Open Access. Powered by Scholars. Published by Universities.®

Information Security Commons

Open Access. Powered by Scholars. Published by Universities.®

3,184 Full-Text Articles 4,222 Authors 796,520 Downloads 148 Institutions

All Articles in Information Security

Faceted Search

3,184 full-text articles. Page 1 of 131.

Analysis Of Theoretical And Applied Machine Learning Models For Network Intrusion Detection, Jonah Baron 2021 Dakota State University

Analysis Of Theoretical And Applied Machine Learning Models For Network Intrusion Detection, Jonah Baron

Masters Theses & Doctoral Dissertations

Network Intrusion Detection System (IDS) devices play a crucial role in the realm of network security. These systems generate alerts for security analysts by performing signature-based and anomaly-based detection on malicious network traffic. However, there are several challenges when configuring and fine-tuning these IDS devices for high accuracy and precision. Machine learning utilizes a variety of algorithms and unique dataset input to generate models for effective classification. These machine learning techniques can be applied to IDS devices to classify and filter anomalous network traffic. This combination of machine learning and network security provides improved automated network defense by developing highly-optimized ...


Security Fatigue And Its Effects On Perceived Password Strength Among University Students, Chase Carroll 2021 University of Tennessee at Chattanooga

Security Fatigue And Its Effects On Perceived Password Strength Among University Students, Chase Carroll

Honors Theses

This study was performed with the goal of observing the effect, if any, that security fatigue has on students’ perceived strength of passwords. In doing so, it was hoped to find some correlation between the two that would help in establishing a measurable effect of the phenomenon in students. This could potentially aid organizational decision-makers, such as security policy writers and system admins, to make more informed decisions about implementing security measures. To achieve the goal of observing this fatigue and attempting to measure it, a survey was distributed to numerous students on the University of Tennessee at Chattanooga campus ...


A Novel Dynamic Analysis Infrastructure To Instrument Untrusted Execution Flow Across User-Kernel Spaces, Jiaqi HONG, Xuhua DING 2021 Singapore Management University

A Novel Dynamic Analysis Infrastructure To Instrument Untrusted Execution Flow Across User-Kernel Spaces, Jiaqi Hong, Xuhua Ding

Research Collection School Of Computing and Information Systems

Code instrumentation and hardware based event trapping are two primary approaches used in dynamic malware analysis systems. In this paper, we propose a new approach called Execution Flow Instrumentation (EFI) where the analyzer execution flow is interleaved with the target flow in user- and kernel-mode, at junctures flexibly chosen by the analyzer at runtime. We also propose OASIS as the system infrastructure to realize EFI with virtues of the current two approaches, however without their drawbacks. Despite being securely and transparently isolated from the target, the analyzer introspects and controls it in the same native way as instrumentation code. We ...


Trust Models And Risk In The Internet Of Things, Jeffrey Hemmes 2021 Regis University

Trust Models And Risk In The Internet Of Things, Jeffrey Hemmes

Regis University Faculty Publications

The Internet of Things (IoT) is envisaged to be a large-scale, massively heterogeneous ecosystem of devices with varying purposes and capabilities. While architectures and frameworks have focused on functionality and performance, security is a critical aspect that must be integrated into system design. This work proposes a method of risk assessment of devices using both trust models and static capability profiles to determine the level of risk each device poses. By combining the concepts of trust and secure device fingerprinting, security mechanisms can be more efficiently allocated across networked IoT devices. Simultaneously, devices can be allowed a greater degree of ...


Infiltrating Cloud Storage Of Iot Devices Using Ransomware, Anna Millerhagen 2021 Winona State University

Infiltrating Cloud Storage Of Iot Devices Using Ransomware, Anna Millerhagen

Ramaley Research Celebration

Infiltrating Cloud Storage of IoT devices using Ransomware

Anna Millerhagen

Computer science Department

Advisor: Eric Wright

Security is necessary for all areas of computer science. The expanding world of IT is IoT devices. There are many smart devices in our daily lives such as smart speakers, smart light bulbs, smart watches, doorbell cams, security systems, smart smoke alarms, smart cars, and many more. The need for security in these devices is critical. Any one of these devices could be the weak link to a security breach. These devices are all enabled and communicate through cloud services. They interact with various ...


A Critical Review Of: The Perfect Weapon: War, Sabotage, And Fear In The Cyber Age, Steven Cauthron 2021 Augusta University

A Critical Review Of: The Perfect Weapon: War, Sabotage, And Fear In The Cyber Age, Steven Cauthron

International Journal of Security Studies

Book Review: A Critical Review of: The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age


Assessing The Credibility Of Cyber Adversaries, Jenny A. Wells, Dana S. LaFon, Margaret Gratian 2021 Bridgewater State University

Assessing The Credibility Of Cyber Adversaries, Jenny A. Wells, Dana S. Lafon, Margaret Gratian

International Journal of Cybersecurity Intelligence & Cybercrime

Online communications are ever increasing, and we are constantly faced with the challenge of whether online information is credible or not. Being able to assess the credibility of others was once the work solely of intelligence agencies. In the current times of disinformation and misinformation, understanding what we are reading and to who we are paying attention to is essential for us to make considered, informed, and accurate decisions, and it has become everyone’s business. This paper employs a literature review to examine the empirical evidence across online credibility, trust, deception, and fraud detection in an effort to consolidate ...


Cyberbullying: Its Social And Psychological Harms Among Schoolers, Hyeyoung Lim, Hannarae Lee 2021 Bridgewater State University

Cyberbullying: Its Social And Psychological Harms Among Schoolers, Hyeyoung Lim, Hannarae Lee

International Journal of Cybersecurity Intelligence & Cybercrime

Criminal justice around the world has prioritized the prevention and protection of bullying and its victims due to the rapid increases in peer violence. Nevertheless, relatively few studies have examined what treatments or assistance are effective for peer victims to reduce and recover from their social and psychological suffering, especially in cyberbullying cases. Using data derived from the National Crime Victimization Survey-School Crime Supplement data in 2011 and 2013 (N=823), the current study examined the impact of two emotional support groups (i.e., adult and peer groups) on cyberbullying victims' social and psychological harm. The findings indicated that both ...


Cyber-Victimization Trends In Trinidad & Tobago: The Results Of An Empirical Research, Troy Smith, Nikolaos Stamatakis 2021 Bridgewater State University

Cyber-Victimization Trends In Trinidad & Tobago: The Results Of An Empirical Research, Troy Smith, Nikolaos Stamatakis

International Journal of Cybersecurity Intelligence & Cybercrime

Cybertechnology has brought benefits to the Caribbean in the form of new regional economic and social growth. In the last years, Caribbean countries have also become attractive targets for cybercrime due to increased economic success and online presence with a low level of cyber resilience. This study examines the online-related activities that affect cybercrime victimization by using the Routine Activity Theory (RAT). The present study seeks to identify activities that contribute to different forms of cybercrime victimization and develop risk models for these crimes, particularly the understudied cyber-dependent crimes of Hacking and Malware. It also aims to explore if there ...


The Challenges Of Identifying Dangers Online And Predictors Of Victimization, Catherine D. Marcum 2021 Appalachian State University, U.S.A.

The Challenges Of Identifying Dangers Online And Predictors Of Victimization, Catherine D. Marcum

International Journal of Cybersecurity Intelligence & Cybercrime

This short paper will provide an overview of the impressive pieces included in this issue of the International Journal of Cybersecurity Intelligence and Cybercrime. This issue includes articles on the following pertinent topic, utilizing a range of approaches and methodologies: 1) online credibility; 2) cyberbullying; and 3) unauthorized access of information. An emphasis on the importance of policy development and better protection of potential victims is a common thread throughout the issue.


Analysis Of System Performance Metrics Towards The Detection Of Cryptojacking In Iot Devices, Richard Matthews 2021 Dakota State University

Analysis Of System Performance Metrics Towards The Detection Of Cryptojacking In Iot Devices, Richard Matthews

Masters Theses & Doctoral Dissertations

This single-case mechanism study examined the effects of cryptojacking on Internet of Things (IoT) device performance metrics. Cryptojacking is a cyber-threat that involves stealing the computational resources of devices belonging to others to generate cryptocurrencies. The resources primarily include the processing cycles of devices and the additional electricity needed to power this additional load. The literature surveyed showed that cryptojacking has been gaining in popularity and is now one of the top cyberthreats. Cryptocurrencies offer anyone more freedom and anonymity than dealing with traditional financial institutions which make them especially attractive to cybercriminals. Other reasons for the increasing popularity of ...


Encryption And Decryption With A Raspberry Pi Device, Taylor Powell 2021 Old Dominion University

Encryption And Decryption With A Raspberry Pi Device, Taylor Powell

Undergraduate Research Symposium

The functioning of our modern digital world relies heavily on the security of modern encryption algorithms and their resistance to systematic attempts to access secure information. For the 2020 Department of Computer Science’s Raspberry Pi Programming Competition, I decided to explore encryption and decryption techniques available to any user with some programming knowledge and a desire to secure information from unwanted access.

I developed a program which allows a user to select between three types of encryption algorithms: a Caesar Cipher, a Vigenère Cipher, and a Stream Cipher. I also gave the user the option to further secure their ...


A Constructive Direst Security Threat Modeling For Drone As A Service, Fahad E. Salamh, Umit Karabiyik, Marcus Rogers 2021 Purdue University

A Constructive Direst Security Threat Modeling For Drone As A Service, Fahad E. Salamh, Umit Karabiyik, Marcus Rogers

Journal of Digital Forensics, Security and Law

The technology used in drones is similar or identical across drone types and components, with many common risks and opportunities. The purpose of this study is to enhance the risk assessment procedures for Drone as a Service (DaaS) capabilities. STRIDE is an acronym that includes the following security risks: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privileges. The paper presents a modified STRIDE threat model and prioritize its desired properties (i.e., authenticity, integrity, non-reputability, confidentiality, availability, and authorization) to generate an appropriate DaaS threat model. To this end, the proposed DIREST threat model better meets ...


A Consent Framework For The Internet Of Things In The Gdpr Era, Gerald Chikukwa 2021 Dakota State University

A Consent Framework For The Internet Of Things In The Gdpr Era, Gerald Chikukwa

Masters Theses & Doctoral Dissertations

The Internet of Things (IoT) is an environment of connected physical devices and objects that communicate amongst themselves over the internet. The IoT is based on the notion of always-connected customers, which allows businesses to collect large volumes of customer data to give them a competitive edge. Most of the data collected by these IoT devices include personal information, preferences, and behaviors. However, constant connectivity and sharing of data create security and privacy concerns. Laws and regulations like the General Data Protection Regulation (GDPR) of 2016 ensure that customers are protected by providing privacy and security guidelines to businesses. Data ...


Investigating The Adoption Of Hybrid Encrypted Cloud Data Deduplication With Game Theory, Xueqin LIANG, Zheng YAN, Robert H. DENG, Qinghu ZHENG 2021 Xidian University

Investigating The Adoption Of Hybrid Encrypted Cloud Data Deduplication With Game Theory, Xueqin Liang, Zheng Yan, Robert H. Deng, Qinghu Zheng

Research Collection School Of Computing and Information Systems

Encrypted data deduplication, along with different preferences in data access control, brings the birth of hybrid encrypted cloud data deduplication (H-DEDU for short). However, whether H-DEDU can be successfully deployed in practice has not been seriously investigated. Obviously, the adoption of H-DEDU depends on whether it can bring economic benefits to all stakeholders. But existing economic models of cloud storage fail to support H-DEDU due to complicated interactions among stakeholders. In this article, we establish a formal economic model of H-DEDU by formulating the utilities of all involved stakeholders, i.e., data holders, data owners, and Cloud Storage Providers (CSPs ...


Creating A Multifarious Cyber Science Major, Raymond Blaine, Jean Blair, Christa Chewar, Rob Harrison, James J. Raftery, Edward Sobiesk 2021 United States Military Academy

Creating A Multifarious Cyber Science Major, Raymond Blaine, Jean Blair, Christa Chewar, Rob Harrison, James J. Raftery, Edward Sobiesk

West Point Research Papers

Existing approaches to computing-based cyber undergraduate majors typically take one of two forms: a broad exploration of both technical and human aspects, or a deep technical exploration of a single discipline relevant to cybersecurity. This paper describes the creation of a third approach—a multifarious major, consistent with Cybersecurity Curricula 2017, the ABET Cybersecurity Program Criteria, and the National Security Agency Center for Academic Excellence—Cyber Operations criteria. Our novel curriculum relies on a 10-course common foundation extended by one of five possible concentrations, each of which is delivered through a disciplinary lens and specialized into a highly relevant computing ...


Identification Of Lsb Image Steganography Using Cover Image Comparisons, Michael Pelosi, Chuck Easttom 2021 Texas A&M University — Texarkana

Identification Of Lsb Image Steganography Using Cover Image Comparisons, Michael Pelosi, Chuck Easttom

Journal of Digital Forensics, Security and Law

Steganography has long been used to counter forensic investigation. This use of steganography as an anti-forensics technique is becoming more widespread. This requires forensic examiners to have additional tools to more effectively detect steganography. In this paper we introduce a new software concept specifically designed to allow the digital forensics professional to clearly identify and attribute instances of LSB image steganography by using the original cover image in side-by-side comparison with a suspected steganographic payload image. This technique is embodied in a software implementation named CounterSteg. The CounterSteg software allows detailed analysis and comparison of both the original cover image ...


Backup And Recovery Mechanisms Of Cassandra Database: A Review, Karina Bohora, Amol Bothe, Damini Sheth, Rupali Chopade, V. K. Pachghare 2021 College of Engineering, Pune

Backup And Recovery Mechanisms Of Cassandra Database: A Review, Karina Bohora, Amol Bothe, Damini Sheth, Rupali Chopade, V. K. Pachghare

Journal of Digital Forensics, Security and Law

Cassandra is a NoSQL database having a peer-to-peer, ring-type architecture. Cassandra offers fault-tolerance, data replication for higher availability as well as ensures no single point of failure. Given that Cassandra is a NoSQL database, it is evident that it lacks the amount of research that has gone into comparatively older and more widely and broadly used SQL databases. Cassandra’s growing popularity in recent times gives rise to the need of addressing any security-related or recovery-related concerns associated with its usage. This review paper discusses the existing deletion mechanism in Cassandra and presents some identified issues related to backup and ...


Social Media User Relationship Framework (Smurf), Anne David, Sarah Morris, Gareth Appleby-Thomas 2021 Cranfield University

Social Media User Relationship Framework (Smurf), Anne David, Sarah Morris, Gareth Appleby-Thomas

Journal of Digital Forensics, Security and Law

The use of social media has spread through many aspects of society, allowing millions of individuals, corporate as well as government entities to leverage the opportunities it affords. These opportunities often end up being exploited by a small percentage of the user community who use it for objectionable or unlawful activities; for example, trolling, cyber bullying, grooming, luring. In some cases, these unlawful activities result in investigations where swift retrieval of critical evidence required in order to save a life.

This paper presents a proof of concept (PoC) framework for social media user attribution. The framework aims to provide digital ...


Illicit Activity Detection In Large-Scale Dark And Opaque Web Social Networks, Dhara Shah, T. G. Harrison, Christopher B. Freas, David Maimon, Robert W. Harrison 2021 Georgia State University

Illicit Activity Detection In Large-Scale Dark And Opaque Web Social Networks, Dhara Shah, T. G. Harrison, Christopher B. Freas, David Maimon, Robert W. Harrison

EBCS Articles

Many online chat applications live in a grey area between the legitimate web and the dark net. The Telegram network in particular can aid criminal activities. Telegram hosts “chats” which consist of varied conversations and advertisements. These chats take place among automated “bots” and human users. Classifying legitimate activity from illegitimate activity can aid law enforcement in finding criminals. Social network analysis of Telegram chats presents a difficult problem. Users can change their username or create new accounts. Users involved in criminal activity often do this to obscure their identity. This makes establishing the unique identity behind a given username ...


Digital Commons powered by bepress