Moving Target Network Steganography,
2020
Rowan University
Moving Target Network Steganography, Tapan Soni
Theses and Dissertations
A branch of information hiding that has gained traction in recent years is network steganography. Network steganography uses network protocols are carriers to hide and transmit data. Storage channel network steganography manipulates values in protocol header and data fields and stores covert data inside them. The timing channel modulates the timing of events in the protocol to transfer covert information. Many current storage channel network steganography methods have low bandwidths and they hide covert data directly into the protocol which allows discoverers of the channel to read the confidential information. A new type of storage channel network steganography method is …
Defense By Deception Against Stealthy Attacks In Power Grids,
2020
Florida International University
Defense By Deception Against Stealthy Attacks In Power Grids, Md Hasan Shahriar
FIU Electronic Theses and Dissertations
Cyber-physical Systems (CPSs) and the Internet of Things (IoT) are converging towards a hybrid platform that is becoming ubiquitous in all modern infrastructures. The integration of the complex and heterogeneous systems creates enormous space for the adversaries to get into the network and inject cleverly crafted false data into measurements, misleading the control center to make erroneous decisions. Besides, the attacker can make a critical part of the system unavailable by compromising the sensor data availability. To obfuscate and mislead the attackers, we propose DDAF, a deceptive data acquisition framework for CPSs' hierarchical communication network. Each switch in the hierarchical …
An Analysis Of Technological Components In Relation To Privacy In A Smart City,
2020
James Madison University
An Analysis Of Technological Components In Relation To Privacy In A Smart City, Kayla Rutherford, Ben Lands, A. J. Stiles
James Madison Undergraduate Research Journal (JMURJ)
A smart city is an interconnection of technological components that store, process, and wirelessly transmit information to enhance the efficiency of applications and the individuals who use those applications. Over the course of the 21st century, it is expected that an overwhelming majority of the world’s population will live in urban areas and that the number of wireless devices will increase. The resulting increase in wireless data transmission means that the privacy of data will be increasingly at risk. This paper uses a holistic problem-solving approach to evaluate the security challenges posed by the technological components that make up a …
The Restrictive Deterrent Effect Of Warning Messages Sent To Active Romance Fraudsters: An Experimental Approach,
2020
Georgia State University
The Restrictive Deterrent Effect Of Warning Messages Sent To Active Romance Fraudsters: An Experimental Approach, Fangzhou Wang, C. Jordan Howell, David Maimon, Scott Jacques
EBCS Articles
Victims of romance fraud experience both a financial and emotional burden. Although multiple studies have offered insight into the correlates of perpetration and victimization, no known study has examined if, and how, romance fraud can be curtailed. The current study uses a randomized experimental design to test the restrictive deterrent effect of warning messages sent to romance fraudsters via email. We find that active romance fraudsters who receive a deterrence message, instead of non-deterrence messages, respond at a lower rate; and, among those who respond, use fewer words and have a lower probability of seeking reply without denying wrongdoing. The …
The Effects Of Self-Control On The Cyber Victim-Offender Overlap,
2020
Bridgewater State University
The Effects Of Self-Control On The Cyber Victim-Offender Overlap, Brooke Nodeland
International Journal of Cybersecurity Intelligence & Cybercrime
Increasingly, the overlap between victims and offenders has received empirical attention with regard to traditional forms of deviance. More recently, the growth of cyber offending has led to a need to examine whether traditional criminological theories can be used to explain these crimes in the same manner as traditional offenses. However, limited attention has been given to victim-offender overlap in cyber-offending. The current study uses a sample of American college students to examine the influence of self-control on cyber offending, cyber victimization, and the cyber victim-offender overlap. The results indicate that low self-control significantly predicts participation in cyber offending as …
Cyber-Situational Crime Prevention And The Breadth Of Cybercrimes Among Higher Education Institutions,
2020
Bridgewater State University
Cyber-Situational Crime Prevention And The Breadth Of Cybercrimes Among Higher Education Institutions, Sinchul Back, Jennifer Laprade
International Journal of Cybersecurity Intelligence & Cybercrime
Academic institutions house enormous amounts of critical information from social security numbers of students to proprietary research data. Thus, maintaining up to date cybersecurity practices to protect academic institutions’ information and facilities against cyber-perpetrators has become a top priority. The purpose of this study is to assess common cybersecurity measures through a situational crime prevention (SCP) theoretical framework. Using a national data set of academic institutions in the United States, this study investigates the link between common cybersecurity measures, crime prevention activities, and cybercrimes. By focusing on the conceptualization of cybersecurity measures as SCP techniques, this study also offers the …
Proposal For The Development And Addition Of A Cybersecurity Assessment Section Into Technology Involving Global Public Health,
2020
Bridgewater State University
Proposal For The Development And Addition Of A Cybersecurity Assessment Section Into Technology Involving Global Public Health, Stanley Mierzwa, Saumya Ramarao, Jung Ah Yun, Bok Gyo Jeong
International Journal of Cybersecurity Intelligence & Cybercrime
This paper discusses and proposes the inclusion of a cyber or security risk assessment section during the course of public health initiatives involving the use of information and communication computer technology. Over the last decade, many public health research efforts have included information technologies such as Mobile Health (mHealth), Electronic Health (eHealth), Telehealth, and Digital Health to assist with unmet global development health needs. This paper provides a background on the lack of documentation on cybersecurity risks or vulnerability assessments in global public health areas. This study suggests existing frameworks and policies be adopted for public health. We also propose …
Book Review: Computer Capers: Tales Of Electronic Thievery, Embezzlement, And Fraud. By Thomas Whiteside,
2020
Bridgewater State University
Book Review: Computer Capers: Tales Of Electronic Thievery, Embezzlement, And Fraud. By Thomas Whiteside, Brian Nussbaum
International Journal of Cybersecurity Intelligence & Cybercrime
No abstract provided.
Toward Mitigating, Minimizing, And Preventing Cybercrimes And Cybersecurity Risks,
2020
Bridgewater State University
Toward Mitigating, Minimizing, And Preventing Cybercrimes And Cybersecurity Risks, Claire Seungeun Lee
International Journal of Cybersecurity Intelligence & Cybercrime
Cybercrime and cybersecurity are emerging fields of research, shaped by technological developments. Scholars in these interconnected fields have studied different types of cybercrimes as well as victimization and offending. Increasingly, some of these scholars have focused on the ways in which cybercrimes can be mitigated, minimized, and even prevented. However, such strategies are often difficult to achieve in reality due to the human and technical factors surrounding cybercrimes. In this issue of the International Journal of Cybersecurity Intelligence and Cybercrime, three papers adequately address such challenges using college student samples and nationally representative samples, as well as a framework through …
A Framework For Identifying Host-Based Artifacts In Dark Web Investigations,
2020
Dakota State University
A Framework For Identifying Host-Based Artifacts In Dark Web Investigations, Arica Kulm
Masters Theses & Doctoral Dissertations
The dark web is the hidden part of the internet that is not indexed by search engines and is only accessible with a specific browser like The Onion Router (Tor). Tor was originally developed as a means of secure communications and is still used worldwide for individuals seeking privacy or those wanting to circumvent restrictive regimes. The dark web has become synonymous with nefarious and illicit content which manifests itself in underground marketplaces containing illegal goods such as drugs, stolen credit cards, stolen user credentials, child pornography, and more (Kohen, 2017). Dark web marketplaces contribute both to illegal drug usage …
Boosting Privately: Federated Extreme Gradient Boosting For Mobile Crowdsensing,
2020
Xidian University
Boosting Privately: Federated Extreme Gradient Boosting For Mobile Crowdsensing, Yang Liu, Zhuo Ma, Ximeng Liu, Siqi Ma, Surya Nepal, Robert H. Deng, Kui Ren
Research Collection School Of Computing and Information Systems
Recently, Google and other 24 institutions proposed a series of open challenges towards federated learning (FL), which include application expansion and homomorphic encryption (HE). The former aims to expand the applicable machine learning models of FL. The latter focuses on who holds the secret key when applying HE to FL. For the naive HE scheme, the server is set to master the secret key. Such a setting causes a serious problem that if the server does not conduct aggregation before decryption, a chance is left for the server to access the user’s update. Inspired by the two challenges, we propose …
Sfuzz: An Efficient Adaptive Fuzzer For Solidity Smart Contracts,
2020
Singapore Management University
Sfuzz: An Efficient Adaptive Fuzzer For Solidity Smart Contracts, Tai D. Nguyen, Long H. Pham, Jun Sun, Yun Lin, Minh Quang Tran
Research Collection School Of Computing and Information Systems
Smart contracts are Turing-complete programs that execute on the infrastructure of the blockchain, which often manage valuable digital assets. Solidity is one of the most popular programming languages for writing smart contracts on the Ethereum platform. Like traditional programs, smart contracts may contain vulnerabilities. Unlike traditional programs, smart contracts cannot be easily patched once they are deployed. It is thus important that smart contracts are tested thoroughly before deployment. In this work, we present an adaptive fuzzer for smart contracts on the Ethereum platform called sFuzz. Compared to existing Solidity fuzzers, sFuzz combines the strategy in the AFL fuzzer and …
Establishing Blockchain-Related Security Controls,
2020
United Arab Emirates University
Establishing Blockchain-Related Security Controls, Maitha Ali Mohammed Hamad Al Ketbi
Theses
Blockchain technology is a secure and relatively new technology of distributed digital ledgers which is based on interlinked blocks of transactions. There is a rapid growth in the adoption of the blockchain technology in different solutions and applications and within different industries throughout the world, such as but not limited to, finance, supply chain, digital identity, energy, healthcare, real estate and government. Blockchain technology has great benefits such as decentralization, transparency, immutability and automation. Like any other emerging technology, the blockchain technology has also several risks and threats associated with its expected benefits which in turns could have a negative …
Attribute-Based Keyword Search Over Hierarchical Data In Cloud Computing,
2020
Xidian University
Attribute-Based Keyword Search Over Hierarchical Data In Cloud Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Xinghua Li, Qi Jiang, Junwei Zhang
Research Collection School Of Computing and Information Systems
Searchable encryption (SE) has been a promising technology which allows users to perform search queries over encrypted data. However, the most of existing SE schemes cannot deal with the shared records that have hierarchical structures. In this paper, we devise a basic cryptographic primitive called as attribute-based keyword search over hierarchical data (ABKS-HD) scheme by using the ciphertext-policy attribute-based encryption (CP-ABE) technique, but this basic scheme cannot satisfy all the desirable requirements of cloud systems. The facts that the single keyword search will yield many irrelevant search results and the revoked users can access the unauthorized data with the old …
Coinwatch: A Clone-Based Approach For Detecting Vulnerabilities In Cryptocurrencies,
2020
Singapore University of Technology and Design
Coinwatch: A Clone-Based Approach For Detecting Vulnerabilities In Cryptocurrencies, Qingze Hum, Wei Jin Tan, Shi Ying Tey, Latasha Lenus, Ivan Homoliak, Yun Lin, Jun Sun
Research Collection School Of Computing and Information Systems
Cryptocurrencies have become very popular in recent years. Thousands of new cryptocurrencies have emerged, proposing new and novel techniques that improve on Bitcoin's core innovation of the blockchain data structure and consensus mechanism. However, cryptocurrencies are a major target for cyber-attacks, as they can be sold on exchanges anonymously and most cryptocurrencies have their codebases publicly available. One particular issue is the prevalence of code clones in cryptocurrencies, which may amplify security threats. If a vulnerability is found in one cryptocurrency, it might be propagated into other cloned cryptocurrencies. In this work, we propose a systematic remedy to this problem, …
Multi-User Verifiable Searchable Symmetric Encryption For Cloud Storage,
2020
Singapore Management University
Multi-User Verifiable Searchable Symmetric Encryption For Cloud Storage, Xueqiao Liu, Guomin Yang, Guomin Yang
Research Collection School Of Computing and Information Systems
In a cloud data storage system, symmetric key encryption is usually used to encrypt files due to its high efficiency. In order allow the untrusted/semi-trusted cloud storage server to perform searching over encrypted data while maintaining data confidentiality, searchable symmetric encryption (SSE) has been proposed. In a typical SSE scheme, a users stores encrypted files on a cloud storage server and later can retrieve the encrypted files containing specific keywords. The basic security requirement of SSE is that the cloud server learns no information about the files or the keywords during the searching process. Some SSE schemes also offer additional …
A Secure Flexible And Tampering-Resistant Data Sharing System For Vehicular Social Networks,
2020
University of Electronic Science and Technology of China
A Secure Flexible And Tampering-Resistant Data Sharing System For Vehicular Social Networks, Jianfei Sun, Hu Xiong, Shufan Zhang, Ximeng Liu, Jiaming Yuan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Vehicular social networks (VSNs) have emerged as the promising paradigm of vehicular networks that can improve traffic safety, relieve traffic congestion and even provide comprehensive social services by sharing vehicular sensory data. To selectively share the sensory data with other vehicles in the vicinity and reduce the local storage burden of vehicles, the vehicular sensory data are usually outsourced to vehicle cloud server for sharing and searching. However, existing data sharing systems for VSNs can neither provide secure selective one-to-many data sharing and verifiable data retrieval over encrypted data nor ensure that the integrity of retrieved data. In this paper, …
International Conference Information Systems And Security,
2020
University for Business and Technology in Kosovo
International Conference Information Systems And Security, University For Business And Technology - Ubt
UBT International Conference
UBT Annual International Conference is the 9th international interdisciplinary peer reviewed conference which publishes works of the scientists as well as practitioners in the area where UBT is active in Education, Research and Development. The UBT aims to implement an integrated strategy to establish itself as an internationally competitive, research-intensive university, committed to the transfer of knowledge and the provision of a world-class education to the most talented students from all background. The main perspective of the conference is to connect the scientists and practitioners from different disciplines in the same place and make them be aware of the recent …
A Forensic First Look At A Pos Device: Searching For Pci Dss Data Storage Violations,
2020
Slippery Rock University of PA
A Forensic First Look At A Pos Device: Searching For Pci Dss Data Storage Violations, Stephen Larson, James Jones, Jim Swauger
Journal of Digital Forensics, Security and Law
According to the Verizon 2018 Data Breach Investigations Report, 321 POS terminals (user devices) were involved in about 14% of the 2,216 data breaches in 2017 (Verizon, 2018). These data breaches involved standalone POS terminals as well as associated controller systems. This paper examines a standalone Point-of-Sale (POS) system which is ubiquitous in smaller retail stores and restaurants. An attempt to extract unencrypted data and identify possible violations of the Payment Card Industry Data Security Standard (PCI DSS) requirement to protect stored cardholder data were be made. Persistent storage (flash memory chips) were removed from the devices and their contents …
Towards Increasing Trust In Expert Evidence Derived From Malware Forensic Tools,
2020
The Open University
Towards Increasing Trust In Expert Evidence Derived From Malware Forensic Tools, Ian M. Kennedy, Blaine Price, Arosha Bandara
Journal of Digital Forensics, Security and Law
Following a series of high profile miscarriages of justice in the UK linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008. The main objective of this role is to improve the standard of practitioner competences and forensic procedures. One of the key strategies deployed to achieve this is the push to incorporate a greater level of scientific conduct in the various fields of forensic practice. Currently there is no statutory requirement for practitioners to become accredited to continue working with the Criminal Justice System of England and Wales. However, the Forensic Science Regulator …
