Physical Sciences and Mathematics Commons^™

Securing The Internet Of Things At Scale, Steven L. Willoughby

Student Research Symposium

The world of the connected “Internet of Things” (IoT), including the "Industrial Internet of Things" (IIoT) is expanding to include more devices which observe and influence our daily lives, routines, locations, and even our state of health. But have the underlying protocols by which they communicate this data kept pace with the need to protect our privacy and security?

My talk will introduce my research into an approach to better secure this information flow using appropriate access controls without sacrificing performance. I will assess the historical challenges and simple access controls applied to IoT networking protocols and how they can …

A Novel Caching Algorithm For Efficient Fine-Grained Access Control In Database Management Systems, Anadi Shakya

Student Research Symposium

Fine-grained access Control (FGAC) in DBMS is vital for restricting user access to authorized data and enhancing security. FGAC policies govern how users are granted access to specific resources based on detailed criteria, ensuring security and privacy measures. Traditional methods struggle with scaling policies to thousands, causing delays in query responses. This paper introduces a novel caching algorithm designed to address this challenge by accelerating query processing and ensuring compliance with FGAC policies. In our approach, we create a circular hashmap and employ different replacement techniques to efficiently manage the cache, prioritizing entries that are visited more frequently. To evaluate …

Improving Tattle-Tale K-Deniability, Nicholas G.E. Morales

Student Research Symposium

Ensuring privacy for databases is an ongoing struggle. While the majority of work has focused on using access control lists to protect sensitive data these methods are vulnerable to inference attacks. A set of algorithms, referred to as Tattle-Tale, was developed that could protect sensitive data from being inferred however its runtime performance wasn’t suitable for production code. This set of algorithms contained two main subsets, Full Deniability and K-Deniability. My research focused on improving the runtime or utility of the K-Deniability algorithms. I investigated the runtime of the K-Deniability algorithms to identify what was slowing the process down. Aside …

A Design Science Approach To Investigating Decentralized Identity Technology, Janelle Krupicka

Cybersecurity Undergraduate Research Showcase

The internet needs secure forms of identity authentication to function properly, but identity authentication is not a core part of the internet’s architecture. Instead, approaches to identity verification vary, often using centralized stores of identity information that are targets of cyber attacks. Decentralized identity is a secure way to manage identity online that puts users’ identities in their own hands and that has the potential to become a core part of cybersecurity. However, decentralized identity technology is new and continually evolving, which makes implementing this technology in an organizational setting challenging. This paper suggests that, in the future, decentralized identity …

Binder, Tyler A. Peaster, Lindsey M. Davenport, Madelyn Little, Alex Bales

ATU Research Symposium

Binder is a mobile application that aims to introduce readers to a book recommendation service that appeals to devoted and casual readers. The main goal of Binder is to enrich book selection and reading experience. This project was created in response to deficiencies in the mobile space for book suggestions, library management, and reading personalization. The tools we used to create the project include Visual Studio, .Net Maui Framework, C#, XAML, CSS, MongoDB, NoSQL, Git, GitHub, and Figma. The project’s selection of books were sourced from the Google Books repository. Binder aims to provide an intuitive interface that allows users …

Techniques To Detect Fake Profiles On Social Media Using The New Age Algorithms – A Survey, A K M Rubaiyat Reza Habib, Edidiong Elijah Akpan

ATU Research Symposium

This research explores the growing issue of fake accounts in Online Social Networks [OSNs]. While platforms like Twitter, Instagram, and Facebook foster connections, their lax authentication measures have attracted many scammers and cybercriminals. Fake profiles conduct malicious activities, such as phishing, spreading misinformation, and inciting social discord. The consequences range from cyberbullying to deceptive commercial practices. Detecting fake profiles manually is often challenging and causes considerable stress and trust issues for the users. Typically, a social media user scrutinizes various elements like the profile picture, bio, and shared posts to identify fake profiles. These evaluations sometimes lead users to conclude …

Data Profits Vs. Privacy Rights: Ethical Concerns In Data Commerce, Amiah Armstrong

Cybersecurity Undergraduate Research Showcase

In today’s digital age, the collection and sale of customer data for advertising is gaining a growing number of ethical concerns. The act of amassing extensive datasets encompassing customer preferences, behaviors, and personal information raises questions of its true purpose. It is widely acknowledged that companies track and store their customer’s digital activities under the pretext of benefiting the customer, but at what cost? Are users aware of how much of their data is being collected? Do they understand the trade-off between personalized services and the potential invasion of their privacy? This paper aims to show the advantages and disadvantages …

A Case Study Of The Crashoverride Malware, Its Effects And Possible Countermeasures, Samuel Rector

Cybersecurity Undergraduate Research Showcase

CRASHOVERRIDE is a modular malware tailor-made for electric grid Industrial Control System (ICS) equipment and was deployed by a group named ELECTRUM in a Ukrainian substation. The malware would launch a protocol exploit to flip breakers and would then wipe the system of ICS files. Finally, it would execute a Denial Of Service (DOS) attack on protective relays. In effect, months of damage and thousands out of power. However, due to oversights the malware only caused a brief power outage. Though the implications of the malware are cause for researching and implementing countermeasures against others to come. The CISA recommends …

Investigating Vulnerabilities In The Bluetooth Host Layer In Linux, Jack Dibari

Cybersecurity Undergraduate Research Showcase

This paper investigates vulnerabilities within the Bluetooth host layer in Linux systems. It examines the Bluetooth protocol's evolution, focusing on its implementation in Linux, particularly through the BlueZ host software. Various vulnerabilities, including BleedingTooth, BLESA, and SweynTooth, are analyzed.

What Students Have To Say On Data Privacy For Educational Technology, Stephanie Choi

Cybersecurity Undergraduate Research Showcase

The literature on data privacy in terms of educational technology is a growing area of study. The perspective of educators has been captured extensively. However, the literature on students’ perspectives is missing, which is what we explore in this paper. We use a pragmatic qualitative approach with an experiential lens to capture students’ attitudes towards data privacy in terms of educational technology. We identified preliminary, common themes that appeared in the survey responses. The paper concludes by calling for more research on how students perceive data privacy in terms of educational technology.

Improving Educational Delivery And Content In Juvenile Detention Centers, Yomna Elmousalami

Undergraduate Research Symposium

Students in juvenile detention centers have the greatest need to receive improvements in educational delivery and content; however, they are one of the “truly disadvantaged” populations in terms of receiving those improvements. This work presents a qualitative data analysis based on a focus group meeting with stakeholders at a local Juvenile Detention Center. The current educational system in juvenile detention centers is based on paper worksheets, single-room style teaching methods, outdated technology, and a shortage of textbooks and teachers. In addition, detained students typically have behavioral challenges that are deemed "undesired" in society. As a result, many students miss classes …

Crack-Ers (Crack Riddles Applying Cybersecurity Knowledge - Escape Room Scenario), Benjamin Acuff

Posters-at-the-Capitol

CRACK-ERS (Crack Riddles Applying Cybersecurity Knowledge - Escape Room Scenario) is a unique, beginner's level CTF game with riddle-based challenges on various cybersecurity topics. The game is driven by an adventure story-based escape room format. Existing literature indicates that traditional CTFs pose challenges for beginners with no cybersecurity background. The novelty of CRACK-ERS lies in its non-traditional design as an unplugged CTF with an adventure scenario-driven script, encouraging participants to solve cybersecurity-related riddles. CRACK-ERS targets beginner-level learners, fostering teamwork, explorative research, cybersecurity problem-solving, and riddle-cracking skills. Prior cybersecurity educational research notes limited instances of escape room-style CTF games and fewer …

Towards Assessing Cybersecurity Posture Of Manufacturing Companies: Review And Recommendations, John Del Vecchio, Yair Levy, Ling Wang, Ajoy Kumar

KSU Proceedings on Cybersecurity Education, Research and Practice

With the continued changes in the way businesses work, cyber-attack targets are in a constant state of flux between organizations, individuals, as well as various aspects of the supply chain of interconnected goods and services. As one of the 16 critical infrastructure sectors, the manufacturing sector is known for complex integrated Information Systems (ISs) that are incorporated heavily into production operations. Many of these ISs are procured and supported by third parties, also referred to as interconnected entities in the supply chain. Disruptions to manufacturing companies would not only have significant financial losses but would also have economic and safety …

Quantum Computing: Computing Of The Future Made Reality, Janelle Mathis

KSU Proceedings on Cybersecurity Education, Research and Practice

Abstract—Quantum computing is an emerging new area focused on technology consisting of quantum theory aspects such as electrons, sub-atomic particles, and other materials engineered using quantum mechanics. Through quantum mechanics, these computers can solve problems that classical computers deem too complex. Today the closest computing technology compared to quantum computers are supercomputers, but similarly to classical computers, supercomputers also have faults. With supercomputers, when a problem is deemed too complex, it is due to the classical machinery components within the computer, thus causing a halt in solving the task or problem. In contrast, these problems could be solved with a …

Rfid Key Fobs In Vehicles: Unmasking Vulnerabilities & Strengthening Security, Devon Magda, Bryson R. Payne

KSU Proceedings on Cybersecurity Education, Research and Practice

No abstract provided.

The Impact Of Individual Techno-Characteristics On Information Privacy Concerns In The Diffusion Of Mobile Contact Tracing, Jiesen Lin, Dapeng Liu, Lemuria Carter

KSU Proceedings on Cybersecurity Education, Research and Practice

In the wake of the global health crisis, mobile contact tracing applications have emerged as important tools in managing disease spread. However, their effectiveness heavily relies on mass adoption, significantly influenced by the public's information privacy concerns. To date, systematic examination of how these privacy concerns relate to the innovation adopter categories in mobile contact tracing remains sparse. Furthermore, the influence of individual techno-characteristics on these concerns is to be explored. This research seeks to fill these gaps. Drawing on the diffusion of innovation theory, we examine the impact of the key techno-characteristics—adopter category, propensity for identification misrepresentation, and exposure …

Exploring Information Privacy Concerns During The Covid-19 Pandemic: A Juxtaposition Of Three Models, Dapeng Liu, Lemuria Carter, Jiesen Lin

KSU Proceedings on Cybersecurity Education, Research and Practice

Government agencies across the globe utilize mobile applications to interact with constituents. In response to the global pandemic, several nations have employed contact tracing services to manage the spread of COVID-19. Extent literature includes various models that explore information privacy. Several researchers have highlighted the need to compare the effectiveness of diverse information privacy models. To fill this gap, we explore the impact of information privacy concerns on citizens’ willingness to download a federal contact tracing app. In particular, we compare three types of prevalent information privacy concerns: global information privacy concerns (GIPC), concern for information privacy (CFIP), and internet …

The Transformative Integration Of Artificial Intelligence With Cmmc And Nist 800-171 For Advanced Risk Management And Compliance, Mia Lunati

Cybersecurity Undergraduate Research Showcase

This paper explores the transformative potential of integrating Artificial Intelligence (AI) with established cybersecurity frameworks such as the Cybersecurity Maturity Model Certification (CMMC) and the National Institute of Standards and Technology (NIST) Special Publication 800-171. The thesis argues that the relationship between AI and these frameworks has the capacity to transform risk management in cybersecurity, where it could serve as a critical element in threat mitigation. In addition to addressing AI’s capabilities, this paper acknowledges the risks and limitations of these systems, highlighting the need for extensive research and monitoring when relying on AI. One must understand boundaries when integrating …

The Vulnerabilities To The Rsa Algorithm And Future Alternative Algorithms To Improve Security, James Johnson

Cybersecurity Undergraduate Research Showcase

The RSA encryption algorithm has secured many large systems, including bank systems, data encryption in emails, several online transactions, etc. Benefiting from the use of asymmetric cryptography and properties of number theory, RSA was widely regarded as one of most difficult algorithms to decrypt without a key, especially since by brute force, breaking the algorithm would take thousands of years. However, in recent times, research has shown that RSA is getting closer to being efficiently decrypted classically, using algebraic methods, (fully cracked through limited bits) in which elliptic-curve cryptography has been thought of as the alternative that is stronger than …

The Underrepresentation Of Black Females In Cybersecurity, Makendra Latrice Crosby

Cybersecurity Undergraduate Research Showcase

The significance of cybersecurity methods, strategies, and programs in protecting computers and electronic devices is crucial throughout the technological infrastructure. Despite the considerable growth in the cybersecurity field and its expansive workforce, there exists a notable underrepresentation, specifically among Black/African American females. This study examines the barriers hindering the inclusion of Black women in the cybersecurity workforce such as socioeconomic factors, limited educational access, biases, and workplace culture. The urgency of addressing these challenges calls for solutions such as education programs, mentorship initiatives, creating inclusive workplace environments, and promoting advocacy and increased awareness within the cybersecurity field. Additionally, this paper …

Potential Security Vulnerabilities In Raspberry Pi Devices With Mitigation Strategies, Briana Tolleson

Cybersecurity Undergraduate Research Showcase

For this research project I used a Raspberry Pi device and conducted online research to investigate potential security vulnerabilities along with mitigation strategies. I configured the Raspberry Pi by using the proper peripherals such as an HDMI cord, a microUSB adapter that provided 5V and at least 700mA of current, a TV monitor, PiSwitch, SD Card, keyboard, and mouse. I installed the Rasbian operating system (OS). The process to install the Rasbian took about 10 minutes to boot starting at 21:08 on 10/27/2023 and ending at 21:18. 1,513 megabytes (MB) was written to the SD card running at (2.5 MB/sec). …

Rising Threat - Deepfakes And National Security In The Age Of Digital Deception, Dougo Kone-Sow

Cybersecurity Undergraduate Research Showcase

This paper delves into the intricate landscape of deepfakes, exploring their genesis, capabilities, and far-reaching implications. The rise of deepfake technology presents an unprecedented threat to American national security, propagating disinformation and manipulation across various media formats. Notably, deepfakes have evolved from a historical backdrop of disinformation campaigns, merging with the advancements of artificial intelligence (AI) and machine learning to craft convincing but false multimedia content.

Examining the capabilities of deepfakes reveals their potential for misuse, evidenced by instances targeting individuals, companies, and even influencing political events like the 2020 U.S. elections. The paper highlights the direct threats posed by …

New Paths Of Attacks: Revealing The Adaptive Integration Of Artificial Intelligence In Evolving Cyber Threats Targeting Social Media Users And Their Data, Larry Teasley

Cybersecurity Undergraduate Research Showcase

The intersection between artificial intelligence tools and social media has opened doors to numerous opportunities and risks. This research delves into the escalating threat landscape in a society heavily dependent on social media. Despite the efforts by social media companies and cybersecurity professionals to mitigate cyber-attacks, the constant advancements of new technologies render social media platforms increasingly vulnerable. Malicious actors exploit generative AI to collect user data, enhancing cyber threats on social media. Notably, generative AI amplifies phishing attacks, disseminates false information, and propagates propaganda, posing substantial challenges to platform security. Ease access to large language models (LLMs) further complicates …

A Review Of Threat Vectors To Dna Sequencing Pipelines, Tyler Rector

Cybersecurity Undergraduate Research Showcase

Bioinformatics is a steadily growing field that focuses on the intersection of biology with computer science. Tools and techniques developed within this field are quickly becoming fixtures in genomics, forensics, epidemiology, and bioengineering. The development and analysis of DNA sequencing and synthesis have enabled this significant rise in demand for bioinformatic tools. Notwithstanding, these bioinformatic tools have developed in a research context free of significant cybersecurity threats. With the significant growth of the field and the commercialization of genetic information, this is no longer the case. This paper examines the bioinformatic landscape through reviewing the biological and cybersecurity threats within …

Privacy Concerns And Proposed Solutions With Iot In Wearable Technology, Hyacinth Abad

Cybersecurity Undergraduate Research Showcase

This paper examines the dynamic relationship between IoT cybersecurity and privacy concerns associated with wearable devices. IoT, with its exponential growth, presents both opportunities and challenges in terms of accessibility, integrity, availability, scalability, confidentiality, and interoperability. Cybersecurity concerns arise as diverse attack surfaces exploit vulnerabilities in IoT systems, necessitating robust defenses. In the field of wearable technology, these devices offer benefits like health data tracking and real-time communication. However, the adoption of these devices raises privacy concerns. The paper explores proposed solutions, including mechanisms for user-controlled data collection, the implementation of Virtual Trip Line (VTL) and virtual wall approaches, and …

How Chatgpt Can Be Used As A Defense Mechanism For Cyber Attacks, Michelle Ayaim

Cybersecurity Undergraduate Research Showcase

The powers of OpenAI's groundbreaking AI language model, ChatGPT, startled millions of users when it was released in November. But for many, the tool's ability to further accomplish the goals of evil actors swiftly replaced their initial excitement with significant concerns. ChatGPT gives malicious actors additional ways to possibly compromise sophisticated cybersecurity software. Leaders in a sector that is currently suffering from a 38% global spike in data breaches in 2022 must acknowledge the rising influence of AI and take appropriate action. Cybercriminals are writing more complex and focused business email compromise (BEC) and other phishing emails with the assistance …

The Propagation And Execution Of Malware In Images, Piper Hall

Cybersecurity Undergraduate Research Showcase

Malware has become increasingly prolific and severe in its consequences as information systems mature and users become more reliant on computing in their daily lives. As cybercrime becomes more complex in its strategies, an often-overlooked manner of propagation is through images. In recent years, several high-profile vulnerabilities in image libraries have opened the door for threat actors to steal money and information from unsuspecting users. This paper will explore the mechanisms by which these exploits function and how they can be avoided.

Understanding The Non-Traditional Security Dimensions: Cyber Threat Landscape In Pakistan, Minhas Majeed Khan

CBER Conference

The research analyzes the vulnerabilities and consequences of cyber-attacks on essential infrastructure sectors such as energy, telecommunications, and finance, which are vital for the country’s stability and development. It also evaluates the economic, political, and social effects of cyber incidents on the country’s governance and society. Moreover, the research assesses the current cyber security measures and frameworks in Pakistan and identifies the gaps and opportunities for improvement.

Factors Influencing User Adherence Towards Privacy Standards Of Internet Of Things Devices, Philip Bazanye, Walter Uys, Wallace Chigona

African Conference on Information Systems and Technology

The upsurge in the use of Internet of things (IoT) devices increases the likelihood of cyber-attacks on end users. The objective of the study reported here was to investigate the factors that influence IoT device users’ adherence to privacy standards. This interpretivist exploratory research was guided by a three-phased approach using activity theory. The interview questions were derived from the conceptual model and themes analysed using deductive thematic analysis. The findings indicate that a lack of adherence is driven by a lack of trust in IoT devices and service providers, as well as convenience and health factors. In addition, users’ …

Social Media & Privacy: Understanding Privacy In The Age Of Content Creator Culture, Robert Tagoe, Raphael Amponsah, Emmanuel Awuni Kolog, Eric Afful-Dadzie

African Conference on Information Systems and Technology

In today's digital age, content creators are gaining public attention and becoming highly influential. With that increased influence, it is important to acknowledge the privacy concerns within this culture. This interpretive research study seeks to identify and understand the dynamics of privacy within the content creator culture. This research will leverage information from interviews with content creators from various social media platforms such as YouTube, Instagram, Facebook, and TikTok. Using theories to understand the phenomena, theories of privacy calculus, privacy paradox and self-disclosure, will be used to view how content creators define and navigate privacy, strategies employed to control personal …