Mike Borowczak

Rafer Cooley, Shaya Wolf, Mike Borowczak

Unmanned Aerial Vehicles (UAVs), referenced as drones, have advanced to consumer adoption for hobby and business use. Drone applications, such as infrastructure technology, security mechanisms, and resource delivery, are just the starting point. More complex tasks are possible through the use of UAV swarms. These tasks increase the potential impacts that drones will have on smart cities, modern cities which have fully adopted technology in order to enhance daily operations as well as the welfare of it's citizens. Smart cities not only consist of static mesh networks of sensors, but can contain dynamic aspects as well including both ground and air based autonomous vehicles. Networked computational devices require paramount security to ensure the safety of a city. To accomplish such high levels of security, services rely on secure-by-design protocols, impervious to security threats. Given the large number of sensors, autonomous vehicles, and other advancements, smart cities necessitates this level of security. The SHARK protocol (Secure, Heterogeneous, Autonomous, and Rotational Knowledge for Swarms) ensures this kind of security by allowing for new applications for UAV swarm technology. Enabling drones to circle a target without a centralized control or selecting lead agents, the SHARKS protocol performs organized movement among agents without creating a central point for attackers to target. Through comparisons on the stability of the protocol in different settings, experiments demonstrate the efficiency and capacity of the SHARKS protocol.

Rasana Manandhar, Shaya Wolf, Mike Borowczak

Emerging technology demands reliable authentication mechanisms, particularly in interconnected systems. Current systems rely on a single moment of authentication, however continuous authentication systems assess a users identity utilizing a constant biometric analysis. Spy Hunter, a continuous authentication mechanism uses keystroke dynamics to validate users over blocks of data. This easily-incorporated periodic biometric authentication system validates genuine users and detects intruders quickly. Because it verifies users in the background, Spy Hunter is not constrained to a password box. Instead, it is flexible and can be layered with other mechanisms to provide high-level security. Where other continuous authentication techniques rely on scripted typing, Spy Hunter validates over free text in authentic environments. This is accomplished in two phases, one where the user is provided a prompt and another where the user is allowed free access to their computer. Additionally, Spy Hunter focuses on the timing of different keystrokes rather than the specific key being pressed. This allows for anonymous data to authenticate users and avoids holding personal data. Utilizing a couple K-fold cross-validation techniques, Spy Hunter is assessed based on how often the system falsely accepts an intruder, how often the system falsely rejects a genuine user, and the time it takes to validate a users identity. Spy Hunter maintains error rates below 6% and identifies users in minimal numbers of keystrokes. Continuous authentication provides higher level security than one-time verification processes and Spy Hunter expands on the possibilities for behavioral analysis based on keystroke dynamics.

Mike Borowczak, George Purdy

This work introduces CHIRP - an algorithm for communication between ultra-portable heterogeneous IoT devices with a type of round-robin protection mechanism. This algorithm is presented both in its basic form as well as in a secured form in order to secure and maintain trust boundaries and communication within specific groups of heterogeneous devices. The specific target application scenarios includes resource constrained environments where a co-located swarm of devices (adversarial in mission or objective) is also present. CHIRP, and its secured version (S-CHIRP), enables complete peer-to-peer communication of a $n$-agent network of devices in as few as n rounds. In addition to the n-round cycle length, the proposed communication mechanism has the following major properties: nodes communication is entirely decentralized, communication is resilient to the loss of nodes, and finally communication is resilient to the (re)-entry of nodes. Theoretical models show that even the secure implementation of this mechanism is capable of scaling to IoT swarms in the million device range with memory constraints in the < 10 MB range

Richard R. Yang, Mike Borowczak

Employee theft and dishonesty is a major contributor to loss in the retail industry. Retailers have reported the need for more automated analytic tools to assess the liability of their employees. In this work, we train and optimize several machine learning models for regression prediction and analysis on this data, which will help retailers identify and manage risky employees. Since the data we use is very high dimensional, we use feature selection techniques to identify the most contributing factors to an employee's assessed risk. We also use dimension reduction and data embedding techniques to present this dataset in a easy to interpret format.