Open Access. Powered by Scholars. Published by Universities.®

Information Security Commons

Open Access. Powered by Scholars. Published by Universities.®

4,183 Full-Text Articles 5,793 Authors 3,061,789 Downloads 173 Institutions

All Articles in Information Security

Faceted Search

4,183 full-text articles. Page 1 of 178.

Exploring The Integration Of Blockchain In Iot Use Cases: Challenges And Opportunities, Ivannah George 2024 California State University, San Bernardino

Exploring The Integration Of Blockchain In Iot Use Cases: Challenges And Opportunities, Ivannah George

Electronic Theses, Projects, and Dissertations

Blockchain and The Internet of Things (IoT) is a significant paradigm which has gained traction in today’s digital age as two complimentary technologies. The combination of IoT's connectivity with blockchain's security creates new opportunities and solves problems associated with centralized systems. This culminating project aims to delve deeper into the integration of blockchain technology in IoT applications based on select use cases to uncover potential benefits and significant challenges of blockchain integration across different sectors. The research objectives to be addressed are: (RO1) How emerging vulnerabilities manifest in the implementation of blockchain within current IoT ecosystems. (RO2) How current opportunities …


Anopas: Practical Anonymous Transit Pass From Group Signatures With Time-Bound Keys, Rui SHI, Yang YANG, Yingjiu LI, Huamin FENG, Hwee Hwa PANG, Robert H. DENG 2024 Singapore Management University

Anopas: Practical Anonymous Transit Pass From Group Signatures With Time-Bound Keys, Rui Shi, Yang Yang, Yingjiu Li, Huamin Feng, Hwee Hwa Pang, Robert H. Deng

Research Collection School Of Computing and Information Systems

An anonymous transit pass system allows passengers to access transport services within fixed time periods, with their privileges automatically deactivating upon time expiration. Although existing transit pass systems are deployable on powerful devices like PCs, their adaptation to more user-friendly devices, such as mobile phones with smart cards, is inefficient due to their reliance on heavy-weight operations like bilinear maps. In this paper, we introduce an innovative anonymous transit pass system, dubbed Anopas, optimized for deployment on mobile phones with smart cards, where the smart card is responsible for crucial lightweight operations and the mobile phone handles key-independent and time-consuming …


An Llm-Assisted Easy-To-Trigger Poisoning Attack On Code Completion Models: Injecting Disguised Vulnerabilities Against Strong Detection, Shenao YAN, Shen WANG, Yue DUAN, Hanbin HONG, Kiho LEE, Doowon KIM, Yuan HONG 2024 Singapore Management University

An Llm-Assisted Easy-To-Trigger Poisoning Attack On Code Completion Models: Injecting Disguised Vulnerabilities Against Strong Detection, Shenao Yan, Shen Wang, Yue Duan, Hanbin Hong, Kiho Lee, Doowon Kim, Yuan Hong

Research Collection School Of Computing and Information Systems

Large Language Models (LLMs) have transformed code completion tasks, providing context-based suggestions to boost developer productivity in software engineering. As users often fine-tune these models for specific applications, poisoning and backdoor attacks can covertly alter the model outputs. To address this critical security challenge, we introduce CODEBREAKER, a pioneering LLM-assisted backdoor attack framework on code completion models. Unlike recent attacks that embed malicious payloads in detectable or irrelevant sections of the code (e.g., comments), CODEBREAKER leverages LLMs (e.g., GPT-4) for sophisticated payload transformation (without affecting functionalities), ensuring that both the poisoned data for fine-tuning and generated code can evade strong …


Using Gamification To Enhance Mastery Of Network Security Concepts, Kevin Hilliard, Xiaohong Yuan, Kelvin Bryant, Jinsheng Xu, Jinghua Zhang 2024 North Carolina A&T State University

Using Gamification To Enhance Mastery Of Network Security Concepts, Kevin Hilliard, Xiaohong Yuan, Kelvin Bryant, Jinsheng Xu, Jinghua Zhang

Journal of Cybersecurity Education, Research and Practice

Gamification has proven to be effective in engaging and encouraging people to work towards and achieve goals. Many students struggle to focus on schoolwork, due to a lack of interest, lack of understanding, or other factors unique to the student. Applying gamification elements to education can help engage these students in learning their course material and help them excel academically. This study examines the effectiveness of using gamification techniques to enhance the learning experience in college Computer Science courses. A video game application is utilized to review and reinforce cybersecurity concepts that students have already been taught in class. Previous …


Collaborative Pathways To Cybersecurity Excellence: Insights From Industry And Academia In The Southeastern Us, Humayun Zafar, Carole L. Hollingsworth, Tridib Bandyopadhyay, Adriane B. Randolph 2024 Kennesaw State University

Collaborative Pathways To Cybersecurity Excellence: Insights From Industry And Academia In The Southeastern Us, Humayun Zafar, Carole L. Hollingsworth, Tridib Bandyopadhyay, Adriane B. Randolph

Journal of Cybersecurity Education, Research and Practice

This research article examines conversations happening between cybersecurity academics and industry leaders with a goal to improve the development of cybersecurity professionals. We specifically focus on efforts in the Southeast region of the United States. The discussion features insights from a panel consisting of an academic cybersecurity researcher, a Chief Information Officer (CIO) of a leading technology company with over 1,000 employees, and a CIO of a financial services firm, which employs over 3,000 people. The discussion sheds light on the challenges and opportunities involved in aligning cybersecurity programs with industry requirements. This article explores strategies for academia and businesses …


Contextualizing Interpersonal Data Sharing In Smart Homes, Weijia He, Nathan Reitinger, Atheer Almogbil, Yi-Shyuan Chiang, Timothy J. Pierson, David Kotz 2024 Dartmouth College

Contextualizing Interpersonal Data Sharing In Smart Homes, Weijia He, Nathan Reitinger, Atheer Almogbil, Yi-Shyuan Chiang, Timothy J. Pierson, David Kotz

Dartmouth Scholarship

A key feature of smart home devices is monitoring the environment and recording data. These devices provide security via motion-detection video alerts, cost-savings via thermostat usage history, and peace of mind via functions like auto-locking doors or water leak detectors. At the same time, the sharing of this information in interpersonal relationships---though necessary---is currently accomplished on an all-or-nothing basis. This can easily lead to oversharing in a multi-user environment. Although prior work has studied people's perceptions of information sharing with vendors or ISPs, the sharing of household data among users who interact personally is less well understood. Interpersonal situations make …


Development Of Cyber Security Platform For Experiential Learning, Abhishek Vaish, Ravindra Kumar, Samo Bobek, Simona Sternad 2024 Department of IT, Indian Institute of Information Technology, Allahabad

Development Of Cyber Security Platform For Experiential Learning, Abhishek Vaish, Ravindra Kumar, Samo Bobek, Simona Sternad

Journal of Cybersecurity Education, Research and Practice

The cyber security education market has grown-up exponentially, with a CAGR of 13.9 % as reported by Data Intelo. The report published by the World Economic Fo- rum 2023 indicates a shortfall of 2.27 million cyber security experts in 2021 across different roles and hence manifest that Skill-based cyber security education is the need of the hour. Cybersecurity as a field has evolved as a multi-discipline, multi-stakeholder and multi-role discipline. Therefore, the need to address formal education with an outcome-based philosophy is imperative to address for a wider audience with varied past training in their formal education. With the Internet …


Federated Learning Based Autoencoder Ensemble System For Malware Detection On Internet Of Things Devices, Steven Edward Arroyo 2024 Rowan University

Federated Learning Based Autoencoder Ensemble System For Malware Detection On Internet Of Things Devices, Steven Edward Arroyo

Theses and Dissertations

New technologies are being introduced at a rate faster than ever before and smaller in size. Due to the size of these devices, security is often difficult to implement. The existing solution is a firewall-segmented “IoT Network” that only limits the effect of these infected devices on other parts of the network. We propose a lightweight unsupervised hybrid-cloud ensemble anomaly detection system for malware detection. We perform transfer learning using a generalized model trained on multiple IoT device sources to learn network traffic on new devices with minimal computational resources. We further extend our proposed system to utilize federated learning …


An Alternative Approach To Data Carving Portable Document Format (Pdf) Files, Kevin Hughes, Michael Black 2024 University of South Alabama

An Alternative Approach To Data Carving Portable Document Format (Pdf) Files, Kevin Hughes, Michael Black

Journal of Cybersecurity Education, Research and Practice

Traditional data carving relies on the successful identification of headers and trailers, unique hexadecimal signatures which are exclusive to specific file types. This can present a challenge for digital forensics examiners when pitted against modern anti-forensics techniques. The interest of this study is file signature obfuscation, a technique which alters headers and trailers. This research will focus on the development of a new, proof-of-concept algorithm that analyzes content in segments based on unique elements found within the body of a file. The file type being targeted is the Portable Document Format (PDF) and this research is built upon previously successful …


Singleadv: Single-Class Target-Specific Attack Against Interpretable Deep Learning Systems, Eldor Abdukhamidov, Mohammed Abuhamad, George K. Thiruvathukal, Hyoungshick Kim, Tamer Abuhmed 2024 Sung Kyun Kwan University

Singleadv: Single-Class Target-Specific Attack Against Interpretable Deep Learning Systems, Eldor Abdukhamidov, Mohammed Abuhamad, George K. Thiruvathukal, Hyoungshick Kim, Tamer Abuhmed

Computer Science: Faculty Publications and Other Works

In this paper, we present a novel Single-class target-specific Adversarial attack called SingleADV. The goal of SingleADV is to generate a universal perturbation that deceives the target model into confusing a specific category of objects with a target category while ensuring highly relevant and accurate interpretations. The universal perturbation is stochastically and iteratively optimized by minimizing the adversarial loss that is designed to consider both the classifier and interpreter costs in targeted and non-targeted categories. In this optimization framework, ruled by the first- and second-moment estimations, the desired loss surface promotes high confidence and interpretation score of adversarial samples. By …


Supporting South Korea’S Aging Population: How Ai And Iot Acceptance Connects The Young And Old, Bobby Im 2024 USF

Supporting South Korea’S Aging Population: How Ai And Iot Acceptance Connects The Young And Old, Bobby Im

Master's Projects and Capstones

In 2024, South Korea surpassed every other nation by becoming the country with the lowest fertility rate (below 0.7%). Population decline will hinder future ability to care for their aging population and although the government and private corporations are investing millions of dollars on developing Artificial Intelligence-Internet of Things (AI-IoT) devices to support the aging, the acceptance levels and the amount of family support required is undervalued. By examining AI-IoT’s current use and role in South Korea’s public health system this paper shows how intergenerational support helps optimize existing procedures and equipment, increases the level of acceptance and use, and …


Securing The Internet Of Things At Scale, Steven L. Willoughby 2024 Portland State University

Securing The Internet Of Things At Scale, Steven L. Willoughby

Student Research Symposium

The world of the connected “Internet of Things” (IoT), including the "Industrial Internet of Things" (IIoT) is expanding to include more devices which observe and influence our daily lives, routines, locations, and even our state of health. But have the underlying protocols by which they communicate this data kept pace with the need to protect our privacy and security?

My talk will introduce my research into an approach to better secure this information flow using appropriate access controls without sacrificing performance. I will assess the historical challenges and simple access controls applied to IoT networking protocols and how they can …


A Novel Caching Algorithm For Efficient Fine-Grained Access Control In Database Management Systems, Anadi Shakya 2024 Portland State University

A Novel Caching Algorithm For Efficient Fine-Grained Access Control In Database Management Systems, Anadi Shakya

Student Research Symposium

Fine-grained access Control (FGAC) in DBMS is vital for restricting user access to authorized data and enhancing security. FGAC policies govern how users are granted access to specific resources based on detailed criteria, ensuring security and privacy measures. Traditional methods struggle with scaling policies to thousands, causing delays in query responses. This paper introduces a novel caching algorithm designed to address this challenge by accelerating query processing and ensuring compliance with FGAC policies. In our approach, we create a circular hashmap and employ different replacement techniques to efficiently manage the cache, prioritizing entries that are visited more frequently. To evaluate …


Improving Tattle-Tale K-Deniability, Nicholas G.E. Morales 2024 Portland State University

Improving Tattle-Tale K-Deniability, Nicholas G.E. Morales

Student Research Symposium

Ensuring privacy for databases is an ongoing struggle. While the majority of work has focused on using access control lists to protect sensitive data these methods are vulnerable to inference attacks. A set of algorithms, referred to as Tattle-Tale, was developed that could protect sensitive data from being inferred however its runtime performance wasn’t suitable for production code. This set of algorithms contained two main subsets, Full Deniability and K-Deniability. My research focused on improving the runtime or utility of the K-Deniability algorithms. I investigated the runtime of the K-Deniability algorithms to identify what was slowing the process down. Aside …


Generative Machine Learning For Cyber Security, James Halvorsen, Dr. Assefaw Gebremedhin 2024 Washington State University

Generative Machine Learning For Cyber Security, James Halvorsen, Dr. Assefaw Gebremedhin

Military Cyber Affairs

Automated approaches to cyber security based on machine learning will be necessary to combat the next generation of cyber-attacks. Current machine learning tools, however, are difficult to develop and deploy due to issues such as data availability and high false positive rates. Generative models can help solve data-related issues by creating high quality synthetic data for training and testing. Furthermore, some generative architectures are multipurpose, and when used for tasks such as intrusion detection, can outperform existing classifier models. This paper demonstrates how the future of cyber security stands to benefit from continued research on generative models.


Detection Of Jamming Attacks In Vanets, Thomas Justice 2024 East Tennessee State University

Detection Of Jamming Attacks In Vanets, Thomas Justice

Undergraduate Honors Theses

A vehicular network is a type of communication network that enables vehicles to communicate with each other and the roadside infrastructure. The roadside infrastructure consists of fixed nodes such as roadside units (RSUs), traffic lights, road signs, toll booths, and so on. RSUs are devices equipped with communication capabilities that allow vehicles to obtain and share real-time information about traffic conditions, weather, road hazards, and other relevant information. These infrastructures assist in traffic management, emergency response, smart parking, autonomous driving, and public transportation to improve roadside safety, reduce traffic congestion, and enhance the overall driving experience. However, communication between the …


Exploring Decentralized Computing Using Solid And Ipfs For Social Media Applications, Pranav Balasubramanian Natarajan 2024 University of Arkansas, Fayetteville

Exploring Decentralized Computing Using Solid And Ipfs For Social Media Applications, Pranav Balasubramanian Natarajan

Computer Science and Computer Engineering Undergraduate Honors Theses

As traditional centralized social media platforms face growing concerns over data privacy, censorship, and lack of user control, there has been an increasing interest in decentralized alternatives. This thesis explores the design and implementation of a decentralized social media application by integrating two key technologies: Solid and the InterPlanetary File System (IPFS). Solid, led by Sir Tim Berners-Lee, enables users to store and manage their personal data in decentralized "Pods," giving them ownership over their digital identities. IPFS, a peer-to-peer hypermedia protocol, facilitates decentralized file storage and sharing, ensuring content availability and resilience against censorship. By leveraging these technologies, the …


Cmd: Co-Analyzed Iot Malware Detection And Forensics Via Network And Hardware Domains, Ziming ZHAO, Zhaoxuan LI, Jiongchi YU, Fan ZHANG, Xiaofei XIE, Haitao XU, Binbin CHEN 2024 Singapore Management University

Cmd: Co-Analyzed Iot Malware Detection And Forensics Via Network And Hardware Domains, Ziming Zhao, Zhaoxuan Li, Jiongchi Yu, Fan Zhang, Xiaofei Xie, Haitao Xu, Binbin Chen

Research Collection School Of Computing and Information Systems

With the widespread use of Internet of Things (IoT) devices, malware detection has become a hot spot for both academic and industrial communities. Existing approaches can be roughly categorized into network-side and host-side. However, existing network-side methods are difficult to capture contextual semantics from cross-source traffic, and previous host-side methods could be adversary-perceived and expose risks for tampering. More importantly, a single perspective cannot comprehensively track the multi-stage lifecycle of IoT malware. In this paper, we present CMD, a co-analyzed IoT malware detection and forensics system by combining hardware and network domains. For the network part, CMD proposes a tailored …


Agriculture 4.0 And Beyond: Evaluating Cyber Threat Intelligence Sources And Techniques In Smart Farming Ecosystems, Hang T. Bui, Hamed Aboutorab, Arash Mahboubi, Yansong Gao, Nazatul H. Sultan, Aufeef Chauhan, Mohammad Z. Parvez, Michael Bewong, Rafiqul Islam, Zahid Islam, Seyit A. Camtepe, Praveen Gauravaram, Dineshkumar Singh, M. A. Babar, Shihao Yan 2024 Edith Cowan University

Agriculture 4.0 And Beyond: Evaluating Cyber Threat Intelligence Sources And Techniques In Smart Farming Ecosystems, Hang T. Bui, Hamed Aboutorab, Arash Mahboubi, Yansong Gao, Nazatul H. Sultan, Aufeef Chauhan, Mohammad Z. Parvez, Michael Bewong, Rafiqul Islam, Zahid Islam, Seyit A. Camtepe, Praveen Gauravaram, Dineshkumar Singh, M. A. Babar, Shihao Yan

Research outputs 2022 to 2026

The digitisation of agriculture, integral to Agriculture 4.0, has brought significant benefits while simultaneously escalating cybersecurity risks. With the rapid adoption of smart farming technologies and infrastructure, the agricultural sector has become an attractive target for cyberattacks. This paper presents a systematic literature review that assesses the applicability of existing cyber threat intelligence (CTI) techniques within smart farming infrastructures (SFIs). We develop a comprehensive taxonomy of CTI techniques and sources, specifically tailored to the SFI context, addressing the unique cyber threat challenges in this domain. A crucial finding of our review is the identified need for a virtual Chief Information …


Multi-Script Handwriting Identification By Fragmenting Strokes, Joshua Jude Thomas 2024 University of South Alabama

Multi-Script Handwriting Identification By Fragmenting Strokes, Joshua Jude Thomas

<strong> Theses and Dissertations </strong>

This study tests the effectiveness of Multi-Script Handwriting Identification after simplifying character strokes, by segmenting them into sub-parts. Character simplification is performed through splitting the character by branching-points and end-points, a process called stroke fragmentation in this study. The resulting sub-parts of the character are called stroke fragments and are evaluated individually to identify the writer. This process shares similarities with the concept of stroke decomposition in Optical Character Recognition which attempts to recognize characters through the writing strokes that make them up. The main idea of this study is that the characters of different writing‑scripts (English, Chinese, etc.) may …


Digital Commons powered by bepress