Engineering Commons^™

Ict Security Tools And Techniques Among Higher Education Institutions: A Critical Review, Miko Nuñez, Xavier-Lewis Palmer, Lucas Potter, Chris Jordan Aliac, Lemuel Clark Velasco

Electrical & Computer Engineering Faculty Publications

Higher education institutions (HEIs) are increasingly relying on digital technologies for classroom and organizational management, but this puts them at higher risk for information and communication (ICT security attacks. Recent studies show that HEIs have experienced more security breaches in ICT security composed of both cybersecurity an information security. A literature review was conducted to identify common ICT security practices in HEIs over the last decade. 11 journal articles were profiled and analyzed, revealing threats to HEIs’ security and protective measures in terms of organizational security, technological security, physical security, and standards and frameworks. Security tools and techniques were grouped …

Identification Of Key Persons In The Information Security Incident Management Process And Distribution Of Roles Between Them, Fayzullajon Bakhtiyorovich Botirov, Sharifjon Rakhimovich Gafurov, Azam Anvorovich Gafurov

Chemical Technology, Control and Management

This research paper is devoted to the process of information security incident management and the distribution of the roles of key persons in this process. The skills required for members of the information security incident response team are considered, positions and responsibilities are given - typical positions that exist in each organization, testing and improvement procedures are given, the role of the information security incident response team members and employee positions is shown. The quality of the group leader is reflected; responsible for personnel management, scoping and reporting on the state of the organization at a higher level of the …

A Study Of Security Problems In Big Data And Their Solutions, Nozima Akhmedova

Chemical Technology, Control and Management

Statistical data on information security that concerns Big Data and is the most important for enterprises are provided. Based on this data, we studied problems such as the lack of big data practices and protection, the lack of techniques for protecting big data, the lack of standards for protecting big data, the lack of regulation of big data and ecosystems, security problems in Big Data, and proposed several proposals to improve the security of systems that use this technology.

Compound Effects Of Clock And Voltage Based Power Side-Channel Countermeasures, Jacqueline Lagasse

Masters Theses

The power side-channel attack, which allows an attacker to derive secret information from power traces, continues to be a major vulnerability in many critical systems. Numerous countermeasures have been proposed since its discovery as a serious vulnerability, including both hardware and software implementations. Each countermeasure has its own drawback, with some of the highly effective countermeasures incurring large overhead in area and power. In addition, many countermeasures are quite invasive to the design process, requiring modification of the design and therefore additional validation and testing to ensure its accuracy. Less invasive countermeasures that do not require directly modifying the system …

Electronic Spam Filtering Based On Neural Networks, Tulkun Fayzievich Bekmuratov, Fayzullajon Bakhtiyorovich Botirov, Elshod Dilshod Ugli Haydarov

Chemical Technology, Control and Management

This article analyzes the problem of filtering spam messages and addressing spam messages, Bayesian theorems based on artificial intelligence, LVQ algorithms (LVQ learning vector quantization) and a filtering scheme for systems based on neural networks. The direct construction of an effective neural network model of spam filtering using database recognition technology is considered. The parameters of access to the neural network how to include predefined statistical and non-statistical attributes of messages are given. The structure of neural network technology for classifying emails is also considered. The procedure for analyzing incoming data using the tool included in the analytical platform Deductor …

A Comprehensive Security Framework For Securing Sensors In Smart Devices And Applications, Amit Kumar Sikder

FIU Electronic Theses and Dissertations

This doctoral dissertation introduces novel security frameworks to detect sensor-based threats on smart devices and applications in smart settings such as smart home, smart office, etc. First, we present a formal taxonomy and in-depth impact analysis of existing sensor-based threats to smart devices and applications based on attack characteristics, targeted components, and capabilities. Then, we design a novel context-aware intrusion detection system, 6thSense, to detect sensor-based threats in standalone smart devices (e.g., smartphone, smart watch, etc.). 6thSense considers user activity-sensor co-dependence in standalone smart devices to learn the ongoing user activity contexts and builds a context-aware model to distinguish malicious …

Towards Hybrid Quantum-Classical Ciphersuite Primitives, H. Shelton Jacinto

Boise State University Theses and Dissertations

With the dawn of quantum computing in scale, current secure classical primitives are at risk. Protocols with immediate risk of breach are those built on the advanced encryption standard (AES) and Rivest-Shamir-Adleman (RSA) algorithms. To secure classical data against a quantum adversary, a secure communications ciphersuite must be developed. The ciphersuite developed in this work contains components that do not necessarily rely on quantum key distribution (QKD), due to recent insecurities found when a QKD-based protocol is faced with a quantum eavesdropper.

A set of quantum-classical ciphersuite primitives were developed using less common mathematical methods where a quantum adversary will …

Cloud Workload Allocation Approaches For Quality Of Service Guarantee And Cybersecurity Risk Management, Soamar Homsi

FIU Electronic Theses and Dissertations

It has become a dominant trend in industry to adopt cloud computing --thanks to its unique advantages in flexibility, scalability, elasticity and cost efficiency -- for providing online cloud services over the Internet using large-scale data centers. In the meantime, the relentless increase in demand for affordable and high-quality cloud-based services, for individuals and businesses, has led to tremendously high power consumption and operating expense and thus has posed pressing challenges on cloud service providers in finding efficient resource allocation policies.

Allowing several services or Virtual Machines (VMs) to commonly share the cloud's infrastructure enables cloud providers to optimize resource …

Side-Information For Steganography Design And Detection, Tomas Denemark

Graduate Dissertations and Theses

Today, the most secure steganographic schemes for digital images embed secret messages while minimizing a distortion function that describes the local complexity of the content. Distortion functions are heuristically designed to predict the modeling error, or in other words, how difficult it would be to detect a single change to the original image in any given area. This dissertation investigates how both the design and detection of such content-adaptive schemes can be improved with the use of side-information.

We distinguish two types of side-information, public and private: Public side-information is available to the sender and at least in part also …

An Efficient Robust Watermarking Scheme For Varying Sized Blocks, Navneet Yadav, Kulbir Singh

Turkish Journal of Electrical Engineering and Computer Sciences

No abstract provided.

Information Security Challenge Of Qr Codes, Nik Thompson, Kevin Lee

Journal of Digital Forensics, Security and Law

The discipline of information security must adapt to new technologies and methods of interaction with those technologies. New technologies present both challenges and opportunities for the security professional, especially for areas such as digital forensics. Challenges can be in the form of new devices such as smartphones or new methods of sharing information, such as social networks. One such rapidly emerging interaction technology is the use of Quick Response (QR) codes. These offer a physical mechanism for quick access to Web sites for advertising and social interaction. This paper argues that the common implementation of QR codes potentially presents security …

An Investigation Of Security Challenges In Cognitive Radio Networks, Deepraj S. Vernekar

Computer and Electronics Engineering: Dissertations, Theses, and Student Research

The recent advances in wireless communication have led to the problem of growing spectrum scarcity. The available wireless spectrum has become scarcer due to increasing spectrum demand for new wireless applications. The large portion of the allocated spectrum is sporadically used leading to underutilization of significant amount of spectrum. To improve the spectrum efficiency, the idea of cognitive radio technology was introduced. This concept of cognitive radio provides a promising solution for the spectrum scarcity issues in wireless networks. Meanwhile, the security issues of cognitive radio have received more attentions recently since the inherent properties of CR networks would pose …

Secure Distributed Detection In Bandwidth-Constrained Wireless Sensor Networks, Reza Soosahabi

LSU Master's Theses

Utilizing wireless sensor network (WSN) is a novel idea in a variety of applications. However, the limited resources allocated to the sensor nodes make the design of WSNs a challenging problem. We consider the problem of hypothesis testing in a bandwidth-constrained, low-power wireless sensor network operating over insecure links. Sensors quantize their observations and transmit their decisions to an intended (ally) fusion center (AFC) which combines the received messages to detect the state of an unknown hypothesis.

In many applications the sensor messages are vulnerable to unauthorized eavesdropping. The scarce bandwidth and processing power for the sensors rule out the …

Quality-Driven Cross Layer Design For Multimedia Security Over Resource Constrained Wireless Sensor Networks, Wei Wang

Computer and Electronics Engineering: Dissertations, Theses, and Student Research

The strong need for security guarantee, e.g., integrity and authenticity, as well as privacy and confidentiality in wireless multimedia services has driven the development of an emerging research area in low cost Wireless Multimedia Sensor Networks (WMSNs). Unfortunately, those conventional encryption and authentication techniques cannot be applied directly to WMSNs due to inborn challenges such as extremely limited energy, computing and bandwidth resources. This dissertation provides a quality-driven security design and resource allocation framework for WMSNs. The contribution of this dissertation bridges the inter-disciplinary research gap between high layer multimedia signal processing and low layer computer networking. It formulates the …

Prevention Is Better Than Prosecution: Deepening The Defence Against Cyber Crime, Jacqueline Fick

Journal of Digital Forensics, Security and Law

In the paper the author proposes that effectively and efficiently addressing cyber crime requires a shift in paradigm. For businesses and government departments alike the focus should be on prevention, rather than the prosecution of cyber criminals. The Defence in Depth strategy poses a practical solution for achieving Information Assurance in today’s highly networked environments. In a world where “absolute security” is an unachievable goal, the concept of Information Assurance poses significant benefits to securing one of an organization’s most valuable assets: Information. It will be argued that the approach of achieving Information Assurance within an organisation, coupled with the …

An Intelligent Face Features Generation System From Fingerprints, Şeref Sağiroğlu, Necla Özkaya

Turkish Journal of Electrical Engineering and Computer Sciences

In this study, a novel intelligent system based on artificial neural networks was designed and introduced for generating faces from fingerprints with high accuracy. The proposed system has a number of modules including two feature enrolment modules for acquiring the fingerprints and faces into the system, two feature extractors for extracting the feature sets of fingerprint and face biometrics, an artificial neural network module that was configured with the help of Taguchi experimental design method for establishing relationships among the biometric features, a face re-constructor for building up face features from the results of the system, and a test module …

Monitoring And Surveillance In The Workplace: Lessons Learnt? – Investigating The International Legal Position, Verine Etsebeth

Journal of Digital Forensics, Security and Law

When considering the legal implications of monitoring and surveillance in the workplace, the question may be asked why companies deploy computer surveillance and monitoring in the first place. Several reasons may be put forward to justify why more than 80% of all major American firms monitor employee e-mails and Internet usage. However, what most companies forget is the fact that the absence or presence of monitoring and surveillance activities in a company holds serious legal consequences for companies. From the discussion in this paper it will become apparent that there is a vast difference in how most countries approach this …

The Common Body Of Knowledge: A Framework To Promote Relevant Information Security Research, Kenneth J. Knapp, F. N. Ford, Thomas E. Marshall, R. K. Rainer

Journal of Digital Forensics, Security and Law

This study proposes using an established common body of knowledge (CBK) as one means of organizing information security literature. Consistent with calls for more relevant information systems (IS) research, this industrydeveloped framework can motivate future research towards topics that are important to the security practitioner. In this review, forty-eight articles from ten IS journals from 1995 to 2004 are selected and cross-referenced to the ten domains of the information security CBK. Further, we distinguish articles as empirical research, frameworks, or tutorials. Generally, this study identified a need for additional empirical research in every CBK domain including topics related to legal …

Making Molehills Out Of Mountains: Bringing Security Research To The Classroom, Richard G. Taylor

Journal of Digital Forensics, Security and Law

Security research published in academic journals rarely finds its way to the business community or into the classroom. Even though the research is of high quality, it is written in a manner that is difficult to read and to understand. This paper argues that one way to get this academic research into the business community is to incorporate it into security classrooms. To do so, however, academic articles need to be adapted into a classroom-friendly format. This paper suggests ways to do this and provides an example of an academic article that was adapted for use in a security management …

Education Organization Baseline Control Protection And Trusted Level Security, Wasim A. Al-Hamdani

Journal of Digital Forensics, Security and Law

Many education organizations have adopted for security the enterprise best practices for implementation on their campuses, while others focus on ISO Standard (or/and) the National Institution of Standards and Technology.

All these adoptions are dependent on IT personal and their experiences or knowledge of the standard. On top of this is the size of the education organizations. The larger the population in an education organization, the more the problem of information and security become very clear. Thus, they have been obliged to comply with information security issues and adopt the national or international standard. The case is quite different when …

A Study Of Steganography And Steganalysis, Nisant Nalla

Theses

Steganography is the art of hiding the fact that communication is taking place, by hiding information in other information. Steganalysis is the study of methods to detect the presence of hidden messages. The Steganography and Steganalysis are very much interdependent. The people in the Steganography domain try to develop stronger methods to hide data in different media. This spurs the discovery of new steganalysis methods which can break these Steganography methods. This is vital for the development of these fields. The internet has been growing by leaps and bounds. There is an increasing need for information security. It has been …

An Information Security Education Initiative For Engineering And Computer Science, Shiu-Kai Chin, Cynthia E. Irvine, Deborah Frincke

Electrical Engineering and Computer Science - All Scholarship

This paper puts forward a case for an educational initiative in information security at both the undergraduate and graduate levels. Its focus is on the need for such education, the desired educational outcomes, and how the outcomes may be assessed. A basic thesis of this paper is that the goals, methods, and evaluation techniques of information and computer security are consistent with and supportive of the stated goals of engineering education and the growing movement for outcomes-based assessment in higher education.