Your search keyword '"Golam Kayas"' showing total 3 results

1. An Overview of UPnP-based IoT Security: Threats, Vulnerabilities, and Prospective Solutions

Author

Mahmud Hossain, Golam Kayas, Jamie Payton, and S. M. Riazul Islam

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, business.industry, Rapid expansion, Computer science, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Computer security, computer.software_genre, Domain (software engineering), 020204 information systems, Universal Plug and Play, 0202 electrical engineering, electronic engineering, information engineering, Internet of Things, business, Communications protocol, Cryptography and Security (cs.CR), Protocol (object-oriented programming), computer

Abstract

Advances in the development and increased availability of smart devices ranging from small sensors to complex cloud infrastructures as well as various networking technologies and communication protocols have supported the rapid expansion of Internet of Things deployments. The Universal Plug and Play (UPnP) protocol has been widely accepted and used in the IoT domain to support interactions among heterogeneous IoT devices, in part due to zero configuration implementation which makes it feasible for use in large-scale networks. The popularity and ubiquity of UPnP to support IoT systems necessitate an exploration of security risks associated with the use of the protocol for IoT deployments. In this work, we analyze security vulnerabilities of UPnP-based IoT systems and identify attack opportunities by the adversaries leveraging the vulnerabilities. Finally, we propose prospective solutions to secure UPnP-based IoT systems from adversarial operations.

Published

2020

2. VSDM: A Virtual Service Device Management Scheme for UPnP-Based IoT Networks

Author

Golam Kayas, Mahmud Hossain, Jamie Payton, and S. M. Riazul Islam

Subjects

Networking and Internet Architecture (cs.NI), FOS: Computer and information sciences, Scheme (programming language), Service (systems architecture), business.industry, Computer science, 010401 analytical chemistry, ComputerApplications_COMPUTERSINOTHERSYSTEMS, 020206 networking & telecommunications, 02 engineering and technology, 01 natural sciences, 0104 chemical sciences, Computer Science - Networking and Internet Architecture, Universal Plug and Play, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), Delegation (computing), Internet of Things, business, Protocol (object-oriented programming), computer, computer.programming_language, Computer network

Abstract

The ubiquitous nature of IoT devices has brought new and exciting applications in computing and communication paradigms. Due to its ability to enable auto-configurable communication between IoT devices, pervasive applications, and remote clients, the use of the Universal Plug and Play (UPnP) protocol is widespread. However, the advertisement and discovery mechanism of UPnP incurs significant overhead on resource-constrained IoT devices. In this paper, we propose a delegation-based approach that extends the UPnP protocol by offloading the service advertisement and discovery-related overhead from resource-limited IoT devices to the resource-rich neighbours of a UPnP-enabled IoT network. Our experimental evaluations demonstrate that the proposed scheme shows significant improvement over the basic UPnP, reducing energy consumption and network overhead.

Published

2020

3. A Multiversion Programming Inspired Approach to Detecting Audio Adversarial Examples

Author

Qiang Zeng, Chiu C. Tan, Chenglong Fu, Xiaojiang Du, Jianhai Su, Jie Wu, Lannan Luo, and Golam Kayas

Subjects

Image domain, business.industry, Computer science, Transferability, 020206 networking & telecommunications, 020207 software engineering, 02 engineering and technology, Machine learning, computer.software_genre, Adversarial system, Trustworthiness, 0202 electrical engineering, electronic engineering, information engineering, N-version programming, Artificial intelligence, Hardware_ARITHMETICANDLOGICSTRUCTURES, business, Classifier (UML), computer

Abstract

Adversarial examples (AEs) are crafted by adding human-imperceptible perturbations to inputs such that a machine-learning based classifier incorrectly labels them. They have become a severe threat to the trustworthiness of machine learning. While AEs in the image domain have been well studied, audio AEs are less investigated. Recently, multiple techniques are proposed to generate audio AEs, which makes countermeasures against them urgent. Our experiments show that, given an audio AE, the transcription results by Automatic Speech Recognition (ASR) systems differ significantly (that is, poor transferability), as different ASR systems use different architectures, parameters, and training datasets. Based on this fact and inspired by Multiversion Programming, we propose a novel audio AE detection approach MVP-Ears, which utilizes the diverse off-the-shelf ASRs to determine whether an audio is an AE. We build the largest audio AE dataset to our knowledge, and the evaluation shows that the detection accuracy reaches 99.88%. While transferable audio AEs are difficult to generate at this moment, they may become a reality in future. We further adapt the idea above to proactively train the detection system for coping with transferable audio AEs. Thus, the proactive detection system is one giant step ahead of attackers working on transferable AEs.

Published

2019