Information Security Commons^™

Design Of Personnel Big Data Management System Based On Blockchain, Houbing Song, Jian Chen, Zhihan Lv

Houbing Song

With the continuous development of information technology, enterprises, universities and governments are constantly stepping up the construction of electronic personnel information management system. The information of hundreds of thousands or even millions of people’s information are collected and stored into the system. So much information provides the cornerstone for the development of big data, if such data is tampered with or leaked, it will cause irreparable serious damage. However, in recent years, electronic archives have exposed a series of problems such as information leakage, information tampering, and information loss, which has made the reform of personnel information management more and …

Suas: Cybersecurity Threats, Vulnerabilities, And Exploits, Philip Craiger, Gary Kessler, William Rose

J. Philip Craiger, Ph.D.

The FAA predicts that purchases of hobbyist small unmanned aerial systems (sUAS) will grow from 1.9 million in 2016 to 4.3 million by 2020, and commercial sUAS to increase from 600,000 in 2016 to 2.7 million by 2020. sUAS, often referred to as 'drones,' are comprised of aeronautical hardware, a CPU, RAM, onboard storage, radio frequency communications, sensors, a camera, and a controller used by the pilot-in-command (PIC). Some have argued that a sUAS is essentially a flying computer. As such, sUAS are sometimes susceptible to many of the types of attacks that are often used on PC-based computers attached …

Older Adults And The Authenticity Of Emails.Docx, Premankit Sannd, David M. Cook

Dr. David M Cook

Cross-Referencing Social Media And Public Surveillance Camera Data For Disaster Response, Chittayong Surakitbanharn,, Calvin Yau, Guizhen Wang, Aniesh Chawla, Yinuo Pan, Zhaoya Sun, Sam Yellin, David Ebert, Yung-Hsiang Lu, George K. Thiruvathukal

George K. Thiruvathukal

Physical media (like surveillance cameras) and social media (like Instagram and Twitter) may both be useful in attaining on-the-ground information during an emergency or disaster situation. However, the intersection and reliability of both surveillance cameras and social media during a natural disaster are not fully understood. To address this gap, we tested whether social media is of utility when physical surveillance cameras went off-line during Hurricane Irma in 2017. Specifically, we collected and compared geo-tagged Instagram and Twitter posts in the state of Florida during times and in areas where public surveillance cameras went off-line. We report social media content …

Haptic Alternatives For Mobile Device Authentication By Older Technology Users, David M. Cook, Kulwinder Kaur

Dr. David M Cook

Tactful Inattention: Erving Goffman, Privacy In The Digital Age, And The Virtue Of Averting One's Eyes, Elizabeth De Armond

Elizabeth De Armond

No abstract provided.

Feature Selection In Intrusion Detection System Over Mobile Ad-Hoc Network, Xia Wang, Tu-Liang Lin, Johnny S. Wong

Johnny Wong

As Mobile ad-hoc network (MANET) has become a very important technology the security problem, especially, intrusion detection technique research has attracted many people�s effort. MANET is more vulnerable than wired network and suffers intrusion like wired network. This paper investigated some intrusion detection techniques using machine learning and proposed a profile based neighbor monitoring intrusion detection method. Further analysis shows that the features collected by each node are too many for wireless devices with limited capacity. We apply Markov Blanket algorithm [1] to the feature selection of the intrusion detection method. Experimental studies have shown that Markov Blanket algorithm can …

The Methodology For Evaluating Response Cost For Intrusion Response Systems, Christopher Roy Strasburg, Natalia Stakhanova, Samik Basu, Johnny S. Wong

Johnny Wong

Recent advances in the field of intrusion detection brought new requirements to intrusion prevention and response. Traditionally, the response to the detected attack was selected and deployed manually, in the recent years the focus has shifted towards developing automated and semi-automated methodologies for responding to intrusions. In this context, the cost-sensitive intrusion response models have gained the most interest mainly due to their emphasis on the balance between potential damage incurred by the intrusion and cost of the response. However, one of the challenges in applying this approach is defining consistent and adaptable measurement of these cost factors on the …

A Taxonomy Of Intrusion Response Systems, Natalia Stakhanova, Samik Basu, Johnny S. Wong

Johnny Wong

Recent advances in intrusion detection field brought new requirements to intrusion prevention and response. Traditionally, the response to an attack was manually triggered by an administrator. However, increased complexity and speed of the attack-spread during recent years showed acute necessity for complex dynamic response mechanisms. Although intrusion detection systems are being actively developed, research efforts in intrusion response are still isolated. In this work we present taxonomy of intrusion response systems, together with a review of current trends in intrusion response research. We also provide a set of essential fetures as a requirement for an ideal intrusion response system.

Network Connection Blocker, Method, And Computer Readable Memory For Monitoring Connections In A Computer Network And Blocking The Unwanted Connections, Douglas W. Jacobson, James A. Davis

Douglas Jacobson

A network connection blocker for monitoring connections between host computers in a network and blocking the unwanted connections. The host computers transmit connection packets between each other in accordance with a network protocol suite when seeking to establish, providing network services with, and close the connections. The network protocol suite includes a connection oriented transport layer protocol. The network connection blocker comprises a network interface that receives the connection packets transmitted between the host computers. It also comprises a blocking module that processes the received connection packets to detect the unwanted connections. The blocking module then generates connection packets in …

Ispy: Threats To Individual And Institutional Privacy In The Digital World, Lori Andrews

Lori B. Andrews

An Overview Of Cryptography (Updated Version 26 February 2017), Gary C. Kessler

Gary C. Kessler

There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting health care information. One essential aspect for secure communications is that of cryptography. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. The reader is advised, then, that the topics covered here only describe the first of many steps necessary for better security in any number of situations.

From Enrollment To Employment: A Dacum Approach To Information Systems And Information Security And Assurance Curriculum Design, Leila Halawi, Wendi M. Kappers, Aaron Glassman

Wendi M. Kappers, PhD

Issues associated with information security are numerous and diverse. Since the majority of organizational actions rely greatly on information and communication technologies, Information Systems (IS) security is now a main concern for firms, governments, institutes, and society as a whole. As a result, a plethora of graduate programs have been created, covering nearly every aspect of IS security. The authors review the current state of the IS industry presented in the literature, and identify a panel of IS experts in which to explore current job skill needs using a “Developing a Curriculum,” DACUM, process to support curriculum design for two …

Chapter Five: The San Bernardino Iphone Case, Tracy Mitrano

Tracy Mitrano

Chapter Four: Information Security, Tracy Mitrano

Tracy Mitrano

No abstract provided.

Chapter One: Free Speech, Tracy Mitrano

Tracy Mitrano

No abstract provided.

Utilizing The Technology Acceptance Model To Assess The Employee Adoption Of Information Systems Security Measures, Cynthia M. Jones, Richard V. Mccarthy, Leila Halawi, Bahaudin Mujtaba

Leila A. Halawi

In this study, the factors that affect employee acceptance of information systems security measures were examined by extending the Technology Acceptance Model. Partial least squares structural equation modeling was applied to examine these factors. 174 valid responses from employees from companies in various industry segments in the United States and Canada were analyzed. The results of the statistical analysis indicate that subjective norm moderated by management support showed the strongest effect on intention to use information systems security measures.

From Enrollment To Employment: A Dacum Approach To Information Systems And Information Security And Assurance Curriculum Design, Leila Halawi, Wendi M. Kappers, Aaron Glassman

Leila A. Halawi

Issues associated with information security are numerous and diverse. Since the majority of organizational actions rely greatly on information and communication technologies, Information Systems (IS) security is now a main concern for firms, governments, institutes, and society as a whole. As a result, a plethora of graduate programs have been created, covering nearly every aspect of IS security. The authors review the current state of the IS industry presented in the literature, and identify a panel of IS experts in which to explore current job skill needs using a “Developing a Curriculum,” DACUM, process to support curriculum design for two …

Cyberspace: A Venue For Terrorism, David Bieda, Leila Halawi

Leila A. Halawi

This paper discusses how cyberspace has become a venue for terrorists groups for recruiting and proliferating propaganda and terrorism. Moreover, this study explores how the low cost Internet infrastructure and social media sites (such as Facebook, Twitter, and YouTube) have contributed to their networking and operations due to the convenience, in terms of availability, accessibility, message redundancy, ease of use, and the inability to censor content. Concepts such as cyber-weapons, cyber-attacks, cyber-war, and cyber-terrorism are presented and explored to assess how terrorist groups are exploiting cyberspace.

User Interface Design, Moritz Stefaner, Sebastien Ferre, Saverio Perugini, Jonathan Koren, Yi Zhang

Saverio Perugini

As detailed in Chap. 1, system implementations for dynamic taxonomies and faceted search allow a wide range of query possibilities on the data. Only when these are made accessible by appropriate user interfaces, the resulting applications can support a variety of search, browsing and analysis tasks. User interface design in this area is confronted with specific challenges. This chapter presents an overview of both established and novel principles and solutions.

Program Transformations For Information Personalization, Saverio Perugini, Naren Ramakrishnan

Saverio Perugini

Personalization constitutes the mechanisms necessary to automatically customize information content, structure, and presentation to the end user to reduce information overload. Unlike traditional approaches to personalization, the central theme of our approach is to model a website as a program and conduct website transformation for personalization by program transformation (e.g., partial evaluation, program slicing). The goal of this paper is study personalization through a program transformation lens and develop a formal model, based on program transformations, for personalized interaction with hierarchical hypermedia. The specific research issues addressed involve identifying and developing program representations and transformations suitable for classes of hierarchical …

Book Review: No Place To Hide, Gary C. Kessler

Gary C. Kessler

This document is Dr. Kessler's review of No Place to Hide, by Robert O'Harrow, Jr. Free Press, 2006. ISBN 0-7432-8705-3.

Book Review: Conquest In Cyberspace: National Security And Information Warfare, Gary C. Kessler

Gary C. Kessler

This document is Dr. Kessler's review of Conquest in Cyberspace: National Security and Information Warfare, by Martin C. Libicki. Cambridge University Press, 2007. ISBN 978-0-521-69214-4

Book Review: Challenges To Digital Forensic Evidence, Gary C. Kessler

Gary C. Kessler

This document is Dr. Kessler's review of Challenges to Digital Forensic Evidence, by Fred Cohen. Fred Cohen & Associates, 2008. ISBN 1-878109-41-3

Book Review: The Dotcrime Manifesto: How To Stop Internet Crime, Gary C. Kessler

Gary C. Kessler

This document is Dr. Kessler's review of The dotCrime Manifesto: How to Stop Internet Crime, by Phillip Hallam-Baker. Addison-Wesley, 2008. ISBN: 0-321-50358-9

Book Review: Mac Os X, Ipod, And Iphone Forensic Analysis Dvd Toolkit, Gary C. Kessler

Gary C. Kessler

This document is Dr. Kessler's review of MAC OS X, iPod, and iPhone Forensic Analysis DVD Toolkit, edited by Jesse Varsalone. Syngress, 2009. ISBN: 978-1-59749-297-3.

Book Review: Cyber Security And Global Information Assurance: Threat Analysis And Response Solutions, Gary C. Kessler

Gary C. Kessler

This document is Dr. Kessler's review of Cyber Security and Global Information Assurance: Threat Analysis and Response Solutions, edited by Kenneth J. Knapp. Information Science Reference, 2009. ISBN: 978-1-60566-326-5.

An Overview Of Steganography For The Computer Forensics Examiner (Updated Version, February 2015), Gary C. Kessler

Gary C. Kessler

"Steganography is the art of covered or hidden writing. The purpose of steganography is covert communication-to hide the existence of a message from a third party. This paper is intended as a high-level technical introduction to steganography for those unfamiliar with the field. It is directed at forensic computer examiners who need a practical understanding of steganography without delving into the mathematics, although references are provided to some of the ongoing research for the person who needs or wants additional detail. Although this paper provides a historical context for steganography, the emphasis is on digital applications, focusing on hiding information …

Book Review: Digital Forensic Evidence Examination, Gary C. Kessler

Gary C. Kessler

This document is Dr. Kessler's review of the second edition of Digital Forensic Evidence Examination by Fred Cohen. ASP Press, 2010. ISBN: 978-1-878109-45-3

The Case For Teaching Network Protocols To Computer Forensics Examiners, Gary C. Kessler, Matt Fasulo

Gary C. Kessler

"Most computer forensics experts are well-versed in basic computer hardware technology, operating systems, common software applications, and computer forensics tools. And while many have rudimentary knowledge about the Internet and simple network-lookup tools, they are not trained in the analysis of network communication protocols and the use of packet sniffers. This paper describes digital forensics applications for network analysis and includes four case studies."