Digital Commons Network^™

Monero: Powering Anonymous Digital Currency Transactions, Jake Braddy

Theses/Capstones/Creative Projects

Cryptocurrencies rely on a distributed public ledger (record of transactions) in order to perform their intended functions. However, the public’s ability to audit the network is both its greatest strength and greatest weakness: Anyone can see what address sent currency, and to whom the currency was sent. If cryptocurrency is ever going to take some of the responsibility of fiat currency, then there needs to be a certain level of confidentiality. Thus far, Monero has come out on top as the preferred currency for embodying the ideas of privacy and confidentiality. Through numerous cryptographic procedures, Monero is able to obfuscate …

An Application Risk Assessment Of Werner Enterprises, Nathan Andres

Theses/Capstones/Creative Projects

Risk assessments provide a systematic approach to identifying potential risks that could negatively impact an organization’s operations, financial performance, and reputation. Using a risk assessment, companies can evaluate potential risks and vulnerabilities, prioritize them based on their potential impact, and develop strategies to manage and address these risks effectively.

Werner Enterprises Inc. is a nationally known trucking company headquartered in Omaha, Nebraska. Our cybersecurity capstone project motivation was to partner with Werner to produce an assessment of known application risks in a functional way that can be repeated for all of Werner’s applications. To achieve this, we created a risk …

Predicting The Pebcak: A Quantitative Analysis Of How Cybersecurity Education, Literacy, And Awareness Affect Individual Preparedness., Annie Goodman

Theses/Capstones/Creative Projects

This essay explores the relationship between individuals' cybersecurity education, literacy, awareness, and preparedness. While cybersecurity is often associated with complex hacking scenarios, the majority of data breaches and cyber-attacks result from individuals inadvertently falling prey to phishing emails and malware. The lack of standardized education and training in cybersecurity, coupled with the rapid expansion of technology diversity, raises concerns about individuals' cybersecurity preparedness. As individuals are the first line of defense and the weakest link in cybersecurity, understanding the influence of education, literacy, and awareness on their adherence to best practices is crucial. This work aims to survey a diverse …

New Approaches To Convex Polygon Formations, Rui Yang

Computer Science Graduate Research Workshop

No abstract provided.

On The Security Of Bluetooth Low Energy In Two Consumer Wearable Heart Rate Monitors/Sensing Devices, Yesem Kurt Peker, Gabriel Bello, Alfredo J. Perez

Computer Science Faculty Publications

Since its inception in 2013, Bluetooth Low Energy (BLE) has become the standard for short-distance wireless communication in many consumer devices, as well as special-purpose devices. In this study, we analyze the security features available in Bluetooth LE standards and evaluate the features implemented in two BLE wearable devices (a Fitbit heart rate wristband and a Polar heart rate chest wearable) and a BLE keyboard to explore which security features in the BLE standards are implemented in the devices. In this study, we used the ComProbe Bluetooth Protocol Analyzer, along with the ComProbe software to capture the BLE traffic of …

Secure And Privacy-Preserving Crowdsensing Using Smart Contracts: Issues And Solutions, Alfredo J. Perez, Sherali Zeadally

Computer Science Faculty Publications

The advent of Blockchain and smart contracts is empowering many technologies and systems to automate commerce and facilitate the exchange, tracking and the provision of goods, data and services in a reliable and auditable way. Crowdsensing systems is one type of systems that have been receiving a lot of attention in the past few years. In crowdsensing systems consumer devices such as mobile phones and Internet of Things devices are used to deploy wide-scale sensor networks. We identify some of the major security and privacy issues associated with the development of crowdsensing systems based on smart contracts and Blockchain. We …

Cyber Supply Chain Risk Management: Toward An Understanding Of The Antecedents To Demand For Assurance, Clark Hampton, Steve G. Sutton, Vicky Arnold, Deepak Khazanchi

Information Systems and Quantitative Analysis Faculty Publications

Recognizing the need for effective cyber risk management processes across the supply chain, the AICPA issued a new SOC in March 2020 for assuring cyber supply chain risk management (C-SCRM) processes. This study examines supply chain relationship factors and cyber risk issues to better understand the demand for C-SCRM assurance. Resource-Advantage Theory of Competition provides the conceptual foundation for assessing the dual drivers of relationship building and cyber risk management on demand for assurance. We use a field survey to collect data from 205 professionals enabling evaluation of the complex relationships in the theoretical model. Results support all hypotheses, provide …

Bots And Humans On Social Media, Lale Madahali

Interdisciplinary Informatics Faculty Proceedings & Presentations

Social networks are an important part of today’s life. They are used for entertainment, getting the news, advertisements, and branding for businesses and individuals alike. Research shows that automated accounts, also known as bots, contribute to the content spread on social media allowing the the environment pollution and public opinion manipulation. This research aims at investigating bots’ behavior on Twitter and examine how different and similar they are compared to humans. I will investigate their underlying network, whether it is an information network or social network. In the second step, I attempt to answer whether they follow the structure of …

A Cost Analysis Of Internet Of Things Sensor Data Storage On Blockchain Via Smart Contracts, Yesem Kurt Peker, Xavier Rodriguez, James Ericsson, Suk Jin Lee, Alfredo J. Perez

Computer Science Faculty Publications

Blockchain is a developing technology that can be utilized for secure data storage and sharing. In this work, we examine the cost of Blockchain-based data storage for constrained Internet of Things (IoT) devices. We had two phases in the study. In the first phase, we stored data retrieved from a temperature/humidity sensor connected to an Ethereum testnet blockchain using smart contracts in two different ways: first, appending the new data to the existing data, storing all sensor data; and second, overwriting the new data onto the existing data, storing only a recent portion of the data. In the second phase, …

Icedge: When Edge Computing Meets Information-Centric Networking, Spyridon Mastorakis, Abderrahmen Mtibaa, Jonathan Lee, Satyajayant Misra

Computer Science Faculty Publications

In today’s era of explosion of Internet of Things (IoT) and end-user devices and their data volume, emanating at the network’s edge, the network should be more in-tune with meeting the needs of these demanding edge computing applications. To this end, we design and prototype Information-Centric edge (ICedge), a general-purpose networking framework that streamlines service invocation and improves reuse of redundant computation at the edge. ICedge runs on top of Named-Data Networking, a realization of the Information-Centric Networking vision, and handles the “low-level” network communication on behalf of applications. ICedge features a fully distributed design that: (i) enables users to …

Application Of The Benford’S Law To Social Bots And Information Operations Activities, Lale Madahali, Margeret Hall

Interdisciplinary Informatics Faculty Proceedings & Presentations

Benford's law shows the pattern of behavior in normal systems. It states that in natural systems digits' frequency have a certain pattern such that the occurrence of first digits in numbers are unevenly distributed. In systems with natural behavior, numbers begin with a “1” are more common than numbers beginning with “9”. It implies that if the distribution of first digits deviate from the expected distribution, it is indicative of fraud. It has many applications in forensic accounting, stock markets, finding abnormal data in survey data, and natural science. We investigate whether social media bots and Information Operations activities are …

Visualization, Feature Selection, Machine Learning: Identifying The Responsible Group For Extreme Acts Of Violence, Mahdi Hashemi, Margeret A. Hall

Interdisciplinary Informatics Faculty Publications

The toll of human casualties and psychological impacts on societies make any study on violent extremism worthwhile, let alone attempting to detect patterns among them. This paper is an effort to predict which violent extremist organization (VEO), among 14 currently active ones throughout the world, is responsible for a violent act based on 14 features, including its human and structural tolls, its target type and value, intelligence, and weapons utilized in the attack. Three main steps in our paper include: 1) the visualization of the violent acts through linear and non-linear dimensionality reduction techniques; 2) sequential forward feature selection based …

Https://Onlinelibrary.Wiley.Com/Doi/10.1002/Spy2.15#:~:Text=A%20review%20and%20an%20empirical%20analysis%20of%20privacy%20policy%20and%20notices%20for%20consumer%20internet%20of%20things, Alfredo J. Perez, Sherali Zeadally, Jonathan Cochran

Computer Science Faculty Publications

The privacy policies and practices of six consumer Internet of things (IoT) devices were reviewed and compared. In addition, an empirical verification of the compliance of privacy policies for data collection practices on two voice-activated intelligent assistant devices, namely the Amazon Echo Dot and Google Home devices was performed. The review shows that IoT privacy policies may not be usable from the human-computer interaction perspective because IoT policies are included as part of the manufacturers' general privacy policy (which may include policies unrelated to the device), or the IoT policy requires to read (in addition to the IoT policies) the …

Am I Who I Say I Am? Unobtrusive Selfrepresentation And Personality Recognition On Facebook, Margeret A. Hall, Simon Caton

Interdisciplinary Informatics Faculty Publications

Across social media platforms users (sub)consciously represent themselves in a way which is appropriate for their intended audience. This has unknown impacts on studies with unobtrusive designs based on digital (social) platforms, and studies of contemporary social phenomena in online settings. A lack of appropriate methods to identify, control for, and mitigate the effects of self-representation, the propensity to express socially responding characteristics or self-censorship in digital settings, hinders the ability of researchers to confidently interpret and generalize their findings. This article proposes applying boosted regression modelling to fill this research gap. A case study of paid Amazon Mechanical Turk …

Phishing Suspiciousness In Older And Younger Adults: The Role Of Executive Functioning, Brandon E. Gavett, Rui Zhao, Samantha E. John, Cara A. Bussell, Jennifer R. Roberts, Chuan Yue

Interdisciplinary Informatics Faculty Publications

Phishing is the spoofing of Internet websites or emails aimed at tricking users into entering sensitive information, with such goals as financial or identity theft. The current study sought to determine whether age is associated with increased susceptibility to phishing and whether tests of executive functioning can predict phishing susceptibility. A total of 193 cognitively intact participants, 91 younger adults and 102 older adults, were primarily recruited through a Psychology department undergraduate subject pool and a gerontology research registry, respectively. The Executive Functions Module from the Neuropsychological Assessment Battery and the Iowa Gambling Task were the primary cognitive predictors of …

Determining The Interruption Of Services While Performing V2i Communication Using The Spmd Prototype, Binaya Raj Joshi

Student Work

The use of Vehicle to Vehicle (V2V), Vehicle to Infrastructure (V2I), Vehicle to Roadside Unit (V2R) and Vehicle to Other (V2X) communications are increasingly applied over existing and upcoming transportation means by the United States Department of Transportation (USDOT) and other federal agencies. From previous statistical data, these technologies would primarily avoid or mitigate vehicle crashes and would provide more safety, mobility and various other benefits on the roads (“Traffic Safety Facts 2012,” 2013; “Traffic Safety Facts 2013” 2014). During the communication processes between vehicles, infrastructures and roadside units’ various sensitive data such as positions and speed of the vehicles, …

U.S. Energy Sector Cybersecurity: Hands-Off Approach Or Effective Partnership?, T. M. Ballou, Joseph A. Allen, Kyle Francis

Psychology Faculty Publications

Recent reporting has identified significant threats to the U.S. energy’s critical infrastructure from nation states and other groups through cyberspace. Efforts to improve the security and resilience of U.S. energy infrastructure relies upon voluntary partnerships between the U.S. Government and public and private energy infrastructure owners. This paper examines ideal Public-Private Partnership (PPP) characteristics and compares them to an actual PPP in the U.S. The results identify strengths of and challenges to efforts to secure U.S. energy infrastructure. The research was conducted through a combination of literature reviews and interviews with a sample of U.S-government and private-energy infrastructure representatives.

A Crowdsourcing Approach To Identify Common Method Bias And Self-Representation, Margeret A. Hall, Simon Caton

Interdisciplinary Informatics Faculty Proceedings & Presentations

Pertinent questions on the measurement of social indicators are: the verification of data gained online (e.g., controlling for self-representation on social networks), and appropriate uses in community management and policy-making. Across platforms like Facebook, LinkedIn, Twitter, and blogging services, users (sub)consciously represent themselves in a way which is appropriate for their intended audience (Qui et al., 2012; Zhao et al., 2008). However, scholars in the social sciences and computer science have not yet adequately addressed controlling for self-representation, or the propensity to display or censor oneself, in their analyses (Zhao et al., 2008; Das and Kramer, 2013). As such researchers …

A Cluster Analysis Of Research In Information Technology For Global Development: Where To From Here?, Jie Xiong, Sajda Qureshi, Lotfollah Najjar

Information Systems and Quantitative Analysis Faculty Proceedings & Presentations

While research in Information Systems recognizes the importance of Information Technology in a global context, it continues to focus on a narrow view of IT adoption. In recognizing that the majority of innovations in IT are taking place in developing countries, it is important to find out what research is being undertaken to understand the effects of the different technologies on development outcomes. This paper conducts a cluster analysis of 214 papers from the SigGlobDev Workshop, the Information Technology for Development Journal and other Information Systems Journals and conferences which have published papers in Information Systems and Global Development. This …

Deliberate Barriers To User Participation On Metafilter, Hannah Pileggi, Briana B. Morrison, Amy Bruckman

Computer Science Faculty Publications

This descriptive study explores deliberate barriers to user participation on the long-lived discussion site Metafilter.com. Metafilter has been in continuous operation since its founding in 1999, and at the time of this writing has around 12,000 active users. While many newer online sites appear eager to eliminate barriers to participation and recruit as many new members as possible, Metafilter charges a $5 fee to join and has a mandatory one-week waiting period before new users are allowed to post. In this paper, we explore both why these barriers were imposed and why some users choose to surmount the barriers to …

A Social Dimensional Cyber Threat Model With Formal Concept Analysis And Fact-Proposition Inference, Anup Sharma, Robin Gandhi, Qiuming Zhu, William Mahoney, William Sousan

Computer Science Faculty Publications

Cyberspace has increasingly become a medium to express outrage, conduct protests, take revenge, spread opinions, and stir up issues. Many cyber attacks can be linked to current and historic events in the social, political, economic, and cultural (SPEC) dimensions of human conflicts in the physical world. These SPEC factors are often the root cause of many cyber attacks. Understanding the relationships between past and current SPEC events and cyber attacks can help understand and better prepare people for impending cyber attacks. The focus of this paper is to analyze these attacks in social dimensions and build a threat model based …

Information And Communication Technologies Effects On Economic Growth, Nancy Jimenez, Lotfollah Najjar, Sajda Qureshi, Dwight Haworth

Information Systems and Quantitative Analysis Faculty Proceedings & Presentations

While Information and Communication Technologies (ICTs) are seen to be drivers of economic growth, it is unclear how this change takes place, especially since social and human factors are often seen to change as a result of ICTs. This paper investigates the effects of ICTs, and social and human factors in terms of skills, education, and labor, on economic growth. An augmented production function is used to quantify the effects that infodensity levels, defined as the combination of ICT networks and skills, education, and labor, have on the economic growth of high and low-to-middle income economies. This research draws upon …

The Future Of Citizen Science: Emerging Technologies And Shifting Paradigms, Greg Newman, Andrea Wiggins, Alycia Crall, Eric Graham, Sarah Newman, Kevin Crowston

Information Systems and Quantitative Analysis Faculty Publications

Citizen science creates a nexus between science and education that, when coupled with emerging technologies, expands the frontiers of ecological research and public engagement. Using representative technologies and other examples, we examine the future of citizen science in terms of its research processes, program and participant cultures, and scientific communities. Future citizen‐science projects will likely be influenced by sociocultural issues related to new technologies and will continue to face practical programmatic challenges. We foresee networked, open science and the use of online computer/video gaming as important tools to engage non‐traditional audiences, and offer recommendations to help prepare project managers for …

Taxonomic Classification Of Media Reports In The Cyber Attack Domain, Jinhua Zhang

Student Work

Cyber-attacks have become a huge threat to the information age. In a previous study, cyber-attacks associated with events in Social, Political, Economic and Cultural (SPEC) dimensions were analyzed [6]. The task of this research is to construct an automated classifier that can classify media reports related to past and current cyber-attack events according to the SPEC taxonomy. The classifier was built on a machine learning principle incorporated with approaches focused on 1) document indexing; 2) calculation of classification thresholds; 3) definition of classification effectiveness; and 4) calculation of precision and recall. The classifier is expected to perform with acceptable effectiveness …

Calm Before The Storm: The Challenges Of Cloud Computing In Digital Forensics, George Grispos, Tim Storer, William Bradley Glisson

Interdisciplinary Informatics Faculty Publications

Cloud computing is a rapidly evolving information technology (IT) phenomenon. Rather than procure, deploy and manage a physical IT infrastructure to host their software applications, organizations are increasingly deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties. This development has significant implications for digital forensic investigators, equipment vendors, law enforcement, as well as corporate compliance and audit departments (among others). Much of digital forensic practice assumes careful control and management of IT assets (particularly data storage) during the conduct of an investigation. This paper summarises the key aspects of cloud computing and analyses how established …

An Investigation Of Microenterprise Capability-Building Via Access And Use Of Technology, Travis Godwin Good

Student Work

Micro-enterprises (businesses with one to five employees) lie at the heart of the American economy but are not well-researched. It is believed that technology adoption has the potential to spark strong growth among micro-enterprises, but current technology adoption models are tailored for large businesses and do not consider the human, social, and economic inputs peculiar to micro-enterprises. This research investigates how access to, and use of technology may lead micro enterprises to build capabilities that will help them increase their net income and hire more employees. Framed as a specification of Amartya Sen’s capability perspective, this research seeks, through a …

Semantic Relevance Analysis Of Subject-Predicate-Object (Spo) Triples, Ranjana Kumar

Student Work

The goal of this thesis is to explore and integrate several existing measurements for ranking the relevance of a set of subject-predicate-object (SPO) triples to a given concept. As we are inundated with information from multiple sources on the World-Wide-Web, SPO similarity measures play a progressively important role in information extraction, information retrieval, document clustering and ontology learning. This thesis is applied in the Cyber Security Domain for identifying and understanding the factors and elements of sociopolitical events relevant to cyberattacks. Our efforts are towards developing an algorithm that begins with an analysis of news articles by taking into account …

Trends In Phishing Attacks: Suggestions For Future Research, Ryan M. Schuetzler

Information Systems and Quantitative Analysis Faculty Proceedings & Presentations

Deception in computer-mediated communication is a widespread phenomenon. Cyber criminals are exploiting technological mediums to communicate with potential targets as these channels reduce both the deception cues and the risk of detection itself. A prevalent deception-based attack in computer-mediated communication is phishing. Prior phishing research has addressed the “bait” and “hook” components of phishing attacks, the human-computer interaction that takes place as users judge the veracity of phishing emails and websites, and the development of technologies that can aid users in identifying and rejecting these attacks. Despite the extant research on this topic, phishing attacks continue to be successful as …

A Genetic Algorithm For Multiobjective Hard Scheduling Optimization, Elías Niño, Carlos Ardila, Alfredo J. Perez, Yexid Donoso

Computer Science Faculty Publications

This paper proposes a genetic algorithm for multiobjective scheduling optimization based in the object oriented design with constrains on delivery times, process precedence and resource availability. Initially, the programming algorithm (PA) was designed and implemented, taking into account all constraints mentioned. This algorithm’s main objective is, given a sequence of production orders, products and processes, calculate its total programming cost and time.
Once the programming algorithm was defined, the genetic algorithm (GA) was developed for minimizing two objectives: delivery times and total programming cost. The stages defined for this algorithm were: selection, crossover and mutation. During the first stage, the …

Constructive Ontology Engineering, William L. Sousan

Student Work

The proliferation of the Semantic Web depends on ontologies for knowledge sharing, semantic annotation, data fusion, and descriptions of data for machine interpretation. However, ontologies are difficult to create and maintain. In addition, their structure and content may vary depending on the application and domain. Several methods described in literature have been used in creating ontologies from various data sources such as structured data in databases or unstructured text found in text documents or HTML documents. Various data mining techniques, natural language processing methods, syntactical analysis, machine learning methods, and other techniques have been used in building ontologies with automated …