Information Security Commons^™

Privacy Assessment Breakthrough: A Design Science Approach To Creating A Unified Methodology, Lisa Mckee

Masters Theses & Doctoral Dissertations

Recent changes have increased the need for and awareness of privacy assessments. Organizations focus primarily on Privacy Impact Assessments (PIA) and Data Protection Impact Assessments (DPIA) but rarely take a comprehensive approach to assessments or integrate the results into a privacy risk program. There are numerous industry standards and regulations for privacy assessments, but the industry lacks a simple unified methodology with steps to perform privacy assessments. The objectives of this research project are to create a new privacy assessment methodology model using the design science methodology, update industry standards and present training for conducting privacy assessments that can be …

A Dark Web Pharma Framework For A More Efficient Investigation Of Dark Web Covid-19 Vaccine Products., Francisca Afua Opoku-Boateng

Masters Theses & Doctoral Dissertations

Globally, as the COVID-19 pandemic persists, it has not just imposed a significant impact on the general well-being of individuals, exposing them to unprecedented financial hardships and online information deception. However, it has also forced consumers, buyers, and suppliers to look toward a darkened economic world – the Dark Web world – a sinister complement to the internet, driven by financial gains, where illegal goods and services are advertised sold. As the Dark Web gains an increase in recognition by normal web users during this pandemic, how to perform cybercrime investigations on the Dark Web becomes challenging for manufacturers, investigators, …

An Application Of Machine Learning To Analysis Of Packed Mac Malware, Kimo Bumanglag

Masters Theses & Doctoral Dissertations

The macOS operating system is increasingly targeted by malware. Software written for macOS, both benign and malicious, is in the Mach-O executable format. Malware authors may frustrate analysts through obfuscation methods such as packing. The field of malware research on Windows is well-established but is less so on the macOS platform. Thus far, no research has been identified that studies how machine learning can be used to detected packed Mach-O malware. This research applies supervised machine learning techniques to the classification of packed Mach-O malware. This research will answer three research questions. First, whether machine learning can classify packed Mach-O …

A False Sense Of Security - Organizations Need A Paradigm Shift On Protecting Themselves Against Apts, Srinivasulu R. Vuggumudi

Masters Theses & Doctoral Dissertations

Organizations Advanced persistent threats (APTs) are the most complex cyberattacks and are generally executed by cyber attackers linked to nation-states. The motivation behind APT attacks is political intelligence and cyber espionage. Despite all the awareness, technological advancements, and massive investment, the fight against APTs is a losing battle for organizations. An organization may implement a security strategy to prevent APTs. However, the benefits to the security posture might be negligible if the measurement of the strategy’s effectiveness is not part of the plan. A false sense of security exists when the focus is on implementing a security strategy but not …

Multi-Dimensional Security Integrity Analysis Of Broad Market Internet-Connected Cameras, Mark A. Stanislav

Masters Theses & Doctoral Dissertations

This study used a quantitative approach with a cross-sectional, descriptive analysis survey design to examine the adherence of 40 internet-connected cameras against three IoT security frameworks to determine their overall security posture. Relevant literature was reviewed showing that prior studies in a similar regard had limitations, such as a small sample population, singular market segment focus, and/or a lack of validation against formalized frameworks. This study resulted in a uniform and multi-dimensional set of findings with supporting evidence, leading to a mapping against selected IoT security frameworks that was then quantitatively analyzed for their relative adherence as individual cameras, across …

Improving Adversarial Attacks Against Malconv, Justin Burr

Masters Theses & Doctoral Dissertations

This dissertation proposes several improvements to existing adversarial attacks against MalConv, a raw-byte malware classifier for Windows PE files. The included contributions greatly improve the success rates and performance of gradient-based file overlay attacks. All improvements are included in a new open-source attack utility called BitCamo.

Several new payload initialization strategies for use with gradient-based attacks are proposed and evaluated as potential replacements for the randomized initialization method used by current attacks. An algorithm for determining the optimal payload size is also proposed. The resulting improvements achieve a 100% evasion rate against eligible target executables using an average payload size …

Aligning Recovery Objectives With Organizational Capabilities, Jude C. Ejiobi

Masters Theses & Doctoral Dissertations

To reduce or eliminate the impact of a cyber-attack on an organization, preparations to recover a failed system and/or data are usually made in anticipation of such an attack. To avoid a false sense of security, these preparations should, as closely as possible, reflect the organization’s capabilities, in order to inform future improvement and avoid unattainable goals. There is an absence of a strong basis for the selection of the metrics that are used to measure preparation. Informal and unreliable processes are widely used, and they often result in metrics that conflict with the organization’s capabilities and interests. The goal …

A Metric For Machine Learning Vulnerability To Adversarial Examples, Matt Bradley

Masters Theses & Doctoral Dissertations

Machine learning is used in myriad aspects, both in academic research and in everyday life, including safety-critical applications such as robust robotics, cybersecurity products, medial testing and diagnosis where a false positive or negative could have catastrophic results. Despite the increasing prevalence of machine learning applications and their role in critical systems we rely on daily, the security and robustness of machine learning models is still a relatively young field of research with many open questions, particularly on the defensive side of adversarial machine learning. Chief among these open questions is how best to quantify a model’s attack surface against …

Analysis Of Theoretical And Applied Machine Learning Models For Network Intrusion Detection, Jonah Baron

Masters Theses & Doctoral Dissertations

Network Intrusion Detection System (IDS) devices play a crucial role in the realm of network security. These systems generate alerts for security analysts by performing signature-based and anomaly-based detection on malicious network traffic. However, there are several challenges when configuring and fine-tuning these IDS devices for high accuracy and precision. Machine learning utilizes a variety of algorithms and unique dataset input to generate models for effective classification. These machine learning techniques can be applied to IDS devices to classify and filter anomalous network traffic. This combination of machine learning and network security provides improved automated network defense by developing highly-optimized …

Analyzing The Effectiveness Of Legal Regulations And Social Consequences For Securing Data, Howard B. Goodman

Masters Theses & Doctoral Dissertations

There is a wide range of concerns and challenges related to stored data security – which range from privacy and management to operations readiness, These challenges span from financial to personal and public impact. With an abundance of regulations for the enforcement of data security and emerging requirements proposed every year, organizations cannot avoid the legal or social implications of inadequate data protection. Today, public spotlight and awareness are challenging organizations to enhance how data is protected more than at any other time. For this reason, organizations have made significant efforts to improve security.

When looking at precautions or changes, …

Analysis Of System Performance Metrics Towards The Detection Of Cryptojacking In Iot Devices, Richard Matthews

Masters Theses & Doctoral Dissertations

This single-case mechanism study examined the effects of cryptojacking on Internet of Things (IoT) device performance metrics. Cryptojacking is a cyber-threat that involves stealing the computational resources of devices belonging to others to generate cryptocurrencies. The resources primarily include the processing cycles of devices and the additional electricity needed to power this additional load. The literature surveyed showed that cryptojacking has been gaining in popularity and is now one of the top cyberthreats. Cryptocurrencies offer anyone more freedom and anonymity than dealing with traditional financial institutions which make them especially attractive to cybercriminals. Other reasons for the increasing popularity of …

Efficacy Of Incident Response Certification In The Workforce, Samuel Jarocki

Masters Theses & Doctoral Dissertations

Numerous cybersecurity certifications are available both commercially and via institutes of higher learning. Hiring managers, recruiters, and personnel accountable for new hires need to make informed decisions when selecting personnel to fill positions. An incident responder or security analyst's role requires near real-time decision-making, pervasive knowledge of the environments they are protecting, and functional situational awareness. This concurrent mixed methods paper studies whether current commercial certifications offered in the cybersecurity realm, particularly incident response, provide useful indicators for a viable hiring candidate.

Managers and non-managers alike do prefer hiring candidates with an incident response certification. Both groups affirmatively believe commercial …

A Consent Framework For The Internet Of Things In The Gdpr Era, Gerald Chikukwa

Masters Theses & Doctoral Dissertations

The Internet of Things (IoT) is an environment of connected physical devices and objects that communicate amongst themselves over the internet. The IoT is based on the notion of always-connected customers, which allows businesses to collect large volumes of customer data to give them a competitive edge. Most of the data collected by these IoT devices include personal information, preferences, and behaviors. However, constant connectivity and sharing of data create security and privacy concerns. Laws and regulations like the General Data Protection Regulation (GDPR) of 2016 ensure that customers are protected by providing privacy and security guidelines to businesses. Data …

Block The Root Takeover: Validating Devices Using Blockchain Protocol, Sharmila Paul

Masters Theses & Doctoral Dissertations

This study addresses a vulnerability in the trust-based STP protocol that allows malicious users to target an Ethernet LAN with an STP Root-Takeover Attack. This subject is relevant because an STP Root-Takeover attack is a gateway to unauthorized control over the entire network stack of a personal or enterprise network. This study aims to address this problem with a potentially trustless research solution called the STP DApp. The STP DApp is the combination of a kernel /net modification called stpverify and a Hyperledger Fabric blockchain framework in a NodeJS runtime environment in userland. The STP DApp works as an Intrusion …

Cybersecurity Education For Non-Technical Learners, Matthew Mcnulty

Masters Theses & Doctoral Dissertations

Today’s world is increasingly reliant on technology for school, work, entertainment, and general home use. Many jobs today could not be performed without the use of computer systems or other technology. As lives become intertwined with technology, everyone will inevitably encounter malicious, vulnerable, or privacy-compromising devices or services. Unfortunately, knowledge of how to deal with these cybersecurity and privacy issues is not something that falls within the domain of common knowledge for the everyday person. Additionally, there is a lack of work being done to understand the educational needs of various groups within the general public and educate them. This …

Traversing Nat: A Problem, Tyler Flaagan

Masters Theses & Doctoral Dissertations

This quasi-experimental before-and-after study measured and analyzed the impacts of adding security to a new bi-directional Network Address Translation (NAT). Literature revolves around various types of NAT, their advantages and disadvantages, their security models, and networking technologies’ adoption. The study of the newly created secure bi-directional model of NAT showed statistically significant changes in the variables than another model using port forwarding. Future research of how data will traverse networks is crucial in an ever-changing world of technology.

A Framework For Identifying Host-Based Artifacts In Dark Web Investigations, Arica Kulm

Masters Theses & Doctoral Dissertations

The dark web is the hidden part of the internet that is not indexed by search engines and is only accessible with a specific browser like The Onion Router (Tor). Tor was originally developed as a means of secure communications and is still used worldwide for individuals seeking privacy or those wanting to circumvent restrictive regimes. The dark web has become synonymous with nefarious and illicit content which manifests itself in underground marketplaces containing illegal goods such as drugs, stolen credit cards, stolen user credentials, child pornography, and more (Kohen, 2017). Dark web marketplaces contribute both to illegal drug usage …

Vzwam Web-Based Lookup, Ruben Claudio

Masters Theses & Doctoral Dissertations

This web-based lookup will allow V employees to find territory sales rep much faster. It will simplify the process and eliminate manual processes.

At the moment, a combination of multiple manual processes is needed to find territory sales reps. The company’s CRM does not allow to find rep sales quickly. When an in-house sales representative is talking to a prospect, this sales rep has to go through a few series of steps to find an outside or territory sales rep --which is usually needed to schedule in-person meetings, that results in delays while doing transactions with the prospects. Besides, because …

Byod-Insure: A Security Assessment Model For Enterprise Byod, Melva Ratchford

Masters Theses & Doctoral Dissertations

As organizations continue allowing employees to use their personal mobile devices to access the organizations’ networks and the corporate data, a phenomenon called ‘Bring Your Own Device’ or BYOD, proper security controls need to be adopted not only to secure the corporate data but also to protect the organizations against possible litigation problems. Until recently, current literature and research have been focused on specific areas or solutions regarding BYOD. The information associated with BYOD security issues in the areas of Management, IT, Users and Mobile Device Solutions is fragmented. This research is based on a need to provide a holistic …

Mobile Identity, Credential, And Access Management Framework, Peggy Renee Camley

Masters Theses & Doctoral Dissertations

Organizations today gather unprecedented quantities of data from their operations. This data is coming from transactions made by a person or from a connected system/application. From personal devices to industry including government, the internet has become the primary means of modern communication, further increasing the need for a method to track and secure these devices. Protecting the integrity of connected devices collecting data is critical to ensure the trustworthiness of the system. An organization must not only know the identity of the users on their networks and have the capability of tracing the actions performed by a user but they …

A Virtual Machine Introspection Based Multi-Service, Multi-Architecture, High-Interaction Honeypot For Iot Devices, Cory A. Nance

Masters Theses & Doctoral Dissertations

Internet of Things (IoT) devices are quickly growing in adoption. The use case for IoT devices runs the gamut from household applications (such as toasters, lighting, and thermostats) to medical, battlefield, or Industrial Control System (ICS) applications used in life or death situations. A disturbing trend is that for IoT devices is that they are not developed with security in mind. This lack of security has led to the creation of massive botnets that conduct nefarious acts. A clear understanding of the threat landscape IoT devices face is needed to address these security issues. One technique used to understand threats …

Iot-Hass: A Framework For Protecting Smart Home Environment, Tarig Mudawi

Masters Theses & Doctoral Dissertations

While many solutions have been proposed for smart home security, the problem that no single solution fully protects the smart home environment still exists. In this research we propose a security framework to protect the smart home environment. The proposed framework includes three engines that complement each other to protect the smart home IoT devices. The first engine is an IDS/IPS module that monitors all traffic in the home network and then detects, alerts users, and/or blocks packets using anomaly-based detection. The second engine works as a device management module that scans and verifies IoT devices in the home network, …

Network Traffic Analysis Framework For Cyber Threat Detection, Meshesha K. Cherie

Masters Theses & Doctoral Dissertations

The growing sophistication of attacks and newly emerging cyber threats requires advanced cyber threat detection systems. Although there are several cyber threat detection tools in use, cyber threats and data breaches continue to rise. This research is intended to improve the cyber threat detection approach by developing a cyber threat detection framework using two complementary technologies, search engine and machine learning, combining artificial intelligence and classical technologies.

In this design science research, several artifacts such as a custom search engine library, a machine learning-based engine and different algorithms have been developed to build a new cyber threat detection framework based …

Malgazer: An Automated Malware Classifier With Running Window Entropy And Machine Learning, Keith Jones

Masters Theses & Doctoral Dissertations

This dissertation explores functional malware classification using running window entropy and machine learning classifiers. This topic was under researched in the prior literature, but the implications are important for malware defense. This dissertation will present six new design science artifacts. The first artifact was a generalized machine learning based malware classifier model. This model was used to categorize and explain the gaps in the prior literature. This artifact was also used to compare the prior literature to the classifiers created in this dissertation, herein referred to as “Malgazer” classifiers.

Running window entropy data was required, but the algorithm was too …

Evaluating The Impacts Of Detecting X.509 Covert Channels, Cody Welu

Masters Theses & Doctoral Dissertations

This quasi-experimental before-and-after study examined the performance impacts of detecting X.509 covert channels in the Suricata intrusion detection system. Relevant literature and previous studies surrounding covert channels and covert channel detection, X.509 certificates, and intrusion detection system performance were evaluated. This study used Jason Reaves’ X.509 covert channel proof of concept code to generate malicious network traffic for detection (2018). Various detection rules for intrusion detection systems were created to aid in the detection of the X.509 covert channel. The central processing unit (CPU) and memory utilization impacts that each rule had on the intrusion detection system was studied and …

Self-Efficacy In Information Security: A Mixed Methods Study Of Deaf End-Users, Kyle Murbach

Masters Theses & Doctoral Dissertations

This explanatory sequential mixed methods study focuses on gaining an overall understanding of the potential variances in self-efficacy in information security and security practice behavior in the deaf population. Very little is understood about the deaf experience when engaging in security practices and their confidence levels in doing so. Due to the fastpaced nature of cyber security and its many facets, the human factor plays a crucial role in the success of cyber security. It is important to understand the potential implications of variances that may affect a deaf end-user’s security practice behavior to be able to provide more effective …

Mirai Bot Scanner Summation Prototype, Charles V. Frank Jr.

Masters Theses & Doctoral Dissertations

The Mirai botnet deploys a distributed mechanism with each Bot continually scanning for a potential new Bot Victim. A Bot continually generates a random IP address to scan the network for discovering a potential new Bot Victim. The Bot establishes a connection with the potential new Bot Victim with a Transmission Control Protocol (TCP) handshake. The Mirai botnet has recruited hundreds of thousands of Bots. With 100,000 Bots, Mirai Distributed Denial of Service (DDoS) attacks on service provider Dyn in October 2016 triggered the inaccessibility to hundreds of websites in Europe and North America (Sinanović & Mrdovic, 2017). A month …

Flashlight In A Dark Room: A Grounded Theory Study On Information Security Management At Small Healthcare Provider Organizations, Gerald Auger

Masters Theses & Doctoral Dissertations

Healthcare providers have a responsibility to protect patient’s privacy and a business motivation to properly secure their assets. These providers encounter barriers to achieving these objectives and limited academic research has been conducted to examine the causes and strategies to overcome them. A subset of this demographic, businesses with less than 10 providers, compose a majority 57% of provider organizations in the United States. This grounded theory study provides exploratory findings, discovering these small healthcare provider organizations (SHPO) have limited knowledge on information technology (IT) and information security that results in assumptions and misappropriations of information security implementation, who is …

A Malware Analysis And Artifact Capture Tool, Dallas Wright

Masters Theses & Doctoral Dissertations

Malware authors attempt to obfuscate and hide their execution objectives in their program’s static and dynamic states. This paper provides a novel approach to aid analysis by introducing a malware analysis tool which is quick to set up and use with respect to other existing tools. The tool allows for the intercepting and capturing of malware artifacts while providing dynamic control of process flow. Capturing malware artifacts allows an analyst to more quickly and comprehensively understand malware behavior and obfuscation techniques and doing so interactively allows multiple code paths to be explored. The faster that malware can be analyzed the …

Matching Possible Mitigations To Cyber Threats: A Document-Driven Decision Support Systems Approach, Martha Wagner Mcneil

Masters Theses & Doctoral Dissertations

Cyber systems are ubiquitous in all aspects of society. At the same time, breaches to cyber systems continue to be front-page news (Calfas, 2018; Equifax, 2017) and, despite more than a decade of heightened focus on cybersecurity, the threat continues to evolve and grow, costing globally up to $575 billion annually (Center for Strategic and International Studies, 2014; Gosler & Von Thaer, 2013; Microsoft, 2016; Verizon, 2017). To address possible impacts due to cyber threats, information system (IS) stakeholders must assess the risks they face. Following a risk assessment, the next step is to determine mitigations to counter the threats …