Open Access. Powered by Scholars. Published by Universities.®
- Discipline
- Keyword
-
- Public key infrastructure (Computer security) (2)
- Android (1)
- Apps (1)
- Attitude based encryption (1)
- Collegiate event (1)
-
- Computer crimes--Investigation--Research (1)
- Computer forensics (1)
- Cryptography (1)
- Cyber security (1)
- Cyberterrorism--Research (1)
- Data encryption (Computer science) (1)
- Digital forensics (1)
- Encryption (1)
- Host clustering (1)
- Machine learning (1)
- Microsoft Windows (Computer file)--Security measures (1)
- OpenPGP (1)
- PGP (Computer file) (1)
- Penetration testing (1)
- Rule-based programming (1)
- Security (1)
- Security competition (1)
- Software Engineering (1)
- Supervised learning (Machine learning) (1)
- Vulnerabilities (1)
- Web of Trust (1)
- Windows 7 (1)
- Windows 8 (1)
- Publication Type
Articles 1 - 6 of 6
Full-Text Articles in Information Security
Cptc - A Security Competition Unlike Any Other, Bill Stackpole, Daryl Johnson
Cptc - A Security Competition Unlike Any Other, Bill Stackpole, Daryl Johnson
Presentations and other scholarship
Participating in cybersecurity competitions has become increasing popular for students in higher education programs that have a focus on computing or cyber security. The Collegiate Penetration Testing Competition was developed to address the industry skills gap and assist in identifying ethically minded security personnel with experience identifying, exercising, and mitigating vulnerabilities.
Teaching Android Security Through Examples: A Publicly Available Database Of Vulnerable Apps, Daniel E. Krutz, Samuel A. Malachowsky
Teaching Android Security Through Examples: A Publicly Available Database Of Vulnerable Apps, Daniel E. Krutz, Samuel A. Malachowsky
Articles
Security is hard, and teaching security can be even harder. Here we describe a public educational activity to assist in the instruction of both students and developers in creating secure Android apps. Our set of activities includes example vulnerable applications, information about each vulnerability, steps on how to repair the vulnerabilities, and information about how to confirm that the vulnerability has been properly repaired. Our primary goal is to make these activities available to other instructors for use in their classrooms ranging from the K-12 to university settings. A secondary goal of this project is to foster interest in security …
Group Selection And Key Management Strategies For Ciphertext-Policy Attribute-Based Encryption, Russell F. Martin
Group Selection And Key Management Strategies For Ciphertext-Policy Attribute-Based Encryption, Russell F. Martin
Theses
Ciphertext-Policy Attribute-Based Encryption (CPABE) was introduced by Bethencourt, Sahai, and Waters, as an improvement of Identity Based Encryption, allowing fine grained control of access to encrypted files by restricting access to only users whose attributes match that of the monotonic access tree of the encrypted file. Through these modifications, encrypted files can be placed securely on an unsecure server, without fear of malicious users being able to access the files, while allowing each user to have a unique key, reducing the vulnerabilites associated with sharing a key between multiple users.
However, due to the fact that CPABE was designed for …
Rule-Based Conditional Trust With Openpgp., Andrew Jackson
Rule-Based Conditional Trust With Openpgp., Andrew Jackson
Theses
This thesis describes a new trust model for OpenPGP encryption. This trust model uses conditional rule-based trust to establish key validity and trust. This thesis describes "Trust Rules" that may be used to sort and categorize keys automatically without user interaction. "Trust Rules" are also capable of integrating key revocation status into its calculations so it too is automated. This thesis presents that conditional trust established through "Trust Rules" can enforce stricter security while reducing the burden of use and automating the process of key validity, trust, and revocation.
A Forensic Comparison: Windows 7 And Windows 8, Peter J. Wilson
A Forensic Comparison: Windows 7 And Windows 8, Peter J. Wilson
Theses
Whenever a new operating system or new version of an operating system is released, forensic investigators must re-examine the new operating system or new version. They do so to determine if there are significant differences that will impact and change the way they perform their investigations. With the release of Microsoft's latest operating system, Windows 8, and its update, Windows 8.1, understanding the similarities and differences between Windows 8 and previous operating systems such as Windows 7 is critical. This paper forensically examines Windows 7 and Windows 8 to determine those similarities and differences.
Segmentation And Model Generation For Large-Scale Cyber Attacks, Steven E. Strapp
Segmentation And Model Generation For Large-Scale Cyber Attacks, Steven E. Strapp
Theses
Raw Cyber attack traffic can present more questions than answers to security analysts. Especially with large-scale observables it is difficult to identify which packets are relevant and what attack behaviors are present. Many existing works in Host or Flow Clustering attempt to group similar behaviors to expedite analysis; these works often phrase the problem directly as offline unsupervised machine learning. This work proposes online processing to simultaneously model coordinating actors and segment traffic that is relevant to a target of interest, all while it is being received. The goal is not just to aggregate similar attack behaviors, but to provide …