Computer Science - Doctoral Theses

Permanent URI for this collection

https://hdl.handle.net/10468/511

Browse

Recent Submissions

Now showing 1 - 5 of 80
  • Thumbnail Image
    Item
    Detecting targeted interference in the Internet of Things
    (University College Cork, 2024) Morillo, Gabriela; Roedig, Utz; Pesch, Dirk H J; Science Foundation Ireland
    This thesis investigates targeted jamming interference detection to enhance security in the Internet of Things (IoT) infrastructures. The study starts by assessing the critical role of IoT system monitoring in securing large networks, emphasising the need for automated solutions to detect and mitigate threats, ensuring continuous and reliable operations. This provided insight into how interference monitoring solutions should be implemented. The development of this kind of detector is important as naturally occurring interference requires a different response than targeted interference attacks. A significant portion of the thesis is dedicated to addressing vulnerabilities in the Narrowband-Internet of Things (NB-IoT), a Low Power Wide Area Network (LPWAN) radio technology required for large-scale IoT deployments. Initially, it looks specifically into how interference with NB-IoT synchronisation signals can lead to Denial of Service (DoS) attacks, highlighting the need to prevent and mitigate such vulnerabilities. A novel attack on the initial communication steps is provided in this investigation. To address these challenges, this work introduces a novel method for detecting targeted interference at the User Equipment (UE) level in NB-IoT networks. Our solution utilises network performance data and subframe loss rates to differentiate between targeted attacks and naturally occurring interference, which is critical as they require different responses. The costs associated with designing dedicated detectors for each technology, including established and upcoming ones, are high. Therefore, we propose a technology-independent approach to detect targeted interference across various IoT networks. This solution, designed to function on resource-constrained IoT devices, analyses packet loss rates and patterns to detect the presence of targeted attacks. This detection technique has been proven through comprehensive assessments using several IoT technologies, including NB-IoT and IEEE 802.15.4 GTS, demonstrating its effectiveness in distinguishing targeted interference from natural interference. This work advances the state of the art in detecting malicious interference in IoT environments by introducing a technology-independent targeted interference detection method capable of operating on resource-constrained IoT devices. Unlike prior research, which has primarily focused on machine learning IDS or including additional hardware for their solutions, our approach monitors packet loss rates and patterns across different wireless communication technologies (e.g. Narrowband Internet of Things and IEEE 802.15.4) to perform statistical anomaly detection. This is the first research to propose and validate a comprehensive, technology-independent framework that effectively distinguishes between targeted attacks and natural interference, thereby significantly enhancing the security and resilience of heterogeneous IoT deployments. Overall, our research emphasises the importance of robust monitoring systems and innovative defence mechanisms to safeguard IoT infrastructures against evolving and emerging threats while also contributing valuable insights and tools to enhance the resilience of critical IoT applications.
  • Thumbnail Image
    Item
    Time-Sensitive Networking for industrial IoT: integration, analysis, and performance evaluation
    (University College Cork, 2024) Seliem, Mohamed; Pesch, Dirk H J; Zahran, Ahmed; Science Foundation Ireland
    Industrial automation networks demand precise timing, minimal latency, and negligible packet loss for efficient real-time data exchange. Time-Sensitive Networking (TSN) emerges as a crucial technology for future automation, promis ing enhanced timing accuracy, reduced packet delay, and improved networking determinism. This thesis explores and innovates within TSN functionalities to address key aspects of industrial networking and related technologies. The critical need for reliable real-time data exchange across industries is examined, introducing TSN principles such as time synchronisation, deterministic communication, traffic shaping, and Quality of Service (QoS) assurances. Through simulation, typical industrial use cases and traffic requirements are evaluated, focusing on priority queuing, Time Aware shaping (TAS), and Credit Based Shaping (CBS) to meet latency constraints. The findings demonstrate TSN’s ability to orchestrate network traffic while adhering to strict timing requirements, highlighting its practical relevance in industrial automation. In smart manufacturing environments, the optimisation of industrial networks for Quality Control and Classification After Production (QCAP) is emphasised. By leveraging TSN standards, diverse QoS requirements are addressed to enhance efficiency and reliability. Fault tolerance in Industrial Internet of Things (IIoT) applications is also investigated using network calculus principles to analyse worst-case latency, providing insights into network performance and stability. The research integrates TSN with Software Defined Networks (SDN) to manage network configurations, focusing on traffic scheduling in industrial applications. Network-device contracts are proposed for traffic schedule computation and distribution, demonstrating scalability through Mininet emulation. Additionally, Wi-Fi is explored as a complementary technology for IoT applications, evaluating its potential to reduce latency and enhance industrial automation. This thesis offers a comprehensive analysis of TSN performance across various scenarios and its integration with complementary technologies, providing valuable insights for advancing industrial automation and connectivity within the industry 4.0 paradigm.
  • Thumbnail Image
    Item
    Uncertainty in Recommender Systems
    (University College Cork, 2024) Coscrato, Victor; Bridge, Derek G.; Science Foundation Ireland
    Recommender Systems have emerged as a powerful tool in the information era. Due to the overwhelming number of items (products and services) currently offered on digital platforms, it is often necessary to use a system capable of ranking the items and offering those that are most relevant to each user. These systems typically use historical user-item interaction data to build models that can predict the relevance of each item to the user. There has long been a focus on increasing recommendation accuracy through the development of new prediction models. However, this is just one of the ways to improve these systems. It is also possible to equip them with new tools that extend their functionality in different ways. The tools that we focus on in this dissertation are uncertainty estimators. The problem of uncertainty is relevant to Recommender Systems in at least two ways: prediction uncertainty and label uncertainty. Prediction uncertainty is the expected imprecision of the predictions given by the system's model. Label uncertainty is the chance that interactions used to learn the prediction model are mislabeled. This dissertation reports by far the most extensive study of these two types of uncertainty, offering a varied set of methods for their estimation, ranging from heuristic data metrics to novel uncertainty prediction models. In overview, this dissertation is the largest compilation of methods for estimating prediction uncertainty and label uncertainty in Recommender Systems to date. This collection includes already-existing methods -- that we survey, rewrite in a common notation, implement, make available under an open license, and compare in-depth -- and many original methods, some that derive directly from existing work, but others that involve complex modeling. We divide our work into three branches: prediction uncertainty in explicit feedback-based systems, prediction uncertainty in implicit feedback-based systems, and label uncertainty in implicit feedback systems. While this dissertation proposes new uncertainty estimation methods, the novel work in this dissertation is not restricted to new estimation methods. We also propose new techniques for evaluating prediction uncertainty estimators. Furthermore, we present and validate novel ways of using uncertainty estimators to improve the operation of a Recommender System. At the core of our research program, and for each of the three branches cited above, we have rigorous validation of our prediction and label uncertainty estimation methods through large-scale, reproducible empirical studies on publicly available recommendation datasets that unveil important insights into the performance and usefulness of the proposed methods. These studies include both the novel and surveyed uncertainty estimation methods, and make use of the novel uncertainty evaluation techniques that we propose. This work can be an important mechanism for promoting new research on this topic that is still largely unexplored in the world of Recommender Systems. Thus, this dissertation is a contribution to the field of Recommender Systems, not just in terms of an all-encompassing compendium of uncertainty estimation methods for practitioners, but also in guiding future work. Given that the landscape of Recommender Systems continues to evolve, our work is poised to shape the discourse about uncertainty in the field.
  • Thumbnail Image
    Item
    Secure coding in organisations: practice, culture, motivations and tensions
    (University College Cork, 2024) Ryan, Ita; Stol, Klaas-Jan; Roedig, Utz; Science Foundation Ireland
    This thesis considers how to measure and improve secure software development in organisations. The thesis comprises three studies; a literature review, a large-scale survey of software developers, and a study comprising interviews with software professionals. The work is motivated by the continuing high prevalence of vulnerabilities in software. The proliferation of cybercrime, cyber espionage and other online issues, and their relationship to insecure software, are examined during the literature review study. The literature review also uncovered two main secure-coding influences on software developers; personal attributes such as knowledge and motivation, and environmental factors like secure coding pressure, resources and support. These observations led to the development of the Software Developer Security Archetypes; a two-dimensional framework designed to provide a vocabulary for thinking about software developers and their software security context. Also in this first study, 25 unhelpful assumptions in software security research were identified and documented. These include, that secure-coding activities will be reflected in artefacts, and that findings from a single study are final. The literature review suggested that some organisations pay lip service to code security without providing the requisite time and leadership support, a phenomenon sometimes called a ‘checkbox’ attitude to secure coding. The second study was designed to investigate this contradiction and other aspects of secure development. It entailed a secure coding development survey (n=962). Industry-based research was leveraged to construct a lightweight, empirically-based set of questions to measure practice. A further set of questions grounded in the literature review was included to investigate security culture. Survey respondents worked in environments with a broad range of secure-coding approaches. Comparison of secure coding practice and culture measurements showed indicators of a checkbox attitude to software security in some organisations. Small organisations, isolated and solo developers and freelance workers used fewer secure development practices, and their secure-coding tool use was limited. Secure coding requires specific technical knowledge. The answers to secure software training questions indicated that only 39.6% of respondents had been offered secure coding training. When offered, training did not always have the qualities required to make it effective, such as relevance and frequency. The third study comprised a series of interviews with software developers and senior managers, that sought their views on how software-security prioritisation by senior management affects secure development. The factors that motivate senior management in organisations to prioritise software security were investigated. Interview analysis showed that awareness and knowledge of security, breaches in other organisations, and regulatory and legal obligations were considered organisational software security motivators. This research indicates that increasing the software security obligations of organisations and other entities producing software is essential to increased software security. However, such measures may have unintended consequences, such as the stifling of innovation.
  • Thumbnail Image
    Item
    Bayesian bilevel optimization
    (University College Cork, 2023) Dogan, Vedat; Prestwich, Steve; Wilson, Nic; Science Foundation Ireland
    In this dissertation, we focus on improving bilevel optimization through several approaches developed during research. Bilevel optimization problems consist of upper-level and lower-level optimization problems connected hierarchically. Upper-level and lower-level problems are also referred to as the leader and the follower problems in the literature. The leader must solve a constrained optimization problem in which some decisions are made by the follower. Both have their objectives and constraints. The follower’s problem appears as a constraint of the leader. Such problems are used to model practical applications in real life where authority is realizable only if the corresponding follower objective is optimum. There are several practical applications in the fields of engineering, environmental economics, defence industry, transportation and logistics that have nested structures that are fitted to these types of modelling. As the complexity and the size of such problems have increased over the years, the design of efficient algorithms for bilevel optimization problems has become a critical issue and an important research topic. The nested structure of bilevel optimization problems comes with several interesting challenges to the problem of algorithm design. Naturally, the problem requires an optimization problem at the lower level for each upper-level solution. That makes the problem computationally expensive. Also, an upper-level solution is considered feasible only if the corresponding lower-level solutions are the global optimum of its objective. Therefore, not accurate lower-level solutions might lead to an objective value that is better than the true optimum at the upper level. It comes with another challenge for the selection strategies of solutions and naturally the performance including the computational effort. There are several approaches proposed in the literature for solving bilevel problems. Most focus on special cases, for example, a large set of exact methods was introduced to solve small linear bilevel optimization problems. Another approach is to replace the lower-level problem with its Karush-Kuhn-Tucker conditions, reducing the bilevel problem to a single-level optimization problem. A popular approach is to use nested evolutionary search to explore both parts of the problem, but this is computationally expensive and does not scale well. The works presented in this dissertation are directed to improve the bilevel optimization process in terms of accuracy and required function evaluations by developing and implementing the black-box approach to the upper-level problem. First, we focused on extracting knowledge of previous iterations and conditioned lower-level decisions to improve upper-level search. Then, we attempt to improve upper-level search by using the multi-objective acquisition function in the Bayesian optimization process and use the benefit of multi-objective optimization literature for using different search strategies at the upper-level search. After, the multi-objective bilevel optimization problems are investigated and a Bayesian approach is developed to approximate the Pareto-optimal front of the problem. Both single and multi-objective optimization problems are investigated in this dissertation. The experiments are conducted on a comprehensive suite of mathematical test problems that are available in the literature as well as some real-world problems. The performance is compared with existing methods. It is observed that the proposed approaches achieve a promising balance between accuracy and computational expanse, therefore it is suitable for applying the proposed approaches to several real-life applications in different fields.