Databases and Information Systems Commons^™

Improving Tattle-Tale K-Deniability, Nicholas G.E. Morales

Student Research Symposium

Ensuring privacy for databases is an ongoing struggle. While the majority of work has focused on using access control lists to protect sensitive data these methods are vulnerable to inference attacks. A set of algorithms, referred to as Tattle-Tale, was developed that could protect sensitive data from being inferred however its runtime performance wasn’t suitable for production code. This set of algorithms contained two main subsets, Full Deniability and K-Deniability. My research focused on improving the runtime or utility of the K-Deniability algorithms. I investigated the runtime of the K-Deniability algorithms to identify what was slowing the process down. Aside …

A Novel Caching Algorithm For Efficient Fine-Grained Access Control In Database Management Systems, Anadi Shakya

Student Research Symposium

Fine-grained access Control (FGAC) in DBMS is vital for restricting user access to authorized data and enhancing security. FGAC policies govern how users are granted access to specific resources based on detailed criteria, ensuring security and privacy measures. Traditional methods struggle with scaling policies to thousands, causing delays in query responses. This paper introduces a novel caching algorithm designed to address this challenge by accelerating query processing and ensuring compliance with FGAC policies. In our approach, we create a circular hashmap and employ different replacement techniques to efficiently manage the cache, prioritizing entries that are visited more frequently. To evaluate …

A Design Science Approach To Investigating Decentralized Identity Technology, Janelle Krupicka

Cybersecurity Undergraduate Research Showcase

The internet needs secure forms of identity authentication to function properly, but identity authentication is not a core part of the internet’s architecture. Instead, approaches to identity verification vary, often using centralized stores of identity information that are targets of cyber attacks. Decentralized identity is a secure way to manage identity online that puts users’ identities in their own hands and that has the potential to become a core part of cybersecurity. However, decentralized identity technology is new and continually evolving, which makes implementing this technology in an organizational setting challenging. This paper suggests that, in the future, decentralized identity …

Binder, Tyler A. Peaster, Lindsey M. Davenport, Madelyn Little, Alex Bales

ATU Research Symposium

Binder is a mobile application that aims to introduce readers to a book recommendation service that appeals to devoted and casual readers. The main goal of Binder is to enrich book selection and reading experience. This project was created in response to deficiencies in the mobile space for book suggestions, library management, and reading personalization. The tools we used to create the project include Visual Studio, .Net Maui Framework, C#, XAML, CSS, MongoDB, NoSQL, Git, GitHub, and Figma. The project’s selection of books were sourced from the Google Books repository. Binder aims to provide an intuitive interface that allows users …

What Students Have To Say On Data Privacy For Educational Technology, Stephanie Choi

Cybersecurity Undergraduate Research Showcase

The literature on data privacy in terms of educational technology is a growing area of study. The perspective of educators has been captured extensively. However, the literature on students’ perspectives is missing, which is what we explore in this paper. We use a pragmatic qualitative approach with an experiential lens to capture students’ attitudes towards data privacy in terms of educational technology. We identified preliminary, common themes that appeared in the survey responses. The paper concludes by calling for more research on how students perceive data privacy in terms of educational technology.

Flgan: Gan-Based Unbiased Federated Learning Under Non-Iid Settings, Zhuoran Ma, Yang Liu, Yinbin Miao, Guowen Xu, Ximeng Liu, Jianfeng Ma, Robert H. Deng

Research Collection School Of Computing and Information Systems

Federated Learning (FL) suffers from low convergence and significant accuracy loss due to local biases caused by non-Independent and Identically Distributed (non-IID) data. To enhance the non-IID FL performance, a straightforward idea is to leverage the Generative Adversarial Network (GAN) to mitigate local biases using synthesized samples. Unfortunately, existing GAN-based solutions have inherent limitations, which do not support non-IID data and even compromise user privacy. To tackle the above issues, we propose a GAN-based unbiased FL scheme, called FlGan, to mitigate local biases using synthesized samples generated by GAN while preserving user-level privacy in the FL setting. Specifically, FlGan first …

When Evolutionary Computation Meets Privacy, Bowen Zhao, Wei-Neng Chen, Xiaoguo Li, Ximeng Liu, Qingqi Pei, Jun Zhang

Research Collection School Of Computing and Information Systems

Recently, evolutionary computation (EC) has experienced significant advancements due to the integration of machine learning, distributed computing, and big data technologies. These developments have led to new research avenues in EC, such as distributed EC and surrogate-assisted EC. While these advancements have greatly enhanced the performance and applicability of EC, they have also raised concerns regarding privacy leakages, specifically the disclosure of optimal results and surrogate models. Consequently, the combination of evolutionary computation and privacy protection becomes an increasing necessity. However, a comprehensive exploration of privacy concerns in evolutionary computation is currently lacking, particularly in terms of identifying the object, …

Predicting Viral Rumors And Vulnerable Users With Graph-Based Neural Multi-Task Learning For Infodemic Surveillance, Xuan Zhang, Wei Gao

Research Collection School Of Computing and Information Systems

In the age of the infodemic, it is crucial to have tools for effectively monitoring the spread of rampant rumors that can quickly go viral, as well as identifying vulnerable users who may be more susceptible to spreading such misinformation. This proactive approach allows for timely preventive measures to be taken, mitigating the negative impact of false information on society. We propose a novel approach to predict viral rumors and vulnerable users using a unified graph neural network model. We pre-train network-based user embeddings and leverage a cross-attention mechanism between users and posts, together with a community-enhanced vulnerability propagation (CVP) …

Student Attitudes And Intentions To Use Continuous Authentication Methods Applied To Mitigate Impersonation Attacks During E-Assessments, Andrea E. Green

CCE Theses and Dissertations

No solution can ultimately eliminate cheating in online courses. However, universities reserve funding for authentication systems to minimize the threat of cheating in online courses. Most higher education institutions use a combination of authentication methods to secure systems against impersonation attacks during online examinations. Authentication technologies ensure that an online course is protected from impersonation attacks. However, it is important that authentication methods secure systems against impersonation attacks with minimal disruption during an examination. Authentication methods applied to secure e-assessments against impersonation attacks may impact a student’s attitude and intentions to use the e-examination system.

In this regard, the research …

Reducing Food Scarcity: The Benefits Of Urban Farming, S.A. Claudell, Emilio Mejia

Journal of Nonprofit Innovation

Urban farming can enhance the lives of communities and help reduce food scarcity. This paper presents a conceptual prototype of an efficient urban farming community that can be scaled for a single apartment building or an entire community across all global geoeconomics regions, including densely populated cities and rural, developing towns and communities. When deployed in coordination with smart crop choices, local farm support, and efficient transportation then the result isn’t just sustainability, but also increasing fresh produce accessibility, optimizing nutritional value, eliminating the use of ‘forever chemicals’, reducing transportation costs, and fostering global environmental benefits.

Imagine Doris, who is …

A Conceptual Decentralized Identity Solution For State Government, Martin Duclos

Theses and Dissertations

In recent years, state governments, exemplified by Mississippi, have significantly expanded their online service offerings to reduce costs and improve efficiency. However, this shift has led to challenges in managing digital identities effectively, with multiple fragmented solutions in use. This paper proposes a Self-Sovereign Identity (SSI) framework based on distributed ledger technology. SSI grants individuals control over their digital identities, enhancing privacy and security without relying on a centralized authority. The contributions of this research include increased efficiency, improved privacy and security, enhanced user satisfaction, and reduced costs in state government digital identity management. The paper provides background on digital …

Ensuring Non-Repudiation In Long-Distance Constrained Devices, Ethan Blum

Honors Theses

Satellite communication is essential for the exploration and study of space. Satellites allow communications with many devices and systems residing in space and on the surface of celestial bodies from ground stations on Earth. However, with the rise of Ground Station as a Service (GsaaS), the ability to efficiently send action commands to distant satellites must ensure non-repudiation such that an attacker is unable to send malicious commands to distant satellites. Distant satellites are also constrained devices and rely on limited power, meaning security on these devices is minimal. Therefore, this study attempted to propose a novel algorithm to allow …

From Asset Flow To Status, Action And Intention Discovery: Early Malice Detection In Cryptocurrency, Ling Cheng, Feida Zhu, Yong Wang, Ruicheng Liang, Huiwen Liu

Research Collection School Of Computing and Information Systems

Cryptocurrency has been subject to illicit activities probably more often than traditional financial assets due to the pseudo-anonymous nature of its transacting entities. An ideal detection model is expected to achieve all three critical properties of early detection, good interpretability, and versatility for various illicit activities. However, existing solutions cannot meet all these requirements, as most of them heavily rely on deep learning without interpretability and are only available for retrospective analysis of a specific illicit type. To tackle all these challenges, we propose Intention Monitor for early malice detection in Bitcoin, where the on-chain record data for a certain …

A Review Of Threat Vectors To Dna Sequencing Pipelines, Tyler Rector

Cybersecurity Undergraduate Research Showcase

Bioinformatics is a steadily growing field that focuses on the intersection of biology with computer science. Tools and techniques developed within this field are quickly becoming fixtures in genomics, forensics, epidemiology, and bioengineering. The development and analysis of DNA sequencing and synthesis have enabled this significant rise in demand for bioinformatic tools. Notwithstanding, these bioinformatic tools have developed in a research context free of significant cybersecurity threats. With the significant growth of the field and the commercialization of genetic information, this is no longer the case. This paper examines the bioinformatic landscape through reviewing the biological and cybersecurity threats within …

A Smart Chatbot System For Digitizing Service Management To Improve Business Continuity, Asraa Mohammed Albeshr

Theses

Chatbots, also called digital systems that require a natural language-based interface for user interaction, are increasingly being integrated into our daily lives. These chatbots respond intelligently to voice and text and function as sophisticated entities. Its functioning includes the recognition of multiple human languages through the application of Natural Language Processing (NLP) techniques. These chatbots find applications in various areas such as e-commerce services, medical assistance, recommendation systems, and educational purposes. This reflects the versatility and widespread adoption of this technology. AI chatbots play a crucial role in improving IT support in IT Service Management (ITSM) for better business continuity. …

Privacy-Preserving Bloom Filter-Based Keyword Search Over Large Encrypted Cloud Data, Yanrong Liang, Jianfeng Ma, Yinbin Miao, Da Kuang, Xiangdong Meng, Robert H. Deng

Research Collection School Of Computing and Information Systems

To achieve the search over encrypted data in cloud server, Searchable Encryption (SE) has attracted extensive attention from both academic and industrial fields. The existing Bloom filter-based SE schemes can achieve similarity search, but will generally incur high false positive rates, and even leak the privacy of values in Bloom filters (BF). To solve the above problems, we first propose a basic Privacy-preserving Bloom filter-based Keyword Search scheme using the Circular Shift and Coalesce-Bloom Filter (CSC-BF) and Symmetric-key Hidden Vector Encryption (SHVE) technology (namely PBKS), which can achieve effective search while protecting the values in BFs. Then, we design a …

Link Tank

DePaul Magazine

A new JD certificate program in information technology, cybersecurity and data privacy provides DePaul University students with proficiency in both law and tech.

Integrating Human Expert Knowledge With Openai And Chatgpt: A Secure And Privacy-Enabled Knowledge Acquisition Approach, Ben Phillips

College of Engineering Summer Undergraduate Research Program

Advanced Large Language Models (LLMs) struggle to produce accurate results and preserve user privacy for use cases involving domain-specific knowledge. A privacy-preserving approach for leveraging LLM capabilities on domain-specific knowledge could greatly expand the use cases of LLMs in a variety of disciplines and industries. This project explores a method for acquiring domain-specific knowledge for use with GPT3 while protecting sensitive user information with ML-based text-sanitization.

Toward Intention Discovery For Early Malice Detection In Cryptocurrency, Ling Cheng, Feida Zhu, Yong Wang, Ruicheng Liang, Huiwen Liu

Research Collection School Of Computing and Information Systems

Cryptocurrency’s pseudo-anonymous nature makes it vulnerable to malicious activities. However, existing deep learning solutions lack interpretability and only support retrospective analysis of specific malice types. To address these challenges, we propose Intention-Monitor for early malice detection in Bitcoin. Our model, utilizing Decision-Tree based feature Selection and Complement (DT-SC), builds different feature sets for different malice types. The Status Proposal Module (SPM) and hierarchical self-attention predictor provide real-time global status and address label predictions. A survival module determines the stopping point and proposes the status sequence (intention). Our model detects various malicious activities with strong interpretability, outperforming state-of-the-art methods in extensive …

Threshold Attribute-Based Credentials With Redactable Signature, Rui Shi, Huamin Feng, Yang Yang, Feng Yuan, Yingjiu Li, Hwee Hwa Pang, Robert H. Deng

Research Collection School Of Computing and Information Systems

Threshold attribute-based credentials are suitable for decentralized systems such as blockchains as such systems generally assume that authenticity, confidentiality, and availability can still be guaranteed in the presence of a threshold number of dishonest or faulty nodes. Coconut (NDSS'19) was the first selective disclosure attribute-based credentials scheme supporting threshold issuance. However, it does not support threshold tracing of user identities and threshold revocation of user credentials, which is desired for internal governance such as identity management, data auditing, and accountability. The communication and computation complexities of Coconut for verifying credentials are linear in the number of each user's attributes and …

Cybersecurity Safeguards: What Cybersecurity Safeguards Could Have Prevented The Intelligence/Data Breach By A Member Of The Air National Guard, Christopher Curtis Royal

Cyber Operations and Resilience Program Graduate Projects

Jack Teixeira, a 21-year-old IT specialist Air National Guard found himself on the wrong side of the US law after sharing what is considered classified and extremely sensitive information about USA's operations and role in Ukraine and Russia war. Like other previous cases of leakage of classified intelligence, the case of Teixeira raises concerns about the weaknesses and vulnerability of federal agencies' IT systems and security protocols governing accessibility to classified documents. Internal leakages of such classified documents hurt national security and can harm the country, especially when such secretive intelligence finds its way into the hands of enemies. Unauthorized …

Balancing Privacy And Flexibility Of Cloud-Based Personal Health Records Sharing System, Yudi Zhang, Fuchun Guo, Willy Susilo, Guomin Yang

Research Collection School Of Computing and Information Systems

The Internet of Things and cloud services have been widely adopted in many applications, and personal health records (PHR) can provide tailored medical care. The PHR data is usually stored on cloud servers for sharing. Weighted attribute-based encryption (ABE) is a practical and flexible technique to protect PHR data. Under a weighted ABE policy, the data user's attributes will be “scored”, if and only if the score reaches the threshold value, he/she can access the data. However, while this approach offers a flexible access policy, the data owners have difficulty controlling their privacy, especially sharing PHR data in collaborative e-health …

Mitigating Adversarial Attacks On Data-Driven Invariant Checkers For Cyber-Physical Systems, Rajib Ranjan Maiti, Cheah Huei Yoong, Venkata Reddy Palleti, Arlindo Silva, Christopher M. Poskitt

Research Collection School Of Computing and Information Systems

The use of invariants in developing security mechanisms has become an attractive research area because of their potential to both prevent attacks and detect attacks in Cyber-Physical Systems (CPS). In general, an invariant is a property that is expressed using design parameters along with Boolean operators and which always holds in normal operation of a system, in particular, a CPS. Invariants can be derived by analysing operational data of various design parameters in a running CPS, or by analysing the system's requirements/design documents, with both of the approaches demonstrating significant potential to detect and prevent cyber-attacks on a CPS. While …

Multi-Target Backdoor Attacks For Code Pre-Trained Models, Yanzhou Li, Shangqing Liu, Kangjie Chen, Xiaofei Xie, Tianwei Zhang, Yang Liu

Research Collection School Of Computing and Information Systems

Backdoor attacks for neural code models have gained considerable attention due to the advancement of code intelligence. However, most existing works insert triggers into task-specific data for code-related downstream tasks, thereby limiting the scope of attacks. Moreover, the majority of attacks for pre-trained models are designed for understanding tasks. In this paper, we propose task-agnostic backdoor attacks for code pre-trained models. Our backdoored model is pre-trained with two learning strategies (i.e., Poisoned Seq2Seq learning and token representation learning) to support the multi-target attack of downstream code understanding and generation tasks. During the deployment phase, the implanted backdoors in the victim …

Digital Transformation In Local Governments: A Case Study Of Abu Dhabi Municipality Transport Department, Alia Sahmi Al Ahbabi

Theses

The new generation is rapidly adapting to the digital era, where government and private services are being transformed into electronic services, commonly known as Eservices. Cities are leveraging digitalization to streamline their business processes and business services. This digitalization has improved service delivery time and quality for individuals. With digitalization, business processes align with technology, enhancing performance and customer satisfaction. However, there are challenges associated with digitalization, particularly people working in various municipality departments who find it challenging to adapt to digitization. Employees may take time to adjust to the new techniques and technologies, which may hamper the actions of …

An Efficient Strategy For Deploying Deception Technology, Noora Abdulla Alhosani

Theses

Implementations of deception technology is crucial in discovering attacks by creating a controlled and monitored environment for detecting malicious activity. This technology involves the deployment of decoys, traps, and honeypots that mimic natural systems and network assets to attract and identify attackers. The use of deception technology provides an early warning system for detecting cyber-attacks, allowing organizations to respond quickly and mitigate damage. This article proposed a framework that focuses on maximizing the efficiency of deception technology in detecting sophisticated attacks. The framework employs multi-layered deception techniques at various levels of the network, system, and application to provide comprehensive coverage …

An Analysis And Examination Of Consensus Attacks In Blockchain Networks, Thomas R. Clark

Senior Honors Projects, 2020-current

This paper examines consensus attacks as they relate to blockchain networks. Consensus attacks are a significant threat to the security and integrity of blockchain networks, and understanding these attacks is crucial for developers and stakeholders. The primary contribution of the paper is to present blockchain and consensus attacks in a clear and accessible manner, with the aim of making these complex concepts easily understandable for a general audience. Using literature review, the paper identifies various methods to prevent consensus attacks, including multi-chain networks, proof-of-work consensus algorithms, and network auditing and monitoring. An analysis revealed that these methods for preventing consensus …

Blockchain Security: Double-Spending Attack And Prevention, William Henry Scott Iii

Electronic Theses and Dissertations

This thesis shows that distributed consensus systems based on proof of work are vulnerable to hashrate-based double-spending attacks due to abuse of majority rule. Through building a private fork of Litecoin and executing a double-spending attack this thesis examines the mechanics and principles behind the attack. This thesis also conducts a survey of preventative measures used to deter double-spending attacks, concluding that a decentralized peer-to-peer network using proof of work is best protected by the addition of an observer system whether internal or external.

Digital Dna: The Ethical Implications Of Big Data As The World’S New-Age Commodity, Clark H. Dotson

Honors Theses

In the emerging digital world that we find ourselves in, it becomes apparent that data collection has become a staple of daily life, whether we like it or not. This research discussion aims to bring light to just how much one’s own digital identity is valued in the technologically-infused world of today, with distinct research and local examples to bring awareness to the ethical implications of your online presence. The paper in question examines anecdotal and research evidence of the collection of data, both through true and unjust means, as well as ethical implications of what this information truly represents. …

Rattus Norvegicus As A Biological Detector Of Clandestine Remains And The Use Of Ultrasonic Vocalizations As A Locating Mechanism, Gabrielle M. Johnston

Master's Theses

In investigations, locating missing persons and clandestine remains are imperative. One way that first responder and police agencies can search for the remains is by using cadaver dogs as biological detectors. Cadaver dogs are typically used due to their olfactory sensitivity and ability to detect low concentrations of volatile organic compounds produced by biological remains. Cadaver dogs are typically chosen for their stamina, agility, and olfactory sensitivity. However, what is not taken into account often is the size of the animal and the expense of maintaining and training the animal. Cadaver dogs are typically large breeds that cannot fit in …