Sebastien (Committee member) / Gardner, Carl (Committee member) / Arizona State University (Publisher)
Created2018
Description
One of the salient challenges of sustainability is the Tragedy of the Commons, where individuals acting independently and rationally deplete a common resource despite their understanding that it is not in the group's long term best interest to do so. Hardin presents this dilemma as nearly intractable and solvable only by drastic, government-mandated social reforms, while Ostrom's empirical work demonstrates that community-scale collaboration can circumvent tragedy without any elaborate outside intervention. Though more optimistic, Ostrom's work provides scant insight into larger-scale dilemmas such as climate change. Consequently, it remains unclear if the sustainable management of global resources is possible without significant government mediation. To investigate, we conducted two game theoretic experiments that challenged students in different countries to collaborate digitally and manage a hypothetical common resource. One experiment involved students attending Arizona State University and the Rochester Institute of Technology in the US and Mountains of the Moon University in Uganda, while the other included students at Arizona State and the Management Development Institute in India. In both experiments, students were randomly assigned to one of three production roles: Luxury, Intermediate, and Subsistence. Students then made individual decisions about how many units of goods they wished to produce up to a set maximum per production class. Luxury players gain the most profit (i.e. grade points) per unit produced, but they also emit the most externalities, or social costs, which directly subtract from the profit of everybody else in the game; Intermediate players produce a medium amount of profit and externalities per unit, and Subsistence players produce a low amount of profit and externalities per unit. Variables influencing and/or inhibiting collaboration were studied using pre- and post-game surveys. This research sought to answer three questions: 1) Are international groups capable of self-organizing in a way that promotes sustainable resource management?, 2) What are the key factors that inhibit or foster collective action among international groups?, and 3) How well do Hardin's theories and Ostrom's empirical models predict the observed behavior of students in the game? The results of gameplay suggest that international cooperation is possible, though likely sub-optimal. Statistical analysis of survey data revealed that heterogeneity and levels of trust significantly influenced game behavior. Specific traits of heterogeneity among students found to be significant were income, education, assigned production role, number of people in one's household, college class, college major, and military service. Additionally, it was found that Ostrom's collective action framework was a better predictor of game outcome than Hardin's theories. Overall, this research lends credence to the plausibility of international cooperation in tragedy of the commons scenarios such as climate change, though much work remains to be done.
ContributorsStanton, Albert Grayson (Author) / Clark, Susan Spierre (Thesis director) / Seager, Thomas (Committee member) / Civil, Environmental and Sustainable Engineering Programs (Contributor) / Barrett, The Honors College (Contributor)
Created2014-12
Description
This dissertation investigates the dynamics of evolutionary games based on the framework of interacting particle systems in which individuals are discrete, space is explicit, and dynamics are stochastic. Its focus is on 2-strategy games played on a d-dimensional integer lattice with a range of interaction M. An overview of related past work is given along with a summary of the dynamics in the mean-field model, which is described by the replicator equation. Then the dynamics of the interacting particle system is considered, first when individuals are updated according to the best-response update process and then the death-birth update process. Several interesting results are derived, and the differences between the interacting particle system model and the replicator dynamics are emphasized. The terms selfish and altruistic are defined according to a certain ordering of payoff parameters. In these terms, the replicator dynamics are simple: coexistence occurs if both strategies are altruistic; the selfish strategy wins if one strategy is selfish and the other is altruistic; and there is bistability if both strategies are selfish. Under the best-response update process, it is shown that there is no bistability region. Instead, in the presence of at least one selfish strategy, the most selfish strategy wins, while there is still coexistence if both strategies are altruistic. Under the death-birth update process, it is shown that regardless of the range of interactions and the dimension, regions of coexistence and bistability are both reduced. Additionally, coexistence occurs in some parameter region for large enough interaction ranges. Finally, in contrast with the replicator equation and the best-response update process, cooperators can win in the prisoner's dilemma for the death-birth process in one-dimensional nearest-neighbor interactions.
ContributorsEvilsizor, Stephen (Author) / Lanchier, Nicolas (Thesis advisor) / Kang, Yun (Committee member) / Motsch, Sebastien (Committee member) / Smith, Hal (Committee member) / Thieme, Horst (Committee member) / Arizona State University (Publisher)
Created2016
Description
Imagine that we have a piece of matter that can change its physical properties like its shape, density, conductivity, or color in a programmable fashion based on either user input or autonomous sensing. This is the vision behind what is commonly known as programmable matter. Envisioning systems of nano-sensors devices, programmable matter consists of systems of simple computational elements, called particles, that can establish and release bonds, compute, and can actively move in a self-organized way. In this dissertation the feasibility of solving fundamental problems relevant for programmable matter is investigated. As a model for such self-organizing particle systems (SOPS), the geometric amoebot model is introduced. In this model, particles only have local information and have modest computational power. They achieve locomotion by expanding and contracting, which resembles the behavior of amoeba. Under this model, efficient local-control algorithms for the leader election problem in SOPS are presented. As a central problem for programmable matter, shape formation problems are then studied. The limitations of solving the leader election problem and the shape formation problem on a more general version of the amoebot model are also discussed. The \smart paint" problem is also studied which aims at having the particles self-organize in order to uniformly coat the surface of an object of arbitrary shape and size, forming multiple coating layers if necessary. A Universal Coating algorithm is presented and shown to be asymptotically worst-case optimal both in terms of time with high probability and work. In particular, the algorithm always terminates within a linear number of rounds with high probability. A linear lower bound on the competitive gap between fully local coating algorithms and coating algorithms that rely on global information is presented, which implies that the proposed algorithm is also optimal in a competitive sense. Simulation results show that the competitive ratio of the proposed algorithm may be better than linear in practice. Developed algorithms utilize only local control, require only constant-size memory particles, and are asymptotically optimal in terms of the total number of particle movements needed to reach the desired shape configuration.
ContributorsDerakhshandeh, Zahra (Author) / Richa, Andrea (Thesis advisor) / Sen, Arunabha (Thesis advisor) / Xue, Guoliang (Committee member) / Scheideler, Christian (Committee member) / Arizona State University (Publisher)
Created2017
Description
While network problems have been addressed using a central administrative domain with a single objective, the devices in most networks are actually not owned by a single entity but by many individual entities. These entities make their decisions independently and selfishly, and maybe cooperate with a small group of other entities only when this form of coalition yields a better return. The interaction among multiple independent decision-makers necessitates the use of game theory, including economic notions related to markets and incentives. In this dissertation, we are interested in modeling, analyzing, addressing network problems caused by the selfish behavior of network entities. First, we study how the selfish behavior of network entities affects the system performance while users are competing for limited resource. For this resource allocation domain, we aim to study the selfish routing problem in networks with fair queuing on links, the relay assignment problem in cooperative networks, and the channel allocation problem in wireless networks. Another important aspect of this dissertation is the study of designing efficient mechanisms to incentivize network entities to achieve certain system objective. For this incentive mechanism domain, we aim to motivate wireless devices to serve as relays for cooperative communication, and to recruit smartphones for crowdsourcing. In addition, we apply different game theoretic approaches to problems in security and privacy domain. For this domain, we aim to analyze how a user could defend against a smart jammer, who can quickly learn about the user's transmission power. We also design mechanisms to encourage mobile phone users to participate in location privacy protection, in order to achieve k-anonymity.
ContributorsYang, Dejun (Author) / Xue, Guoliang (Thesis advisor) / Richa, Andrea (Committee member) / Sen, Arunabha (Committee member) / Zhang, Junshan (Committee member) / Arizona State University (Publisher)
Created2013
Description
Modern data center networks require efficient and scalable security analysis approaches that can analyze the relationship between the vulnerabilities. Utilizing the Attack Representation Methods (ARMs) and Attack Graphs (AGs) enables the security administrator to understand the cloud network’s current security situation at the low-level. However, the AG approach suffers from scalability challenges. It relies on the connectivity between the services and the vulnerabilities associated with the services to allow the system administrator to realize its security state. In addition, the security policies created by the administrator can have conflicts among them, which is often detected in the data plane of the Software Defined Networking (SDN) system. Such conflicts can cause security breaches and increase the flow rules processing delay. This dissertation addresses these challenges with novel solutions to tackle the scalability issue of Attack Graphs and detect security policy conflictsin the application plane before they are transmitted into the data plane for final
installation. Specifically, it introduces a segmentation-based scalable security state
(S3) framework for the cloud network. This framework utilizes the well-known divide-and-conquer approach to divide the large network region into smaller, manageable segments. It follows a well-known segmentation approach derived from the K-means clustering algorithm to partition the system into segments based on the similarity between the services. Furthermore, the dissertation presents unified intent rules that abstract the network administration from the underlying network controller’s format. It develops a networking service solution to use a bounded formal model for network service compliance checking that significantly reduces the complexity of flow rule conflict checking at the data plane level. The solution can be expended from a single SDN domain to multiple SDN domains and hybrid networks by applying network service function chaining (SFC) for inter-domain policy management.
ContributorsSabur, Abdulhakim (Author) / Zhao, Ming (Thesis advisor) / Xue, Guoliang (Committee member) / Davulcu, Hasan (Committee member) / Zhang, Yanchao (Committee member) / Arizona State University (Publisher)
Created2023
Description
The Internet-of-Things (IoT) paradigm is reshaping the ways to interact with the physical space. Many emerging IoT applications need to acquire, process, gain insights from, and act upon the massive amount of data continuously produced by ubiquitous IoT sensors. It is nevertheless technically challenging and economically prohibitive for each IoT application to deploy and maintain a dedicated large-scale sensor network over distributed wide geographic areas. Built upon the Sensing-as-a-Service paradigm, cloud-sensing service providers are emerging to provide heterogeneous sensing data to various IoT applications with a shared sensing substrate. Cyber threats are among the biggest obstacles against the faster development of cloud-sensing services. This dissertation presents novel solutions to achieve trustworthy IoT sensing-as-a-service. Chapter 1 introduces the cloud-sensing system architecture and the outline of this dissertation. Chapter 2 presents MagAuth, a secure and usable two-factor authentication scheme that explores commercial off-the-shelf wrist wearables with magnetic strap bands to enhance the security and usability of password-based authentication for touchscreen IoT devices. Chapter 3 presents SmartMagnet, a novel scheme that combines smartphones and cheap magnets to achieve proximity-based access control for IoT devices. Chapter 4 proposes SpecKriging, a new spatial-interpolation technique based on graphic neural networks for secure cooperative spectrum sensing which is an important application of cloud-sensing systems. Chapter 5 proposes a trustworthy multi-transmitter localization scheme based on SpecKriging. Chapter 6 discusses the future work.
ContributorsZhang, Yan (Author) / Zhang, Yanchao YZ (Thesis advisor) / Fan, Deliang (Committee member) / Xue, Guoliang (Committee member) / Reisslein, Martin (Committee member) / Arizona State University (Publisher)
Created2022
Description
Software-as-a-Service (SaaS) has received significant attention in recent years as major computer companies such as Google, Microsoft, Amazon, and Salesforce are adopting this new approach to develop software and systems. Cloud computing is a computing infrastructure to enable rapid delivery of computing resources as a utility in a dynamic, scalable, and virtualized manner. Computer Simulations are widely utilized to analyze the behaviors of software and test them before fully implementations. Simulation can further benefit SaaS application in a cost-effective way taking the advantages of cloud such as customizability, configurability and multi-tendency.
This research introduces Modeling, Simulation and Analysis for Software-as-Service in Cloud. The researches cover the following topics: service modeling, policy specification, code generation, dynamic simulation, timing, event and log analysis. Moreover, the framework integrates current advantages of cloud: configurability, Multi-Tenancy, scalability and recoverability.
The following chapters are provided in the architecture:
Multi-Tenancy Simulation Software-as-a-Service.
Policy Specification for MTA simulation environment.
Model Driven PaaS Based SaaS modeling.
Dynamic analysis and dynamic calibration for timing analysis.
Event-driven Service-Oriented Simulation Framework.
LTBD: A Triage Solution for SaaS.
This research introduces Modeling, Simulation and Analysis for Software-as-Service in Cloud. The researches cover the following topics: service modeling, policy specification, code generation, dynamic simulation, timing, event and log analysis. Moreover, the framework integrates current advantages of cloud: configurability, Multi-Tenancy, scalability and recoverability.
The following chapters are provided in the architecture:
Multi-Tenancy Simulation Software-as-a-Service.
Policy Specification for MTA simulation environment.
Model Driven PaaS Based SaaS modeling.
Dynamic analysis and dynamic calibration for timing analysis.
Event-driven Service-Oriented Simulation Framework.
LTBD: A Triage Solution for SaaS.
ContributorsLi, Wu (Author) / Tsai, Wei-Tek (Thesis advisor) / Sarjoughian, Hessam S. (Committee member) / Ye, Jieping (Committee member) / Xue, Guoliang (Committee member) / Arizona State University (Publisher)
Created2015
Description
Mobile and Internet-of-Things (IoT) systems have been widely used in many aspects
of human’s life. These systems are storing and operating on more and more sensitive
data of users. Attackers may want to obtain the data to peek at users’ privacy or
pollute the data to cause system malfunction. In addition, these systems are not
user-friendly for some people such as children, senior citizens, and visually impaired
users. Therefore, it is of cardinal significance to improve both security and usability
of mobile and IoT systems. This report consists of four parts: one automatic locking
system for mobile devices, one systematic study of security issues in crowdsourced
indoor positioning systems, one usable indoor navigation system, and practical attacks
on home alarm IoT systems.
Chapter 1 overviews the challenges and existing solutions in these areas. Chapater
2 introduces a novel system ilock which can automatically and immediately lock the
mobile devices to prevent data theft. Chapter 3 proposes attacks and countermeasures
for crowdsourced indoor positioning systems. Chapter 4 presents a context-aware indoor
navigation system which is more user-friendly for visual impaired people. Chapter
5 investigates some novel attacks on commercial home alarm systems. Chapter 6
concludes the report and discuss the future work.
of human’s life. These systems are storing and operating on more and more sensitive
data of users. Attackers may want to obtain the data to peek at users’ privacy or
pollute the data to cause system malfunction. In addition, these systems are not
user-friendly for some people such as children, senior citizens, and visually impaired
users. Therefore, it is of cardinal significance to improve both security and usability
of mobile and IoT systems. This report consists of four parts: one automatic locking
system for mobile devices, one systematic study of security issues in crowdsourced
indoor positioning systems, one usable indoor navigation system, and practical attacks
on home alarm IoT systems.
Chapter 1 overviews the challenges and existing solutions in these areas. Chapater
2 introduces a novel system ilock which can automatically and immediately lock the
mobile devices to prevent data theft. Chapter 3 proposes attacks and countermeasures
for crowdsourced indoor positioning systems. Chapter 4 presents a context-aware indoor
navigation system which is more user-friendly for visual impaired people. Chapter
5 investigates some novel attacks on commercial home alarm systems. Chapter 6
concludes the report and discuss the future work.
ContributorsLi, Tao (Author) / Zhang, Yanchao (Thesis advisor) / Xue, Guoliang (Committee member) / Zhang, Junshan (Committee member) / Fan, Deliang (Committee member) / Arizona State University (Publisher)
Created2020