UTSA Electronic Theses and Dissertations
Permanent URI for this communityhttps://hdl.handle.net/20.500.12588/2226
This collection contains electronic UTSA theses and dissertations (ETDs), primarily from 2005 to present. The collection is not comprehensive; search the UTSA Library Catalog for a complete list of UTSA theses and dissertations.
Since 2023, the UTSA Graduate School has required all theses and dissertations to be made publicly available in Runner Research Press. However, authors are able to request an embargo. Embargoed ETDs will not be downloadable until after their embargo expires.
Authors of these ETDs have retained their copyright while granting UTSA Libraries the non-exclusive right to reproduce and distribute their works.
There are two collections of Master’s and Doctoral ETDs. One is available only to currently enrolled UTSA students, faculty or staff. To be able to download an ETD that is UTSA access only, navigate to “Log In” on the top right-hand corner of this screen, then select “Log in with my UTSA ID.”
Open Access ETDs are those which the author has granted permission for their work to be available to the general public.
Former students are invited to broaden access to their thesis or dissertation by making it available in the Open Access collection. To initiate this process, or if you have any questions about the ETD collection, please contact rrpress@utsa.edu.Browse
Browsing UTSA Electronic Theses and Dissertations by Department "Computer Science"
- Results Per Page
- Sort Options
Item 3D Digital Twin Representation of Building Indoors(2022) Akunuru, Susheela SriThe Industry 4.0 has revolutionized the way of working for many sectors especially the manufacturing, distribution and construction industries. Integration of new technologies such as cloud computing, data analytics, machine learning, artificial intelligence and internet of things into production facilities, operations and management for increased efficiency and better performance is happening rapidly which led to the rise of digital twin technology in the AEC industry. There are various studies that are carried out as a part of 3D digital representations of structures. Some of them use neural networks, rule based analysis and knowledge based approaches to generate valuable insights for the maintenance and development of each stage of the building's life cycle but this thesis uses model driven approach for building indoors model. The potential use cases of the work include crisis management, material shelving analysis, indoor navigation, path planning for robots and synthetic data generation for AI research. Due to extensive labour and time that goes into developing 3D models via sketches or third party tools, this thesis proposes an automated way of generating 3D models from 2D floorplan images through python scripts. The digital twin capabilities are introduced to the indoors model with the help of Pixar's USD technology. As a result of this approach, the generated 3D models are built in no time and accuracy to a highest level of detail is achieved for a building indoors environment.Item A characterization of complex network attack resilience(2012) Tyra, AdamIn the past decade, the emerging discipline of Network Science has attracted a substantial amount of attention from physicists and computer scientists. The core objects that Network Science studies are complex networks, which are pervasive in the real world. The most important example of a real world complex network is the Internet. One important characteristic of complex networks is their resilience when exposed to various malicious attacks. While there have been previous studies of this topic, our understanding in this field is far from satisfactory. This thesis represents an extensive study of the resilience of complex networks against a spectrum of attacks, including recently introduced dependent attacks and sophisticated adaptive attacks. It advances the state of the art by making three contributions. First, it revisits the resilience of non-interdependent networks in the context of a spectrum of realistic attacks that are launched by a single attacker (or collaborating attackers). Second, it studies the resilience of interdependent networks against a spectrum of attacks. Third, it studies the resilience of non-interdependent networks against attacks that are launched by multiple non-collaborating attackers. The studies lead to findings and insights that are observed for the first time in this thesis.Item A Featherweight Deadlock Detection and Prevention System for Production Software(2017) Zhou, JinpengDeadlock is a critical problem that halts parallel programs with no further progress. Pro- grammers may need to make tremendous efforts to achieve deadlock-free, because it requires pro- found understanding of synchronization logic especially when the program is highly concurrent with many threads or processes. Existing detection tools suffer from significant recording per- formance overhead and excessive memory overhead. Furthermore, they may introduce numerous false alarms, which requires tremendous manual efforts to confirm and fix these deadlocks. This thesis proposes a novel library-based runtime system, named as UNDEAD, for defeating resource deadlocks related to mutex locks in production software. Different from existing detection tools, UNDEAD imposes negligible runtime performance overhead (2% on average), and 14% memory overhead, based on our evaluation on PARSEC benchmarks and seven real applications, including MySQL, Apache, SQLite, Memcached, Aget, Pbzip2 and Pfscan. Based on the detection results, UNDEAD automatically strengthens erroneous programs with the capability to prevent future occurrences of all detected deadlocks, which is similar to the ex- isting work—Dimmunix. However, UNDEAD exceeds Dimmunix with several orders of magni- tude lower performance overhead, and eliminates numerous false positives. The advantages in- cluding extremely low overhead, bounded memory/storage overhead, automatic prevention make UNDEAD an convenient, always-on detection and a "band-aid" prevention system for production software. In this thesis, we also provide a case study, then extract some basic definitions and properties from our case study for detecting communication deadlocks related to conditional variables. Fur- thermore, We design a prototype which can be easily integrated into UNDEAD as an enhancement.Item A formal framework for analyzing sequence diagram(2013) Shen, HuiGraphical representations of scenarios, such as UML Sequence Diagrams, serve as a well-accepted means for modeling the interactions among software systems and their environment through the exchange of messages. The Combined Fragments of Sequence Diagram permit different types of control flows, including interleaving, alternative, and loop, for representing complex and concurrent behaviors. These fragments increase a Sequence Diagram's expressiveness, yet introduce a challenge to comprehend what behavior is possible in the traces that express system executions. Furthermore, software practitioners tend to use a collection of Sequence Diagrams to express multiple usages of a software system. It can be extremely difficult to determine manually that multiple Sequence Diagrams constitute a consistent, correct specification. This dissertation introduces an approach to codify the semantics of Sequence Diagrams with Combined Fragments in terms of Linear Temporal Logic (LTL) templates. In each template, different semantic aspects are expressed as separate, yet simple LTL formulas that can be composed to define the semantics of all the Combined Fragments. In addition, we develop an approach to transform Sequence Diagrams with Combined Fragments into the input language of model checker NuSMV. The analytical powers of model checking can be leveraged to automatically determine if a collection of Sequence Diagrams is consistent. Another benefit of this approach is the ability to specify certain safety properties of a system as intuitive Sequence Diagrams. We have developed tools to translate Sequence Diagrams to both LTL and NuSMV's input language to demonstrate that they can be automatically verified. We validate our techniques by analyzing two design examples taken from an insurance industry software application. We also model Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule using Sequence Diagrams to show that high-level policies can be described using Sequence Diagrams.Item A Framework for Characterizing Cyber Attack Reconnaissance Behaviors(2019) Garcia-Lebron, Richard B.Sophisticated cyber attacks often start with a reconnaissance phase, which may expose useful information about the attacks that will be waged later. It is therefore important to systematically understand and characterize cyber attack reconnaissance behaviors. However, little research on this matter has been reported in the literature. The present dissertation aims to fill the void by proposing and investigating the first systematic framework for characterizing cyber attack reconnaissance behaviors. The framework consists of three levels of abstractions: macroscopic, mesoscopic, and microscopic. Correspondingly, the dissertation makes the following three contributions. First, in order to characterize cyber attack reconnaissance behaviors at the macroscopic level, we propose a novel abstraction, dubbed dynamic attacker-victim relation graphs, to represent cyber attack reconnaissance behaviors. This abstraction leads to a time series of graphs and allows us to characterize the evolution of the attacker-victim relation over time. We present a case study with a focus on identifying the number of time resolutions that need to be considered in order to obtain a comprehensive characterization of these dynamic attacker-victim relation graphs. Second, in order to characterize cyber attack reconnaissance behaviors at the mesoscopic level, we propose clustering cyber attackers based on their reconnaissance behaviors over time. We propose a novel abstraction, dubbed multi-resolution clustering, to characterize the evolution of attackers' reconnaissance behaviors in adjacent time windows as well as the evolution of persistent attackers' reconnaissance behaviors over multiple adjacent time windows. Third, in order to characterize cyber attack reconnaissance behaviors at the microscopic level, we propose the novel notion of attacker reconnaissance trajectory hierarchy tree for representing temporal and spatial behaviors of cyber attack reconnaissance.Item A Framework for Composing Security-typed Languages(2013) Gampe, Andreas RobertEnsuring that software protects its users' privacy has become an increasingly pressing challenge. Requiring software to be certified with a secure type system is one enforcement mechanism. Protecting privacy with type systems, however, has only been studied for programs written entirely in a single language, whereas software is frequently implemented using multiple languages specialized for different tasks. We present a framework that facilitates reasoning over composite languages. In it, guarantees of sufficiently related component languages can be lifted to the composed language. This can significantly lower the burden necessary to certify that such composite programs are safe. Our simple but powerful approach relies, at its core, on computability. We argue that a composition is secure when we can show that an equivalent single-language program is secure. This reasoning can be applied to noninterference, the standard notion of language-based security, as well as declassification, which is a weaker security guarantee necessary for practical uses. We introduce Security Completeness as the main technical tool to satisfy our framework requirements. Informally, a security-typed languages is security-complete if every secure and computable function can be implemented as a well-typed program in the language. We formally study security completeness and derive sufficient, and in some cases necessary, requirements for a language to be security-complete. A case study of three seminal languages from the literature investigates the three main paradigms of secure languages: imperative, functional and object-oriented languages. We show that, with reasonable assumptions, all case studies are security complete. To demonstrate the applicability of this framework, we completely show that a standard secure while language satisfies all necessary requirements of a composition host, and present an expressive, security-typed fragment of SQL for embedding. We finish the thesis with an investigation of dynamically loaded code. A special interpretation of the framework allows it to be used to lift guaranties to programs containing components that are incrementally loaded and verified. This has three benefits. First, incremental loading means a lower start-up time for programs, as the full program is not necessary to start executing. Second, only code that is really necessary for the current computation will be loaded. This results in a decreased bandwidth or time requirement for the application. Third and finally, incremental verification distributes the verification time over the runtime of the program.Item A Framework for File Flow Analysis(2017) Rodriguez, Rodney XavierAs modern software systems today are becoming more complex, so is the process of building those systems. Developers can waste many hours trying to build software only to have it fail during the process. By analyzing the effects that build scripts have on a system's file structure it is possible to determine if a build script could execute successfully without errors. Looking at the elemental functions of a file structure, such as creating, removing and copying files, it is possible to analyze these functions to construct preconditions and postconditions for a system. We have developed a universal grammar that other build script languages can be reduced to express these elemental functions. Using these preconditions and postconditions generated by our framework we can show what an ideal file structure may look like before and after a build script is executed. By using the results produced by our framework it is possible to ensure successful execution, code transplantation, identify dependency issues and warn against potential errors.Item A Framework for Quantifying Security Effectiveness of Cyber Defenses(2021) Chen, HuashanCybersecurity metrics and quantification is a holy-grail challenge that has yet to be tackled. While significant progress has been made in quantifying building-blocks security, the problem of quantifying security from a holistic perspective is largely open. One fundamental factor that makes the problem so hard is the dynamics phenomenon incurred by complex attacker-defender-user interactions in cyberspace, meaning that the networked system itself, the employed defense posture, the adversaries, the users behaviors, and the global cybersecurity state evolve with time. This Dissertation makes a significant step towards ultimately understanding, characterizing, quantifying and managing cybersecurity from a holistic perspective, by proposing a high-fidelity simulation framework to model cyber attack-defense interactions while making weak assumptions. The framework falls under the Cybersecurity Dynamics approach, meaning that networks, users, attacks, defenses, and cybersecurity states all can evolve with time. The usefulness of the framework is demonstrated by three scenarios: quantifying security effectiveness of firewalls and DMZs; quantifying security effectiveness of coarse-grained dynamic network diversity; and quantifying security effectiveness of fine-grained static network diversity.Item A Holistic Approach Using Honey Communities For Cyber Event Detection and Protection in Communities and Large Distributed Organizations(2017) Rutherford, James R.The United States has U.S. CYBERCOM to protect the U.S. Military Infrastructure and the Department of Homeland Security to protect the nation's critical cyber infrastructures. These organizations deal with wide ranging issues at a national level. This leaves local and state governments to largely fend for themselves in the cyber frontier. My research will focus on how to determine the threat to a community or large organization and what indications and warnings can lead us to suspect a cyber security event impacting the community is underway. A cyber event in terms of this research includes probes of the network, simple brute force attacks, "low and slow" attacks that are not normally detected by Intrusion Detection Systems, and detection of illicit behavior within the network. We will utilize the concept of a collection of Honey Devices (HoneyPots, HoneyNets, HoneyWall) in concert with external protection devices (firewalls, and other perimeter defense devices) and combine them to form a multi-organization concept called a Honey Community. In the Honey Community the Honey Devices are spread throughout the community or large organization and provide data to evaluation nodes that combine the data with input from external perimeter defense devices. The evaluation nodes use data models to develop an overall picture of the system status and can relay that status to higher level nodes to inform IT professionals and Community Leaders of the status of their network. The focus is to reduce the number of days intruders are within the network and to detect intruders without the use of code or behavioral signatures.Item A statistical framework for analyzing cyber attacks(2014) Zhan, ZhenxinData-driven cyber security analytics is one important approach to understanding cyber attacks. Despite its importance, there are essentially no systematic studies on characterizing the statistical properties of cyber attacks. The present dissertation introduces a systematic statistical framework for analyzing cyber attack data. It also presents three specific results that are obtained by applying the framework to analyze some honeypot- and blackhole-captured cyber attack data, while noting that the framework is equally applicable to other data that may contain richer attack information. The first result is that honeypot-captured cyber attacks often exhibit Long-Range Dependence (LRD). The second result is that honeypot-captured cyber attacks can exhibit Extreme Values (EV). The third result describes spatial and temporal characterizations that are exhibited by blackhole-captured cyber attacks. The dissertation shows that by exploiting the statistical properties exhibited by cyber attack data, it is possible to achieve certain "gray-box" predictions with high accuracy. Such prediction capability can be exploited to guide the proactive allocation of resources for effective defense.Item A sublexical unit based hash model approach for spam detection(2009) Zhang, LikeThis research introduces an original anomaly detection approach based on a sublexical unit hash model for application level content. This approach is an advance over previous arbitrarily defined payload keyword and 1-gram frequency analysis approaches. Based on the split fovea theory in human recognition, this new approach uses a special hash function to identify groups of neighboring words. The hash frequency distribution is calculated to build the profile for a specific content type. Examples of utilizing the algorithm for detecting spam and phishing emails are illustrated in this dissertation. A brief review of network intrusion and anomaly detection will first be presented, followed by a discussion of recent research initiatives on application level anomaly detection. Previous research results for payload keyword and byte frequency based anomaly detection will also be presented. The drawback in using N-gram analysis, which has been applied in most related research efforts, is discussed at the end of chapter 2. The importance of text content analysis to application level anomaly detection will also be explained. After a background introduction of the split fovea theory in psychological research, the proposed sublexical unit hash frequency distribution based method will be presented. How human recognition theory is applied as the fundamental element for a proposed hashing algorithm will be examined followed by a demonstration of how the hashing algorithm is applied to anomaly detection. Spam email is used as the major example in this discussion. The reason spam and phishing emails are used in our experiments includes the availability of detailed experimental data and the possibility of conducting an in-depth analysis of the test data. An interesting comparison between the proposed algorithm and several popular commercial spam email filters used by Google and Yahoo is also presented. The outcome shows the benefits of the proposed approach. The last chapter provides a review of the research and explains how the previous payload keyword approach evolved into the hash model solution. The last chapter discusses the possibility of extending the hash model based anomaly detection to other areas including Unicode applications.Item Accelerating scientific applications on reconfigurable computing systems(2011) Tai, Yi-GangAdvances in multi-core, many-core, and heterogeneous computing systems have created numerous possibilities of parallelization and hardware acceleration. With their exibility and abundant logic resources, reconfigurable computing systems, in particular systems based on field-programmable gate arrays (FPGAs), have become an attractive option as hardware accelerators. This dissertation studies acceleration of QR and LU matrix decompositions on FPGA-based reconfigurable computing systems, where there are few solutions for scalable floating-point matrix decompositions. First, exploring experiments are presented to reveal the characteristics regarding different embedded processor cores and system configurations on an FPGA-based system. Next, a vector reduction method termed delayed buffering is proposed. With its low latency and high operator pipeline utilization, the method accelerates matrix decomposition by improving composing vector reduction computation. Finally, with the delayed buffering reduction incorporated, using an enhanced tiled matrix decomposition algorithm to access off-chip memory and parallelizing the main decomposition loop for on-chip computation allow a single FPGA to perform better than two general-purpose processors plus a graphics processing unit (GPU) for matrix decomposition of size limited by the capacity of off-chip memory.Item Access control for online social networks using relationship type patterns(2014) Cheng, YuanUsers and resources in online social networks (OSNs) are interconnected via various types of relationships. User-to-user (U2U) relationships form the basis of the OSN structure, the social graph, and play a significant role in specifying and enforcing access control. In fact, U2U relationship-based access control (ReBAC) has been adopted as the most prevalent approach for access control in OSNs, where authorization is typically made by tracking the existence of U2U relationships of certain types and/or depth between the access requester and the resource owner. We propose a novel ReBAC model for OSNs that incorporates different types of relationships and utilizes regular expression notation for policy specification, namely UURAC (User-to-User Relationship-based Access Control). Authorization policies are defined in terms of the patterns of relationship path on social graph and the hopcount limit of the path. In addition, two path checking algorithms are developed to determine whether the required relationship path for a given access request exists, and proofs of correctness and complexity analysis for the algorithms are provided. The UURAC model is implemented and evaluated to validate our approach. We subsequently integrate attribute-based policies into relationship-based access control. The proposed attribute-aware ReBAC enhances access control capability and allows finer-grained controls that are not otherwise available in ReBAC. Today's OSN applications allow various user activities that cannot be controlled by using U2U relationships alone. To enable a comprehensive ReBAC mechanism, we develop the URRAC (User-to-Resource Relationship-based Access Control) model to exploit user-to-resource (U2R) and resource-to-resource (R2R) relationships in addition to U2U relationships for authorization decision. While most of today's access control solutions for OSNs only focus on controlling user's normal usage activities, URRAC model also captures controls on user's administrative activities. Simple specifications of conflict resolution policies are provided to resolve potential conflicts among authorization policies. The objective of this research is to demonstrate that greater generality and flexibility in policy specification and effective access evaluation can be achieved in OSNs using relationship type patterns and attributes.Item Access Control Models for Cloud-Enabled Internet of Things(2018) Alshehri, Asma HassanThe concept and deployment of Internet of Things (IoT) has continued to develop momentum over recent years. The rapid development of IoT in recent years has triggered a wave of potentially unreasonable expectations. Many industries have started big projects with key technologies that incorporate the basic architecture of IoT, which has not been determined yet. Several different layered architectures for IoT have been proposed. In general, the proposed IoT architectures comprise three main components: an object layer, one or more middle layers, and an application layer. The main difference in detail between them is in the middle layers. Some architectures include a cloud services layer for managing IoT things. Some suggest the use of virtual objects as digital counterparts for physical IoT objects. Sometimes both cloud services and virtual objects are included. In this dissertation, we initially propose an IoT architecture that can be used to develop an authoritative family of access control models for a cloud-enabled Internet of Things. Our proposed access-control oriented (ACO) architecture for IoT comprises four layers: an object layer, a virtual object layer, a cloud services layer, and an application layer. This 4-layer architecture serves as a framework to build access control models for a cloud-enabled IoT. Within this architecture, we present illustrative examples that highlight some IoT access control issues leading to a discussion of needed access control research. We identify the need for communication control within each layer and across adjacent layers (particularly in the lower layers), coupled with the need for data access control (particularly in the cloud services and application layers). The ACO architecture is proposed for the cloud-enabled IoT, with virtual objects (VOs) and cloud services in the middle layers. A central aspect of ACO is to control communication among VOs. To this end, we develop operational and administrative access control models, assuming topic-based publish-subscribe interaction among VOs. Operational models are developed using (i) access control lists for topics and capabilities for virtual objects, and (ii) attribute-based access control, and it is argued that role-based access control is not suitable for this purpose. Administrative models for these two operational models are developed using (i) access control lists, (ii) role-based access control, and (iii) attribute-based access control. A use case of sensing speeding cars illustrates the details of these access control models for VO communication, and their differences. An assessment of these models with respect to security and privacy preserving objectives of IoT is also provided. Finally, we study AWS IoT as a major commercial cloud-IoT platform and investigate its suitability for implementing the afore-mentioned academic models of ACO and VO communication control. While AWS IoT has a notion of digital shadows closely analogous to VOs, it lacks explicit capability for VO communication and thereby for VO communication control. Thus, there is a significant mismatch between AWS IoT and these academic models. Our principal contribution in this regard is to reconcile this mismatch by showing how to use the mechanisms of AWS IoT to effectively implement VO communication models. To this end, we develop an access control model for virtual objects (shadows) communication in AWS IoT called AWS-IoT-ACMVO. We develop a proof-of-concept implementation of the speeding cars use case in AWS IoT under guidance of this model, and provide selected performance measurements. We conclude with a discussion of possible alternate implementations of this use case in AWS IoT.Item Adaptive Cloud Resource Management with Reinforcement Learning(2018) Mehra, RohitCloud computing encapsulates a dynamic environment, whose performance is affected by the internal resources as well as the external workloads. Hence, these services sometimes come with a cost of high latency variance and throughput degradation due to load imbalance, interference from background tasks such as data scrubbing, backfilling, recovery, and the difference in processing capabilities of heterogeneous servers in a datacenter. Resource management is the key to get maximum performance even when the system faces problems such as heterogeneity, background interferences and/or varying workload conditions. However, it is challenging for human operators to effectively monitor cloud-based systems health and hand-tune various control-knobs in a cloud-scale cluster for maintaining optimal performance under diverse workload conditions. This study presents an Adaptive Cloud Resource Management Framework to automate the configuration processes of cloud-based systems by effectively monitoring systems health and predicting workload conditions. At its core, the framework leverages system-level performance monitoring and a model-free reinforcement learning technique to track performance hotspots in the cluster and take appropriate corrective actions to maximize future performance under a variety of complex scenarios. This study applies the proposed framework to a cloud storage system Ceph, thus enabling it to manage itself through load balancing and data migration with the aim of delivering optimal performance in the face of diverse workload patterns and resource bottlenecks. Experiments using Cloud Object Storage Benchmark (COSBench) show that ACRMF improves the average read and write response time of Ceph storage cluster by up to 50% and 33% respectively, compared to the default case. It also outperforms a state-of-the-art dynamic load rebalancing technique in terms of read and write performance of Ceph storage by 43% and 36% respectively.Item Addressing Privacy Challenges in Modern Audio-Video Communication Systems and Applications(2023) Sabra, Mohd AmjadCatalyzed by advances in communication and Internet technology, web-based audio-video calling has become a mainstream method of remote communication. Recently, the trend has seen a further boost due to the COVID-19 pandemic, whereby audio-video calls by means of applications such as Skype and Zoom have become the default medium for professionals to confer remotely and for students to attend lectures from home. In addition, modern Virtual Reality (VR) devices and systems take this on step further by enabling applications that allow users to remotely co-locate and communicate in the same virtual space or world. Despite their extreme popularity and utility, audio, video and sensor data made available by these modern communication systems and applications could contain sensitive information about the participants, their surroundings or their current activity and context, and can present significant user-privacy challenges if not appropriately protected. This dissertation, at a high level, studies and demonstrates the feasibility of several novel user-privacy threats in popular web-based video-calling (e.g., Skype and Zoom) and virtual reality (e.g., VR Chat) applications and proposes novel mitigation and protection measures against these threats. Specifically, this dissertation has already made the following three significant contributions: (i) First, the dissertation investigated if an adversary, who is at one end of an online video call, can infer some potentially sensitive information about the participant at the other end which is not trivially visible/audible from the call? More specifically, the dissertation evaluated the feasibility of inferring keystrokes of a target user on a traditional QWERTY keyboard by just observing their video feed on a video calling application. This was accomplished by modeling commonly observed typing behaviors during a video call, and utilizing them to construct a novel video-based keystroke and typing detection framework. A text inference framework then uses the keystrokes detected from the video to predict words that were most likely typed by the target user. The proposed keystroke/typing detection and text inference frameworks were then empirically evaluated using data collected from a large number of human subject participants in several practical settings and scenarios. Finally, multiple techniques to mitigate such keystroke inference attacks from video calls were also propose and evaluated. (ii) Second, a popular privacy feature in online video calls virtual backgrounds or background filter was extensively studied to understand how effective it was in protecting users' actual backgrounds, and the sensitive information therein. For that, a novel background reconstruction framework, which reconstructs the real background in a video call that has a virtual background blended in, was first designed. Then, a through investigative analysis of the virtual background feature was accomplished by employing the real background (partially) reconstructed by this framework to carry out four different privacy attacks, namely, location inference, specific object tracking, generic object inference, and text inference attack. Finally, by means of video call data collected from real human subject participants (in a variety of different settings and parameters) and prerecorded videos collected in the wild, the performance of the proposed inference frameworks was empirically verified. As before, several mitigation strategies were also proposed and evaluated. (iii) The third aspect of this dissertation research focuses on investigating the privacy of user identities in virtual reality (VR) applications, where users may be recorded by an adversary while using worn-out-of-band motion sensors, such as smartwatches and smartphones. To address this issue, we record the video of virtual avatars to represent the users' movements in the VR application. We then use existing activity machine learning classifiers to classify video and motion data, and correlate both data streams using the Hamming distance and the Spearman Rank Correlation Coefficient. However, we have discovered that the time complexity of our correlation algorithm is not practical for large-scale applications. To overcome this challenge, This dissertation presents optimized correlation algorithm that balances speed and accuracy, while being feasible for large-scale data sets.Item AI Federated Learning for Face Recognition at the Edge(2022) Afrin, SadiaDeep learning based face recognition models require massive amount of centralized data to train the model efficiently. For image classification tasks, the centralized data can be utilized from public database. However, for face recognition it is prohibited to access private data. Due to this privacy concern, face recognition under privacy protocol has been one of the most difficult tasks in the era of computer vision. Federate learning which is a form of machine learning model addresses the issue. It helps to train the model with multiple devices or clients without allowing them share the data. In this work, using federated learning we improved both the personalized and generalized model.Item Algorithms And Hardness Results for Measuring Similarity Using Fréchet Distance(2013) Sherette, Jonathan LeeThis thesis explores the problem of computing the similarity of surfaces with a focus on the Fréchet distance as well as different variants of it. The ability to efficiently and accurately compare surfaces is important for many real world applications which range from problems in computer aided design to ones in evolutionary biology. The methods often used in practice to compare surfaces are heuristics and thus make no guarantees about the compared surfaces. The Fréchet distance offers a natural metric of similarity for comparing continuous shapes such as surfaces. Unfortunately, the Fréchet distance is known to be difficult to compute for many natural classes of surfaces so, in addition to developing new algorithms to compute the Fréchet distance between surfaces, we also explore core problems in computing Fréchet distance. In particular, we consider computing the Fréchet distance for a class of surfaces which we call folded polygons. We also introduce a partial variant of Fréchet distance for surfaces. From these results we develop and explore the simple curve embedding problem, the Flippy distance, and the double Fréchet distance which are generalizations of core problems observed in computing the Fréchet distance between surfaces. Research in these core problems may allow for development of similarity metrics which are both accurate but also easier to compute for real world problems.Item Algorithms for map construction and comparison(2015) Ahmed, MahmudaAnalyzing and mining various kinds of geo-referenced data is important in many application areas. We use two types of data: geo-referenced trajectories, such as vehicular tracking data, as well as geo-referenced graph data, such as street maps. This dissertation consists of two main parts. In the first part, we consider the problem of constructing street maps from geo-referenced trajectories: Given a set of trajectories in the plane, compute a street-map that represents all trajectories in the set. In this part, we have two main contributions. First, we present a scalable incremental algorithm that is based on partial matching of the trajectories to the graph. For the partial matching we introduce a new variant of partial Fréchet distance. We use minimum-link paths to reduce the complexity of the generated map. We provide quality guarantees and experimental results based on both real and synthetic data. We further present two multi-thresholding techniques for density-based map construction algorithms. Multi-thresholding is necessary because some streets are travelled more heavily than other streets (highways vs. neighborhood streets), which results in different sampling densities, and thus, one threshold fails to capture all the streets. We present a new thresholding technique that uses persistent homology combined with statistical analysis to determine a small set of thresholds that captures all or most of the significant topological features. We also formalize the selection of thresholds in a density-based map construction algorithm for different variants of uniform sampling. In part two of the dissertation, we consider the map comparison problem: Given two street-maps embedded in space, quantify their differences. Given maps of the same city collected from different sources, researchers often need to know how they differ. Map comparison is very important in the field of transportation network analysis as well as to assess the quality of map construction algorithms. We present a new path-based distance measure to compare two planar geometric graphs that are embedded in the same plane. Our distance measure takes structural as well as spatial properties into account. We show that it can be approximated in polynomial time and it preserves structural and spatial properties of the graphs. We provide experimental results comparing vendor quality street maps (TeleAtlas) with open source maps (OpenStreetMap), as well as maps generated by map construction algorithms with ground-truth maps (OpenStreetMap).Item An actor-based framework for verifiable privacy policy enforcement: assume-guarantee specification of an actor-component architecture(2016) Johnson, ClaiborneOrganizations that hold private information about individuals are required to obey privacy policies that dictate how that information can be handled. However, the systems that hold this information are often complex, and the organizations face the difficult task of ensuring that these systems behave correctly, or else face great penalty. A formal approach to solving this problem is to implement the information system in an actor-based architectural style that can be mechanically checked. This thesis aims to display the feasibility of this approach by developing privacy policy specifications for actors which can be provably composed to show that privacy policies are satisfied for the entire system. The contribution towards this goal is an actor-component architecture design for an Electronic Medical Record System, and a developed language for and implementation of assume-guarantee specifications for the actors which captures HIPAA-compliant behavior for a reasonable set of use cases. Finally, methods for evaluating the specifications are discussed and some intermediate steps are provided.