Physical Sciences and Mathematics Commons^™

Forensic Analysis Of Whatsapp On Android Smartphones, Neha S. Thakur

University of New Orleans Theses and Dissertations

Android forensics has evolved over time offering significant opportunities and exciting challenges. On one hand, being an open source platform Android is giving developers the freedom to contribute to the rapid growth of the Android market whereas on the other hand Android users may not be aware of the security and privacy implications of installing these applications on their phones. Users may assume that a password-locked device protects their personal information, but applications may retain private information on devices, in ways that users might not anticipate. In this thesis we will be concentrating on one such application called 'WhatsApp', a …

A Secure And Fair Resource Sharing Model For Community Clouds, Santhosh S. Anand

Graduate Theses and Dissertations

Cloud computing has gained a lot of importance and has been one of the most discussed segment of today's IT industry. As enterprises explore the idea of using clouds, concerns have emerged related to cloud security and standardization. This thesis explores whether the Community Cloud Deployment Model can provide solutions to some of the concerns associated with cloud computing. A secure framework based on trust negotiations for resource sharing within the community is developed as a means to provide standardization and security while building trust during resource sharing within the community. Additionally, a model for fair sharing of resources is …

Utilizing Cyber Espionage To Combat Terrorism, Gary Adkins

Open Access Theses & Dissertations

The world has effectively exited the Industrial Age and is firmly planted in the Information Age. Global communication at the speed of light has been a great asset to both businesses and private citizens. However, there is a dark side to the age we live in, where terrorist groups are able to communicate, plan, fund, recruit, and spread their message to the world. The relative anonymity the internet provides hinders law enforcement and security agencies in not only locating would-be terrorists but also in disrupting their operations. The internet is a loosely knit group of computers and routers and is …

Cloud Computing: Architectural And Policy Implications, Christopher S. Yoo

All Faculty Scholarship

Cloud computing has emerged as perhaps the hottest development in information technology. Despite all of the attention that it has garnered, existing analyses focus almost exclusively on the issues that surround data privacy without exploring cloud computing’s architectural and policy implications. This article offers an initial exploratory analysis in that direction. It begins by introducing key cloud computing concepts, such as service-oriented architectures, thin clients, and virtualization, and discusses the leading delivery models and deployment strategies that are being pursued by cloud computing providers. It next analyzes the economics of cloud computing in terms of reducing costs, transforming capital expenditures …

Trends In Phishing Attacks: Suggestions For Future Research, Ryan M. Schuetzler

Information Systems and Quantitative Analysis Faculty Proceedings & Presentations

Deception in computer-mediated communication is a widespread phenomenon. Cyber criminals are exploiting technological mediums to communicate with potential targets as these channels reduce both the deception cues and the risk of detection itself. A prevalent deception-based attack in computer-mediated communication is phishing. Prior phishing research has addressed the “bait” and “hook” components of phishing attacks, the human-computer interaction that takes place as users judge the veracity of phishing emails and websites, and the development of technologies that can aid users in identifying and rejecting these attacks. Despite the extant research on this topic, phishing attacks continue to be successful as …

Exploring Identity Management At Community Colleges In Texas With Open Access To College Computer Networks, Michael John Callahan

Walden Dissertations and Doctoral Studies

The study addressed the lack of identity management practices in Texas community colleges to identify guest users who access college computers. Guest user access is required by Texas law and is part of the state's mission to bridge the technology gap; however, improper identification methods leave the college vulnerable to liability issues. The purpose of this study was to eliminate or mitigate liabilities facing colleges by creating and using security policies to identify guest users. This study combined the theoretical concepts of Cameron's internal security management model with the external trust models of the Liberty Alliance and Microsoft's Passport software. …

Jess – A Java Security Scanner For Eclipse, Russell Spitler

Honors Theses

Secure software is the responsibility of every developer. In order to help a developer with this responsibility there are many automated source code security auditors. These tools perform a variety of functions, from finding calls to insecure functions to poorly generated random numbers. These programs have existed for years and perform the security audit with varying degrees of success.

Largely missing in the world of programming is such a security auditor for the Java programming language. Currently, Fortify Software produces the only Java source code security auditor; this is a commercially available package.

This void is what inspired JeSS, Java …

Steganographic Schemes For File System And B-Tree, Hwee Hwa Pang, Kian-Lee Tan, Xuan Zhou

Research Collection School Of Computing and Information Systems

While user access control and encryption can protect valuable data from passive observers, these techniques leave visible ciphertexts that are likely to alert an active adversary to the existence of the data. We introduce StegFD, a steganographic file driver that securely hides user-selected files in a file system so that, without the corresponding access keys, an attacker would not be able to deduce their existence. Unlike other steganographic schemes proposed previously, our construction satisfies the prerequisites of a practical file system in ensuring the integrity of the files and maintaining efficient space utilization. We also propose two schemes for implementing …

Covert Shells, John Christian Smith

John Christian Smith

The potential for covert communications exist anywhere that legitimate communication channels are in use. In order to maintain control of the channel once exploited, the insertion of a backdoor Trojan horse server, to be used with a client that provides shell access, is often a necessary prerequisite to establishing and using a covert channel long term.

We discuss covert channel communications methods ranging from embedded channels to disguised protocols. What follows is a review of available covert shell tools. The underground, historical evolution of covert shells is reviewed, focusing on selected, available tools, which range from simple encapsulation methods to …