Open Access. Powered by Scholars. Published by Universities.®
- Discipline
-
- Social and Behavioral Sciences (91)
- Engineering (84)
- Law (71)
- Computer Law (67)
- Legal Studies (64)
-
- Computer Engineering (63)
- Forensic Science and Technology (63)
- Business (58)
- Electrical and Computer Engineering (49)
- Management Information Systems (47)
- Databases and Information Systems (35)
- Technology and Innovation (33)
- Public Affairs, Public Policy and Public Administration (31)
- Sociology (28)
- OS and Networks (27)
- Other Computer Sciences (26)
- Defense and Security Studies (18)
- Aviation (17)
- Aviation Safety and Security (17)
- Software Engineering (17)
- Medicine and Health Sciences (16)
- National Security Law (16)
- Social Control, Law, Crime, and Deviance (16)
- Communication (15)
- Marketing (12)
- Social Media (12)
- Business and Corporate Communications (11)
- Institution
-
- Embry-Riddle Aeronautical University (67)
- Singapore Management University (57)
- Kennesaw State University (42)
- Edith Cowan University (25)
- Selected Works (18)
-
- San Jose State University (12)
- Clark University (11)
- University of New Haven (10)
- Air Force Institute of Technology (8)
- Nova Southeastern University (8)
- University for Business and Technology in Kosovo (8)
- City University of New York (CUNY) (5)
- University of Kentucky (5)
- Franklin University (4)
- Boise State University (3)
- Rose-Hulman Institute of Technology (3)
- University of Nebraska - Lincoln (3)
- California Polytechnic State University, San Luis Obispo (2)
- Dakota State University (2)
- Eastern Michigan University (2)
- Florida Institute of Technology (2)
- La Salle University (2)
- Michigan Technological University (2)
- Pace University (2)
- Southern Illinois University Carbondale (2)
- St. Cloud State University (2)
- United Arab Emirates University (2)
- University of Arkansas, Fayetteville (2)
- University of Nebraska at Omaha (2)
- University of New Orleans (2)
- Keyword
-
- Security (24)
- Digital forensics (14)
- Privacy (13)
- Computer forensics (9)
- Cybersecurity (8)
-
- Information security (8)
- Information systems (7)
- Android (6)
- Cloud computing (6)
- Computer security (6)
- Cyber security (6)
- Information technology (6)
- MPA (6)
- Cryptography (5)
- MSIT (5)
- ABE (4)
- Authentication (4)
- Cyber forensics (4)
- Digital Forensics (4)
- Mobile (4)
- Revocation (4)
- Survey (4)
- Applied sciences (3)
- Big data (3)
- Cloud storage (3)
- Computer science (3)
- Crime (3)
- Cyber (3)
- Cyber Security (3)
- Cybercrime (3)
- Publication
-
- Research Collection School Of Computing and Information Systems (56)
- Journal of Digital Forensics, Security and Law (43)
- KSU Proceedings on Cybersecurity Education, Research and Practice (30)
- Annual ADFSL Conference on Digital Forensics, Security and Law (21)
- Australian Information Security Management Conference (11)
-
- Master's Projects (11)
- School of Professional Studies (11)
- Electrical & Computer Engineering and Computer Science Faculty Publications (10)
- Australian Digital Forensics Conference (9)
- Gary C. Kessler (9)
- Theses and Dissertations (9)
- CCE Theses and Dissertations (8)
- UBT International Conference (8)
- Journal of Cybersecurity Education, Research and Practice (7)
- Theses and Dissertations--Computer Science (4)
- All Faculty and Staff Scholarship (3)
- Boise State University Theses and Dissertations (3)
- Faculty Publications (3)
- Leila A. Halawi (3)
- Publications (3)
- Saverio Perugini (3)
- Theses (3)
- Tracy Mitrano (3)
- ASA Multidisciplinary Research Symposium (2)
- Department of Computer Science and Engineering: Dissertations, Theses, and Student Research (2)
- Dissertations and Theses (2)
- Faculty Research & Publications (2)
- Graduate Theses and Dissertations (2)
- KSU Journey Honors College Capstones and Theses (2)
- Master of Science in Information Technology Theses (2)
- Publication Type
- File Type
Articles 1 - 30 of 338
Full-Text Articles in Information Security
Bloom Filters Optimized Wu-Manber For Intrusion Detection, Monther Aldwairi, Koloud Al-Khamaiseh, Fatima Alharbi, Babar Shah
Bloom Filters Optimized Wu-Manber For Intrusion Detection, Monther Aldwairi, Koloud Al-Khamaiseh, Fatima Alharbi, Babar Shah
Journal of Digital Forensics, Security and Law
With increasing number and severity of attacks, monitoring ingress and egress network traffic is becoming essential everyday task. Intrusion detection systems are the main tools for capturing and searching network traffic for potential harm. Signature-based intrusion detection systems are the most widely used, and they simply use a pattern matching algorithms to locate attack signatures in intercepted network traffic. Pattern matching algorithms are very expensive in terms of running time and memory usage, leaving intrusion detection systems unable to detect attacks in real-time. We propose a Bloom filters optimized Wu-Manber pattern matching algorithm to speed up intrusion detection. The Bloom …
The Impact Of Md5 File Hash Collisions On Digital Forensic Imaging, Gary C. Kessler
The Impact Of Md5 File Hash Collisions On Digital Forensic Imaging, Gary C. Kessler
Journal of Digital Forensics, Security and Law
The Message Digest 5 (MD5) hash is commonly used as for integrity verification in the forensic imaging process. The ability to force MD5 hash collisions has been a reality for more than a decade, although there is a general consensus that hash collisions are of minimal impact to the practice of computer forensics. This paper describes an experiment to determine the results of imaging two disks that are identical except for one file, the two versions of which have different content but otherwise occupy the same byte positions on the disk, are the same size, and have the same hash …
Leveraging The Windows Amcache.Hve File In Forensic Investigations, Bhupendra Singh, Upasna Singh
Leveraging The Windows Amcache.Hve File In Forensic Investigations, Bhupendra Singh, Upasna Singh
Journal of Digital Forensics, Security and Law
The Amcache.hve is a registry hive file that is created by Microsoft® Windows® to store the information related to execution of programs. This paper highlights the evidential potential of Amcache.hve file and its application in the area of user activity analysis. The study uncovers numerous artifacts retained in Amcache.hve file when a user performs certain actions such as running host-based applications, installation of new applications, or running portable applications from external devices. The results of experiments demonstrate that Amcache.hve file stores intriguing artifacts related to applications such as timestamps of creation and last modification of any application; name, description, publisher …
The 2016 Analysis Of Information Remaining On Computer Hard Disks Offered For Sale On The Second Hand Market In The Uae, Thomas Martin, Andy Jones, Mohammed Alzaabi
The 2016 Analysis Of Information Remaining On Computer Hard Disks Offered For Sale On The Second Hand Market In The Uae, Thomas Martin, Andy Jones, Mohammed Alzaabi
Journal of Digital Forensics, Security and Law
This research describes our survey of data remaining on computer hard disks sold on the second hand market in the United Arab Emirates (UAE). This is a repetition of the first survey conducted in 2012 (Jones, Martin, & Alzaabi, 2012). Similar studies have been carried over the last ten years in the United Kingdom, Australia, USA, Germany and France: (Jones, Mee, Meyler, & Gooch, 2005), (Jones, Valli, Sutherland, & Thomas, 2006), (Jones, Valli, Dardick, & Sutherland, 2008), (Jones, Valli, Dardick, & Sutherland, 2009). This research was undertaken to gain insight into the volumes of data found on second-hand disks purchased …
A New Distributed Chinese Wall Security Policy Model, Saad Fehis, Omar Nouali, Mohand-Tahar Kechadi
A New Distributed Chinese Wall Security Policy Model, Saad Fehis, Omar Nouali, Mohand-Tahar Kechadi
Journal of Digital Forensics, Security and Law
The application of the Chinese wall security policy model (CWSPM) to control the information flows between two or more competing and/or conflicting companies in cloud computing (Multi-tenancy) or in the social network, is a very interesting solution. The main goal of the Chinese Wall Security Policy is to build a wall between the datasets of competing companies, and among the system subjects. This is done by the applying to the subjects mandatory rules, in order to control the information flow caused between them. This problem is one of the hottest topics in the area of cloud computing (as a distributed …
The Impact Of Sha-1 File Hash Collisions On Digital Forensic Imaging: A Follow-Up Experiment, Gary C. Kessler
The Impact Of Sha-1 File Hash Collisions On Digital Forensic Imaging: A Follow-Up Experiment, Gary C. Kessler
Journal of Digital Forensics, Security and Law
A previous paper described an experiment showing that Message Digest 5 (MD5) hash collisions of files have no impact on integrity verification in the forensic imaging process. This paper describes a similar experiment applied when two files have a Secure Hash Algorithm (SHA-1) collision.
A Survey Of Social Network Forensics, Umit Karabiyik, Muhammed Abdullah Canbaz, Ahmet Aksoy, Tayfun Tuna, Esra Akbas, Bilal Gonen, Ramazan S. Aygun
A Survey Of Social Network Forensics, Umit Karabiyik, Muhammed Abdullah Canbaz, Ahmet Aksoy, Tayfun Tuna, Esra Akbas, Bilal Gonen, Ramazan S. Aygun
Journal of Digital Forensics, Security and Law
Social networks in any form, specifically online social networks (OSNs), are becoming a part of our everyday life in this new millennium especially with the advanced and simple communication technologies through easily accessible devices such as smartphones and tablets. The data generated through the use of these technologies need to be analyzed for forensic purposes when criminal and terrorist activities are involved. In order to deal with the forensic implications of social networks, current research on both digital forensics and social networks need to be incorporated and understood. This will help digital forensics investigators to predict, detect and even prevent …
Investigating The Spatial Complexity Of Various Pke-Peks Schematics, Jacob Patterson
Investigating The Spatial Complexity Of Various Pke-Peks Schematics, Jacob Patterson
Rose-Hulman Undergraduate Research Publications
With the advent of cloud storage, people upload all sorts of information to third party servers. However, uploading plaintext does not seem like a good idea for users who wish to keep their data private. Current solutions to this problem in literature involves integrating Public Key Encryption and Public key encryption with keyword search techniques. The intent of this paper is to analyze the spatial complexities of various PKE-PEKS schemes at various levels of security and discuss potential avenues for improvement.
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Threats To Information Protection - Industry And Academic Perspectives: An Annotated Bibliography, Michael E. Whitman, Herbert J. Mattord
Threats To Information Protection - Industry And Academic Perspectives: An Annotated Bibliography, Michael E. Whitman, Herbert J. Mattord
Journal of Cybersecurity Education, Research and Practice
Threats to information assets have always been a concern to those responsible for making information useful and defending its value. The concepts of threat, threat agent, threat events and threat sources have evolved in recent years have very precise definitions. A summary of threat classification models used in academic research is provided along with a summary of recent industry threat assessment reports. Finally, the results from a recent study, 2015 SEC/CISE Threats to Information Protection Report Including a Current Snapshot of the State of the Industry, are given.
Towards An In-Depth Understanding Of Deep Packet Inspection Using A Suite Of Industrial Control Systems Protocol Packets, Guillermo A. Francia Iii, Xavier P. Francia, Anthony M. Pruitt
Towards An In-Depth Understanding Of Deep Packet Inspection Using A Suite Of Industrial Control Systems Protocol Packets, Guillermo A. Francia Iii, Xavier P. Francia, Anthony M. Pruitt
Journal of Cybersecurity Education, Research and Practice
Industrial control systems (ICS) are increasingly at risk and vulnerable to internal and external threats. These systems are integral part of our nation’s critical infrastructures. Consequently, a successful cyberattack on one of these could present disastrous consequences to human life and property as well. It is imperative that cybersecurity professionals gain a good understanding of these systems particularly in the area of communication protocols. Traditional Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are made to encapsulate some of these ICS protocols which may enable malicious payload to get through the network firewall and thus, gain entry into the …
Planning And Implementing A Successful Nsa-Nsf Gencyber Summer Cyber Academy, Bryson R. Payne, Tamirat Abegaz, Keith Antonia
Planning And Implementing A Successful Nsa-Nsf Gencyber Summer Cyber Academy, Bryson R. Payne, Tamirat Abegaz, Keith Antonia
Journal of Cybersecurity Education, Research and Practice
The GenCyber program is jointly sponsored by the National Security Agency (NSA) and the National Science Foundation (NSF) to help faculty and cybersecurity experts provide summer cybersecurity camp experiences for K-12 students and teachers. The main objective of the program is to attract, educate, and motivate a new generation of young men and women to help address the nationwide shortage of trained cybersecurity professionals. The curriculum is flexible and centers on ten cybersecurity first principles. Currently, GenCyber provides cyber camp options for three types of audiences: students, teachers, and a combination of both teachers and students. In 2016, over 120 …
From The Editors, Herbert J. Mattord, Michael E. Whitman, Carole L. Hollingsworth
From The Editors, Herbert J. Mattord, Michael E. Whitman, Carole L. Hollingsworth
Journal of Cybersecurity Education, Research and Practice
Welcome to the second issue of the Journal of Cybersecurity Education, Research and Practice (JCERP).
Rationality, Parapsychology, And Artificial Intelligence In Military And Intelligence Research By The United States Government In The Cold War, Guy M. Lomeo
Theses and Dissertations
A study analyzing the roles of rationality, parapsychology, and artificial intelligence in military and intelligence research by the United States Government in the Cold War. An examination of the methodology behind the decisions to pursue research in two fields that were initially considered irrational.
Military Cyber Professionals Have An Important Part To Play In The Obama-Trump Transition, Michael V. Hayden
Military Cyber Professionals Have An Important Part To Play In The Obama-Trump Transition, Michael V. Hayden
Military Cyber Affairs
Over the course of decades in service, I have experienced multiple presidential transitions. Each new Commander in Chief updates policies, personnel, and priorities…especially when the transition involves a new political party. In this respect, the current transition from the Obama to the Trump administration is no different. While this periodic exercise of our democracy may seem disruptive to some, it is a true opportunity for military cyber professionals to help shape our future national security posture.
Cryptanalysis Of Homophonic Substitution Cipher Using Hidden Markov Models, Guannan Zhong
Cryptanalysis Of Homophonic Substitution Cipher Using Hidden Markov Models, Guannan Zhong
Master's Projects
We investigate the effectiveness of a Hidden Markov Model (HMM) with random restarts as a mean of breaking a homophonic substitution cipher. Based on extensive experiments, we find that such an HMM-based attack outperforms a previously de- veloped nested hill climb approach, particularly when the ciphertext message is short. We then consider a combination cipher, consisting of a homophonic substitution and a column transposition. We develop and analyze an attack on such a cipher. This attack employs an HMM (with random restarts), together with a hill climb to recover the column permutation. We show that this attack can succeed on …
The Paradox Of Social Media Security: A Study Of It Students’ Perceptions Versus Behavior On Using Facebook, Zahra Y. Alqubaiti
The Paradox Of Social Media Security: A Study Of It Students’ Perceptions Versus Behavior On Using Facebook, Zahra Y. Alqubaiti
Master of Science in Information Technology Theses
Social media plays an essential role in the modern society, enabling people to be better connected to each other and creating new opportunities for businesses. At the same time, social networking sites have become major targets for cyber-security attacks due to their massive user base. Many studies investigated the security vulnerabilities and privacy issues of social networking sites and made recommendations on how to mitigate security risks. Users are an integral part of any security mix. In this thesis, we explore the relationship between users’ security perceptions and their actual behavior on social networking sites. Protection motivation theory (PMT), initially …
A System For Detecting Malicious Insider Data Theft In Iaas Cloud Environments, Jason Nikolai, Yong Wang
A System For Detecting Malicious Insider Data Theft In Iaas Cloud Environments, Jason Nikolai, Yong Wang
Faculty Research & Publications
The Cloud Security Alliance lists data theft and insider attacks as critical threats to cloud security. Our work puts forth an approach using a train, monitor, detect pattern which leverages a stateful rule based k-nearest neighbors anomaly detection technique and system state data to detect inside attacker data theft on Infrastructure as a Service (IaaS) nodes. We posit, instantiate, and demonstrate our approach using the Eucalyptus cloud computing infrastructure where we observe a 100 percent detection rate for abnormal login events and data copies to outside systems.
Context-Sensitive Auto-Sanitization For Php, Jared M. Smith, Richard J. Connor, David P. Cunningham, Kyle G. Bashour, Walter T. Work
Context-Sensitive Auto-Sanitization For Php, Jared M. Smith, Richard J. Connor, David P. Cunningham, Kyle G. Bashour, Walter T. Work
Chancellor’s Honors Program Projects
No abstract provided.
Ransomware In High-Risk Environments, Shallaw M. Aziz
Ransomware In High-Risk Environments, Shallaw M. Aziz
Information Technology Capstone Research Project Reports
In today’s modern world, cybercrime is skyrocketing globally, which impacts a variety of organizations and endpoint users. Hackers are using a multitude of approaches and tools, including ransomware threats, to take over targeted systems. These acts of cybercrime lead to huge damages in areas of business, healthcare systems, industry sectors, and other fields. Ransomware is considered as a high risk threat, which is designed to hijack the data. This paper is demonstrating the ransomware types, and how they are evolved from the malware and trojan codes, which is used to attack previous incidents, and explains the most common encryption algorithms …
The Transition Experiences Of International Graduate Students In Clark University School Of Professional Studies, Xuesong Huang, Mingyang Lian, Dang Trung, Jay Sheth, Yuwei Yang, Irina Klimenko
The Transition Experiences Of International Graduate Students In Clark University School Of Professional Studies, Xuesong Huang, Mingyang Lian, Dang Trung, Jay Sheth, Yuwei Yang, Irina Klimenko
School of Professional Studies
In the last decade, the School of Professional Studies at Clark University has witnessed a sharp increase in international students. More and more international students in the millennial generation have entered the School of Professional Studies pursuing one of the two-year graduate programs: Master of Science in Professional Studies, Master of Science in Public Administration, and Master of Science in Information Technology. In the past, working adult student dominant the program. These students already had a career outside the classrooms before them came to study. The millennial international students have generated new adjustment problems. Some of the transition issues of …
Teaching Android Security Through Examples: A Publicly Available Database Of Vulnerable Apps, Daniel E. Krutz, Samuel A. Malachowsky
Teaching Android Security Through Examples: A Publicly Available Database Of Vulnerable Apps, Daniel E. Krutz, Samuel A. Malachowsky
Articles
Security is hard, and teaching security can be even harder. Here we describe a public educational activity to assist in the instruction of both students and developers in creating secure Android apps. Our set of activities includes example vulnerable applications, information about each vulnerability, steps on how to repair the vulnerabilities, and information about how to confirm that the vulnerability has been properly repaired. Our primary goal is to make these activities available to other instructors for use in their classrooms ranging from the K-12 to university settings. A secondary goal of this project is to foster interest in security …
Cross-Spectral Biometric Performance Analysis On High-Resolution Face Images, Praveen Kumar Pandian Shanmuganathan
Cross-Spectral Biometric Performance Analysis On High-Resolution Face Images, Praveen Kumar Pandian Shanmuganathan
Theses and Dissertations
Biometrics is increasingly being used to authenticate the identity of individuals in critical use case devices like smart phones, laptops, and several other access-control systems in our day-to-day lives. Additionally, biometrics is also used in forensic and security sensitive areas to detect and identify suspects involved in bombings, robberies, and several police investigations. In each of these critical scenarios, the high-quality full-frontal face images of the subjects are not accurately captured as those subjects do not intend to register their identity to the Closed-Circuit Cameras. Hence in such cases, identification of the suspects becomes difficult even though we have the …
Developing An Abac-Based Grant Proposal Workflow Management System, Milson Munakami
Developing An Abac-Based Grant Proposal Workflow Management System, Milson Munakami
Boise State University Theses and Dissertations
In the advent of the digital transformation, online business processes need to be automated and modeled as workflows. A workflow typically involves a sequence of coordinated tasks and shared data that need to be secured and protected from unauthorized access. In other words, a workflow can be described simply as the movement of documents and activities through a business process among different users. Such connected flow of information among various users with different permission level offers many benefits along with new challenges. Cyber threats are becoming more sophisticated as skilled and motivated attackers both insiders and outsiders are equipped with …
Security Testing With Misuse Case Modeling, Samer Yousef Khamaiseh
Security Testing With Misuse Case Modeling, Samer Yousef Khamaiseh
Boise State University Theses and Dissertations
Having a comprehensive model of security requirements is a crucial step towards developing a reliable software system. An effective model of security requirements which describes the possible scenarios that may affect the security aspects of the system under development can be an effective approach for subsequent use in generating security test cases.
Misuse case was first proposed by Sinder and Opdahl as an approach to extract the security requirements of the system under development [1]. A misuse case is a use case representing scenarios that might be followed by a system adversary in order to compromise the system; that is …
A Certificateless One-Way Group Key Agreement Protocol For Point-To-Point Email Encryption, Srisarguru Sridhar
A Certificateless One-Way Group Key Agreement Protocol For Point-To-Point Email Encryption, Srisarguru Sridhar
Boise State University Theses and Dissertations
Over the years, email has evolved and grown to one of the most widely used form of communication between individuals and organizations. Nonetheless, the current information technology standards do not value the significance of email security in today's technologically advanced world. Not until recently, email services such as Yahoo and Google started to encrypt emails for privacy protection. Despite that, the encrypted emails will be decrypted and stored in the email service provider's servers as backup. If the server is hacked or compromised, it can lead to leakage and modification of one's email. Therefore, there is a strong need for …
Ciphertext-Policy Attribute-Based Encryption With Partially Hidden Access Structure And Its Application To Privacy-Preserving Electronic Medical Record System In Cloud Environment, Lixian Liu, Junzuo Lai, Robert H. Deng, Yingjiu Li
Ciphertext-Policy Attribute-Based Encryption With Partially Hidden Access Structure And Its Application To Privacy-Preserving Electronic Medical Record System In Cloud Environment, Lixian Liu, Junzuo Lai, Robert H. Deng, Yingjiu Li
Research Collection School Of Computing and Information Systems
With the development of cloud computing, more and more sensitive data are uploaded to cloud by companies or individuals, which brings forth new challenges for outsourced data security and privacy. Ciphertext-policy attribute-based encryption (CP-ABE) provides fine-grained access control of encrypted data in the cloud; in a CP-ABE scheme, an access structure, also referred to as ciphertext-policy, is sent along with a ciphertext explicitly, and anyone who obtains a ciphertext can know the access structure associated with the ciphertext. In certain applications, access structures contain very sensitive information and must be protected from everyone except the users whose private key attributes …