Information Security Commons^™

A Study On Ethical Hacking In Cybersecurity Education Within The United States, Jordan Chew

Master's Theses

As the field of computer security continues to grow, it becomes increasingly important to educate the next generation of security professionals. However, much of the current education landscape primarily focuses on teaching defensive skills. Teaching offensive security, otherwise known as ethical hacking, is an important component in the education of all students who hope to contribute to the field of cybersecurity. Doing so requires a careful consideration of what ethical, legal, and practical issues arise from teaching students skills that can be used to cause harm. In this thesis, we first examine the current state of cybersecurity education in the …

Rattus Norvegicus As A Biological Detector Of Clandestine Remains And The Use Of Ultrasonic Vocalizations As A Locating Mechanism, Gabrielle M. Johnston

Master's Theses

In investigations, locating missing persons and clandestine remains are imperative. One way that first responder and police agencies can search for the remains is by using cadaver dogs as biological detectors. Cadaver dogs are typically used due to their olfactory sensitivity and ability to detect low concentrations of volatile organic compounds produced by biological remains. Cadaver dogs are typically chosen for their stamina, agility, and olfactory sensitivity. However, what is not taken into account often is the size of the animal and the expense of maintaining and training the animal. Cadaver dogs are typically large breeds that cannot fit in …

Trace Dna Detection Using Diamond Dye: A Recovery Technique To Yield More Dna, Leah Davis

Master's Theses

This study aspires to find a new screening approach to trace DNA recovery techniques to yield a higher quantity of trace DNA from larger items of evidence. It takes the path of visualizing trace DNA on items of evidence with potential DNA so analysts can swab a more localized area rather than attempting to recover trace DNA through the general swabbing technique currently used for trace DNA recovery. The first and second parts consisted of observing trace DNA interaction with Diamond Dye on porous and non-porous surfaces.

The third part involved applying the Diamond Dye solution by spraying it onto …

Post Pandemic Cyberbiosecurity Threats From Terrorist Groups, Haley D. Dodge

Master's Theses

The research in this thesis explored the research question: Are United States (US) health systems accessible to cyber-bio terrorist attacks post-pandemic, within the context of the emerging discipline of cyberbiosecurity? Key findings of the analysis demonstrated how US health systems are more accessible to cyber-bio terrorist attacks specifically from cyber hacking groups based on the increasing sophistication of their cyber capabilities and the lack of cyber protection for biological systems. The concept of cyberbiosecurity was first introduced in 2018 by researchers exploring the converging threat landscape of the cyber and biology domains. As biology is growing more dependent upon vulnerable …

Mining Bitcoin To Avoid Sanctions, Tyler C. Lubin

Master's Theses

Though the world’s first cryptocurrency, Bitcoin, was introduced over a decade ago, it was not until recently that it became a mainstream subject. While cryptocurrencies offer many advantages, a potential downside for governments, is that no central bank controls the monetary policy and new coins can be mined by anyone anywhere in the world. Governments have always been deeply involved with how a their countries’ currency is ran and the policies they create are meant to keep a currencies’ value stable and make sure other factors like inflation is under control. Even though as of 2021, there were well over …

The Affect Of Globalization On Terrorism, Philip R. Passante

Master's Theses

This thesis proposal will dive into the concept of terrorism and how it is an act of force and has proven to be detrimental to the modern world. In addition, this thesis will analyze the concept of terrorism as well as the rationale behind it. It is important to understand and study this as terrorism is a complex entity made up of different themes. The concentration of this thesis will highlight how globalization has affected the phenomena of terrorism in the past, present, and ultimately the future. Globalization and terrorism have a relationship that many scholars and researchers have noticed. …

Clustering Web Users By Mouse Movement To Detect Bots And Botnet Attacks, Justin L. Morgan

Master's Theses

The need for website administrators to efficiently and accurately detect the presence of web bots has shown to be a challenging problem. As the sophistication of modern web bots increases, specifically their ability to more closely mimic the behavior of humans, web bot detection schemes are more quickly becoming obsolete by failing to maintain effectiveness. Though machine learning-based detection schemes have been a successful approach to recent implementations, web bots are able to apply similar machine learning tactics to mimic human users, thus bypassing such detection schemes. This work seeks to address the issue of machine learning based bots bypassing …

Towards Security And Privacy In Networked Medical Devices And Electronic Healthcare Systems, Isabel Jellen

Master's Theses

E-health is a growing eld which utilizes wireless sensor networks to enable access to effective and efficient healthcare services and provide patient monitoring to enable early detection and treatment of health conditions. Due to the proliferation of e-health systems, security and privacy have become critical issues in preventing data falsification, unauthorized access to the system, or eavesdropping on sensitive health data. Furthermore, due to the intrinsic limitations of many wireless medical devices, including low power and limited computational resources, security and device performance can be difficult to balance. Therefore, many current networked medical devices operate without basic security services such …

Predictors Of Ransomware From Binary Analysis, Aaron M. Otis

Master's Theses

Ransomware, a type of malware that extorts payment from a victim by encrypting her data, is a growing threat that is becoming more sophisticated with each generation. Attackers have shifted from targeting individuals to entire organizations, raising extortions from hundreds of dollars to hundreds of thousands of dollars. In this work, we analyze a variety of ransomware and benign software binaries in order to identify indicators that may be used to detect ransomware. We find that several combinations of strings, cryptographic constants, and a large number loops are key indicators useful for detecting ransomware.

The Performance Cost Of Security, Lucy R. Bowen

Master's Theses

Historically, performance has been the most important feature when optimizing computer hardware. Modern processors are so highly optimized that every cycle of computation time matters. However, this practice of optimizing for performance at all costs has been called into question by new microarchitectural attacks, e.g. Meltdown and Spectre. Microarchitectural attacks exploit the effects of microarchitectural components or optimizations in order to leak data to an attacker. These attacks have caused processor manufacturers to introduce performance impacting mitigations in both software and silicon.

To investigate the performance impact of the various mitigations, a test suite of forty-seven different tests was created. …

Analyzing Global Cyber Attack Correlates Through An Open Database, Brady Benjamin Aiello

Master's Theses

As humanity becomes more reliant on digital storage and communication for every aspect of life, cyber attacks pose a growing threat. However, cyber attacks are generally understood as individual incidents reported in technological circles, sometimes tied to a particular vulnerability. They are not generally understood through the macroscopic lens of statistical analysis spanning years over several countries and sectors, leaving researchers largely ignorant of the larger trends and correlates between attacks. This is large part due to the lack of a coherent and open database of prominent attacks. Most data about cyber attacks has been captured using a repository of …

Categorizing Blog Spam, Brandon Bevans

Master's Theses

The internet has matured into the focal point of our era. Its ecosystem is vast, complex, and in many regards unaccounted for. One of the most prevalent aspects of the internet is spam. Similar to the rest of the internet, spam has evolved from simply meaning ‘unwanted emails’ to a blanket term that encompasses any unsolicited or illegitimate content that appears in the wide range of media that exists on the internet.

Many forms of spam permeate the internet, and spam architects continue to develop tools and methods to avoid detection. On the other side, cyber security engineers continue to …

Gpuhelib And Distributedhelib: Distributed Computing Variants Of Helib, A Homomorphic Encryption Library, Ethan Andrew Frame

Master's Theses

Homomorphic Encryption, an encryption scheme only developed in the last five years, allows for arbitrary operations to be performed on encrypted data. Using this scheme, a user can encrypt data, and send it to an online service. The online service can then perform an operation on the data and generate an encrypted result. This encrypted result is then sent back to the user, who decrypts it. This decryption produces the same data as if the operation performed by the online service had been performed on the unencrypted data. This is revolutionary because it allows for users to rely on online …

Defy: A Deniable File System For Flash Memory, Timothy M. Peters

Master's Theses

While solutions for file system encryption can prevent an adversary from determining the contents of files, in situations where a user wishes to hide even the existence of data, encryption alone is not enough. Indeed, encryption may draw attention to those files, as they most likely contain information the user wishes to keep secret, and coercion can be a very strong motivator for the owner of an encrypted file system to surrender their secret key.

Herein we present DEFY, a deniable file system designed to work exclusively with solid-state drives, particularly those found in mobile devices. Solid-state drives have unique …

A Novel Distributed Denial-Of-Service Detection Algorithm, Brett Tsudama

Master's Theses

The applicability of implementing Ratio-based SYN Flood Detection (RSD) on a network processor is explored, and initial results are presented.