Digital Communications and Networking Commons^™

Improving Ethics Surrounding Collegiate-Level Hacking Education: Recommended Implementation Plan & Affiliation With Peer-Led Initiatives, Shannon Morgan, Dr. Sanjay Goel

Military Cyber Affairs

Cybersecurity has become a pertinent concern, as novel technological innovations create opportunities for threat actors to exfiltrate sensitive data. To meet the demand for professionals in the workforce, universities have ramped up their academic offerings to provide a broad range of cyber-related programs (e.g., cybersecurity, informatics, information technology, digital forensics, computer science, & engineering). As the tactics, techniques, and procedures (TTPs) of hackers evolve, the knowledge and skillset required to be an effective cybersecurity professional have escalated accordingly. Therefore, it is critical to train cyber students both technically and theoretically to actively combat cyber criminals and protect the confidentiality, integrity, …

Securing The Void: Assessing The Dynamic Threat Landscape Of Space, Brianna Bace, Dr. Unal Tatar

Military Cyber Affairs

Outer space is a strategic and multifaceted domain that is a crossroads for political, military, and economic interests. From a defense perspective, the U.S. military and intelligence community rely heavily on satellite networks to meet national security objectives and execute military operations and intelligence gathering. This paper examines the evolving threat landscape of the space sector, encompassing natural and man-made perils, emphasizing the rise of cyber threats and the complexity introduced by dual-use technology and commercialization. It also explores the implications for security and resilience, advocating for collaborative efforts among international organizations, governments, and industry to safeguard the space sector.

Cybersecurity In Critical Infrastructure Systems: Emulated Protection Relay, Mitchell Bylak

Computer Science and Computer Engineering Undergraduate Honors Theses

Cyber-attacks on Critical Systems Infrastructure have been steadily increasing across the world as the capabilities of and reliance on technology have grown throughout the 21st century, and despite the influx of new cybersecurity practices and technologies, the industry faces challenges in its cooperation between the government that regulates law practices and the private sector that owns and operates critical infrastructure and security, which has directly led to an absence of eas- ily accessible information and learning resources on cybersecurity for use in public environments and educational settings. This honors research thesis addresses these challenges by submitting the development of an …

Integrating Nist And Iso Cybersecurity Audit And Risk Assessment Frameworks Into Cameroonian Law, Bernard Ngalim

Journal of Cybersecurity Education, Research and Practice

This paper reviews cybersecurity laws and regulations in Cameroon, focusing on cybersecurity and information security audits and risk assessments. The importance of cybersecurity risk assessment and the implementation of security controls to cure deficiencies noted during risk assessments or audits is a critical step in developing cybersecurity resilience. Cameroon's cybersecurity legal framework provides for audits but does not explicitly enumerate controls. Consequently, integrating relevant controls from the NIST frameworks and ISO Standards can improve the cybersecurity posture in Cameroon while waiting for a comprehensive revision of the legal framework. NIST and ISO are internationally recognized as best practices in information …

Security-Enhanced Serial Communications, John White, Alexander Beall, Joseph Maurio, Dane Fichter, Dr. Matthew Davis, Dr. Zachary Birnbaum

Military Cyber Affairs

Industrial Control Systems (ICS) are widely used by critical infrastructure and are ubiquitous in numerous industries including telecommunications, petrochemical, and manufacturing. ICS are at a high risk of cyber attack given their internet accessibility, inherent lack of security, deployment timelines, and criticality. A unique challenge in ICS security is the prevalence of serial communication buses and other non-TCP/IP communications protocols. The communication protocols used within serial buses often lack authentication and integrity protections, leaving them vulnerable to spoofing and replay attacks. The bandwidth constraints and prevalence of legacy hardware in these systems prevent the use of modern message authentication and …

Enhancing Cyberspace Monitoring In The United States Aviation Industry: A Multi-Layered Approach For Addressing Emerging Threats, Matthew Janson

Doctoral Dissertations and Master's Theses

This research project examined the cyberspace domain in the United States (U.S.) aviation industry from many different angles. The research involved learning about the U.S. aviation cyberspace environment, the landscape of cyber threats, new technologies like 5G and smart airports, cybersecurity frameworks and best practices, and the use of aviation cyberspace monitoring capabilities. The research looked at how vulnerable the aviation industry is from cyber-attacks, analyzed the possible effects of cyber-attacks on the industry, and suggests ways to improve the industry's cybersecurity posture. The project's main goal was to protect against possible cyber-attacks and make sure that the aviation industry …

Small Business Office Network, Michael Gerome

Williams Honors College, Honors Research Projects

This project will emulate a small office network environment. The project will demonstrate the process of building and configuring the network to meet the requirements laid out in the project plan. This network includes four subnets with Windows 10 end devices and a Kali Linux device, it also includes five Cisco layer 2 switches and three Cisco routers. There are also three subnets connecting the routers to each other to enable routing between the subnets. After the network environment is set up, various penetration tests are performed from the Kali Linux device to gather information. The Nmap reconnaissance tool is …

Multifaceted Cybersecurity Analysis: Reconnaissance, Exploitation And Mitigation In A Controlled Network Environment, Austin Coontz

Williams Honors College, Honors Research Projects

This report details a network penetration test in a simulated environment using GNS3, focusing on the configuration of routers, switches, and hosts. The project successfully identified and exploited network vulnerabilities, including FTP access, misconfigured sudo permissions, and SMB protocol weaknesses. The penetration testing process utilized tools like fping and nmap for reconnaissance and vulnerability scanning, revealing the importance of device configurations in network security. The project concluded with mitigation strategies, emphasizing the need for secure access, robust password policies, and security controls. The experience underscored the significance of continuous learning and adaptation in the ever-evolving field of cybersecurity. The project …

Defensive Industrial Policy: Cybersecurity Interventions To Reduce Intellectual Property Theft, Dr. Chad Dacus, Dr. Carl (Cj) Horn

Military Cyber Affairs

Through cyber-enabled industrial espionage, China has appropriated what Keith Alexander, the former Director of the National Security Agency, dubbed “the largest transfer of wealth in history.” Although China disavows intellectual property (IP) theft by its citizens and has set self-sustained research and development as an important goal, it is unrealistic to believe IP theft will slow down meaningfully without changing China’s decision calculus. China and the United States have twice agreed, in principle, to respect one another’s IP rights. However, these agreements have lacked any real enforcement mechanism, so the United States must do more to ensure its IP is …

Book Review: This Is How They Tell Me The World Ends: The Cyberweapons Arms Race (2020) By Nicole Perlroth, Amy C. Gaudion

Dickinson Law Review (2017-Present)

No abstract provided.

The Soft Skills Business Demands Of The Chief Information Security Officer, Richard Smit, Jeroen Van Yperen Hagedoorn, Patric Versteeg, Pascal Ravesteijn

Journal of International Technology and Information Management

While many researchers have investigated soft skills for different roles related to business, engineering, healthcare and others, the soft skills needed by the chief information security officer (CISO) in a leadership position are not studied in-depth. This paper describes a first study aimed at filling this gap.

In this multimethod research, both the business leaders perspective as well as an analysis of CISO job ads is studied. The methodology used to capture the business leaders perspective is via a Delphi study and the jobs adds are studied using a quantitative content analysis.

With an increasing threat to information security for …

Icts For Surveillance And Suppression: The Case Of The Indian Emergency 1975-1977, Ramesh Subramanian

Journal of International Technology and Information Management

Information and Communications technologies (ICT) pervade society. The Internet, wireless communication, and social media are ubiquitous in and indispensable in society today. As they continue to grow and mushroom, there are new and increased calls from various segments of the society such as technologists, activists, sociologists, and legal experts, who issue warnings on the more nefarious and undesirable uses of ICTs, especially by governments. In fact, government control and surveillance using ICTs is not a new phenomenon. By looking at history, we are able to see several instances when ICTs have been used by governments to control, surveil, and infringe …

On The Potential, Feasibility, And Effectiveness Of Chat Bots In Public Health Research Going Forward, Stanley Mierzwa, Samir Souidi, Tammy Allen

Center for Cybersecurity

This paper will discuss whether bots, particularly chat bots, can be useful in public health research and health or pharmacy systems operations. Bots have been discussed for many years; particularly when coupled with artificial intelligence, they offer the opportunity of automating mundane or error-ridden processes and tasks by replacing human involvement. This paper will discuss areas where there are greater advances in the use of bots, as well as areas that may benefit from the use of bots, and will offer practical ways to get started with bot technology. Several popular bot applications and bot development tools along with practical …