Open Access. Powered by Scholars. Published by Universities.®

Information Security Commons

Open Access. Powered by Scholars. Published by Universities.®

1299 Full-Text Articles 1583 Authors 405536 Downloads 76 Institutions

All Articles in Information Security

Faceted Search

1299 full-text articles. Page 1 of 48.

Cybercrime Deterrence And International Legislation: Evidence From Distributed Denial Of Service Attacks, Kai-Lung HUI, Seung Hyun KIM, QIU-HONG WANG 2017 Singapore Management University

Cybercrime Deterrence And International Legislation: Evidence From Distributed Denial Of Service Attacks, Kai-Lung Hui, Seung Hyun Kim, Qiu-Hong Wang

Research Collection School Of Information Systems

In this paper, we estimate the impact of enforcing the Convention on Cybercrime (COC) on deterring distributed denial of service (DDOS) attacks. Our data set comprises a sample of real, random spoof-source DDOS attacks recorded in 106 countries in 177 days in the period 2004-2008. We find that enforcing the COC decreases DDOS attacks by at least 11.8 percent, but a similar deterrence effect does not exist if the enforcing countries make a reservation on international cooperation. We also find evidence of network and displacement effects in COC enforcement. Our findings imply attackers in cyberspace are rational, motivated by ...


Identity-Based Data Outsourcing With Comprehensive Auditing In Clouds, Yujue WANG, Qianhong WU, Bo QIN, Wenchang SHI, DENG, Robert H., Jiankun HU 2017 Singapore Management University

Identity-Based Data Outsourcing With Comprehensive Auditing In Clouds, Yujue Wang, Qianhong Wu, Bo Qin, Wenchang Shi, Deng, Robert H., Jiankun Hu

Research Collection School Of Information Systems

Cloud storage system provides facilitative file storage and sharing services for distributed clients. To address integrity, controllable outsourcing, and origin auditing concerns on outsourced files, we propose an identity-based data outsourcing (IBDO) scheme equipped with desirable features advantageous over existing proposals in securing outsourced data. First, our IBDO scheme allows a user to authorize dedicated proxies to upload data to the cloud storage server on her behalf, e.g., a company may authorize some employees to upload files to the company's cloud account in a controlled way. The proxies are identified and authorized with their recognizable identities, which eliminates ...


The Impact Of Low Self-Control On Online Harassment: Interaction With Opportunity., Hyunin Baek, Michael M. Losavio, George E. Higgins 2017 University of Louisville, Kentucky, USA.

The Impact Of Low Self-Control On Online Harassment: Interaction With Opportunity., Hyunin Baek, Michael M. Losavio, George E. Higgins

Journal of Digital Forensics, Security and Law

Developing Internet technology has increased the rates of youth online harassment. This study examines online harassment from adolescents with low self-control and the moderating effect of opportunity. The data used in this study were collected by the Korea Institute of Criminology in 2009. The total sample size was 1,091. The results indicated that low self-control, opportunity, and gender have a significant influence on online harassment. However, these results differed according to gender; for males, low self-control significantly impacted online harassment; for females, however, only low self-control significantly impacted online harassment. Furthermore, the interaction between low self-control and opportunity did ...


Malware Detection Using The Index Of Coincidence, Bhavna Gurnani 2017 San Jose State University

Malware Detection Using The Index Of Coincidence, Bhavna Gurnani

Master's Projects

In this research, we apply the Index of Coincidence (IC) to problems in malware analysis. The IC, which is often used in cryptanalysis of classic ciphers, is a technique for measuring the repeat rate in a string of symbols. A score based on the IC is applied to a variety of challenging malware families. We nd that this relatively simple IC score performs surprisingly well, with superior results in comparison to various machine learning based scores, at least in some cases.


Denial-Of-Service Attack Modelling And Detection For Http/2 Services, Erwin Adi 2017 Edith Cowan University

Denial-Of-Service Attack Modelling And Detection For Http/2 Services, Erwin Adi

Theses: Doctorates and Masters

Businesses and society alike have been heavily dependent on Internet-based services, albeit with experiences of constant and annoying disruptions caused by the adversary class. A malicious attack that can prevent establishment of Internet connections to web servers, initiated from legitimate client machines, is termed as a Denial of Service (DoS) attack; volume and intensity of which is rapidly growing thanks to the readily available attack tools and the ever-increasing network bandwidths. A majority of contemporary web servers are built on the HTTP/1.1 communication protocol. As a consequence, all literature found on DoS attack modelling and appertaining detection techniques ...


Achieving Perfect Location Privacy In Wireless Devices Using Anonymization, Zarrin Montazeri 2017 University of Massachusetts - Amherst

Achieving Perfect Location Privacy In Wireless Devices Using Anonymization, Zarrin Montazeri

Masters Theses May 2014 - current

The popularity of mobile devices and location-based services (LBS) have created great concerns regarding the location privacy of the users of such devices and services. Anonymization is a common technique that is often being used to protect the location privacy of LBS users. This technique assigns a random pseudonym to each user and these pseudonyms can change over time. Here, we provide a general information theoretic definition for perfect location privacy and prove that perfect location privacy is achievable for mobile devices when using the anonymization technique appropriately. First, we assume that the user’s current location is independent from ...


Online Hacker Forum Censorship: Would Banning The Bad Guys Attract Good Guys?, QIU-HONG WANG, Le-Ting ZHANG, Meng-Ke QIAO 2017 Singapore Management University

Online Hacker Forum Censorship: Would Banning The Bad Guys Attract Good Guys?, Qiu-Hong Wang, Le-Ting Zhang, Meng-Ke Qiao

Research Collection School Of Information Systems

To tackle the ubiquitous cybersecurity threats, a few countries have enacted legislation to criminalize the production, distribution and possession of computer misuse tools. Consequently, online hacker forums, which enable the provision and dissemination of malicious cyber-attack techniques among potential hackers or technology-savvy users, are subject to censorship. This project examines the mixed impacts of online hacker forum censorship on users’ contribution to protection discussion through a natural experiment with large-scale content analysis. We find that while the enforcement indeed reduced the discussion on malicious cyber-attacks, the discussion on cybersecurity protection could increase or decrease in different scenarios. The rationale is ...


On The Effectiveness Of Code-Reuse-Based Android Application Obfuscation, Xiaoxiao TANG, Yu LIANG, Xinjie MA, Yan LIN, Debin GAO 2017 Singapore Management University

On The Effectiveness Of Code-Reuse-Based Android Application Obfuscation, Xiaoxiao Tang, Yu Liang, Xinjie Ma, Yan Lin, Debin Gao

Research Collection School Of Information Systems

Attackers use reverse engineering techniques to gain detailed understanding of executable for malicious purposes, such as re-packaging an Android app to inject malicious code or advertising components. To make reverse engineering more difficult, researchers have proposed various code obfuscation techniques to conceal purposes or logic of code segments. One interesting idea of code obfuscation is to apply codereuse techniques (e.g., Return-Oriented Programming) to (re-)distribute essential code segments before they are reconstructed at runtime. Such techniques are well understood on x86 platform, but relatively less explored on Android. In this paper, we present an evaluation on the extent to ...


Toward Online Linguistic Surveillance Of Threatening Messages, Brian H. Spitzberg, Jean Mark Gawron 2016 San Diego State University, California, USA.

Toward Online Linguistic Surveillance Of Threatening Messages, Brian H. Spitzberg, Jean Mark Gawron

Journal of Digital Forensics, Security and Law

Threats are communicative acts, but it is not always obvious what they communicate or when they communicate imminent credible and serious risk. This paper proposes a research- and theory-based set of over 20 potential linguistic risk indicators that may discriminate credible from non-credible threats within online threat message corpora. Two prongs are proposed: (1) Using expert and layperson ratings to validate subjective scales in relation to annotated known risk messages, and (2) Using the resulting annotated corpora for automated machine learning with computational linguistic analyses to classify non-threats, false threats, and credible threats. Rating scales are proposed, existing threat corpora ...


Special Issue On Cyberharassment Investigation: Advances And Trends, Joanne Bryce, Virginia N. L. Franqueira, Andrew Marrington 2016 University of Central Lancashire, UK

Special Issue On Cyberharassment Investigation: Advances And Trends, Joanne Bryce, Virginia N. L. Franqueira, Andrew Marrington

Journal of Digital Forensics, Security and Law

Empirical and anecdotal evidence indicates that cyberharassment is more prevalent as the use of social media becomes increasingly widespread, making geography and physical proximity irrelevant. Cyberharassment can take different forms (e.g., cyberbullying, cyberstalking, cybertrolling), and be motivated by the objectives of inflicting distress, exercising control, impersonation, and defamation. Little is currently known about the modus operandi of offenders and their psychological characteristics. Investigation of these behaviours is particularly challenging because it involves digital evidence distributed across the devices of both alleged offenders and victims, as well as online service providers, sometimes over an extended period of time. This special ...


Differentiating Cyberbullies And Internet Trolls By Personality Characteristics And Self-Esteem, Lauren A. Zezulka, Kathryn C. Seigfried-Spellar 2016 The University of Alabama

Differentiating Cyberbullies And Internet Trolls By Personality Characteristics And Self-Esteem, Lauren A. Zezulka, Kathryn C. Seigfried-Spellar

Journal of Digital Forensics, Security and Law

Cyberbullying and internet trolling are both forms of online aggression or cyberharassment; however, research has yet to assess the prevalence of these behaviors in relationship to one another. In addition, the current study was the first to investigate whether individual differences and self-esteem discerned between self-reported cyberbullies and/or internet trolls (i.e., Never engaged in either, Cyberbully-only, Troll-only, Both Cyberbully and Troll). Of 308 respondents solicited from Mechanical Turk, 70 engaged in cyberbullying behaviors, 20 engaged in only trolling behaviors, 129 self-reported both behaviors, and 89 self-reported neither behavior. Results yielded low self-esteem, low conscientiousness, and low internal moral ...


Front Matter, 2016 Embry-Riddle Aeronautical University

Front Matter

Journal of Digital Forensics, Security and Law

No abstract provided.


Masthead, 2016 Embry-Riddle Aeronautical University

Masthead

Journal of Digital Forensics, Security and Law

No abstract provided.


Table Of Contents, 2016 Embry-Riddle Aeronautical University

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.


Back Matter, 2016 Embry-Riddle Aeronautical University

Back Matter

Journal of Digital Forensics, Security and Law

No abstract provided.


A Legal Examination Of Revenge Pornography And Cyber-Harassment, Thomas Lonardo, Tricia Martland, Doug White 2016 Roger Williams University, Rhode Island, USA

A Legal Examination Of Revenge Pornography And Cyber-Harassment, Thomas Lonardo, Tricia Martland, Doug White

Journal of Digital Forensics, Security and Law

This paper examines the current state of the statutes in the United States as they relate to cyber-harassment in the context of "revenge porn". Revenge porn refers to websites which cater to those wishing to exploit, harass, or otherwise antagonize their ex partners using pornographic images and videos which were obtained during their relationships. The paper provide examples and illustrations as well as a summary of current statute in the United States. The paper additionally explores some of the various legal remedies available to victims of revenge pornography.


Threats To Information Protection - Industry And Academic Perspectives: An Annotated Bibliography, Michael E. Whitman, Herbert J. Mattord 2016 Kennesaw State University

Threats To Information Protection - Industry And Academic Perspectives: An Annotated Bibliography, Michael E. Whitman, Herbert J. Mattord

Journal of Cybersecurity Education, Research and Practice

Threats to information assets have always been a concern to those responsible for making information useful and defending its value. The concepts of threat, threat agent, threat events and threat sources have evolved in recent years have very precise definitions. A summary of threat classification models used in academic research is provided along with a summary of recent industry threat assessment reports. Finally, the results from a recent study, 2015 SEC/CISE Threats to Information Protection Report Including a Current Snapshot of the State of the Industry, are given.


Planning And Implementing A Successful Nsa-Nsf Gencyber Summer Cyber Academy, Bryson R. Payne, Tamirat Abegaz, Keith Antonia 2016 University of North Georgia

Planning And Implementing A Successful Nsa-Nsf Gencyber Summer Cyber Academy, Bryson R. Payne, Tamirat Abegaz, Keith Antonia

Journal of Cybersecurity Education, Research and Practice

The GenCyber program is jointly sponsored by the National Security Agency (NSA) and the National Science Foundation (NSF) to help faculty and cybersecurity experts provide summer cybersecurity camp experiences for K-12 students and teachers. The main objective of the program is to attract, educate, and motivate a new generation of young men and women to help address the nationwide shortage of trained cybersecurity professionals. The curriculum is flexible and centers on ten cybersecurity first principles. Currently, GenCyber provides cyber camp options for three types of audiences: students, teachers, and a combination of both teachers and students. In 2016, over 120 ...


Towards An In-Depth Understanding Of Deep Packet Inspection Using A Suite Of Industrial Control Systems Protocol Packets, Guillermo A. Francia III, Xavier P. Francia, Anthony M. Pruitt 2016 Jacksonville State University

Towards An In-Depth Understanding Of Deep Packet Inspection Using A Suite Of Industrial Control Systems Protocol Packets, Guillermo A. Francia Iii, Xavier P. Francia, Anthony M. Pruitt

Journal of Cybersecurity Education, Research and Practice

Industrial control systems (ICS) are increasingly at risk and vulnerable to internal and external threats. These systems are integral part of our nation’s critical infrastructures. Consequently, a successful cyberattack on one of these could present disastrous consequences to human life and property as well. It is imperative that cybersecurity professionals gain a good understanding of these systems particularly in the area of communication protocols. Traditional Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are made to encapsulate some of these ICS protocols which may enable malicious payload to get through the network firewall and thus, gain entry into ...


From The Editors, Herbert J. Mattord, Michael E. Whitman, Carole L. Hollingsworth 2016 Kennesaw State University

From The Editors, Herbert J. Mattord, Michael E. Whitman, Carole L. Hollingsworth

Journal of Cybersecurity Education, Research and Practice

Welcome to the second issue of the Journal of Cybersecurity Education, Research and Practice (JCERP).


Digital Commons powered by bepress