Title

Projects		  
 
 
Projects
 
  Graduate Projects

Projects done at Purdue will be added soon

Project name: Ensuring Security, Privacy and Robustness of RFID Authentication
Ensuring strong privacy and security has been an enormous challenge due to extremely inadequate computational storage of typical RFID tags. So usually in order to relieve tags from responsibility, privacy protection and security assurance was guaranteed by central server. We suggested serverless, forward secure, anonymous and untraceable authentication protocol for RFID tags. This authentication protocol safeguards both tag and reader against almost all major attacks (such as: Privacy protection, Eavesdropping, Tracking, Cloning, Physical attacks, Re-synchronization and Denial of Service) without the intervention of server.
Besides thwarting some major attacks, RFID systems need to be able to recover from unexpected conditions during operation. In an advanced work of this project, we proposed a Robust Authentication Protocol (RoAP) that supports not only security and privacy, but also fault-tolerance in RFID systems. The protocol can get back the desynchronized tags and readers to their normal state, and thus provides robustness.
A further investigation for designing a hexagonal cell based distributed architecture which ensures improved scalability while maintaining privacy. The hexagonal architecture allows readers to co-operate with one another to identify tags without compromising scalability. Furthermore, this architecture uses serverless protocols for security assurance, cutting down set up and maintenance cost as well as traffic to server.

    Publications:
  • Md. Endadul Hoque, Farzana Rahman, Sheikh I. Ahamed, and Jong Hyuk Park, "Enhancing Privacy and Security of RFID System with Serverless Authentication and Search Protocols in Pervasive Environments", Springer Wireless Personal Communication, 2009, http://dx.doi.org/10.1007/s11277-009-9786-0.
  • Md. Endadul Hoque, Farzana Rahman, and Sheikh Ahamed, "Supporting Recovery, Privacy and Security in RFID Systems Using a Robust Authentication Protocol", in Proceedings of the 24th ACM Symposium on Applied Computing ( ACM SAC 2009) , Hawaii, USA, March 2009, pp. 1062-1066.
  • Sheikh I. Ahamed, Farzana Rahman, Endadul Hoque, Fahim Kawsar, Tatsuo Nakajima, "YA-SRAP: Yet Another Serverless RFID Authentication Protocol", in Proceedings of the 4th IET International Conference on Intelligent Environment (IE08), Seattle, USA, July 2008, pp. 1-8.
  • Sheikh Iqbal Ahamed, Farzana Rahman, and Md. Endadul Hoque, "Secured Tag Identification Using EDSA (Enhanced Distributed Scalable Architecture)", in Proceedings of the 23rd Annual ACM Symposium on Applied Computing (ACM SAC 2008), Ceará, Brazil, March 2008, pp. 1902-1907.

Project Name: Secure Tag Searching in RFID Systems
One extension of RFID authentication is RFID tag searching. But we firmly believe that in near future tag searching will be a significant issue. And tag searching need to be scalable as RFID tags are deployed comprehensively within a system. Under this project, we proposed a lightweight RFID tag searching protocol. The protocol can search a particular tag efficiently as the approach is not based on exhaustive search and it does not employ extreme cryptographic functions.
Tag searching need to be scalable as RFID tags are deployed comprehensively within a system. We proposed scalable, forward secure, anonymous, and secure search (S-Search) protocol for searching RFID tag. The S-Search protocol does not require the reader to collect IDs from each RFID tag, but is still able to accurately find out a specific RFID tag. The search protocol uses slotted ALOHA technique for reply transmission.

    Publications:
  • Sheikh I. Ahamed, Farzana Rahman, Endadul Hoque, Fahim Kawsar, and Tatsuo Nakajima, "Secure and Efficient Tag Searching in RFID Systems using Serverless Search Protocol", International Journal of Security and Its Applications (IJSIA), Vol.2, No.4, October 2008.
  • Md. Endadul Hoque, Farzana Rahman, and Sheikh I. Ahamed, "S-Search: Finding RFID Tags Using Scalable and Secure Search Protocol", to appear in Proceedings of the 25th ACM Symposium on Applied Computing (ACM SAC 2010), Switzerland, March 2010.
  • Sheikh I. Ahamed, Farzana Rahman, Endadul Hoque, Fahim Kawsar, and Tatsuo Nakajima, "S3PR: Secure Serverless Search Protocols for RFID", to appear in Proceedings of the Second IEEE International Conference on Information Security and Assurance (ISA 2008), Busan, Korea, April 2008, pp. 187-192.

Project Name: Secure RFID Authentication Protocol based on Elliptic Curve Cryptography (ECC)
RFID has gained appreciation as an emerging technology to thwart counterfeiting problem. And public key cryptography (PKC) provides impeccable solution to the counterfeiting problem. One recent family of public key cryptosystem is Elliptic curve cryptography (ECC) which is a better choice than RSA cryptographic system because of its shorter key length. Moreover depending upon the environment and application in which it is used, improved performance can be achieved. We adopt the belief that ECC based public key algorithms are feasible for RFID identification or authentication. We proposed ECC based RFID authentication protocol (ERAP) which is secure against some major passive and active attacks. This is a mutual offline authentication protocol which ensures that the tag and the reader authenticate each other prior to any data exchange.

    Publications:
  • Sheikh Iqbal Ahamed, Farzana Rahman, and Md. Endadul Hoque, "ERAP: ECC based RFID Authentication Protocol", in Proceedings of the 12th IEEE International Workshop on Future Trends of Distributed Computing Systems (FTDCS 2008), Kunming, China, October 2008, pp. 219-225.

Project Name: Secured Initial Trust in Pervasive Environments
Trust models play a major role in guarding against privacy violations and security breaches. Though assignment of initial trust is an important issue, little work has been done in this area. Most of the prior researches on trust models assume a constant level of the initial trust value. However, in a pervasive smart space, trust is context dependent. The need for security varies from context to context. We propose a new initial trust model called ICSTB (Integration of Context Security in Trust Bootstrapping). The model categorizes services or contexts in different security levels based on their security needs, and these security needs are considered in trust bootstrapping.
As an extension of this project we also developed Adaptive Initial trust and Demand aware Secure Resource Discovery (AID-SRD) model for pervasive environment. Traditional computer systems and small distributed networks rely on users’ authentication to provide security. However, this strategy is extremely inadequate for the increased flexibility of pervasive environments, where users join and leave frequently. We proposed a solution to this using a secure resource discovery model AID-SRD. A Demand Unit is incorporated in AID-SRD which enables efficient resource sharing with unknown devices. AID-SRD also assigns initial trust considering the variable security need of different services.
Another extension of this project is the presentation of a context specific and reputation based trust model along with a brief survey of trust models suitable for peer-to-peer and ad-hoc environments. We have devised a multi-hop recommendation protocol and a flexible behavioral model to handle interactions. One other major contribution of this project is a simple method of handling malicious recommendations. We have illustrated the implementation and evaluation of our proposed formal trust model.

    Publications:
  • Sheikh I. Ahamed, Endadul Hoque, Farzana Rahman, and Mohammad Zulkernine, "Towards Secured Trust Bootstrapping in Pervasive Computing Environment", in Proceedings of the 11th IEEE High Assurance Systems Engineering Symposium (HASE 2008), Nanjing, China, December 2008, pp. 89-96. [Acceptance rate 22%]
  • Md. Endadul Hoque, Farzana Rahman, and Sheikh Iqbal Ahamed, "An Adaptive Initial Trust and Demand Aware Secure Resource Discovery (AID-SRD) Model for Pervasive Environments", in Proceedings of the 3rd IEEE International Workshop on Web and Pervasive Security (WPS 2009) held in conjunction with PerCom 2009, Texas, USA, March 2009, pp. 1-6.
  • Sheikh I. Ahamed, Munirul M. Haque, Md. Endadul Hoque, Farzana Rahman, and Nilothpal Talukder, "Design, Analysis, and Deployment of Omnipresent Formal Trust Model (FTM) with Trust Bootstrapping for Pervasive Environments", Journal of Systems and Software (JSS), Elsevier, to appear 2009, http://dx.doi.org/10.1016/j.jss.2009.09.040.

Project Name: Using Trust for Security Auto-configuration in Assisted Living Environments
For elderly people, conceiving technologies for increasing their autonomy, so as to enable them to self-manage their life is of utmost importance. However, when it comes to smart home, once all appliances in a home are automated and connected, it becomes essential to consider issues of security, especially security configuration. In the smart home, security has to be configured and managed by technology-unaware elderly people. One mechanism of auto security configuration in such environment can be achieved by observing the trustworthiness of smart devices. Trust-based security mechanisms allow access rights to evolve among previously unknown devices, thus minimizing security configuration. We presented a security configuration model which takes critical security decisions by determining the trustworthiness of an entity based on the sources of trust: Direct interaction and Recommendation trust.

    Publications:
  • Md. Endadul Hoque, Farzana Rahman, Sheikh I. Ahamed, and Lin Liu, "Trust Based Security Auto-Configuration for Smart Assisted Living Environments", to appear in Proceedings of the ACM Workshop on Assurable & Usable Security Configuration (SafeConfig 2009) collocated with ACM CCS 2009, Chicago, USA, November 2009.

Project Name: A Privacy Sensitive Architecture for Pervasive Online Community Based Applications
Privacy in a pervasive online community depends on the level of granularity of the provided information, the number of and the user’s relation to possible recipients, and the possible usage of the user’s data, Conventional privacy preservation techniques are not suitable for these pervasive applications. We proposed a novel Privacy-sensitive architecture for Context Obfuscation (PCO) for privacy preservation in pervasive online community based applications. More specifically, PCO safeguards a user’s privacy by generalizing the contextual data (e.g. the user’s current activity) provided to the applications and distributed to the user’s peers. To support multiple levels of granularity for the released contextual data, the obfuscation procedure uses an ontological description that states the granularity of object type instances. We have developed and evaluated a contextual instant messaging application that incorporates level-based privacy of the user’s contextual information.

    Poster:
  • "IMPriv: A Context Aware Privacy Sensitive Instant Messaging (IM) Technique", Computational Sciences Symposium, April 2009, Marquette University.

Project Name: Towards Anonymity Protection with Privacy Quantification for Context-aware Applications
Context-based pervasive applications have the vulnerabilities of tracking and capturing extensive portions of users’ activities. So, users certainly desire to be notified of potential data capture. Whether such data capture is an actual threat or not, users’ perceptions of such possibilities may discourage them from using and adopting pervasive applications. So far in context-based pervasive applications, location data has been the main focus to make users anonymous. However in reality, anonymity depends on all the privacy sensitive data collected by the applications. Protecting anonymity with the help of an anonymizer has the susceptibility of a single point of failure. A formal model is our goal that preserves users’ anonymity without anonymizer while quantifying the amount of privacy at the time of asking for services from untrustworthy service providers. Before placing a request, each user can protect his own anonymity by collaborating with his peers. In addition, our goal is also a novel approach to quantify the requester’s achieved privacy by the request to be placed.

    Poster:
  • "Measuring Privacy in Pervasive Computing Environment", ORSP Forward Thinking Poster Session/Colloquy, November 2008, Marquette University

Project Name: A Reliable Private Data Aggregation technique for Wireless Sensor Networks
In WSNs, achieving ideal data accuracy is complicated due to collision, heavy network traffic, processing delays and/or several attacks. The problem of gathering accurate integrated data will be further intensified if the environment is adverse. Hence how to attain data privacy and perfect data accuracy are two major challenges for data aggregation in wireless sensor networks. To address this problem, our goal is to propose a new privacy preserving data aggregation scheme that can support data accuracy and data privacy simultaneously. Different from past research, our focus is on the following features: providing privacy preservation technique for individual sensor data and aggregated sensor data; maintaining perfect data accuracy for realistic environments; being highly efficient; and being robust to popular attacks launched in WSNs.

Project Name: PriLoc: Automated Transportation System Using Location Based Services
A prototype is developed to automate the traditional student transportation system of Marquette University within the campus. Utilizing the location of user’s mobile device and with the help of some LBSs running on the server, PriLoc can automate as well as reduce the complexity of the existing manual system.

    Poster:
  • "PriLoc Service: Privacy Support for Location Based Systems", Computational Sciences Symposium, April 2009, Marquette University.

Project Name: CFC: Being Green with Real Time Carbon Footprint Calculator
As a first step towards green software infrastructure, we developed an individual carbon footprint calculator application. An extensive research survey has been conducted to find out the important parameters of carbon emission from users’ perspective. Low cost and reusable sensors are used to collect the parameter values from the environment and user’s mobile phone is used as an intermediary to send data from sensors to the server. Finally a mathematical model is applied to determine the real time carbon footprint of a person. This project is done under the course "Elements of Software Development (MSCS 6050 new system)."

    Poster:
  • "Towards Green Software Infrastructure", Proceedings of the Forward Thinking Poster Session/Colloquy Presentation, Marquette University, December 2009, pp. 5.

Project Name: Serfler_v2.5
Enhanced Serfler (http://spectral.mscs.mu.edu/javadev/src/Serfler.html) from its original version to Serfler_v2.5 (http://www.mscs.mu.edu/~mhoque/Net2009A/Report.html) to support the specification of Java Servlet Specification 2.5. This project is done under the course "Computer Networks 2 – Network Applications (MSCS 210 old system)".

Undergraduate Projects

Project Name: Minimizing Broadcast Redundancy for Ad-hoc Wireless Networks

    Publications:
  • A. Rahman, M.E. Hoque, F. Rahman, S. K. Kundu, and P. Gburzynski, "Enhanced Partial Dominant Pruning (EPDP) Based Broadcasting in Ad hoc Wireless Networks", Journal of Networks (JNW), to appear, 2009.
  • Endadul Hoque, Farzana Rahman, Sabuj Kundu, Ashikur Rahman and Pawel Gburzynski, "Enhanced Partial Dominant Pruning (EPDP) Based Broadcasting in Ad hoc Wireless Networks", in Proceedings of the International Symposium on Performance Evaluation of Computer and Telecommunication Systems (SPECTS 2008), Edinburgh, UK, June 2008, pp. 143-150.
    Thesis:
  • "Minimizing Broadcast Redundancy for Ad-hoc Wireless Networks".

Project Name: Automobile Service Center Management System
System analysis and design of a web based automobile service center. It is developed using JavaServer Faces framework in J2EE platform and MySQL database as backend.

Project Name: Department Resource Management System
A web based software for managing the resources of a university department. It is developed using Apache Jakarta Struts framework and Oracle database as a backend.

Project Name: Simulation of Broadcasting Results in Ad Hoc Wireless Networks
A GUI based simulator for the analysis of the broadcasting results in ad hoc wireless environment for using EPDP (Enhanced Partial Dominant Pruning) as broadcasting algorithm. It is developed in J2SE platform.

top