Information Security Commons^™

Teaching Static Call Analysis To Detect Anomalous Software Behavior, Jordan Shropshire, Philip Menard

KSU Proceedings on Cybersecurity Education, Research and Practice

Malicious code detection is a critical part of any cyber security operation. Typically, the behavior of normal applications is modeled so that deviations from normal behavior can be identified. There are multiple approach to modeling good behavior but the most common approach is to observe applications’ system call activity. System calls are messages passed between user space applications and their underlying operating systems. The detection of irregular system call activity signals the presence of malicious software behavior. This method of malware-detection has been used successfully for almost two decades. Unfortunately, it can be difficult to cover this concept at the …

Using A Virtual Computing Laboratory To Foster Collaborative Learning For Information Security And Information Technology Education, Abdullah Konak, Michael R. Bartolacci

Journal of Cybersecurity Education, Research and Practice

Virtual computer laboratories have been an excellent technological solution to the problem of providing students with hands-on experimentation in information technology fields such as information security in a cost effective and secure manner. A virtual computer laboratory was utilized in this work as a collaborative environment for student learning with the goal of measuring its effect on student learning and attitudes toward laboratory assignments. Experiments were carried out utilizing specially-designed computer-based laboratory activities that included student assessments and surveys upon their completion. The experiments involved both small groups and individual students completing their respective laboratory activities and subsequent assessments/surveys. …

From The Editors, Michael E. Whitman, Herbert J. Mattord

Journal of Cybersecurity Education, Research and Practice

Welcome to the inaugural issue of the Journal of Cybersecurity Education, Research and Practice (JCERP).

Charlton Fire Department Resident Expectations: Survey And Analysis, Natalie Omary, Jingxin Wen, Junchen Chen, Denis Kornev

School of Professional Studies

The Town of Charlton is located in the heart of the Massachusetts with a resident population of just under 14,000 people. The Charlton Fire Department serves the town for needs related to fire fighting, fire prevention, burning permits and inspection services along with emergency medical services. The Department has requested the assistance of the Clark University COPACE Capstone students in creating and conducting survey in order to get a sense of what the resident of the town know about the fire department and to better gauge their expectations about what the department can provide for them. The survey was formulated …

Cybersecurity Awareness Shrewsbury Public Schools, Brittany Crompton, David Thompson, Manuel Reyes, Xueyan Zhao, Xueke Zou

School of Professional Studies

In the 21st Century, technology reaches every aspect of our lives. As “digital citizens” we must be aware of the dangers both to our technological equipment and our personal information stored, transmitted, and processed on this equipment. The Cybersecurity Awareness curriculum developed for the Shrewsbury Public School district is designed to meet this need, as well as foster an interest in technology and ethical computer use.

Alternatives Unlimited Inc. Property Service Application, Jalpa Dave, Pennie Nataliya, Neelakshi Bali

School of Professional Studies

The purpose of this project is to propose Property service application to be enforced for documenting and managing the work orders raised throughout the residencies. The company is looking into an application that would facilitate to track and monitor the maintenance request received in a systematic order and ensuring priority work request is resolved within the set time frame. The project is to enhance the property service's work more efficiently as this will provide a high level of charge for the occupants by providing quicker response to their requests. The Objectives set to achieve for this project are realistic and …

Information Technology Proposal For The Town Of Spencer, Vijay Basava, Corey Kenyon, Mahdi Soltani

School of Professional Studies

The Town of Spencer came to us looking for a plan to build and maintain their own personal fiber network for connection between departments and to improve data security for important information. After assessing the existing landscape and determining the various paths forward, we created network diagrams and plans for the movement forward of this project.

After assessing a variety of plans, we found that a full single-mode fiber network would be the best system for the implementation in Spencer. While it was the highest cost, it also scored the highest in our assessment.

Analysis Of The Point Of Sales System At Tower Hill Botanical Garden And Suggested Courses Of Action, Brian Dunn, Keerthi Bandi, Chantal Kopwa Epse Kassa, F.N.U Shelly

School of Professional Studies

As Tower Hill Botanic Garden continues to improve on its operations and enhance the experience of its visitors and members, they are on a quest for a new Point-Of-Sale (POS) system that not only works with its existing hardware and interface with Raiser’s Edge, a smartcloud fundraising and relationship management software central to the garden’s operations but also, have a restaurant module and the capability of operating both in a wireless and hard-wired environment.

Developing An Online Database Of Experts For The Worcester Regional Chamber Of Commerce, Zikan Chen, Douglas Grey, Pranjal Shah

School of Professional Studies

The Worcester Regional Chamber of Commerce as part of their mission to attract business to the Worcester area, want to create an online searchable database of industry experts made up of faculty members of the Colleges and Universities in the Worcester area. This online database will be placed on the Worcester Regional Chamber of Commerce Higher Education – Business Partnership page on their website. The limitations placed on this request are that the Regional Chamber as of this moment have no monetary or Information Technologies resources to provide for the realization of this request.

The proliferation of as A Service …

A Framework To Manage Sensitive Information During Its Migration Between Software Platforms, Olusegun Ademolu Ajigini, John Andrew Van Der Poll, Jan H. Kroeze Phd

The African Journal of Information Systems

Software migrations are mostly performed by organisations using migration teams. Such migration teams need to be aware of how sensitive information ought to be handled and protected during the implementation of the migration projects. There is a need to ensure that sensitive information is identified, classified and protected during the migration process.

This paper suggests how sensitive information in organisations can be handled and protected during migrations, by using the migration from proprietary software to open source software to develop a management framework that can be used to manage such a migration process. The research employed a sequential explanatory mixed …

A Nonprofit Model In A For-Profit World: A Closer Look At Sheltered Workshops And Sustainability As An Employee Run Business, Bing Jang, Mitchell Perry, Nikolin Vangjeli, Laura Ducharme

School of Professional Studies

Historically, society has tended to isolate and segregate individuals with intellectual and developmental disabilities. Despite improvements such forms of discrimination continue to be a serious social problem. On October 11, 2011, the Department of Justice began an investigation into several state’s systems of providing vocational services to individuals with intellectual and developmental disabilities. This action came about due to several states being out of compliance around Title II of the Americans with Disabilities Act (ADA). Title II of the ADA prohibits discrimination on the basis of disability for all services, programs and activities provided to the public by state and …

Analyzing Shared Value And Social Business Principles: A Case Study Of Honeydrop Beverages And Seven Hills Foundation, Sarah Dys, Maya Grevatt, Brianna Mirabile

School of Professional Studies

Can the business world come together with the nonprofit world to create systems to lift low income women, children, and families out of poverty? The following report aims to show how the changing principles of business have the potential to serve international populations living on less than $2USD per day. For-profit organizations working with citizen sector organizations instead of giving charity provides a sustainable model to connect profit maximization with social good.

Honeydrop Beverages is a company based out of New York that produces lemonade sweetened with honey. Their products do not contain any refined products, only using fresh and …

Doc Wayne Youth Services, Inc. Capstone Project Youth Employment And Mentoring, Bongani T. Jeranyama, Zhengjun Liu, Sarah Parsons

School of Professional Studies

In Boston, Massachusetts, young adults age 16-19 who have dropped out of high school have a very high unemployment rate of 43.8%. Additionally, in the United States of America the difference between a young adult with a high school diploma as opposed to a young adult without a high school diploma in terms of weekly income is $180 USD; between a young adult with a high school diploma versus a young professional with a bachelor’s degree is $433 USD. These numbers demonstrate the need for services that improve academic achievement, job readiness and preparedness, and youth mentorship for struggling young …

An Analysis Of The Relationship Between Security Information Technology Enhancements And Computer Security Breaches And Incidents, Linda Betz

CCE Theses and Dissertations

Financial services institutions maintain large amounts of data that include both intellectual property and personally identifiable information for employees and customers. Due to the potential damage to individuals, government regulators hold institutions accountable for ensuring that personal data are protected and require reporting of data security breaches. No company wants a data breach, but finding a security incident or breach early in the attack cycle may decrease the damage or data loss a company experiences. In multiple high profile data breaches reported in major news stories over the past few years, there is a pattern of the adversary being inside …

Best Practices To Increase Efficacy Of Graduate School Admissions Communications At Clark University, Diana Curran, Nikki Feinberg, Mitchell Kelley, Ruiqi Li, Anning Zhou

School of Professional Studies

Within the period of time that a graduate student deposits and subsequently arrives at their academic institution, receiving timely information is important for their preparation. This process has been deemed by the Deans of the Enterprise Schools at Clark University as one that needs further investigation. As such, this Capstone looks at the array of communication that goes out to each graduate student during this four-month period. The purpose of examining this communication is to analyze its effectiveness in engaging students. To analyze the effectiveness of this communication, surveys were distributed to current students in these schools to gather data …

Understanding The Impact Of Hacker Innovation Upon Is Security Countermeasures, Sean M. Zadig

CCE Theses and Dissertations

Hackers external to the organization continue to wreak havoc upon the information systems infrastructure of firms through breaches of security defenses, despite constant development of and continual investment in new IS security countermeasures by security professionals and vendors. These breaches are exceedingly costly and damaging to the affected organizations. The continued success of hackers in the face of massive amounts of security investments suggests that the defenders are losing and that the hackers can innovate at a much faster pace.

Underground hacker communities have been shown to be an environment where attackers can learn new techniques and share tools pertaining …

From Enrollment To Employment: A Dacum Approach To Information Systems And Information Security And Assurance Curriculum Design, Leila Halawi, Wendi M. Kappers, Aaron Glassman

Publications

Issues associated with information security are numerous and diverse. Since the majority of organizational actions rely greatly on information and communication technologies, Information Systems (IS) security is now a main concern for firms, governments, institutes, and society as a whole. As a result, a plethora of graduate programs have been created, covering nearly every aspect of IS security. The authors review the current state of the IS industry presented in the literature, and identify a panel of IS experts in which to explore current job skill needs using a “Developing a Curriculum,” DACUM, process to support curriculum design for two …