Computer Engineering Commons^™

Improving Ethics Surrounding Collegiate-Level Hacking Education: Recommended Implementation Plan & Affiliation With Peer-Led Initiatives, Shannon Morgan, Dr. Sanjay Goel

Military Cyber Affairs

Cybersecurity has become a pertinent concern, as novel technological innovations create opportunities for threat actors to exfiltrate sensitive data. To meet the demand for professionals in the workforce, universities have ramped up their academic offerings to provide a broad range of cyber-related programs (e.g., cybersecurity, informatics, information technology, digital forensics, computer science, & engineering). As the tactics, techniques, and procedures (TTPs) of hackers evolve, the knowledge and skillset required to be an effective cybersecurity professional have escalated accordingly. Therefore, it is critical to train cyber students both technically and theoretically to actively combat cyber criminals and protect the confidentiality, integrity, …

Using Digital Twins To Protect Biomanufacturing From Cyberattacks, Brenden Fraser-Hevlin, Alec W. Schuler, B. Arda Gozen, Bernard J. Van Wie

Military Cyber Affairs

Understanding of the intersection of cyber vulnerabilities and bioprocess regulation is critical with the rise of artificial intelligence and machine learning in manufacturing. We detail a case study in which we model cyberattacks on network-mediated signals from a novel bioreactor, where it is important to control medium feed rates to maintain cell proliferation. We use a digital twin counterpart reactor to compare glucose and oxygen sensor signals from the bioreactor to predictions from a kinetic growth model, allowing discernment of faulty sensors from hacked signals. Our results demonstrate a successful biomanufacturing cyberattack detection system based on fundamental process control principles.

Characterizing Advanced Persistent Threats Through The Lens Of Cyber Attack Flows, Logan Zeien, Caleb Chang, Ltc Ekzhin Ear, Dr. Shouhuai Xu

Military Cyber Affairs

Effective cyber defense must build upon a deep understanding of real-world cyberattacks to guide the design and deployment of appropriate defensive measures against current and future attacks. In this abridged paper (of which the full paper is available online), we present important concepts for understanding Advanced Persistent Threats (APTs), our methodology to characterize APTs through the lens of attack flows, and a detailed case study of APT28 that demonstrates our method’s viability to draw useful insights. This paper makes three technical contributions. First, we propose a novel method of constructing attack flows to describe APTs. This abstraction allows technical audiences, …

Machine Learning Security For Tactical Operations, Dr. Denaria Fields, Shakiya A. Friend, Andrew Hermansen, Dr. Tugba Erpek, Dr. Yalin E. Sagduyu

Military Cyber Affairs

Deep learning finds rich applications in the tactical domain by learning from diverse data sources and performing difficult tasks to support mission-critical applications. However, deep learning models are susceptible to various attacks and exploits. In this paper, we first discuss application areas of deep learning in the tactical domain. Next, we present adversarial machine learning as an emerging attack vector and discuss the impact of adversarial attacks on the deep learning performance. Finally, we discuss potential defense methods that can be applied against these attacks.

Securing The Void: Assessing The Dynamic Threat Landscape Of Space, Brianna Bace, Dr. Unal Tatar

Military Cyber Affairs

Outer space is a strategic and multifaceted domain that is a crossroads for political, military, and economic interests. From a defense perspective, the U.S. military and intelligence community rely heavily on satellite networks to meet national security objectives and execute military operations and intelligence gathering. This paper examines the evolving threat landscape of the space sector, encompassing natural and man-made perils, emphasizing the rise of cyber threats and the complexity introduced by dual-use technology and commercialization. It also explores the implications for security and resilience, advocating for collaborative efforts among international organizations, governments, and industry to safeguard the space sector.

Commercial Enablers Of China’S Cyber-Intelligence And Information Operations, Ethan Mansour, Victor Mukora

Military Cyber Affairs

In a globally commercialized information environment, China uses evolving commercial enabler networks to position and project its goals. They do this through cyber, intelligence, and information operations. This paper breaks down the types of commercial enablers and how they are used operationally. It will also address the CCP's strategy to gather and influence foreign and domestic populations throughout cyberspace. Finally, we conclude with recommendations for mitigating the influence of PRC commercial enablers.

The Role Of Artificial Intelligence In Determining The Criminal Fingerprint, Saeed Al Matrooshi

Journal of Police and Legal Sciences

The research aimed to identify the motives and justifications for the use of artificial intelligence in predicting crimes, to explain the challenges of artificial intelligence algorithms, the risks of bias and their ethical rules, and to highlight the role of artificial intelligence in identifying the criminal fingerprint during the detection of crimes. The research relied on the analytical approach, for the purpose of identifying the motives and justifications for the use of intelligence. Artificial intelligence in crime detection, explaining the challenges of artificial intelligence algorithms, their risks of bias, and ethical rules, and exploring how artificial intelligence technology can hopefully …

Reducing Food Scarcity: The Benefits Of Urban Farming, S.A. Claudell, Emilio Mejia

Journal of Nonprofit Innovation

Urban farming can enhance the lives of communities and help reduce food scarcity. This paper presents a conceptual prototype of an efficient urban farming community that can be scaled for a single apartment building or an entire community across all global geoeconomics regions, including densely populated cities and rural, developing towns and communities. When deployed in coordination with smart crop choices, local farm support, and efficient transportation then the result isn’t just sustainability, but also increasing fresh produce accessibility, optimizing nutritional value, eliminating the use of ‘forever chemicals’, reducing transportation costs, and fostering global environmental benefits.

Imagine Doris, who is …

Integrating Nist And Iso Cybersecurity Audit And Risk Assessment Frameworks Into Cameroonian Law, Bernard Ngalim

Journal of Cybersecurity Education, Research and Practice

This paper reviews cybersecurity laws and regulations in Cameroon, focusing on cybersecurity and information security audits and risk assessments. The importance of cybersecurity risk assessment and the implementation of security controls to cure deficiencies noted during risk assessments or audits is a critical step in developing cybersecurity resilience. Cameroon's cybersecurity legal framework provides for audits but does not explicitly enumerate controls. Consequently, integrating relevant controls from the NIST frameworks and ISO Standards can improve the cybersecurity posture in Cameroon while waiting for a comprehensive revision of the legal framework. NIST and ISO are internationally recognized as best practices in information …

An Ml Based Digital Forensics Software For Triage Analysis Through Face Recognition, Gaurav Gogia, Parag H. Rughani

Journal of Digital Forensics, Security and Law

Since the past few years, the complexity and heterogeneity of digital crimes has increased exponentially, which has made the digital evidence & digital forensics paramount for both criminal investigation and civil litigation cases. Some of the routine digital forensic analysis tasks are cumbersome and can increase the number of pending cases especially when there is a shortage of domain experts. While the work is not very complex, the sheer scale can be taxing. With the current scenarios and future predictions, crimes are only going to become more complex and the precedent of collecting and examining digital evidence is only going …

Security-Enhanced Serial Communications, John White, Alexander Beall, Joseph Maurio, Dane Fichter, Dr. Matthew Davis, Dr. Zachary Birnbaum

Military Cyber Affairs

Industrial Control Systems (ICS) are widely used by critical infrastructure and are ubiquitous in numerous industries including telecommunications, petrochemical, and manufacturing. ICS are at a high risk of cyber attack given their internet accessibility, inherent lack of security, deployment timelines, and criticality. A unique challenge in ICS security is the prevalence of serial communication buses and other non-TCP/IP communications protocols. The communication protocols used within serial buses often lack authentication and integrity protections, leaving them vulnerable to spoofing and replay attacks. The bandwidth constraints and prevalence of legacy hardware in these systems prevent the use of modern message authentication and …

Enhancing The Battleverse: The People’S Liberation Army’S Digital Twin Strategy, Joshua Baughman

Military Cyber Affairs

No abstract provided.

Operationalizing Deterrence By Denial In The Cyber Domain, Gentry Lane

Military Cyber Affairs

No abstract provided.

What Senior U.S. Leaders Say We Should Know About Cyber, Dr. Joseph H. Schafer

Military Cyber Affairs

On April 6, 2023, the Atlantic Council’s Cyber Statecraft Initiative hosted a panel discussion on the new National Cybersecurity Strategy. The panel featured four senior officials from the Office of the National Cyber Director (ONCD), the Department of State (DoS), the Department of Justice (DoJ), and the Department of Homeland Security (DHS). The author attended and asked each official to identify the most important elements that policymakers and strategists must understand about cyber. This article highlights historical and recent struggles to express cyber policy, the responses from these officials, and the author’s ongoing research to improve national security cyber policy.

The Security And Cyber Defence Realities And Difficulties In Algeria, Kada Aicha

Journal of Police and Legal Sciences

This research paper aims to shed light on the digital challenge faced by Algeria as it enters the world of the knowledge society, which qualifies it to achieve cybersecurity and cyber defense against various forms and types of security threats, including cyber threats. The researcher used an analytical approach to understand the phenomenon under study and trace its causes, in addition to a case study method to study all aspects of the studied phenomenon and identify the characteristics of the case study - Algeria was chosen as the analysis unit. The study concluded several important results, including:

The deficiency of …

An Evaluation Framework For Digital Image Forensics Tools, Zainab Khalid, Sana Qadir

Journal of Digital Forensics, Security and Law

The boom of digital cameras, photography, and social media has drastically changed how humans live their day-to-day, but this normalization is accompanied by malicious agents finding new ways to forge and tamper with images for unlawful monetary (or other) gains. Disinformation in the photographic media realm is an urgent threat. The availability of a myriad of image editing tools renders it almost impossible to differentiate between photo-realistic and original images. The tools available for image forensics require a standard framework against which they can be evaluated. Such a standard framework can aid in evaluating the suitability of an image forensics …

Metasoftware: Building Blocks For Legal Technology, Houman Shadab

Seattle Journal of Technology, Environmental & Innovation Law

This Article develops a novel concept in information technology called “metasoftware.” It then applies the concept of metasoftware to developing legal technology.

Metasoftware enables users to create the software of their choosing and stands in sharp contrast to traditional, functional. Functional software is the default type of software that is currently produced and includes word processing, email, social networking, enterprise resource management, online marketplaces, and video game software. Metasoftware, by contrast, is not functional. Metasoftware presents the user with a blank slate upon which to build functional software.

I argue that software is metasoftware to that extent that (1) it …

Defensive Industrial Policy: Cybersecurity Interventions To Reduce Intellectual Property Theft, Dr. Chad Dacus, Dr. Carl (Cj) Horn

Military Cyber Affairs

Through cyber-enabled industrial espionage, China has appropriated what Keith Alexander, the former Director of the National Security Agency, dubbed “the largest transfer of wealth in history.” Although China disavows intellectual property (IP) theft by its citizens and has set self-sustained research and development as an important goal, it is unrealistic to believe IP theft will slow down meaningfully without changing China’s decision calculus. China and the United States have twice agreed, in principle, to respect one another’s IP rights. However, these agreements have lacked any real enforcement mechanism, so the United States must do more to ensure its IP is …

Offensive Cyber Operations And Future Littoral Operating Concepts, Jd Work

Military Cyber Affairs

Introduction of new ground-launch cruise missile options to hold adversary naval targets at risk in order to support conventional deterrence objectives through sea control and sea denial missions is the centerpiece of proposed reorganization of Marine Littoral forces, as part of new “Expeditionary Advanced Base Operations,” and “Littoral Operations in Contested Environments” concepts. Effective distributed sea control fires against pacing threat maritime formations requires defeat of integrated air defense systems. Offensive cyber operations capabilities may be considered as a means of altering the calculus of attrition in missile fires exchanges, but due to various sensitivities it has been difficult to …

Enter The Battleverse: China's Metaverse War, Josh Baughman

Military Cyber Affairs

No abstract provided.

Will Products Liability Litigation Help Protect Iot Users From Cyber-Physical Attacks?, J Royce Fichtner, Troy J. Strader

Journal of International Technology and Information Management

While there is an identifiable trend towards protecting consumers from data breaches and data misuses related to IoT devices through new legislation, new regulations, government enforcement actions, and private lawsuits, there has been little progress towards creating similar legally enforceable standards of care for “cyber-physical device security.” This article explores this underdeveloped area of academic inquiry into cyber-physical device security within the context of product liability litigation in the United States. The two questions addressed in this article are: (1) Have there been any successful products liability court decisions in the United States that have held IoT manufacturers liable for …

A Proportionality-Based Framework For Government Regulation Of Digital Tracing Apps In Times Of Emergency, Sharon Bassan

Dickinson Law Review (2017-Present)

Times of emergency present an inherent conflict between the public interest and the preservation of individual rights. Such times require granting emergency powers to the government on behalf of the public interest and relaxing safeguards against government actions that infringe rights. The lack of theoretical framework to assess governmental decisions in times of emergency leads to a polarized and politicized discourse about potential policies, and often, to public distrust and lack of compliance.

Such a discourse was evident regarding Digital Tracing Apps (“DTAs”), which are apps installed on cellular phones to alert users that they were exposed to people who …

Book Review: This Is How They Tell Me The World Ends: The Cyberweapons Arms Race (2020) By Nicole Perlroth, Amy C. Gaudion

Dickinson Law Review (2017-Present)

No abstract provided.

Deepfakes, Shallowfakes, And The Need For A Private Right Of Action, Eric Kocsis

Dickinson Law Review (2017-Present)

For nearly as long as there have been photographs and videos, people have been editing and manipulating them to make them appear to be something they are not. Usually edited or manipulated photographs are relatively easy to detect, but those days are numbered. Technology has no morality; as it advances, so do the ways it can be misused. The lack of morality is no clearer than with deepfake technology.

People create deepfakes by inputting data sets, most often pictures or videos into a computer. A series of neural networks attempt to mimic the original data set until they are nearly …

Don't Bite The Bait: Phishing Attack For Internet Banking (E-Banking), Ilker Kara

Journal of Digital Forensics, Security and Law

Phishing attacks are based on obtaining desired information from users quickly and easily with the help of misdirecting, panicking, curiosity, or excitement. Most of the phishing web sites are designed on internet banking(e-banking) and the attackers can acquire financial information of misled users with the tactics and discourses they develop. Despite the increase of prevention techniques against phishing attacks day by day, an effective solution could not be found for this issue due to the human factor. Because of this reason, real phishing attack studies are essential to study and analyze the attackers’ attack techniques and strategies. This study focused …

The Ftc And Ai Governance: A Regulatory Proposal, Michael Spiro

Seattle Journal of Technology, Environmental & Innovation Law

No abstract provided.

Poland’S Challenge To Eu Directive 2019/790: Standing Up To The Destruction Of European Freedom Of Expression, Michaela Cloutier

Dickinson Law Review (2017-Present)

In 2019, the European Parliament and Council passed Directive 2019/790. The Directive’s passage marked the end of a fouryear- long legislative attempt to impose more liability for copyright violations on Online Service Providers, an effort which was controversial from the start. Online Service Providers fear that the 2019 Directive, especially its Article 17, will completely change the structure of liability on the Internet, forcing providers to adopt expensive content filtering systems. Free speech advocates fear that ineffective filtering technology will infringe upon Internet users’ rights to express themselves, and legal scholars have pointed out the Directive’s inconsistency with prior European …

Fixing Social Media: Toward A Democratic Digital Commons, Michael Kwet

Markets, Globalization & Development Review

In the past few years, big Social Media networks like Facebook, Twitter, and YouTube have received intense scrutiny from the intellectual classes. This article critiques the dominant strain of criticism, the neo-Brandeisian School of antitrust, for its narrow focus on “regulated competition” as an appropriate means to “fix social media”. This essay calls for a socialist alternative: a democratic social media commons based on free and open source technology, decentralization, and democratic socialist legal solutions. It reviews how existing solutions like the Fediverse and LibreSocial work, and how they may provide answers for a better way forward.

Human Supremacy As Posthuman Risk, Daniel Estrada

The Journal of Sociotechnical Critique

Human supremacy is the widely held view that human interests ought to be privileged over other interests as a matter of ethics and public policy. Posthumanism is the historical situation characterized by a critical reevaluation of anthropocentrist theory and practice. This paper draws on animal studies, critical posthumanism, and the critique of ideal theory in Charles Mills and Serene Khader to address the appeal to human supremacist rhetoric in AI ethics and policy discussions, particularly in the work of Joanna Bryson. This analysis identifies a specific risk posed by human supremacist policy in a posthuman context, namely the classification of …

From Protecting To Performing Privacy, Garfield Benjamin

The Journal of Sociotechnical Critique

Privacy is increasingly important in an age of facial recognition technologies, mass data collection, and algorithmic decision-making. Yet it persists as a contested term, a behavioural paradox, and often fails users in practice. This article critiques current methods of thinking privacy in protectionist terms, building on Deleuze's conception of the society of control, through its problematic relation to freedom, property and power. Instead, a new mode of understanding privacy in terms of performativity is provided, drawing on Butler and Sedgwick as well as Cohen and Nissenbaum. This new form of privacy is based on identity, consent and collective action, a …