Open Access. Powered by Scholars. Published by Universities.®

Information Security Commons

Open Access. Powered by Scholars. Published by Universities.®

2,088 Full-Text Articles 2,645 Authors 541,590 Downloads 113 Institutions

All Articles in Information Security

Faceted Search

2,088 full-text articles. Page 1 of 84.

When Human Cognitive Modeling Meets Pins: User-Independent Inter-Keystroke Timing Attacks, Ximing LIU, Yingjiu LI, Robert H. DENG, Bing CHANG, Shujun LI 2019 Singapore Management University

When Human Cognitive Modeling Meets Pins: User-Independent Inter-Keystroke Timing Attacks, Ximing Liu, Yingjiu Li, Robert H. Deng, Bing Chang, Shujun Li

Research Collection School Of Information Systems

This paper proposes the first user-independent inter-keystroke timing attacks on PINs. Our attack method is based on an inter-keystroke timing dictionary built from a human cognitive model whose parameters can be determined by a small amount of training data on any users (not necessarily the target victims). Our attacks can thus be potentially launched on a large scale in real-world settings. We investigate inter-keystroke timing attacks in different online attack settings and evaluate their performance on PINs at different strength levels. Our experimental results show that the proposed attack performs significantly better than random guessing attacks. We further demonstrate that ...


Project Renew Worcester, Danni Yue, Amy Zhang, Jing Han, Omid Ashrafi, Yiming Xu 2018 Clark University

Project Renew Worcester, Danni Yue, Amy Zhang, Jing Han, Omid Ashrafi, Yiming Xu

School of Professional Studies

n The client for this capstone project is RENEW Worcester which is a fledgling solar power project whose main goals are to bring renewable energy in the form of solar power into local, primarily low-income communities and are committed to the mission of making the transition off of fossil fuels to clean, renewable power. Based in Worcester, Massachusetts, they are a local chapter of Co-op Power which is a consumer-owned sustainable energy cooperative (co-op) made up of numerous different local chapters all over the New England area as well as the state of New York. The problem that we will ...


The Role Of Information Communication Technologies (Icts) In Shaping Identity Threats And Responses, Mary Macharia 2018 University of Arkansas, Fayetteville

The Role Of Information Communication Technologies (Icts) In Shaping Identity Threats And Responses, Mary Macharia

Theses and Dissertations

With the rising use of social media, people are increasingly experiencing, and responding to, identity threats online. This sometimes leads to online backlash via “cybermobs” or the creation of online social movements that traverse offline. Prior information systems (IS) research on identity threats and responses largely focuses on information communication technology (ICT) implementations within organizations in an offline context. Therefore, we lack understanding of ICT-mediated identity threats and responses and ways to promote healthier and productive interactions online. This two-essay dissertation seeks to fill this gap. Essay 1 combines a review of ICT-mediated identity threats with a qualitative study (based ...


Cloud Security, Isabella Roth, Jose Salazar, Yi Hu 2018 Northern Kentucky University

Cloud Security, Isabella Roth, Jose Salazar, Yi Hu

Posters-at-the-Capitol

Isabella Roth

Jose Salazar

Professor Yi Hu

Computer Information Technology

Cloud Security: AWS Abstract

With enterprises moving their IT infrastructure to the cloud using providers like Amazon Web Services (AWS), security problems have not been reduced. In fact, cloud computing brings new security challenges. Our research investigated better solutions to the security problems that come with using the cloud to store a companies data.

The cloud is a general term for using the internet to receive some sort of data vs connecting directly to a server. This makes it easier to do things such as connecting to an online app ...


Performance Indicators Analysis Inside A Call Center Using A Simulation Program, Ditila Ekmekçiu, Markela Muça, Adrian Naço 2018 University of Tirana

Performance Indicators Analysis Inside A Call Center Using A Simulation Program, Ditila Ekmekçiu, Markela Muça, Adrian Naço

International Journal of Business and Technology

This paper deals with and shows the results of different performance indicators analyses made utilizing the help of Simulation and concentrated on dimensioning problems of handling calls capacity in a call center. The goal is to measure the reactivity of the call center’s performance to potential changes of critical variables. The literature related to the employment of this kind of instrument in call centers is reviewed, and the method that this problem is treated momentarily is precisely described. The technique used to obtain this paper’s goal implicated a simulation model using Arena Contact Center software that worked as ...


Modelling Business And Management Systems Using Fuzzy Cognitive Maps: A Critical Overview, Peter P. Groumpos 2018 University of Patras

Modelling Business And Management Systems Using Fuzzy Cognitive Maps: A Critical Overview, Peter P. Groumpos

International Journal of Business and Technology

A critical overview of modelling Business and Management (B&M) Systems using Fuzzy Cognitive Maps is presented. A limited but illustrative number of specific applications of Fuzzy Cognitive Maps in diverse B&M systems, such as e business, performance assessment, decision making, human resources management, planning and investment decision making processes is provided and briefly analyzed. The limited survey is given in a table with statics of using FCMs in B&M systems during the last 15 years. The limited survey shows that the applications of Fuzzy Cognitive Maps to today’s Business and Management studies has been steadily increased ...


An Experimental Examination On Techniques To Mitigate The Spread Of Misinformation On Social Media Networks, Thomas Hayes 2018 University of North Georgia

An Experimental Examination On Techniques To Mitigate The Spread Of Misinformation On Social Media Networks, Thomas Hayes

Georgia Undergraduate Research Conference (GURC)

Emerging research has focused on finding ways to control the spread of misinformation on SMNs. SMNs have become increasingly weaponized for individual and societal harm. For example, the United States Intelligence Community (USIC) recently released a joint statement with the Department of Homeland Security implicating the Russian government in using major social media networks (SMNs) to influence the 2016 Presidential election with "information warfare" (Clark, 2018). This study focuses on examining SMN features that can potentially reduce the spread of misinformation. Through an experimental survey approach, this study measures the effectiveness of SMN features in influencing misperceptions of SMN users ...


Cross-Referencing Social Media And Public Surveillance Camera Data For Disaster Response, Chittayong Surakitbanharn,, Calvin Yau, Guizhen Wang, Aniesh Chawla, Yinuo Pan, Zhaoya Sun, Sam Yellin, David Ebert, Yung-Hsiang Lu, George K. Thiruvathukal 2018 Stanford University

Cross-Referencing Social Media And Public Surveillance Camera Data For Disaster Response, Chittayong Surakitbanharn,, Calvin Yau, Guizhen Wang, Aniesh Chawla, Yinuo Pan, Zhaoya Sun, Sam Yellin, David Ebert, Yung-Hsiang Lu, George K. Thiruvathukal

Computer Science: Faculty Publications and Other Works

Physical media (like surveillance cameras) and social media (like Instagram and Twitter) may both be useful in attaining on-the-ground information during an emergency or disaster situation. However, the intersection and reliability of both surveillance cameras and social media during a natural disaster are not fully understood. To address this gap, we tested whether social media is of utility when physical surveillance cameras went off-line during Hurricane Irma in 2017. Specifically, we collected and compared geo-tagged Instagram and Twitter posts in the state of Florida during times and in areas where public surveillance cameras went off-line. We report social media content ...


Mapping Knowledge Units Using A Learning Management System (Lms) Course Framework, Casey Rackley 2018 Kennesaw State University

Mapping Knowledge Units Using A Learning Management System (Lms) Course Framework, Casey Rackley

KSU Proceedings on Cybersecurity Education, Research and Practice

ABSTRACT

The purpose of this paper is to examine the outcomes of using a Learning Management System (LMS) course as a framework for mapping the Centers of Academic Excellence in Cyber Defense (CAE-CD) 2019 Knowledge Units (KU) to college courses. The experience shared herein will be useful to faculty who are interested in performing the mapping and applying for CAE-CDE designation.


Hijacking Wireless Communications Using Wifi Pineapple Nano As A Rogue Access Point, Shawn J. Witemyre, Tamirat T. Abegaz, Bryson R. Payne, Ash Mady 2018 University of North Georgia

Hijacking Wireless Communications Using Wifi Pineapple Nano As A Rogue Access Point, Shawn J. Witemyre, Tamirat T. Abegaz, Bryson R. Payne, Ash Mady

KSU Proceedings on Cybersecurity Education, Research and Practice

Wireless access points are an effective solution for building scalable, flexible, mobile networks. The problem with these access points is often the lack of security. Users regularly connect to wireless access points without thinking about whether they are genuine or malicious. Moreover, users are not aware of the types of attacks that can come from “rogue” access points set up by attackers and what information can be captured by them. Attackers use this advantage to gain access to users’ confidential information. The objective of this study is to examine the effectiveness of the WiFi Pineapple NANO used as a rogue ...


Towards A Development Of Predictive Models For Healthcare Hipaa Security Rule Violation Fines, Jim Furstenberg, Yair Levy 2018 Nova Southeastern University

Towards A Development Of Predictive Models For Healthcare Hipaa Security Rule Violation Fines, Jim Furstenberg, Yair Levy

KSU Proceedings on Cybersecurity Education, Research and Practice

The Health Insurance Portability and Accountability Act’s (HIPAA) Security Rule (SR) mandate provides a national standard for the protection of electronic protected health information (ePHI). The SR’s standards provide healthcare covered entities (CEs’) flexibility in how to meet the standards because the SR regulators realized that all health care organizations are not the same. However, the SR requires CEs’ to implement reasonable and appropriate safeguards, as well as security controls that protect the confidentiality, integrity, and availability (CIA) of their ePHI data. However, compliance with the HIPAA SR mandates are confusing, complicated, and can be costly to CEs ...


Cybersecurity Education Employing Experiential Learning, Travis Lowe, Casey Rackley 2018 Kennesaw State University

Cybersecurity Education Employing Experiential Learning, Travis Lowe, Casey Rackley

KSU Proceedings on Cybersecurity Education, Research and Practice

ABSTRACT

The purpose of this paper is to discuss a curriculum design that employs Kolb’s Experiential Learning Theory stages and Kolb’s Learning Styles in four consecutive class sessions. The challenge each class is to present students with perplexing and often frustrating network problems that someday might be encountered on the job. By using Kolb’s theory, students address those problems from the perspective of each learning style, while passing through each phase of the learning cycle. As a result, students gain stronger cognitive thinking skills and hands-on troubleshooting skills in preparation for work as network administrators or cybersecurity ...


Using Project Management Knowledge And Practice To Address Digital Forensic Investigation Challenges, Steven S. Presley, Jeffrey P. Landry, Michael Black 2018 University of South Alabama

Using Project Management Knowledge And Practice To Address Digital Forensic Investigation Challenges, Steven S. Presley, Jeffrey P. Landry, Michael Black

KSU Proceedings on Cybersecurity Education, Research and Practice

The management of digital forensics investigations represents a unique challenge. The field is relatively new, and combines the technical challenges of Information Systems with the legal challenges of forensics investigations. The challenges for the Digital Forensics Investigators and the organizations they support are many. This research effort examines the characteristics and challenges of Digital Forensics Investigations and compares them with the features and knowledge areas of project management. The goal was to determine if project management knowledge, as defined in a common body of knowledge, would be helpful in addressing digital forensics investigation challenges identified in the literature. The results ...


Capturing The Existential Cyber Security Threats From The Sub-Saharan Africa Zone Through Literature Database, Samuel B. Olatunbosun, Nathanial J. Edwards, Cytyra D. Martineau 2018 Norfolk State University

Capturing The Existential Cyber Security Threats From The Sub-Saharan Africa Zone Through Literature Database, Samuel B. Olatunbosun, Nathanial J. Edwards, Cytyra D. Martineau

KSU Proceedings on Cybersecurity Education, Research and Practice

Abstract - The Internet brought about the phenomenon known as Cyber-space which is boundless in nature. It is one of the fastest-growing areas of technical infrastructure development over the past decade. Its growth has afforded everyone the opportunity to carry out one or more transactions for personal benefits. The African continent; often branded as ‘backward’ by the Western press has been able to make substantial inroads into the works of Information and Computer Technology (ICT). This rapid transition by Africans into ICT power has thus opened up the opportunities for Cybercriminal perpetrators to seek and target victims worldwide including America for ...


Laboratory Exercises To Accompany Industrial Control And Embedded Systems Security Curriculum Modules, Gretchen Richards 2018 Jacksonville State University

Laboratory Exercises To Accompany Industrial Control And Embedded Systems Security Curriculum Modules, Gretchen Richards

KSU Proceedings on Cybersecurity Education, Research and Practice

The daily intrusion attempts and attacks on industrial control systems (ICS) and embedded systems (ES) underscore the criticality of the protection of our Critical Infrastructures (CIs). As recent as mid-July 2018, numerous reports on the infiltration of US utility control rooms by Russian hackers have been published. These successful infiltration and possible manipulation of the utility companies could easily translate to a devastating attack on our nation’s power grid and, consequently, our economy and well-being. Indeed, the need to secure the control and embedded systems which operate our CIs has never been so pronounced. In our attempt to address ...


A Blockchain-Based Security-Oriented Framework For Cloud Federation, Ramandeep Kaur sandhu, Kweku Muata A. Osei-Bryson 2018 Virginia Commonwealth University

A Blockchain-Based Security-Oriented Framework For Cloud Federation, Ramandeep Kaur Sandhu, Kweku Muata A. Osei-Bryson

KSU Proceedings on Cybersecurity Education, Research and Practice

Cloud federations have been formed to share the services, prompt and support cooperation, as well as interoperability among their already deployed cloud systems. However, the creation and management of the cloud federations lead to various security issues such as confidentially, integrity and availability of the data. Despite the access control policies in place, an attacker may compromise the communication channel processing the access requests and the decisions between the access control systems and the members(users) and vice-versa. In cloud federation, the rating of the services offered by different cloud members becomes integral to providing the users with the best ...


Information Privacy Concerns In The Age Of Internet Of Things, Madhav Sharma, David Biros 2018 Oklahoma State University - Main Campus

Information Privacy Concerns In The Age Of Internet Of Things, Madhav Sharma, David Biros

KSU Proceedings on Cybersecurity Education, Research and Practice

Internet of things (IoT) offer new opportunities for advancement in many domains including healthcare, home automation, manufacturing and transportation. In recent years, the number of IoT devices have exponentially risen and this meteoric rise is poised to continue according to the industry. Advances in the IoT integrated with ambient intelligence are intended to make our lives easier. Yet for all these advancements, IoT also has a dark side. Privacy and security were already priorities when personal computers, devices and work stations were the only point of vulnerability to personal information, however, with the ubiquitous nature of smart technologies has increased ...


Teaching Cybersecurity In An Undergraduate Engineering Course, Xiuli Qu, Xiaohong Yuan 2018 North Carolina A&T State University

Teaching Cybersecurity In An Undergraduate Engineering Course, Xiuli Qu, Xiaohong Yuan

KSU Proceedings on Cybersecurity Education, Research and Practice

Organizations create a huge amount of sensitive and confidential data, which must be protected from unauthorized access or disclosure. Nowadays, most organizations store their business data in digital formats. With the increasing use of digital data, data breaches are more often and serious in recent years. Therefore, it is very important for next-generation engineers to be aware of the importance of information security, and be able to recognize vulnerabilities and threats to an information system and design user-friendly and effective security measures. To achieve it, two modules of information systems security, including lectures and in-class labs, were developed and taught ...


Study Of Physical Layer Security And Teaching Methods In Wireless Communications, Zhijian Xie, Christopher Horne 2018 NC A&T State Unversity

Study Of Physical Layer Security And Teaching Methods In Wireless Communications, Zhijian Xie, Christopher Horne

KSU Proceedings on Cybersecurity Education, Research and Practice

In most wireless channels, the signals propagate in all directions. For the communication between Alice and Bob, an Eavesdropper can receive the signals from both Alice and Bob as far as the Eavesdropper is in the range determined by the transmitting power. Through phased array antenna with beam tracking circuits or cooperative iteration, the signals are confined near the straight line connecting the positions of Alice and Bob, so it will largely reduce the valid placement of an Eavesdropper. Sometimes, this reduction can be prohibitive for Eavesdropper to wiretap the channel since the reduced space can be readily protected. Two ...


Car Hacking: Can It Be That Simple?, Bryson Payne 2018 University of North Georgia

Car Hacking: Can It Be That Simple?, Bryson Payne

KSU Proceedings on Cybersecurity Education, Research and Practice

The Internet of Things (IoT) has expanded the reach of technology at work, at home, and even on the road. As Internet-connected and self-driving cars become more commonplace on our highways, the cybersecurity of these “data centers on wheels” is of greater concern than ever. Highly publicized hacks against production cars, and a relatively small number of crashes involving autonomous vehicles, have brought the issue of securing smart cars to the forefront as a matter of public and individual safety. This article describes the integration of a module on car hacking into a semester-long ethical hacking cybersecurity course, including full ...


Digital Commons powered by bepress