Open Access. Powered by Scholars. Published by Universities.®
- Discipline
-
- Computer Engineering (3)
- Engineering (3)
- Social and Behavioral Sciences (3)
- Communication (2)
- Software Engineering (2)
-
- Communication Technology and New Media (1)
- Databases and Information Systems (1)
- Digital Communications and Networking (1)
- Education (1)
- Other Computer Sciences (1)
- Public Affairs, Public Policy and Public Administration (1)
- Secondary Education and Teaching (1)
- Systems Architecture (1)
- Teacher Education and Professional Development (1)
- Transportation (1)
- Institution
Articles 1 - 13 of 13
Full-Text Articles in Information Security
A System For Detecting Malicious Insider Data Theft In Iaas Cloud Environments, Jason Nikolai, Yong Wang
A System For Detecting Malicious Insider Data Theft In Iaas Cloud Environments, Jason Nikolai, Yong Wang
Faculty Research & Publications
The Cloud Security Alliance lists data theft and insider attacks as critical threats to cloud security. Our work puts forth an approach using a train, monitor, detect pattern which leverages a stateful rule based k-nearest neighbors anomaly detection technique and system state data to detect inside attacker data theft on Infrastructure as a Service (IaaS) nodes. We posit, instantiate, and demonstrate our approach using the Eucalyptus cloud computing infrastructure where we observe a 100 percent detection rate for abnormal login events and data copies to outside systems.
Teaching Android Security Through Examples: A Publicly Available Database Of Vulnerable Apps, Daniel E. Krutz, Samuel A. Malachowsky
Teaching Android Security Through Examples: A Publicly Available Database Of Vulnerable Apps, Daniel E. Krutz, Samuel A. Malachowsky
Articles
Security is hard, and teaching security can be even harder. Here we describe a public educational activity to assist in the instruction of both students and developers in creating secure Android apps. Our set of activities includes example vulnerable applications, information about each vulnerability, steps on how to repair the vulnerabilities, and information about how to confirm that the vulnerability has been properly repaired. Our primary goal is to make these activities available to other instructors for use in their classrooms ranging from the K-12 to university settings. A secondary goal of this project is to foster interest in security …
Semeo: A Semantic Equivalence Analysis Framework For Obfuscated Android Applications, Zhen Hu
Semeo: A Semantic Equivalence Analysis Framework For Obfuscated Android Applications, Zhen Hu
Department of Computer Science and Engineering: Dissertations, Theses, and Student Research
Software repackaging is a common approach for creating malware. In this approach, malware authors inject malicious payloads into legitimate applications; then, to ren- der security analysis more difficult, they obfuscate most or all of the code. This forces analysts to spend a large amount of effort filtering out benign obfuscated methods in order to locate potentially malicious methods for further analysis. If an effective mechanism for filtering out benign obfuscated methods were available, the number of methods that must be analyzed could be reduced, allowing analysts to be more productive. In this thesis, we introduce SEMEO, a highly effective and …
A Survey On Future Internet Security Architectures, Wenxiu Ding, Zheng Yan, Robert H. Deng
A Survey On Future Internet Security Architectures, Wenxiu Ding, Zheng Yan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Current host-centric Internet Protocol (IP) networks are facing unprecedented challenges, such as network attacks and the exhaustion of IP addresses. Motivated by emerging demands for security, mobility, and distributed networking, many research projects have been initiated to design the future Internet from a clean slate. In order to obtain a thorough knowledge of security in future Internet architecture, we review a number of well-known projects, including named data networking, Content Aware Searching Retrieval and sTreaming, MobilityFirst Future Internet Architecture Project (MobilityFirst), eXpressive Internet Architecture, and scalability, control, and isolation on next-generation network. These projects aim to move away from the …
Significant Permission Identification For Android Malware Detection, Lichao Sun
Significant Permission Identification For Android Malware Detection, Lichao Sun
Department of Computer Science and Engineering: Dissertations, Theses, and Student Research
A recent report indicates that a newly developed malicious app for Android is introduced every 11 seconds. To combat this alarming rate of malware creation, we need a scalable malware detection approach that is effective and efficient. In this thesis, we introduce SigPID, a malware detection system based on permission analysis to cope with the rapid increase in the number of Android malware. Instead of analyzing all 135 Android permissions, our approach applies 3-level pruning by mining the permission data to identify only significant permissions that can be effective in distinguishing benign and malicious apps. Based on the identified significant …
Mobipot: Understanding Mobile Telephony Threats With Honeycards, Marco Balduzzi, Payas Gupta, Lion Gu, Debin Gao, Mustaque Ahamad
Mobipot: Understanding Mobile Telephony Threats With Honeycards, Marco Balduzzi, Payas Gupta, Lion Gu, Debin Gao, Mustaque Ahamad
Research Collection School Of Computing and Information Systems
Over the past decade, the number of mobile phones has increased dramatically, overtaking the world population in October 2014. In developing countries like India and China, mobile subscribers outnumber traditional landline users and account for over 90% of the active population. At the same time, convergence of telephony with the Internet with technologies like VoIP makes it possible to reach a large number of telephone users at a low or no cost via voice calls or SMS (short message service) messages. As a consequence, cybercriminals are abusing the telephony channel to launch attacks, e.g., scams that offer fraudulent services and …
A Survey Of Social Media Users Privacy Settings & Information Disclosure, Mashael Aljohani, Alastair Nisbet, Kelly Blincoe
A Survey Of Social Media Users Privacy Settings & Information Disclosure, Mashael Aljohani, Alastair Nisbet, Kelly Blincoe
Australian Information Security Management Conference
This research utilises a comprehensive survey to ascertain the level of social networking site personal information disclosure by members at the time of joining the membership and their subsequent postings to the sites. Areas examined are the type of information they reveal, their level of knowledge and awareness regarding how their information is protected by SNSs and the awareness of risks that over-sharing may pose. Additionally, this research studies the effect of gender, age, education, and level of privacy concern on the amount and kind of personal information disclosure and privacy settings applied. A social experiment was then run for …
A Privacy Gap Around The Internet Of Things For Open-Source Projects, Brian Cusack, Reza Khaleghparast
A Privacy Gap Around The Internet Of Things For Open-Source Projects, Brian Cusack, Reza Khaleghparast
Australian Information Security Management Conference
The Internet of Things (IoT) is having a more important role in the everyday lives of people. The distribution of connectivity across social and personal interaction discloses personalised information and gives access to a sphere of sensitivities that were previously masked. Privacy measures and security to protect personal sensitivities are weak and in their infancy. In this paper we review the issue of privacy in the context of IoT open-source projects, and the IoT security concerns. A proposal is made to create a privacy bubble around the interoperability of devices and systems and a filter layer to mitigate the exploitation …
A Forensic Examination Of Several Mobile Device Faraday Bags & Materials To Test Their Effectiveness, Ashleigh Lennox-Steele, Alastair Nisbet
A Forensic Examination Of Several Mobile Device Faraday Bags & Materials To Test Their Effectiveness, Ashleigh Lennox-Steele, Alastair Nisbet
Australian Digital Forensics Conference
A Faraday bag is designed to shield a mobile phone or small digital device from radio waves entering the bag and reaching the device, or to stop radio waves escaping through the bag from the device. The effectiveness of these shields is vital for security professionals and forensic investigators who seize devices and wish to ensure that their contents are not read, modified or deleted prior to a forensic examination. This research tests the effectiveness of several readily available Faraday bags. The Faraday bags tested are all available through online means and promise complete blocking of all signals through the …
An Analysis Of Chosen Alarm Code Pin Numbers & Their Weakness Against A Modified Brute Force Attack, Alastair Nisbet, Maria Kim
An Analysis Of Chosen Alarm Code Pin Numbers & Their Weakness Against A Modified Brute Force Attack, Alastair Nisbet, Maria Kim
Australian Information Security Management Conference
Home and commercial alarms are an integral physical security measure that have become so commonplace that little thought is given to the security that they may or may not provide. Whilst the focus has shifted from physical security in the past to cyber security in the present, physical security for protecting assets may be just as important for many business organisations. This research looks at 700 genuine alarm PIN codes chosen by users to arm and disarm alarm systems in a commercial environment. A comparison is made with a study of millions of PIN numbers unrelated to alarms to compare …
Using Graphic Methods To Challenge Cryptographic Performance, Brian Cusack, Erin Chapman
Using Graphic Methods To Challenge Cryptographic Performance, Brian Cusack, Erin Chapman
Australian Information Security Management Conference
Block and stream ciphers have formed the traditional basis for the standardisation of commercial ciphers in the DES, AES, RC4, and so on. More recently alternative graphic methods such as Elliptic Curve Cryptography (ECC) have been adopted for performance gains. In this research we reviewed a range of graphic and non-graphic methods and then designed our own cipher system based on several graphic methods, including Visual Cryptography (VC). We then tested our cipher against RC4 and the AES algorithms for performance and security. The results showed that a graphics based construct may deliver comparable or improved security and performance in …
Establishing Effective And Economical Traffic Surveillance In Tonga, Brian Cusack, George Maeakafa
Establishing Effective And Economical Traffic Surveillance In Tonga, Brian Cusack, George Maeakafa
Australian Digital Forensics Conference
The Pacific Islands are seriously challenged by the growth in wealth and the expansion of international material possessions. On the roads traffic has grown dramatically and the types of vehicles now using Island roads has greatly changed. With the importation of cheap second hand vehicles designed for freeway speeds serious safety issues have grown proportionally with the increasing numbers. In this research we consider the prohibitive costs of traditional traffic controls to economy and propose a light weight highly mobile aerial surveillance system that integrates with ground policing capability. Our research question was: How can road safety and security be …
Optical Fiber Sensors In Physical Intrusion Detection Systems: A Review, Gary Andrew Allwood, Graham Wild, Steven Hinkley
Optical Fiber Sensors In Physical Intrusion Detection Systems: A Review, Gary Andrew Allwood, Graham Wild, Steven Hinkley
Research outputs 2014 to 2021
Fiber optic sensors have become a mainstream sensing technology within a large array of applications due to their inherent benefits. They are now used significantly in structural health monitoring, and are an essential solution for monitoring harsh environments. Since their first development over 30 years ago, they have also found promise in security applications. This paper reviews all of the optical fiber-based techniques used in physical intrusion detection systems. It details the different approaches used for sensing, interrogation, and networking, by research groups, attempting to secure both commercial and residential premises from physical security breaches. The advantages and the disadvantages …