Open Access. Powered by Scholars. Published by Universities.®

Computer Sciences Commons

Open Access. Powered by Scholars. Published by Universities.®

29022 Full-Text Articles 28167 Authors 7177340 Downloads 257 Institutions

All Articles in Computer Sciences

Faceted Search

29022 full-text articles. Page 1 of 780.

A Model Of Competition Between Perpetual Software And Software As A Service, Zhiling GUO, Dan MA 2018 Singapore Management University

A Model Of Competition Between Perpetual Software And Software As A Service, Zhiling Guo, Dan Ma

Research Collection School Of Information Systems

Software as a service (SaaS) has grown to be a significant segment of many software product markets. SaaS vendors, which charge customers based on use and continuously improve the quality of their products, have put competitive pressure on traditional perpetual software vendors, which charge a licensing fee and periodically upgrade the quality of their software. We develop an analytical model to study the competitive pricing strategies of an incumbent perpetual software vendor in the presence of a SaaS competitor. We find that, depending on both the SaaS quality improvement rate and the network effect, the perpetual software vendor adopts one ...


A Model Of Competition Between Perpetual Software And Software As A Service, Zhiling GUO, Dan MA 2018 Singapore Management University

A Model Of Competition Between Perpetual Software And Software As A Service, Zhiling Guo, Dan Ma

Research Collection School Of Information Systems

Software as a service (SaaS) has grown to be a significant segment of many software product markets. SaaS vendors, which charge customers based on use and continuously improve the quality of their products, have put competitive pressure on traditional perpetual software vendors, which charge a licensing fee and periodically upgrade the quality of their software. We develop an analytical model to study the competitive pricing strategies of an incumbent perpetual software vendor in the presence of a SaaS competitor. We find that, depending on both the SaaS quality improvement rate and the network effect, the perpetual software vendor adopts one ...


Vkse-Mo: Verifiable Keyword Search Over Encrypted Data In Multi-Owner Settings, Yinbin MIAO, Jianfeng MA, Ximeng LIU, Junwei ZHANG, Zhiquan LIU 2017 Xidian University

Vkse-Mo: Verifiable Keyword Search Over Encrypted Data In Multi-Owner Settings, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Junwei Zhang, Zhiquan Liu

Research Collection School Of Information Systems

Searchable encryption (SE) techniques allow cloud clients to easily store data and search encrypted data in a privacy-preserving manner, where most of SE schemes treat the cloud server as honest-but-curious. However, in practice, the cloud server is a semi-honest-but-curious third-party, which only executes a fraction of search operations and returns a fraction of false search results to save its computational and bandwidth resources. Thus, it is important to provide a results verification method to guarantee the correctness of the search results. Existing SE schemes allow multiple data owners to upload different records to the cloud server, but these schemes have ...


Secure Server-Aided Top-K Monitoring, Yujue WANG, Hwee Hwa PANG, Yanjiang YANG, Xuhua DING 2017 Singapore Management University

Secure Server-Aided Top-K Monitoring, Yujue Wang, Hwee Hwa Pang, Yanjiang Yang, Xuhua Ding

Research Collection School Of Information Systems

In a data streaming model, a data owner releases records or documents to a set of users with matching interests, in such a way that the match in interest can be calculated from the correlation between each pair of document and user query. For scalability and availability reasons, this calculation is delegated to third-party servers, which gives rise to the need to protect the integrity and privacy of the documents and user queries. In this paper, we propose a server-aided data stream monitoring scheme (DSM) to address the aforementioned integrity and privacy challenges, so that the users are able to ...


Understanding Inactive Yet Available Assignees In Github, Jing JIANG, David LO, Xinyu MA, Fuli FENG, Li ZHANG 2017 Singapore Management University

Understanding Inactive Yet Available Assignees In Github, Jing Jiang, David Lo, Xinyu Ma, Fuli Feng, Li Zhang

Research Collection School Of Information Systems

Context In GitHub, an issue or a pull request can be assigned to a specific assignee who is responsible for working on this issue or pull request. Due to the principle of voluntary participation, available assignees may remain inactive in projects. If assignees ever participate in projects, they are active assignees; otherwise, they are inactive yet available assignees (inactive assignees for short). Objective Our objective in this paper is to provide a comprehensive analysis of inactive yet available assignees in GitHub. Method We collect 2,374,474 records of activities in 37 popular projects, and 797,756 records of activities ...


Defaultification Refactoring: A Tool For Automatically Converting Java Methods To Default, Raffi T. Khatchadourian, Hidehiko Masuhara 2017 CUNY Hunter College

Defaultification Refactoring: A Tool For Automatically Converting Java Methods To Default, Raffi T. Khatchadourian, Hidehiko Masuhara

Publications and Research

Enabling interfaces to declare (instance) method implementations, Java 8 default methods can be used as a substitute for the ubiquitous skeletal implementation software design pattern. Performing this transformation on legacy software manually, though, may be non-trivial. The refactoring requires analyzing complex type hierarchies, resolving multiple implementation inheritance issues, reconciling differences between class and interface methods, and analyzing tie-breakers (dispatch precedence) with overriding class methods. All of this is necessary to preserve type-correctness and confirm semantics preservation. We demonstrate an automated refactoring tool called Migrate Skeletal Implementation to Interface for transforming legacy Java code to use the new default construct. The ...


Towards A Development Of A Social Engineering Exposure Index (Sexi) Using Publicly Available Personal Information, W. Shawn Wilkerson, Yair Levy, James Richard Kiper, Martha Snyder 2017 College of Engineering and Computing, Nova Southeastern University

Towards A Development Of A Social Engineering Exposure Index (Sexi) Using Publicly Available Personal Information, W. Shawn Wilkerson, Yair Levy, James Richard Kiper, Martha Snyder

KSU Proceedings on Cybersecurity Education, Research and Practice

Millions of people willingly expose their lives via Internet technologies every day, and even those who stay off the Internet find themselves exposed through data breaches. Trillions of private information records flow through the Internet. Marketers gather personal preferences to coerce shopping behavior, while providers gather personal information to provide enhanced services. Few users have considered where their information is going or who has access to it. Even fewer are aware of how decisions made in their own lives expose significant pieces of information, which can be used to harm the very organizations they are affiliated with by cyber attackers ...


A Comparison Of Personal Social Media Risk Perceptions Between Undergraduate Students And Human Resource Professionals, Julio C. Rivera, Jack Howard, Samuel Goh, James Worrell, Paul Di Gangi 2017 University of Alabama, Birmingham

A Comparison Of Personal Social Media Risk Perceptions Between Undergraduate Students And Human Resource Professionals, Julio C. Rivera, Jack Howard, Samuel Goh, James Worrell, Paul Di Gangi

KSU Proceedings on Cybersecurity Education, Research and Practice

This study contrasts the social media risk perceptions of undergraduate students, versus those of certified Human Resource professionals. Social media is widely used by most segments of the population, and particularly among the age group that includes most undergraduate students. Organizations hiring employees are increasingly examining job applicant's social media postings as part of the applicant screening process. In this study we examine how these groups differ in their perceptions of the risks inherent in using social media, and what these differences may mean for students seeking employment. Recommendations are made for raising undergraduate student awareness of these risks.


Experiments With Applying Artificial Immune System In Network Attack Detection, Alexis Cooper 2017 North Carolina A & T State University

Experiments With Applying Artificial Immune System In Network Attack Detection, Alexis Cooper

KSU Proceedings on Cybersecurity Education, Research and Practice

The assurance of security within a network is difficult due to the variations of attacks. This research conducts various experiments to implement an Artificial Immune System based Intrusion Detection System to identify intrusions using the Negative Selection Algorithm. This research explores the implementation of an Artificial Immune System opposed to the industry standard of machine learning. Various experiments were conducted to identify a method to separate data to avoid false-positive results. The use of an Artificial Immune System requires a self and nonself classification to determine if an intrusion is present within the network. The results of an Artificial Immune ...


Reducing Human Error In Cyber Security Using The Human Factors Analysis Classification System (Hfacs)., Tommy Pollock 2017 Kennesaw State University

Reducing Human Error In Cyber Security Using The Human Factors Analysis Classification System (Hfacs)., Tommy Pollock

KSU Proceedings on Cybersecurity Education, Research and Practice

For several decades, researchers have stated that human error is a significant cause of information security breaches, yet it still remains to be a major issue today. Quantifying the effects of security incidents is often a difficult task because studies often understate or overstate the costs involved. Human error has always been a cause of failure in many industries and professions that is overlooked or ignored as an inevitability. The problem with human error is further exacerbated by the fact that the systems that are set up to keep networks secure are managed by humans. There are several causes of ...


A Developmental Study On Assessing The Cybersecurity Competency Of Organizational Information System Users, Richard Nilsen, Yair Levy, Steven Terrell, Dawn Beyer 2017 Nova Southeastern University

A Developmental Study On Assessing The Cybersecurity Competency Of Organizational Information System Users, Richard Nilsen, Yair Levy, Steven Terrell, Dawn Beyer

KSU Proceedings on Cybersecurity Education, Research and Practice

Organizational information system users (OISUs) that are open to cyber threats vectors are contributing to major financial and information losses for individuals, businesses, and governments. Moreover, technical cybersecurity controls may be rendered useless due to a lack of cybersecurity competency of OISUs. The main goal of this research study was to propose and validate, using subject matter experts (SMEs), a reliable hands-on assessment prototype tool for measuring the knowledge, skills, and abilities (KSAs) that comprise the cybersecurity competency of an OISU. Primarily using the Delphi methodology, this study implemented four phases of data collection using cybersecurity SMEs for proposing and ...


Voice Hacking Proof Of Concept: Using Smartphones To Spread Ransomware To Traditional Pcs, Leonardo I. Mazuran, Bryson R. Payne, Tamirat T. Abegaz 2017 University of North Georgia

Voice Hacking Proof Of Concept: Using Smartphones To Spread Ransomware To Traditional Pcs, Leonardo I. Mazuran, Bryson R. Payne, Tamirat T. Abegaz

KSU Proceedings on Cybersecurity Education, Research and Practice

This paper presents a working proof of concept that demonstrates the ability to deploy a sequence of hacks, triggered by speaking a smartphone command, to launch ransomware and other destructive attacks against vulnerable Windows computers on any wireless network the phone connects to after the voice command is issued. Specifically, a spoken, broadcast, or pre-recorded voice command directs vulnerable Android smartphones or tablets to a malicious download page that compromises the Android device and uses it as a proxy to run software designed to scan the Android device’s local area network for Windows computers vulnerable to the EternalBlue exploit ...


Security Device Roles, Vabrice Wilder 2017 Kennesaw State University

Security Device Roles, Vabrice Wilder

KSU Proceedings on Cybersecurity Education, Research and Practice

“An abstract of this article was published in the proceedings of the Conference on Cybersecurity Education, Research & Practice, 2017”. Communication has evolved since the beginning of mankind from smoke signals to drones to now the internet. In a world filled with technology the security of one’s device is not to be taken for granted. A series of research was done in order to gather details about network devices that can aid in the protection of one’s information while being transferred through the internet. The findings included but not limited to, switches, the seven layers of OSI, routers, firewalls ...


Analyzing Http Requests For Web Intrusion Detection, Sara Althubiti, Xiaohong Yuan, Albert Esterline 2017 North Carolina A & T State University

Analyzing Http Requests For Web Intrusion Detection, Sara Althubiti, Xiaohong Yuan, Albert Esterline

KSU Proceedings on Cybersecurity Education, Research and Practice

Many web application security problems related to intrusion have resulted from the rapid development of web applications. To reduce the risk of web application problems, web application developers need to take measures to write secure applications to prevent known attacks. When such measures fail, it is important to detect such attacks and find the source of the attacks to reduce the estimated risks. Intrusion detection is one of the powerful techniques designed to identify and prevent harm to the system. Most defensive techniques in Web Intrusion Systems are not able to deal with the complexity of cyber-attacks in web applications ...


The Information Security Challenges Of Addressing Homeland Security Safeguards In The Nuclear Field, Jessica Engler, James N. Smith 2017 Nova Southeastern University

The Information Security Challenges Of Addressing Homeland Security Safeguards In The Nuclear Field, Jessica Engler, James N. Smith

KSU Proceedings on Cybersecurity Education, Research and Practice

The US Nuclear Regulatory Commission (NRC) is tasked with regulating America’s non-military nuclear. No agency has such an onerous task of balancing the public’s desire for openness with the need to protect the nation’s nuclear infrastructure and technologies from malicious actors. The Nuclear Infrastructure was identified as a Critical Infrastructure by the Department of Homeland Security (DHS). Additionally, the NRC and the DHS have an interagency agreement to protect Sensitive Homeland Security Information (SHSI) from malicious actors by restricting it from public access. Using publicly available documentation, the NRC’s Information Security program was evaluated against both ...


"Think Before You Click. Post. Type." Lessons Learned From Our University Cyber Secuity Awareness Campaign, Rachael Innocenzi, Kaylee Brown, Peggy Liggit, Samir Tout, Andrea Tanner, Theodore Coutilish, Rocky Jenkins 2017 Eastern Michigan University

"Think Before You Click. Post. Type." Lessons Learned From Our University Cyber Secuity Awareness Campaign, Rachael Innocenzi, Kaylee Brown, Peggy Liggit, Samir Tout, Andrea Tanner, Theodore Coutilish, Rocky Jenkins

KSU Proceedings on Cybersecurity Education, Research and Practice

This article discusses the lessons learned after implementing a successful university-wide cyber security campaign. The Cyber Security Awareness Committee (CyberSAC), a group comprised of diverse units across campus, collaborated together on resources, talent, people, equipment, technology, and assessment practices to meet strategic goals for cyber safety and education. The project involves assessing student learning and behavior changes after participating in a Cyber Security Password Awareness event that was run as a year-long campaign targeting undergraduate students. The results have implications for planning and implementing university-wide initiatives in the field of cyber security, and more broadly, higher education at large.


Ssetgami: Secure Software Education Through Gamification, Hector Suarez, Hooper Kincannon, Li Yang 2017 University of Tennessee at Chattanooga

Ssetgami: Secure Software Education Through Gamification, Hector Suarez, Hooper Kincannon, Li Yang

KSU Proceedings on Cybersecurity Education, Research and Practice

Since web browsers have become essential to accomplishing everyday tasks, developing secure web applications has become a priority in order to protect user data, corporate databases and critical infrastructure against cyber-crimes . This research presents a game-like (gamification) approach to teach key concepts and skills on how to develop secure web applications. Gamification draws on motivational models, one of psychological theories. Gamification design has great potential over traditional education where we often find students demotivated and lecturers failing to engage them in learning activities. This research created game-like learning modules to teach top vulnerabilities and countermeasures for these top vulnerabilities in ...


On The Interaction Of Object-Oriented Design Patterns And Programming Languages, Gerald Baumgartner, Konstantin Laufer, Vernon J. Rego 2017 Purdue University

On The Interaction Of Object-Oriented Design Patterns And Programming Languages, Gerald Baumgartner, Konstantin Laufer, Vernon J. Rego

Konstantin Läufer

No abstract provided.


Sisl: Several Interfaces, Single Logic, Thomas Ball, Christopher P. Colby, Peter Danielsen, Lalita Jategaonkar Jagadeesan, Radhakrishnan Jagadeesan, Konstantin Laufer, Peter Mataga, Kenneth Rehor 2017 Lucent Technologies

Sisl: Several Interfaces, Single Logic, Thomas Ball, Christopher P. Colby, Peter Danielsen, Lalita Jategaonkar Jagadeesan, Radhakrishnan Jagadeesan, Konstantin Laufer, Peter Mataga, Kenneth Rehor

Konstantin Läufer

Modern interactive services such as information and e-commerce services are becoming increasingly more flexible in the types of user interfaces they support. These interfaces incorporate automatic speech recognition and natural language understanding, and include graphical user interfaces on the desktop and web-based interfaces using applets and HTML forms. To what extent can the user interface software be decoupled from the service logic software (the code that defines the essential function of a service)? Decoupling of user interface from service logic directly impacts the flexibility of services, or, how easy they are to modify and extend. To explore these issues, we ...


Network Technologies Used To Aggregate Environmental Data, Paul Stasiuk, Konstantin Läufer, George K. Thiruvathukal 2017 Loyola University Chicago

Network Technologies Used To Aggregate Environmental Data, Paul Stasiuk, Konstantin Läufer, George K. Thiruvathukal

Konstantin Läufer

The goal of the Loyola Weather Service (lws) project is to design and build a system of functioning environmental monitoring widgets that can intelligently and autonomously control the environment around them based on set thresholds and triggers. The widgets will also have the ability to aggregate their data and easily display this data in various ways: through a user interface in the room that the widget is placed, via a web application, and programmatically via a RESTful web service.


Digital Commons powered by bepress