Information Security Commons^™

Comparative Study Of Deep Learning Models For Network Intrusion Detection, Brian Lee, Sandhya Amaresh, Clifford Green, Daniel Engels

SMU Data Science Review

In this paper, we present a comparative evaluation of deep learning approaches to network intrusion detection. A Network Intrusion Detection System (NIDS) is a critical component of every Internet connected system due to likely attacks from both external and internal sources. A NIDS is used to detect network born attacks such as Denial of Service (DoS) attacks, malware replication, and intruders that are operating within the system. Multiple deep learning approaches have been proposed for intrusion detection systems. We evaluate three models, a vanilla deep neural net (DNN), self-taught learning (STL) approach, and Recurrent Neural Network (RNN) based Long Short …

Blockchain In Payment Card Systems, Darlene Godfrey-Welch, Remy Lagrois, Jared Law, Russell Scott Anderwald, Daniel W. Engels

SMU Data Science Review

Payment cards (e.g., credit and debit cards) are the most frequent form of payment in use today. A payment card transaction entails many verification information exchanges between the cardholder, merchant, issuing bank, a merchant bank, and third-party payment card processors. Today, a record of the payment transaction often records to multiple ledgers. Merchant’s incur fees for both accepting and processing payment cards. The payment card industry is in dire need of technology which removes the need for third-party verification and records transaction details to a single tamper-resistant digital ledger. The private blockchain is that technology. Private blockchain provides a linked …

Malware For Macintosh, Nathan C. Shinabarger, Josiah E. Bills, Richard W. Lively, Noah S. Shinabarger

The Research and Scholarship Symposium (2013-2019)

Technology is a cornerstone of modern society. Unfortunately, it seems that every new piece of technology is accompanied by five computer-security breaches elsewhere. Most people associate hacks with Windows computers. This is a problem because Apple computers, and other non-Windows systems, are also extremely vulnerable to attacks and risk being compromised. Dolos is a piece of malware we developed intended to exploit the macOS Sierra operating system. It provides a framework for running exploits and comes built in with certain control and data exfiltration capabilities. Dolos also helps destroy the misconception of "the impenetrable Macintosh computer" by showing that Apple …

Computer Security Documentation For A Non-Technical Audience, Salman Quraishi

Undergraduate Research Celebration 2018

This research project investigates the development of computer security documentation. Computer security includes the protection of hardware, software, and/or digital information from theft and/or damage, along with preventing disruption or misdirection of the services a computer may provide.The scope of the research was to develop a document detailing the basic fundamental concepts of computer security that individuals of all backgrounds can use without requiring prerequisite knowledge of computer security. The core concepts of the document encompass phishing, social engineering, password security, trusted/untrusted networks, viruses, malware, and antivirus software. Both technical and non-technical individuals can utilize the document to learn how …

Quantum Attacks On Modern Cryptography And Post-Quantum Cryptosystems, Zachary Marron

Senior Honors Theses

Cryptography is a critical technology in the modern computing industry, but the security of many cryptosystems relies on the difficulty of mathematical problems such as integer factorization and discrete logarithms. Large quantum computers can solve these problems efficiently, enabling the effective cryptanalysis of many common cryptosystems using such algorithms as Shor’s and Grover’s. If data integrity and security are to be preserved in the future, the algorithms that are vulnerable to quantum cryptanalytic techniques must be phased out in favor of quantum-proof cryptosystems. While quantum computer technology is still developing and is not yet capable of breaking commercial encryption, these …

User-Centric Privacy Preservation In Mobile And Location-Aware Applications, Mingming Guo

FIU Electronic Theses and Dissertations

The mobile and wireless community has brought a significant growth of location-aware devices including smart phones, connected vehicles and IoT devices. The combination of location-aware sensing, data processing and wireless communication in these devices leads to the rapid development of mobile and location-aware applications. Meanwhile, user privacy is becoming an indispensable concern. These mobile and location-aware applications, which collect data from mobile sensors carried by users or vehicles, return valuable data collection services (e.g., health condition monitoring, traffic monitoring, and natural disaster forecasting) in real time. The sequential spatial-temporal data queries sent by users provide their location trajectory information. The …

Entropic Bounds On Two-Way Assisted Secret-Key Agreement Capacities Of Quantum Channels, Noah Anthony Davis

LSU Doctoral Dissertations

In order to efficiently put quantum technologies into action, we must know the characteristics of the underlying quantum systems and effects. An interesting example is the use of the secret-key-agreement capacity of a quantum channel as a guide and measure for the implementation of quantum key distribution (QKD) and distributed quantum computation. We define the communication task of establishing a secret key over a quantum channel subject to an energy constraint on the input state and while allowing for unlimited local operations and classical communication (LOCC) between a sender and receiver. We then use the energy-constrained squashed entanglement to bound …

Understanding Natural Keyboard Typing Using Convolutional Neural Networks On Mobile Sensor Data, Travis Siems

Computer Science and Engineering Theses and Dissertations

Mobile phones and other devices with embedded sensors are becoming increasingly ubiquitous. Audio and motion sensor data may be able to detect information that we did not think possible. Some researchers have created models that can predict computer keyboard typing from a nearby mobile device; however, certain limitations to their experiment setup and methods compelled us to be skeptical of the models’ realistic prediction capability. We investigate the possibility of understanding natural keyboard typing from mobile phones by performing a well-designed data collection experiment that encourages natural typing and interactions. This data collection helps capture realistic vulnerabilities of the security …

A Resource View Of Information Security Incident Response, Mark-David J. Mclaughlin

2018

This dissertation investigates managerial and strategic aspects of InfoSec incident preparation and response. This dissertation is presented in four chapters:

Chapter 1: an introduction

Chapter 2: a systematic literature review

Chapter 3: two field-based case studies of InfoSec incident response processes

Chapter 4: a repertory grid study identifying characteristics of effective individual incident responders.

Together these chapters demonstrate that the lenses of the Resource Based View, Theory of Complementary Resources, and Accounting Control Theory, can be combined to classify and analyze the resources organizations use during incident response. I find that incident response is maturing as a discipline and organizations …

The Infosys Times, Vol. 5, No. 1, St. Cloud State University

The Infosys TIMES

• Midwest Instruction Computing Symposium
• Excellence in Leadership: Scott Lisbon
• Title IX Interview with Dr. Ellyn Bartges
• Federated Insurance IS College Fair, Channa J Kumarage
• Information Security of SCADA Systems, Alexander Stewart and Dr. Paul Safonov
• Chicago WiCyS Conference, Sushmita Acharya
• Learn to Adapt, Interview with Eric Zierdt
• In-Demand Certifications, Praveen Uprety
• TERP10 - SAP Education Services, Dr. Changsoo Sohn
• How I Survived the Job-Market, Kehinde Sodunke
• Blockchain-Internet of Value, Jamal Hayat Mosakheil
• Student360 Conference, Scott Lisbon & Nicole Schrom
• Quantum Encryption and Random Numbers, Adam Fitzpatrick
• What's new in MSIA Program?, Dr. Jim Chen

Ethical Hacking: Network Security And Penetration Testing, Lei Li, Zhigang Li, Hossain Shahriar, Rebecca Rutherfoord, Svetana Peltsverger, Dawn Tatum

Computer Science and Information Technology Grants Collections

This Grants Collection for Ethical Hacking: Network Security and Penetration Testing was created under a Round Eight ALG Textbook Transformation Grant.

Affordable Learning Georgia Grants Collections are intended to provide faculty with the frameworks to quickly implement or revise the same materials as a Textbook Transformation Grants team, along with the aims and lessons learned from project teams during the implementation process.

Documents are in .pdf format, with a separate .docx (Word) version available for download. Each collection contains the following materials:

• Linked Syllabus
• Initial Proposal
• Final Report

Wireless Security, Lei Li, Zhigang Li, Hossain Shahriar, Rebecca Rutherfoord, Svetana Peltsverger, Dawn Tatum

Computer Science and Information Technology Grants Collections

This Grants Collection for Wireless Security was created under a Round Eight ALG Textbook Transformation Grant.

Affordable Learning Georgia Grants Collections are intended to provide faculty with the frameworks to quickly implement or revise the same materials as a Textbook Transformation Grants team, along with the aims and lessons learned from project teams during the implementation process.

Documents are in .pdf format, with a separate .docx (Word) version available for download. Each collection contains the following materials:

• Linked Syllabus
• Initial Proposal
• Final Report

Ethical Hacking For Effective Defense, Lei Li, Zhigang Li, Hossain Shahriar, Rebecca H. Rutherfoord, Svetana Peltsverger, Dawn Tatum

Computer Science and Information Technology Grants Collections

This Grants Collection for Ethical Hacking for Effective Defense was created under a Round Eight ALG Textbook Transformation Grant.

Affordable Learning Georgia Grants Collections are intended to provide faculty with the frameworks to quickly implement or revise the same materials as a Textbook Transformation Grants team, along with the aims and lessons learned from project teams during the implementation process.

Documents are in .pdf format, with a separate .docx (Word) version available for download. Each collection contains the following materials:

• Linked Syllabus
• Initial Proposal
• Final Report

Surveying Digital Collections Stewardship In Nebraska [Original Survey Form], Jennifer L. Thoegersen, Blake Graham

University of Nebraska-Lincoln Data Repository

No abstract provided.

A Survey Of Security And Privacy In Mobile Cloud Computing, Bhuvaneswari Rayapuri

Masters Theses

Cloud Computing is an emerging technology that provides shared processing resources and data to computers and other devices on demand. On the other hand, Mobile Computing allows transmission of data, voice and video. From these two there emerges a new concept Mobile Cloud Computing which not only overcomes the problems of Mobile Computing but also integrates Cloud Computing into Mobile Environments to overcome obstacles related to Performance, Security and Environment. This paper also provides a decent description on Security and Privacy, its related problems, threats and challenges. This paper first provides details on survey of Mobile Cloud Computing, then it …

Application Of Huffman Data Compression Algorithm In Hashing Computation, Lakshmi Narasimha Devulapalli Venkata,

Masters Theses & Specialist Projects

Cryptography is the art of protecting information by encrypting the original message into an unreadable format. A cryptographic hash function is a hash function which takes an arbitrary length of the text message as input and converts that text into a fixed length of encrypted characters which is infeasible to invert. The values returned by the hash function are called as the message digest or simply hash values. Because of its versatility, hash functions are used in many applications such as message authentication, digital signatures, and password hashing [Thomsen and Knudsen, 2005].

The purpose of this study is to apply …

Criteria-Based Encryption, Tran Viet Xuan Phuong, Guomin Yang, Willy Susilo

Research Collection School Of Computing and Information Systems

We present a new type of public-key encryption called Criteria-based Encryption (or , for short). Different from Attribute-based Encryption, in , we consider the access policies as criteria carrying different weights. A user must hold some cases (or answers) satisfying the criteria and have sufficient weights in order to successfully decrypt a message. We then propose two Schemes under different settings: the first scheme requires a user to have at least one case for a criterion specified by the encryptor in the access structure, while the second scheme requires a user to have all the cases for each criterion. We …

Every Step You Take, I’Ll Be Watching You: Practical Stepauth-Entication Of Rfid Paths, Kai Bu, Yingjiu Li

Research Collection School Of Computing and Information Systems

Path authentication thwarts counterfeits in RFID-based supply chains. Its motivation is that tagged products taking invalid paths are likely faked and injected by adversaries at certain supply chain partners/steps. Existing solutions are path-grained in that they simply regard a product as genuine if it takes any valid path. Furthermore, they enforce distributed authentication by offloading the sets of valid paths to some or all steps from a centralized issuer. This not only imposes network and storage overhead but also leaks transaction privacy. We present StepAuth, the first step-grained path authentication protocol that is practically efficient for authenticating products with strict …

Privus: Take Back Your Privacy The Effect Of A User-Centered Approach On Privacy Management, Aral Tasher

Theses and Dissertations

Rapid innovations in science and engineering have created a greater opportunity for disruptive technologies to be established at a faster rate. Less than a decade ago mobile, phones were a mere tool for communication, nowadays, we rely on their successors to remind us about our next appointment, what we need from the grocery store, or even where we parked our car. But this assistance comes with a cost; in order to help us, our devices rely on using our personal information like GPS, contacts list and personal notes, –in some cases more information than what the app needs. While there …

Enhancing Firewall Filtering Performance Using Neural Networks, Heba Saleous

Information Security Theses

The internet has grown to a point where people all over the world have become dependent on this convenient communication medium. However, with this dependency, malicious traffic has become a major concern. Consequently, firewalls have become a mandatory part of any network, due to their ability to filter the traffic based on rules that state which packets should be accepted or denied. However, a network administrator must manually configure filter rules, and packets that do not fit any rule may be subject to wrong judgement by the firewall. Neural networks can learn the filter rules in order to decide if …