ConXsense - Automated Context Classification for Context-Aware Access Control

We present ConXsense, the first framework for context-aware access control on mobile devices based on context classification. Previous context-aware access control systems often require users to laboriously specify detailed policies or they rely on pre-defined policies not adequately reflecting the true preferences of users. We present the design and implementation of a context-aware framework that uses a probabilistic approach to overcome these deficiencies. The framework utilizes context sensing and machine learning to automatically classify contexts according to their security and privacy-related properties. We apply the framework to two important smartphone-related use cases: protection against device misuse using a dynamic device lock and protection against sensory malware. We ground our analysis on a sociological survey examining the perceptions and concerns of users related to contextual smartphone security and analyze the effectiveness of our approach with real-world context data. We also demonstrate the integration of our framework with the FlaskDroid architecture for fine-grained access control enforcement on the Android platform.Comment: Recipient of the Best Paper Awar

Towards An Automated Forensic Examiner (AFE) Based Upon Criminal Profiling & Artificial Intelligence

Digital forensics plays an increasingly important role within society as the approach to the identification of criminal and cybercriminal activities. It is however widely known that a combination of the time taken to undertake a forensic investigation, the volume of data to be analysed and the number of cases to be processed are all significantly increasing resulting in an ever growing backlog of investigations and mounting costs. Automation approaches have already been widely adopted within digital forensic processes to speed up the identification of relevant evidence – hashing for notable files, file signature analysis and data carving to name a few. However, to date, little research has been undertaken in identifying how more advanced techniques could be applied to perform “intelligent” processing of cases. This paper proposes one such approach, the Automated Forensic Examiner (AFE) that seeks to apply artificial intelligence to the problem of sorting and identifying relevant artefacts. The proposed approach utilises a number of techniques, including a technical competency measure, a dynamic criminal knowledge base and visualisation to provide an investigator with an in depth understanding of the case. The paper also describes how its implementation within a cloud based infrastructure will also permit a more timely and cost effective solution

Enhancing Usability, Security, and Performance in Mobile Computing

We have witnessed the prevalence of smart devices in every aspect of human life. However, the ever-growing smart devices present significant challenges in terms of usability, security, and performance. First, we need to design new interfaces to improve the device usability which has been neglected during the rapid shift from hand-held mobile devices to wearables. Second, we need to protect smart devices with abundant private data against unauthorized users. Last, new applications with compute-intensive tasks demand the integration of emerging mobile backend infrastructure. This dissertation focuses on addressing these challenges. First, we present GlassGesture, a system that improves the usability of Google Glass through a head gesture user interface with gesture recognition and authentication. We accelerate the recognition by employing a novel similarity search scheme, and improve the authentication performance by applying new features of head movements in an ensemble learning method. as a result, GlassGesture achieves 96% gesture recognition accuracy. Furthermore, GlassGesture accepts authorized users in nearly 92% of trials, and rejects attackers in nearly 99% of trials. Next, we investigate the authentication between a smartphone and a paired smartwatch. We design and implement WearLock, a system that utilizes one\u27s smartwatch to unlock one\u27s smartphone via acoustic tones. We build an acoustic modem with sub-channel selection and adaptive modulation, which generates modulated acoustic signals to maximize the unlocking success rate against ambient noise. We leverage the motion similarities of the devices to eliminate unnecessary unlocking. We also offload heavy computation tasks from the smartwatch to the smartphone to shorten response time and save energy. The acoustic modem achieves a low bit error rate (BER) of 8%. Compared to traditional manual personal identification numbers (PINs) entry, WearLock not only automates the unlocking but also speeds it up by at least 18%. Last, we consider low-latency video analytics on mobile devices, leveraging emerging mobile backend infrastructure. We design and implement LAVEA, a system which offloads computation from mobile clients to edge nodes, to accomplish tasks with intensive computation at places closer to users in a timely manner. We formulate an optimization problem for offloading task selection and prioritize offloading requests received at the edge node to minimize the response time. We design and compare various task placement schemes for inter-edge collaboration to further improve the overall response time. Our results show that the client-edge configuration has a speedup ranging from 1.3x to 4x against running solely by the client and 1.2x to 1.7x against the client-cloud configuration

Securing Medical Devices and Protecting Patient Privacy in the Technological Age of Healthcare

The healthcare industry has been adopting technology at an astonishing rate. This technology has served to increase the efficiency and decrease the cost of healthcare around the country. While technological adoption has undoubtedly improved the quality of healthcare, it also has brought new security and privacy challenges to the industry that healthcare IT manufacturers are not necessarily fully prepared to address. This dissertation explores some of these challenges in detail and proposes solutions that will make medical devices more secure and medical data more private. Compared to other industries the medical space has some unique challenges that add significant constraints on possible solutions to problems. For example, medical devices must operate reliably even in the face of attack. Similarly, due to the need to access patient records in an emergency, strict enforcement of access controls cannot be used to prevent unauthorized access to patient data. Throughout this work we will explore particular problems in depth and introduce novel technologies to address them. Each chapter in this dissertation explores some aspect of security or privacy in the medical space. We present tools to automatically audit accesses in electronic medical record systems in order to proactively detect privacy violations; to automatically fingerprint network-facing protocols in order to non-invasively determine if particular devices are vulnerable to known attacks; and to authenticate healthcare providers to medical devices without a need for a password in a way that protects against all known attacks present in radio-based authentication technologies. We also present an extension to the widely-used beacon protocol in order to add security in the face of active attackers; and we demonstrate an overhead-free solution to protect embedded medical devices against previously unpreventable attacks that evade existing control- flow integrity enforcement techniques by leveraging insecure built-in features in order to maliciously exploit configuration vulnerabilities in devices

Design of a Passive RFID System for Asset Tracking

This project focuses on the feasibility of utilizing the lower cost passive RFID technology to track electronic test equipment for Raytheon Company. Although developed for a specific storeroom at Raytheon Company’s Network Centric Division’s (NCD) laboratory in Goleta, California, the project concepts and design are applicable to many portal-based asset tracking systems. The first part of the project consisted of experimentally evaluating the reliability of passive versus active technologies and selecting the best commercially available hardware offering when applied to asset tracking. The second part of the project consisted of developing a complete asset tracking system. The primary goals of the project were to reduce efforts spent on paper-based processes and gain a better view of asset movement for a significantly lower cost than another division’s current active RFID system

SSH Key Management Challenges and Requirements

Invited paperSSH (Secure Shell) uses public keys for authenticating servers and users. This paper summarizes progress in SSH key management so far, highlights outstanding problems, and presents requirements for a long-term solution. Proposals are solicited from the research community to address the issue. The problem is of high practical importance, as most of our critical Internet infrastructure, cloud services, and open source software development is protected using these keys.Non peer reviewe

A Correlation Framework for Continuous User Authentication Using Data Mining

Merged with duplicate records: 10026.1/572, 10026.1/334 and 10026.1/724 on 01.02.2017 by CS (TIS)The increasing security breaches revealed in recent surveys and security threats reported in the media reaffirms the lack of current security measures in IT systems. While most reported work in this area has focussed on enhancing the initial login stage in order to counteract against unauthorised access, there is still a problem detecting when an intruder has compromised the front line controls. This could pose a senous threat since any subsequent indicator of an intrusion in progress could be quite subtle and may remain hidden to the casual observer. Having passed the frontline controls and having the appropriate access privileges, the intruder may be in the position to do virtually anything without further challenge. This has caused interest'in the concept of continuous authentication, which inevitably involves the analysis of vast amounts of data. The primary objective of the research is to develop and evaluate a suitable correlation engine in order to automate the processes involved in authenticating and monitoring users in a networked system environment. The aim is to further develop the Anoinaly Detection module previously illustrated in a PhD thesis [I] as part of the conceptual architecture of an Intrusion Monitoring System (IMS) framework