Information Security Commons^™

A Novel Caching Algorithm For Efficient Fine-Grained Access Control In Database Management Systems, Anadi Shakya

Student Research Symposium

Fine-grained access Control (FGAC) in DBMS is vital for restricting user access to authorized data and enhancing security. FGAC policies govern how users are granted access to specific resources based on detailed criteria, ensuring security and privacy measures. Traditional methods struggle with scaling policies to thousands, causing delays in query responses. This paper introduces a novel caching algorithm designed to address this challenge by accelerating query processing and ensuring compliance with FGAC policies. In our approach, we create a circular hashmap and employ different replacement techniques to efficiently manage the cache, prioritizing entries that are visited more frequently. To evaluate …

Improving Tattle-Tale K-Deniability, Nicholas G.E. Morales

Student Research Symposium

Ensuring privacy for databases is an ongoing struggle. While the majority of work has focused on using access control lists to protect sensitive data these methods are vulnerable to inference attacks. A set of algorithms, referred to as Tattle-Tale, was developed that could protect sensitive data from being inferred however its runtime performance wasn’t suitable for production code. This set of algorithms contained two main subsets, Full Deniability and K-Deniability. My research focused on improving the runtime or utility of the K-Deniability algorithms. I investigated the runtime of the K-Deniability algorithms to identify what was slowing the process down. Aside …

A Design Science Approach To Investigating Decentralized Identity Technology, Janelle Krupicka

Cybersecurity Undergraduate Research Showcase

The internet needs secure forms of identity authentication to function properly, but identity authentication is not a core part of the internet’s architecture. Instead, approaches to identity verification vary, often using centralized stores of identity information that are targets of cyber attacks. Decentralized identity is a secure way to manage identity online that puts users’ identities in their own hands and that has the potential to become a core part of cybersecurity. However, decentralized identity technology is new and continually evolving, which makes implementing this technology in an organizational setting challenging. This paper suggests that, in the future, decentralized identity …

Binder, Tyler A. Peaster, Lindsey M. Davenport, Madelyn Little, Alex Bales

ATU Research Symposium

Binder is a mobile application that aims to introduce readers to a book recommendation service that appeals to devoted and casual readers. The main goal of Binder is to enrich book selection and reading experience. This project was created in response to deficiencies in the mobile space for book suggestions, library management, and reading personalization. The tools we used to create the project include Visual Studio, .Net Maui Framework, C#, XAML, CSS, MongoDB, NoSQL, Git, GitHub, and Figma. The project’s selection of books were sourced from the Google Books repository. Binder aims to provide an intuitive interface that allows users …

What Students Have To Say On Data Privacy For Educational Technology, Stephanie Choi

Cybersecurity Undergraduate Research Showcase

The literature on data privacy in terms of educational technology is a growing area of study. The perspective of educators has been captured extensively. However, the literature on students’ perspectives is missing, which is what we explore in this paper. We use a pragmatic qualitative approach with an experiential lens to capture students’ attitudes towards data privacy in terms of educational technology. We identified preliminary, common themes that appeared in the survey responses. The paper concludes by calling for more research on how students perceive data privacy in terms of educational technology.

Flgan: Gan-Based Unbiased Federated Learning Under Non-Iid Settings, Zhuoran Ma, Yang Liu, Yinbin Miao, Guowen Xu, Ximeng Liu, Jianfeng Ma, Robert H. Deng

Research Collection School Of Computing and Information Systems

Federated Learning (FL) suffers from low convergence and significant accuracy loss due to local biases caused by non-Independent and Identically Distributed (non-IID) data. To enhance the non-IID FL performance, a straightforward idea is to leverage the Generative Adversarial Network (GAN) to mitigate local biases using synthesized samples. Unfortunately, existing GAN-based solutions have inherent limitations, which do not support non-IID data and even compromise user privacy. To tackle the above issues, we propose a GAN-based unbiased FL scheme, called FlGan, to mitigate local biases using synthesized samples generated by GAN while preserving user-level privacy in the FL setting. Specifically, FlGan first …

When Evolutionary Computation Meets Privacy, Bowen Zhao, Wei-Neng Chen, Xiaoguo Li, Ximeng Liu, Qingqi Pei, Jun Zhang

Research Collection School Of Computing and Information Systems

Recently, evolutionary computation (EC) has experienced significant advancements due to the integration of machine learning, distributed computing, and big data technologies. These developments have led to new research avenues in EC, such as distributed EC and surrogate-assisted EC. While these advancements have greatly enhanced the performance and applicability of EC, they have also raised concerns regarding privacy leakages, specifically the disclosure of optimal results and surrogate models. Consequently, the combination of evolutionary computation and privacy protection becomes an increasing necessity. However, a comprehensive exploration of privacy concerns in evolutionary computation is currently lacking, particularly in terms of identifying the object, …

Student Attitudes And Intentions To Use Continuous Authentication Methods Applied To Mitigate Impersonation Attacks During E-Assessments, Andrea E. Green

CCE Theses and Dissertations

No solution can ultimately eliminate cheating in online courses. However, universities reserve funding for authentication systems to minimize the threat of cheating in online courses. Most higher education institutions use a combination of authentication methods to secure systems against impersonation attacks during online examinations. Authentication technologies ensure that an online course is protected from impersonation attacks. However, it is important that authentication methods secure systems against impersonation attacks with minimal disruption during an examination. Authentication methods applied to secure e-assessments against impersonation attacks may impact a student’s attitude and intentions to use the e-examination system.

In this regard, the research …

Predicting Viral Rumors And Vulnerable Users With Graph-Based Neural Multi-Task Learning For Infodemic Surveillance, Xuan Zhang, Wei Gao

Research Collection School Of Computing and Information Systems

In the age of the infodemic, it is crucial to have tools for effectively monitoring the spread of rampant rumors that can quickly go viral, as well as identifying vulnerable users who may be more susceptible to spreading such misinformation. This proactive approach allows for timely preventive measures to be taken, mitigating the negative impact of false information on society. We propose a novel approach to predict viral rumors and vulnerable users using a unified graph neural network model. We pre-train network-based user embeddings and leverage a cross-attention mechanism between users and posts, together with a community-enhanced vulnerability propagation (CVP) …