Saudi Cultural Missions Theses & Dissertations
Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10
Browse
21 results
Search Results
Item Restricted Enhancing Trust Modelling for the Internet of Underwater Things(University of Nottingham, 2025) Almutairi, Abeer; Furnell, Steven; Carpent, XavierThe Internet of Underwater Things (IoUT) has gained growing interest from researchers and industry alike, due to its potential for advancing the development of smart cities and underwater intelligent systems. However, the harsh and unpredictable nature of underwater environments, coupled with the inherent limitations of existing technologies, presents significant challenges to establishing a sustainable IoUT. Furthermore, the open nature of such networks renders them highly susceptible to malicious attacks and security threats. Traditional security measures, which are widely implemented in conventional cyber systems, exhibit severe performance constraints in underwater networks, highlighting the urgent need for novel security solutions that meet the unique requirements of underwater networks. Trust modelling has been widely recognised as an effective soft security measure to mitigate the impact of internal attacks. It primarily achieves this by analysing behavioural characteristics between network entities, thereby introducing a layer of defence against malicious activities. In the context of underwater networks, trust establishment between nodes has the potential to significantly enhance overall network security. However, existing Trust Modelling and Management (TMM) often fail to address the complexities of underwater environments, which necessitate new TMM that are lightweight, accurate, and decentralised. In light of these limitations, this thesis investigates and enhances TMM to meet the application requirements of underwater networks while addressing the specific challenges inherent to IoUT. The central research question addressed in this thesis is: To what extent can existing TMM accommodate diverse network topologies within the IoUT and effectively mitigate potential attacks from both the communication and physical domains. In order to answer this question, a comprehensive understanding of the key challenges and potential application requirements for underwater networks is required. To facilitate this investigation, a simulated environment is constructed to analyse the effectiveness of TMM. This study critically evaluates the capabilities of current TMM in detecting malicious activities across various underwater network structures, identifying vulnerabilities, and exposing potential attack vectors. In response to these findings, this thesis proposes a distributed multi-dimensional TMM, referred to as the Mobility-Aware Trust Model (MATMU), designed to enhance the detection of malicious behaviour within the constraints of underwater environments. MATMU expands the metric domain to include mobility-aware metrics, allowing for the assessment of similarities and differences in node movement patterns. Additionally, the model employs a dynamic weighting strategy that integrates metrics from both the communication and physical domains. The performance of MATMU is evaluated through extensive simulations conducted across various underwater scenarios and attack models. The results demonstrate that MATMU effectively mitigates malicious behaviour, exhibiting notable improvements over benchmark models, particularly in terms of faster convergence and enhanced attack detection. These findings underscore the suitability of MATMU for strengthening secure and reliable communication in underwater networks. This thesis also tackles the critical issue of dishonest recommendations within TMM in the IoUT context, which is introduced by malicious entities, aiming to manipulate trust computations by providing false or misleading recommendations, thereby degrading the reliability and stability of the TMM. A novel recommendation evaluation method is introduced, combining filtering and weighting strategies to more effectively detect dishonest recommendations. The proposed model incorporates an outlier detection-based filtering technique and deviation analysis to evaluate recommendations based on both collective outcomes and individual experiences. Furthermore, a belief function is employed to refine recommendations by assigning weights based on criteria such as freshness, similarity, trustworthiness, and trust decay over time. This multi-dimensional approach demonstrates a marked improvement in recommendation evaluation, effectively capturing deceptive behaviours that exploit the complexities of IoUT. The effectiveness of the model is validated through extensive simulations and comparative analyses with existing trust evaluation methods, demonstrating consistently high performance across varying proportions of dishonest recommendations, with the highest accuracy improvement observed when dishonest recommendations constitute up to 45% of the total recommendations. These findings underscore the model’s potential to significantly enhance the reliability and security of IoUT networks.8 0Item Restricted A RISK-ADAPTIVE ACCESS CONTROL MODEL FOR THE SERVICE MESH IN A MICROSERVICES ARCHITECTURE(The University of Tulsa, 2025-05) Alboqmi, Rami; Gamble, RoseCloud computing has transformed our lives by enabling applications to be deployed at scale, allowing a broad range of customers to access services seamlessly. However, as cloud computing has evolved, several challenges have emerged, such as meeting high customer demands while maintaining system stability and scalability. As a result, the cloud community introduced cloud-native computing in 2015, enabling applications to be scaled efficiently to meet customers’ demands. The microservices architecture (MSA) is a key enabler of cloud-native application development. It allows developers to build an application's components loosely and independently as microservices (also referred to as services). Following and applying the MSA architecture has many benefits, such as a failure within a microservice may not affect the entire deployed MSA application. For example, a failure in the temperature display microservice functionality does not affect the core functionalities of other microservices, such as map navigation. The map navigation microservice will still operate without temperature data. As a result, an MSA application becomes more resilient to failure. However, MSA introduces challenges in securing communication between microservices where orchestration solutions cannot ensure secure communications. A rogue microservice could act as a backdoor, compromising other microservices within the MSA application after initial authentication and authorization at deployment. Thus, service mesh technology was introduced as an infrastructure layer within an orchestration solution in 2017 to handle robust security, such as secure microservices-to-microservices communication with features like mutual TLS. Nevertheless, the current service mesh solutions are not mature yet and still rely on static AC policies set at deployment. In addition, these static policies operate with implicit trust between microservices, which do not adapt to changes in response to the trustworthiness of microservice. As a result, the service mesh limits its ability to detect compromised microservices at runtime, requires manual AC policy updates, and creates security gaps. A dynamic AC model for the service mesh is crucial to continuously assess the trustworthiness of microservices based on their behavior and vulnerability posture to align with the Zero Trust (ZT) principle of “never trust, always verify.” Additionally, any proposed dynamic AC model for the service mesh must not only offer dynamic and adaptive AC policies but also address the research gap in service mesh in the lack of capabilities such as sharing threat intelligence and enforcing automated microservice owner compliance requirements at runtime. These capabilities are essential for continuous monitoring and adaptive security responses for MSA applications at runtime. To dynamically adjust AC policies at runtime based on the trustworthiness of microservices, this research introduces the Service Mesh risk-Adaptive Access Control (SMAAC). SMAAC consists of three components: (1) Runtime Trust Evaluator (RTE) that assigns a trust metric (TM) to all microservices based on their behaviors and vulnerabilities; (2) Threat Intelligence Sharing (TIS) that shares TM values and vulnerability reports of all microservices; and (3) Access Policy Generation (APG) that creates dynamic AC policies when the TM of a microservice falls below a compliant threshold. Evaluated on three research MSA applications μBench, Lakeside Mutual, and Train Ticket, SMAAC effectively shows an adaptive mechanism for creating compliant AC policies to secure the operations of microservices and reduce security risks.7 0Item Restricted Security of Distributed and Federated Deep Learning Systems(Newcastle University, 2025) Alqattan, Duaa; Ojha, VarunDistributed and federated deep learning (DL) systems, operating across the client-edge cloud continuum, have transformed real-time data processing in critical domains like smart cities, healthcare, and industrial Internet of Things (IoT). By distributing DL training and inference tasks across multiple nodes, these systems enhance scalability, reduce latency, and improve efficiency. However, this decentralisation introduces significant security challenges, particularly concerning the availability and integrity of DL systems during training and inference. This thesis tackles these challenges through three main contributions. • Edge-based Detection of Early-stage IoT Botnets: The first contribution involves employing Modular Neural Networks (MNN), a distributed DL approach, to develop an edge-based system for detecting early-stage IoT botnet activities and preventing DDoSattacks. By harnessing parallel computing on Multi-Access Edge Computing (MEC)servers, the system delivers rapid and accurate detection, ensuring uninterrupted service availability. This addresses the research gap in detecting early-stage IoT botnet activities as faults in network communication, enabling preventive measures before attacks escalate. Key findings include a significant reduction in false-negative rates and faster detection times (as low as 16 milliseconds), enabling early intervention in large-scale IoT environments. • Security Assessment of Hierarchical Federated Learning (HFL): The second contri bution is a security assessment of Hierarchical Federated Learning (HFL), evaluating its resilience against data and model poisoning attacks during training and adversarial data manipulation during inference. Defense mechanisms like Neural Cleanse (NC) and Adversarial Training (AT) are explored to improve model integrity in privacy sensitive environments. This addresses the gap in systematically assessing the security vulnerabilities of HFL systems, particularly in detecting and mitigating targeted at tacks in multi-level architectures. Key findings highlight that while HFL enhances scalability and recovery from untargeted attacks, it remains vulnerable to targeted back door attacks, especially in higher-level architectures, necessitating stronger defence mechanisms. • Analysis of HFL Dynamics Under Attack: The third contribution examines HFL dynamics under attack using a Model Discrepancy score to analyse discrepancies in model updates. This study sheds light on the impact of adversarial attacks and data heterogeneity, providing insights for more robust aggregation methods in HFL. This addresses the gap in understanding the dynamics of HFL under adversarial attacks through model discrepancy phenomena. Key findings reveal that increased hierarchy and data heterogeneity can obscure malicious activity detection, emphasising the need for advanced aggregation methods tailored to complex, real-world scenarios. Overall, this thesis enhances the security, availability, and integrity of Distributed and Federated DL systems by proposing novel detection and assessment methods, ultimately laying the foundation for more resilient DL-driven infrastructures.21 0Item Restricted ACCEPTANCE OF BLOCKCHAIN TECHNOLOGY BY HIGHER EDUCATION INSTITUTIONS IN THE KINGDOM OF SAUDI ARABIA(Aston University, 2025) Alhumayzi, Mohammed; Batista, Luciano; Benson, VladlenaThe increasing adoption of new technologies in the Higher Education Institutions (HEIs) sector highlights the importance of exploring blockchain acceptance among employees. Adopting blockchain, as an emerging technology, is likely to encounter resistance among employees. This study explores this issue. Specifically, this study aims to determine the drivers and hindrances of blockchain acceptance among employees in the HEIs industry. To address this aim, this study proposes a framework that extends the unified theory of acceptance and use of technology (UTAUT) with individual characteristics. The framework represents factors that explain blockchain acceptance. The identified elements are performance expectancy (PE), effort expectancy (EX), social influence (SI), facilitating conditions (FC), trust, perceived security (SEC) and awareness (AW). The relationships among these factors were examined based on a quantitative approach, where an online questionnaire was employed to collect data from administrative and academic staff working for HEIs in the Kingdom of Saudi Arabia (KSA). Partial Least Squares Structural Equation Model (PLS-SEM) and Multi-group Analysis (MGA) techniques were employed to analyse 394 responses. The findings of this study revealed the direct drivers and hindrances of blockchain acceptance, i.e., PE, FC, SEC and AW. Additionally, this study demonstrated the moderating effects of AW between FC and blockchain acceptance. Furthermore, it determined specific indirect effects of the EX, trust and SEC on blockchain acceptance. Moreover, this research detected significant differences between categories’ subsamples and identified the significant factors of blockchain acceptance per subsample. Finally, this research identified where blockchain needs to be adopted most within the HEIs, i.e., financial exchange, certificate management, and students’ assessment areas. The HEIs industry in KSA could use these findings to develop concise strategies that encourage the adoption of blockchain. Scholars might also employ the proposed framework to investigate the adoption of blockchain.32 0Item Restricted Privacy-aware Secure Authentication and Handover Protocols for 5G-enabled Mobile Communication(University of Sheffield, 2025) Alnashwan, Rabiah; Prosanta, Gope; Benjamin, DowlingThe evolution of mobile communication has facilitated technological advancements that enable seamless global connectivity. With the advent of 5G technology, wireless communication has taken a significant leap forward, promising unparalleled speed, capacity, and connectivity. As we enter this era of advanced communication, we also need to consider its implications for security and privacy. The integration of 5G technology brings new opportunities and challenges, making it essential to thoroughly examine the security and privacy frameworks that support this advanced network. Compared to the previous mobile communication generations, 5G offers a more robust security infrastructure by strengthening two key protocols: Authentication and Key Agreement (AKA) and Handover (HO). Although 5G-AKA significantly improves security measures, it is worth noting that the current protocols lack support for several essential security and privacy properties, such as forward secrecy, forward privacy, and unlinkability. Thus, a critical need remains to address these gaps to ensure comprehensive protection in 5G networks. In response to the issues in respect of security and privacy, this thesis proposes three novel AKA and HO schemes. The three proposed schemes have different security and privacy goals that support improved security and privacy features compared to the conventional 5G-AKA and HO protocols currently utilized and other existing solutions. In particular, we examine challenges associated with integrating ultra-dense small cell networks (SCNs) into the 5G infrastructure. This exploration led us to investigate the concept of region-based handovers and to propose, to the best of our knowledge, the first scheme that provides privacy-preserving, secure inter-region-based AKA and HO scheme. This scheme provides secure authentication for roaming users with an efficient and seamless handover process. To enhance security and privacy measures further, we undertake an additional investigation into fortifying resilience against key compromise impersonation attacks. This involves proposing a novel, secure, privacy-preserving Universal Handover scheme (UniHand) tailored for SCNs within the 5G mobile communication framework. Finally, in pursuit of seamless compatibility with 5G networks, we introduce an improved iteration of the 5G-AKA and HO protocols. Referred to as Pretty Good User Privacy (PGUP), this novel symmetry-based scheme aims to mitigate security and privacy vulnerabilities inherent in the existing 5G-AKA and HO protocols while maintaining high compatibility with the 5G infrastructure.23 0Item Restricted AI-Driven Approaches for Privacy Compliance: Enhancing Adherence to Privacy Regulations(Univeristy of Warwick, 2024-02) Alamri, Hamad; Maple, CarstenThis thesis investigates and explores some inherent limitations within the current privacy policy landscape, provides recommendations, and proposes potential solutions to address these issues. The first contribution of this thesis is a comprehensive study that addresses a significant gap in the literature. This study provides a detailed overview of the current landscape of privacy policies, covering both their limitations and proposed solutions, with the aim of identifying the most practical and applicable approaches for researchers in the field. Second, the thesis tackles the challenge of privacy policy accessibility in app stores by introducing the App Privacy Policy Extractor (APPE) system. The APPE pipeline consists of various components, each developed to perform a specific task and provide insightful information about the apps' privacy policies. By analysing over two million apps in the iOS App Store, APPE offers unprecedented and comprehensive store-wide insights into policy distribution and can act as a mechanism for enforcing privacy policy requirements in app stores automatically. Third, the thesis investigates the issue of privacy policy complexity. By establishing generalisability across app categories and drawing attention to associated matters of time and cost, the study demonstrates that the current situation requires immediate and effective solutions. It suggests several recommendations and potential solutions. Finally, to enhance user engagement with privacy policies, a novel framework utilising a cost-effective unsupervised approach, based on the latest AI innovations, has been developed. The comparison of the findings of this study with state-of-the-art methods suggests that this approach can produce outcomes that are on par with those of human experts, or even surpass them, yet in a more efficient and automated manner.24 0Item Restricted Verification of Smart Contracts using the Interactive Theorem Prover Agda(Swansea University, 2024-07-25) Alhabardi, Fahad; Setzer, AntonThe goal of this thesis is to verify smart contracts in Blockchain. In particular, we focus on smart contracts in Bitcoin and Solidity. In order to specify the correctness of smart contracts, we use weakest preconditions. For this, we develop a model of smart contracts in the interactive theorem prover and dependent type programming language Agda and prove the correctness of smart contracts in it. In the context of Bitcoin, our verification of Bitcoin scripts consists of non-conditional and conditional scripts. For Solidity, we refer to programs using object- oriented features of Solidity, such as calling of other contracts, full recursion, and the use of gas in order to guarantee termination while having a Turing-complete language. We have developed a simulator for Solidity-style smart contracts. As a main example, we executed a reentrancy attack in our model. We have verified smart contracts in Bitcoin and Solidity using weakest precondition in Agda. Furthermore, Agda, combined with the fact that it is a theorem prover and programming language, allows the writing of verified programs, where the verification takes place in the same language in which the program is written, avoiding the problem of translation from one language to another (with possible translation mistakes).7 0Item Restricted Verification of Smart Contracts using the Interactive Theorem Prover Agda(Swansea University, 2024-07-25) Alhabardi, Fahad Faleh; Setzer, AntonThe goal of this thesis is to verify smart contracts in Blockchain. In particular, we focus on smart contracts in Bitcoin and Solidity. In order to specify the correctness of smart contracts, we use weakest preconditions. For this, we develop a model of smart contracts in the interactive theorem prover and dependent type programming language Agda and prove the correctness of smart contracts in it. In the context of Bitcoin, our verification of Bitcoin scripts consists of non-conditional and conditional scripts. For Solidity, we refer to programs using object- oriented features of Solidity, such as calling of other contracts, full recursion, and the use of gas in order to guarantee termination while having a Turing-complete language. We have developed a simulator for Solidity-style smart contracts. As a main example, we executed a reentrancy attack in our model. We have verified smart contracts in Bitcoin and Solidity using weakest precondition in Agda. Furthermore, Agda, combined with the fact that it is a theorem prover and programming language, allows the writing of verified programs, where the verification takes place in the same language in which the program is written, avoiding the problem of translation from one language to another (with possible translation mistakes).11 0Item Restricted CROSS-CULTURAL UNDERSTANDING OF HOW PEOPLE USE SECURE GROUP CHAT TOOLS IN THE UNITED KINGDOM AND SAUDI ARABIA(King’s College London, 2023-08-15) Alrabeah, Ghada; Abu-Salma, RubaGroup communication tools have gained widespread popularity, attracting over a billion users. However, questions arise, how closely are our messages being watched by external parties? Is end-to-end encryption implemented by the application? Many group communication tools either do not offer enough security features to protect their users or make it challenging for them to understand and use these features. This research discusses how users perceive and use secure group communication tools, focusing on users in the United Kingdom and Saudi Arabia. A mixed-methods approach involving interviews with 20 participants and a survey with 204 respondents was conducted. The study reveals key factors driving users' choices, their understanding of security and privacy, their willingness to adopt or not adopt secure group communication tools, and cultural differences. The findings underline the priority factors like popularity, usability, and being free, as influential in tool selection. Users express willingness to use secure tools, yet gaps arise between intention and practice, attributed to misconceptions, motivation, and trust concerns. Privacy practices vary between cultures, with Saudi participants showing more caution. On the other hand, the UK displays higher trust levels in communication tools compared to Saudi Arabia. These cultural influences shape communication priorities, with Saudis leaning toward group communication and the UK prioritizing individual communications. Despite these differences, the study suggests the potential for universally secure applications catering to diverse user needs. The study offers recommendations for tool design that help improve the adoption of secure group communication.6 0Item Restricted Testing Privacy and Security of Voice Interface Applications in the IoT Era(Temple University, 2024-04-04) Shafei, Hassan Ali; Tan, Chiu C.Voice User Interfaces (VUI) are rapidly gaining popularity, revolutionizing user interaction with technology through the widespread adoption in devices such as desktop computers, smartphones, and smart home assistants, thanks to significant advancements in voice recognition and processing technologies. Over a hundred million users now utilize these devices daily, and smart home assistants have been sold in massive numbers, owing to their ease and convenience in controlling a diverse range of smart devices within the home IoT environment through the power of voice, such as controlling lights, heating systems, and setting timers and alarms. VUI enables users to interact with IoT technology and issue a wide range of commands across various services using their voice, bypassing traditional input methods like keyboards or touchscreens. With ease, users can inquire in natural language about the weather, stock market, and online shopping and access various other types of general information. However, as VUI becomes more integrated into our daily lives, it brings to the forefront issues related to security, privacy, and usability. Concerns such as the unauthorized collection of user data, the potential for recording private conversations, and challenges in accurately recognizing and executing commands across diverse accents, leading to misinterpretations and unintended actions, underscore the need for more robust methods to test and evaluate VUI services. In this dissertation, we delve into voice interface testing, evaluation for privacy and security associated with VUI applications, assessment of the proficiency of VUI in handling diverse accents, and investigation into access control in multi-user environments. We first study the privacy violations of the VUI ecosystem. We introduced the definition of the VUI ecosystem, where users must connect the voice apps to corresponding services and mobile apps to function properly. The ecosystem can also involve multiple voice apps developed by the same third-party developers. We explore the prevalence of voice apps with corresponding services in the VUI ecosystem, assessing the landscape of privacy compliance among Alexa voice apps and their companion services. We developed a testing framework for this ecosystem. We present the first study conducted on the Alexa ecosystem, specifically focusing on voice apps with account linking. Our designed framework analyzes both the privacy policies of these voice apps and their companion services or the privacy policies of multiple voice apps published by the same developers. Using machine learning techniques, the framework automatically extracts data types related to data collection and sharing from these privacy policies, allowing for a comprehensive comparison. Next, researchers studied the voice apps' behavior to conduct privacy violation assessments. An interaction approach with voice apps is needed to extract the behavior where pre-defined utterances are input into the simulator to simulate user interaction. The set of pre-defined utterances is extracted from the skill's web page on the skill store. However, the accuracy of the testing analysis depends on the quality of the extracted utterances. An utterance or interaction that was not captured by the extraction process will not be detected, leading to inaccurate privacy assessment. Therefore, we revisited the utterance extraction techniques used by prior works to study the skill's behavior for privacy violations. We focused on analyzing the effectiveness and limitations of existing utterance extraction techniques. We proposed a new technique that improved prior work extraction techniques by utilizing the union of these techniques and human interaction. Our proposed technique makes use of a small set of human interactions to record all missing utterances, then expands that to test a more extensive set of voice apps. We also conducted testing on VUI with various accents to study by designing a testing framework that can evaluate VUI on different accents to assess how well VUI implemented in smart speakers caters to a diverse population. Recruiting individuals with different accents and instructing them to interact with the smart speaker while adhering to specific scripts is difficult. Thus, we proposed a framework known as AudioAcc, which facilitates evaluating VUI performance across diverse accents using YouTube videos. Our framework uses a filtering algorithm to ensure that the extracted spoken words used in constructing these composite commands closely resemble natural speech patterns. Our framework is scalable; we conducted an extensive examination of the VUI performance across a wide range of accents, encompassing both professional and amateur speakers. Additionally, we introduced a new metric called Consistency of Results (COR) to complement the standard Word Error Rate (WER) metric employed for assessing ASR systems. This metric enables developers to investigate and rewrite skill code based on the consistency of results, enhancing overall WER performance. Moreover, we looked into a special case related to the access control of VUI in multi-user environments. We proposed a framework for automated testing to explore the access control weaknesses to determine whether the accessible data is of consequence. We used the framework to assess the effectiveness of voice access control mechanisms within multi-user environments. Thus, we show that the convenience of using voice systems poses privacy risks as the user's sensitive data becomes accessible. We identify two significant flaws within the access control mechanisms proposed by the voice system, which can exploit the user's private data. These findings underscore the need for enhanced privacy safeguards and improved access control systems within online shopping. We also offer recommendations to mitigate risks associated with unauthorized access, shedding light on securing the user's private data within the voice systems.31 0
- «
- 1 (current)
- 2
- 3
- »