Matching Items (135)
Description自雇司机是公路货运司机中比例人数最多、最基层的一员,他们在公路物流行业中扮演着极为重要的角色,他们承担着各种来源的压力。本文以疫情前后按揭购买卡车的自雇司机为研究样本,基于本研究收集到的独特数据,研究发现自雇卡车司机在面临按揭压力时,倾向采取更为激进的经营及驾驶行为,表现为更少的休息天数、更长的工作时长以及更危险的高速驾驶行为,并在一系列稳健性检验中基本结论仍然存在;基于新冠疫情事件研究发现,新冠疫情带来的非预期性经济停摆和收入中断,导致疫情前的发生的按揭贷款的卡车司机面临更强的还款压力,在经济恢复后面对按揭压力更有可能采用激进的经营和驾驶行为;进一步,通过机制检验研究本文发现这种按揭压力主要表现为担心当前或者未来发生不能及时偿还按揭款。再者,基于人格性征和家庭支持的调节效应检验,本文发现神经质人格特征、谨慎尽责性人格特征以及工作压力感没有在按揭压力与自雇卡车司机激进的经营和驾驶选择上起到调节作用,这可能是自雇卡车司机面临的按揭压力都很大,个体性格特征很大程度无法缓和其压力感,而家庭的支持和家庭-工作平衡可以有效缓解自雇卡车司机面临按揭压力时提高工作时长和危险驾驶行为的倾向。
最后,本文设计一项随机对照干预实验,向自雇卡车司机发送短息或者微信,提醒他们避免疲劳驾驶和危险超速驾驶,然后观察发送短信微信前后自雇卡车司机经营及驾驶行为的变化,识别考察外界积极主动的关心和提醒能否起到相应的后果。本文发现对自雇卡车司机获得外部主动积极地的关心和提醒,在面临按揭压力时意识到简单地减少休息增加运营时长以及采用危险驾驶行为抢时间的策略可能给其带来很大的风险,从而相应地缓解对按揭压力的过度反应;进一步调节作用检验表明,短信干预实验在神经质和谨慎尽责性人格司机中起到更大的减缓作用,同时家庭支持较少时短信干预实现效应也更为明显。
ContributorsMa, Liqun (Author) / Shen, Wei (Thesis advisor) / Wu, Fei (Thesis advisor) / Zhang, Zhen (Committee member) / Arizona State University (Publisher)
Created2021
Description
On January 30, 2019, the China Securities Regulatory Commission issued the Implementation Opinions on the Establishment of the Science and Technology Innovation Board on the Shanghai Stock Exchange and the Pilot Registration-based System, announcing the establishment of a new Science and Technology Innovation Board(STAR). The STAR Market is an important measure in China's capital market reform, aiming to promote the transformation of China's economy from a stage of rapid growth to a stage of high-quality development. The companies listed on the Science and Technology Innovation Board are mainly scientific and technological innovation enterprises that are at the forefront of the world's science and technology, the main battlefield of the economy, and the major needs of the country, in line with the national strategy, breaking through key core technologies, and with high market recognition. Since its launch on July 22, 2019, to May, 15, 2023, there are 522 companies have been listed on the STAR Market, with a total market capitalization of more than RMB 7 trillion. The successful listing of these enterprises will provide strong support for the deep integration of China's high-tech industries and strategic emerging industries.This paper analyzes the influencing factors of IPO listing pricing on the STAR Market, and studies 1478 companies listed on the three listing platforms of the STAR Market, ChiNext and Hong Kong stocks. Through descriptive statistical analysis and multivariate regression model, the influencing factors of the 1st day and the 20th day were empirically studied. The results of the study will provide a pricing reference for
ii
listed companies in the future, and provide a reference for policymakers to meet the expectations of the new regulatory reforms.
Through analysis of multiple factors includes but not limited as the NR,IPE, LEAD, ISCA, T10, AOL, BC, STL, RDI, CAGR, DTOR, these influencing factors have an important impact on the IPO of the STAR Market.
ContributorsHuang, Danyang (Author) / Shen, Wei (Thesis advisor) / Cheng, Shijun (Thesis advisor) / Jiang, Zhan (Committee member) / Arizona State University (Publisher)
Created2024
Description
Over the past two decades, propelled by urbanization, domestic investment and construction of commercial complexes have rapidly accelerated. This has led to a dramatic expansion of these complexes with swift operational iterations and related data changes. The impact of changing domestic and international financial policies, along with political environments, has seen e-commerce gradually seize the middle and low-end retail markets. Additionally, the global spread of the COVID-19 pandemic in the last three years has resulted in a substantial slowdown in domestic economic growth. Despite this, there is still developmental potential, prompting unprecedented attention to corporate investment and commercial operations.However, acquiring basic operational data in commerce is challenging, with inconsistent measurement standards among enterprises, hindering accurate and systematic judgments of operational performance. The factors influencing the operational performance of commercial complexes in China remain inadequately researched.At this juncture, the scientific measurement of commercial complex operational performance is crucial for their healthy development. This study explores the relationship between enterprise investment behavior, operational management behavior, and commercial complex operational performance. It measures influencing factors using resource configuration theory to control uncontrollable environmental factors, such as urban hierarchy, surrounding population, per capita GDP, surrounding commercial inventory and increment, and location planning support. Dynamic capability theory is then applied to investigate the impact of variables like the number of leases, area, brands, lease cost income, marketing activity types, activity funds, and activity time on operational performance. A model is established to analyze operational performance, contrasting significant variables before and after the pandemic, identifying factors affecting operational performance in early-stage investment and later-stage management strategies. Post-pandemic adjustments are suggested to adapt to changing environmental conditions.In the empirical research section, this paper validates the theoretical model through data analysis, studying the volatility of operational performance based on factors influencing commercial complexes. Integrating theoretical backgrounds, it analyzes investment and management strategies for enterprises in different situations, emphasizing key indicators. This provides enterprises with better choices for future projects and empowers commercial complex managers for effective future management, enhancing operational performance. The study offers a theoretical basis and guidance for promoting the healthy development of the market.
ContributorsHuang, Ke (Author) / Shen, Wei (Thesis advisor) / Zhu, Qigui (Thesis advisor) / Hu, Yu (Committee member) / Arizona State University (Publisher)
Created2024
Description
With the continuous development of the Chinese capital market over the past thirty years, the securities analyst industry has experienced a process of transformation from a reckless period to a golden time. One of the most important signals is that securities analysts are increasingly conducting research report providing long-term earnings forecasts for the company. However, current research on analysts is limited to their short-term forecasting behavior, and there is little on analysts' long-term earnings forecasts. Therefore, this article takes the research on analysts' long-term forecast reports issued by analysts on A-share listed companies, and conducts an empirical study on the analysts' forecasts accuracy and its influencing factors. First, the author combed the research literature related to analyst forecasts and selected variables from three dimensions, including company characteristics (financial indicators and non-financial indicators), analyst characteristics and affiliated institution characteristics; secondly, considering the high-dimensionality of the influencing factors, this paper uses the method of combining machine learning and traditional regression to conduct empirical research; finally, the research tested the heterogeneity of influencing factors from two perspectives, including time and industry.The results of this article show that the long-term profit forecasts of analysts in China have advantages over traditional statistical models. More than 60% of analysts
provide profit forecasts that are better than statistical models. Afterwards, when examining the factors that affected the accuracy of analysts’ forecasts, it found that although analyst and institutional characteristics affected analysts’ predictions to a certain extent, company characteristics are the most important variables among them all. As the time goes by, the influence of non-financial factors on forecast accuracy gradually decreasing, but analyst characteristics continue to strengthen. In addition, cyclical industries are more difficult to predict than companies in non-cyclical industries, and the difficulty of prediction will not be reduced with the analyst efforts. This research can help analysts optimizing their forecasting behavior and prompts investors to understand analysts' reports more deeply, which makes them using analyst forecast data to make investment decisions in a rationally ways, and it can also help to promote the securities pricing efficiency and development of Chinese capital market.
ContributorsRao, Gang (Author) / Shen, Wei (Thesis advisor) / Yan, Hong (Thesis advisor) / Hu, Jie (Committee member) / Arizona State University (Publisher)
Created2024
Description冷链物流主要是指食品在生产到消费者食用前始终处于适宜的温度环境,以保障食品品质、降低流通过程中的损耗。冷链物流相比于传统物流而言是一项更复杂的系统性工程,受到政策和市场需求的影响呈现迅猛发展态势。但是,冷链物流企业长期以来因规模小、固定资产少、服务范围窄、服务规范性弱而发展困难重重,核心问题是资金的问题。政府引导和鼓励打造冷链物流产业园,推动产业园投资和建设主体打造平台,实现对园区内冷链企业的聚集效应并通过金融服务解决企业发展的资金问题。通过产融结合助力冷链物流企业发展,成为目前冷链物流行业发展的主要方式和未来趋势。
本研究聚焦冷链物流产业园金融服务助力冷链物流企业发展问题,主要研究内容包括:第一,基于产融结合理论,梳理冷链物流企业与产业园之间关系,从供需两侧探索冷链物流企业和产业园的金融服务的范围、类型和特点。第二,基于平台理论,构建冷链物流企业采纳产业园金融服务的研究模型,探索金融服务影响冷链物流企业的经营因素,分析冷链物流企业采纳产业园金融服务的因素和途径。第三,基于信息不对称理论,关切信息技术支持和知识分享在冷链物流企业采纳产业园提供金融服务过程中的调节作用。同时,梳理产业园提供金融服务可能面临哪些风险,制订冷链物流企业入驻园区的标准,防范风险。
本文运用实证研究方法,通过对国内18家冷链物流相关的产业园、物流园、冷链物流、商贸流通、金融等企业实地考察和专家访谈基础上,拟定问卷并对268家企业进行调查收集数据,使用结构方程模型进行假设检验。研究发现:金融服务的有形性、可靠性、移情性、经济性对冷链物流企业采纳产业园金融服务影响显著,而响应性的影响不显著。同时
信息技术支持和知识共享的调节作用不显著。最后,针对产业园吸引冷链物流企业提供金融服务、冷链物流企业采纳产业园金融服务的风险,提出防范策略措施。
本研究聚焦冷链物流产业园金融服务助力冷链物流企业发展问题,主要研究内容包括:第一,基于产融结合理论,梳理冷链物流企业与产业园之间关系,从供需两侧探索冷链物流企业和产业园的金融服务的范围、类型和特点。第二,基于平台理论,构建冷链物流企业采纳产业园金融服务的研究模型,探索金融服务影响冷链物流企业的经营因素,分析冷链物流企业采纳产业园金融服务的因素和途径。第三,基于信息不对称理论,关切信息技术支持和知识分享在冷链物流企业采纳产业园提供金融服务过程中的调节作用。同时,梳理产业园提供金融服务可能面临哪些风险,制订冷链物流企业入驻园区的标准,防范风险。
本文运用实证研究方法,通过对国内18家冷链物流相关的产业园、物流园、冷链物流、商贸流通、金融等企业实地考察和专家访谈基础上,拟定问卷并对268家企业进行调查收集数据,使用结构方程模型进行假设检验。研究发现:金融服务的有形性、可靠性、移情性、经济性对冷链物流企业采纳产业园金融服务影响显著,而响应性的影响不显著。同时
信息技术支持和知识共享的调节作用不显著。最后,针对产业园吸引冷链物流企业提供金融服务、冷链物流企业采纳产业园金融服务的风险,提出防范策略措施。
ContributorsYang, Su (Author) / Shen, Wei (Thesis advisor) / Chen, Xinlei (Thesis advisor) / Gu, Bin (Committee member) / Arizona State University (Publisher)
Created2019
Description
Internet of Things (IoT) is emerging as part of the infrastructures for advancing a large variety of applications involving connections of many intelligent devices, leading to smart communities. Due to the severe limitation of the computing resources of IoT devices, it is common to offload tasks of various applications requiring substantial computing resources to computing systems with sufficient computing resources, such as servers, cloud systems, and/or data centers for processing. However, this offloading method suffers from both high latency and network congestion in the IoT infrastructures.
Recently edge computing has emerged to reduce the negative impacts of tasks offloading to remote computing systems. As edge computing is in close proximity to IoT devices, it can reduce the latency of task offloading and reduce network congestion. Yet, edge computing has its drawbacks, such as the limited computing resources of some edge computing devices and the unbalanced loads among these devices. In order to effectively explore the potential of edge computing to support IoT applications, it is necessary to have efficient task management and load balancing in edge computing networks.
In this dissertation research, an approach is presented to periodically distributing tasks within the edge computing network while satisfying the quality-of-service (QoS) requirements of tasks. The QoS requirements include task completion deadline and security requirement. The approach aims to maximize the number of tasks that can be accommodated in the edge computing network, with consideration of tasks’ priorities. The goal is achieved through the joint optimization of the computing resource allocation and network bandwidth provisioning. Evaluation results show the improvement of the approach in increasing the number of tasks that can be accommodated in the edge computing network and the efficiency in resource utilization.
Recently edge computing has emerged to reduce the negative impacts of tasks offloading to remote computing systems. As edge computing is in close proximity to IoT devices, it can reduce the latency of task offloading and reduce network congestion. Yet, edge computing has its drawbacks, such as the limited computing resources of some edge computing devices and the unbalanced loads among these devices. In order to effectively explore the potential of edge computing to support IoT applications, it is necessary to have efficient task management and load balancing in edge computing networks.
In this dissertation research, an approach is presented to periodically distributing tasks within the edge computing network while satisfying the quality-of-service (QoS) requirements of tasks. The QoS requirements include task completion deadline and security requirement. The approach aims to maximize the number of tasks that can be accommodated in the edge computing network, with consideration of tasks’ priorities. The goal is achieved through the joint optimization of the computing resource allocation and network bandwidth provisioning. Evaluation results show the improvement of the approach in increasing the number of tasks that can be accommodated in the edge computing network and the efficiency in resource utilization.
ContributorsSong, Yaozhong (Author) / Yau, Sik-Sang (Thesis advisor) / Huang, Dijiang (Committee member) / Sarjoughian, Hessam S. (Committee member) / Zhang, Yanchao (Committee member) / Arizona State University (Publisher)
Created2018
Description
With the increasing complexity of computing systems and the rise in the number of risks and vulnerabilities, it is necessary to provide a scalable security situation awareness tool to assist the system administrator in protecting the critical assets, as well as managing the security state of the system. There are many methods to provide security states' analysis and management. For instance, by using a Firewall to manage the security state, and/or a graphical analysis tools such as attack graphs for analysis.
Attack Graphs are powerful graphical security analysis tools as they provide a visual representation of all possible attack scenarios that an attacker may take to exploit system vulnerabilities. The attack graph's scalability, however, is a major concern for enumerating all possible attack scenarios as it is considered an NP-complete problem. There have been many research work trying to come up with a scalable solution for the attack graph. Nevertheless, non-practical attack graph based solutions have been used in practice for realtime security analysis.
In this thesis, a new framework, namely 3S (Scalable Security Sates) analysis framework is proposed, which present a new approach of utilizing Software-Defined Networking (SDN)-based distributed firewall capabilities and the concept of stateful data plane to construct scalable attack graphs in near-realtime, which is a practical approach to use attack graph for realtime security decisions. The goal of the proposed work is to control reachability information between different datacenter segments to reduce the dependencies among vulnerabilities and restrict the attack graph analysis in a relative small scope. The proposed framework is based on SDN's programmable capabilities to adjust the distributed firewall policies dynamically according to security situations during the running time. It apply white-list-based security policies to limit the attacker's capability from moving or exploiting different segments by only allowing uni-directional vulnerability dependency links between segments. Specifically, several test cases will be presented with various attack scenarios and analyze how distributed firewall and stateful SDN data plan can significantly reduce the security states construction and analysis. The proposed approach proved to achieve a percentage of improvement over 61% in comparison with prior modules were SDN and distributed firewall are not in use.
Attack Graphs are powerful graphical security analysis tools as they provide a visual representation of all possible attack scenarios that an attacker may take to exploit system vulnerabilities. The attack graph's scalability, however, is a major concern for enumerating all possible attack scenarios as it is considered an NP-complete problem. There have been many research work trying to come up with a scalable solution for the attack graph. Nevertheless, non-practical attack graph based solutions have been used in practice for realtime security analysis.
In this thesis, a new framework, namely 3S (Scalable Security Sates) analysis framework is proposed, which present a new approach of utilizing Software-Defined Networking (SDN)-based distributed firewall capabilities and the concept of stateful data plane to construct scalable attack graphs in near-realtime, which is a practical approach to use attack graph for realtime security decisions. The goal of the proposed work is to control reachability information between different datacenter segments to reduce the dependencies among vulnerabilities and restrict the attack graph analysis in a relative small scope. The proposed framework is based on SDN's programmable capabilities to adjust the distributed firewall policies dynamically according to security situations during the running time. It apply white-list-based security policies to limit the attacker's capability from moving or exploiting different segments by only allowing uni-directional vulnerability dependency links between segments. Specifically, several test cases will be presented with various attack scenarios and analyze how distributed firewall and stateful SDN data plan can significantly reduce the security states construction and analysis. The proposed approach proved to achieve a percentage of improvement over 61% in comparison with prior modules were SDN and distributed firewall are not in use.
ContributorsSabur, Abdulhakim (Author) / Huang, Dijiang (Thesis advisor) / Zhang, Yancho (Committee member) / Shakarian, Paulo (Committee member) / Arizona State University (Publisher)
Created2018
Description
There currently exist various challenges in learning cybersecuirty knowledge, along with a shortage of experts in the related areas, while the demand for such talents keeps growing. Unlike other topics related to the computer system such as computer architecture and computer network, cybersecurity is a multidisciplinary topic involving scattered technologies, which yet remains blurry for its future direction. Constructing a knowledge graph (KG) in cybersecurity education is a first step to address the challenges and improve the academic learning efficiency.
With the advancement of big data and Natural Language Processing (NLP) technologies, constructing large KGs and mining concepts, from unstructured text by using learning methodologies, become possible. The NLP-based KG with the semantic similarity between concepts has brought inspiration to different industrial applications, yet far from completeness in the domain expertise, including education in computer science related fields.
In this research work, a KG in cybersecurity area has been constructed using machine-learning-based word embedding (i.e., mapping a word or phrase onto a vector of low dimensions) and hyperlink-based concept mining from the full dataset of words available using the latest Wikipedia dump. The different approaches in corpus training are compared and the performance based on different similarity tasks is evaluated. As a result, the best performance of trained word vectors has been applied, which is obtained by using Skip-Gram model of Word2Vec, to construct the needed KG. In order to improve the efficiency of knowledge learning, a web-based front-end is constructed to visualize the KG, which provides the convenience in browsing related materials and searching for cybersecurity-related concepts and independence relations.
With the advancement of big data and Natural Language Processing (NLP) technologies, constructing large KGs and mining concepts, from unstructured text by using learning methodologies, become possible. The NLP-based KG with the semantic similarity between concepts has brought inspiration to different industrial applications, yet far from completeness in the domain expertise, including education in computer science related fields.
In this research work, a KG in cybersecurity area has been constructed using machine-learning-based word embedding (i.e., mapping a word or phrase onto a vector of low dimensions) and hyperlink-based concept mining from the full dataset of words available using the latest Wikipedia dump. The different approaches in corpus training are compared and the performance based on different similarity tasks is evaluated. As a result, the best performance of trained word vectors has been applied, which is obtained by using Skip-Gram model of Word2Vec, to construct the needed KG. In order to improve the efficiency of knowledge learning, a web-based front-end is constructed to visualize the KG, which provides the convenience in browsing related materials and searching for cybersecurity-related concepts and independence relations.
ContributorsLin, Fanjie (Author) / Huang, Dijiang (Thesis advisor) / Hsiao, I-Han (Committee member) / Chen, Yinong (Committee member) / Arizona State University (Publisher)
Created2018
Description
Cyber-systems and networks are the target of different types of cyber-threats and attacks, which are becoming more common, sophisticated, and damaging. Those attacks can vary in the way they are performed. However, there are similar strategies
and tactics often used because they are time-proven to be effective. The motivations behind cyber-attacks play an important role in designating how attackers plan and proceed to achieve their goals. Generally, there are three categories of motivation
are: political, economical, and socio-cultural motivations. These indicate that to defend against possible attacks in an enterprise environment, it is necessary to consider what makes such an enterprise environment a target. That said, we can understand
what threats to consider and how to deploy the right defense system. In other words, detecting an attack depends on the defenders having a clear understanding of why they become targets and what possible attacks they should expect. For instance,
attackers may preform Denial of Service (DoS), or even worse Distributed Denial of Service (DDoS), with intention to cause damage to targeted organizations and prevent legitimate users from accessing their services. However, in some cases, attackers are very skilled and try to hide in a system undetected for a long period of time with the incentive to steal and collect data rather than causing damages.
Nowadays, not only the variety of attack types and the way they are launched are important. However, advancement in technology is another factor to consider. Over the last decades, we have experienced various new technologies. Obviously, in the beginning, new technologies will have their own limitations before they stand out. There are a number of related technical areas whose understanding is still less than satisfactory, and in which long-term research is needed. On the other hand, these new technologies can boost the advancement of deploying security solutions and countermeasures when they are carefully adapted. That said, Software Defined Networking i(SDN), its related security threats and solutions, and its adaption in enterprise environments bring us new chances to enhance our security solutions. To reach the optimal level of deploying SDN technology in enterprise environments, it is important to consider re-evaluating current deployed security solutions in traditional networks before deploying them to SDN-based infrastructures. Although DDoS attacks are a bit sinister, there are other types of cyber-threats that are very harmful, sophisticated, and intelligent. Thus, current security defense solutions to detect DDoS cannot detect them. These kinds of attacks are complex, persistent, and stealthy, also referred to Advanced Persistent Threats (APTs) which often leverage the bot control and remotely access valuable information. APT uses multiple stages to break into a network. APT is a sort of unseen, continuous and long-term penetrative network and attackers can bypass the existing security detection systems. It can modify and steal the sensitive data as well as specifically cause physical damage the target system. In this dissertation, two cyber-attack motivations are considered: sabotage, where the motive is the destruction; and information theft, where attackers aim to acquire invaluable information (customer info, business information, etc). I deal with two types of attacks (DDoS attacks and APT attacks) where DDoS attacks are classified under sabotage motivation category, and the APT attacks are classified under information theft motivation category. To detect and mitigate each of these attacks, I utilize the ease of programmability in SDN and its great platform for implementation, dynamic topology changes, decentralized network management, and ease of deploying security countermeasures.
and tactics often used because they are time-proven to be effective. The motivations behind cyber-attacks play an important role in designating how attackers plan and proceed to achieve their goals. Generally, there are three categories of motivation
are: political, economical, and socio-cultural motivations. These indicate that to defend against possible attacks in an enterprise environment, it is necessary to consider what makes such an enterprise environment a target. That said, we can understand
what threats to consider and how to deploy the right defense system. In other words, detecting an attack depends on the defenders having a clear understanding of why they become targets and what possible attacks they should expect. For instance,
attackers may preform Denial of Service (DoS), or even worse Distributed Denial of Service (DDoS), with intention to cause damage to targeted organizations and prevent legitimate users from accessing their services. However, in some cases, attackers are very skilled and try to hide in a system undetected for a long period of time with the incentive to steal and collect data rather than causing damages.
Nowadays, not only the variety of attack types and the way they are launched are important. However, advancement in technology is another factor to consider. Over the last decades, we have experienced various new technologies. Obviously, in the beginning, new technologies will have their own limitations before they stand out. There are a number of related technical areas whose understanding is still less than satisfactory, and in which long-term research is needed. On the other hand, these new technologies can boost the advancement of deploying security solutions and countermeasures when they are carefully adapted. That said, Software Defined Networking i(SDN), its related security threats and solutions, and its adaption in enterprise environments bring us new chances to enhance our security solutions. To reach the optimal level of deploying SDN technology in enterprise environments, it is important to consider re-evaluating current deployed security solutions in traditional networks before deploying them to SDN-based infrastructures. Although DDoS attacks are a bit sinister, there are other types of cyber-threats that are very harmful, sophisticated, and intelligent. Thus, current security defense solutions to detect DDoS cannot detect them. These kinds of attacks are complex, persistent, and stealthy, also referred to Advanced Persistent Threats (APTs) which often leverage the bot control and remotely access valuable information. APT uses multiple stages to break into a network. APT is a sort of unseen, continuous and long-term penetrative network and attackers can bypass the existing security detection systems. It can modify and steal the sensitive data as well as specifically cause physical damage the target system. In this dissertation, two cyber-attack motivations are considered: sabotage, where the motive is the destruction; and information theft, where attackers aim to acquire invaluable information (customer info, business information, etc). I deal with two types of attacks (DDoS attacks and APT attacks) where DDoS attacks are classified under sabotage motivation category, and the APT attacks are classified under information theft motivation category. To detect and mitigate each of these attacks, I utilize the ease of programmability in SDN and its great platform for implementation, dynamic topology changes, decentralized network management, and ease of deploying security countermeasures.
ContributorsAlshamrani, Adel (Author) / Huang, Dijiang (Thesis advisor) / Doupe, Adam (Committee member) / Ahn, Gail-Joon (Committee member) / Davulcu, Hasan (Committee member) / Arizona State University (Publisher)
Created2018
Description
The advent of the Internet of Things (IoT) and its increasing appearances in
Small Office/Home Office (SOHO) networks pose a unique issue to the availability
and health of the Internet at large. Many of these devices are shipped insecurely, with
poor default user and password credentials and oftentimes the general consumer does
not have the technical knowledge of how they may secure their devices and networks.
The many vulnerabilities of the IoT coupled with the immense number of existing
devices provide opportunities for malicious actors to compromise such devices and
use them in large scale distributed denial of service attacks, preventing legitimate
users from using services and degrading the health of the Internet in general.
This thesis presents an approach that leverages the benefits of an Internet Engineering
Task Force (IETF) proposed standard named Manufacturer Usage Descriptions,
that is used in conjunction with the concept of Software Defined Networks
(SDN) in order to detect malicious traffic generated from IoT devices suspected of
being utilized in coordinated flooding attacks. The approach then works towards
the ability to detect these attacks at their sources through periodic monitoring of
preemptively permitted flow rules and determining which of the flows within the permitted
set are misbehaving by using an acceptable traffic range using Exponentially
Weighted Moving Averages (EWMA).
Small Office/Home Office (SOHO) networks pose a unique issue to the availability
and health of the Internet at large. Many of these devices are shipped insecurely, with
poor default user and password credentials and oftentimes the general consumer does
not have the technical knowledge of how they may secure their devices and networks.
The many vulnerabilities of the IoT coupled with the immense number of existing
devices provide opportunities for malicious actors to compromise such devices and
use them in large scale distributed denial of service attacks, preventing legitimate
users from using services and degrading the health of the Internet in general.
This thesis presents an approach that leverages the benefits of an Internet Engineering
Task Force (IETF) proposed standard named Manufacturer Usage Descriptions,
that is used in conjunction with the concept of Software Defined Networks
(SDN) in order to detect malicious traffic generated from IoT devices suspected of
being utilized in coordinated flooding attacks. The approach then works towards
the ability to detect these attacks at their sources through periodic monitoring of
preemptively permitted flow rules and determining which of the flows within the permitted
set are misbehaving by using an acceptable traffic range using Exponentially
Weighted Moving Averages (EWMA).
ContributorsChang, Laurence Hao (Author) / Yau, Stephen (Thesis advisor) / Doupe, Adam (Committee member) / Huang, Dijiang (Committee member) / Arizona State University (Publisher)
Created2018