Engineering Commons^™

Longitudinal Attacks Against Iterative Data Collection With Local Differential Privacy, Mehmet Emre Gürsoy

Turkish Journal of Electrical Engineering and Computer Sciences

Local differential privacy (LDP) has recently emerged as an accepted standard for privacy-preserving collection of users’ data from smartphones and IoT devices. In many practical scenarios, users’ data needs to be collected repeatedly across multiple iterations. In such cases, although each collection satisfies LDP individually by itself, a longitudinal collection of multiple responses from the same user degrades that user’s privacy. To demonstrate this claim, in this paper, we propose longitudinal attacks against iterative data collection with LDP. We formulate a general Bayesian adversary model, and then individually show the application of this adversary model on six popular LDP protocols: …

Integrating Nist And Iso Cybersecurity Audit And Risk Assessment Frameworks Into Cameroonian Law, Bernard Ngalim

Journal of Cybersecurity Education, Research and Practice

This paper reviews cybersecurity laws and regulations in Cameroon, focusing on cybersecurity and information security audits and risk assessments. The importance of cybersecurity risk assessment and the implementation of security controls to cure deficiencies noted during risk assessments or audits is a critical step in developing cybersecurity resilience. Cameroon's cybersecurity legal framework provides for audits but does not explicitly enumerate controls. Consequently, integrating relevant controls from the NIST frameworks and ISO Standards can improve the cybersecurity posture in Cameroon while waiting for a comprehensive revision of the legal framework. NIST and ISO are internationally recognized as best practices in information …

What Senior U.S. Leaders Say We Should Know About Cyber, Dr. Joseph H. Schafer

Military Cyber Affairs

On April 6, 2023, the Atlantic Council’s Cyber Statecraft Initiative hosted a panel discussion on the new National Cybersecurity Strategy. The panel featured four senior officials from the Office of the National Cyber Director (ONCD), the Department of State (DoS), the Department of Justice (DoJ), and the Department of Homeland Security (DHS). The author attended and asked each official to identify the most important elements that policymakers and strategists must understand about cyber. This article highlights historical and recent struggles to express cyber policy, the responses from these officials, and the author’s ongoing research to improve national security cyber policy.

Self-Learning Algorithms For Intrusion Detection And Prevention Systems (Idps), Juan E. Nunez, Roger W. Tchegui Donfack, Rohit Rohit, Hayley Horn

SMU Data Science Review

Today, there is an increased risk to data privacy and information security due to cyberattacks that compromise data reliability and accessibility. New machine learning models are needed to detect and prevent these cyberattacks. One application of these models is cybersecurity threat detection and prevention systems that can create a baseline of a network's traffic patterns to detect anomalies without needing pre-labeled data; thus, enabling the identification of abnormal network events as threats. This research explored algorithms that can help automate anomaly detection on an enterprise network using Canadian Institute for Cybersecurity data. This study demonstrates that Neural Networks with Bayesian …

Removing The Veil: Shining Light On The Lack Of Inclusivity In Cybersecurity Education For Students With Disabilities, Felicia Hellems, Sajal Bhatia

School of Computer Science & Engineering Faculty Publications

There are currently over one billion people living with some form of disability worldwide. The continuous increase in new technologies in today's society comes with an increased risk in security. A fundamental knowledge of cybersecurity should be a basic right available to all users of technology. A review of literature in the fields of cybersecurity, STEM, and computer science (CS) has revealed existent gaps regarding educational methods for teaching cybersecurity to students with disabilities (SWD's). To date, SWD's are largely left without equitable access to cybersecurity education. Our goal is to identify current educational methods being used to teach SWD's …

Cybersecurity Analysis Of Load Frequency Control In Power Systems: A Survey, Sahaj Saxena, Sajal Bhatia, Rahul Gupta

School of Computer Science & Engineering Faculty Publications

Today, power systems have transformed considerably and taken a new shape of geographically distributed systems from the locally centralized systems thereby leading to a new infrastructure in the framework of networked control cyber-physical system (CPS). Among the different important operations to be performed for smooth generation, transmission, and distribution of power, maintaining the scheduled frequency, against any perturbations, is an important one. The load frequency control (LFC) operation actually governs this frequency regulation activity after the primary control. Due to CPS nature, the LFC operation is vulnerable to attacks, both from physical and cyber standpoints. The cyber-attack strategies ranges from …

Topical Review Of Vulnerability Management For Local Hampton Roads Industry, Gregory W. Hubbard Jr., Matthew Eunice

OUR Journal: ODU Undergraduate Research Journal

The progress towards an interconnected digital world offers an exciting level of advancement for humanity. Unfortunately, this “online” connection is not safe from the threats and dangers typically associated with physical operations. With the foundation of Cyber Command of DoD cyberspace, the United States Government is taking a prominent stance in cyberspace operations. Like the federal government, both industries and individuals are not immune and are oftentimes unknowingly at risk to cyberattack. This report hopes to bring awareness to common vulnerabilities in multi-user networks by describing a historical background on cyber security as well as outlining current methods of vulnerability …

Car Hacking: Accessing And Exploiting The Can Bus Protocol, Bryson R. Payne

Journal of Cybersecurity Education, Research and Practice

With the rapid adoption of internet-connected and driver-assist technologies, and the spread of semi-autonomous to self-driving cars on roads worldwide, cybersecurity for smart cars is a timely concern and one worth exploring both in the classroom and in the real world. Highly publicized hacks against production cars, and a relatively small number of crashes involving autonomous vehicles, have brought the issue of securing smart cars to the forefront as a matter of public and individual safety, and the cybersecurity of these “data centers on wheels” is of greater concern than ever.

However, up to this point there has been a …

Girl’S Cybersecurity Camp, Sarah Cunha, Dale Rowe

Journal of Undergraduate Research

In 2015, the BYU Cybersecurity Research Lab (CSRL) held its first annual summer camp for Girls aged 14-18. A total of 38 girls attended the week’s activities and workshops. While over 75% of girls indicated they had taken a computing-related class, only 40% reported any significant interest in cybersecurity prior to the summercamp with 10% believing they had some experience in the field. At the conclusion of the camp, 80% of attendees reported a significant interest in the field with 100% of attendees interested in attending a similar event again.