Computer Engineering Commons^™

Integrating Nist And Iso Cybersecurity Audit And Risk Assessment Frameworks Into Cameroonian Law, Bernard Ngalim

Journal of Cybersecurity Education, Research and Practice

This paper reviews cybersecurity laws and regulations in Cameroon, focusing on cybersecurity and information security audits and risk assessments. The importance of cybersecurity risk assessment and the implementation of security controls to cure deficiencies noted during risk assessments or audits is a critical step in developing cybersecurity resilience. Cameroon's cybersecurity legal framework provides for audits but does not explicitly enumerate controls. Consequently, integrating relevant controls from the NIST frameworks and ISO Standards can improve the cybersecurity posture in Cameroon while waiting for a comprehensive revision of the legal framework. NIST and ISO are internationally recognized as best practices in information …

An Ml Based Digital Forensics Software For Triage Analysis Through Face Recognition, Gaurav Gogia, Parag H. Rughani

Journal of Digital Forensics, Security and Law

Since the past few years, the complexity and heterogeneity of digital crimes has increased exponentially, which has made the digital evidence & digital forensics paramount for both criminal investigation and civil litigation cases. Some of the routine digital forensic analysis tasks are cumbersome and can increase the number of pending cases especially when there is a shortage of domain experts. While the work is not very complex, the sheer scale can be taxing. With the current scenarios and future predictions, crimes are only going to become more complex and the precedent of collecting and examining digital evidence is only going …

Security-Enhanced Serial Communications, John White, Alexander Beall, Joseph Maurio, Dane Fichter, Dr. Matthew Davis, Dr. Zachary Birnbaum

Military Cyber Affairs

Industrial Control Systems (ICS) are widely used by critical infrastructure and are ubiquitous in numerous industries including telecommunications, petrochemical, and manufacturing. ICS are at a high risk of cyber attack given their internet accessibility, inherent lack of security, deployment timelines, and criticality. A unique challenge in ICS security is the prevalence of serial communication buses and other non-TCP/IP communications protocols. The communication protocols used within serial buses often lack authentication and integrity protections, leaving them vulnerable to spoofing and replay attacks. The bandwidth constraints and prevalence of legacy hardware in these systems prevent the use of modern message authentication and …

Enhancing The Battleverse: The People’S Liberation Army’S Digital Twin Strategy, Joshua Baughman

Military Cyber Affairs

No abstract provided.

What Senior U.S. Leaders Say We Should Know About Cyber, Dr. Joseph H. Schafer

Military Cyber Affairs

On April 6, 2023, the Atlantic Council’s Cyber Statecraft Initiative hosted a panel discussion on the new National Cybersecurity Strategy. The panel featured four senior officials from the Office of the National Cyber Director (ONCD), the Department of State (DoS), the Department of Justice (DoJ), and the Department of Homeland Security (DHS). The author attended and asked each official to identify the most important elements that policymakers and strategists must understand about cyber. This article highlights historical and recent struggles to express cyber policy, the responses from these officials, and the author’s ongoing research to improve national security cyber policy.

Operationalizing Deterrence By Denial In The Cyber Domain, Gentry Lane

Military Cyber Affairs

No abstract provided.

The Exigency And How To Improve And Implement International Humanitarian Legislations More Advantageously In Times Of Both Cyber-Warfare And Cyberspace, Shawn J. Lalman

Doctoral Dissertations and Master's Theses

This study provides a synopsis of the following topics: the prospective limiters levied on cyber-warfare by present–day international legislation; significant complexities and contentions brought up in the rendering & utilization of International Humanitarian Legislation against cyber-warfare; feasible repercussions of cyber-warfare on humanitarian causes. It is also to be contended and outlined in this research study that non–state actors can be held accountable for breaches of international humanitarian legislation committed using cyber–ordnance if sufficient resources and skill are made available. It details the factors that prosecutors and investigators must take into account when organizing investigations into major breaches of humanitarian legislation …

The Security And Cyber Defence Realities And Difficulties In Algeria, Kada Aicha

Journal of Police and Legal Sciences

This research paper aims to shed light on the digital challenge faced by Algeria as it enters the world of the knowledge society, which qualifies it to achieve cybersecurity and cyber defense against various forms and types of security threats, including cyber threats. The researcher used an analytical approach to understand the phenomenon under study and trace its causes, in addition to a case study method to study all aspects of the studied phenomenon and identify the characteristics of the case study - Algeria was chosen as the analysis unit. The study concluded several important results, including:

The deficiency of …

An Evaluation Framework For Digital Image Forensics Tools, Zainab Khalid, Sana Qadir

Journal of Digital Forensics, Security and Law

The boom of digital cameras, photography, and social media has drastically changed how humans live their day-to-day, but this normalization is accompanied by malicious agents finding new ways to forge and tamper with images for unlawful monetary (or other) gains. Disinformation in the photographic media realm is an urgent threat. The availability of a myriad of image editing tools renders it almost impossible to differentiate between photo-realistic and original images. The tools available for image forensics require a standard framework against which they can be evaluated. Such a standard framework can aid in evaluating the suitability of an image forensics …

Artificial Justice: The Quandary Of Ai In The Courtroom, Paul W. Grimm, Maura R. Grossman, Sabine Gless, Mireille Hildebrandt

Judicature International

No abstract provided.

Metasoftware: Building Blocks For Legal Technology, Houman Shadab

Seattle Journal of Technology, Environmental & Innovation Law

This Article develops a novel concept in information technology called “metasoftware.” It then applies the concept of metasoftware to developing legal technology.

Metasoftware enables users to create the software of their choosing and stands in sharp contrast to traditional, functional. Functional software is the default type of software that is currently produced and includes word processing, email, social networking, enterprise resource management, online marketplaces, and video game software. Metasoftware, by contrast, is not functional. Metasoftware presents the user with a blank slate upon which to build functional software.

I argue that software is metasoftware to that extent that (1) it …

Defensive Industrial Policy: Cybersecurity Interventions To Reduce Intellectual Property Theft, Dr. Chad Dacus, Dr. Carl (Cj) Horn

Military Cyber Affairs

Through cyber-enabled industrial espionage, China has appropriated what Keith Alexander, the former Director of the National Security Agency, dubbed “the largest transfer of wealth in history.” Although China disavows intellectual property (IP) theft by its citizens and has set self-sustained research and development as an important goal, it is unrealistic to believe IP theft will slow down meaningfully without changing China’s decision calculus. China and the United States have twice agreed, in principle, to respect one another’s IP rights. However, these agreements have lacked any real enforcement mechanism, so the United States must do more to ensure its IP is …

Enter The Battleverse: China's Metaverse War, Josh Baughman

Military Cyber Affairs

No abstract provided.

A Proportionality-Based Framework For Government Regulation Of Digital Tracing Apps In Times Of Emergency, Sharon Bassan

Dickinson Law Review (2017-Present)

Times of emergency present an inherent conflict between the public interest and the preservation of individual rights. Such times require granting emergency powers to the government on behalf of the public interest and relaxing safeguards against government actions that infringe rights. The lack of theoretical framework to assess governmental decisions in times of emergency leads to a polarized and politicized discourse about potential policies, and often, to public distrust and lack of compliance.

Such a discourse was evident regarding Digital Tracing Apps (“DTAs”), which are apps installed on cellular phones to alert users that they were exposed to people who …

Book Review: This Is How They Tell Me The World Ends: The Cyberweapons Arms Race (2020) By Nicole Perlroth, Amy C. Gaudion

Dickinson Law Review (2017-Present)

No abstract provided.

Deepfakes, Shallowfakes, And The Need For A Private Right Of Action, Eric Kocsis

Dickinson Law Review (2017-Present)

For nearly as long as there have been photographs and videos, people have been editing and manipulating them to make them appear to be something they are not. Usually edited or manipulated photographs are relatively easy to detect, but those days are numbered. Technology has no morality; as it advances, so do the ways it can be misused. The lack of morality is no clearer than with deepfake technology.

People create deepfakes by inputting data sets, most often pictures or videos into a computer. A series of neural networks attempt to mimic the original data set until they are nearly …

Don't Bite The Bait: Phishing Attack For Internet Banking (E-Banking), Ilker Kara

Journal of Digital Forensics, Security and Law

Phishing attacks are based on obtaining desired information from users quickly and easily with the help of misdirecting, panicking, curiosity, or excitement. Most of the phishing web sites are designed on internet banking(e-banking) and the attackers can acquire financial information of misled users with the tactics and discourses they develop. Despite the increase of prevention techniques against phishing attacks day by day, an effective solution could not be found for this issue due to the human factor. Because of this reason, real phishing attack studies are essential to study and analyze the attackers’ attack techniques and strategies. This study focused …

Effects Of Cloud Computing In The Workforce, Kevin Rossi Acosta

Cybersecurity Undergraduate Research Showcase

In recent years, the incorporation of cloud computing and cloud services has increased in many different types of organizations and companies. This paper will focus on the philosophical, economical, and political factors that cloud computing and cloud services have in the workforce and different organizations. Based on various scholarly articles and resources it was observed that organizations used cloud computing and cloud services to increase their overall productivity as well as decrease the overall cost of their operations, as well as the different policies that were created by lawmakers to control the realm of cloud computing. The results of this …

Discourse On Digital Government And Regulation: A Bibliometric Analysis, Prakoso Bhairawa Putera, Amelya Gustina

Library Philosophy and Practice (e-journal)

This study aims to discuss digital government and regulation, analyzed through the bibliometric approach with the Scopus database for the last 20 years and visualized through the VOSviewer software version 1.6.16. The results indicate that the topic of e-government has become essentially prominent and has been the most discussed in the past two decades. Approximately 41.1% of digital government and regulation articles are classified under the subject area of 'Computer Science', continued by Social Sciences (18.3%), and Business, Management and Accounting (10.2%), with the majority of being 'All Open Access' (46%). The trend of publication in this field includes the …

Administrative Law In The Automated State, Cary Coglianese

All Faculty Scholarship

In the future, administrative agencies will rely increasingly on digital automation powered by machine learning algorithms. Can U.S. administrative law accommodate such a future? Not only might a highly automated state readily meet longstanding administrative law principles, but the responsible use of machine learning algorithms might perform even better than the status quo in terms of fulfilling administrative law’s core values of expert decision-making and democratic accountability. Algorithmic governance clearly promises more accurate, data-driven decisions. Moreover, due to their mathematical properties, algorithms might well prove to be more faithful agents of democratic institutions. Yet even if an automated state were …

Poland’S Challenge To Eu Directive 2019/790: Standing Up To The Destruction Of European Freedom Of Expression, Michaela Cloutier

Dickinson Law Review (2017-Present)

In 2019, the European Parliament and Council passed Directive 2019/790. The Directive’s passage marked the end of a fouryear- long legislative attempt to impose more liability for copyright violations on Online Service Providers, an effort which was controversial from the start. Online Service Providers fear that the 2019 Directive, especially its Article 17, will completely change the structure of liability on the Internet, forcing providers to adopt expensive content filtering systems. Free speech advocates fear that ineffective filtering technology will infringe upon Internet users’ rights to express themselves, and legal scholars have pointed out the Directive’s inconsistency with prior European …

Fixing Social Media: Toward A Democratic Digital Commons, Michael Kwet

Markets, Globalization & Development Review

In the past few years, big Social Media networks like Facebook, Twitter, and YouTube have received intense scrutiny from the intellectual classes. This article critiques the dominant strain of criticism, the neo-Brandeisian School of antitrust, for its narrow focus on “regulated competition” as an appropriate means to “fix social media”. This essay calls for a socialist alternative: a democratic social media commons based on free and open source technology, decentralization, and democratic socialist legal solutions. It reviews how existing solutions like the Fediverse and LibreSocial work, and how they may provide answers for a better way forward.

The Law Of Black Mirror - Syllabus, Yafit Lev-Aretz, Nizan Packin

Open Educational Resources

Using episodes from the show Black Mirror as a study tool - a show that features tales that explore techno-paranoia - the course analyzes legal and policy considerations of futuristic or hypothetical case studies. The case studies tap into the collective unease about the modern world and bring up a variety of fascinating key philosophical, legal, and economic-based questions.

Tech Policy And Legal Theory Syllabus, Yafit Lev-Aretz, Nizan Packin

Open Educational Resources

Technology has changed dramatically over the last couple of decades. Currently, virtually all business industries are powered by large quantities of data. The potential as well as actual uses of business data, which oftentimes includes personal user data, raise complex issues of informed consent and data protection. This course will explore many of these complex issues, with the goal of guiding students into thinking about tech policy from a broad ethical perspective as well as preparing students to responsibly conduct themselves in different areas and industries in a world growingly dominated by technology.

From Protecting To Performing Privacy, Garfield Benjamin

The Journal of Sociotechnical Critique

Privacy is increasingly important in an age of facial recognition technologies, mass data collection, and algorithmic decision-making. Yet it persists as a contested term, a behavioural paradox, and often fails users in practice. This article critiques current methods of thinking privacy in protectionist terms, building on Deleuze's conception of the society of control, through its problematic relation to freedom, property and power. Instead, a new mode of understanding privacy in terms of performativity is provided, drawing on Butler and Sedgwick as well as Cohen and Nissenbaum. This new form of privacy is based on identity, consent and collective action, a …

Paul Baran, Network Theory, And The Past, Present, And Future Of Internet, Christopher S. Yoo

All Faculty Scholarship

Paul Baran’s seminal 1964 article “On Distributed Communications Networks” that first proposed packet switching also advanced an underappreciated vision of network architecture: a lattice-like, distributed network, in which each node of the Internet would be homogeneous and equal in status to all other nodes. Scholars who have subsequently embraced the concept of a lattice-like network approach have largely overlooked the extent to which it is both inconsistent with network theory (associated with the work of Duncan Watts and Albert-László Barabási), which emphasizes the importance of short cuts and hubs in enabling networks to scale, and the actual way, the Internet …

A New Framework For Securing, Extracting And Analyzing Big Forensic Data, Hitesh Sachdev, Hayden Wimmer, Lei Chen, Carl Rebman

Journal of Digital Forensics, Security and Law

Finding new methods to investigate criminal activities, behaviors, and responsibilities has always been a challenge for forensic research. Advances in big data, technology, and increased capabilities of smartphones has contributed to the demand for modern techniques of examination. Smartphones are ubiquitous, transformative, and have become a goldmine for forensics research. Given the right tools and research methods investigating agencies can help crack almost any illegal activity using smartphones. This paper focuses on conducting forensic analysis in exposing a terrorist or criminal network and introduces a new Big Forensic Data Framework model where different technologies of Hadoop and EnCase software are …

The Tao Of The Dao: Taxing An Entity That Lives On A Blockchain, David J. Shakow

All Faculty Scholarship

In this report, Shakow explains how a decentralized autonomous organization functions and interacts with the U.S. tax system and presents the many tax issues that these structures raise. The possibility of using smart contracts to allow an entity to operate totally autonomously on a blockchain platform seems attractive. However, little thought has been given to how such an entity can comply with the requirements of a tax system. The DAO, the first major attempt to create such an organization, failed because of a programming error. If successful examples proliferate in the future, tax authorities will face significant problems in getting …

Common Carriage’S Domain, Christopher S. Yoo

All Faculty Scholarship

The judicial decision invalidating the Federal Communications Commission's first Open Internet Order has led advocates to embrace common carriage as the legal basis for network neutrality. In so doing, network neutrality proponents have overlooked the academic literature on common carriage as well as lessons from its implementation history. This Essay distills these learnings into five factors that play a key role in promoting common carriage's success: (1) commodity products, (2) simple interfaces, (3) stability and uniformity in the transmission technology, (4) full deployment of the transmission network, and (5) stable demand and market shares. Applying this framework to the Internet …

Regulating Robo Advice Across The Financial Services Industry, Tom Baker, Benedict G. C. Dellaert

All Faculty Scholarship

Automated financial product advisors – “robo advisors” – are emerging across the financial services industry, helping consumers choose investments, banking products, and insurance policies. Robo advisors have the potential to lower the cost and increase the quality and transparency of financial advice for consumers. But they also pose significant new challenges for regulators who are accustomed to assessing human intermediaries. A well-designed robo advisor will be honest and competent, and it will recommend only suitable products. Because humans design and implement robo advisors, however, honesty, competence, and suitability cannot simply be assumed. Moreover, robo advisors pose new scale risks that …