Matching Items (173)
Description
Cyber threats are growing in number and sophistication making it important to continually study and improve all dimensions of digital forensics. Teamwork in forensic analysis has been overlooked in systems even though forensics relies on collaboration. Forensic analysis lacks a system that is flexible and available on different electronic devices which are being used and incorporated into everyday life. For instance, cellphones or tablets that are easy to bring on-the-go to sites where the first steps of forensic analysis is done. Due to the present day conversion to online accessibility, most electronic devices connect to the internet. Squeegee is a proof of concept that forensic analysis can be done on the web. The forensic analysis expansion to the web opens many doors to collaboration and accessibility.
ContributorsJuntiff, Samantha Maria (Author) / Ahn, Gail-Joon (Thesis director) / Kashiwagi, Jacob (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor)
Created2015-05
Description
Food safety is vital to the well-being of society; therefore, it is important to inspect food products to ensure minimal health risks are present. A crucial phase of food inspection is the identification of foreign particles found in the sample, such as insect body parts. The presence of certain species of insects, especially storage beetles, is a reliable indicator of possible contamination during storage and food processing. However, the current approach to identifying species is visual examination by human analysts; this method is rather subjective and time-consuming. Furthermore, confident identification requires extensive experience and training. To aid this inspection process, we have developed in collaboration with FDA analysts some image analysis-based machine intelligence to achieve species identification with up to 90% accuracy. The current project is a continuation of this development effort. Here we present an image analysis environment that allows practical deployment of the machine intelligence on computers with limited processing power and memory. Using this environment, users can prepare input sets by selecting images for analysis, and inspect these images through the integrated pan, zoom, and color analysis capabilities. After species analysis, the results panel allows the user to compare the analyzed images with referenced images of the proposed species. Further additions to this environment should include a log of previously analyzed images, and eventually extend to interaction with a central cloud repository of images through a web-based interface. Additional issues to address include standardization of image layout, extension of the feature-extraction algorithm, and utilizing image classification to build a central search engine for widespread usage.
ContributorsMartin, Daniel Luis (Author) / Ahn, Gail-Joon (Thesis director) / Doupé, Adam (Committee member) / Xu, Joshua (Committee member) / Computer Science and Engineering Program (Contributor) / Department of Finance (Contributor) / Barrett, The Honors College (Contributor)
Created2016-05
Description
Radio Frequency Identification (RFID) technology allows objects to be identified electronically by way of a small electronic tag. RFID is quickly becoming quite popular, and there are many security hurdles for this technology to overcome. The iCLASS line of RFID, produced by HID Global, is one such technology that is widely used for secure access control and applications where a contactless authentication element is desirable. Unfortunately, iCLASS has been shown to have security issues. Nevertheless customers continue to use it because of the great cost that would be required to completely replace it. This Honors Thesis will address attacks against iCLASS and means for countering them that do not require such an overhaul.
ContributorsMellott, Matthew John (Author) / Ahn, Gail-Joon (Thesis director) / Thorstenson, Tina (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor)
Created2014-05
Description
Over the past several years, the three major mobile platforms have seen
tremendous growth and success; as a result, the platforms have been the target
of many malicious attacks. These attacks often request certain permissions in
order to carry out the malicious activities, and uninformed users usually grant
them. One prevalent example of this type of malware is one that requests
permission to the device’s SMS service, and once obtained, uses the SMS
service to accrue charges to the user. This type of attack is one of the most
prevalent on the Android application marketplace, and requires a long-term
solution. Replication of an attack is necessary to fully understand efficient
prevention methods, and due to the open-source nature of Android development,
to determine the likely mechanics of the attack as feasible.
This study uses the Hacker News application, an open source application
that is available for download through GitHub as a basis for creating a malware
application to study the SMS attack and explore prevention methods. From the
results and knowledge gained from both research and experimentation, a
proposition for a more secure operating system architecture was defined to
prevent and mitigate various attacks on mobile systems with a focus on SMS
attacks.
tremendous growth and success; as a result, the platforms have been the target
of many malicious attacks. These attacks often request certain permissions in
order to carry out the malicious activities, and uninformed users usually grant
them. One prevalent example of this type of malware is one that requests
permission to the device’s SMS service, and once obtained, uses the SMS
service to accrue charges to the user. This type of attack is one of the most
prevalent on the Android application marketplace, and requires a long-term
solution. Replication of an attack is necessary to fully understand efficient
prevention methods, and due to the open-source nature of Android development,
to determine the likely mechanics of the attack as feasible.
This study uses the Hacker News application, an open source application
that is available for download through GitHub as a basis for creating a malware
application to study the SMS attack and explore prevention methods. From the
results and knowledge gained from both research and experimentation, a
proposition for a more secure operating system architecture was defined to
prevent and mitigate various attacks on mobile systems with a focus on SMS
attacks.
ContributorsRomo, James Tyler (Co-author) / Rezende, Bryan (Co-author) / Whitaker, Jeremy (Co-author) / Ahn, Gail-Joon (Thesis director) / Wilkerson, Kelly (Committee member) / Conquest, Kevin (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor)
Created2013-05
Description
Modern computer processors contain an embedded firmware known as microcode that controls decode and execution of x86 instructions. Although proprietary and relatively obscure, this microcode can be modified using updates released by hardware manufacturers to correct processor logic flaws (errata). At the same time, a malicious microcode update could compromise a processor by implementing new malicious instructions or altering the functionality of existing instructions, including processor-accelerated virtualization or cryptographic primitives. Not only is this attack vector capable of subverting all software-enforced security policies and access controls, but it also leaves behind no postmortem forensic evidence since the write-only patch memory is cleared upon system reset. Although supervisor privileges (ring zero) are required to update processor microcode, this attack cannot be easily mitigated due to the implementation of microcode update functionality within processor silicon. In this paper, we reveal the microarchitecture and mechanism of microcode updates, present a security analysis of this attack vector, and provide some mitigation suggestions.
ContributorsChen, Daming Dominic (Author) / Ahn, Gail-Joon (Thesis director) / Lee, Joohyung (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor) / School of International Letters and Cultures (Contributor) / School of Mathematical and Statistical Sciences (Contributor)
Created2014-05
Description
Our goals in our project are to enable management of distributed systems from one central location, record system logs and audit system based on these logs, and to demonstrate feasibility of platform-independent management of distributed systems based on CIM schema. In order to achieve these goals, we will have to overcome research challenges such as identifying meaningful CIM classes and attributes that could help to achieve this goal, how to gather managed objects of these CIM classes to collect such attributes on a given platform, and to research whether a platform's implementation of CIM is complete or incomplete so as to decide which platform would be the best to implement our solution. Even if a platform's implementation of CIM is incomplete, would we be able to create our own solution to a missing attribute and perhaps provide our own extension of the implementation? One major practical accomplishment will include developing a tool to allow distributed systems management regardless of a target system's platform. However, our research accomplishments will include having found the CIM classes that would be advantageous for system management and determining which platform would be best to work with managed objects of these classes.
ContributorsTrang, Patrick D (Author) / Ahn, Gail-Joon (Thesis director) / Chen, Yinong (Committee member) / Wilson, Adrian (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor)
Created2013-05
Description
We discuss processes involved in user-centric security design, including the synthesis of goals based on security and usability tasks. We suggest the usage of implicit security and the facilitation of secureuser actions. We propose a process for evaluating usability flaws by treating them as security threats and adapting traditional HCI methods. We discuss how to correct these flaws once they are discovered. Finally, we discuss the Usable Security Development Model for developing usable secure systems.
ContributorsJorgensen, Jan Drake (Author) / Ahn, Gail-Joon (Thesis director) / VanLehn, Kurt (Committee member) / Wilkerson, Kelly (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor)
Created2013-05
Description
The liquid rocket engine, more specifically, the bi-propellant liquid rocket engine, is a popular type of chemical propulsion system within the propulsion industry due to its relatively high specific impulse and high thrust levels compared to the other chemical propulsion choices. For the purposes of this thesis, a bi-propellant liquid rocket engine system consists of a rocket engine, a set of tanks for the storage and supply of liquid propellants, and everything required in between for thrust-producing operation. Among the hardware in this "in between" necessary for a liquid rocket engine to produce thrust exists an injector, or an assembly of injector elements, whose purpose is to introduce and meter the flow of the fuel and oxidizer of the liquid rocket engine into the combustion chamber. To do this the injector or injector assembly, upon injection into the combustion chamber, must cause the two liquids to break up into small droplets, proportionally and uniformly distribute and mix the liquid into a spray pattern within the combustion chamber, and allow for engine combustion to occur as efficiently as possible. Daedalus Astronautics @ ASU, one of Arizona State University's engineering student organizations, has been working to design, construct, and successfully test a bi-propellant liquid rocket engine of its own. In doing so, Daedalus Astronautics has designed a bi-propellant liquid rocket engine injector assembly consisting of a forward bulkhead and an injector plate. The purpose of this thesis is to experimentally verify the flow of liquid through this injector assembly modeled using computational fluid dynamics methods. During the two semester time line allowed for this thesis project, a mesh was created for a single orifice geometry injector plate and combustion chamber assembly in ANSYS ICEM CFD and an experiment was designed for imaging the spray pattern from the injector plate and forward bulkhead assembly, from which several things about the injector geometry design were discovered.
ContributorsBrunacini, Lauren Elizabeth (Author) / Herrmann, Marcus (Thesis director) / Adrian, Ronald (Committee member) / Barrett, The Honors College (Contributor) / Mechanical and Aerospace Engineering Program (Contributor)
Created2015-05
Description
Cloud computing systems fundamentally provide access to large pools of data and computational resources through a variety of interfaces similar in spirit to existing grid and HPC resource management and programming systems. These types of systems offer a new programming target for scalable application developers and have gained popularity over the past few years. However, most cloud computing systems in operation today are proprietary and rely upon infrastructure that is invisible to the research community, or are not explicitly designed to be instrumented and modified by systems researchers. In this research, Xen Server Management API is employed to build a framework for cloud computing that implements what is commonly referred to as Infrastructure as a Service (IaaS); systems that give users the ability to run and control entire virtual machine instances deployed across a variety physical resources. The goal of this research is to develop a cloud based resource and service sharing platform for Computer network security education a.k.a Virtual Lab.
ContributorsKadne, Aniruddha (Author) / Huang, Dijiang (Thesis advisor) / Tsai, Wei-Tek (Committee member) / Ahn, Gail-Joon (Committee member) / Arizona State University (Publisher)
Created2010
Description
A novel CFD algorithm called LEAP is currently being developed by the Kasbaoui Research Group (KRG) using the Immersed Boundary Method (IBM) to describe complex geometries. To validate the algorithm, this research project focused on testing the algorithm in three dimensions by simulating a sphere placed in a moving fluid. The simulation results were compared against the experimentally derived Schiller-Naumann Correlation. Over the course of 36 trials, various spatial and temporal resolutions were tested at specific Reynolds numbers between 10 and 300. It was observed that numerical errors decreased with increasing spatial and temporal resolution. This result was expected as increased resolution should give results closer to experimental values. Having shown the accuracy and robustness of this method, KRG will continue to develop this algorithm to explore more complex geometries such as aircraft engines or human lungs.
ContributorsMadden, David Jackson (Author) / Kasbaoui, Mohamed Houssem (Thesis director) / Herrmann, Marcus (Committee member) / Mechanical and Aerospace Engineering Program (Contributor, Contributor) / Barrett, The Honors College (Contributor)
Created2021-05