Computer Sciences Commons^™

Designing A Data Warehouse For Cyber Crimes, Il-Yeol Song, John D. Maguire, Ki Jung Lee, Namyoun Choi, Xiaohua Hu, Peter Chen

Annual ADFSL Conference on Digital Forensics, Security and Law

One of the greatest challenges facing modern society is the rising tide of cyber crimes. These crimes, since they rarely fit the model of conventional crimes, are difficult to investigate, hard to analyze, and difficult to prosecute. Collecting data in a unified framework is a mandatory step that will assist the investigator in sorting through the mountains of data. In this paper, we explore designing a dimensional model for a data warehouse that can be used in analyzing cyber crime data. We also present some interesting queries and the types of cyber crime analyses that can be performed based on …

Leveraging The Final Project To Improve Student Motivation In Introductory Digital Design Courses, Andrew Danowitz

Computer Science and Software Engineering

Student retention rates in engineering, especially among traditionally underrepresented groups, remain an obstacle to training a large, diverse engineering workforce. The NSF's Science and Engineering Indicators 2016 indicate that of students entering college with an intent to major in engineering, only 63% graduate with an engineering degree [1]. With research suggesting that misperceptions or a lack of knowledge about what work in a certain field is like can deter students from studying that discipline [2], [3], it is possible that providing a meaningful project experience at the introductory level could provide a strong positive impact on retention rates. This could …

Fedrr: Fast, Exhaustive Detection Of Redundant Hierarchical Relations For Quality Improvement Of Large Biomedical Ontologies, Guangming Xing, Guo-Qiang Zhang, Licong Cui

Institute for Biomedical Informatics Faculty Publications

Background: Redundant hierarchical relations refer to such patterns as two paths from one concept to another, one with length one (direct) and the other with length greater than one (indirect). Each redundant relation represents a possibly unintended defect that needs to be corrected in the ontology quality assurance process. Detecting and eliminating redundant relations would help improve the results of all methods relying on the relevant ontological systems as knowledge source, such as the computation of semantic distance between concepts and for ontology matching and alignment.

Results: This paper introduces a novel and scalable approach, called FEDRR – Fast, Exhaustive …

Design Implications Of Changing Student Demographics, Andy Igonor, Natalya Koehler

Learning Showcase 2016: A Celebration of Discovery, Transformation and Success

Many non-traditional higher education institutions have built their cyber security and computer science programs {CSCS) to cater to the needs of adult, working learners. Focusing on this demographic has implications for course and program design. Design approaches have therefore focused on strategies aimed at translating knowledge into learning nuggets specific to the adult learner, enabling day one job-readiness upon graduation. Recently, there has been increased focus on CSCS education at the high school level. The computer science for all initiative was announced recently by US President Obama, and there have been increased creativity on the part of higher education institutions …

Github: An Introduction, Craig A. Boman

Roesch Library Staff Presentations

Tech startups have been using version control software to maximize their collaborative technology projects since their inception, but what more can librarians do to leverage this suite of tools? In this presentation, we will briefly describe how version control apps like Github may drastically improve technology collaborations in your library, specifically ILS web refreshes. After the Github introduction, those who participated in the pre-conference "hackathon" session will discuss their projects and talk about the successes and challenges they encountered.

The Value Of Crowdsourcing For Complex Problems: Comparative Evidence From Software Developed By The Crowd And Professionals, Abhishek Tripathi, Deepak Khazanchi

Information Systems and Quantitative Analysis Faculty Publications

Crowdsourcing is a problem solving model. In the context of complex problems, conventional theory suggests that solving complex problems is a province of professionals, that is, people with sufficient knowledge about the domain. Prior literature has indicated that the crowd, in addition to professionals, is also a great source for solving problems such as product innovation and idea generation. However, this assumption has yet to be tested. Adopting a quasi-experimental approach, this study uses a two-phase process to investigate this question. In the first phase we compare the development of a software by the crowd and professionals. In the second …

Identifying Individual Driver Behaviour Using In-Vehicle Can-Bus Signals Of Pre-Turning Maneuvers, Mahboubeh Zardosht

Electronic Thesis and Dissertation Repository

All drivers have their own driving style while performing different driving maneuvers. They vary in using vehicle’s control devices such as the steering wheel, pedals, gears etc. In this thesis, we analyze driving behavior in different timeframes prior to turns. We employ data obtained from actual driving behavior in an urban environment collected from the CAN-Bus of an instrumented vehicle. Five CAN-Bus signals, vehicle speed, gas pedal pressure, brake pedal pressure, steering wheel angle, and acceleration, is collected for 5, 10, and 15 seconds of driving prior to each turn. We consider all turns for each driver as well as …

Integrate Text Mining Into Computer And Information Security Education, Hongmei Chi, Ezhil Kalaimannan, Dominique Hubbard

KSU Proceedings on Cybersecurity Education, Research and Practice

Insider threats has become a significant challenge to organization, due to the employees varying levels of access to the internal network. This will intern bypass the external security measures that have been put in place to protect the organization’s resources. Computer-mediated communication (CMC) is a form of communication over virtual spaces where users cannot see each other. CMC includes email and communication over social networks, amongst others. This paper focuses on the design and implementation of exercise modules, which can be integrated into cybersecurity courses. The main objectives of the paper include how to teach and integrate the CMC learning …

Cover Text Steganography: N-Gram And Entropy-Based Approach, Sara M. Rico-Larmer

KSU Proceedings on Cybersecurity Education, Research and Practice

Steganography is an ancient technique for hiding a secret message within ordinary looking messages or objects (e.g., images), also known as cover messages. Among various techniques, hiding text data in plain text file is a challenging task due to lack of redundant information. This paper proposes two new approaches to embed a secret message in a cover text document. The two approaches are n-gram and entropy metric-based generation of stego text. We provide examples of encoding secret messages in a cover text document followed by an initial evaluation of how well stego texts look close to the plain …

Hands-On Labs Demonstrating Html5 Security Concerns, Mounika Vanamala

KSU Proceedings on Cybersecurity Education, Research and Practice

The research is focused on the new features added in HTML5 standard that have strong implications towards the overall information security of a system that uses this implementation.A Hands-on Lab is developed to demonstrate how Web Storage and the Geo-location API of HTML5 can affect the privacy of the user.

“Not All Friends Are Equal”: Friendship Classification For Defending Against Social Engineering Attacks, Munene W. Kanampiu, Mohd Anwar

KSU Proceedings on Cybersecurity Education, Research and Practice

Social engineering is a serious security threat to Online Social Networks (OSNs). Identity theft, impersonation, phishing, and deception are some of the social engineering-based attacks that exploit vulnerabilities of interpersonal relationships of online users. As a result, relationships in OSNs need to be thoroughly examined. In this vein, we propose a relationship categorization model to evaluate relationship strength based on graph-theoretic properties and social network analysis (SNA) methods. For example, in Facebook, users may be categorized into close-neighbors, distant-neighbors, celebrities (influential by admiration), authority (influential by power), and loners. Close-neighbors category will help identify a set of trustworthy actors while …

Smart City Security, Shawn Ralko, Sathish Kumar

KSU Proceedings on Cybersecurity Education, Research and Practice

With rapid growth of technology involved and the implementation of the smart city concept, it is becoming vital to identify and implement security controls for their secure operation. Smart city security is essential for a city to incorporate the technologies into smart city cyber infrastructure and to improve the conditions of life for its citizens. In this paper, we have discussed the growth of smart city concept, their security issues. We also discuss the security solutions that needs to be implemented to keep the smart city cyber infrastructure secure. We have also pointed out the recommendations on the open issues …

The Role Of State Privacy Regulations In Mitigating Internet Users’ Privacy Concerns: A Multilevel Perspective, Tawfiq Alashoor

KSU Proceedings on Cybersecurity Education, Research and Practice

In the U.S., there is no comprehensive national law regulating the collection and use of personal information. As a response to the high level of privacy concerns among U.S. citizens and the currently limited regulations, states have enacted their own privacy laws over and above the principles of Fair Information Practices (FIP). In this exploratory study, we draw upon the privacy literature and the Restricted Access/Limited Control (RALC) theory of privacy to study the privacy concerns phenomenon with a multilevel theoretical lens. We introduce and test three novel propositions pertaining to the impact of state level privacy regulations on privacy …

Improvement And Maturity Of The Information Security Risk Management Process, Angela Jackson-Summers

KSU Proceedings on Cybersecurity Education, Research and Practice

No abstract provided.

Combining The Extended Risk Analysis Model And The Attack Response Model To Introduce Risk Analysis, Randall Reid

KSU Proceedings on Cybersecurity Education, Research and Practice

This paper uses the Extended Risk Analysis Model to introduce risk analysis in a classroom setting. The four responses to an attack, avoidance, transference, mitigation, and acceptance are overlaid on the Extended Risk Analysis Model to aid in the visualization of their relationship. It then expands and updates the cyber insurance portion of the Extended Risk Analysis Model.

Health It Security: An Examination Of Modern Challenges In Maintaining Hipaa And Hitech Compliance, Andrew S. Miller, Bryson R. Payne

KSU Proceedings on Cybersecurity Education, Research and Practice

This work describes an undergraduate honors research project into some of the challenges modern healthcare providers face in maintaining compliance with the Health Insurance Portability and Accountability Act (HIPAA) and HITECH (Health Information Technology for Economic and Clinical Health) Act. An overview of the pertinent sections of both the HIPAA and HITECH Acts regarding health information security is provided, along with a discussion of traditionally weak points in information security, including: people susceptible to social engineering, software that is not or cannot be regularly updated, and targeted attacks (including advanced persistent threats, or APTs). Further, the paper examines potential violations …

Investigating Information Security Policy Characteristics: Do Quality, Enforcement And Compliance Reduce Organizational Fraud?, Dennis T. Brown

KSU Proceedings on Cybersecurity Education, Research and Practice

Occupational fraud, the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the organization’s resources or assets, is a growing concern for all organizations. While the typical organization loses at least 5% of annual revenues to fraud, current methods of detection and prevention are not fully adequate to reduce increasing occurrences. Although information systems are making life easier, they are increasingly being used to perpetrate fraudulent activities, and internal employee security threat is responsible for more information compromise than external threats.

The purpose of this research is to examine how information security policy quality and …

Individuals' Concern About Information Privacy In Ar Mobile Games, Dapeng Liu

KSU Proceedings on Cybersecurity Education, Research and Practice

Augmented Reality (AR) proves to be an attractive technology in mobile games. While AR techniques energize mobile games, the privacy issue is raised to be discussed. Employing social media analytics (SMA) techniques, this research makes efforts to examines Twitter postings of “PokemonGo” case and explores individuals’ attitudes toward privacy in AR games. In this research, we examine what are the privacy concerns of individuals in AR games and what are the individuals’ sentiments toward privacy. In the interesting case of PokemonGo, this paper suggests that individuals’ concerns about privacy are emphasized on six dimensions - collection, improper access, unauthorized secondary …

Semi-Supervised Deep Neural Network For Network Intrusion Detection, Mutahir Nadeem, Ochaun Marshall, Sarbjit Singh, Xing Fang, Xiaohong Yuan

KSU Proceedings on Cybersecurity Education, Research and Practice

Network security is of vital importance for corporations and institutions. In order to protect valuable computer systems, network data needs to be analyzed so that possible network intrusions can be detected. Supervised machine learning methods achieve high accuracy at classifying network data as normal or malicious, but they require the availability of fully labeled data. The recently developed ladder network, which combines neural networks with unsupervised learning, shows promise in achieving a high accuracy while only requiring a small number of labeled examples. We applied the ladder network to classifying network data using the Third International Knowledge Discovery and Data …

Planning And Implementing A Successful Nsa-Nsf Gencyber Summer Cyber Academy, Bryson R. Payne, Tamirat Abegaz, Keith Antonia

KSU Proceedings on Cybersecurity Education, Research and Practice

The GenCyber program is jointly sponsored by the National Security Agency (NSA) and the National Science Foundation (NSF) to help faculty and cybersecurity experts provide summer cybersecurity camp experiences for K-12 students and teachers. The main objective of the program is to attract, educate, and motivate a new generation of young men and women to help address the nationwide shortage of trained cybersecurity professionals. The curriculum is flexible and centers on ten cybersecurity first principles. Currently, GenCyber provides cyber camp options for three types of audiences: students, teachers, and a combination of both teachers and students. In 2016, over 120 …