Social and Behavioral Sciences Commons^™

Challenges And Measurements For Governance Of Modern Cyber Space Society, Pinghui Wang, Hongbin Pei, Junzhou Zhao, Tao Qin, Chao Shen, Dongliang Liu, Xiaohong Guan

Bulletin of Chinese Academy of Sciences (Chinese Version)

The rapid development of information technology has unprecedentedly created a prosperous cyber society and greatly enhanced productivity facilitated by social interaction. At the same time, many problems emerge in the cyber society, such as telecom fraud, privacy leakage, Internet pollution, and algorithmic discrimination. The problems bring new challenges to social order and security. In order to find the way of cyber society governance and promote the modernization of national governance, this paper first presents the analyses on the new problems encountered in the cyber society in three typical scenarios, i.e., identity governance, behavior governance, and algorithm governance, as well as …

Addressing Human Error Through Effective Cyber Policy Design, Katherine Amoresano

Emergency Preparedness, Homeland Security, and Cybersecurity

Human error is a significant contributing factor to the rise in Cybersecurity attacks regardless of increased technical control implemented to safeguard Information systems. Adversaries can circumvent technical safeguards due to human errors which result from inadequate enforceable policies and training on Cybersecurity for the everyday user. Several studies and articles show that the majority of successful attacks are human enabled, proving the need for human-centric cybersecurity research and practices. This exploratory work reviews the human aspect of Cybersecurity by investigating the cybersecurity policies at SUNY Albany and other SUNY institutions. We used a survey of students and faculty members at …

Post Pandemic Cyberbiosecurity Threats From Terrorist Groups, Haley D. Dodge

Master's Theses

The research in this thesis explored the research question: Are United States (US) health systems accessible to cyber-bio terrorist attacks post-pandemic, within the context of the emerging discipline of cyberbiosecurity? Key findings of the analysis demonstrated how US health systems are more accessible to cyber-bio terrorist attacks specifically from cyber hacking groups based on the increasing sophistication of their cyber capabilities and the lack of cyber protection for biological systems. The concept of cyberbiosecurity was first introduced in 2018 by researchers exploring the converging threat landscape of the cyber and biology domains. As biology is growing more dependent upon vulnerable …

Multivariate Fairness For Paper Selection, Reem Alsaffar

Graduate Theses and Dissertations

Peer review is the process by which publishers select the best publications for inclusion in a journal or a conference. Bias in the peer review process can impact which papers are selected for inclusion in conferences and journals. Although often implicit, race, gender and other demographics can prevent members of underrepresented groups from presenting at major conferences. To try to avoid bias, many conferences use a double-blind review process to increase fairness during reviewing. However, recent studies argue that the bias has not been removed completely. Our research focuses on developing fair algorithms that correct for these biases and select …

Accurately Grasp The New Features Of Cybersecurity Technology Development And Fully Promote The Modernization Of National Security System And Capabilities, Dengguo Feng

Bulletin of Chinese Academy of Sciences (Chinese Version)

No abstract provided.

Studies On The Development Of China’S Network And Information Security, Jiwu Jing

Bulletin of Chinese Academy of Sciences (Chinese Version)

No abstract provided.

Understanding Deviance And Victimization In Cyber Space Among Diverse Populations, Insun Park

International Journal of Cybersecurity Intelligence & Cybercrime

Recent years have witnessed a growing academic interest in deviance and victimization in the cyber space. The current issue of the International Journal of Cybersecurity Intelligence and Cybercrime features three empirical research articles on online behavior of traditionally under-researched populations and a review of much waited book on digital forensics and investigation. This paper was prepared to introduce these important scholarly works in the context of newly emerging scholarship that focuses on the experiences of diverse subgroups in cyberspace.

Aggressive Reality Docuseries And Cyberbullying: A Partial Test Of Glaser’S Differential Identification Theory, J. Ra’Chel Fowler, Darren R. Beneby, Kenethia L. Fuller

International Journal of Cybersecurity Intelligence & Cybercrime

Reality docuseries have dominated primetime airwaves for the greater part of three decades. However, little is known about how viewers who are enamored with the genre’s most aggressive characters are influenced. Using Glaser’s (1956) theory of differential identification, this study employs survey data from 210 college students at a historically Black college and university to explore whether identification with characters from aggressive reality docuseries (ARDs) and the frequency of viewing ARD are positively associated with cyberbullying. Results of multivariate analyses revealed that men were more likely than women to publicly shame others and air other’s dirty laundry online. Additionally, the …

Emerging Trends In Cybercrime Awareness In Nigeria, Ogochukwu Favour Nzeakor, Bonaventure N. Nwokeoma, Ibrahim Hassan, Benjamin Okorie Ajah, John T. Okpa

International Journal of Cybersecurity Intelligence & Cybercrime

The study examined the current trend in cybercrime awareness and the relationship such trend has with cybercrime vulnerability or victimization. Selecting a sample of 1104 Internet users from Umuahia, Abia State, Nigeria, We found that: 1) awareness of information security was high in that about 2 in every 3 (68%) participants demonstrated a favorable awareness of information security and cybercrime. It was, however, revealed that such a high level of awareness could be partial and weak. 2) most Internet users demonstrated the awareness of fraud-related cybercrime categories (39%), e-theft (15%), hacking (12%), and ATM theft (10%). However, they were rarely …

Book Review: Digital Forensics And Cyber Investigation

International Journal of Cybersecurity Intelligence & Cybercrime

No abstract provided.

Optimizing Cybersecurity Budgets With Attacksimulation, Alexander Master, George Hamilton, J. Eric Dietz

Faculty Publications

Modern organizations need effective ways to assess cybersecurity risk. Successful cyber attacks can result in data breaches, which may inflict significant loss of money, time, and public trust. Small businesses and non-profit organizations have limited resources to invest in cybersecurity controls and often do not have the in-house expertise to assess their risk. Cyber threat actors also vary in sophistication, motivation, and effectiveness. This paper builds on the previous work of Lerums et al., who presented an AnyLogic model for simulating aspects of a cyber attack and the efficacy of controls in a generic enterprise network. This paper argues that …

Kerberoasting: Case Studies Of An Attack On A Cryptographic Authentication Technology, D Demers, Hannarae Lee

International Journal of Cybersecurity Intelligence & Cybercrime

Kerberoasting, an attack vector aimed at the Kerberos authentication protocol, can be used as part of an adversary’s attack arsenal. Kerberos is a type of network authentication protocol that allows a client and server to conduct a mutual verification before providing the requested resource to the client. A successful Kerberoasting attack allows an adversary to leverage the architectural limitations of Kerberos, providing access to user password hashes that can be subject to offline cracking. A cracked user password could give a bad actor the ability to maintain persistence, move laterally, or escalate privileges in a system. Persistence or movement within …

Understanding The Challenges Of Cryptography-Related Cybercrime And Its Investigation, Sinyong Choi, Katalin Parti

International Journal of Cybersecurity Intelligence & Cybercrime

Cryptography has been applied to a range of modern technologies which criminals also exploit to gain criminal rewards while hiding their identity. Although understanding of cybercrime involving this technique is necessary in devising effective preventive measures, little has been done to examine this area. Therefore, this paper provides an overview of the two articles, featured in the special issue of the International Journal of Cybersecurity Intelligence and Cybercrime, that will enhance our understanding of cryptography-related crime, ranging from cryptocurrency and darknet market to password-cracking. The articles were presented by the winners of the student paper competition at the 2022 International …

Dynamics Of Dark Web Financial Marketplaces: An Exploratory Study Of Underground Fraud And Scam Business, Bo Ra Jung, Kyung-Shick Choi, Claire Seungeun Lee

International Journal of Cybersecurity Intelligence & Cybercrime

The number of Dark Web financial marketplaces where Dark Web users and sellers actively trade illegal goods and services anonymously has been growing exponentially in recent years. The Dark Web has expanded illegal activities via selling various illicit products, from hacked credit cards to stolen crypto accounts. This study aims to delineate the characteristics of the Dark Web financial market and its scams. Data were derived from leading Dark Web financial websites, including Hidden Wiki, Onion List, and Dark Web Wiki, using Dark Web search engines. The study combines statistical analysis with thematic analysis of Dark Web content. Offering promotions …

A Qualitative Look Into Repair Practices, Jumana Labib

Undergraduate Student Research Internships Conference

This research poster is based on a working research paper which moves beyond the traditional scope of repair and examines the Right to Repair movement from a smaller, more personal lens by detailing the 6 categorical impediments as dubbed by Dr. Alissa Centivany (design, law, economic/business strategy, material asymmetry, informational asymmetry, and social impediments) have continuously inhibited repair and affected repair practices, which has consequently had larger implications (environmental, economic, social, etc.) on ourselves, our objects, and our world. The poster builds upon my research from last year (see "The Right to Repair: (Re)building a better future"), this time pulling …

Assessing The Practical Cybersecurity Skills Gained Through Criminal Justice Academic Programs To Benefit Security Operations Centers (Socs), Lucy Tsado, Jung Seob "Scott" Kim

Journal of Cybersecurity Education, Research and Practice

Private-sector and public-sector organizations have increasingly built specific business units for securing company assets, reputation, and lives, known as security operations centers (SOCs). Depending on the organization, these centers may also be referred to as global security operations centers, cybersecurity operations centers, fusion centers, and corporate command centers, among many other names. The concept of centralized function within an organization to improve an organization’s security posture has attracted both the government and the private sectors to either build their own SOCs or hire third-party SOC companies.

In this article, the need for a multidisciplinary approach to cybersecurity education at colleges …

Fair, Equitable, And Just: A Socio-Technical Approach To Online Safety, Daricia Wilkinson

All Dissertations

Socio-technical systems have been revolutionary in reshaping how people maintain relationships, learn about new opportunities, engage in meaningful discourse, and even express grief and frustrations. At the same time, these systems have been central in the proliferation of harmful behaviors online as internet users are confronted with serious and pervasive threats at alarming rates. Although researchers and companies have attempted to develop tools to mitigate threats, the perception of dominant (often Western) frameworks as the standard for the implementation of safety mechanisms fails to account for imbalances, inequalities, and injustices in non-Western civilizations like the Caribbean. Therefore, in this dissertation …

Aligning The Transit Industry And Their Vendors In The Face Of Increasing Cyber Risk: Recommendations For Identifying And Addressing Cybersecurity Challenges, Scott Belcher, Terri Belcher, Kathryn Seckman, Brandon Thomas, Homayun Yaqub

Mineta Transportation Institute

Public transit agencies in the United States depend on external vendors to help deliver and maintain many essential services and to provide critical technologies, from ticket purchases to scheduling to email management. While the integration of new, advanced technologies into the public transit industry brings important advancements to U.S. critical transportation infrastructure, the application of digital technologies also brings with it a new assortment of digital risks. Transit agencies of all sizes are finding themselves subject to cyber incidents—most notably ransomware attacks—like those experienced by larger, more prominent companies and critical infrastructure providers. The findings in this report focus on …

Online Privacy Challenges And Their Forensic Solutions, Bandr Fakiha

Journal of the Arab American University مجلة الجامعة العربية الامريكية للبحوث

In the digital age, internet users are exposed to privacy issues online. Few rarely know when someone else is eavesdropping or about to scam them. Companies, governments, and individual internet users are all vulnerable to security breaches due to the challenges of online privacy ranging from trust and hierarchical control to financial losses. As systems advance, people are optimistic that forensic science will provide long-term interventions that surpass the current solutions, including setting stronger passwords and firewall protection. The future of online privacy is changing, and more practical interventions, such as email, malware, mobile, and network forensics, must be integrated, …

Gauging The Acceptance Of Contact Tracing Technology: An Empirical Study Of Singapore Residents’ Concerns With Sharing Their Information And Willingness To Trust, Ee-Ing Ong, Wee Ling Loo

Research Collection Yong Pung How School Of Law

In response to the COVID-19 pandemic, governments began implementing various forms of contact tracing technology. Singapore’s implementation of its contact tracing technology, TraceTogether, however, was met with significant concern by its population, with regard to privacy and data security. This concern did not fit with the general perception that Singaporeans have a high level of trust in its government. We explore this disconnect, using responses to our survey (conducted pre-COVID-19) in which we asked participants about their level of concern with the government and business collecting certain categories of personal data. The results show that respondents had less concern with …

Active Learning With Cybersecurity, Carole Shook

TFSC Publications and Presentations

A global campus grant was obtained in Spring 2020 to develop modules for Cybersecurity. This presentation encompasses the use of Cyberciege and case studies that require active learning of students.

Side-Channel Analysis On Post-Quantum Cryptography Algorithms, Tristen Teague

Computer Science and Computer Engineering Undergraduate Honors Theses

The advancements of quantum computers brings us closer to the threat of our current asymmetric cryptography algorithms being broken by Shor's Algorithm. NIST proposed a standardization effort in creating a new class of asymmetric cryptography named Post-Quantum Cryptography (PQC). These new algorithms will be resistant against both classical computers and sufficiently powerful quantum computers. Although the new algorithms seem mathematically secure, they can possibly be broken by a class of attacks known as side-channels attacks (SCA). Side-channel attacks involve exploiting the hardware that the algorithm runs on to figure out secret values that could break the security of the system. …

How Online Platforms Are Used By Child Predators And What Are The Effective Preventive Measures?, Kayla Macpherson

Cybersecurity Undergraduate Research Showcase

As technology has evolved greatly in the twenty-first century alone, younger generations have had an opportunity to grow up with devices at their fingertips none have ever before. This accessibility has strengthened their ability of quick use, skill, and a strong feeling of comfort with using and having access to technology. There seems to be more children with access to the internet than there are without, but there is also an ongoing issue behind the screens.

The Relationship Between Parenting Practices And Cyberbullying Perpetration: The Mediating Role Of Moral Beliefs, Jaeyong Choi, Seungmug (Zech) Lee, Layne Dittmann

International Journal of Cybersecurity Intelligence & Cybercrime

Criminologists and psychologists have long recognized that parenting practices can affect childhood outcomes and the development of moral beliefs in children. Another body of literature provides evidence that morality is a key cause of antisocial behavior. Yet, a noticeable gap in this line of work has been testing the mediation effects of parenting practices on cyberbullying via moral beliefs. Using a sample of South Korean adolescents, we tested whether moral beliefs mediate the relationships between parenting practices and cyberbullying perpetration. Results show that parental supervision and excessive parenting can influence cyberbullying perpetration and that the impact of parenting practices is …

Understanding Cybercrime Offending And Victimization Patterns From A Global Perspective, Jin R. Lee

International Journal of Cybersecurity Intelligence & Cybercrime

Cybercrime research within criminology and criminal justice sciences has increased over the past few decades, improving the knowledge and evidence-base around cybercrime offending and victimization generally. While earlier cybercrime studies were based primarily in the United States, there has been a recent surge in studies using international samples and multidisciplinary approaches to understand cybercrime patterns. The current issue of the International Journal of Cybersecurity Intelligence and Cybercrime consists of four articles that seek to advance our understanding of cybercrime behaviors from a global perspective. To that end, the objective of this paper is to provide a brief overview of the …

Social Construction Of Internet Fraud As Innovation Among Youths In Nigeria, Austin Ayodele Mr., Jonathan Kehinde Oyedeji, Huthman Olamide Badmos

International Journal of Cybersecurity Intelligence & Cybercrime

The proliferation of internet technologies has shaped interactions in contemporary society. Despite the pivotal importance of the internet to the global economy, it has several negative consequences such as internet fraud. This study examined the perception that young adults in Nigeria hold about internet fraud as an innovative means to economic survival rather than as a criminal enterprise. Robert Merton’s Anomie/Strain Theory (AST) was adopted as the theoretical thrust of the study. Adopting a qualitative data collection method, 15 participants were selected using the non-probabilistic purposive and snowballing techniques while opinions were sampled through in-depth interviews in different locations within …

Cybersecurity Risk In U.S. Critical Infrastructure: An Analysis Of Publicly Available U.S. Government Alerts And Advisories, Zachary Lanz

International Journal of Cybersecurity Intelligence & Cybercrime

As threat actor operations become increasingly sophisticated and emphasize the targeting of critical infrastructure and services, the need for cybersecurity information sharing will continue to grow. Escalating demand for cyber threat intelligence and information sharing across the cybersecurity community has resulted in the need to better understand the information produced by reputable sources such as U.S. CISA Alerts and ICS-CERT advisories. The text analysis program, Profiler Plus, is used to extract information from 1,574 U.S. government alerts and advisories to develop visualizations and generate enhanced insights into different cyber threat actor types, the tactics which can be used for cyber …

Comparing Online Surveys For Cybersecurity: Sona And Mturk, Anne Wagner, Anna Bakas, Shelia Kennison, Eric Chan-Tin

Computer Science: Faculty Publications and Other Works

People have many accounts and usually need to create a password for each. They tend to create insecure passwords and re-use passwords, which can lead to compromised data. This research examines if there is a link between personality type and password security among a variety of participants in two groups of participants: SONA and MTurk. Each participant in both surveys answered questions based on password security and their personality type. Our results show that participants in the MTurk survey were more likely to choose a strong password and to exhibit better security behaviors and knowledge than participants in the SONA …

Combating Terrorism Financing In The Cyber Environment A Study In Light Of The Egyptian And Emirati Experiences, Amar Elbably

Journal of Police and Legal Sciences

The research deals with the study of combating the financing of terrorism on the dark Internet, where terrorism "cyber has become an international actor, engages in interactions with states, individuals and institutions, and creates an agreement between the intelligence services and some terrorist movements, that these movements obtain information, finance, arm or training, in exchange for cyber-attacks against a mutual adversary, and the Internet plays a prominent role in the manufacture of extremism, terrorism, incitement to violence, promotion of radical ideas and attracting elements qualified for deviation, exploited in That's the dark part of the Internet, with an expansion of …

Technical Behaviours Of Child Sexual Exploitation Material Offenders, Chad Steel, Emily Newman, Suzanne O'Rourke, Ethel Quayle

Journal of Digital Forensics, Security and Law

An exploration of the technological behaviours of previously convicted child sexual exploitation material (CSEM) offenders provides a foundation for future applied research into deterrence, investigation, and treatment efforts. This study evaluates the technology choices and transitions of individuals previously convicted of CSEM offenses. Based on their inclusion in two sex offender registries, anonymous survey results (n=78) were collected from English-speaking adults within the United States. CSEM offenders chose technologies based on both utility and perceived risk; peer-to-peer and web-browsers were the most common gateway technologies and showed substantial sustained usage; a substantial minority of users never stored CSEM and only …