Research & Projects
Video Source Camera Identification and Falsification
Understanding Device Identity and Security Posture in Smart Settings
Triage Tool for Tracing Crytocurrency Wallets
Understanding Covert and Sensory Side Channels in Drone Communications in Smart Settings for Anticipatory Intelligence
Analysis of Drone's sensor security and data injection attacks using generative adversarial networks (GANs)
Video Source Camera Identification & Falsification
Multimedia forensics gained attention due to the wide usage of various recording sources and IoT devices. At the same time, the rapid technological developments caused the escalation of forgeries and data tampering of media files. Therefore, the integrity and origin of video and image data coming from cameras which may be on drones or smartphones became one of the key challenges in digital forensics. The lenses’ defects introduced during the manufacturing process produce unique patterns, namely fingerprints, that can be used for source camera identification.
This project focuses on enhancing the accuracy of CNN applications for video source camera identification. Moreover, we analyze the network’s resistance against the source camera falsification attacks, to further strengthen the proposed framework. To improve the network, we conduct an interpretability analysis of the designed video source identification network. As a result, we identify how CNN “makes its decisions” and make it more robust and lightweight.
This work is supported in part by grants from the US National Science Foundation and the Army Research Office.
Publications
M. Veksler, R. Aygun, K. Akkaya and S. Iyengar, “Video Origin Camera Identification using Ensemble CNNs of Positional Patches,” 2022 IEEE 5th International Conference on Multimedia Information Processing and Retrieval (MIPR), 2022, pp. 41-46, doi: 10.1109/MIPR54900.2022.00015.
Veksler, M., Caspard, C., & Akkaya, K. (2022, November). Image-to-Image Translation Generative Adversarial Networks for Video Source Camera Falsification. In International Conference on Digital Forensics and Cyber Crime (pp. 3-18). Cham: Springer Nature Switzerland.
Understanding Device Identity and Security Posture in Smart Settings
The emerging proliferation of unmanned aerial vehicles (UAV) combined with their autonomous capabilities established the solid incorporation of UAVs for military applications.
However, seamless deployment of drones into the adversarial environment and on the battlefield requires a robust and secure network stack, protected from adversarial intrusion.
As LoRa became a low-cost solution for the long-distance control channel, it solved the challenge of long-range connectivity and prolonged lifespan present in UAV applications. However, the existing implementations lack protection mechanisms against unauthorized access. In this project, we present LoFin, the first fingerprinting framework used to identify telemetry transceivers that communicate over the LoRa channel. LoFin exploits information leaked due to the differences in hardware structure, which results in processing time variations. Passively collecting network traffic, LoFin extracts unique signatures for UAV authentication while maintaining network integrity and data privacy.
Publications
Veksler, M., Rodríguez, D.L., Aris, A., Akkaya, K. and Uluagac, A.S., 2022, November. LoFin: LoRa-based UAV Fingerprinting Framework. In MILCOM 2022-2022 IEEE Military Communications Conference (MILCOM) (pp. 980-985). IEEE.
Triage Tool for Tracing Crytocurrency Wallets
When the user performs transactions from the crypto wallet or browses the Internet for crypto then it generates artifacts such as mnemonics phrases, transactions history, images related to crypto, web cookies, and so on. These artifacts are very important for investigators, so the detection and extraction of the artifacts are needed. This project aims to build a triage tool for the automatic extraction of the artifacts from Android phones to present to the investigator. Mainly this tool focuses on three major components – Crypto wallet application, Images, and Web history.
It integrates contemporary approaches from machine learning, natural language processing, and pattern recognition to be able to detect any artifact that may potentially come from the recently launched crypto wallet apps. For the images, the tool automatically detects and extracts cryptocurrency information. We analyzed all the web browsers from the phone and searched for the relevant artifacts as well. These findings which can come from apps, images, or browsing history are displayed separately with an option to check further details. We also explore the analysis of SMS, and different language support for the tool.
Publications
Bhattarai, A., Veksler, M., Sahin, H., Kurt, A. and Akkaya, K., 2022, November. Crypto Wallet Artifact Detection on Android Devices Using Advanced Machine Learning Techniques. In International Conference on Digital Forensics and Cyber Crime (pp. 111-132). Cham: Springer Nature Switzerland.
Bhattarai, A., Veksler, M., Kurt, A., Sahin, A. and Akkaya, K., Florida International University FIU, 2023. Systems and methods for detecting cryptocurrency wallet artifacts in a file system. U.S. Patent 11,755,958.
Understanding Covert and Sensory Side Channels in Drone Communications in Smart Settings for Anticipatory Intelligence
A UAV system generally consists of the Unmanned Aircraft, the Ground Control Station (GCS), and the Communication Link. The inner hardware architecture of a UAV device includes: a Flight Controller, rechargeable batteries, actuators, a set of sensors and a wireless communication module. UAVs possess a wide range of sensors to accomplish their flight missions. These sensors represent critical components for the functionality of the UAV system, and they are designed to measure physical quantities of the surrounding environment such as altitude, speed, and GPS location. The software architecture of the UAV operates in a layered system. The integration between these layers constitutes the flight stack, and consists of three main layers: the Firmware, the Middleware, and the Operating System (e.g., RTOS). For the communication, the UAVs utilize different wireless communication technologies such as Wi-Fi, Zigbee, Bluetooth, and LoRa protocols, while MAVLink is a de facto standard application protocol.
Due to the complex architecture, consisting of a lot of different components, drones/UAVs pose easy targets for the adversary to aim the attack directed toward specific modules. In this project we investigate storage- and timing-based covert channels in MAVLink protocol for drone communications that can be used by an adversary to leak sensitive drone data.
Analysis of Drone's sensor security and data injection attacks using generative adversarial networks (GANs)
Drones, embodying the spirit of innovation, have become dynamic game-changers, redefining industries through their unparalleled adaptability and budget-friendly solutions. However, compromised drone sensors pose serious safety risks. Therefore, multiple studies have been dedicated to analyzing various drone sensor attacks and developing efficient anomaly detectors.
In this project we investigate new threats to drone sensors' that appear due to the widespread of generative adversarial networks (GANs).