Engineering Commons^™

Detection, Diagnosis And Mitigation Of Malicious Javascript With Enriched Javascript Executions, Xunchao Hu

Dissertations - ALL

Malicious JavaScript has become an important attack vector for software exploitation attacks and imposes a severe threat to computer security. In particular, three major class of problems, malware detection, exploit diagnosis, and exploits mitigation, bring considerable challenges to security researchers. Although a lot of research efforts have been made to address these threats, they have fundamental limitations and thus cannot solve the problems.

Existing analysis techniques fall into two general categories: static analysis and dynamic analysis. Static analysis tends to produce inaccurate results (both false positive and false negative) and is vulnerable to a wide series of obfuscation techniques. Thus, …

The Future Of Nuclear Security: A Medical Physicist’S Perspective, Katharine E. Thomson

International Journal of Nuclear Security

Planning for the future of nuclear security is a vital and complex task, requiring cooperation and contribution from many disciplines and industries. This diversity of expertise should include the medical sector, which faces many of the same challenges as the nuclear industry: controlling access to dangerous material, creating a strong security culture, cooperating with the wider world and engaging the public.

Medical physicists, of which the author is one, oversee all aspects of small-scale radiation use. This paper discusses three key areas increasingly important to both medical and nuclear uses of radioactive materials: public engagement, prevention of nuclear and radiological …

Breadcrumbs: Privacy As A Privilege, Prachi Bhardwaj

Capstones

Breadcrumbs: Privacy as a Privilege Abstract

By: Prachi Bhardwaj

In 2017, the world saw more data breaches than in any year prior. The count was more than the all-time high record in 2016, which was 40 percent more than the year before that.

That’s because consumer data is incredibly valuable today. In the last three decades, data storage has gone from being stored physically to being stored almost entirely digitally, which means consumer data is more accessible and applicable to business strategies. As a result, companies are gathering data in ways previously unknown to the average consumer, and hackers are …

Teaching Security Defense Through Web-Based Hacking At The Undergraduate Level, Brent Wilson

Faculty Publications - Department of Electrical Engineering and Computer Science

The attack surface for hackers and attackers is growing every day. Future cybersecurity professionals must have the knowledge and the skills to defend against these cyber attacks. Learning defensive techniques and tools can help defend against today’s attacks but what about tomorrow's? As the types of attacks change so must the cybersecurity professional. The only way for the cybersecurity professional to achieve this nimbleness is to understand the structural anatomy of the various attack types. Understanding the threat environment is the key to future success. Security defense through offensive techniques should and can be taught at the undergraduate level. Using …

Cybersecurity Curriculum Development Initiatives, Seth Hamman, Kenneth M. Hopkinson

Engineering and Computer Science Faculty Presentations

No abstract provided.

Cybercrime: An Investigation Of The Attitudes And Environmental Factors That Make People More Willing To Participate In Online Crime, Dearbhail Kirwan

Dissertations

Cybercrime incidence rates are increasing. In order to identify solutions to this problem, the sources of cybercrime need to be identified. This research attempted to identify a potential set of circumstances that create an environment in which people are more likely to engage in cybercrime. There are three aspects to this; (1) Behaviour on the internet – Are people more likely to engage in illicit activities online than in the physical world? (2) Crime Perceptions – Do people perceive cybercrime as being less serious than non-cybercrime? (3) Resources on the Internet – Are people aware of the types of free …

Dynamic Adversarial Mining - Effectively Applying Machine Learning In Adversarial Non-Stationary Environments., Tegjyot Singh Sethi

Electronic Theses and Dissertations

While understanding of machine learning and data mining is still in its budding stages, the engineering applications of the same has found immense acceptance and success. Cybersecurity applications such as intrusion detection systems, spam filtering, and CAPTCHA authentication, have all begun adopting machine learning as a viable technique to deal with large scale adversarial activity. However, the naive usage of machine learning in an adversarial setting is prone to reverse engineering and evasion attacks, as most of these techniques were designed primarily for a static setting. The security domain is a dynamic landscape, with an ongoing never ending arms race …

Cyberpdx: A Camp For Broadening Participation In Cybersecurity, Wu-Chang Feng, Robert Liebman, Lois Delcambre, Michael Mooradian Lupro, Tim Sheard, Scott Britell, Gerald W. Recktenwald

University Studies Faculty Publications and Presentations

With society’s increasing dependence on technology infrastructure, the importance of securing the computers, networks, data, and algorithms that run our digital and physical lives is becoming critical. To equip the next generation of citizens for the challenges ahead, an effort is underway to introduce security content early in a student’s academic career. It is important that these efforts broaden participation and increase diversity in the field. While many camps and curricula focus on introducing technical content and skills related to cybersecurity, such approaches can prematurely limit how students view career opportunities in the field, potentially limiting those who ultimately pursue …

Teaching Hands-On Cyber Defense Labs To Middle School And High School Students: Our Experience From Gencyber Camps, Peng Jiang, Xin Tian, Chunsheng Xin, Wu He

Electrical & Computer Engineering Faculty Publications

With the high demand of the nation for next generation cybersecurity experts, it is important to design and provide hands-on labs for students at the K-12 level in order to increase their interest in cybersecurity and enhance their confidence in learning cybersecurity skills at the young age. This poster reports some preliminary analysis results from the 2016 GenCyber summer camp held at Old Dominion University (ODU), which is part of a nationwide grant program funded by the National Security Agency (NSA) and the National Science Foundation (NSF). This poster also demonstrates the design of three hands-on labs which have been …