Information Security Commons^™

A False Sense Of Security - Organizations Need A Paradigm Shift On Protecting Themselves Against Apts, Srinivasulu R. Vuggumudi

Masters Theses & Doctoral Dissertations

Organizations Advanced persistent threats (APTs) are the most complex cyberattacks and are generally executed by cyber attackers linked to nation-states. The motivation behind APT attacks is political intelligence and cyber espionage. Despite all the awareness, technological advancements, and massive investment, the fight against APTs is a losing battle for organizations. An organization may implement a security strategy to prevent APTs. However, the benefits to the security posture might be negligible if the measurement of the strategy’s effectiveness is not part of the plan. A false sense of security exists when the focus is on implementing a security strategy but not …

Analysis Of Theoretical And Applied Machine Learning Models For Network Intrusion Detection, Jonah Baron

Masters Theses & Doctoral Dissertations

Network Intrusion Detection System (IDS) devices play a crucial role in the realm of network security. These systems generate alerts for security analysts by performing signature-based and anomaly-based detection on malicious network traffic. However, there are several challenges when configuring and fine-tuning these IDS devices for high accuracy and precision. Machine learning utilizes a variety of algorithms and unique dataset input to generate models for effective classification. These machine learning techniques can be applied to IDS devices to classify and filter anomalous network traffic. This combination of machine learning and network security provides improved automated network defense by developing highly-optimized …

Analysis Of System Performance Metrics Towards The Detection Of Cryptojacking In Iot Devices, Richard Matthews

Masters Theses & Doctoral Dissertations

This single-case mechanism study examined the effects of cryptojacking on Internet of Things (IoT) device performance metrics. Cryptojacking is a cyber-threat that involves stealing the computational resources of devices belonging to others to generate cryptocurrencies. The resources primarily include the processing cycles of devices and the additional electricity needed to power this additional load. The literature surveyed showed that cryptojacking has been gaining in popularity and is now one of the top cyberthreats. Cryptocurrencies offer anyone more freedom and anonymity than dealing with traditional financial institutions which make them especially attractive to cybercriminals. Other reasons for the increasing popularity of …

A Consent Framework For The Internet Of Things In The Gdpr Era, Gerald Chikukwa

Masters Theses & Doctoral Dissertations

The Internet of Things (IoT) is an environment of connected physical devices and objects that communicate amongst themselves over the internet. The IoT is based on the notion of always-connected customers, which allows businesses to collect large volumes of customer data to give them a competitive edge. Most of the data collected by these IoT devices include personal information, preferences, and behaviors. However, constant connectivity and sharing of data create security and privacy concerns. Laws and regulations like the General Data Protection Regulation (GDPR) of 2016 ensure that customers are protected by providing privacy and security guidelines to businesses. Data …

Block The Root Takeover: Validating Devices Using Blockchain Protocol, Sharmila Paul

Masters Theses & Doctoral Dissertations

This study addresses a vulnerability in the trust-based STP protocol that allows malicious users to target an Ethernet LAN with an STP Root-Takeover Attack. This subject is relevant because an STP Root-Takeover attack is a gateway to unauthorized control over the entire network stack of a personal or enterprise network. This study aims to address this problem with a potentially trustless research solution called the STP DApp. The STP DApp is the combination of a kernel /net modification called stpverify and a Hyperledger Fabric blockchain framework in a NodeJS runtime environment in userland. The STP DApp works as an Intrusion …

A Framework For Identifying Host-Based Artifacts In Dark Web Investigations, Arica Kulm

Masters Theses & Doctoral Dissertations

The dark web is the hidden part of the internet that is not indexed by search engines and is only accessible with a specific browser like The Onion Router (Tor). Tor was originally developed as a means of secure communications and is still used worldwide for individuals seeking privacy or those wanting to circumvent restrictive regimes. The dark web has become synonymous with nefarious and illicit content which manifests itself in underground marketplaces containing illegal goods such as drugs, stolen credit cards, stolen user credentials, child pornography, and more (Kohen, 2017). Dark web marketplaces contribute both to illegal drug usage …

Vzwam Web-Based Lookup, Ruben Claudio

Masters Theses & Doctoral Dissertations

This web-based lookup will allow V employees to find territory sales rep much faster. It will simplify the process and eliminate manual processes.

At the moment, a combination of multiple manual processes is needed to find territory sales reps. The company’s CRM does not allow to find rep sales quickly. When an in-house sales representative is talking to a prospect, this sales rep has to go through a few series of steps to find an outside or territory sales rep --which is usually needed to schedule in-person meetings, that results in delays while doing transactions with the prospects. Besides, because …

Network Traffic Analysis Framework For Cyber Threat Detection, Meshesha K. Cherie

Masters Theses & Doctoral Dissertations

The growing sophistication of attacks and newly emerging cyber threats requires advanced cyber threat detection systems. Although there are several cyber threat detection tools in use, cyber threats and data breaches continue to rise. This research is intended to improve the cyber threat detection approach by developing a cyber threat detection framework using two complementary technologies, search engine and machine learning, combining artificial intelligence and classical technologies.

In this design science research, several artifacts such as a custom search engine library, a machine learning-based engine and different algorithms have been developed to build a new cyber threat detection framework based …

Mirai Bot Scanner Summation Prototype, Charles V. Frank Jr.

Masters Theses & Doctoral Dissertations

The Mirai botnet deploys a distributed mechanism with each Bot continually scanning for a potential new Bot Victim. A Bot continually generates a random IP address to scan the network for discovering a potential new Bot Victim. The Bot establishes a connection with the potential new Bot Victim with a Transmission Control Protocol (TCP) handshake. The Mirai botnet has recruited hundreds of thousands of Bots. With 100,000 Bots, Mirai Distributed Denial of Service (DDoS) attacks on service provider Dyn in October 2016 triggered the inaccessibility to hundreds of websites in Europe and North America (Sinanović & Mrdovic, 2017). A month …

Flashlight In A Dark Room: A Grounded Theory Study On Information Security Management At Small Healthcare Provider Organizations, Gerald Auger

Masters Theses & Doctoral Dissertations

Healthcare providers have a responsibility to protect patient’s privacy and a business motivation to properly secure their assets. These providers encounter barriers to achieving these objectives and limited academic research has been conducted to examine the causes and strategies to overcome them. A subset of this demographic, businesses with less than 10 providers, compose a majority 57% of provider organizations in the United States. This grounded theory study provides exploratory findings, discovering these small healthcare provider organizations (SHPO) have limited knowledge on information technology (IT) and information security that results in assumptions and misappropriations of information security implementation, who is …

Advanced Code-Reuse Attacks: A Novel Framework For Jop, Bramwell J. Brizendine

Masters Theses & Doctoral Dissertations

Return-oriented programming is the predominant code-reuse attack, where short gadgets or borrowed chunks of code ending in a RET instruction can be discovered in binaries. A chain of ROP gadgets placed on the stack can permit control flow to be subverted, allowing for arbitrary computation. Jump-oriented programming is a class of code-reuse attack where instead of using RET instructions, indirect jumps and indirect calls are utilized to subvert the control flow. JOP is important because can allow for important mitigations and protections against ROP to be bypassed, and some protections against JOP are imperfect. This dissertation presents a design science …

Is Information Systems Misuse Always Bad? A New Perspective On Is Misuse In Hospitals Under The Context Of Disasters, Dheyaaldin Alsalman

Masters Theses & Doctoral Dissertations

Although the extant literature has investigated how individuals engage in inappropriate behaviors based on the rational choice theory (RCT) (e.g., computer misconduct), the neutralization theory (e.g., IS security policies violation), and workarounds under normal situations, it has given little consideration to how individuals are involved in misuse of information systems with a good intention under the context of disasters. To fill this research gap, we propose a selfless misuse model, which offers a theoretical explanation for the concept of individuals’ selfless misuse intention under uncertainty caused by disasters. In this study, we show why employees make decisions to misuse the …