SACM - United States of America
Permanent URI for this collectionhttps://drepo.sdl.edu.sa/handle/20.500.14154/9668
Browse
9 results
Search Results
Item Restricted Deciphering Hand Movement Patterns During Driving Using Smartwatch Signals Without Ground Truth(University of Houston, 2025-02-07) Alghamdi, Huda; Pavlidis, IoannisWe developed a method to identify atypical hand movements in driving, some of which are associated with detachment from the steering wheel and, thus, physical distraction. We performed our data analysis on NUBI { a naturalistic dataset collected from a week-long observation of n=57 Texas drivers. NUBI features data from over 900 trips with a total duration of over 300 hours. Due to a lack of visual ground truth, we employed unsupervised learning methods. Thanks to the GPS data to our avail, we used information about the type of road (highway or city street) and the type of segment (straight or turn) to narrow our search space. In more detail, we extracted features from the drivers' smartwatch motion signals using Temporal Convolutional Autoencoder (TCNAE). Then, we fed these encoded features into a Density-Based Spatial Clustering of Applications with Noise (DBSCAN) algorithm. DBSCAN produced a main cluster and the remainder. The remainder is consistently associated with behaviors in turns and other atypical scenarios, such as queuing to pick up orders from fast-food dispensing windows. The characteristics of these atypical patterns are so distinct from the typical driving patterns (main cluster) that a random forest classi cation algorithm attained 99% area under the curve (AUC) performance in a ve-fold cross-validation test. Based on the kinematic constraints of the driver's hands, we developed a physics-based formula that associates elbow angles with gravitational acceleration values. We estimated the gravitational acceleration values that correspond to hand detachment from the steering wheel (i.e., extreme elbow angles). Applying these thresholds to the NUBI dataset, we found that such steering wheel detachment values arise just outside the dispensing windows of fast-food chains, where the drivers must pick up their orders. This nding validates our estimation method. In all, our approach not only nds atypical hand-motion patterns in driving but also pinpoints among these atypical patterns the patterns that involve hand detachment from the steering wheel. The latter are associated with physical distractions and crash risk under certain conditions. Notably, our approach achieves all these from smartwatch signals alone without any need to resort to visual ground truth from camera feeds. Given the ubiquity of smartwatches and the unavailability of cameras in car interiors, the practical implications of this development cannot be overestimated.23 0Item Restricted Decoding real world LR-FHSS signals: design, implementation, and approaching the theoretical limit.(Florida State University, 2025-03-26) Bukhari, Jumana; Zhang, ZhenghaoLong Range-Frequency Hopping Spread Spectrum (LR-FHSS) is a new physical layer option added to the LoRa family, promising higher network capacity than the previous versions of LoRa. Since the announcement, LR-FHSS has gathered growing interest. Various studies have attempted to evaluate and enhance its communication range and network capacity, while others have compared its performance with previous version of LoRa. However, the actual network capacity of LR-FHSS and the effectiveness of proposed methods remain unknown, as most existing studies rely on mathematical analysis or simulations with certain simplifying assumptions. Our goal is to reveal the actual capacity of LR-FHSS and develop methods to enhance its performance while evaluating these methods in a setting as close to real-world conditions as possible. In this dissertation, we design and implement a software LR-FHSS receiver from scratch to convert the baseband waveform into bits and pass the Cyclic Redundancy Check (CRC). To the best of our knowledge, this work is the first of its kind that processes signals transmitted by an actual LR-FHSS device while accounting for real-world issues such as frequency estimation errors. Also, we design customized methods to enhance receiver's capacity, including error correction decoding and Successive Interference Cancellation (SIC), which were not mentioned in earlier studies but effectively handle collisions. Furthermore, we develop an analytical bound for the theoretical capacity of LR-FHSS networks. The evaluation of our receiver was based on real-world packet traces collected using an LR-FHSS device and demonstrated through real-world experiments on the POWDER wireless platform, in addition to trace-driven simulations for large networks. Our result shows that LR-FHSS outperforms the previous version of LoRa, meets expectations in communication range, achieves significantly higher network capacity than those reported earlier, and confirms that the capacity of our software receiver is approaching the upper bound of LR-FHSS networks. We overcame a number of challenges such as lack of documentation of LR-FHSS and open-source resources, header acquisition, match reconstructed waveform with the received waveform under heavy collisions, and find a good approximation of the residual power of packets that have been decoded and canceled.7 0Item Restricted INTO THE DIGITAL ABYSS: EXPLORING THE DEPTHS OF DATA COLLECTED BY IOT DEVICES(Johns Hopkins University, 2024-02-22) Almogbil, Atheer; Rubin, AvielThe proliferation of interconnected smart devices, once ordinary household appliances, has led to an exponential increase in sensitive data collection and transmission. The security and privacy of IoT devices, however, have lagged behind their rapid deployment, creating vulnerabilities that can be exploited by malicious actors. While security attacks on IoT devices have garnered attention, privacy implications often go unnoticed, exposing users to potential risks without their awareness. Our research contributes to a deeper understanding of user privacy concerns and implications caused by data collection within the vast landscape of the Internet of Things (IoT). We uncover the true extent of data accessible to adversarial individuals and propose a solution to ensure data privacy in precarious situations. We provide valuable insights, paving the way for a more informed and comprehensive approach to studying, addressing, and raising awareness about privacy issues within the evolving landscape of smart home environments.15 0Item Restricted Testing Privacy and Security of Voice Interface Applications in the IoT Era(Temple University, 2024-04-04) Shafei, Hassan Ali; Tan, Chiu C.Voice User Interfaces (VUI) are rapidly gaining popularity, revolutionizing user interaction with technology through the widespread adoption in devices such as desktop computers, smartphones, and smart home assistants, thanks to significant advancements in voice recognition and processing technologies. Over a hundred million users now utilize these devices daily, and smart home assistants have been sold in massive numbers, owing to their ease and convenience in controlling a diverse range of smart devices within the home IoT environment through the power of voice, such as controlling lights, heating systems, and setting timers and alarms. VUI enables users to interact with IoT technology and issue a wide range of commands across various services using their voice, bypassing traditional input methods like keyboards or touchscreens. With ease, users can inquire in natural language about the weather, stock market, and online shopping and access various other types of general information. However, as VUI becomes more integrated into our daily lives, it brings to the forefront issues related to security, privacy, and usability. Concerns such as the unauthorized collection of user data, the potential for recording private conversations, and challenges in accurately recognizing and executing commands across diverse accents, leading to misinterpretations and unintended actions, underscore the need for more robust methods to test and evaluate VUI services. In this dissertation, we delve into voice interface testing, evaluation for privacy and security associated with VUI applications, assessment of the proficiency of VUI in handling diverse accents, and investigation into access control in multi-user environments. We first study the privacy violations of the VUI ecosystem. We introduced the definition of the VUI ecosystem, where users must connect the voice apps to corresponding services and mobile apps to function properly. The ecosystem can also involve multiple voice apps developed by the same third-party developers. We explore the prevalence of voice apps with corresponding services in the VUI ecosystem, assessing the landscape of privacy compliance among Alexa voice apps and their companion services. We developed a testing framework for this ecosystem. We present the first study conducted on the Alexa ecosystem, specifically focusing on voice apps with account linking. Our designed framework analyzes both the privacy policies of these voice apps and their companion services or the privacy policies of multiple voice apps published by the same developers. Using machine learning techniques, the framework automatically extracts data types related to data collection and sharing from these privacy policies, allowing for a comprehensive comparison. Next, researchers studied the voice apps' behavior to conduct privacy violation assessments. An interaction approach with voice apps is needed to extract the behavior where pre-defined utterances are input into the simulator to simulate user interaction. The set of pre-defined utterances is extracted from the skill's web page on the skill store. However, the accuracy of the testing analysis depends on the quality of the extracted utterances. An utterance or interaction that was not captured by the extraction process will not be detected, leading to inaccurate privacy assessment. Therefore, we revisited the utterance extraction techniques used by prior works to study the skill's behavior for privacy violations. We focused on analyzing the effectiveness and limitations of existing utterance extraction techniques. We proposed a new technique that improved prior work extraction techniques by utilizing the union of these techniques and human interaction. Our proposed technique makes use of a small set of human interactions to record all missing utterances, then expands that to test a more extensive set of voice apps. We also conducted testing on VUI with various accents to study by designing a testing framework that can evaluate VUI on different accents to assess how well VUI implemented in smart speakers caters to a diverse population. Recruiting individuals with different accents and instructing them to interact with the smart speaker while adhering to specific scripts is difficult. Thus, we proposed a framework known as AudioAcc, which facilitates evaluating VUI performance across diverse accents using YouTube videos. Our framework uses a filtering algorithm to ensure that the extracted spoken words used in constructing these composite commands closely resemble natural speech patterns. Our framework is scalable; we conducted an extensive examination of the VUI performance across a wide range of accents, encompassing both professional and amateur speakers. Additionally, we introduced a new metric called Consistency of Results (COR) to complement the standard Word Error Rate (WER) metric employed for assessing ASR systems. This metric enables developers to investigate and rewrite skill code based on the consistency of results, enhancing overall WER performance. Moreover, we looked into a special case related to the access control of VUI in multi-user environments. We proposed a framework for automated testing to explore the access control weaknesses to determine whether the accessible data is of consequence. We used the framework to assess the effectiveness of voice access control mechanisms within multi-user environments. Thus, we show that the convenience of using voice systems poses privacy risks as the user's sensitive data becomes accessible. We identify two significant flaws within the access control mechanisms proposed by the voice system, which can exploit the user's private data. These findings underscore the need for enhanced privacy safeguards and improved access control systems within online shopping. We also offer recommendations to mitigate risks associated with unauthorized access, shedding light on securing the user's private data within the voice systems.31 0Item Restricted Adaptive Cyber Security for Smart Home Systems(Howard University, 2024-04-29) Alsabilah, Nasser; Rawat, Danda B.Throughout the recent decade, smart homes have made an enormous expansion around the world among residential customers; hence the most intimate place for people becomes connected to cyberspace. This environment attracts more hackers because of the amount and nature of data.Furthermore, most of the new technologies suffer from difficulties such as afford the proper level of security for their users.Therefore, the cybersecurity in smart homes is becoming increas- ingly a real concern for many reasons, and the conventional security methods are not effective in the smart home environment as well. The consequences of cyber attacks’ impact in this environment exceed direct users to society in some cases. Thus, from a historical perspective, many examples of cybersecurity breaches were reported within smart homes to either gain information from con- nected smart devices or exploit smart home devices within botnet networks to execute Distributed Denial of Service (DDoS) as well as others.Therefore, there is an insistent demand to detect these malicious attacks targeting smart homes to protect security and privacy.This dissertation presents a comprehensive approach to address these challenges, leveraging insights from energy consumption and network traffic analysis to enhance cybersecurity in smart home environments.The first objec- tive of this research focuses on estimating vulnerability indices of smart devices within smart home systems using energy consumption data. Through sophisticated methodology based on Kalman filter and Shapiro-Wilk test, this objective provides estimating for the vulnerability indices of smart devices in smart home system. Building upon the understanding that energy consumption is greatly affected by network traffic based on many empirical observations that have revealed alterations in the energy consumption and network behavior of compromised devices, the subsequent objectives as complementary endeavors to the first objective delve into the development of adaptive technique for cyber-attack detection and cyber-behavior prediction using Rough Set Theory combined with XGBoost. These objectives aim to detect and predict cyber threats, thus enhancing the overall security posture of smart home systems.14 0Item Restricted LIGHTWEIGHT MUTUAL AUTHENTICATION PROTOCOLS FOR IOT SYSTEMS(University of Maryland Baltimore County, 2024) Alkanhal, Mona; Younis, MohamedThe Internet of Things (IoT) refers to the large-scale internetworking of diverse devices, many of them with very limited computational resources. Given the ad-hoc formation of the network and dynamic membership of nodes, device authentication is critical to prevent malicious devices from joining the network and impersonating legitimate nodes. The most popular authentication strategy in the literature is to pursue asymmetric cryptography. Such a solution is costly in terms of computing resources and power consumption and thus is not suitable for IoT devices which are often resource constrained. Moreover, due to the autonomous nature of the IoT nodes, relying on an intermediary server to manage the authentication process induces overhead and consequently decreases the network efficacy. Thus, the authentication process should be geared for nodes that operate autonomously. This dissertation opts to fulfill the aforementioned requirements by developing a library of lightweight authentication protocols that caterers for variant IoT applications. We consider a hardware-based security primitive, namely Physical Unclonable Functions (PUFs). A PUF benefits from the random and uncontrollable variations experienced during the manufacturing of integrated circuits in constructing a device signature that uniquely maps input bits, referred to as challenge, into an output bit(s) that reflects the PUF response. A fundamental issue with distributed authentication using PUFs is that the challenge-response exchange is among IoT nodes rather than the secure server and hence becomes subject to increased vulnerability to attacks. Particularly, eavesdroppers could intercept the inter-node interactions to collect sufficient challenge-response pairs (CRPs) for modeling the underlying PUF using machine learning (ML) techniques. Obfuscating the challenge and response through encryption is not practical since it requires network-wide management of secret keys and diminishes the advantages of PUFs. The dissertation tackles the aforementioned challenges. We first develop a novel authentication mechanism that is based on the incorporation of a PUF in each device. Our mechanism enables the challenge bit string intended by a verifier δy to be inferred by a prover δx rather than being explicitly sent. The proposed mechanism also obfuscates the shared information to safeguard it from eavesdroppers who strive to model the underlying PUF using machine learning techniques. Secondly, we further combine the advantage of PUFs, and the agility and configurability of physical-layer communication mechanisms, specifically the Multi-Input Multi Output (MIMO) method. We devise a protocol that utilizes an innovative method to counter attackers who might intercept the communication between δy and δx and uncover a set of CRPs to model δx’s PUF. Our protocol encodes the challenge bit using MIMO antennas array in a manner that is controlled by the verifier and that varies overtime. Additionally, we derive a two-factors authentication protocol by associating a Radio Frequency (RF) fingerprint with PUF. Such a unique combination obviates the need for traditional identification methods that rely on key storage for authentication. This identification mechanism enables the protocol to obfuscate the PUF response, circumventing the need for the incorporation of cryptographic primitives. Since both the PUF and the RF-fingerprint are based on unintended variations caused by manufacturing, we aim to increase robustness and mitigate the potential effect of noise by applying the fuzzy extractor. Such a protocol does not retain CRPs of a node during the enrollment phase, nor does it incorporate a cryptosystem. All the aforementioned techniques enable mutual authentication of two devices without the involvement of a trusted third party. The experimental results demonstrate the efficacy of the proposed protocols against modeling attacks and impersonation attempts.18 0Item Restricted DUAL ENERGY MANAGEMENT AND ENERGY SAVING MODEL FOR THE INTERNET OF THINGS (IOT) USING SOLAR ENERGY HARVESTING (SEH)(University of Arizona, 2024-01-10) Albalawi, Nasser; Rozenblit, Jerzy WThe Internet of Things (IoT) is a fast-growing internet technology and has been incorporated into a wide range of fields. The optimal design of IoT systems has several challenges. The energy consumption of the devices is one of these IoT challenges, particularly for open-air IoT applications. The major energy consumption takes place due to inefficient medium access and routing, which can be addressed by the energy-efficient clustering method. In addition, the energy harvesting method can also play a major role in increasing the overall lifetime of the network. Therefore, in the proposed work, a novel energy-efficient dual energy management and saving model is proposed to manage the energy consumption of IoT networks. This model is based on dual technologies, i.e., energy-efficient clustering and solar energy harvesting (SEH). The proposed method is implemented for high-density sensor network applications. The dual elbow method is used for efficient clustering and guaranteed QoS. The model is able to manage energy consumption and increase the IoT network’s overall lifetime by optimizing IoT devices’ energy consumption. The protocol was simulated in MATLAB and compared to Fuzzy C-Means (FCM) and Time Division Multiple Access scheduling (TDMA) based Low-Energy Adaptive Clustering Hierarchy (LEACH) protocols based on network lifetime24 0Item Restricted Smart Home Cybersecurity Challenges: An Assessment of End-User Knowledge and a Training Solution to Mitigate these Challenges.(Saudi Digital Library, 2023-11-22) Nusair, Ali; Chipidza, WallaceAs the digital revolution unfolds, individuals are increasingly transforming their traditional homes into smart homes, adopting semi- and fully automated smart devices. This transformative shift, fueled by advancements in information technology, presents vast social and economic opportunities. Despite the burgeoning number of smart devices in the market, a surge in smart home adoption has concurrently given rise to profound security challenges. Predominantly, end-users, often possessing rudimentary knowledge of associated risks, remain vulnerable to breaches of their privacy and security. Given that smart devices, interconnected and internet-enabled, relay substantial data, they are attractive targets for hackers. One fundamental reason for these challenges is the end-users' lack of requisite knowledge to safeguard their smart homes. To address these challenges, there's a pressing need for effective knowledge dissemination. This dissertation introduces two artifacts: a training framework detailing smart home vulnerabilities and best practices for cybersecurity, and an application named "Smart Home Security App". This application prompts users to update their passwords biannually and continuously monitors for potential security breaches. Drawing from an extensive literature review, the two artifacts were developed. To evaluate the framework's effectiveness, a set of 34 survey questions was crafted, reflecting key cybersecurity knowledge areas. Fifteen participants, after providing written consent, responded to these questions. Their initial responses informed the development of the first artifact, and post-training, the same questions were administered. Notably, there was a marked enhancement in the participants' understanding of smart home security post-training. Leveraging the Design Science Research methodology, the artifact's efficacy as a consumer training tool was assessed. Keywords: Smart home, IoT, vulnerabilities, smart devices, cybersecurity, hacking, social engineering, identity theft, Smart Home Security App.28 0Item Restricted Advancing Scalability, Efficiency, and Storage Optimization in Blockchain for Mobile Internet of Things (mIoT) Applications(2023) Zangoti, Hussein; Pissinou, Niki; Iyengar, Sundaraja Sitharama; Pan, Deng; Bobadilla, Leonardo; Andrian, Jean; Khan, Wazir ZadaThe increasing adoption of blockchain technology in mobile Internet of Things (mIoT) networks requires the development of blockchain systems that are efficient, scalable, and optimized for resource utilization. While several studies have attempted to address these challenges, comprehensive solutions that adapt to the inherent mobility of mIoT systems are still lacking. This Ph.D. thesis investigates three innovative methods to advance the current blockchain model for mIoT systems. First, a novel k-dimensional spatiotemporal, multidimensional, graph-based blockchain structure is introduced to address network partitioning issues caused by the mobility of IoT devices. This unique structure effectively manages blockchain nodes as they move between cell areas, resulting in smaller independent peer-to-peer subnetworks, each with its own blockchain copy. Experimental results demonstrate improved scalability and efficiency, with logarithmic growth as the blockchain size increases. Furthermore, the longest chain length is reduced by over 99.99% compared to traditional chain-based structures, making blockchain operations such as block appending or management more efficient. Building upon the multidimensional blockchain foundation, the next stage of this research involves developing an efficient merging algorithm for graph-based or multidimensional blockchains in mIoT networks. This algorithm addresses the challenge of merging partitioned blockchains that contain similar or identical blocks, which often require significant time and computational resources during the merging process. By leveraging depth-first search and Merkle tree techniques, the merging algorithm minimizes the time and computational resources spent on identical blocks, resulting in a 72% reduction in merging time compared to algorithms that do not handle block similarity. Lastly, considering the limited storage capacity of mIoT systems, this thesis presents a novel Collective Signing-Based Blockchain Storage Optimization (CSBSO) model aimed at minimizing storage overhead in resource-constrained mIoT systems. The model utilizes the existing Collective Signing (CoSi) protocol to reduce storage requirements and leverages a multidimensional blockchain structure for efficient block management and retrieval. The storage optimization approach identifies and prunes the most irrelevant blocks based on the CoSi protocol. Evaluations using real-world datasets, such as the Ethereum Classic Blockchain and Facebook users datasets, demonstrate that the CSBSO model outperforms state-of-the-art storage optimization models, achieving approximately 92% storage space savings. These results underscore the potential of CoSi-based storage optimization in effectively reducing blockchain storage overhead in resource-limited applications.30 0