Revolution In Crime: How Cryptocurrencies Have Changed The Criminal Landscape, 2018 City University of New York (CUNY)
Revolution In Crime: How Cryptocurrencies Have Changed The Criminal Landscape, Igor Groysman
Student Theses
This thesis will examine the ways in which various cryptocurrencies have impacted certain traditional crimes. While crime is always evolving with technology, cryptocurrencies are a game changer in that they provide anonymous and decentralized payment systems which, while they can be tracked in a reactive sense via the blockchain, are seen by criminals as having better uses for them than traditional fiat currencies, such as the ability to send money relatively fast to another party without going through an intermediary, or the ability to obscure the origin of the money for money laundering purposes. Every week there are new cryptocurrencies …
Learning-Based Analysis On The Exploitability Of Security Vulnerabilities, 2018 University of Arkansas, Fayetteville
Learning-Based Analysis On The Exploitability Of Security Vulnerabilities, Adam Bliss
Computer Science and Computer Engineering Undergraduate Honors Theses
The purpose of this thesis is to develop a tool that uses machine learning techniques to make predictions about whether or not a given vulnerability will be exploited. Such a tool could help organizations such as electric utilities to prioritize their security patching operations. Three different models, based on a deep neural network, a random forest, and a support vector machine respectively, are designed and implemented. Training data for these models is compiled from a variety of sources, including the National Vulnerability Database published by NIST and the Exploit Database published by Offensive Security. Extensive experiments are conducted, including testing …
Strong Mutation-Based Test Generation Of Xacml Policies, 2018 Boise State University
Strong Mutation-Based Test Generation Of Xacml Policies, Roshan Shrestha
Boise State University Theses and Dissertations
There exist various testing methods for XACML policies which vary in their overall fault detection ability and none of them can detect all the (killable) injected faults except for the simple policies. Further, it is unclear that what is essential for the fault detection of XACML policies. To address these issues, we formalized the fault detection conditions in the well-studied fault model of XACML policies so that it becomes clear what is essential for the fault detection. We formalized fault detection conditions in the form of reachability, necessity and propagation constraint. We, then, exploit these constraints to generate a mutation-based …
Towards Enhanced Security For Automotive Operating Systems, 2018 Florida Institute of Technology
Towards Enhanced Security For Automotive Operating Systems, Maksym Hryhorenko
Theses and Dissertations
Modern automotive infotainment systems are represented by highly complex components with broad functionality and network capabilities. As a result, they are becoming more exposed to the outer world, thus turning into potentially lucrative targets for remote cyber attacks. In the worst case scenario, an attacker could gain complete control over critical vehicle’s systems, for instance, steering, braking, engine, etc. This thesis proposes security hardening features based on ARM’s TrustZone technology for infotainment systems that ensures confidentiality and integrity of critical applications. In addition, we present a technique that allows to mitigate the impact of certain attacks on the car’s internal …
The Role Of Information Communication Technologies (Icts) In Shaping Identity Threats And Responses, 2018 University of Arkansas, Fayetteville
The Role Of Information Communication Technologies (Icts) In Shaping Identity Threats And Responses, Mary Macharia
Graduate Theses and Dissertations
With the rising use of social media, people are increasingly experiencing, and responding to, identity threats online. This sometimes leads to online backlash via “cybermobs” or the creation of online social movements that traverse offline. Prior information systems (IS) research on identity threats and responses largely focuses on information communication technology (ICT) implementations within organizations in an offline context. Therefore, we lack understanding of ICT-mediated identity threats and responses and ways to promote healthier and productive interactions online. This two-essay dissertation seeks to fill this gap. Essay 1 combines a review of ICT-mediated identity threats with a qualitative study (based …
Authorized Function Homomorphic Signature, 2018 Singapore Management University
Authorized Function Homomorphic Signature, Qingwen Guo, Qiong Huang, Guomin Yang
Research Collection School Of Computing and Information Systems
Homomorphic signature (HS) is a novel primitive that allows an agency to carry out arbitrary (polynomial time) computation f on the signed data (m) over right arrow and accordingly gain a signature sigma(h) for the computation result f ((m) over right arrow) with respect to f on behalf of the data owner (DO). However, since DO lacks control of the agency's behavior, receivers would believe that DO did authenticate the computation result even if the agency misbehaves and applies a function that the DO does not want. To address the problem above, in this paper we introduce a new primitive …
Typing-Proof: Usable, Secure And Low-Cost Two-Factor Authentication Based On Keystroke Timings, 2018 Singapore Management University
Typing-Proof: Usable, Secure And Low-Cost Two-Factor Authentication Based On Keystroke Timings, Ximming Liu, Yingjiu Li, Robert H. Deng
Research Collection School Of Computing and Information Systems
Two-factor authentication (2FA) systems provide another layer of protection to users' accounts beyond password. Traditional hardware token based 2FA and software token based 2FA are not burdenless to users since they require users to read, remember, and type a onetime code in the process, and incur high costs in deployments or operations. Recent 2FA mechanisms such as Sound-Proof, reduce or eliminate users' interactions for the proof of the second factor; however, they are not designed to be used in certain settings (e.g., quiet environments or PCs without built-in microphones), and they are not secure in the presence of certain attacks …
Privacy-Preserving Remote User Authentication With K-Times Untraceability, 2018 Singapore Management University
Privacy-Preserving Remote User Authentication With K-Times Untraceability, Yangguang Tian, Yingjiu Li, Binanda Sengupta, Robert H. Deng, Albert Ching, Weiwei Liu
Research Collection School Of Computing and Information Systems
Remote user authentication has found numerous real-world applications, especially in a user-server model. In this work, we introduce the notion of anonymous remote user authentication with k-times untraceability (k-RUA) for a given parameter k, where authorized users authenticate themselves to an authority (typically a server) in an anonymous and k-times untraceable manner. We define the formal security models for a generic k-RUA construction that guarantees user authenticity, anonymity and user privacy. We provide a concrete instantiation of k-RUA having the following properties: (1) a third party cannot impersonate an authorized user by producing valid transcripts for the user while conversing …
Sybmatch: Sybil Detection For Privacy-Preserving Task Matching In Crowdsourcing, 2018 Singapore Management University
Sybmatch: Sybil Detection For Privacy-Preserving Task Matching In Crowdsourcing, Jiangang Shu, Ximeng Liu, Kan Yang, Yinghui Zhang, Xiaohua Jia, Robert H. Deng
Research Collection School Of Computing and Information Systems
The past decade has witnessed the rise of crowdsourcing, and privacy in crowdsourcing has also gained rising concern in the meantime. In this paper, we focus on the privacy leaks and sybil attacks during the task matching, and propose a privacy-preserving task matching scheme, called SybMatch. The SybMatch scheme can simultaneously protect the privacy of publishers and subscribers against semi-honest crowdsourcing service provider, and meanwhile support the sybil detection against greedy subscribers and efficient user revocation. Detailed security analysis and thorough performance evaluation show that the SybMatch scheme is secure and efficient.
Making A Good Thing Better: Enhancing Password/Pin-Based User Authentication With Smartwatch, 2018 Singapore Management University
Making A Good Thing Better: Enhancing Password/Pin-Based User Authentication With Smartwatch, Bing Chang, Yingjiu Li, Qiongxiao Wang, Wen-Tao Zhu, Robert H. Deng
Research Collection School Of Computing and Information Systems
Wearing smartwatches becomes increasingly popular in people’s lives. This paper shows that a smartwatch can help its bearer authenticate to a login system effectively and securely even if the bearer’s password has already been revealed. This idea is motivated by our observation that a sensor-rich smartwatch is capable of tracking the wrist motions of its bearer typing a password or PIN, which can be used as an authentication factor. The major challenge in this research is that a sophisticated attacker may imitate a user’s typing behavior as shown in previous research on keystroke dynamics based user authentication. We address this …
Secure Smart Health With Privacy-Aware Aggregate Authentication And Access Control In Internet Of Things, 2018 Singapore Management University
Secure Smart Health With Privacy-Aware Aggregate Authentication And Access Control In Internet Of Things, Yinghui Zhang, Robert H. Deng, Gang Han, Dong Zheng
Research Collection School Of Computing and Information Systems
With the rapid technological advancements in the Internet of Things (IoT), wireless communication and cloud computing, smart health is expected to enable comprehensive and qualified healthcare services. It is important to ensure security and efficiency in smart health. However, existing smart health systems still have challenging issues, such as aggregate authentication, fine-grained access control and privacy protection. In this paper, we address these issues by introducing SSH, a Secure Smart Health system with privacy-aware aggregate authentication and access control in IoT. In SSH, privacy-aware aggregate authentication is enabled by an anonymous certificateless aggregate signature scheme, in which users' identity information …
Pribioauth: Privacy-Preserving Biometric-Based Remote User Authentication, 2018 Singapore Management University
Pribioauth: Privacy-Preserving Biometric-Based Remote User Authentication, Yangguang Tian, Yingjiu Li, Ximeng Liu, Robert H. Deng, Binanda Sengupta
Research Collection School Of Computing and Information Systems
Biometric-based remote user authentication (BRUA) is a useful primitive that allows an authorized user to remotely authenticate to a cloud server using biometrics. However, the existing BRUA solutions in the client-server setting lack certain privacy considerations. For example, authorized user's multiple sessions should not be linked while his identity remains anonymous to cloud server. In this work, we introduce an identity-concealed and unlinkable biometric-based remote user authentication framework, such that authorized users authenticate to an honest-but-curious server in an anonymous and unlinkable manner. In particular, we employ two non-colluding cloud servers to perform the complex biometrics matching. We formalize two …
Older Adults And The Authenticity Of Emails.Docx, 2018 Edith Cowan University
Older Adults And The Authenticity Of Emails.Docx, Premankit Sannd, David M. Cook
Dr. David M Cook
Static Analysis Of Android Secure Application Development Process With Findsecuritybugs, 2018 Kennesaw State University
Static Analysis Of Android Secure Application Development Process With Findsecuritybugs, Xianyong Meng
Master of Science in Computer Science Theses
Mobile devices have been growing more and more powerful in recent decades, evolving from a simple device for SMS messages and phone calls to a smart device that can install third party apps. People are becoming more heavily reliant on their mobile devices. Due to this increase in usage, security threats to mobile applications are also growing explosively. Mobile app flaws and security defects can provide opportunities for hackers to break into them and access sensitive information. Defensive coding needs to be an integral part of coding practices to improve the security of our code.
We need to consider data …
Sequence Pattern Mining With Variables, 2018 Air Force Institute of Technology
Sequence Pattern Mining With Variables, James S. Okolica, Gilbert L. Peterson, Robert F. Mills, Michael R. Grimaila
Faculty Publications
Sequence pattern mining (SPM) seeks to find multiple items that commonly occur together in a specific order. One common assumption is that all of the relevant differences between items are captured through creating distinct items, e.g., if color matters then the same item in two different colors would have two items created, one for each color. In some domains, that is unrealistic. This paper makes two contributions. The first extends SPM algorithms to allow item differentiation through attribute variables for domains with large numbers of items, e.g, by having one item with a variable with a color attribute rather than …
Cloud Security, 2018 Northern Kentucky University
Cloud Security, Isabella Roth, Jose Salazar, Yi Hu
Posters-at-the-Capitol
Isabella Roth
Jose Salazar
Professor Yi Hu
Computer Information Technology
Cloud Security: AWS Abstract
With enterprises moving their IT infrastructure to the cloud using providers like Amazon Web Services (AWS), security problems have not been reduced. In fact, cloud computing brings new security challenges. Our research investigated better solutions to the security problems that come with using the cloud to store a companies data.
The cloud is a general term for using the internet to receive some sort of data vs connecting directly to a server. This makes it easier to do things such as connecting to an online app …
Performance Indicators Analysis Inside A Call Center Using A Simulation Program, 2018 University of Tirana
Performance Indicators Analysis Inside A Call Center Using A Simulation Program, Ditila Ekmekçiu, Markela Muça, Adrian Naço
International Journal of Business and Technology
This paper deals with and shows the results of different performance indicators analyses made utilizing the help of Simulation and concentrated on dimensioning problems of handling calls capacity in a call center. The goal is to measure the reactivity of the call center’s performance to potential changes of critical variables. The literature related to the employment of this kind of instrument in call centers is reviewed, and the method that this problem is treated momentarily is precisely described. The technique used to obtain this paper’s goal implicated a simulation model using Arena Contact Center software that worked as a key …
Modelling Business And Management Systems Using Fuzzy Cognitive Maps: A Critical Overview, 2018 University of Patras
Modelling Business And Management Systems Using Fuzzy Cognitive Maps: A Critical Overview, Peter P. Groumpos
International Journal of Business and Technology
A critical overview of modelling Business and Management (B&M) Systems using Fuzzy Cognitive Maps is presented. A limited but illustrative number of specific applications of Fuzzy Cognitive Maps in diverse B&M systems, such as e business, performance assessment, decision making, human resources management, planning and investment decision making processes is provided and briefly analyzed. The limited survey is given in a table with statics of using FCMs in B&M systems during the last 15 years. The limited survey shows that the applications of Fuzzy Cognitive Maps to today’s Business and Management studies has been steadily increased especially during the last …
Healthcare Monitoring System Security Platform Using Software Defined Networking Paradigm, 2018 United Arab Emirates University
Healthcare Monitoring System Security Platform Using Software Defined Networking Paradigm, Mohamad Issam Khayat
Information Security Theses
This thesis studies the security and privacy concerns of Healthcare Monitoring System (HMS) and proposes a state-of-the-art Security Platform for HMS using the newly emerging Software Defined Network (SDN) paradigm. In this thesis, we investigate the existing HMS architecture and the relevant solutions proposed for both security and privacy concerns in the literature today. Moreover, we develop a new HMS Security Integration Framework, in the form of a security platform for securing HMS. Finally, we perform a comparison among existing architectures and our proposed framework to highlight the added value of our proposed architecture. Our proposed integration framework eliminates the …
Gender Differences In Identity-Based Social Influence: An Experimental Examination Of Software Piracy Behavior, 2018 United Arab Emirates University
Gender Differences In Identity-Based Social Influence: An Experimental Examination Of Software Piracy Behavior, Noura Eisa Jaber Al Khyeli
Information Security Theses
Software piracy is the unauthorized copying, sharing, or using the software. It can be a profitable endeavor for individuals and a tremendous loss for the industry. According to Gulf News, Software piracy losses in the Arabian Gulf states in 2015 was 897$ million (AED 3.29 billion). Therefore, it is critical to understand as much as possible about the phenomenon and investigate the factors that influence subjects’ piracy behavior. Driven by gaps in previously published literature, the study presented here is an experimental investigation into the gender differences in identity-based social influence. In essence, the study examined if males or females …