I2S Masters/ Doctoral Theses

Remote attestation is a process of obtaining verifiable evidence from a remote party to establish trust. A relying party makes a request of a remote target that responds by executing an attestation protocol producing evidence reflecting the target's system state and meta-evidence reflecting the evidence’s integrity and provenance. This process occurs in the presence of adversaries intent on misleading the relying party to trust a target they should not. This research introduces a robust approach for evaluating and comparing attestation protocols based on their relative resilience against such adversaries. I develop a Rocq-based, formally-verified mathematical model aimed at describing the difficulty for an active adversary to successfully compromise the attestation. The model supports systematically ranking attestation protocols by the level of adversary effort required to produce evidence that does not accurately reflect the target’s state. My work aims to facilitate the selection of a protocol resilient to adversarial attack.

The used car market is characterized by significant pricing variability, making it challenging for buyers and sellers to determine fair vehicle values. To address this, the project applies a machine learning–driven approach to predict used car prices based on real market data extracted from Cars.com. Following extensive data cleaning, feature engineering, and exploratory analysis, several predictive models were developed and evaluated. Among these, the Stacking Regressor demonstrated superior performance, effectively capturing non-linear pricing patterns and achieving the highest accuracy with the lowest prediction error. Key insights indicate that vehicle age and mileage are the primary drivers of price depreciation, while brand and vehicle category exert notable secondary influence. The resulting pricing model provides a data-backed, transparent framework that supports more informed decision-making and promotes fairness and consistency within the used car marketplace.

Querying information from relational databases often requires proficiency in SQL, creating a steep learning curve for users who lack programming or database management experience. Text-to-SQL systems aim to bridge this gap by automatically converting natural language questions into executable SQL statements. In recent years, multi-agent frameworks have gained traction for this task, as they enable complex query generation to be decomposed into specialized subtasks such as schema selection based on user intent, SQL synthesis, and refinement of SQL queries through execution-based error correction. This work explores the integration of a human feedback component within a multi-agent Text-to-SQL framework. Human input is introduced after the selector agent identifies relevant schemas and tables, offering targeted guidance before SQL generation. The objective is to examine how such feedback can improve the system’s accuracy and contextual understanding of queries. The implementation leverages OpenAI’s GPT-4.1 mini and GPT-4.1 nano models as the underlying language components. The evaluation is carried out using a standard Text-to-SQL benchmark dataset, focusing on key performance metrics such as execution accuracy and validity efficiency scores.

Software vulnerabilities are widespread, often resulting from coding weaknesses and poor development practices. These vulnerabilities can be exploited by attackers, posing risks to confidentiality, integrity, and availability. To protect themselves, end-users of software may have an interest in knowing whether the software they purchase, and use is secure from potential attacks. Our work is motivated by this need to automatically assess and rate the security properties of binary software.

While many researchers focus on developing techniques and tools to detect and mitigate vulnerabilities in binaries, our approach is different. We aim to determine whether the software has been developed with proper care. Our hypothesis is that software created with meticulous attention to security is less likely to contain exploitable vulnerabilities. As a first step, we examined the current landscape of binary-level vulnerability detection. We categorized critical coding weaknesses in compiled programming languages and conducted a detailed survey comparing static analysis techniques and tools designed to detect these weaknesses. Additionally, we evaluated the effectiveness of open-source CWE detection tools and analyzed their challenges. To further understand their efficacy, we conducted independent assessments using standard benchmarks.

To determine whether software is carefully and securely developed, we propose several techniques. So far, we have used machine learning and deep learning methods to identify the programming language of a binary at the functional level, enabling us to handle complex cases like mixed-language binaries and we assess whether vulnerable regions in the binary are protected with appropriate security mechanisms. Additionally, we explored the feasibility of detecting secure coding practices by examining adherence to SonarQube’s security-related coding conventions.

Next, we investigate whether compiler warnings generated during binary creation are properly addressed. Furthermore, we also aim to optimize the array bounds detection in the program binary. This enhanced array bounds detection will also increase the effectiveness of detecting secure coding conventions that are related to memory safety and buffer overflow vulnerabilities.

Our ultimate goal is to combine these techniques to rate the overall security quality of a given binary software.

Fully digital arrays enable realization of dual-function radar-communications systems which generate multiple simultaneous transmit beams with different modulation structures in different spatial directions. These spatially diverse transmissions are produced by designing the individual wave forms transmitted at each antenna element that combine in the far-field to synthesize the desired modulations at the specified directions. This thesis derives a look-up table (LUT) implementation of the existing Far-Field Radiated Emissions Design (FFRED) optimization framework. This LUT implementation requires a single optimization routine for a set of desired signals, rather than the previous implementation which required pulse-to-pulse optimization, making the LUT approach more efficient. The LUT is generated by representing the waveforms transmitted by each element in the array as a sequence of beamformers, where the LUT contains beamformers based on the phase difference between the desired signal modulations. The globally optimal beamformers, in terms of power efficiency, can be realized via the Lagrange dual problem for most beam locations and powers. The Phase-Attached Radar-Communications (PARC) waveform is selected for the communications waveform alongside a Linear Frequency Modulated (LFM) waveform for the radar signal. A set of FFRED LUTs are then used to simulate a radar transmission to verify the utility of the radar system. The same LUTs are then used to estimate the communications performance of a system with varying levels of the array knowledge uncertainty.

Trust is a fundamental issue in computer security. Frequently, systems implicitly trust in other
systems, especially if configured by the same administrator. This fallacious reasoning stems from the belief
that systems starting from a known, presumably good, state can be trusted. However, this statement only
holds for boot-time behavior; most non-trivial systems change state over time, and thus runtime behavior is
an important, oft-overlooked aspect of implicit trust in system security.

To address this, attestation was developed, allowing a system to provide evidence of its runtime behavior to a
verifier. This evidence allows a verifier to make an explicit informed decision about the system’s trustworthiness.
As systems grow more complex, scalable attestation mechanisms become increasingly important. To apply
attestation to non-trivial systems, layered attestation was introduced, allowing attestation of individual
components or layers, combined into a unified report about overall system behavior. This approach enables
more granular trust assessments and facilitates attestation in complex, multi-layered architectures. With the
complexity of layered attestation, discerning whether a given protocol is sufficiently measuring a system, is
executable, or if all measurements are properly reported, becomes increasingly challenging.

In this work, we will develop a framework for the static analysis and synthesis of layered attestation protocols,
enabling more robust and adaptable attestation mechanisms for dynamic systems. A key focus will be the
static verification of protocol correctness, ensuring the protocol behaves as intended and provides reliable
evidence of the underlying system state. A type system will be added to the Copland layered attestation
protocol description language to allow basic static checks, and extended static analysis techniques will be
developed to verify more complex properties of protocols for a specific target system. Further, protocol
synthesis will be explored, enabling the automatic generation of correct-by-construction protocols tailored to
system requirements.

In high dynamic-range environments, matched-filter radar performance is often sidelobe-limited with correlation error being fundamentally constrained by the TB of the collective emission. To contend with the regulatory necessity of spectral containment, the gradient-based complementary-FM framework was developed to produce complementary sidelobe cancellation (CSC) after coherently combining responses from distinct pulses from within a pulse-agile emission. In contrast to most complementary subsets, which were discovered via brute force under the notion of phase-coding, these comp-FM waveform subsets achieve CSC while preserving hardware compatibility since they are FM. Although comp-FM addressed a primary limitation of complementary signals (i.e., hardware distortion), CSC hinges on the exact reconstruction of autocorrelation terms to suppress sidelobes, from which optimality is broken for Doppler shifted signals. This work introduces a Doppler-generalized comp-FM (DG-comp-FM) framework that extends the cancellation condition to account for the anticipated unambiguous Doppler span after post-summing. While this framework is developed for use within a combine-before-Doppler processing manner, it can likewise be employed to design an entire coherent processing interval (CPI) to minimize range-sidelobe modulation (RSM) within the radar point-spread-function (PSF), thereby introducing the potential for cognitive operation if sufficient scattering knowledge is available a-priori. 

Some radar systems operate with multiple emitters, as in the case of Multiple-input-multiple-output (MIMO) radar. Whereas a single emitter must contend with the self-inflicted autocorrelation sidelobes, MIMO systems must likewise contend with the cross-correlation with coincident (in time and spectrum) emissions from other emitters. As such, the determination of "orthogonal waveforms" comprises a large portion of research within the MIMO space, with a small majority now recognizing that true orthogonality is not possible for band-limited signals (albeit, with the exclusion of TDMA). The notion of complementary-FM is proposed for exploration within a MIMO context, whereby coherently combining responses can achieve CSC as well as cross-correlation cancellation for a wide Doppler space. By effectively minimizing cross-correlation terms, this enables improved channel separation on receive as well as improved estimation capability due to reduced correlation error. Proposal items include further exploration/characterization of the space, incorporating an explicit spectral.

Recent advancements in explainable artificial intelligence (XAI) have brought significant transparency to machine learning by providing interpretable explanations alongside model predictions. However, this transparency has also introduced vulnerabilities, enhancing adversaries’ ability for the model decision processes through explanation-guided attacks. In this paper, we propose a robust, model-agnostic defense framework to mitigate these vulnerabilities by explanations while preserving the utility of XAI. Our framework employs a multinomial sampling approach that perturbs explanation values generated by techniques such as SHAP and LIME. These perturbations ensure differential privacy (DP) bounds, disrupting adversarial attempts to embed malicious triggers while maintaining explanation quality for legitimate users. To validate our defense, we introduce a threat model tailored to image classification tasks. By applying our defense framework, we train models with pixel-sampling strategies that integrate DP guarantees, enhancing robustness against backdoor poisoning attacks with XAI. Extensive experiments on widely used datasets, such as CIFAR-10, MNIST, CIFAR-100 and Imagenette, and models, including ConvMixer and ResNet-50, show that our approach effectively mitigates explanation-guided attacks without compromising the accuracy of the model. We also test our defense performance against other backdoor attacks, which shows our defense framework can detect other type backdoor triggers very well. This work highlights the potential of DP in securing XAI systems and ensures safer deployment of machine learning models in real-world applications.

Cold emailing remains an effective strategy for software service companies to improve organizational reach by acquiring clients. Generic emails often fail to get a response.

This project leverages Generative AI to automate the cold email generation. This project is built with the Llama-3.1 model and a Chroma vector database that supports the semantic search of keywords in the job description that matches the project portfolio links of software service companies. The application automatically extracts the technology related job openings for Fortune 500 companies. Users can either select from these extracted job postings or manually enter URL of a job posting, after which the system generates email and sends email upon approval. Advanced techniques like Chain-of-Thought Prompting and Few-Shot Learning were applied to improve the relevance making the email more responsive. This AI driven approach improves engagement and simplifies the business development process for software service companies.

Predictive maintenance plays a central role in reducing vehicle downtime and improving operational efficiency by using data-driven methods to classify the condition of automotive engines. Rather than relying on fixed service schedules or reacting to unexpected breakdowns, this approach leverages machine learning to distinguish between healthy and failed engines based on operational data.

In this project, engine telemetry data capturing key parameters such as engine speed, fuel pressure, and coolant temperature was used to train and evaluate several machine learning models, including logistic regression, random forest, k-nearest neighbors, and a neural network. To further enhance predictive performance, ensemble strategies such as soft voting and stacking were applied. The stacking ensemble, which combines the strengths of multiple classifiers through a meta-learning approach, demonstrated particularly effective results.

This classification-based framework demonstrates how data-driven fault detection can enhance automotive maintenance operations. By identifying engine failures more reliably, machine learning enables safer transportation, reduces maintenance costs, and enhances overall vehicle dependability. Beyond individual vehicles, such approaches have broader applications in fleet management, where proactive decision-making can improve service continuity, reduce operational risks, and increase customer satisfaction.