Research Experience for Undergraduates 2013
- NSF Summer Research Experience for Undergraduates in Trustable Embedded Systems Security Research
- Departments of Electrical and Computer Engineering and Computer Science and Engineering
The 2013 REU class included the following students:
|
Jillian Anderson, Albany State University
|
|
Alexandra Bassen, Macalester College Registering Ballots for Efficient Computer-Assisted Audits on Optical Scan Elections Computer-assisted audits provide an efficient and cost effective alternative to hand counted audits. However, complicateions occur when using store bought scanners to interpret voter generated balots. Alexandra worked on an effective method to limit this error by the aligning scanned balots with master balots for every election. The method involves using registration marks and an alignment grid to faithfuly represent the scanned balot to the auditors. This new method will increases the efficiency of audits in the state of Connecticut.
|
| Neil Butcher, Appalachian State University Comparison of Authentication Methods in Processor Security |
 Daniel Finn, College of the Holy Cross
An FPGA Implementation of AES and Masking Evaluation
In this research, Daniel completed two different projects. First, he modified an ASIC implementation of the Advanced Encryption Standard (AES) to be able to use it on a small FPGA board. Then, he coded a full masking scheme on the AES program and checked the overhead differences between the masked and two different unmasked implementations. Generally AES implementations are very large and not practical for use on small FPGAs. In order to complete this task, Daniel was forced to make trade-offs between resources used and speed of computation. In addition, it is a well known fact that an AES implementation onto hardware is susceptible to side-channel attacks, in particular differential power analysis. Therefore, Daniel also added a masking scheme to protect against such attacks. In the end he was able to create an implementation with that is less than 30 percent of the original size as well as see how costly it is to protect the algorithm through basic masking.
|
|
Dany Fu, Pepperdine University A Multi-Layer Architecture for RBAC Enforcement of Patient Data |
| Kyle Keraga, Rensselaer Polytechnic Institute
Automated IC Defect Detection
 In recent years, the integrated circuit (IC) industry has been threatened by a rising number of counterfeit components. These parts present an increasing danger to industrial and critical operations, creating a tangible need for reliable, efficient detection methods. Detection of counterfeit components relies on accurate identification of defects that may indicate counterfeiting. At present, most test methods analyzing physical defects rely on human interaction, subjecting them to human error. Additionally, the time required for most physical tests is extensive. This requires any given set of ICs to be adequately sampled in testing, decreasing the reliability of any given test. Kyle worked on a proof of concept algorithm designed to automatically indicate and identify visual defects present in an integrated circuit. He conducted several tests to verify the effectiveness of this algorithm. In addition, Kyle explored the potential for further improvement in technique, accuracy, and efficiency. |
|
Xavier Minaya, University of Puerto Rico, Bayamon Capability-based Access Control on Object-based Storage Devices n our modern Internet-dependent world, demand for a stor- age capacity is significantly increasing every year. Major global e-commerce companies have incurred in establishing on-line disk storage as the dominant traditional information storage media. Object-based Storage Devices (OSD) is a network storage architecture, which instead of providing a block-oriented interface that reads and writes data, OSD organizes data into flexible-sized data containers, called objects. The INCITS T10 OSD Standard presents the requirements for a security protocol that must be followed in order to maintain data integrity between an application client and a storage device. Xavier implemented the security protocol defined on the standard. The security protocol is based on a secure capability-based model, enabling fine-grained access control that protect storage devices and objects from unauthorized access. The OSD standard defines three security methods based on the application’s security requirement. Xavier also evaluated the three different methods with respect to reliable performance.
|
|
Juan Miranda, University of Puerto Rico, Mayaguez Anti-Reverse Engineering and Anti-Counterfeiting with a Transient Solution |
|
Shane Tobey, University of Connecticut Self Destruct Mechanism Inquiry Self-Destruct Mechanism (SDM) is a possible hardware se- curity solution in which a device is disabled either temporarily or permanently, preventing unauthorized data recovery or device use. SDM may be reversible or non-reversible in nature and includes tamper detection measures and an alarm system to place a device into test mode. Tampering with a device outside of test-mode triggers a response which disables or destroys device functionality. Shane looked into various invasive attacks, in which an adversary has direct physical access to a device. SDM technology has many potential security applications, from data-theft pre- vention to preventing terrorist organizations from re-using cell phone vibrators as bomb triggers. The current SDM model is flexible enough to include multiple degrees of destruction, from functional disability to memory wipe to total functional destruction.
|
