Open Access. Powered by Scholars. Published by Universities.®
- Institution
-
- Singapore Management University (7)
- University for Business and Technology in Kosovo (3)
- California Polytechnic State University, San Luis Obispo (1)
- Dakota State University (1)
- Eastern Washington University (1)
-
- Embry-Riddle Aeronautical University (1)
- Florida International University (1)
- Old Dominion University (1)
- San Jose State University (1)
- University of Nebraska - Lincoln (1)
- University of Nebraska at Omaha (1)
- University of Pennsylvania Carey Law School (1)
- Virginia Commonwealth University (1)
- Western University (1)
- Keyword
-
- Access control (1)
- Android Malware (1)
- Anonymity (1)
- Anonymous messaging (1)
- Automated Test Case Generation (1)
-
- Bitcoin (1)
- Blank signature (1)
- Blockchain (1)
- Business Intelligence and Data Warehouse (1)
- Business Modelling (1)
- CID (1)
- Call center (1)
- Cloud computing (1)
- Cloud storage (1)
- Coercive attack (1)
- Confidentiality (1)
- Crypto Currency (1)
- Cyber Policy (1)
- Cyber-diplomacy (1)
- Cyberterrorism (1)
- Data Masking (1)
- Data Security and Anonymization (1)
- Deep Learning (1)
- Delegation chain (1)
- Digital preservation (1)
- Digital signature (1)
- E-governance (1)
- Elections (1)
- Ethereum (1)
- Fuzzy Cognitive Maps (1)
- Publication
-
- Research Collection School Of Computing and Information Systems (7)
- International Journal of Business and Technology (2)
- All Faculty Scholarship (1)
- Computer Science and Software Engineering (1)
- EWU Masters Thesis Collection (1)
-
- Electronic Thesis and Dissertation Repository (1)
- FIU Electronic Theses and Dissertations (1)
- Journal of Digital Forensics, Security and Law (1)
- Master's Projects (1)
- Masters Theses & Doctoral Dissertations (1)
- Theses and Dissertations (1)
- UBT International Conference (1)
- UNO Student Research and Creative Activity Fair (1)
- University of Nebraska-Lincoln Data Repository (1)
- VMASC Publications (1)
- Publication Type
Articles 1 - 22 of 22
Full-Text Articles in Information Security
Russia Today, Cyberterrorists Tomorrow: U.S. Failure To Prepare Democracy For Cyberspace, Jonathan F. Lancelot
Russia Today, Cyberterrorists Tomorrow: U.S. Failure To Prepare Democracy For Cyberspace, Jonathan F. Lancelot
Journal of Digital Forensics, Security and Law
This paper is designed to expose vulnerabilities within the US electoral system, the use of cyberspace to exploit weaknesses within the information assurance strategies of the democratic and republican party organizations, and deficiencies within the social media communications and voting machine exploits. A brief history of discriminatory practices in voting rights and voting access will be set as the foundation for the argument that the system is vulnerable in the cyber age, and the need for reform at the local, state and national levels will be emphasized. The possibility of a foreign nation-state influencing the outcome of an election by …
Secured Data Masking Framework And Technique For Preserving Privacy In A Business Intelligence Analytics Platform, Osama Ali
Electronic Thesis and Dissertation Repository
The main concept behind business intelligence (BI) is how to use integrated data across different business systems within an enterprise to make strategic decisions. It is difficult to map internal and external BI’s users to subsets of the enterprise’s data warehouse (DW), resulting that protecting the privacy of this data while maintaining its utility is a challenging task. Today, such DW systems constitute one of the most serious privacy breach threats that an enterprise might face when many internal users of different security levels have access to BI components. This thesis proposes a data masking framework (iMaskU: Identify, Map, Apply, …
Gradubique: An Academic Transcript Database Using Blockchain Architecture, Thinh Nguyen
Gradubique: An Academic Transcript Database Using Blockchain Architecture, Thinh Nguyen
Master's Projects
Blockchain has been widely adopted in the last few years even though it is in its infancy. The first well-known application built on blockchain technology was Bitcoin, which is a decentralized and distributed ledger to record crypto-currency transactions. All of the transactions in Bitcoin are anonymously transferred and validated by participants in the network. Bitcoin protocol and its operations are so reliable that technologists have been inspired to enhance blockchain technologies and deploy it outside of the crypto-currency world. The demand for private and non-crypto-currency solutions have surged among consortiums because of the security and fault tolerant features of blockchain. …
Performance Indicators Analysis Inside A Call Center Using A Simulation Program, Ditila Ekmekçiu, Markela Muça, Adrian Naço
Performance Indicators Analysis Inside A Call Center Using A Simulation Program, Ditila Ekmekçiu, Markela Muça, Adrian Naço
International Journal of Business and Technology
This paper deals with and shows the results of different performance indicators analyses made utilizing the help of Simulation and concentrated on dimensioning problems of handling calls capacity in a call center. The goal is to measure the reactivity of the call center’s performance to potential changes of critical variables. The literature related to the employment of this kind of instrument in call centers is reviewed, and the method that this problem is treated momentarily is precisely described. The technique used to obtain this paper’s goal implicated a simulation model using Arena Contact Center software that worked as a key …
Modelling Business And Management Systems Using Fuzzy Cognitive Maps: A Critical Overview, Peter P. Groumpos
Modelling Business And Management Systems Using Fuzzy Cognitive Maps: A Critical Overview, Peter P. Groumpos
International Journal of Business and Technology
A critical overview of modelling Business and Management (B&M) Systems using Fuzzy Cognitive Maps is presented. A limited but illustrative number of specific applications of Fuzzy Cognitive Maps in diverse B&M systems, such as e business, performance assessment, decision making, human resources management, planning and investment decision making processes is provided and briefly analyzed. The limited survey is given in a table with statics of using FCMs in B&M systems during the last 15 years. The limited survey shows that the applications of Fuzzy Cognitive Maps to today’s Business and Management studies has been steadily increased especially during the last …
Vpsearch: Achieving Verifiability For Privacy-Preserving Multi-Keyword Search Over Encrypted Cloud Data, Zhiguo Wan, Robert H. Deng
Vpsearch: Achieving Verifiability For Privacy-Preserving Multi-Keyword Search Over Encrypted Cloud Data, Zhiguo Wan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Although cloud computing offers elastic computation and storage resources, it poses challenges on verifiability of computations and data privacy. In this work we investigate verifiability for privacy-preserving multi-keyword search over outsourced documents. As the cloud server may return incorrect results due to system faults or incentive to reduce computation cost, it is critical to offer verifiability of search results and privacy protection for outsourced data at the same time. To fulfill these requirements, we design aVerifiablePrivacy-preserving keywordSearch scheme, called VPSearch, by integrating an adapted homomorphic MAC technique with a privacy-preserving multi-keyword search scheme. The proposed scheme enables the client to …
Vulnerability Assessment & Penetration Testing: Case Study On Web Application Security, Gazmend Krasniqi, Veton Bejtullahu
Vulnerability Assessment & Penetration Testing: Case Study On Web Application Security, Gazmend Krasniqi, Veton Bejtullahu
UBT International Conference
Complexity of information systems are increasing day by day. The security of information systems that are connected to public networks can be compromised by unauthorized, and usually anonymous, attempts to access them. By using public networks businesses and other institutions are exposed to numerous risks. This leads to more and more vulnerabilities in Information Systems. This situation calls for test methods that are devised from the attacker’s perspective to ensure that test conditions are as realistic as possible. In this paper we will describe complete stages of Vulnerability Assessment and Penetration Testing on some systems in UBT and proactive action …
Is Information Systems Misuse Always Bad? A New Perspective On Is Misuse In Hospitals Under The Context Of Disasters, Dheyaaldin Alsalman
Is Information Systems Misuse Always Bad? A New Perspective On Is Misuse In Hospitals Under The Context Of Disasters, Dheyaaldin Alsalman
Masters Theses & Doctoral Dissertations
Although the extant literature has investigated how individuals engage in inappropriate behaviors based on the rational choice theory (RCT) (e.g., computer misconduct), the neutralization theory (e.g., IS security policies violation), and workarounds under normal situations, it has given little consideration to how individuals are involved in misuse of information systems with a good intention under the context of disasters. To fill this research gap, we propose a selfless misuse model, which offers a theoretical explanation for the concept of individuals’ selfless misuse intention under uncertainty caused by disasters. In this study, we show why employees make decisions to misuse the …
Deaddrop: Message Passing Without Metadata Leakage, Davis Mike Arndt
Deaddrop: Message Passing Without Metadata Leakage, Davis Mike Arndt
Computer Science and Software Engineering
Even when network data is encrypted, observers can make inferences about content based on collected metadata. DeadDrop is an exploratory API designed to protect the metadata of a conversation from both outside observers and the facilitating server. To do so, DeadDrop servers are passed no recipient address, instead relying upon the recipient to check for messages of their own volition. In addition, the recipient downloads a copy of every encrypted message on the server to prevent even the server from knowing to whom each message is intended. To these purposes, DeadDrop is mostly successful. However, it does not obscure all …
Verifiably Encrypted Cascade-Instantiable Blank Signatures To Secure Progressive Decision Management, Yujue Wang, Hwee Hwa Pang, Robert H. Deng
Verifiably Encrypted Cascade-Instantiable Blank Signatures To Secure Progressive Decision Management, Yujue Wang, Hwee Hwa Pang, Robert H. Deng
Research Collection School Of Computing and Information Systems
In this paper, we introduce the notion of verifiably encrypted cascade-instantiable blank signatures (CBS) in a multi-user setting. In CBS, there is a delegation chain that starts with an originator and is followed by a sequence of proxies. The originator creates and signs a template, which may comprise fixed fields and exchangeable fields. Thereafter, each proxy along the delegation chain is able to make an instantiation of the template from the choices passed down from her direct predecessor, before generating a signature for her instantiation. First, we present a non-interactive basic CBS construction that does not rely on any shared …
User-Centric Privacy Preservation In Mobile And Location-Aware Applications, Mingming Guo
User-Centric Privacy Preservation In Mobile And Location-Aware Applications, Mingming Guo
FIU Electronic Theses and Dissertations
The mobile and wireless community has brought a significant growth of location-aware devices including smart phones, connected vehicles and IoT devices. The combination of location-aware sensing, data processing and wireless communication in these devices leads to the rapid development of mobile and location-aware applications. Meanwhile, user privacy is becoming an indispensable concern. These mobile and location-aware applications, which collect data from mobile sensors carried by users or vehicles, return valuable data collection services (e.g., health condition monitoring, traffic monitoring, and natural disaster forecasting) in real time. The sequential spatial-temporal data queries sent by users provide their location trajectory information. The …
Surveying Digital Collections Stewardship In Nebraska [Original Survey Form], Jennifer L. Thoegersen, Blake Graham
Surveying Digital Collections Stewardship In Nebraska [Original Survey Form], Jennifer L. Thoegersen, Blake Graham
University of Nebraska-Lincoln Data Repository
No abstract provided.
Every Step You Take, I’Ll Be Watching You: Practical Stepauth-Entication Of Rfid Paths, Kai Bu, Yingjiu Li
Every Step You Take, I’Ll Be Watching You: Practical Stepauth-Entication Of Rfid Paths, Kai Bu, Yingjiu Li
Research Collection School Of Computing and Information Systems
Path authentication thwarts counterfeits in RFID-based supply chains. Its motivation is that tagged products taking invalid paths are likely faked and injected by adversaries at certain supply chain partners/steps. Existing solutions are path-grained in that they simply regard a product as genuine if it takes any valid path. Furthermore, they enforce distributed authentication by offloading the sets of valid paths to some or all steps from a centralized issuer. This not only imposes network and storage overhead but also leaks transaction privacy. We present StepAuth, the first step-grained path authentication protocol that is practically efficient for authenticating products with strict …
Keep It Simple, Keep It Safe - Research On The Impacts Of Increasing Complexity Of Modern Enterprise Applications, Shawn Ware, David Phillips
Keep It Simple, Keep It Safe - Research On The Impacts Of Increasing Complexity Of Modern Enterprise Applications, Shawn Ware, David Phillips
UNO Student Research and Creative Activity Fair
As the Cybersecurity program within UNO continues to adapt to the ever-changing world of information systems and information security, the Cybersecurity Capstone has recently become an active, community-involvement project, where real-world organizations can receive valuable, useful research and information from students on their way towards a degree. This presentation encompasses two such projects from the Cybersecurity Capstone, looking at how modern, more complex systems can often increase system vulnerability.
Mining Sandboxes: Are We There Yet?, Lingfeng Bao, Tien Duy B. Le, David Lo
Mining Sandboxes: Are We There Yet?, Lingfeng Bao, Tien Duy B. Le, David Lo
Research Collection School Of Computing and Information Systems
The popularity of Android platform on mobile devices has attracted much attention from many developers and researchers, as well as malware writers. Recently, Jamrozik et al. proposed a technique to secure Android applications referred to as mining sandboxes. They used an automated test case generation technique to explore the behavior of the app under test and then extracted a set of sensitive APIs that were called. Based on the extracted sensitive APIs, they built a sandbox that can block access to APIs not used during testing. However, they only evaluated the proposed technique with benign apps but not investigated whether …
Urlnet: Learning A Url Representation With Deep Learning For Malicious Url Detection, Hung Le, Hong Quang Pham, Doyen Sahoo, Steven C. H. Hoi
Urlnet: Learning A Url Representation With Deep Learning For Malicious Url Detection, Hung Le, Hong Quang Pham, Doyen Sahoo, Steven C. H. Hoi
Research Collection School Of Computing and Information Systems
Malicious URLs host unsolicited content and are used to perpetrate cybercrimes. It is imperative to detect them in a timely manner. Traditionally, this is done through the usage of blacklists, which cannot be exhaustive, and cannot detect newly generated malicious URLs. To address this, recent years have witnessed several efforts to perform Malicious URL Detection using Machine Learning. The most popular and scalable approaches use lexical properties of the URL string by extracting Bag-of-words like features, followed by applying machine learning models such as SVMs. There are also other features designed by experts to improve the prediction performance of the …
Attribute-Based Cloud Storage With Secure Provenance Over Encrypted Data, Hui Cui, Robert H. Deng, Yingjiu Li
Attribute-Based Cloud Storage With Secure Provenance Over Encrypted Data, Hui Cui, Robert H. Deng, Yingjiu Li
Research Collection School Of Computing and Information Systems
To securely and conveniently enjoy the benefits of cloud storage, it is desirable to design a cloud data storage system which protects data privacy from storage servers through encryption, allows fine-grained access control such that data providers can expressively specify who are eligible to access the encrypted data, enables dynamic user management such that the total number of data users is unbounded and user revocation can be carried out conveniently, supports data provider anonymity and traceability such that a data provider’s identity is not disclosed to data users in normal circumstances but can be traced by a trusted authority if …
Lowering Legal Barriers To Rpki Adoption, Christopher S. Yoo, David A. Wishnick
Lowering Legal Barriers To Rpki Adoption, Christopher S. Yoo, David A. Wishnick
All Faculty Scholarship
Across the Internet, mistaken and malicious routing announcements impose significant costs on users and network operators. To make routing announcements more reliable and secure, Internet coordination bodies have encouraged network operators to adopt the Resource Public Key Infrastructure (“RPKI”) framework. Despite this encouragement, RPKI’s adoption rates are low, especially in North America.
This report presents the results of a year-long investigation into the hypothesis—widespread within the network operator community—that legal issues pose barriers to RPKI adoption and are one cause of the disparities between North America and other regions of the world. On the basis of interviews and analysis of …
Developing A Cyberterrorism Policy: Incorporating Individual Values, Osama Bassam J. Rabie
Developing A Cyberterrorism Policy: Incorporating Individual Values, Osama Bassam J. Rabie
Theses and Dissertations
Preventing cyberterrorism is becoming a necessity for individuals, organizations, and governments. However, current policies focus on technical and managerial aspects without asking for experts and non-experts values and preferences for preventing cyberterrorism. This study employs value focused thinking and public value forum to bare strategic measures and alternatives for complex policy decisions for preventing cyberterrorism. The strategic measures and alternatives are per socio-technical process.
Software Intrusion Detection Evaluation System: A Cost-Based Evaluation Of Intrusion Detection Capability, Agbotiname L. Imoize, Taiwo Oyedare, Michael E. Otuokere, Sachin Shetty
Software Intrusion Detection Evaluation System: A Cost-Based Evaluation Of Intrusion Detection Capability, Agbotiname L. Imoize, Taiwo Oyedare, Michael E. Otuokere, Sachin Shetty
VMASC Publications
In this paper, we consider a cost-based extension of intrusion detection capability (CID). An objective metric motivated by information theory is presented and based on this formulation; a package for computing the intrusion detection capability of intrusion detection system (IDS), given certain input parameters is developed using Java. In order to determine the expected cost at each IDS operating point, the decision tree method of analysis is employed, and plots of expected cost and intrusion detection capability against false positive rate were generated. The point of intersection between the maximum intrusion detection capability and the expected cost is selected as …
Determining Vulnerability Using Attack Graphs: An Expansion Of The Current Fair Model, Beth M. Anderson
Determining Vulnerability Using Attack Graphs: An Expansion Of The Current Fair Model, Beth M. Anderson
EWU Masters Thesis Collection
Factor Analysis of Information Risk (FAIR) provides a framework for measuring and understanding factors that contribute to information risk. One such factor is FAIR Vulnerability; the probability that an event involving a threat will result in a loss. An asset is vulnerable if a threat actor’s Threat Capability is higher than the Resistance Strength of the asset. In FAIR scenarios, Resistance Strength is currently estimated for entire assets, oversimplifying assets containing individual systems and the surrounding environment. This research explores enhancing estimations of FAIR Vulnerability by modeling interactions between threat actors and assets through attack graphs. By breaking down the …
User-Friendly Deniable Storage For Mobile Devices, Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, Wen-Tao Zhu, Yingjiu Li, Zhan. Wang
User-Friendly Deniable Storage For Mobile Devices, Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, Wen-Tao Zhu, Yingjiu Li, Zhan. Wang
Research Collection School Of Computing and Information Systems
Mobile devices are prevalently used to process sensitive data, but traditional encryption may not work when an adversary is able to coerce the device owners to disclose the encryption keys. Plausibly Deniable Encryption (PDE) is thus designed to protect sensitive data against this powerful adversary. In this paper, we present MobiPluto, a user-friendly PDE scheme for denying the existence of sensitive data stored on mobile devices. A salient difference between MobiPluto and the existing PDE systems is that any block-based file systems can be deployed on top of it. To further improve usability and deniability of MobiPluto, we introduce a …