Open Access. Powered by Scholars. Published by Universities.®

Information Security Commons

Open Access. Powered by Scholars. Published by Universities.®

2,179 Full-Text Articles 2,735 Authors 541,590 Downloads 113 Institutions

All Articles in Information Security

Faceted Search

2,179 full-text articles. Page 1 of 87.

Privileged Access Management, Anea Cobia 2019 La Salle University

Privileged Access Management, Anea Cobia

Economic Crime Forensics Capstones

Security breaches are becoming a common occurrence in society today. When breaches occur, people are often left wondering how they will be affected and what steps can be taken to protect them. The passing of stricter standards and regulations has not slowed would be hackers from crafting ways to breach networks. While there are many ways that a breach can occur, the focus of this paper will be to look at the usage of credentials and privileged accounts. Specifically, the idea of privilege access management and methods for protecting credentials will be examined.


Social Engineering In Call Centers And Ways To Reduce It, Maureen York 2019 La Salle University

Social Engineering In Call Centers And Ways To Reduce It, Maureen York

Economic Crime Forensics Capstones

Social engineering is the use of trickery, deception, persuasion, emotional manipulation, impersonation, and abuse of trust to gain information or access through the use of a human interface (Thompson, 2006). Social engineering relies on the human behavior in order to gain information or access. The technique of social engineering can be performed in numerous ways and has been proven to be an effective way for perpetrators to obtain valuable information.

This capstone project, I will focus on social engineering of call centers and the steps organizations can take to reduce it. For most organizations, the call centers or customer support ...


The Benefits Of Artificial Intelligence In Cybersecurity, Ricardo Calderon 2019 La Salle University

The Benefits Of Artificial Intelligence In Cybersecurity, Ricardo Calderon

Economic Crime Forensics Capstones

Cyberthreats have increased extensively during the last decade. Cybercriminals have become more sophisticated. Current security controls are not enough to defend networks from the number of highly skilled cybercriminals. Cybercriminals have learned how to evade the most sophisticated tools, such as Intrusion Detection and Prevention Systems (IDPS), and botnets are almost invisible to current tools. Fortunately, the application of Artificial Intelligence (AI) may increase the detection rate of IDPS systems, and Machine Learning (ML) techniques are able to mine data to detect botnets’ sources. However, the implementation of AI may bring other risks, and cybersecurity experts need to find a ...


Lowering Legal Barriers To Rpki Adoption, Christopher S. Yoo, David A. Wishnick 2019 University of Pennsylvania Law School

Lowering Legal Barriers To Rpki Adoption, Christopher S. Yoo, David A. Wishnick

Faculty Scholarship at Penn Law

Across the Internet, mistaken and malicious routing announcements impose significant costs on users and network operators. To make routing announcements more reliable and secure, Internet coordination bodies have encouraged network operators to adopt the Resource Public Key Infrastructure (“RPKI”) framework. Despite this encouragement, RPKI’s adoption rates are low, especially in North America.

This report presents the results of a year-long investigation into the hypothesis—widespread within the network operator community—that legal issues pose barriers to RPKI adoption and are one cause of the disparities between North America and other regions of the world. On the basis of interviews ...


When Human Cognitive Modeling Meets Pins: User-Independent Inter-Keystroke Timing Attacks, Ximing LIU, Yingjiu LI, Robert H. DENG, Bing CHANG, Shujun LI 2019 Singapore Management University

When Human Cognitive Modeling Meets Pins: User-Independent Inter-Keystroke Timing Attacks, Ximing Liu, Yingjiu Li, Robert H. Deng, Bing Chang, Shujun Li

Research Collection School Of Information Systems

This paper proposes the first user-independent inter-keystroke timing attacks on PINs. Our attack method is based on an inter-keystroke timing dictionary built from a human cognitive model whose parameters can be determined by a small amount of training data on any users (not necessarily the target victims). Our attacks can thus be potentially launched on a large scale in real-world settings. We investigate inter-keystroke timing attacks in different online attack settings and evaluate their performance on PINs at different strength levels. Our experimental results show that the proposed attack performs significantly better than random guessing attacks. We further demonstrate that ...


Table Of Contents, 2018 Embry-Riddle Aeronautical University

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.


Intra-Exchange Cryptocurrency Arbitrage Bot, Eric Han 2018 San Jose State University

Intra-Exchange Cryptocurrency Arbitrage Bot, Eric Han

Master's Projects

Cryptocurrencies are defined as a digital currency in which encryption techniques are utilized to regulate generation of units of currency and verify the transfer of funds, independent of a central governing body such as a bank. Due to the large number of cryptocurrencies currently available, there inherently exists many price discrepancies due to market inefficiencies. Market inefficiencies occur when the price of assets do not reflect their true value. In fact, these types of pricing discrepancies exist in other financial markets, including fiat currency exchanges and stock exchanges. However, these discrepancies are more significant in the cryptocurrency domain due to ...


Gradubique: An Academic Transcript Database Using Blockchain Architecture, Thinh Nguyen 2018 San Jose State University

Gradubique: An Academic Transcript Database Using Blockchain Architecture, Thinh Nguyen

Master's Projects

Blockchain has been widely adopted in the last few years even though it is in its infancy. The first well-known application built on blockchain technology was Bitcoin, which is a decentralized and distributed ledger to record crypto-currency transactions. All of the transactions in Bitcoin are anonymously transferred and validated by participants in the network. Bitcoin protocol and its operations are so reliable that technologists have been inspired to enhance blockchain technologies and deploy it outside of the crypto-currency world. The demand for private and non-crypto-currency solutions have surged among consortiums because of the security and fault tolerant features of blockchain ...


Paul Baran, Network Theory, And The Past, Present, And Future Of Internet, Christopher S. Yoo 2018 University of Pennsylvania Law School

Paul Baran, Network Theory, And The Past, Present, And Future Of Internet, Christopher S. Yoo

Faculty Scholarship at Penn Law

Paul Baran’s seminal 1964 article “On Distributed Communications Networks” that first proposed packet switching also advanced an underappreciated vision of network architecture: a lattice-like, distributed network, in which each node of the Internet would be homogeneous and equal in status to all other nodes. Scholars who have subsequently embraced the concept of a lattice-like network approach have largely overlooked the extent to which it is both inconsistent with network theory (associated with the work of Duncan Watts and Albert-László Barabási), which emphasizes the importance of short cuts and hubs in enabling networks to scale, and the actual way, the ...


User Attitudes About Duo Two-Factor Authentication At Byu, Jonathan Dutson 2018 Brigham Young University

User Attitudes About Duo Two-Factor Authentication At Byu, Jonathan Dutson

Undergraduate Honors Theses

Simple password-based authentication provides insufficient protection against increasingly common incidents of online identity theft and data loss. Although two-factor authentication (2FA) provides users with increased protection against attackers, users have mixed feelings about the usability of 2FA. We surveyed the students, faculty, and staff of Brigham Young University (BYU) to measure user sentiment about DUO Security, the 2FA system adopted by BYU in 2017. We find that most users consider DUO to be annoying, and about half of those surveyed expressed a preference for authentication without using a second-factor. About half of all participants reported at least one instance of ...


Project Renew Worcester, Danni Yue, Amy Zhang, Jing Han, Omid Ashrafi, Yiming Xu 2018 Clark University

Project Renew Worcester, Danni Yue, Amy Zhang, Jing Han, Omid Ashrafi, Yiming Xu

School of Professional Studies

n The client for this capstone project is RENEW Worcester which is a fledgling solar power project whose main goals are to bring renewable energy in the form of solar power into local, primarily low-income communities and are committed to the mission of making the transition off of fossil fuels to clean, renewable power. Based in Worcester, Massachusetts, they are a local chapter of Co-op Power which is a consumer-owned sustainable energy cooperative (co-op) made up of numerous different local chapters all over the New England area as well as the state of New York. The problem that we will ...


Learning-Based Analysis On The Exploitability Of Security Vulnerabilities, Adam Bliss 2018 University of Arkansas, Fayetteville

Learning-Based Analysis On The Exploitability Of Security Vulnerabilities, Adam Bliss

Computer Science and Computer Engineering Undergraduate Honors Theses

The purpose of this thesis is to develop a tool that uses machine learning techniques to make predictions about whether or not a given vulnerability will be exploited. Such a tool could help organizations such as electric utilities to prioritize their security patching operations. Three different models, based on a deep neural network, a random forest, and a support vector machine respectively, are designed and implemented. Training data for these models is compiled from a variety of sources, including the National Vulnerability Database published by NIST and the Exploit Database published by Offensive Security. Extensive experiments are conducted, including testing ...


Revolution In Crime: How Cryptocurrencies Have Changed The Criminal Landscape, Igor Groysman 2018 City University of New York (CUNY)

Revolution In Crime: How Cryptocurrencies Have Changed The Criminal Landscape, Igor Groysman

Student Theses

This thesis will examine the ways in which various cryptocurrencies have impacted certain traditional crimes. While crime is always evolving with technology, cryptocurrencies are a game changer in that they provide anonymous and decentralized payment systems which, while they can be tracked in a reactive sense via the blockchain, are seen by criminals as having better uses for them than traditional fiat currencies, such as the ability to send money relatively fast to another party without going through an intermediary, or the ability to obscure the origin of the money for money laundering purposes. Every week there are new cryptocurrencies ...


The Role Of Information Communication Technologies (Icts) In Shaping Identity Threats And Responses, Mary Macharia 2018 University of Arkansas, Fayetteville

The Role Of Information Communication Technologies (Icts) In Shaping Identity Threats And Responses, Mary Macharia

Theses and Dissertations

With the rising use of social media, people are increasingly experiencing, and responding to, identity threats online. This sometimes leads to online backlash via “cybermobs” or the creation of online social movements that traverse offline. Prior information systems (IS) research on identity threats and responses largely focuses on information communication technology (ICT) implementations within organizations in an offline context. Therefore, we lack understanding of ICT-mediated identity threats and responses and ways to promote healthier and productive interactions online. This two-essay dissertation seeks to fill this gap. Essay 1 combines a review of ICT-mediated identity threats with a qualitative study (based ...


Typing-Proof: Usable, Secure And Low-Cost Two-Factor Authentication Based On Keystroke Timings, Ximming LIU, Yingjiu LI, Robert H. DENG 2018 Singapore Management University

Typing-Proof: Usable, Secure And Low-Cost Two-Factor Authentication Based On Keystroke Timings, Ximming Liu, Yingjiu Li, Robert H. Deng

Research Collection School Of Information Systems

Two-factor authentication (2FA) systems provide another layer of protection to users' accounts beyond password. Traditional hardware token based 2FA and software token based 2FA are not burdenless to users since they require users to read, remember, and type a onetime code in the process, and incur high costs in deployments or operations. Recent 2FA mechanisms such as Sound-Proof, reduce or eliminate users' interactions for the proof of the second factor; however, they are not designed to be used in certain settings (e.g., quiet environments or PCs without built-in microphones), and they are not secure in the presence of certain ...


Secure Smart Health With Privacy-Aware Aggregate Authentication And Access Control In Internet Of Things, Yinghui ZHANG, Robert H. DENG, Gang HAN, Dong ZHENG 2018 Singapore Management University

Secure Smart Health With Privacy-Aware Aggregate Authentication And Access Control In Internet Of Things, Yinghui Zhang, Robert H. Deng, Gang Han, Dong Zheng

Research Collection School Of Information Systems

With the rapid technological advancements in the Internet of Things (IoT), wireless communication and cloud computing, smart health is expected to enable comprehensive and qualified healthcare services. It is important to ensure security and efficiency in smart health. However, existing smart health systems still have challenging issues, such as aggregate authentication, fine-grained access control and privacy protection. In this paper, we address these issues by introducing SSH, a Secure Smart Health system with privacy-aware aggregate authentication and access control in IoT. In SSH, privacy-aware aggregate authentication is enabled by an anonymous certificateless aggregate signature scheme, in which users' identity information ...


Static Analysis Of Android Secure Application Development Process With Findsecuritybugs, Xianyong Meng 2018 Kennesaw State University

Static Analysis Of Android Secure Application Development Process With Findsecuritybugs, Xianyong Meng

Master of Science in Computer Science Theses

Mobile devices have been growing more and more powerful in recent decades, evolving from a simple device for SMS messages and phone calls to a smart device that can install third party apps. People are becoming more heavily reliant on their mobile devices. Due to this increase in usage, security threats to mobile applications are also growing explosively. Mobile app flaws and security defects can provide opportunities for hackers to break into them and access sensitive information. Defensive coding needs to be an integral part of coding practices to improve the security of our code.

We need to consider data ...


Cloud Security, Isabella Roth, Jose Salazar, Yi Hu 2018 Northern Kentucky University

Cloud Security, Isabella Roth, Jose Salazar, Yi Hu

Posters-at-the-Capitol

Isabella Roth

Jose Salazar

Professor Yi Hu

Computer Information Technology

Cloud Security: AWS Abstract

With enterprises moving their IT infrastructure to the cloud using providers like Amazon Web Services (AWS), security problems have not been reduced. In fact, cloud computing brings new security challenges. Our research investigated better solutions to the security problems that come with using the cloud to store a companies data.

The cloud is a general term for using the internet to receive some sort of data vs connecting directly to a server. This makes it easier to do things such as connecting to an online app ...


Performance Indicators Analysis Inside A Call Center Using A Simulation Program, Ditila Ekmekçiu, Markela Muça, Adrian Naço 2018 University of Tirana

Performance Indicators Analysis Inside A Call Center Using A Simulation Program, Ditila Ekmekçiu, Markela Muça, Adrian Naço

International Journal of Business and Technology

This paper deals with and shows the results of different performance indicators analyses made utilizing the help of Simulation and concentrated on dimensioning problems of handling calls capacity in a call center. The goal is to measure the reactivity of the call center’s performance to potential changes of critical variables. The literature related to the employment of this kind of instrument in call centers is reviewed, and the method that this problem is treated momentarily is precisely described. The technique used to obtain this paper’s goal implicated a simulation model using Arena Contact Center software that worked as ...


Modelling Business And Management Systems Using Fuzzy Cognitive Maps: A Critical Overview, Peter P. Groumpos 2018 University of Patras

Modelling Business And Management Systems Using Fuzzy Cognitive Maps: A Critical Overview, Peter P. Groumpos

International Journal of Business and Technology

A critical overview of modelling Business and Management (B&M) Systems using Fuzzy Cognitive Maps is presented. A limited but illustrative number of specific applications of Fuzzy Cognitive Maps in diverse B&M systems, such as e business, performance assessment, decision making, human resources management, planning and investment decision making processes is provided and briefly analyzed. The limited survey is given in a table with statics of using FCMs in B&M systems during the last 15 years. The limited survey shows that the applications of Fuzzy Cognitive Maps to today’s Business and Management studies has been steadily increased ...


Digital Commons powered by bepress