Information Security Commons^™

Cyber Attacks: Does Physical Boundary Matter?, Qiu-Hong Wang, Seung-Hyun Kim

Research Collection School Of Computing and Information Systems

Information security issues are characterized with interdependence. Particularly, cyber criminals can easily cross national boundaries and exploit jurisdictional limitations between countries. Thus, whether cyber attacks are spatially autocorrelated is a strategic issue for government authorities and a tactic issue for insurance companies. Through an empirical study of cyber attacks across 62 countries during the period 2003-2007, we find little evidence on the spatial autocorrelation of cyber attacks at any week. However, after considering economic opportunity, IT infrastructure, international collaboration in enforcement and conventional crimes, we find strong evidence that cyber attacks were indeed spatially autocorrelated as they moved over time. …

Wake Up Or Fall Asleep: Value Implication Of Trusted Computing, Nan Hu, Jianhui Huang, Ling Liu, Yingjiu Li, Dan Ma

Research Collection School Of Computing and Information Systems

More than 10 years have passed since trusted computing (TC) technology was introduced to the market; however, there is still no consensus about its value. The increasing importance of user and enterprise security and the security promised by TC, coupled with the increasing tension between the proponents and the opponents of TC, make it timely to investigate the value relevance of TC in terms of both capital market and accounting performance. Based on both price and volume studies, we found that news releases related to the adoption of the TC technology had no information content. All investors, regardless of whether …

Ensemble And Individual Noise Reduction Method For Induction-Motor Signature Analysis, Zhaoxia Wang, C.S. Chang, Tw Chua, W.W Tan

Research Collection School Of Computing and Information Systems

Unlike a fixed-frequency power supply, the voltagesupplying an inverter-fed motor is heavily corrupted by noises,which are produced from high-frequency switching leading tonoisy stator currents. To extract useful information from statorcurrentmeasurements, a theoretically sound and robust denoisingmethod is required. The effective filtering of these noisesis difficult with certain frequency-domain techniques, such asFourier transform or Wavelet analysis, because some noises havefrequencies overlapping with those of the actual signals, andsome have high noise-to-frequency ratios. In order to analyze thestatistical signatures of different types of signals, a certainnumber is required of the individual signals to be de-noisedwithout sacrificing the individual characteristic and quantity ofthe …

Robust Lifetime Measurement In Large-Scale P2p Systems With Non-Stationary Arrivals, Xiaoming Wang, Zhongmei Yao, Yueping Zhang, Dmitri Loguinov

Computer Science Faculty Publications

Characterizing user churn has become an important topic in studying P2P networks, both in theoretical analysis and system design. Recent work has shown that direct sampling of user lifetimes may lead to certain bias (arising from missed peers and round-off inconsistencies) and proposed a technique that estimates lifetimes based on sampled residuals. In this paper, however, we show that under non-stationary arrivals, which are often present in real systems, residual-based sampling does not correctly reconstruct user lifetimes and suffers a varying degree of bias, which in some cases makes estimation completely impossible. We overcome this problem using two contributions: a …

Wireless Networks: Spert: A Stateless Protocol For Energy-Sensitive Real-Time Routing For Wireless Sensor Network, Sohail Jabbar, Abid Ali Minhas, Raja Adeel Akhtar

International Conference on Information and Communication Technologies

Putting constraints on performance of a system in the temporal domain, some times turns right into wrong and update into outdate. These are the scenarios where apposite value of time inveterate in the reality. But such timing precision not only requires tightly scheduled performance constraints but also requires optimal design and operation of all system components. Any malfunctioning at any relevant aspect may causes a serious disaster and even loss of human lives. Managing and interacting with such real-time system becomes much intricate when the resources are limited as in wireless sensor nodes. A wireless sensor node is typically comprises …

Networks - Ii: Overhead Analysis Of Security Implementation Using Ipsec, Muhammad Awais Azam, Zaka -Ul- Mustafa, Usman Tahir, S. M. Ahsan, Muhammad Adnan Naseem, Imran Rashid, Muhammad Adeel

International Conference on Information and Communication Technologies

Authentication, access control, encryption and auditing make up the essential elements of network security. Researchers have dedicated a large amount of efforts to implement security features that fully incorporate the use of all these elements. Currently, data networks mainly provide authentication and confidentiality services. Confidentiality alone is not able to protect the system, thus, suitable security measures must be taken. However, this security is itself an overhead which must be accounted for. A trade-off must exist between performance and security. This trade-off must be carefully managed so as not to deteriorate the systems being secured. This calls for the true …

Cyber Attacks: Cross-Country Interdependence And Enforcement, Qiu-Hong Wang, Seung Hyun Kim

Research Collection School Of Computing and Information Systems

This study empirically characterizes the interdependence in cyber attacks and examines theimpact from the first international treaty against cybercrimes (Convention on Cybercrimes:Europe Treaty Series No. 185). With the data covering 62 countries over the period from year2003 to 2007, we find that, international cooperation in enforcement as measured by theindicator of joining the Convention on Cybercrimes, deterred cyber attacks originating from anyparticular country by 15.81% ~ 24.77% (in 95% confidence interval). Second, joining theConvention also affected the interdependence in cyber attacks from two angels. First, for anypair of country, closer status in joining or not joining the Convention was associated …

Mitigating Insider Sabotage And Espionage: A Review Of The United States Air Force's Current Posture, Erika C. Leach

Theses and Dissertations

The security threat from malicious insiders affects all organizations. Mitigating this problem is quite difficult due to the fact that (1) there is no definitive profile for malicious insiders, (2) organizations have placed trust in these individuals, and (3) insiders have a vast knowledge of their organization’s personnel, security policies, and information systems. The purpose of this research is to analyze to what extent the United States Air Force (USAF) security policies address the insider threat problem. The policies are reviewed in terms of how well they align with best practices published by the Carnegie Mellon University Computer Emergency Readiness …

Heuristics For Improved Enterprise Intrusion Detection, James J. Treinen

Electronic Theses and Dissertations

One of the greatest challenges facing network operators today is the identification of malicious activity on their networks. The current approach is to deploy a set of intrusion detection sensors (IDSs) in various locations throughout the network and on strategic hosts. Unfortunately, the available intrusion detection technologies generate an overwhelming volume of false alarms, making the task of identifying genuine attacks nearly impossible. This problem is very difficult to solve even in networks of nominal size. The task of uncovering attacks in enterprise class networks quickly becomes unmanageable.

Research on improving intrusion detection sensors is ongoing, but given the nature …

User Interface Design, Moritz Stefaner, Sebastien Ferre, Saverio Perugini, Jonathan Koren, Yi Zhang

Computer Science Faculty Publications

As detailed in Chap. 1, system implementations for dynamic taxonomies and faceted search allow a wide range of query possibilities on the data. Only when these are made accessible by appropriate user interfaces, the resulting applications can support a variety of search, browsing and analysis tasks. User interface design in this area is confronted with specific challenges. This chapter presents an overview of both established and novel principles and solutions.