State-based switching for optimal control of computer virus propagation with external device blocking

The rapid propagation of computer virus is one of the greatest threats to current cybersecurity. This work deals with the optimal control problem of virus propagation among computers and external devices. To formulate this problem, two control strategies are introduced: (a) external device blocking, which means prohibiting a fraction of connections between external devices and computers, and (b) computer reconstruction, which includes updating or reinstalling of some infected computers. Then the combination of both the impact of infection and the cost of controls is minimized. In contrast with previous works, this paper takes into account a state-based cost weight index in the objection function instead of a fixed one. By using Pontryagin\u27s minimum principle and a modified forward-backward difference approximation algorithm, the optimal solution of the system is investigated and numerically solved. Then numerical results show the flexibility of proposed approach compared to the regular optimal control. More numerical results are also given to evaluate the performance of our approach with respect to various weight indexes

Moving target defense for securing smart grid communications: Architectural design, implementation and evaluation

Supervisory Control And Data Acquisition (SCADA) communications are often subjected to various kinds of sophisticated cyber-attacks which can have a serious impact on the Critical Infrastructure such as the power grid. Most of the time, the success of the attack is based on the static characteristics of the system, thereby enabling an easier profiling of the target system(s) by the adversary and consequently exploiting their limited resources. In this thesis, a novel approach to mitigate such static vulnerabilities is proposed by implementing a Moving Target Defense (MTD) strategy in a power grid SCADA environment, which leverages the existing communication network with an end-to-end IP Hopping technique among the trusted peer devices. This offers a proactive L3 layer network defense, minimizing IP-specific threats and thwarting worm propagation, APTs, etc., which utilize the cyber kill chain for attacking the system through the SCADA network. The main contribution of this thesis is to show how MTD concepts provide proactive defense against targeted cyber-attacks, and a dynamic attack surface to adversaries without compromising the availability of a SCADA system. Specifically, the thesis presents a brief overview of the different type of MTD designs, the proposed MTD architecture and its implementation with IP hopping technique over a Control Center–Substation network link along with a 3-way handshake protocol for synchronization on the Iowa State’s Power Cyber testbed. The thesis further investigates the delay and throughput characteristics of the entire system with and without the MTD to choose the best hopping rate for the given link. It also includes additional contributions for making the testbed scenarios more realistic to real world scenarios with multi-hop, multi-path WAN. Using that and studying a specific attack model, the thesis analyses the best ranges of IP address for different hopping rate and different number of interfaces. Finally, the thesis describes two case studies to explore and identify potential weaknesses of the proposed mechanism, and also experimentally validate the proposed mitigation alterations to resolve the discovered vulnerabilities. As part of future work, we plan to extend this work by optimizing the MTD algorithm to be more resilient by incorporating other techniques like network port mutation to further increase the attack complexity and cost

Developing integrated optical structures, with special respect to applications in medical diagnostics

In my dissertation, I described two label-free optical biosensors based on integrated optical (IO) structures for the sensitive, rapid detection of pathogens - bacterial cells, viral proteins - from fluid samples, which can serve as a basis for rapid clinical tests. These types of devices provide a specific, cost-effective, user-friendly and portable way of detection with sufficient sensitivity by changing the optical signal. Thus, in practice, they could potentially be used as point-of-care (POC) or home rapid diagnostic tests, offering a promising alternative to traditional laboratory assays. Their realization is supported by their integration with microfluidic channels in a lab-on-a-chip (LOC) device, for handling small volumes of fluid. Based on these aspects, biosensors were designed as waveguides, integrated in a microfluidic channel on a glass substrate, performing evanescent-field sensing. The detection method is based on the fact that the light, propagating in the waveguide with total internal reflections, penetrates into the surrounding media at a limited extent, which is called the evanescent field. Material can enter this space and become bound to the surface, which can change the phase of the light, propagating in the structure, or even scatter it into the surrounding medium. These phenomena offer the possibility of specific detection of pathogens, adhering to the surface, pre-coated with a biological recognition element, such as an antibody. As a first application, an electro-optical biosensor was developed with an evanescent field-based detection concept, aiming at label-free, rapid, selective and sensitive detection of bacteria from body fluids. The usability of the measurement principle, based on the processing of light-scattering patterns, caused by evanescent waves, scattered on target cells, was demonstrated by quantitative detection of Escherichia coli bacterial cells from their suspensions. One of the keys to the applicability of biosensors is their sensitivity. To increase it in case of this device, I applied the phenomenon of dielectrophoresis using the polarizability of the target cells. It provides the possibility to selectively collect cells on the surface of electrodes placed close to the waveguide and then detect them based on the evanescent field. To test this, I wanted to sense bacteria in an artificial urine sample containing somatic cells, in this case endothelial cells, mimicking urine in an inflammatory state. By optimizing the parameters of the measurements, a rapid, sensitive bacterial detection of about 10 minutes was achieved. The detection limit of the biosensor was comparable to the characteristic pathogen concentration in body fluids. Furthermore, selective bacterial detection was also achieved from a fluid sample containing somatic cells, mimicking inflammatory urine. In my dissertation, a second application is also presented, in this case a miniature IO Mach-Zehnder interferometer-based biosensor was developed for the specific quantitative detection of viral proteins. Thanks to the interferometric measurement principle, a fast and accurate detection of target proteins can be achieved. With this device, the aim was to investigate the potential neuroinvasion of coronavirus (SARS-CoV-2) infection, from which point of view the pathological effects of viral surface spike proteins on the blood-brain barrier are of great importance in the case of severe symptoms. Furthermore, infection may also cause adverse effects in the intestinal tract. Thus, the specific aim of this application was to evaluate the ability of the S1 subunit of the coronavirus surface spike protein to cross the human in vitro blood-brain barrier and intestinal epithelial biological barrier system models using the biosensor. Experiments were designed to use the sensor for specific, quantitative detection of spike proteins, that may have been passed through permeability assays on biological barrier models prepared by our collaborators. To reach the specific sensing of the target protein, the waveguide surface of the interferometer’s measuring arm was functionalized with specific S1 protein antibody. To achieve optimal, stable measurement conditions, the operating point of the interferometer was adjusted thermo-optically. The results of the experiments with the biosensor were in agreement with the ones of the conventional immunological tests (ELISA) carried out in parallel. It was possible to determine that S1 protein could pass through the two types of barriers in different amounts. The findings of the experiments with the integrated optical Mach-Zehnder interferometer biosensor demonstrate that this detection approach can be used for similar medical diagnostic purposes, and thus can contribute to the investigation of the adverse effects of SARS-CoV-2 on the human body

A Survey on Security for Mobile Devices

Nowadays, mobile devices are an important part of our everyday lives since they enable us to access a large variety of ubiquitous services. In recent years, the availability of these ubiquitous and mobile services has signicantly increased due to the dierent form of connectivity provided by mobile devices, such as GSM, GPRS, Bluetooth and Wi-Fi. In the same trend, the number and typologies of vulnerabilities exploiting these services and communication channels have increased as well. Therefore, smartphones may now represent an ideal target for malware writers. As the number of vulnerabilities and, hence, of attacks increase, there has been a corresponding rise of security solutions proposed by researchers. Due to the fact that this research eld is immature and still unexplored in depth, with this paper we aim to provide a structured and comprehensive overview of the research on security solutions for mobile devices. This paper surveys the state of the art on threats, vulnerabilities and security solutions over the period 2004-2011. We focus on high-level attacks, such those to user applications, through SMS/MMS, denial-of-service, overcharging and privacy. We group existing approaches aimed at protecting mobile devices against these classes of attacks into dierent categories, based upon the detection principles, architectures, collected data and operating systems, especially focusing on IDS-based models and tools. With this categorization we aim to provide an easy and concise view of the underlying model adopted by each approach

Controlling the risk of cross-contamination from the building drainage system using the reflected wave technique to identify depleted water trap seals

The appliance trap seal remains the primary defence against cross-contamination from the foul air present within the building drainage system. As an identified vector in the spread of severe acute respiratory syndrome (SARS) in Hong Kong in 2003, trap seal failure has been confirmed as a significant, and potentially fatal, risk to public health. Prevention of trap seal failure depends upon both good design, to limit the air pressure transients propagated within the system, and good maintenance. However, current maintenance regimes rely solely on visual inspections which is time consuming and often impractical to implement in large complex buildings. This thesis documents the development of a novel approach to system maintenance whereby the threat of cross-contamination of disease is minimised by the remote monitoring of trap seal status. This was approached through the application and development of the reflected wave technique which is fundamentally based upon the characteristic reflection coefficients of system boundary conditions. An extensive programme of laboratory experiments and field trials were carried out to collect transient pressure data which, together with results from an existing mathematical model (AIRNET), developed by the Drainage Research Group at Heriot- Watt University, have been used to validate the proposed technique and to formulate a practical methodology which may be applied to any building drainage system. Automatic system diagnosis, which would in the future allow the proposed technique to be integrated as an automated system test, was provided by the development of the trap condition evaluator (TRACER) program by this author. Incorporating a time series change detection algorithm, the TRACER program accurately detects and locates a depleted trap seal by automatically identifying the return time of the trap’s reflection. The reflected wave technique has been demonstrated as a successful approach to depleted trap identification provided that the wave propagation speed is known and the dampening influence of the junction effect (which can delay the observed reflection return time) are taken into account. The reflected wave technique offers a remote and non-invasive approach to maintaining the building drainage system and provides, for the first time, a diagnostic tool to help prevent cross-contamination.Engineering and Physical Sciences Research Council (EPSRC

Verkkoliikenteen hajauttaminen rinnakkaisprosessoitavaksi ohjelmoitavan piirin avulla

The expanding diversity and amount of traffic in the Internet requires increasingly higher performing devices for protecting our networks against malicious activities. The computational load of these devices may be divided over multiple processing nodes operating in parallel to reduce the computation load of a single node. However, this requires a dedicated controller that can distribute the traffic to and from the nodes at wire-speed. This thesis concentrates on the system topologies and on the implementation aspects of the controller. A field-programmable gate array (FPGA) device, based on a reconfigurable logic array, is used for implementation because of its integrated circuit like performance and high-grain programmability. Two hardware implementations were developed; a straightforward design for 1-gigabit Ethernet, and a modular, highly parameterizable design for 10-gigabit Ethernet. The designs were verified by simulations and synthesizable testbenches. The designs were synthesized on different FPGA devices while varying parameters to analyze the achieved performance. High-end FPGA devices, such as Altera Stratix family, met the target processing speed of 10-gigabit Ethernet. The measurements show that the controller's latency is comparable to a typical switch. The results confirm that reconfigurable hardware is the proper platform for low-level network processing where the performance is prioritized over other features. The designed architecture is versatile and adaptable to applications expecting similar characteristics.Internetin edelleen lisääntyvä ja monipuolistuva liikenne vaatii entistä tehokkaampia laitteita suojaamaan tietoliikenneverkkoja tunkeutumisia vastaan. Tietoliikennelaitteiden kuormaa voidaan jakaa rinnakkaisille yksiköille, jolloin yksittäisen laitteen kuorma pienenee. Tämä kuitenkin vaatii erityisen kontrolloijan, joka kykenee hajauttamaan liikennettä yksiköille linjanopeudella. Tämä tutkimus keskittyy em. kontrolloijan järjestelmätopologioiden tutkimiseen sekä kontrolloijan toteuttamiseen ohjelmoitavalla piirillä, kuten kenttäohjelmoitava järjestelmäpiiri (eng. field programmable gate-array, FPGA). Kontrolloijasta tehtiin yksinkertainen toteutus 1-gigabitin Ethernet-verkkoihin sekä modulaarinen ja parametrisoitu toteutus 10-gigabitin Ethernet-verkkoihin. Toteutukset verifioitiin simuloimalla sekä käyttämällä syntetisoituvia testirakenteita. Toteutukset syntetisoitiin eri FPGA-piireille vaihtelemalla samalla myös toteutuksen parametrejä. Tehokkaimmat FPGA-piirit, kuten Altera Stratix -piirit, saavuttivat 10-gigabitin prosessointivaatimukset. Mittaustulokset osoittavat, että kontrollerin vasteaika ei poikkea tavallisesta verkkokytkimestä. Työn tulokset vahvistavat käsitystä, että ohjelmoitavat piirit soveltuvat hyvin verkkoliikenteen matalantason prosessointiin, missä vaaditaan ensisijaisesti suorituskykyä. Suunniteltu arkkitehtuuri on monipuolinen ja soveltuu joustavuutensa ansiosta muihin samantyyppiseen sovelluksiin

Carrier transport engineering in wide bandgap semiconductors for photonic and memory device applications

Wide bandgap (WBG) semiconductors play a crucial role in the current solid-state lighting technology. The AlGaN compound semiconductor is widely used for ultraviolet (UV) light-emitting diodes (LEDs), however, the efficiency of these LEDs is largely in a single-digit percentage range due to several factors. Until recently, AlInN alloy has been relatively unexplored, though it holds potential for light-emitters operating in the visible and UV regions. In this dissertation, the first axial AlInN core-shell nanowire UV LEDs operating in the UV-A and UV-B regions with an internal quantum efficiency (IQE) of 52% are demonstrated. Moreover, the light extraction efficiency of this UV LED can be further improved by 63% by utilizing appropriate hexagonal photonic crystal structures. The carrier transport characteristics of the LEDs have been carefully engineered to enhance the carrier distributions and reduce the current leakage, leading to a significantly improved IQE of the LEDs. In this regard, the p-type AlGaN electron blocking layer (EBL) has been utilized to suppress electron leakage. Although the EBL can suppress the electron leakage to an extent, it also affects the hole injection due to the generation of positive polarization sheet charges at the hetero interface of EBL and the last quantum barrier (QB). Moreover, the Mg acceptor activation energy of the Al-rich AlGaN EBL layer is elevated, affecting the Mg doping efficiency. To mitigate this problem, in this dissertation, EBL-free UV LED designs are proposed where the epilayers are carefully band-engineered to notably improve the device performance by lowering the electron overflows. The proposed EBL-free strip-in-a-barrier UV LED records the maximum IQE of -61.5% which is -72% higher, and IQE droop is -12.4%, which is -333% less compared to the conventional AlGaN EBL LED structure at 284.5 nm wavelength. Moreover, it is shown that the EBL-free AlGaN deep UV LED structure with linearly graded polarization-controlled QBs instead of conventional QBs in the active region could drastically reduce the electrostatic field in the quantum well (QW) region due to the decreased lattice mismatch between the QW and the QB. The carrier transport in the EBL-free deep UV LEDs is significantly improved, attributed to the increased radiative recombination, quantum efficiency, and output power compared to the conventional EBL LEDs. Overall, the study of EBL-free UV LEDs offers important insights into designing novel, high-performance deep UV LEDs for practical applications. Further, it is demonstrated that novel WBG materials could be perfectly employed for emerging non-volatile memory (resistive random access memory, RRAM) applications. The resistive switching (RS) capability has been observed in Ga2O3 at low power operation. Importantly, for the first time, the multi-bit storage capability of this types of RRAM devices with a reasonably high Roff/Ron ratio is experimentally demonstrated. In addition, integrating a thin SiNx layer in the conventional SiO2 RRAM device could effectively facilitate the formation of a conducting filament. It is reported that the proposed RRAM device exhibits excellent RS characteristics, such as highly uniform current-voltage characteristics with concentrated SET and RESET voltages, excellent stability, and high Roff/Ron (\u3e 103) even at ultra-low current (10 nA) operation. The multi-bit RS behavior has been observed in these RRAM devices, which pave the way for low-power and high-density data storage applications

Photonic tools for advanced sensing and imaging at the nanoscale.

This dissertation reports a novel bio-sensing strategy based on single-mode, electro-active, integrated optical waveguide (SM-EA-IOW) platforms. It also reports the development of a super-resolved far-field optical imaging tool to enable optical, electronic, and spectroelectrochemical investigations at the nanoscale. SM-EA-IOW platforms with its outstanding sensitivity for spectroelectrochemical interrogation was combined with a sandwich bioassay for the development of a novel immunosensing based strategy for label-free detection of infectious pathogens. The strategy begins with the functionalization of the electroactive waveguide surface with a capturing antibody aimed at a specific target analyte. Once the target analyte is bound to the photonic interface, it promotes the binding of a secondary antibody that has been labeled with a redox active reporter. This labeled antibody reporter forms the analytical signal, which is linked uniquely to both the spectral and electrochemical properties of the redox probe designed to specifically recognize a target analyte. Based on this novel detection strategy experimental results in the interrogation of influenza A (H5N1) HA protein have reached an outstanding level of detection in the picomolar range. In addition, the novel label-free SM-EA-IOW bio-sensing strategy was successfully demonstrated for detection of gram-negative bacteria in present authentic clinical eye samples. Such demonstration has also shown the flexibility and ability of the new strategy to probe samples in in the microliter volume range, without any prior processing or pre-enrichment steps. As the groundwork towards the optimal operation of the novel sensing strategy, the effects of the adsorption process and the rate of electron transfer of redox bound species to the electrode surface were thoroughly studied. For each interface of a multilayer immunoassay assembly the surface density, the adsorption kinetic, and the electron-transfer rate of bound species of a redox-active protein were investigated using an optical impedance spectroscopy (OIS) technique based on measurements obtained with the SM-EA-IOW platform. Such methodology and acquired knowledge are crucial for the rational development of novel and advanced immuno-biosensors. Electrochemically modulated fluorescent molecules to be conjugated with relevant antibodies for creating an electroactive probe at the nanoscale was also investigated. Such capability has the potential to enable the development of an arrayed immunosensing technology. Fluorescence emission at the nanoscale suffers from two main restrictions, diffraction limit and photobleaching effects. To address these hinders, a modulated stimulated emission depletion microscope (STED) that is capable of achieving far-field super-resolved images was developed and used to reduce the power of the applied excitation and depletion laser beams diminish photobleaching effects in single-molecule sub-diffraction STED imaging. These two photonic devices provide new approaches for bio-sensing from ensemble range to single molecule detection studies and sensing, where new detection limits can be reached that is expected to establish novel bio-sensing devices with higher sensitivity, specificity and easier ways of sample handling

Comparison of vertical handover decision-based techniques in heterogeneous networks

Industry leaders are currently setting out standards for 5G Networks projected for 2020 or even sooner. Future generation networks will be heterogeneous in nature because no single network type is capable of optimally meeting all the rapid changes in customer demands. Heterogeneous networks are typically characterized by some network architecture, base stations of varying transmission power, transmission solutions and the deployment of a mix of technologies (multiple radio access technologies). In heterogeneous networks, the processes involved when a mobile node successfully switches from one radio access technology to the other for the purpose of quality of service continuity is termed vertical handover or vertical handoff. Active calls that get dropped, or cases where there is discontinuity of service experienced by mobile users can be attributed to the phenomenon of delayed handover or an outright case of an unsuccessful handover procedure. This dissertation analyses the performance of a fuzzy-based VHO algorithm scheme in a Wi-Fi, WiMAX, UMTS and LTE integrated network using the OMNeT++ discrete event simulator. The loose coupling type network architecture is adopted and results of the simulation are analysed and compared for the two major categories of handover basis; multiple and single criteria based handover methods. The key performance indices from the simulations showed better overall throughput, better call dropped rate and shorter handover time duration for the multiple criteria based decision method compared to the single criteria based technique. This work also touches on current trends, challenges in area of seamless handover and initiatives for future Networks (Next Generation Heterogeneous Networks)