Information Security Commons^™

Threats To Information Protection - Industry And Academic Perspectives: An Annotated Bibliography, Michael E. Whitman, Herbert J. Mattord

Journal of Cybersecurity Education, Research and Practice

Threats to information assets have always been a concern to those responsible for making information useful and defending its value. The concepts of threat, threat agent, threat events and threat sources have evolved in recent years have very precise definitions. A summary of threat classification models used in academic research is provided along with a summary of recent industry threat assessment reports. Finally, the results from a recent study, 2015 SEC/CISE Threats to Information Protection Report Including a Current Snapshot of the State of the Industry, are given.

Towards An In-Depth Understanding Of Deep Packet Inspection Using A Suite Of Industrial Control Systems Protocol Packets, Guillermo A. Francia Iii, Xavier P. Francia, Anthony M. Pruitt

Journal of Cybersecurity Education, Research and Practice

Industrial control systems (ICS) are increasingly at risk and vulnerable to internal and external threats. These systems are integral part of our nation’s critical infrastructures. Consequently, a successful cyberattack on one of these could present disastrous consequences to human life and property as well. It is imperative that cybersecurity professionals gain a good understanding of these systems particularly in the area of communication protocols. Traditional Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are made to encapsulate some of these ICS protocols which may enable malicious payload to get through the network firewall and thus, gain entry into the …

Planning And Implementing A Successful Nsa-Nsf Gencyber Summer Cyber Academy, Bryson R. Payne, Tamirat Abegaz, Keith Antonia

Journal of Cybersecurity Education, Research and Practice

The GenCyber program is jointly sponsored by the National Security Agency (NSA) and the National Science Foundation (NSF) to help faculty and cybersecurity experts provide summer cybersecurity camp experiences for K-12 students and teachers. The main objective of the program is to attract, educate, and motivate a new generation of young men and women to help address the nationwide shortage of trained cybersecurity professionals. The curriculum is flexible and centers on ten cybersecurity first principles. Currently, GenCyber provides cyber camp options for three types of audiences: students, teachers, and a combination of both teachers and students. In 2016, over 120 …

From The Editors, Herbert J. Mattord, Michael E. Whitman, Carole L. Hollingsworth

Journal of Cybersecurity Education, Research and Practice

Welcome to the second issue of the Journal of Cybersecurity Education, Research and Practice (JCERP).

The Paradox Of Social Media Security: A Study Of It Students’ Perceptions Versus Behavior On Using Facebook, Zahra Y. Alqubaiti

Master of Science in Information Technology Theses

Social media plays an essential role in the modern society, enabling people to be better connected to each other and creating new opportunities for businesses. At the same time, social networking sites have become major targets for cyber-security attacks due to their massive user base. Many studies investigated the security vulnerabilities and privacy issues of social networking sites and made recommendations on how to mitigate security risks. Users are an integral part of any security mix. In this thesis, we explore the relationship between users’ security perceptions and their actual behavior on social networking sites. Protection motivation theory (PMT), initially …

Threats To Information Protection - Industry And Academic Perspectives: An Annotated Bibliography, Michael E. Whitman, Herbert J. Mattord

KSU Proceedings on Cybersecurity Education, Research and Practice

Threats to information assets have always been a concern to those responsible for making information useful and defending its value. The concepts of threat, threat agent, threat events and threat sources have evolved in recent years have very precise definitions. The article includes a summary of threat classification models used in academic research is provided along with a summary of recent industry threat assessment reports. Finally, the article shares results from a recent study, 2015 SEC/CISE Threats to Information Protection Report Including a Current Snapshot of the State of the Industry, are given.

A Framework For Hybrid Intrusion Detection Systems, Robert N. Bronte

Master of Science in Information Technology Theses

Web application security is a definite threat to the world’s information technology infrastructure. The Open Web Application Security Project (OWASP), generally defines web application security violations as unauthorized or unintentional exposure, disclosure, or loss of personal information. These breaches occur without the company’s knowledge and it often takes a while before the web application attack is revealed to the public, specifically because the security violations are fixed. Due to the need to protect their reputation, organizations have begun researching solutions to these problems. The most widely accepted solution is the use of an Intrusion Detection System (IDS). Such systems currently …

Integrate Text Mining Into Computer And Information Security Education, Hongmei Chi, Ezhil Kalaimannan, Dominique Hubbard

KSU Proceedings on Cybersecurity Education, Research and Practice

Insider threats has become a significant challenge to organization, due to the employees varying levels of access to the internal network. This will intern bypass the external security measures that have been put in place to protect the organization’s resources. Computer-mediated communication (CMC) is a form of communication over virtual spaces where users cannot see each other. CMC includes email and communication over social networks, amongst others. This paper focuses on the design and implementation of exercise modules, which can be integrated into cybersecurity courses. The main objectives of the paper include how to teach and integrate the CMC learning …

Cover Text Steganography: N-Gram And Entropy-Based Approach, Sara M. Rico-Larmer

KSU Proceedings on Cybersecurity Education, Research and Practice

Steganography is an ancient technique for hiding a secret message within ordinary looking messages or objects (e.g., images), also known as cover messages. Among various techniques, hiding text data in plain text file is a challenging task due to lack of redundant information. This paper proposes two new approaches to embed a secret message in a cover text document. The two approaches are n-gram and entropy metric-based generation of stego text. We provide examples of encoding secret messages in a cover text document followed by an initial evaluation of how well stego texts look close to the plain …

Hands-On Labs Demonstrating Html5 Security Concerns, Mounika Vanamala

KSU Proceedings on Cybersecurity Education, Research and Practice

The research is focused on the new features added in HTML5 standard that have strong implications towards the overall information security of a system that uses this implementation.A Hands-on Lab is developed to demonstrate how Web Storage and the Geo-location API of HTML5 can affect the privacy of the user.

“Not All Friends Are Equal”: Friendship Classification For Defending Against Social Engineering Attacks, Munene W. Kanampiu, Mohd Anwar

KSU Proceedings on Cybersecurity Education, Research and Practice

Social engineering is a serious security threat to Online Social Networks (OSNs). Identity theft, impersonation, phishing, and deception are some of the social engineering-based attacks that exploit vulnerabilities of interpersonal relationships of online users. As a result, relationships in OSNs need to be thoroughly examined. In this vein, we propose a relationship categorization model to evaluate relationship strength based on graph-theoretic properties and social network analysis (SNA) methods. For example, in Facebook, users may be categorized into close-neighbors, distant-neighbors, celebrities (influential by admiration), authority (influential by power), and loners. Close-neighbors category will help identify a set of trustworthy actors while …

Smart City Security, Shawn Ralko, Sathish Kumar

KSU Proceedings on Cybersecurity Education, Research and Practice

With rapid growth of technology involved and the implementation of the smart city concept, it is becoming vital to identify and implement security controls for their secure operation. Smart city security is essential for a city to incorporate the technologies into smart city cyber infrastructure and to improve the conditions of life for its citizens. In this paper, we have discussed the growth of smart city concept, their security issues. We also discuss the security solutions that needs to be implemented to keep the smart city cyber infrastructure secure. We have also pointed out the recommendations on the open issues …

The Role Of State Privacy Regulations In Mitigating Internet Users’ Privacy Concerns: A Multilevel Perspective, Tawfiq Alashoor

KSU Proceedings on Cybersecurity Education, Research and Practice

In the U.S., there is no comprehensive national law regulating the collection and use of personal information. As a response to the high level of privacy concerns among U.S. citizens and the currently limited regulations, states have enacted their own privacy laws over and above the principles of Fair Information Practices (FIP). In this exploratory study, we draw upon the privacy literature and the Restricted Access/Limited Control (RALC) theory of privacy to study the privacy concerns phenomenon with a multilevel theoretical lens. We introduce and test three novel propositions pertaining to the impact of state level privacy regulations on privacy …

Improvement And Maturity Of The Information Security Risk Management Process, Angela Jackson-Summers

KSU Proceedings on Cybersecurity Education, Research and Practice

No abstract provided.

Combining The Extended Risk Analysis Model And The Attack Response Model To Introduce Risk Analysis, Randall Reid

KSU Proceedings on Cybersecurity Education, Research and Practice

This paper uses the Extended Risk Analysis Model to introduce risk analysis in a classroom setting. The four responses to an attack, avoidance, transference, mitigation, and acceptance are overlaid on the Extended Risk Analysis Model to aid in the visualization of their relationship. It then expands and updates the cyber insurance portion of the Extended Risk Analysis Model.

Health It Security: An Examination Of Modern Challenges In Maintaining Hipaa And Hitech Compliance, Andrew S. Miller, Bryson R. Payne

KSU Proceedings on Cybersecurity Education, Research and Practice

This work describes an undergraduate honors research project into some of the challenges modern healthcare providers face in maintaining compliance with the Health Insurance Portability and Accountability Act (HIPAA) and HITECH (Health Information Technology for Economic and Clinical Health) Act. An overview of the pertinent sections of both the HIPAA and HITECH Acts regarding health information security is provided, along with a discussion of traditionally weak points in information security, including: people susceptible to social engineering, software that is not or cannot be regularly updated, and targeted attacks (including advanced persistent threats, or APTs). Further, the paper examines potential violations …

Investigating Information Security Policy Characteristics: Do Quality, Enforcement And Compliance Reduce Organizational Fraud?, Dennis T. Brown

KSU Proceedings on Cybersecurity Education, Research and Practice

Occupational fraud, the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the organization’s resources or assets, is a growing concern for all organizations. While the typical organization loses at least 5% of annual revenues to fraud, current methods of detection and prevention are not fully adequate to reduce increasing occurrences. Although information systems are making life easier, they are increasingly being used to perpetrate fraudulent activities, and internal employee security threat is responsible for more information compromise than external threats.

The purpose of this research is to examine how information security policy quality and …

Individuals' Concern About Information Privacy In Ar Mobile Games, Dapeng Liu

KSU Proceedings on Cybersecurity Education, Research and Practice

Augmented Reality (AR) proves to be an attractive technology in mobile games. While AR techniques energize mobile games, the privacy issue is raised to be discussed. Employing social media analytics (SMA) techniques, this research makes efforts to examines Twitter postings of “PokemonGo” case and explores individuals’ attitudes toward privacy in AR games. In this research, we examine what are the privacy concerns of individuals in AR games and what are the individuals’ sentiments toward privacy. In the interesting case of PokemonGo, this paper suggests that individuals’ concerns about privacy are emphasized on six dimensions - collection, improper access, unauthorized secondary …

Semi-Supervised Deep Neural Network For Network Intrusion Detection, Mutahir Nadeem, Ochaun Marshall, Sarbjit Singh, Xing Fang, Xiaohong Yuan

KSU Proceedings on Cybersecurity Education, Research and Practice

Network security is of vital importance for corporations and institutions. In order to protect valuable computer systems, network data needs to be analyzed so that possible network intrusions can be detected. Supervised machine learning methods achieve high accuracy at classifying network data as normal or malicious, but they require the availability of fully labeled data. The recently developed ladder network, which combines neural networks with unsupervised learning, shows promise in achieving a high accuracy while only requiring a small number of labeled examples. We applied the ladder network to classifying network data using the Third International Knowledge Discovery and Data …

Planning And Implementing A Successful Nsa-Nsf Gencyber Summer Cyber Academy, Bryson R. Payne, Tamirat Abegaz, Keith Antonia

KSU Proceedings on Cybersecurity Education, Research and Practice

The GenCyber program is jointly sponsored by the National Security Agency (NSA) and the National Science Foundation (NSF) to help faculty and cybersecurity experts provide summer cybersecurity camp experiences for K-12 students and teachers. The main objective of the program is to attract, educate, and motivate a new generation of young men and women to help address the nationwide shortage of trained cybersecurity professionals. The curriculum is flexible and centers on ten cybersecurity first principles. Currently, GenCyber provides cyber camp options for three types of audiences: students, teachers, and a combination of both teachers and students. In 2016, over 120 …

User Privacy Suffers At The Hands Of Access Controls, Chad N. Hoye

KSU Proceedings on Cybersecurity Education, Research and Practice

With advancements in personal hand held devices, smaller more mobile computers, tablets, and the world’s population connected with social media the threat to the user’s privacy has been diminished. I will look at how access control policies have opened the proverbial door to user’s privacy being attacked and threatened. You will see examples of how users have to divulge personal information to get better service and even be monitored while at work to prevent intrusions in to the company.

Brain Betrayal: A Neuropsychological Categorization Of Insider Attacks, Rachel L. Whitman

KSU Proceedings on Cybersecurity Education, Research and Practice

Thanks to an abundance of highly publicized data breaches, Information Security (InfoSec) is taking a larger place in organizational priorities. Despite the increased attention, the threat posed to employers by their own employees remains a frightening prospect studied mostly in a technical light. This paper presents a categorization of insider deviant behavior and misbehavior based off of the neuropsychological foundations of three main types of insiders posing a threat to an organization: accidental attackers; neurologically “hot” malcontents, and neurologically “cold” opportunists.

Training Decrement In Security Awareness Training, Tianjian Zhang

KSU Proceedings on Cybersecurity Education, Research and Practice

This study determines if there is a decremental effect following IT security awareness training. In most security policy compliance literature, the main focus has been on policy design. Studies that address security awareness training are seldom theory driven and even fewer are empirically based. To fill this gap, we draw from the theory of vigilance decrement as well as forgetting curves in psychology, and propose a classroom experiment showing that participants' IT security awareness decreases over a 45-day period since the training at day one. The result adds to the security policy compliance literature and suggests that some policy violations …

Investigating The Influence Of Perceived Uncertainty On Protection Motivation: An Experimental Study, Ali Vedadi

KSU Proceedings on Cybersecurity Education, Research and Practice

IS users and organizations must take necessary measures to adequately cope with security threats. Considering the importance and prevalence of these issues and challenges, IS security research has extensively investigated a variety of factors that influence IS users’ security intentions/behaviors. In this regard, protection-motivated behaviors are primarily based on individuals’ personal cognitive evaluations and vigilance. In reality, however, many users reach security hygiene decisions through various non-rational and non-protection-motivated processes. Such users may not necessarily rely on their own cognitive appraisals and information processing, but proceed to make decisions without careful cognitive assessments of security threats and coping responses. One …

Towards A Development Of A Mobile Application Security Invasiveness Index, Sam Espana

KSU Proceedings on Cybersecurity Education, Research and Practice

The economic impact of Mobile IP, the standard that allows IP sessions to be maintained even when switching between different cellular towers or networks, has been staggering in terms of both scale and acceleration (Doherty, 2016). As voice communications transition to all-digital, all-IP networks such as 4G, there will be an increase in risk due to vulnerabilities, malware, and hacks that exist for PC-based systems and applications (Harwood, 2011). According to Gostev (2006), in June, 2004, a well-known Spanish virus collector known as VirusBuster, emailed the first known mobile phone virus to Kaspersky Lab, Moscow. Targeting the Symbian OS, the …

Teaching Security Of Internet Of Things In Using Raspberrypi, Oliver Nichols, Li Yang, Xiaohong Yuan

KSU Proceedings on Cybersecurity Education, Research and Practice

The Internet of Things (IoTs) is becoming a reality in today’s society. The IoTs can find its application in multiple domains including healthcare, critical infrastructure, transportation, and home and personal use. It is important to teach students importance and techniques that are essential in protecting IoTs. We design a series of hands-on labs in a smart home setting, which can exercise attack and protection of IoTs. Our hands-on labs use a Raspberry Pi and several diverse smart things that communicate through Z-Wave technology. Using this environment, students can operate a home automation system and learn security concepts by performing these …

Is Security Research Development: Implications For Future Researchers, Kane Smith, Chris Merritt

KSU Proceedings on Cybersecurity Education, Research and Practice

Security within the context of Information Systems has long been a concern for both academics and practitioners. For this reason an extensive body of research has been built around the need for protecting vital technical systems and the information contained within them. This stream of research, termed Information Systems Security (ISS), has evolved with technology over the last several decades in numerous different ways. This evolution can create a great deal of difficulty for researchers to identify under-represented areas of ISS research as well as ensure all relevant areas of concern are addressed. The purpose of this paper is threefold: …

Pedagogical Resources For Industrial Control Systems Security: Design, Implementation, Conveyance, And Evaluation, Guillermo A. Francia Iii, Greg Randall

KSU Proceedings on Cybersecurity Education, Research and Practice

Industrial Control Systems (ICS), which are pervasive in our nation’s critical infrastructures, are becoming increasingly at risk and vulnerable to internal and external threats. It is imperative that the future workforce be educated and trained on the security of such systems. However, it is equally important that careful and deliberate considerations must be exercised in designing and implementing the educational and training activities that pertain to ICS. To that end, we designed and implemented pedagogical materials and tools to facilitate the teaching and learning processes in the area of ICS security. In this paper, we describe those resources, the professional …

Towards An In-Depth Understanding Of Deep Packet Inspection Using A Suite Of Industrial Control Systems Protocol Packets, Guillermo A. Francia Iii

KSU Proceedings on Cybersecurity Education, Research and Practice

Industrial control systems (ICS) are increasingly at risk and vulnerable to internal and external threats. These systems are integral part of our nation’s critical infrastructures. Consequently, a successful cyberattack on one of these could present disastrous consequences to human life and property as well. It is imperative that cybersecurity professionals gain a good understanding of these systems particularly in the area of communication protocols. Traditional Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are made to encapsulate some of these ICS protocols which may enable malicious payload to get through the network firewall and thus, gain entry into the …

Investigating Cyberbullying In Social Media: The Case Of Twitter, Xin Tian

KSU Proceedings on Cybersecurity Education, Research and Practice

Social media has profoundly changed how we interact with one another and the world around us. Recent research indicates that more and more people are using social media sites such as Facebook and Twitter for a significant portion of their day for various reasons such as making new friends, socializing with old friends, receiving information, and entertaining themselves. However, social media has also caused some problems. One of the problems is called social media cyberbullying which has developed over time as new social media technologies have developed over time. Social media cyberbullying has received increasing attention in recent years as …