Open Access. Powered by Scholars. Published by Universities.®

Physical Sciences and Mathematics Commons

Open Access. Powered by Scholars. Published by Universities.®

Security

Discipline
Institution
Publication Year
Publication
Publication Type
File Type

Articles 1 - 30 of 511

Full-Text Articles in Physical Sciences and Mathematics

A Domain Specific Language For Digital Forensics And Incident Response Analysis, Christopher D. Stelly Dec 2019

A Domain Specific Language For Digital Forensics And Incident Response Analysis, Christopher D. Stelly

University of New Orleans Theses and Dissertations

One of the longstanding conceptual problems in digital forensics is the dichotomy between the need for verifiable and reproducible forensic investigations, and the lack of practical mechanisms to accomplish them. With nearly four decades of professional digital forensic practice, investigator notes are still the primary source of reproducibility information, and much of it is tied to the functions of specific, often proprietary, tools.

The lack of a formal means of specification for digital forensic operations results in three major problems. Specifically, there is a critical lack of:

a) standardized and automated means to scientifically verify accuracy of digital forensic tools ...


Dronescape:Distributed Rapid On-Site Network Self-Deploying Cellular Advanced Phone Environment, Daryl Johnson, Bill Stackpole Dec 2019

Dronescape:Distributed Rapid On-Site Network Self-Deploying Cellular Advanced Phone Environment, Daryl Johnson, Bill Stackpole

Presentations and other scholarship

When disasters happen, the speed with which first responders and emergency personnel can contact and be contacted by the people affected by the disaster during the first minutes or hours is critical. Early communications can make the difference between life and death. During a disaster communications infrastructure of the affected area is likely to be compromised. This project proposes an inexpensive, rapidly deployable cloud of autonomous drones, each coupled with a micro-cellular base station that deploys from a transportable deployment module. The goal is to temporarily restore communications for both first responders to communicate amongst themselves as well as for ...


Advanced Security Analysis For Emergent Software Platforms, Mohannad Alhanahnah Dec 2019

Advanced Security Analysis For Emergent Software Platforms, Mohannad Alhanahnah

Computer Science and Engineering: Theses, Dissertations, and Student Research

Emergent software ecosystems, boomed by the advent of smartphones and the Internet of Things (IoT) platforms, are perpetually sophisticated, deployed into highly dynamic environments, and facilitating interactions across heterogeneous domains. Accordingly, assessing the security thereof is a pressing need, yet requires high levels of scalability and reliability to handle the dynamism involved in such volatile ecosystems.

This dissertation seeks to enhance conventional security detection methods to cope with the emergent features of contemporary software ecosystems. In particular, it analyzes the security of Android and IoT ecosystems by developing rigorous vulnerability detection methods. A critical aspect of this work is the ...


Benchmarking Applicability Of Cryptographic Wireless Communication Over Arduino Platforms, Carolina Vázquez Torres Dec 2019

Benchmarking Applicability Of Cryptographic Wireless Communication Over Arduino Platforms, Carolina Vázquez Torres

University Honors Program Senior Projects

The spaces around us are becoming equipped with devices and appliances that collect data from their surroundings and react accordingly to provide smarter networks where they are interconnected and able to communicate with one another. These smart networks of devices and appliances along with the applications that utilize them build smart spaces known as Internet of Things (IoT). With the on growing popularity of such smart devices (e.g., smart cars, watches, home-security systems) and IoT, the need for securing these environments increases. The smart devices around us can collect private and personal information, and the challenge lies in maintaining ...


Ldakm-Eiot: Lightweight Device Authentication And Key Management Mechanism For Edge-Based Iot Deployment, Mohammad Wazid, Ashok Kumar Das, Sachin Shetty, Joel J. P. C. Rodrigues, Youngho Park Dec 2019

Ldakm-Eiot: Lightweight Device Authentication And Key Management Mechanism For Edge-Based Iot Deployment, Mohammad Wazid, Ashok Kumar Das, Sachin Shetty, Joel J. P. C. Rodrigues, Youngho Park

VMASC Publications

In recent years, edge computing has emerged as a new concept in the computing paradigm that empowers several future technologies, such as 5G, vehicle-to-vehicle communications, and the Internet of Things (IoT), by providing cloud computing facilities, as well as services to the end users. However, open communication among the entities in an edge based IoT environment makes it vulnerable to various potential attacks that are executed by an adversary. Device authentication is one of the prominent techniques in security that permits an IoT device to authenticate mutually with a cloud server with the help of an edge node. If authentication ...


Iomt Malware Detection Approaches: Analysis And Research Challenges, Mohammad Wazid, Ashok Kumar Das, Joel J.P.C. Rodrigues, Sachin Shetty, Youngho Park Dec 2019

Iomt Malware Detection Approaches: Analysis And Research Challenges, Mohammad Wazid, Ashok Kumar Das, Joel J.P.C. Rodrigues, Sachin Shetty, Youngho Park

VMASC Publications

The advancement in Information and Communications Technology (ICT) has changed the entire paradigm of computing. Because of such advancement, we have new types of computing and communication environments, for example, Internet of Things (IoT) that is a collection of smart IoT devices. The Internet of Medical Things (IoMT) is a specific type of IoT communication environment which deals with communication through the smart healthcare (medical) devices. Though IoT communication environment facilitates and supports our day-to-day activities, but at the same time it has also certain drawbacks as it suffers from several security and privacy issues, such as replay, man-in-the-middle, impersonation ...


Rhetsec_ | Rhetorical Security, Jennifer Mead Dec 2019

Rhetsec_ | Rhetorical Security, Jennifer Mead

Culminating Projects in English

Rhetsec_ examines the rhetorical situation, the rhetorical appeals, and how phishing emails simulate "real" emails in five categories of phishing emails. While the first focus of cybersecurity is security, you must also understand the language of computers to know how to secure them. Phishing is one way to compromise security using computers, and so the computer becomes a tool for malicious language (phishing emails and malware) to be transmitted. Therefore to be concerned with securing computers, then you must also be concerned with language. Language is rhetoric's domain, and the various rhetorical elements which create an identity of the ...


Authentication Usability Methodology, Jean-Baptiste Subils Oct 2019

Authentication Usability Methodology, Jean-Baptiste Subils

Graduate Theses and Dissertations

Nowadays many systems require end users to authenticate themselves. Authentication is one of the security activities that end users perform the most. Thus, the usability of this security feature plays a major role in the proper utilization and adoption of a novel authentication method.

This dissertation presents coauthentication, a novel authentication system. Many authentication methods and protocols exist, but passwords remain the predominant authentication method used. Coauthentication is presented here in detail in several possible variations and their associated protocols, with performance comparisons.

This dissertation also presents a framework to evaluate authentication methods in terms of usability.

A large body ...


Challenges In Large-Scale Machine Learning Systems: Security And Correctness, Emad Alsuwat Oct 2019

Challenges In Large-Scale Machine Learning Systems: Security And Correctness, Emad Alsuwat

Theses and Dissertations

In this research, we address the impact of data integrity on machine learning algorithms. We study how an adversary could corrupt Bayesian network structure learning algorithms by inserting contaminated data items. We investigate the resilience of two commonly used Bayesian network structure learning algorithms, namely the PC and LCD algorithms, against data poisoning attacks that aim to corrupt the learned Bayesian network model.

Data poisoning attacks are one of the most important emerging security threats against machine learning systems. These attacks aim to corrupt machine learning models by con- taminating datasets in the training phase. The lack of resilience of ...


Preventing Browser Fingerprinting By Randomizing Canvas, Rianna Quiogue Jun 2019

Preventing Browser Fingerprinting By Randomizing Canvas, Rianna Quiogue

Honors Theses

Whether users know it or not, their online behaviors are being tracked and stored by many of the websites they visit regularly through a technique called browser fingerprinting. Just like a person's physical fingerprint can identify them, users' browser fingerprints can identify them on the Internet. This thesis outlines the techniques used in browser fingerprinting and explains how although it can be used for good, it can also be a major threat to people's online privacy and security. Since browser fingerprinting has gained popularity among many websites and advertising companies, researchers have been developing ways to counteract its ...


The Performance Cost Of Security, Lucy R. Bowen Jun 2019

The Performance Cost Of Security, Lucy R. Bowen

Master's Theses and Project Reports

Historically, performance has been the most important feature when optimizing computer hardware. Modern processors are so highly optimized that every cycle of computation time matters. However, this practice of optimizing for performance at all costs has been called into question by new microarchitectural attacks, e.g. Meltdown and Spectre. Microarchitectural attacks exploit the effects of microarchitectural components or optimizations in order to leak data to an attacker. These attacks have caused processor manufacturers to introduce performance impacting mitigations in both software and silicon.

To investigate the performance impact of the various mitigations, a test suite of forty-seven different tests was ...


Hacking The Extended Mind: The Security Implications Of The New Metaphysics, Robin L. Zebrowski May 2019

Hacking The Extended Mind: The Security Implications Of The New Metaphysics, Robin L. Zebrowski

Computer Ethics - Philosophical Enquiry (CEPE) Proceedings

Computer security expert Paul Syverson has argued that there is a computer security equivalent of gaslighting: where a clever adversary could convince some system that some component that is not really a part of the system is in fact a part of the system. If non-biological items from our environments (or even pieces of our environments themselves) can be part of our minds (the standard Extended Mind hypothesis, EM), they are therefore part of our selves, and therefore subject to Syverson’s worry about boundary in a way that has not been explored before. If some version of EM holds ...


Securing Our Future Homes: Smart Home Security Issues And Solutions, Nicholas Romano Apr 2019

Securing Our Future Homes: Smart Home Security Issues And Solutions, Nicholas Romano

Senior Honors Theses

The Internet of Things, commonly known as IoT, is a new technology transforming businesses, individuals’ daily lives and the operation of entire countries. With more and more devices becoming equipped with IoT technology, smart homes are becoming increasingly popular. The components that make up a smart home are at risk for different types of attacks; therefore, security engineers are developing solutions to current problems and are predicting future types of attacks. This paper will analyze IoT smart home components, explain current security risks, and suggest possible solutions. According to “What is a Smart Home” (n.d.), a smart home is ...


Feasibility And Security Analysis Of Wideband Ultrasonic Radio For Smart Home Applications, Qi Xia Apr 2019

Feasibility And Security Analysis Of Wideband Ultrasonic Radio For Smart Home Applications, Qi Xia

Computer Science and Engineering: Theses, Dissertations, and Student Research

Smart home Internet-of-Things (IoT) accompanied by smart home apps has witnessed tremendous growth in the past few years. Yet, the security and privacy of the smart home IoT devices and apps have raised serious concerns, as they are getting increasingly complicated each day, expected to store and exchange extremely sensitive personal data, always on and connected, and commonly exposed to any users in a sensitive environment. Nowadays wireless smart home IoT devices rely on electromagnetic wave-based radio-frequency (RF) technology to establish fast and reliable quality network connections. However, RF has its limitations that can negatively affect the smart home user ...


The Ethics Of Cookies: Exploring The Collection Of Big Data And Its Ramifications, Sarah Biely Apr 2019

The Ethics Of Cookies: Exploring The Collection Of Big Data And Its Ramifications, Sarah Biely

Student research

Technology is taking over the world. In every aspect of human life, technology has been able to provide some sort of help or solution. At the forefront of this revolution is the Internet and with it, the activity of day-to-day life that now takes place online. This rapid takeover pushes technological innovations to develop quickly, pushing boundaries and creating a new way of life.

Today in the United States, websites are allowed to track user data. When a user clicks on a website that intends on documenting the user's actions, the website installs a tracker, otherwise known as "cookie ...


Cyber Security- A New Secured Password Generation Algorithm With Graphical Authentication And Alphanumeric Passwords Along With Encryption, Akash Rao Apr 2019

Cyber Security- A New Secured Password Generation Algorithm With Graphical Authentication And Alphanumeric Passwords Along With Encryption, Akash Rao

Electrical & Computer Engineering Theses & Disssertations

Graphical passwords are always considered as an alternative of alphanumeric passwords for their better memorability and usability [1]. Alphanumeric passwords provide an adequate amount of satisfaction, but they do not offer better memorability compared to graphical passwords [1].

On the other hand, graphical passwords are considered less secured and provide better memorability [1]. Therefore many researchers have researched on graphical passwords to overcome the vulnerability. One of the most significant weaknesses of the graphical passwords is "Shoulder Surfing Attack," which means, sneaking into a victim's computer to learn the whole password or part of password or some confidential information ...


Scalable Containerized Security Training Environment, Robert Sauer Apr 2019

Scalable Containerized Security Training Environment, Robert Sauer

Honors College Capstone Experience/Thesis Projects

The purpose of this project is to develop a portable application which is hosted on a server that provides an environment to safely conduct security training procedures and protocols. The project will be scalable to handle from a few to a multitude of users concurrently using a single server. For many users to perform security training simultaneously, each user must be directed to a sandbox environment, a container, where one user’s actions do not affect the website or database of other users. Furthermore, such an application should be readily deployable into any environment to provide the widest range of ...


Trends In Phishing Attacks: Suggestions For Future Research, Ryan M. Schuetzler Jan 2019

Trends In Phishing Attacks: Suggestions For Future Research, Ryan M. Schuetzler

Ryan Schuetzler

Deception in computer-mediated communication is a widespread phenomenon. Cyber criminals are exploiting technological mediums to communicate with potential targets as these channels reduce both the deception cues and the risk of detection itself. A prevalent deception-based attack in computer-mediated communication is phishing. Prior phishing research has addressed the “bait” and “hook” components of phishing attacks, the human-computer interaction that takes place as users judge the veracity of phishing emails and websites, and the development of technologies that can aid users in identifying and rejecting these attacks. Despite the extant research on this topic, phishing attacks continue to be successful as ...


Patient Preferences For Authentication And Security: A Comparison Study Of Younger And Older Patients, Ann Fruhling, Devika Ramachandran, Tamara Bernard, Ryan Schuetzler, John R. Windle Jan 2019

Patient Preferences For Authentication And Security: A Comparison Study Of Younger And Older Patients, Ann Fruhling, Devika Ramachandran, Tamara Bernard, Ryan Schuetzler, John R. Windle

Ryan Schuetzler

We examine authentication and security preferences of younger versus older patients in the healthcare domain. Previous research has investigated users' perception of the acceptability of various forms of authentication in nonhealthcare domains, but not patients’ preferences. First, we developed an interactive prototype to test three authentication methods: passwords, pattern, and voice. Our results indicate that younger patients prefer passwords by a significant margin. Older patients indicated more mixed preferences. In addition, we evaluated the level of security patients desired for protection of health information compared to financial information. We found no difference based on age: both groups felt financial security ...


Social Engineering In Call Centers And Ways To Reduce It, Maureen York Jan 2019

Social Engineering In Call Centers And Ways To Reduce It, Maureen York

Economic Crime Forensics Capstones

Social engineering is the use of trickery, deception, persuasion, emotional manipulation, impersonation, and abuse of trust to gain information or access through the use of a human interface (Thompson, 2006). Social engineering relies on the human behavior in order to gain information or access. The technique of social engineering can be performed in numerous ways and has been proven to be an effective way for perpetrators to obtain valuable information.

This capstone project, I will focus on social engineering of call centers and the steps organizations can take to reduce it. For most organizations, the call centers or customer support ...


Inception: Virtual Space In Memory Space In Real Space, Peter Casey, Rebecca Lindsay-Decusati, Ibrahim Baggili, Frank Breitinger Jan 2019

Inception: Virtual Space In Memory Space In Real Space, Peter Casey, Rebecca Lindsay-Decusati, Ibrahim Baggili, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

Virtual Reality (VR) has become a reality. With the technology's increased use cases, comes its misuse. Malware affecting the Virtual Environment (VE) may prevent an investigator from ascertaining virtual information from a physical scene, or from traditional “dead” analysis. Following the trend of antiforensics, evidence of an attack may only be found in memory, along with many other volatile data points. Our work provides the primary account for the memory forensics of Immersive VR systems, and in specific the HTC Vive. Our approach is capable of reconstituting artifacts from memory that are relevant to the VE, and is also ...


Understanding The Ntru Cryptosystem, Benjamin Clark Jan 2019

Understanding The Ntru Cryptosystem, Benjamin Clark

Williams Honors College, Honors Research Projects

In this paper, we will examine the NTRU Public Key Cryptosystem. The NTRU cryptosystem was created by Joseph Silverman, Jeffery Hoffstein, and Jill Pipher in 1996. This system uses truncated polynomial rings to encrypt and decrypt data. It was recently released into the public domain in 2013. This paper will describe how this cryptosystem works and give a basic understanding on how to encrypt and decrypt using this system.


Comprehending The Safety Paradox And Privacy Concerns With Medical Device Remote Patient Monitoring, Marc Doyle Jan 2019

Comprehending The Safety Paradox And Privacy Concerns With Medical Device Remote Patient Monitoring, Marc Doyle

CCE Theses and Dissertations

Medical literature identifies a number of technology-driven improvements in disease management such as implantable medical devices (IMDs) that are a standard treatment for candidates with specific diseases. Among patients using implantable cardiac defibrillators (ICD), for example, problems and issues are being discovered faster compared to patients without monitoring, improving safety. What is not known is why patients report not feeling safer, creating a safety paradox, and why patients identify privacy concerns in ICD monitoring.

There is a major gap in the literature regarding the factors that contribute to perceived safety and privacy in remote patient monitoring (RPM). To address this ...


Securing Modern Cyberspace Using A Multi-Faceted Approach, Yu Li Jan 2019

Securing Modern Cyberspace Using A Multi-Faceted Approach, Yu Li

Browse all Theses and Dissertations

Security has become one of the most significant concerns for our cyberspace. Securing the cyberspace, however, becomes increasingly challenging. This can be attributed to the rapidly growing diversities and complexity of the modern cyberspace. Specifically, it is not any more dominated by connected personal computers (PCs); instead, it is greatly characterized by cyber-physical systems (CPS), embedded systems, dynamic services, and human-computer interactions. Securing modern cyberspace therefore calls for a multi-faceted approach capable of systematically integrating these emerging characteristics. This dissertation presents our novel and significant solutions towards this direction. Specifically, we have devised automated, systematic security solutions to three critical ...


Cloud Migration Of Rpat Tool, Tanmay Gore Jan 2019

Cloud Migration Of Rpat Tool, Tanmay Gore

Creative Components

Machine learning has recently gained popularity in many engineering, science, medical and other domains outside computer science. Therefore, many researchers, scientist, students and developers are developing machine learning based applications for various purposes. However, due to a large number of technologies and application deployment platforms, these professionals spend more time learning technologies than on developing and optimizing the core logic for their applications. This paper describes the design and implementation of a new cloud-based deployment platform suitable to deploy machine learning based applications across multiple platforms. This platform focuses heavily on security, privacy, and ease of deployment for developers. It ...


Information Systems Security Leadership: An Empirical Study Of Behavioral Influences Of Leaders On Employees’ Security Compliance, Marcus Alan Winkfield Jan 2019

Information Systems Security Leadership: An Empirical Study Of Behavioral Influences Of Leaders On Employees’ Security Compliance, Marcus Alan Winkfield

CCE Theses and Dissertations

This empirical study examined the behavioral influences of leaders on employees’ security compliance. Organizations can use leadership concepts in the field of Information Systems (IS) security. Despite the adoption of technical and managerial approaches, organizations still face issues motivating employee IS security compliance. This dissertation argued that organizations need strong leadership to encourage employees. Using the expectancy theory, this paper created a theoretical model to help understand the influence of task and relationship-oriented leadership behaviors on nontechnical controls IS security compliance. The conceptual underpinnings translated into perceived security effort, perceived security performance, and expected security outcomes. The theoretical model was ...


"Anon What What?": Children's Understanding Of The Language Of Privacy, Stacy Black, Rezvan Joshaghani, Dhanush Kumar Ratakonda, Hoda Mehrpouyan, Jerry Alan Fails Jan 2019

"Anon What What?": Children's Understanding Of The Language Of Privacy, Stacy Black, Rezvan Joshaghani, Dhanush Kumar Ratakonda, Hoda Mehrpouyan, Jerry Alan Fails

Computer Science Faculty Publications and Presentations

Internet usage continues to increase among children ages 12 and younger. Because their digital interactions can be persistently stored, there is a need for building an understanding and foundational knowledge of privacy. We describe initial investigations into children’s understanding of privacy from a Contextual Integrity (CI) perspective by conducting semi-structured interviews. We share results – that echo what others have shown – that indicate children have limited knowledge and understanding of CI principles. We also share an initial exploration of utilizing participatory design theater as a possible educational mechanism to help children develop a stronger understanding of important privacy principles.


The Security Layer, Mark Thomas O'Neill Jan 2019

The Security Layer, Mark Thomas O'Neill

Theses and Dissertations

Transport Layer Security (TLS) is a vital component to the security ecosystem and the most popular security protocol used on the Internet today. Despite the strengths of the protocol, numerous vulnerabilities result from its improper use in practice. Some of these vulnerabilities arise from weaknesses in authentication, from the rigidity of the trusted authority system to the complexities of client certificates. Others result from the misuse of TLS by developers, who misuse complicated TLS libraries, improperly validate server certificates, employ outdated cipher suites, or deploy other features insecurely. To make matters worse, system administrators and users are powerless to fix ...


Analyzing Small Businesses' Adoption Of Big Data Security Analytics, Henry Mathias Jan 2019

Analyzing Small Businesses' Adoption Of Big Data Security Analytics, Henry Mathias

Walden Dissertations and Doctoral Studies

Despite the increased cost of data breaches due to advanced, persistent threats from malicious sources, the adoption of big data security analytics among U.S. small businesses has been slow. Anchored in a diffusion of innovation theory, the purpose of this correlational study was to examine ways to increase the adoption of big data security analytics among small businesses in the United States by examining the relationship between small business leaders' perceptions of big data security analytics and their adoption. The research questions were developed to determine how to increase the adoption of big data security analytics, which can be ...


Security And Accuracy Of Fingerprint-Based Biometrics: A Review, Wencheng Yang, Song Wang, Jiankun Hu, Guanglou Zhang, Craig Valli Jan 2019

Security And Accuracy Of Fingerprint-Based Biometrics: A Review, Wencheng Yang, Song Wang, Jiankun Hu, Guanglou Zhang, Craig Valli

ECU Publications Post 2013

Biometric systems are increasingly replacing traditional password- and token-based authentication systems. Security and recognition accuracy are the two most important aspects to consider in designing a biometric system. In this paper, a comprehensive review is presented to shed light on the latest developments in the study of fingerprint-based biometrics covering these two aspects with a view to improving system security and recognition accuracy. Based on a thorough analysis and discussion, limitations of existing research work are outlined and suggestions for future work are provided. It is shown in the paper that researchers continue to face challenges in tackling the two ...