Final Examination Schedule

PLEASE JOIN US AS THE FOLLOWING CANDIDATES PRESENT THEIR CULMINATING WORK.

Spring 2017

 

Wednesday, May 17

Naval Kashyap

Chair: Dr. Yang Peng
Candidate: Master of Science in Computer Science & Software Engineering
1:00 P.M.; DISC 464
MAC Protocol for Battery-Free Wireless Sensors Networks

Wireless Sensor Networks play an important role in our modern data-driven society. These are generally used for monitoring purposes and deployed in a variety of conditions. Most of the sensors used in today's WSNs are battery-operated which need battery replacement at regular intervals. Hence, we opt for battery-free sensor networks to eliminate the need for batteries. These sensors can harvest energy from the ambient RF-energy sources such as cellular and Wi-Fi networks and can operate for many years without any maintenance. This project focuses on developing a MAC layer protocol for reliable data transfer between the sink and the source node and establishes a contention free channel by maintaining a localized TDMA between neighboring nodes. A major challenge with these sensors is that they cannot control their awake-sleep duty cycle due to lack of an internal clock. We have developed a novel technique to indirectly adjust the duty cycle by limiting the amount of energy consumed. Further, the key concepts of charging model, resizing superframe, and frameshifting are explained. The latency and data drop ratio is evaluated for various network topologies like the one-to-one, daisy-chain, and tree. This protocol works on a fixed network topology only and the data cannot be re-routed under load conditions. This can be further developed to achieve higher throughput and dynamic route selection for the traffic load.

Thursday, May 18

Galen Deal

Chair: Dr. Yang Peng
Candidate: Master of Science in Computer Science & Software Engineering
3:00 P.M.; DISC 464
Smart-Transfer: A Cost-Minimized Inter-Service Data Storage and Transfer Scheme

Cloud storage services are a widely used tool in both industry and research. However, the wide variety of services offered by cloud providers raises the question of which storage services can most cheaply meet the needs of an application, particularly in cases where the performance required by that application varies over time.

To address this problem, we propose Smart-Transfer, a unique scheme to reduce the long-term cost of storing large data sets using cloud storage services. In contrast to most existing works, we study the storage cost-minimization problem by leveraging various available storage services that can provide different levels of performance at different pricing cost, under the constraint of data-access performance requirement. The key idea of Smart-Transfer is to continuously transfer large data sets between different cloud storage services so as to always make the data ready within a specified period of time in at least one service that can satisfy the performance requirement while avoiding overpaying for unnecessarily high performance guarantees. While the selected storage service to satisfy a particular data-access request may not be the cheapest, the accumulative data-transfer and data-storage cost over a long period of time to satisfy a sequence of data-access requests can be minimized for the system. Simulation results show that Smart-Transfer performs well under various system parameters and request patterns, and can significantly reduce the cost compared to other schemes.

Monday, May 22

Ruth Ogunnaike

Chair: Dr. Brent Lagesse
Candidate: Master of Science in Computer Science & Software Engineering
11:00 A.M.; DISC 464
Vulnerability Detection and Resolution in Internet of Things (IoT) Devices

The use of Internet of Things (IoT) devices has grown significantly in the past decade. While IoT is expected to improve life for many by enabling smart living spaces, the number of security risks that consumers and businesses face is also increasing. A high number of vulnerable IoT devices are prone to attacks and easy exploit. Existing research has focused on security that must be implemented by administrators and manufacturers to be effective. This research focuses on a system that does not rely on best practices by IoT device companies, but rather allows inexperienced users to be confident about the security of the devices that they add to their network. This research present an implementation of an IoT architectural framework, SEESec, based on Software Defined Networking (SDN) paradigm. In this architectural framework, IoT devices attempting to join an IoT network are scanned for vulnerabilities using custom vulnerability scanners and penetration testing tools before allowing communication with other devices in the network.

In the case that a vulnerability is detected, the system will try to fix the vulnerability. If the fix fails, the user will be alerted to the vulnerability and provided with suggestions for fixing it before it will be allowed to join the network.

SEESec, is built on both existing corporate vulnerability scanners, and custom scans to run security scans in the IoT devices. The research aim to build a user friendly system that makes it easy for non-technical users to understand the suggestions the system provides to resolve detected vulnerabilities that the system is unable to resolve automatically.

Tuesday, May 23

Gautam Kumar

Chair: Dr. Brent Lagesse
Candidate: Master of Science in Computer Science & Software Engineering
12:00 P.M.; DISC 464
Moving Target Defense in a Cloud Architecture and its Game Theoretic Analysis

Enterprises today are rapidly moving their internal server infrastructure to cloud providers such as AWS and Azure. Migrating to IaaS providers raises a different set of security threats when compared to in-house IT infrastructure. But cloud infrastructure also offers new sets of opportunities and flexibility which were previously infeasible. One such opportunity is implementing a Moving Target Defense (MTD) as part of a cloud deployment's architecture. In this thesis we proposed a MTD architecture inspired by Netflix's chaos monkey library. We evaluated our proposed architecture for performance overhead, ran discrete event simulations to evaluate potential benefits in terms of cost of being exploited and finally we model our architecture as a game to formulate a function to compute the probability of attack. Our goal with this work was to highlight the possibility of implementing a layer of moving target defense at an architectural level for enterprise security teams.

Wednesday, May 24

Koukeng Yang

Chair: Dr. Kelvin Sung
Candidate: Master of Science in Computer Science & Software Engineering
11:00 A.M.; DISC 464
Touching Augmented Reality: Direct Object Manipulation for Marker-less AR on Handheld Devices

Augmented Reality (AR) on handheld devices is interesting mainly due to the portability, mobility, and cost. Until recently, AR has been accomplished on handheld mobile devices through the aid of distinguishable visual markers where computer generated virtual objects can only be displayed over these visual markers, this is referred to as Marker AR. A major restriction of Marker AR is that the entire marker must be visible through the camera of the handheld device at all time. Recent advancements in technology has overcome this limitation and supports Marker-less AR on handheld devices where visual makers are no-longer required. While there are significant work done and results available in addressing virtual object manipulation with Marker AR, it is unclear how these findings will apply to Marker-less AR applications. With the technology being a recent development, there is a lack in results addressing virtual object manipulation in Marker-less AR settings. The goals of this study are to analyze the distinct requirements of virtual object manipulation in Marker and Marker-less AR, understand the implications of these requirements, observe the results of these implications in actual user object manipulations, identify relevant results from Marker-AR virtual object manipulation, and predict and verify the subset of Marker AR object manipulation methods that can be transitioned into the marker-less AR setting. This study conducts user testing on five implemented object manipulation methods. Four of these methods are the latest results from marker-based AR research, while the fifth is a novel method attempting to address the distinction between the two AR settings. User testing shows that there is no single method that applies well in all Marker-less AR test cases where the requirements of manipulating small scale objects are distinct and orthogonal from those of interacting with relatively large objects. The results suggests that for Mark-less AR applications, the methods for virtual object manipulation should be adaptive to the relative sizes of the target objects.

Shiven Chawla

Chair: Dr. Geethapriya Thamilarasu
Candidate: Master of Science in Cyber Security Engineering

3:00 P.M.; DISC 464
Deep Learning based Intrusion Detection System for Internet of Things

With the increase in number of Internet connected devices, security and privacy concerns are the major obstacles impeding the widespread adoption of Internet of Things (IoT). Securing IoT has become a huge area of concern for all, including the consumers, organizations as well as the government. While attacks on any system cannot be fully prevented forever, real-time detection of the attacks are critical to defend the systems in an effective manner. Limited research exists on efficient intrusion detection systems suitable for IoT environment. In this thesis, we propose a novel intrusion detection system that uses machine learning algorithms to detect security anomalies in IoT networks. This detection platform provides security as a service and facilitates interoperability between various network communication protocols used in IoT. We provide a framework of the proposed system and discuss the intrusion detection process in detail. The proposed intrusion detection system is evaluated using both, real network traces for providing a proof-of-concept, and on simulation for providing evidence of its scalability. My results confirm that the proposed intrusion detection system is capable of detecting real-world intrusions effectively.

Thursday, May 25

Sida Gao

Chair: Dr. Geethapriya Thamilarasu
Candidate: Master of Science in Cyber Security Engineering

12:00 P.M.; DISC 464
GGP: A Novel Graphical Password Authentication System

With the rapid growth of the Internet, instant and global access of information and resources has become an indispensable element of our daily lives. Authentication is a security mechanism that grants access to only legitimate users, thereby protects our valuable assets from malicious attacks and intrusions. Authentication typically employs a combination of username and password to prove user identity. As technology advances, security issues of passwords, specifically text passwords, have been discovered and reported. Users tend to choose short or personally meaningful passwords that are essentially weaker but can be easily remembered as opposed to secure passwords that are long and complicated. However, this tendency will generate passwords that are effortlessly crackable for attackers. Graphical password authentication systems have been proposed to replace text passwords since images are easier for human beings to remember and recall. Existing graphical password schemes provide inadequate security and are often not user-friendly. In this project, I propose a novel authentication system known as "Good Graphical Password (GGP)" that is designed to be resistant to brute force attacks given its large password entropy, as well as shoulder surng attacks using a shared secret establishment. In addition to that, with the aid from "inexplicit feedback" that generates confusion to only illegitimate users during each stage of authentication, "deep authentication" that utilizes machine learning to further identify user authenticity after entering valid credentials and keyboard integration which allows users to log in conveniently using only keyboard, GGP is supposed to achieve both better security and usability. To demonstrate the efficiency and security performance of GGP, experiments were conducted on the GGP web application prototype and the results show that GGP can indeed provide better security while maintaining the usability.

Cody Burkard

Chair: Dr. Brent Lagesse
Candidate: Master of Science in Cyber Security Engineering
3:00 P.M.; DISC 464
Can Intelligent Hyperparameter Selection Improve Resistance to Adversarial Examples?

Convolutional Neural Networks and Deep Learning classification systems in general have been shown to be vulnerable to attack by specially crafted data samples that appear to belong to one class but are instead classified as another, commonly known as adversarial examples. A variety of attack strategies have been propose to craft these samples, however there is no standard model that is used to compare the success of each type of attack. Furthermore, there is no literature currently available that evaluates how common hyperparameters and optimization strategies may impact a model's ability to  resist these samples. This research bridges that lack of awareness, and provides a means for the selection of training and model parameters in future research on evasion attacks against convolutional neural networks. The findings of this work indicate that the selection of model hyperparameters does impact the ability of a model to resist attack, although they alone cannot prevent the existence of adversarial examples.

Friday, May 26

Michael Tanaya

Chair: Dr. Kelvin Sung
Candidate: Master of Science in Computer Science & Software Engineering

11:00 A.M.; DISC 464
Object Manipulation with Tangible User Interface for Head Mounted Augmented Reality Devices

Recent advances in technology enabled a new generation of Augmented Reality (AR) development where the near seamless integration and interaction between computer generated virtual and real-world physical objects can be achieved in real-time. This maturation of AR technology resulted in consumer-level commercial AR products. These products support user mobility in the physical world in two ways: the AR head mounted solution in the Microsoft HoloLens, and the handheld mobile device solution in the Google Tango. The head mounted solution has two main advantages: the immersive experience with stereoscopic display, and hands-free interaction with the AR world. The HoloLens supports object manipulation with Natural User Interface (NUI), with the inherent NUI shortcomings of lacking in precision and intuition. This project investigates approaches to remedy these shortcomings by integrating other user interface paradigms. The availability of user’s free hands and the limited display real-estate of the head mounted display suggested exploration of solutions based on Tangible User Interface (TUI) devices that can support the display of Graphical User Interface (GUI) widgets. This thesis explores the potentials of linking a popular mobile phone as a TUI device for HoloLens, designs GUI for the phone display, adopts results from related user interaction research, and implements a novel solution to overcome the HoloLens UI shortcomings. Results from user testing shows the novel approach supports a faster object manipulation in general, object size adjustments in particular, and a more efficient and effective object manipulation experience.

Adedayo Odesile

Chair: Dr. Geethapriya Thamilarasu
Candidate: Master of Science in Computer Science & Software Engineering

2:00 P.M.; DISC 464
Mobile Agent based Intrusion Detection for Smart and Connected Medical Devices

The advent of wearable and implantable devices have fostered recent advances in healthcare. Medical devices equipped with wireless connectivity to remote monitoring features are increasingly becoming connected to each other and the internet. Such smart and connected medical devices referred to as the Internet of Medical Things has enabled continuous real-time patient monitoring, increase in diagnostic accuracy, and effective treatment. Inspite of their numerous benefits, these devices open up newer attack surfaces thereby introducing multitude of security and privacy concerns. In this research, we design and develop a mobile agent based intrusion detection system to secure the network of connected medical devices. In particular, the proposed system is hierarchical, autonomous, and employs machine and regression algorithms to detect network level intrusions as well as anomalies in sensor data. Our simulation results reect a relatively.

Tuesday, May 30

Faisal Khan

Chair: Dr. Marc Dupuis
Candidate: Master of Science in Computer Science & Software Engineering

11:00 A.M.; DISC 464
Effects of peer feedback on password strength

This thesis is a study on the effects of peer-feedback on a user’s password strength. Passwords are a common sight in everyday use of an average end user. Text-based passwords are heavily relied upon when it comes to user authentication schemes in many account management scenarios. Most users do not pay attention to or do not understand the importance of creating a secure password. For many systems, it is the single most vulnerable point to gain unauthorized access to the resource as prior studies have exposed that most passwords are significantly weak and hence, easy to crack. In this study, we introduced a peer-feedback password meter which shows how the users’ password compares to the password used by the other users, in contrast, to simply indicating the strength of their password.

To achieve this goal, we conducted a user study where we asked users to create an account on a hypothetical website. The users were either shown a traditional password meter or a peer-feedback meter. Our findings suggest that peer-feedback password meters significantly increase the strength of password entered by a user, and it could be potentially one of the methods to promote stronger passwords created by end users.

Mercy Ebenezer

Chair: Dr. Marc Dupuis
Candidate: Master of Science in Computer Science & Software Engineering

3:30 P.M.; DISC 464
The Impact of Consumer Privacy Behavior on the Purchase Decision Process of Smart Home IoT Devices

Privacy issues in smart home Internet of Things (IoT) devices remain unresolved despite its fast growth in the technological and business front. In spite of federal institutions’ initiative to increase consumer awareness and businesses’ accountability towards privacy violations; we see a dearth for corrective measures that fix privacy issues in smart home IoT devices. The lack of simple privacy protection measures in smart home IoT devices is the primary reason for consumers to overlook institutions’ privacy awareness initiatives. As a result, privacy is traded off for convenience and this reflects in the choices consumers make during their purchase decision process. 

In this exploratory study, I have performed in-depth analysis of consumer behavior towards adopting privacy protection measures for smart home IoT devices during the purchase decision process. Three privacy protection measures have been stated and a consumer’s attitude towards these three measures is evaluated. Qualitative research methods are a useful instrument in this evaluation. First, content analysis on customer reviews was performed to understand the main factors that influence a purchase decision process. The customer reviews were collected from Amazon’s best sellers in the ‘smart home’ category for the top 10 smart home IoT devices. Second, qualitative data analysis of interviews with study participants provided extensive insight into possible factors that affect a consumer’s privacy protection behavior during the purchase decision process. Lack of time, effort and resources are the factors that were observed during the data analysis process.

In conclusion, the study informs on the importance of privacy protection measures as well as the aspects of consumer behavior that significantly dominate the purchase decision process.

Wednesday, May 31

Huaming Chen

Chair: Dr. William Erdly
Candidate: Master of Science in Computer Science & Software Engineering
11:00 A.M.; DISC 464
Educating Young Eyes – The Development of Near Vision Toolbox APP and Project Management

“Near vision problems” – or issues associated with seeing things up close such as when reading or doing detailed activities – are gaining more and more attention from society in recent days. In particular, for school children, near vision problems may be responsible for difficulties in learning, working and other daily life activities. Until recently, the standard eye exam for children tested only for issues related to distance vision.  There is now a new law in the State of Washington that mandates that children be tested for near vision.  This research is part of the UWB Children’s Vision, Learning and Technology (CVLT) research group that is developing new technologies and approaches that creates innovations methods and technologies to support this new mandate.

To provide a straightforward and efficient vision screening methods, CVLT has created a platform which consists of a series of vision screening and/or therapy tools (in the form of “fun games”) and a shared cloud database architecture. My work on developing the Near Vision Toolbox Application is the first attempt in developing vision related tools using the Unity game development engine platform. This application converted four near vision tests (manually-administrated versions) into electric version so that our shared database will collect specific clinical data that are obtained during the testing process. The application is constructed using “code modules/feature sets” that may be reused (or “reskinned”) for a variety of future near-vision game designs. In addition to my work on the core system architecture and the Near Vision Toolbox application, it was critical to provide a structured project management environment for what has become a complex, large-scale project with many team members.  This included establishing project operating standards to support an Agile development environment, manage assets, version control and build management, testing and maintenance of a multi-faceted project.  Specific approaches and rationale for each activity is discussed.

Friday, June 2

Avantika Sriram

Chair: Dr. Yang Peng
Candidate: Master of Science in Computer Science & Software Engineering
11:00 A.M.; DISC 464
Billing Cost based Intelligent Cloud Selection Platform

The emergence of cloud computing has revolutionized the modern IT industry and application development. With a wide variety of public cloud computing service offerings, it becomes a complex matrix for application developers or business owners to select the best cloud computing services that can ensure both business needs and long-term economical operations. To address this problem, we propose a one-shop selection and provision platform to assist developers and organizations in identifying the most relevant and economical cloud destinations and configurations. This platform abstracts the complexities and implementation differences across these cloud providers and provides a unified interface to deploy resources across multiple clouds. In this platform, a unique indexing technique is applied for managing and retrieving service performance and billing information of several cloud providers. With such information, a comprehensive list of cloud computing service options across different cloud service providers can be generated given users’ requirement. Furthermore, this one-stop platform also gives users the ability to directly provision selected cloud computing resources as well. Experimental results show that index based cloud selection algorithm is efficient even when the availability of options to choose from is high.

Deepika Pethaperumal

Chair: Dr. Yang Peng
Candidate: Master of Science in Computer Science & Software Engineering
1:00 P.M.; DISC 464
Budget Hub: A low billing-cost IoT hub selection scheme

In recent years, various compelling cloud computing services have been offered to the public, and numerous IoT systems are adopting these cloud computing for the back-end processing. In this type of IoT system, gateway devices (hubs) are central to connect front-end IoT devices and back-end services. Traditionally research on hub selection or configuration focused on optimizing the network energy consumption for sustainable operations; however, the long-term billing cost of using cloud services becomes a pressing problem for the truly sustainable operation of a cloud computing backed IoT system. To address this problem, we propose a novel solution called budget-hub, which can make smart selection and configuration of hub devices in the IoT network, such that the long-term billing cost on using cloud services can be reduced and the desired network performance is maintained. In this solution, a set of hub devices will be firstly selected based on the network configuration and cloud service billing information. Then, neighboring nodes that need to be connected to each hub will be assigned to further reduce the billing cost while maintaining network connectivity. The lightweight design of this solution also makes it adaptive to dynamic network changes and be able to reconfigure the hub and neighboring nodes assignment in nearly real time. Extensive simulation experiments have been conducted to evaluate the proposed solution and the results demonstrate that the proposed solution can significantly reduce the billing cost under different network settings and cloud service billing models.

Tuesday, June 6

Hasit Mistry

Chair: Dr. David Socha
Candidate: Master of Science in Computer Science & Software Engineering
12:15 P.M.; DISC 464
HealthyRepo: See Health Indicators of Open Source Projects

Open source model of writing and publishing software projects has become a viable option for many software development organizations. Successful open source projects such as git and Linux, among others, have paved the way for more ‘Free/Libre Open Source Software’ (FLOSS) to emerge in the past. While platforms for hosting open source projects such as Github and Bitbucket have made it easy to view and contribute to the source code of projects, understanding and maintaining the communities that build and support the project has been historically lauded as a difficult problem. For an open source project to be successful, it is important to maintain a healthy community that uses and supports the project.

Developers, experienced and novice alike, have expressed a need to know various health indicators that make a project successful. Before contributing, it would be helpful to know if their issues and pull requests will be lost in a black hole. For experienced developers, it would be a waste of time to make changes to a codebase only to have a rude response from the maintainer, or worse, no response at all. For novice developers who want to contribute for the first time, such an experience could be demotivating.

Github exposes a lot of data about its hosted repositories to its users and third-party developers via its website and APIs. Data such as number of commits, additions, deletions to the codebase per contributor, and code frequency over time is readily available in the ‘Graphs’ tab for every Github repository. While this gives a good idea about the quantitative aspects of the codebase, it tells little to nothing about the community that builds the project. To gauge the health of a project, and in turn, the community that develops it, it is important to look beyond just the codebase.

The aim of HealthyRepo is to provide a tool, in the form of a web application, to use data from Github repositories to display the ‘health’ of open source projects.

Mark Cafaro

Chair: Dr. David Socha
Candidate: Master of Science in Computer Science & Software Engineering
5:30 P.M.; DISC 464
A Web System in Support of Wide-Field Ethnography

Wide-Field Ethnography (WFE) is an emergent approach of gathering and collaboratively analyzing multi-modal, multi-stream datasets of physical-cyber-social systems. In contrast to other quantitative approaches, WFE aims to capture and preserve the richness of people’s collaboration by using multiple video cameras, microphones, and other sensors to intensively collect ethnographic materials. It is thought that sharing such rich datasets among an interdisciplinary team of researchers may support more comprehensive analysis of complex systems.

However, while studies are ongoing to explore these possibilities, WFE is currently hindered by the sheer size and complexity of its datasets. One gathered in 2014, for example, contains six terabytes of data across 114 thousand files. Predictions say that by 2025 these datasets will grow to contain petabytes of data across significantly more files. Present systems lack efficient means to share datasets of this size and complexity among distributed teams of researchers. Further, present systems lack efficient means to help researchers understand, navigate, browse, filter, annotate, and analyze these datasets in a collaborative manner.

This report details the requirements, design, and preliminary implementation of a web system to help address these needs. The primary goals of this system are: (1) to provide a central repository for secure, shared, access and storage of WFE datasets, and (2) to facilitate development of software tools for collaborative analysis of these datasets. Key features of this system include dataset hosting and management, data querying and filtering, provenance recording, and a web application programming interface.
 

Back to top

Questions: Please email stemgrad@uw.edu