Theses and Dissertations from UMD

Permanent URI for this communityhttp://hdl.handle.net/1903/2

New submissions to the thesis/dissertation collections are added automatically as they are received from the Graduate School. Currently, the Graduate School deposits all theses and dissertations from a given semester after the official graduation date. This means that there may be up to a 4 month delay in the appearance of a give thesis/dissertation in DRUM

More information is available at Theses and Dissertations at University of Maryland Libraries.

Browse

Filters

2019 - 201912020 - 20242

Settings

Subject: search.filters.subject.Blockchain

Search Results

Now showing 1 - 3 of 3
  • Thumbnail Image
    Item
    SOCIOTECHNICAL NETWORK MODELING TO QUANTITATIVELY ANALYZE THE IMPACT OF BLOCKCHAIN ON THE RISK OF PROCURING COUNTERFEIT ELECTRONICS
    (2024) Akhavantaheri, Hirbod; Sandborn, Peter PS; Mechanical Engineering; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)
    This dissertation develops sociotechnical agent-based network modeling to quantitatively analyze the impact of blockchain and other related policies on the supply-chain risk associated with the procurement of counterfeit electronics in critical systems. Safety-critical, mission-critical, and infrastructure-critical systems (e.g., aerospace, transportation, defense, and power generation) are forced to source parts from a supply chain that they do not control over exceptionally long periods of time. Critical systems are exposed to the dual risks of the impacts of system failure and the exposure to the vagaries of the marketplace over decades. Therefore, critical-systems operators, manufacturers, and sustainers, must implement policies and technologies to reduce the risk of obtaining counterfeit parts. Several policies, ranging from debarment and claw back to “hop counting,” have been considered and used to mitigate such risks. One technology that critical-system operators, manufacturers, and sustainers could adopt is distributed digital ledger (i.e., blockchain) for the supply chain. This dissertation does not focus on how such a blockchain could be implemented but rather on how (and if) blockchain for the supply chain can provide value for verifying the authenticity of parts when prolonged periods of time (decades) elapse between part manufacturing and part sourcing. Additionally, during a part’s ownership changes, supply-chain actors may choose to participate in the distributed ledger based on individual incentives and can recuse themselves from such participation later. The lack of complete participation may affect the designed functionality, and the consequences of lack of participation need to be understood. Using a comprehensive supply-chain model, it can be shown that blockchain for supply chain can reduce the prevalence of counterfeit electronics in the supply chain of critical systems by up to 70%. However, such a reduction requires near complete participation by all supply-chain stakeholders, which is not likely. Due to the relatively high cost of ownership transfer on a blockchain, and the indirect cost of supply-chain information disclosure, a high participation rate is not anticipated. Although blockchain can have benefits in other aspects of supply chain, it may not be a viable solution to combat the counterfeit electronics problem.
  • Thumbnail Image
    Item
    Practical Cryptography for Blockchains: Secure Protocols with Minimal Trust
    (2024) Glaeser, Noemi; Katz, Jonathan; Malavolta, Giulio; Computer Science; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)
    In 2008, Satoshi Nakamoto introduced Bitcoin, the first digital currency without a trusted authority whose security is maintained by a decentralized blockchain. Since then, a plethora of decentralized applications have been proposed utilizing blockchains as a public bulletin board. This growing popularity has put pressure on the ecosystem to prioritize scalability at the expense of trustlessness and decentralization. This work explores the role cryptography has to play in the blockchain ecosystem to improve performance while maintaining minimal trust and strong security guarantees. I discuss a new paradigm for scalability, called naysayer proofs, which sits between optimistic and zero-knowledge approaches. Next, I cover two on-chain applications: First, I show how to improve the security of a class of coin mixing protocols by giving a formal security treatment of the construction paradigm and patching the security of an existing, insecure protocol. Second, I show how to construct practical on-chain protocols for a large class ofelections and auctions which simultaneously offer fairness and non-interactivity without relying on a trusted third party. Finally, I look to the edges of the blockchain and formalize new design requirements for the problem of backing up high-value but rarely-used secret keys, such as those used to secure the reserves of a cryptocurrency exchange, and develop a protocol which efficiently meets these new challenges. All of these works will be deployed in practice or have seen interest from practitioners. These examples show that advanced cryptography has the potential to meaningfully nudge the blockchain ecosystem towards increased security and reduced trust.
  • Thumbnail Image
    Item
    Hardware Assisted Solutions for Automobile Security
    (2019) Wang, Qian; Qu, Gang; Electrical Engineering; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)
    In the past couple of decades, many in-vehicle features have been invented and deployed in order to make modern vehicles which not only safer and more reliable but also connected, smarter, and intelligent. Meanwhile, vehicular ad-hoc networks (VANETs) are proposed to provide communications between vehicles and road-side stations as the foundation of the intelligent transportation system to provide efficient and safe transportation. To support these updated functions, a large amount of electronic equipment has been integrated into the car system. Although these add-on functions around vehicles offer great help in driving assistance, they inevitably introduced new security vulnerabilities that threaten the safety of the on-board drivers, passengers and pedestrians. This has been demonstrated by many well-documented attacks either on the in-vehicle bus system or on the wireless vehicular network communications. In this dissertation, we design and implement several hardware-oriented solutions to the arousing security issues on vehicles. More specifically, we focus on three important and representative problems: (1) how to secure the in-vehicle Controller Area Network (CAN), (2) how to secure the communication between vehicle and outside, and (3) how to establish trust on VANETs. Current approaches based on cryptographic algorithms to secure CAN bus violate the strict timing and limited resource constraints for CAN communications. We thus emphasize on the alternate solution of intrusion detection system (IDS) in this dissertation. We explore monitoring the changes of CAN message content or the physical delay of its transmission to detect on the CAN bus. We first propose a new entropy-based IDS following the observation that all the known CAN message injection attacks need to alter the CAN identifier bit. Thus, analyzing the entropy changes of such bits can be an effective way to detect those attacks. Next, we develop a delay-based IDS to protect the CAN network by identifying the location of the compromised Electronic Control Unit (ECU) from the transmission delay difference to two terminals connected to the CAN bus. We demonstrate that both approaches can protect the integrity of the messages on CAN bus leading to a further improve the security and safety of autonomous vehicles. In the second part of this dissertation, we consider Plug-and-Secure, an industrial practice on key management for automotive CAN networks. It has been proven to be information theoretically secure. However, we discover side-channel attacks based on the physical properties of the CAN bus that can leak almost the entire secret key bits. We analyze the fundamental characteristics that lead to such attacks and propose techniques to minimize information leakage at the hardware level. Next, we extend our study from in-vehicle secure CAN communication to the communication between vehicle and outside world. We take the example of the popular GPS spoofing attack and show how we can use the rich information from CAN bus to build a cross-validation system to detect such attacks. Our approach is based on the belief that the local driving data from the in-vehicle network can be authenticated and thus trusted by secure CAN networks mechanisms. Such data can be used to cross-validate the GPS signals from the satellite which are vulnerable to spoofing attacks. We conduct driving tests on real roads to show that our proposed approach can defend both GPS spoofing attacks and location-based attacks on the VANETs. Finally, we propose a blockchain based Anonymous Reputation System (BARS) to establish a privacy-preserving trust model for VANETs. The certificate and revocation transparency is implemented efficiently with the proofs of presence and absence based on the extended blockchain technology. To prevent the broadcast of forged messages, a reputation evaluation algorithm is presented relying on both direct historical interactions of that vehicle and indirect opinions from the other vehicles. This dissertation features solutions to vehicle security problems based on hardware or physical characteristics, instead of cryptographic algorithms. We believe that given the critical timing requirement on vehicular systems and their very limited resource (such as the bandwidth on CAN bus), this will be a very promising direction to secure vehicles and vehicular network.