Information Security Commons^™

Guardians Of The Data: Government Use Of Ai And Iot In The Digital Age, Jannat Saeed

Honors Theses

The exponential growth of technology, epitomized by Moore's Law – “the observation that the number of transistors on an integrated circuit will double every two years”– has propelled the swift evolution of Artificial Intelligence (AI) and Internet of Things (IoT) technologies. This phenomenon has revolutionized various facets of daily life, from smart home devices to autonomous vehicles, reshaping how individuals interact with the world around them. However, as governments worldwide increasingly harness these innovations to monitor and collect personal data, profound privacy concerns have arisen among the general populace. Despite the ubiquity of AI and IoT in modern society, formal …

Exploring Decentralized Computing Using Solid And Ipfs For Social Media Applications, Pranav Balasubramanian Natarajan

Computer Science and Computer Engineering Undergraduate Honors Theses

As traditional centralized social media platforms face growing concerns over data privacy, censorship, and lack of user control, there has been an increasing interest in decentralized alternatives. This thesis explores the design and implementation of a decentralized social media application by integrating two key technologies: Solid and the InterPlanetary File System (IPFS). Solid, led by Sir Tim Berners-Lee, enables users to store and manage their personal data in decentralized "Pods," giving them ownership over their digital identities. IPFS, a peer-to-peer hypermedia protocol, facilitates decentralized file storage and sharing, ensuring content availability and resilience against censorship. By leveraging these technologies, the …

Multi-Script Handwriting Identification By Fragmenting Strokes, Joshua Jude Thomas

<strong> Theses and Dissertations </strong>

This study tests the effectiveness of Multi-Script Handwriting Identification after simplifying character strokes, by segmenting them into sub-parts. Character simplification is performed through splitting the character by branching-points and end-points, a process called stroke fragmentation in this study. The resulting sub-parts of the character are called stroke fragments and are evaluated individually to identify the writer. This process shares similarities with the concept of stroke decomposition in Optical Character Recognition which attempts to recognize characters through the writing strokes that make them up. The main idea of this study is that the characters of different writing‑scripts (English, Chinese, etc.) may …

Security And Interpretability In Large Language Models, Lydia Danas

Undergraduate Honors Theses

Large Language Models (LLMs) have the capability to model long-term dependencies in sequences of tokens, and are consequently often utilized to generate text through language modeling. These capabilities are increasingly being used for code generation tasks; however, LLM-powered code generation tools such as GitHub's Copilot have been generating insecure code and thus pose a cybersecurity risk. To generate secure code we must first understand why LLMs are generating insecure code. This non-trivial task can be realized through interpretability methods, which investigate the hidden state of a neural network to explain model outputs. A new interpretability method is rationales, which obtains …

Detection Of Jamming Attacks In Vanets, Thomas Justice

Undergraduate Honors Theses

A vehicular network is a type of communication network that enables vehicles to communicate with each other and the roadside infrastructure. The roadside infrastructure consists of fixed nodes such as roadside units (RSUs), traffic lights, road signs, toll booths, and so on. RSUs are devices equipped with communication capabilities that allow vehicles to obtain and share real-time information about traffic conditions, weather, road hazards, and other relevant information. These infrastructures assist in traffic management, emergency response, smart parking, autonomous driving, and public transportation to improve roadside safety, reduce traffic congestion, and enhance the overall driving experience. However, communication between the …

An In-Network Approach For Pmu Missing Data Recovery With Data Plane Programmability, Jack Norris

Computer Science and Computer Engineering Undergraduate Honors Theses

Phasor measurement unit (PMU) systems often experience unavoidable missing and erroneous measurements, which undermine power system observability and operational effectiveness. Traditional solutions for recovering missing PMU data employ a centralized approach at the control center, resulting in lengthy recovery times due to data transmission and aggregation. In this work, we leverage P4-based programmable networks to expedite missing data recovery. Our approach utilizes the data plane programmability offered by P4 to present an in-network solution for PMU data recovery. We establish a data-plane pipeline on P4 switches, featuring a customized PMU protocol parser, a missing data detection module, and an auto-regressive …

Side Channel Detection Of Pc Rootkits Using Nonlinear Phase Space, Rebecca Clark

Honors Theses

Cyberattacks are increasing in size and scope yearly, and the most effective and common means of attack is through malicious software executed on target devices of interest. Malware threats vary widely in terms of behavior and impact and, thus, effective methods of detection are constantly being sought from the academic research community to offset both volume and complexity. Rootkits are malware that represent a highly feared threat because they can change operating system integrity and alter otherwise normally functioning software. Although normal methods of detection that are based on signatures of known malware code are the standard line of defense, …

An Analysis And Ontology Of Teaching Methods In Cybersecurity Education, Sarah Buckley

LSU Master's Theses

The growing cybersecurity workforce gap underscores the urgent need to address deficiencies in cybersecurity education: the current education system is not producing competent cybersecurity professionals, and current efforts are not informing the non-technical general public of basic cybersecurity practices. We argue that this gap is compounded by a fundamental disconnect between cybersecurity education literature and established education theory. Our research addresses this issue by examining the alignment of cybersecurity education literature concerning educational methods and tools with education literature.

In our research, we endeavor to bridge this gap by critically analyzing the alignment of cybersecurity education literature with education theory. …

An Efficient Privacy-Preserving Framework For Video Analytics, Tian Zhou

Doctoral Dissertations

With the proliferation of video content from surveillance cameras, social media, and live streaming services, the need for efficient video analytics has grown immensely. In recent years, machine learning based computer vision algorithms have shown great success in various video analytic tasks. Specifically, neural network models have dominated in visual tasks such as image and video classification, object recognition, object detection, and object tracking. However, compared with classic computer vision algorithms, machine learning based methods are usually much more compute-intensive. Powerful servers are required by many state-of-the-art machine learning models. With the development of cloud computing infrastructures, people are able …

A Study On Ethical Hacking In Cybersecurity Education Within The United States, Jordan Chew

Master's Theses

As the field of computer security continues to grow, it becomes increasingly important to educate the next generation of security professionals. However, much of the current education landscape primarily focuses on teaching defensive skills. Teaching offensive security, otherwise known as ethical hacking, is an important component in the education of all students who hope to contribute to the field of cybersecurity. Doing so requires a careful consideration of what ethical, legal, and practical issues arise from teaching students skills that can be used to cause harm. In this thesis, we first examine the current state of cybersecurity education in the …

Student Attitudes And Intentions To Use Continuous Authentication Methods Applied To Mitigate Impersonation Attacks During E-Assessments, Andrea E. Green

CCE Theses and Dissertations

No solution can ultimately eliminate cheating in online courses. However, universities reserve funding for authentication systems to minimize the threat of cheating in online courses. Most higher education institutions use a combination of authentication methods to secure systems against impersonation attacks during online examinations. Authentication technologies ensure that an online course is protected from impersonation attacks. However, it is important that authentication methods secure systems against impersonation attacks with minimal disruption during an examination. Authentication methods applied to secure e-assessments against impersonation attacks may impact a student’s attitude and intentions to use the e-examination system.

In this regard, the research …

How Increased Ransomware Attacks Have Impacted Hospitals In The United States, Mackenzie Dotson

Theses, Dissertations and Capstones

Introduction: The healthcare industry, particularly hospitals, have fallen prey to the alarming rise of ransomware attacks. In recent years, highly sophisticated cybergroups, armed with substantial funds and advanced technology, have intensified their focus on hospitals. Despite the advice against it, most hospitals have paid the ransom in order to regain access to their electronic systems and patient data, underlining the severity of these attacks.

Purpose of the Study: The purpose of this research was to evaluate the effects of ransomware attacks on hospitals in the US to determine if the patients were at risk due to hackers withholding patient information …

Designing An Artificial Immune Inspired Intrusion Detection System, William Hosier Anderson

Theses and Dissertations

The domain of Intrusion Detection Systems (IDS) has witnessed growing interest in recent years due to the escalating threats posed by cyberattacks. As Internet of Things (IoT) becomes increasingly integrated into our every day lives, we widen our attack surface and expose more of our personal lives to risk. In the same way the Human Immune System (HIS) safeguards our physical self, a similar solution is needed to safeguard our digital self. This thesis presents the Artificial Immune inspired Intrusion Detection System (AIS-IDS), an IDS modeled after the HIS. This thesis proposes an architecture for AIS-IDS, instantiates an AIS-IDS model …

A Conceptual Decentralized Identity Solution For State Government, Martin Duclos

Theses and Dissertations

In recent years, state governments, exemplified by Mississippi, have significantly expanded their online service offerings to reduce costs and improve efficiency. However, this shift has led to challenges in managing digital identities effectively, with multiple fragmented solutions in use. This paper proposes a Self-Sovereign Identity (SSI) framework based on distributed ledger technology. SSI grants individuals control over their digital identities, enhancing privacy and security without relying on a centralized authority. The contributions of this research include increased efficiency, improved privacy and security, enhanced user satisfaction, and reduced costs in state government digital identity management. The paper provides background on digital …

Enhanced Content-Based Fake News Detection Methods With Context-Labeled News Sources, Duncan Arnfield

Electronic Theses and Dissertations

This work examined the relative effectiveness of multilayer perceptron, random forest, and multinomial naïve Bayes classifiers, trained using bag of words and term frequency-inverse dense frequency transformations of documents in the Fake News Corpus and Fake and Real News Dataset. The goal of this work was to help meet the formidable challenges posed by proliferation of fake news to society, including the erosion of public trust, disruption of social harmony, and endangerment of lives. This training included the use of context-categorized fake news in an effort to enhance the tools’ effectiveness. It was found that term frequency-inverse dense frequency provided …

Ensuring Non-Repudiation In Long-Distance Constrained Devices, Ethan Blum

Honors Theses

Satellite communication is essential for the exploration and study of space. Satellites allow communications with many devices and systems residing in space and on the surface of celestial bodies from ground stations on Earth. However, with the rise of Ground Station as a Service (GsaaS), the ability to efficiently send action commands to distant satellites must ensure non-repudiation such that an attacker is unable to send malicious commands to distant satellites. Distant satellites are also constrained devices and rely on limited power, meaning security on these devices is minimal. Therefore, this study attempted to propose a novel algorithm to allow …

Towards Robust Long-Form Text Generation Systems, Kalpesh Krishna

Doctoral Dissertations

Text generation is an important emerging AI technology that has seen significant research advances in recent years. Due to its closeness to how humans communicate, mastering text generation technology can unlock several important applications such as intelligent chat-bots, creative writing assistance, or newer applications like task-agnostic few-shot learning. Most recently, the rapid scaling of large language models (LLMs) has resulted in systems like ChatGPT, capable of generating fluent, coherent and human-like text. However, despite their remarkable capabilities, LLMs still suffer from several limitations, particularly when generating long-form text. In particular, (1) long-form generated text is filled with factual inconsistencies to …

Quantifying And Enhancing The Security Of Federated Learning, Virat Vishnu Shejwalkar

Doctoral Dissertations

Federated learning is an emerging distributed learning paradigm that allows multiple users to collaboratively train a joint machine learning model without having to share their private data with any third party. Due to many of its attractive properties, federated learning has received significant attention from academia as well as industry and now powers major applications, e.g., Google's Gboard and Assistant, Apple's Siri, Owkin's health diagnostics, etc. However, federated learning is yet to see widespread adoption due to a number of challenges. One such challenge is its susceptibility to poisoning by malicious users who aim to manipulate the joint machine learning …

Evaluating Attack Surface Management In An Industrial Control System (Ics) Environment: Leveraging A Recon Ftw For Threat Classification And Incident Response, Nathalia De Sa Soares

LSU Master's Theses

Protecting Industrial Control Systems (ICS) from cyber threats is paramount to
ensure the reliability and security of critical infrastructure. Organizations must proactively identify vulnerabilities and strengthen their incident response capabilities as attack vectors evolve. This research explores implementing an Attack Surface Management (ASM) approach, utilizing Recon FTW, to assess an operating ICS environment’s security posture comprehensively.
The primary objective of this research is to develop a tool for performing recon-
naissance in an ICS environment with a non-intrusive approach, enabling the realistic simulation of potential threat scenarios and the identification of critical areas requiring immediate attention and remediation. We aim …

A Smart Chatbot System For Digitizing Service Management To Improve Business Continuity, Asraa Mohammed Albeshr

Theses

Chatbots, also called digital systems that require a natural language-based interface for user interaction, are increasingly being integrated into our daily lives. These chatbots respond intelligently to voice and text and function as sophisticated entities. Its functioning includes the recognition of multiple human languages through the application of Natural Language Processing (NLP) techniques. These chatbots find applications in various areas such as e-commerce services, medical assistance, recommendation systems, and educational purposes. This reflects the versatility and widespread adoption of this technology. AI chatbots play a crucial role in improving IT support in IT Service Management (ITSM) for better business continuity. …

Identity Management Pki System Using Blockchain, Mohamed Abdel Fattah Abdel Baki Awad

Theses and Dissertations

Identity management is one of the most important topics in the security field. Public Key Infrastructure (PKI) is the most commonly used approach in legally identity management systems. PKI systems have many centralized services that might affect the availability and trustworthiness of the system. Issues related to certificate verification methods such as Certificate Revocation List (CRL) and Online Certificate Status Protocol (OCSP) can be avoided if blockchain is used. Blockchain is a decentralized trusted system where data can only be appended to a public ledger. Edits are not allowed in blockchain. Blockchain consists of several nodes all of them have …

Learning Representations For Effective And Explainable Software Bug Detection And Fixing, Yi Li

Dissertations

Software has an integral role in modern life; hence software bugs, which undermine software quality and reliability, have substantial societal and economic implications. The advent of machine learning and deep learning in software engineering has led to major advances in bug detection and fixing approaches, yet they fall short of desired precision and recall. This shortfall arises from the absence of a 'bridge,' known as learning code representations, that can transform information from source code into a suitable representation for effective processing via machine and deep learning.

This dissertation builds such a bridge. Specifically, it presents solutions for effectively learning …

Fortifying Robustness: Unveiling The Intricacies Of Training And Inference Vulnerabilities In Centralized And Federated Neural Networks, Guanxiong Liu

Dissertations

Neural network (NN) classifiers have gained significant traction in diverse domains such as natural language processing, computer vision, and cybersecurity, owing to their remarkable ability to approximate complex latent distributions from data. Nevertheless, the conventional assumption of an attack-free operating environment has been challenged by the emergence of adversarial examples. These perturbed samples, which are typically imperceptible to human observers, can lead to misclassifications by the NN classifiers. Moreover, recent studies have uncovered the ability of poisoned training data to generate Trojan backdoored classifiers that exhibit misclassification behavior triggered by predefined patterns.

In recent years, significant research efforts have been …

Program Analysis For Android Security And Reliability, Sydur Rahaman

Dissertations

The recent, widespread growth and adoption of mobile devices have revolutionized the way users interact with technology. As mobile apps have become increasingly prevalent, concerns regarding their security and reliability have gained significant attention. The ever-expanding mobile app ecosystem presents unique challenges in ensuring the protection of user data and maintaining app robustness. This dissertation expands the field of program analysis with techniques and abstractions tailored explicitly to enhancing Android security and reliability. This research introduces approaches for addressing critical issues related to sensitive information leakage, device and user fingerprinting, mobile medical score calculators, as well as termination-induced data loss. …

Cyber Attack Surface Mapping For Offensive Security Testing, Douglas Everson

All Dissertations

Security testing consists of automated processes, like Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST), as well as manual offensive security testing, like Penetration Testing and Red Teaming. This nonautomated testing is frequently time-constrained and difficult to scale. Previous literature suggests that most research is spent in support of improving fully automated processes or in finding specific vulnerabilities, with little time spent improving the interpretation of the scanned attack surface critical to nonautomated testing. In this work, agglomerative hierarchical clustering is used to compress the Internet-facing hosts of 13 representative companies as collected by the Shodan search …

On Phishing: Proposing A Host-Based Multi-Layer Passive/Active Anti-Phishing Approach Combating Counterfeit Websites, Wesam Harbi Fadheel

Dissertations

Phishing is the starting point of most cyberattacks, mainly categorized as Email, Websites, Social Networks, Phone calls (Vishing), and SMS messaging (Smishing). Phishing refers to an attempt to collect sensitive data, typically in the form of usernames, passwords, credit card numbers, bank account information, etc., or other crucial facts, intending to use or sell the information obtained. Similar to how a fisherman uses bait to catch a fish, an attacker will pose as a trustworthy source to attract and deceive the victim.

This study explores the efficacy of host-side APT (Anti-Phishing Techniques) based onWebsite features like Lexical, Host-Based, or Content-Based …

Reinforcing Digital Trust For Cloud Manufacturing Through Data Provenance Using Ethereum Smart Contracts, Trupti Narayan Rane

Engineering Management & Systems Engineering Theses & Dissertations

Cloud Manufacturing(CMfg) is an advanced manufacturing model that caters to fast-paced agile requirements (Putnik, 2012). For manufacturing complex products that require extensive resources, manufacturers explore advanced manufacturing techniques like CMfg as it becomes infeasible to achieve high standards through complete ownership of manufacturing artifacts (Kuan et al., 2011). CMfg, with other names such as Manufacturing as a Service (MaaS) and Cyber Manufacturing (NSF, 2020), addresses the shortcoming of traditional manufacturing by building a virtual cyber enterprise of geographically distributed entities that manufacture custom products through collaboration.

With manufacturing venturing into cyberspace, Digital Trust issues concerning product quality, data, and intellectual …

Framework For Assessing Information System Security Posture Risks, Syed Waqas Hamdani

Electronic Thesis and Dissertation Repository

In today’s data-driven world, Information Systems, particularly the ones operating in regulated industries, require comprehensive security frameworks to protect against loss of confidentiality, integrity, or availability of data, whether due to malice, accident or otherwise. Once such a security framework is in place, an organization must constantly monitor and assess the overall compliance of its systems to detect and rectify any issues found. This thesis presents a technique and a supporting toolkit to first model dependencies between security policies (referred to as controls) and, second, devise models that associate risk with policy violations. Third, devise algorithms that propagate risk when …

A Multimodal Immune System Inspired Defense Architecture For Detecting And Deterring Digital Pathogens In Container Hosted Web Services, Islam Khalil

Theses and Dissertations

With the increased use of web technologies, microservices, and Application Programming Interface (API) for integration between systems, and with the development of containerization of services on operating system level as a method of isolating system execution and for easing the deployment and scaling of systems, there is a growing need as well as opportunities for providing platforms that improve the security of such services. In our work, we propose an architecture for a containerization platform that utilizes various concepts derived from the human immune system. The goal of the proposed containerization platform is to introduce the concept of slowing down …

Digital Transformation In Local Governments: A Case Study Of Abu Dhabi Municipality Transport Department, Alia Sahmi Al Ahbabi

Theses

The new generation is rapidly adapting to the digital era, where government and private services are being transformed into electronic services, commonly known as Eservices. Cities are leveraging digitalization to streamline their business processes and business services. This digitalization has improved service delivery time and quality for individuals. With digitalization, business processes align with technology, enhancing performance and customer satisfaction. However, there are challenges associated with digitalization, particularly people working in various municipality departments who find it challenging to adapt to digitization. Employees may take time to adjust to the new techniques and technologies, which may hamper the actions of …