Detecting Specification Mismatches using Machine Learning-Based Analysis of CPU Manuals

193576-Thumbnail Image.png
Description
Having properly implemented instructions is key to computer architecture and the security of a computer. Without properly implemented instructions, there is a risk of security vulnerabilities such as privilege escalation. Current methods of checking specification mismatches are the various versions

Having properly implemented instructions is key to computer architecture and the security of a computer. Without properly implemented instructions, there is a risk of security vulnerabilities such as privilege escalation. Current methods of checking specification mismatches are the various versions of the manual approach and the use of symbolic execution. These current methods can be time-consuming or have issues with scalability and efficiency. In this thesis, an approach is proposed to improve the current methods by employing the aid of machine-learning, specifically large-language models (LLMs), testing on RISC-V architecture. RISC-V architecture is proposed to test this method due to its simplistic nature and smaller instruction set compared to other architectures like x86. In this approach, Chat-GPT is proposed as the LLM of choice due to its rising popularity as well as its capability and power. The approach combines manual aspects and the aid of Chat-GPT to fully test how well Chat-GPT is at generating expressions and test cases to detect specification mismatches. The Chat-GPT generated test cases are evaluated on a RISC-V framework to see if the Chat-GPT generated test cases can be used in the future to detect specification mismatches as well as being used in more complicated architectures.
Date Created
2024
Agent

Improving Smart Home Security: Using Blockchain-Based Situation-Aware Access Control

190926-Thumbnail Image.png
Description
The evolution of technology, including the proliferation of the Internet of Things (IoT), advanced sensors, intelligent systems, and more, has paved the way for the establishment of smart homes. These homes bring a new era of automation with interconnected devices,

The evolution of technology, including the proliferation of the Internet of Things (IoT), advanced sensors, intelligent systems, and more, has paved the way for the establishment of smart homes. These homes bring a new era of automation with interconnected devices, offering increased services. However, they also introduce data security and device management challenges. Current smart home technologies are susceptible to security violations, leaving users vulnerable to data compromise, privacy invasions, and physical risks. These systems often fall short in implementing stringent data security safeguards, and the user control process is complex. In this thesis, an approach is presented to improve smart home security by integrating private blockchain technology with situational awareness access control. Using blockchain technology ensures transparency and immutability in data transactions. Transparency from the blockchain enables meticulous tracking of data access, modifications, and policy changes. The immutability of blockchain is utilized to strengthen the integrity of data, deterring, and preventing unauthorized alterations. While the designed solution leverages these specific blockchain features, it consciously does not employ blockchain's decentralization due to the limited computational resources of IoT devices and the focused requirement for centralized management within a smart home context. Additionally, situational awareness facilitates the dynamic adaptation of access policies. The strategies in this thesis excel beyond existing solutions, providing fine-grained access control, reliable transaction data storage, data ownership, audibility, transparency, access policy, and immutability. This approach is thoroughly evaluated against existing smart home security improvement solutions.
Date Created
2023
Agent

The Efficacy of Different Timesteps in Data when Predicting Cryptocurrency Prices

Description
This thesis serves as an experimental investigation into the potential of machine learning through attempting to predict the future price of a cryptocurrency. Through the use of web scraping, short interval data was collected on both Bitcoin and Dogecoin. Dogecoin

This thesis serves as an experimental investigation into the potential of machine learning through attempting to predict the future price of a cryptocurrency. Through the use of web scraping, short interval data was collected on both Bitcoin and Dogecoin. Dogecoin was the dataset that was eventually used in this thesis due to its relative stability compared to Bitcoin. At the time of the data collection, Bitcoin became a much more frequent topic in the media and had more significant fluctuations due to it. The data was processed into consistent three separate, consistent timesteps, and used to generate predictive models. The models were able to accurately predict test data given all the preceding test data but were unable to autoregressively predict future data given only the first set of test data points. Ultimately, this project helps illustrate the complexities of extended future price prediction when using simple models like linear regression.
Date Created
2022-12
Agent

Weakly-Supervised Visual-Retriever-Reader Pipeline for Knowledge-Based VQA Tasks

161838-Thumbnail Image.png
Description
Visual question answering (VQA) is a task that answers the questions by giving an image, and thus involves both language and vision methods to solve, which make the VQA tasks a frontier interdisciplinary field. In recent years, as the great

Visual question answering (VQA) is a task that answers the questions by giving an image, and thus involves both language and vision methods to solve, which make the VQA tasks a frontier interdisciplinary field. In recent years, as the great progress made in simple question tasks (e.g. object recognition), researchers start to shift their interests to the questions that require knowledge and reasoning. Knowledge-based VQA requires answering questions with external knowledge in addition to the content of images. One dataset that is mostly used in evaluating knowledge-based VQA is OK-VQA, but it lacks a gold standard knowledge corpus for retrieval. Existing work leverages different knowledge bases (e.g., ConceptNet and Wikipedia) to obtain external knowledge. Because of varying knowledge bases, it is hard to fairly compare models' performance. To address this issue, this paper collects a natural language knowledge base that can be used for any question answering (QA) system. Moreover, a Visual Retriever-Reader pipeline is proposed to approach knowledge-based VQA, where the visual retriever aims to retrieve relevant knowledge, and the visual reader seeks to predict answers based on given knowledge. The retriever is constructed with two versions: term based retriever which uses best matching 25 (BM25), and neural based retriever where the latest dense passage retriever (DPR) is introduced. To encode the visual information, the image and caption are encoded separately in the two kinds of neural based retriever: Image-DPR and Caption-DPR. There are also two styles of readers, classification reader and extraction reader. Both the retriever and reader are trained with weak supervision. The experimental results show that a good retriever can significantly improve the reader's performance on the OK-VQA challenge.
Date Created
2021
Agent

Secure Communication for Smart Home Environments Using Blockchain

161281-Thumbnail Image.png
Description
Many residences from student apartment units to family homes use a range of smart devices to make the day-to-day lives of the residents safer and more convenient. The ability to remotely access these devices has further increased their convenience, but

Many residences from student apartment units to family homes use a range of smart devices to make the day-to-day lives of the residents safer and more convenient. The ability to remotely access these devices has further increased their convenience, but it comes with the increased risk of vulnerable devices being exploited to achieve unauthorized access or to conduct surveillance on the users. This highlights the need for an access control system to securely restrict home device access to authorized users only. Existing approaches for securing smart homes use less secure authentication methods, do not allow for data ownership or fine-grained access control, and do not reliably store credential modification records, access records, or access policy modification records. These records can be a valuable resource to have available in the case of a security incident.In this thesis, a secure and efficient remote mutual authentication system with fine-grained access control integrating blockchain and digital signatures to authenticate users, authenticate the home gateway, and provide reliable auditing of the credential modifications, access history, and access policy modifications of the devices is presented. The immutability and verifiability properties of blockchain make it useful for securely storing these records. In this approach, a smart contract is created in the blockchain to keep track of authorized users, manage the access policy, and record requests for access or control of the home devices. A private blockchain is used to provide trust and privacy, which is necessary for a smart home system. Elliptic curve digital signatures are used to verify identities because the shorter key sizes and signature times are more adapted to Internet of Things contexts. The approach presented in this thesis is better than existing approaches because it provides fine-grained access control, and reliably stores credential modification records, access records, and access policy modification records. The approach was implemented and evaluated using Hyperledger, a private open-source blockchain, and the results show that this approach has significant additional security benefits with negligible additional overhead cost.
Date Created
2021
Agent