Digital Commons Network^™

Maritime Cybersecurity: Comparing Practices Between Developing Countries : The Case Study Of Kenya And Spain, Bibian Turyahumura

World Maritime University Dissertations

No abstract provided.

Information Security Maturity Model For Healthcare Organizations In The United States, Bridget Joan Barnes Page

Dissertations and Theses

This research provides a maturity model for information security for healthcare organizations in the United States. Healthcare organizations are faced with increasing threats to the security of their information systems. The maturity model identifies specific performance metrics, with relative importance measures, that can be used to enhance information security at healthcare organizations allowing them to focus scarce resources on mitigating the most important information security threat vectors. This generalizable, hierarchical decision model uses both qualitative and quantitative metrics based on objective goals. This model may be used as a baseline by which to measure individual organizational performance, to measure performance …

Security Fatigue And Its Effects On Perceived Password Strength Among University Students, Chase Carroll

Honors Theses

This study was performed with the goal of observing the effect, if any, that security fatigue has on students’ perceived strength of passwords. In doing so, it was hoped to find some correlation between the two that would help in establishing a measurable effect of the phenomenon in students. This could potentially aid organizational decision-makers, such as security policy writers and system admins, to make more informed decisions about implementing security measures. To achieve the goal of observing this fatigue and attempting to measure it, a survey was distributed to numerous students on the University of Tennessee at Chattanooga campus. …

The Empirical Study Of The Factors That Influence Threat Avoidance Behavior In Ransomware Security Incidents, Heriberto Aurelio Acosta Maestre

CCE Theses and Dissertations

Ransomware security incidents have become one of the biggest threats to general computer users who are oblivious to the ease of infection, severity, and cost of the damage it causes. University networks and their students are susceptible to ransomware security incidents. College students have vast technical skills and knowledge, however they risk ransomware security incidents because of their lack of mitigating actions to the threats and the belief that it would not happen to them. Interaction with peers may play a part in college students’ perception of the threats and behavior to secure their computers. Identifying what influences students’ threat …

Cyber Security In The Healthcare Industry, Giovanni Ordonez 20

Honor Scholar Theses

No abstract provided.

Self Organized Multi Agent Swarms (Somas) For Network Security Control, Eric M. Holloway

Theses and Dissertations

Computer network security is a very serious concern in many commercial, industrial, and military environments. This paper proposes a new computer network security approach defined by self-organized agent swarms (SOMAS) which provides a novel computer network security management framework based upon desired overall system behaviors. The SOMAS structure evolves based upon the partially observable Markov decision process (POMDP) formal model and the more complex Interactive-POMDP and Decentralized-POMDP models, which are augmented with a new F(*-POMDP) model. Example swarm specific and network based behaviors are formalized and simulated. This paper illustrates through various statistical testing techniques, the significance of this proposed …

Impact Of Framing And Base Size Of Computer Security Risk Information On User Behavior, Xinhui Zhan

Masters Theses

"This research examines the impact of framing and base size of computer security risk information on users' risk perceptions and behavior (i.e., download intention and download decision). It also examines individual differences (i.e., demographic factors, computer security awareness, Internet structural assurance, self-efficacy, and general risk-taking tendencies) associated with users' computer security risk perceptions. This research draws on Prospect Theory, which is a theory in behavioral economics that addresses risky decision-making, to generate hypotheses related to users' decision-making in the computer security context. A 2 x 3 mixed factorial experimental design (N = 178) was conducted to assess the effect of …

Cybersecurity In The Classroom: Bridging The Gap Between Computer Access And Online Safety, Andrew Malecki

Cyber Security Capstone Research Project Reports

According to ISACA, there will be a global shortage of 2 million cybersecurity professionals worldwide by 2019. Additionally, according to Experian Data Breach Resolution, as much as 80% of all network breaches can be traced to employee negligence. These problems will not solve themselves, and they likewise won’t improve without drastic action. An effort needs to be made to help direct interested and qualified individuals to the field of cybersecurity to move toward closing this gap. Moreover, steps need to be made to better inform the public of general safety measures while online, including the safeguarding of sensitive information.

A …

A Framework For Incorporating Insurance Into Critical Infrastructure Cyber Risk Strategies, Derek R. Young

Theses and Dissertations

Critical infrastructure owners and operators want to minimize their cyber risk and expenditures on cybersecurity. The insurance industry has been quantitatively assessing risk for hundreds of years in order to minimize risk and maximize profits. To achieve these goals, insurers continuously gather statistical data to improve their predictions, incentivize their clients' investment in self-protection and periodically refine their models to improve the accuracy of risk estimates. This paper presents a framework which incorporates the operating principles of the insurance industry in order to provide quantitative estimates of cyber risk. The framework implements optimization techniques to suggest levels of investment for …

Quantification Of Information Flow In Cyber Physical Systems, Li Feng

Doctoral Dissertations

"In Cyber Physical Systems (CPSs), traditional security mechanisms such as cryptography and access control are not enough to ensure the security of the system since complex interactions between the cyber portion and physical portion happen frequently. In particular, the physical infrastructure is inherently observable; aggregated physical observations can lead to unintended cyber information leakage. Information flow analysis, which aims to control the way information flows among different entities, is better suited for CPSs than the access control security mechanism. However, quantifying information leakage in CPSs can be challenging due to the flow of implicit information between the cyber portion, the …

Deciding Static Inclusion For Delta-Strong And Omega [Upside Down Triangle]-Strong Intruder Theories : Applications To Cryptographic Protocol Analysis, Kimberly Ann Gero

Legacy Theses & Dissertations (2009 - 2024)

In this dissertation we will be studying problems relating to indistinguishability. This topic

Bridging The Detection Gap: A Study On A Behavior-Based Approach Using Malware Techniques, Geancarlo Palavicini

EWU Masters Thesis Collection

"In recent years the intensity and complexity of cyber attacks have increased at a rapid rate. The cost of these attacks on U.S. based companies is in the billions of dollars, including the loss of intellectual property and reputation. Novel and diverse approaches are needed to mitigate the cost of a security breach, and bridge the gap between malware detection and a security breach. This thesis focuses on the short term need to mitigate the impact of undetected shellcodes that cause security breaches. The thesis's approach focuses on the agents driving the attacks, capturing their actions, in order to piece …

Application Of Ntru Cryptographic Algorithm For Securing Scada Communication, Amritha Puliadi Premnath

UNLV Theses, Dissertations, Professional Papers, and Capstones

Supervisory Control and Data Acquisition (SCADA) system is a control system which is widely used in Critical Infrastructure System to monitor and control industrial processes autonomously. Most of the SCADA communication protocols are vulnerable to various types of cyber-related attacks. The currently used security standards for SCADA communication specify the use of asymmetric cryptographic algorithms like RSA or ECC for securing SCADA communications. There are certain performance issues with cryptographic solutions of these specifications when applied to SCADA system with real-time constraints and hardware limitations. To overcome this issue, in this thesis we propose the use of a faster and …

Effects Of Architecture On Information Leakage Of A Hardware Advanced Encryption Standard Implementation, Eric A. Koziel

Theses and Dissertations

Side-channel analysis (SCA) is a threat to many modern cryptosystems. Many countermeasures exist, but are costly to implement and still do not provide complete protection against SCA. A plausible alternative is to design the cryptosystem using architectures that are known to leak little information about the cryptosystem's operations. This research uses several common primitive architectures for the Advanced Encryption Standard (AES) and assesses the susceptibility of the full AES system to side-channel attack for various primitive configurations. A combined encryption/decryption core is also evaluated to determine if variation of high-level architectures affects leakage characteristics. These different configurations are evaluated under …

The White-Hat Bot: A Novel Botnet Defense Strategy, Tyrone C. Gubler

Theses and Dissertations

Botnets are a threat to computer systems and users around the world. Botmasters can range from annoying spam email propagators to nefarious criminals. These criminals attempt to take down networks or web servers through distributed denial-of-service attacks, to steal corporate secrets, or to launder money from individuals or corporations. As the number and severity of successful botnet attacks rise, computer security experts need to develop better early-detection and removal techniques to protect computer networks and individual computer users from these very real threats. I will define botnets and describe some of their common purposes and current uses. Next, I will …

Measuring The Utility Of A Cyber Incident Mission Impact Assessment (Cimia) Process For Mission Assurance, Christy L. Peterson

Theses and Dissertations

Information is a critical asset on which virtually all modern organizations depend upon to meet their operational mission objectives. Military organizations, in particular, have embedded Information and Communications Technologies (ICT) into their core mission processes as a means to increase their operational efficiency, exploit automation, improve decision quality, and shorten the kill chain. However, the extreme dependence upon ICT results in an environment where a cyber incident can result in severe mission degradation, or possibly failure, with catastrophic consequences to life, limb, and property. These consequences can be minimized by maintaining real-time situational awareness of mission critical resources so appropriate …

An Application Of Automated Theorem Provers To Computer System Security: The Schematic Protection Model, Mitchell D.I. Hirschfeld

Theses and Dissertations

The Schematic Protection Model is specified in SAL and theorems about Take-Grant and New Technology File System schemes are proven. Arbitrary systems can be specified in SPM and analyzed. This is the first known automated analysis of SPM specifications in a theorem prover. The SPM specification was created in such a way that new specifications share the underlying framework and are configurable within the specifications file alone. This allows new specifications to be created with ease as demonstrated by the four unique models included within this document. This also allows future users to more easily specify models without recreating the …

Developing Cyberspace Data Understanding: Using Crisp-Dm For Host-Based Ids Feature Mining, Joseph R. Erskine

Theses and Dissertations

Current intrusion detection systems generate a large number of specific alerts, but do not provide actionable information. Many times, these alerts must be analyzed by a network defender, a time consuming and tedious task which can occur hours or days after an attack occurs. Improved understanding of the cyberspace domain can lead to great advancements in Cyberspace situational awareness research and development. This thesis applies the Cross Industry Standard Process for Data Mining (CRISP-DM) to develop an understanding about a host system under attack. Data is generated by launching scans and exploits at a machine outfitted with a set of …

Large-Scale Distributed Coalition Formation, Daniel R. Karrels

Theses and Dissertations

The CyberCraft project is an effort to construct a large scale Distributed Multi-Agent System (DMAS) to provide autonomous Cyberspace defense and mission assurance for the DoD. It employs a small but flexible agent structure that is dynamically reconfigurable to accommodate new tasks and policies. This document describes research into developing protocols and algorithms to ensure continued mission execution in a system of one million or more agents, focusing on protocols for coalition formation and Command and Control. It begins by building large-scale routing algorithms for a Hierarchical Peer to Peer structured overlay network, called Resource-Clustered Chord (RC-Chord). RC-Chord introduces the …

An Efficient And Effective Implementation Of The Trust System For Power Grid Compartmentalization, Juan M. Carlos Gonzalez

Theses and Dissertations

As utility companies develop and incorporate new technologies, such as moving to utility Internet technology based architecture and standard; it is crucial that we do so with history in mind. We know that traditional utility protection and control systems were not designed with security in their top priorities. This presents a danger in an environment where near real-time responses are required to ensure safe operations. As a consequence, system security becomes a burden to the system rather than necessary protection. Unfortunately, technology implementation is not the only concern. The number of utility privately-owned companies has multiplied as the market has …

Host-Based Multivariate Statistical Computer Operating Process Anomaly Intrusion Detection System (Paids), Glen R. Shilland

Theses and Dissertations

No abstract provided.

Sub-Circuit Selection And Replacement Algorithms Modeled As Term Rewriting Systems, Eric D. Simonaire

Theses and Dissertations

Intent protection is a model of software obfuscation which, among other criteria, prevents an adversary from understanding the program’s function for use with contextual information. Relating this framework for obfuscation to malware detection, if a malware detector can perfectly normalize a program P and any obfuscation (variant) of the program O(P), the program is not intent protected. The problem of intent protection on programs can also be modeled as intent protection on combinational logic circuits. If a malware detector can perfectly normalize a circuit C and any obfuscation (variant) O(C) of the circuit, the circuit is not intent protected. In …

Secureqemu: Emulation-Based Software Protection Providing Encrypted Code Execution And Page Granularity Code Signing, William B. Kimball

Theses and Dissertations

This research presents an original emulation-based software protection scheme providing protection from reverse code engineering (RCE) and software exploitation using encrypted code execution and page-granularity code signing, respectively. Protection mechanisms execute in trusted emulators while remaining out-of-band of untrusted systems being emulated. This protection scheme is called SecureQEMU and is based on a modified version of Quick Emulator (QEMU) [5]. RCE is a process that uncovers the internal workings of a program. It is used during vulnerability and intellectual property (IP) discovery. To protect from RCE program code may have anti-disassembly, anti-debugging, and obfuscation techniques incorporated. These techniques slow the …

Developing Network Situational Awareness Through Visualization Of Fused Intrusion Detection System Alerts, Serafin A. Avitia V

Theses and Dissertations

With networks increasing in physical size, bandwidth, traffic volume, and malicious activity, network analysts are experiencing greater difficulty in developing network situational awareness. Traditionally, network analysts have used Intrusion Detection Systems to gain awareness but this method is outdated when analysts are unable to process the alerts at the rate they are being generated. Analysts are unwittingly placing the computer assets they are charged to protect at risk when they are unable to detect these network attacks. This research effort examines the theory, application, and results of using visualizations of fused alert data to develop network situational awareness. The fused …

An Analysis Of Botnet Vulnerabilities, Sean W. Hudson

Theses and Dissertations

Botnets are a significant threat to computer networks and data stored on networked computers. The ability to inhibit communication between servers controlling the botnet and individual hosts would be an effective countermeasure. The objective of this research was to find vulnerabilities in Unreal IRCd that could be used to shut down the server. Analysis revealed that Unreal IRCd is a very mature and stable IRC server and no significant vulnerabilities were found. While this research does not eliminate the possibility that a critical vulnerability is present in the Unreal IRCd software, none were identified during this effort.

Using Hierarchical Temporal Memory For Detecting Anomalous Network Activity, Gerod M. Bonhoff

Theses and Dissertations

This thesis explores the nature of cyberspace and forms an argument for it as an intangible world. This research is motivated by the notion of creating intelligently autonomous cybercraft to reside in that environment and maintain domain superiority. Specifically, this paper offers 7 challenges associated with development of intelligent, autonomous cybercraft. The primary focus is an analysis of the claims of a machine learning language called Hierarchical Temporal Memory (HTM). In particular, HTM theory claims to facilitate intelligence in machines via accurate predictions. It further claims to be able to make accurate predictions of unusual worlds, like cyberspace. The research …

Comparing Information Assurance Awareness Training For End-Users: A Content Analysis Examination Of Air Force And Defense Information Systems Agency User Training Modules, John W. Frugé

Theses and Dissertations

Today, the threats to information security and assurance are great. While there are many avenues for IT professionals to safeguard against these threats, many times these defenses prove useless against typical system users. Mandated by laws and regulations, all government agencies and most private companies have established information assurance (IA) awareness programs, most of which include user training. Much has been given in the existing literature to laying out the guidance for the roles and responsibilities of IT professionals and higher level managers, but less is specified for "everyday" users of information systems. This thesis attempts to determine the content …

Suspicion Modeling In Support Of Cyber-Influence Operations/Tactics, Henry G. Paguirigan

Theses and Dissertations

Understanding the cognitive process of IT user suspicion may assist organizations in development of network protection plans, personnel training, and tools necessary to identify and mitigate nefarious intrusions of IT systems. Exploration of a conceptual common ground between psycho-social and technology-related concepts of suspicion are the heart of this investigation. The complexities involved in merging these perspectives led to the overall research question: What is the nature of user suspicion toward IT: The research problem/phenomenon was addressed via extensive literature review, and use of the Interactive Qualitative Analysis problem/phenomenon. Analysis of the system led to the development of a model …

A Formal Specification And Proof Of System Safety Using The Schematic Protection Model, Raymond S. Way

Theses and Dissertations

This research formally specifies the Schematic Protection Model (SPM) and provides a sound, flexible tool for reasoning formally about systems that implement a security model like SPM, to prove its ability to provide security services such as confidentiality and integrity. The theory described by the resultant model was logically proved in the Prototype Verification System (PVS), an automated prover. Each component of SPM was tested, as were several anomalous conditions, and each test produced results consistent with the model. The model is internally modular, and therefore easily extensible, yet cohesive since the theory to be proved encompasses the entire specification. …

Applying Automated Theorem Proving To Computer Security, Kelly K. Mcelroy

Theses and Dissertations

While more and more data is stored and accessed electronically, better access control methods need to be implemented for computer security. Formal modelling and analysis have been successfully used in certain areas of computer systems, such as verifying the security properties of cryptographic and authentication protocols. However, formal models for computer systems in cyberspace, like networks, have hardly advanced. A highly regarded graduate textbook cites the Take-Grant model created in 1977 as one of the \current" examples of security modelling and analysis techniques. This model is rarely used in practice though. This research implements the Take-Grant Protection model's four de …