Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Institution
-
- Embry-Riddle Aeronautical University (70)
- Edith Cowan University (44)
- Singapore Management University (37)
- Selected Works (13)
- University of New Haven (8)
-
- Nova Southeastern University (7)
- SelectedWorks (7)
- The University of San Francisco (6)
- Florida International University (3)
- Maurer School of Law: Indiana University (3)
- San Jose State University (3)
- DePauw University (2)
- Franklin University (2)
- Rose-Hulman Institute of Technology (2)
- University of Dayton (2)
- University of Pittsburgh School of Law (2)
- Air Force Institute of Technology (1)
- Bard College (1)
- Boise State University (1)
- California Polytechnic State University, San Luis Obispo (1)
- East Tennessee State University (1)
- Eastern Michigan University (1)
- Governors State University (1)
- Kennesaw State University (1)
- Marquette University (1)
- Northern Michigan University (1)
- Parkland College (1)
- Portland State University (1)
- Sacred Heart University (1)
- St. Cloud State University (1)
- Keyword
-
- Security (19)
- Digital forensics (18)
- Privacy (10)
- Big data (8)
- Computer security (7)
-
- Approximate matching (6)
- Information security (6)
- Mrsh-v2 (6)
- Authentication (5)
- Cyber security (5)
- Digital evidence (5)
- Forensics (5)
- Work at Verisign Labs (5)
- [RSTDPub] (5)
- Android (4)
- Bloom filter (4)
- Cybersecurity (4)
- Data privacy (4)
- Encryption (4)
- Mobile device forensics (4)
- Network forensics (4)
- Sdhash (4)
- Smartphone (4)
- Social media (4)
- Analytics (3)
- Cloud forensics (3)
- Communications (3)
- Data protection (3)
- Discrete logarithm (3)
- Hashing (3)
- Publication
-
- Journal of Digital Forensics, Security and Law (50)
- Research Collection School Of Computing and Information Systems (36)
- Annual ADFSL Conference on Digital Forensics, Security and Law (17)
- Australian Information Security Management Conference (13)
- Australian Digital Forensics Conference (12)
-
- Australian eHealth Informatics and Security Conference (8)
- Electrical & Computer Engineering and Computer Science Faculty Publications (8)
- CCE Theses and Dissertations (7)
- Media Studies (6)
- Andrew G. West (5)
- Australian Information Warfare and Security Conference (4)
- Dr. David M Cook (4)
- Research outputs 2014 to 2021 (4)
- Saverio Perugini (4)
- Articles by Maurer Faculty (3)
- Australian Security and Intelligence Conference (3)
- David J Brooks Dr. (3)
- FIU Electronic Theses and Dissertations (3)
- Master's Projects (3)
- All Faculty and Staff Scholarship (2)
- Articles (2)
- Computer Science Faculty Publications (2)
- Publications (2)
- A with Honors Projects (1)
- All Capstone Projects (1)
- Annual Student Research Poster Session (1)
- Bookshelf (1)
- College of Arts and Sciences Presentations (1)
- Conference Papers in Published Proceedings (1)
- Department of Electrical Engineering and Computer Science - Daytona Beach (1)
Articles 1 - 30 of 231
Full-Text Articles in Physical Sciences and Mathematics
A Hash-Cash Based Music Streaming Payment System, Timothy Chen
A Hash-Cash Based Music Streaming Payment System, Timothy Chen
Master's Projects
This project develops a hash-cash based, streaming music payment system. In our system, musicians are paid based on how long their works are listened to. Artists can upload their works to our proof-of-concept service so that people can discover and listen to them. While their works are being listened to, a mining process is run in parallel. The mining process discovers a “listening coin” based on the hash-cash algorithm. Users of our service would pay a monthly fee to access the music library. The monthly fees are then distributed to all artists proportionate to the number of virtual coins they …
Masquerade Detection Using Singular Value Decomposition, Sweta Vikram Shah
Masquerade Detection Using Singular Value Decomposition, Sweta Vikram Shah
Master's Projects
Information systems and networks are highly susceptible to attacks in the form of intrusions. One such attack is by the masqueraders who impersonate legitimate users. Masqueraders can be detected in anomaly based intrusion detection by identifying the abnormalities in user behavior. This user behavior is logged in log files of different types. In our research we use the score based technique of Singular Value Decomposition to address the problem of masquerade detection on a unix based system. We have data collected in the form of sequential unix commands ran by 50 users. SVD is a linear algebraic technique, which has …
Spartan Web Application Firewall, Brian C. Lee
Spartan Web Application Firewall, Brian C. Lee
Master's Projects
Computer security is an ongoing issue and attacks are growing more sophisit- cated. One category of attack utilizes cross-site scripting (XSS) to extract confiden- tial data such as a user’s login credential’s without the knowledge of either the user nor the web server by utilizing vulnerabilities on web pages and internet browsers. Many people develop their own web applications without learning about or having good coding practices or security in mind. Web application firewalls are able to help but can be enhanced to be more effective than they currently are at detecting re- flected XSS attacks by analyzing the request …
Recommender Systems Research: A Connection-Centric Survey, Saverio Perugini, Marcos André Gonçalves, Edward A. Fox
Recommender Systems Research: A Connection-Centric Survey, Saverio Perugini, Marcos André Gonçalves, Edward A. Fox
Saverio Perugini
Recommender systems attempt to reduce information overload and retain customers by selecting a subset of items from a universal set based on user preferences. While research in recommender systems grew out of information retrieval and filtering, the topic has steadily advanced into a legitimate and challenging research area of its own. Recommender systems have traditionally been studied from a content-based filtering vs. collaborative design perspective. Recommendations, however, are not delivered within a vacuum, but rather cast within an informal community of users and social context. Therefore, ultimately all recommender systems make connections among people and thus should be surveyed from …
Information Assurance Through Binary Vulnerability Auditing, William B. Kimball, Saverio Perugini
Information Assurance Through Binary Vulnerability Auditing, William B. Kimball, Saverio Perugini
Saverio Perugini
The goal of this research is to develop improved methods of discovering vulnerabilities in software. A large volume of software, from the most frequently used programs on a desktop computer, such as web browsers, e-mail programs, and word processing applications, to mission-critical services for the space shuttle, is unintentionally vulnerable to attacks and thus insecure. By seeking to improve the identification of vulnerabilities in software, the security community can save the time and money necessary to restore compromised computer systems. In addition, this research is imperative to activities of national security such as counterterrorism. The current approach involves a systematic …
Personalization By Website Transformation: Theory And Practice, Saverio Perugini
Personalization By Website Transformation: Theory And Practice, Saverio Perugini
Saverio Perugini
We present an analysis of a progressive series of out-of-turn transformations on a hierarchical website to personalize a user’s interaction with the site. We formalize the transformation in graph-theoretic terms and describe a toolkit we built that enumerates all of the traversals enabled by every possible complete series of these transformations in any site and computes a variety of metrics while simulating each traversal therein to qualify the relationship between a site’s structure and the cumulative effect of support for the transformation in a site. We employed this toolkit in two websites. The results indicate that the transformation enables users …
Staging Transformations For Multimodal Web Interaction Management, Michael Narayan, Christopher Williams, Saverio Perugini, Naren Ramakrishnan
Staging Transformations For Multimodal Web Interaction Management, Michael Narayan, Christopher Williams, Saverio Perugini, Naren Ramakrishnan
Saverio Perugini
Multimodal interfaces are becoming increasingly ubiquitous with the advent of mobile devices, accessibility considerations, and novel software technologies that combine diverse interaction media. In addition to improving access and delivery capabilities, such interfaces enable flexible and personalized dialogs with websites, much like a conversation between humans. In this paper, we present a software framework for multimodal web interaction management that supports mixed-initiative dialogs between users and websites. A mixed-initiative dialog is one where the user and the website take turns changing the flow of interaction. The framework supports the functional specification and realization of such dialogs using staging transformations – …
The Potentials And Challenges Of Big Data In Public Health, Rena N. Vithiatharan
The Potentials And Challenges Of Big Data In Public Health, Rena N. Vithiatharan
Australian eHealth Informatics and Security Conference
The potential to use big data sources for public health increases with the broadening availability of data and improved methods of analysis. Whilst there are some well-known examples of the opportunistic use of big data, such as GoogleFlu, public health has not yet realised the full potential of such data sources. A literature review was undertaken to identify the potential of such data collections to impact public health, and to identify what challenges are currently limiting this potential. The potential include improved real-time analysis, research and development and genome studies. However, challenges listed are poor universal standardisation and classification, privacy …
Big Data In Healthcare: What Is It Used For?, Rebecca Hermon, Patricia A H Williams
Big Data In Healthcare: What Is It Used For?, Rebecca Hermon, Patricia A H Williams
Australian eHealth Informatics and Security Conference
Big data analytics is a growth area with the potential to provide useful insight in healthcare. Whilst many dimensions of big data still present issues in its use and adoption, such as managing the volume, variety, velocity, veracity, and value, the accuracy, integrity, and semantic interpretation are of greater concern in clinical application. However, such challenges have not deterred the use and exploration of big data as an evidence source in healthcare. This drives the need to investigate healthcare information to control and reduce the burgeoning cost of healthcare, as well as to seek evidence to improve patient outcomes. Whilst …
Byod In Ehealth: Herding Cats And Stable Doors, Or A Catastrophe Waiting To Happen?, Krishnun Sansurooh, Patricia A H Williams
Byod In Ehealth: Herding Cats And Stable Doors, Or A Catastrophe Waiting To Happen?, Krishnun Sansurooh, Patricia A H Williams
Australian eHealth Informatics and Security Conference
The use of personal devices in the work environment has crossed the boundaries of work and socially related tasks. With cyber criminals seriously targeting healthcare for medical identity theft, the lack of control of new technologies within healthcare networks becomes an increasing vulnerability. The prolific adoption of personal mobile devices in the healthcare environment requires a proactive approach to the management of Bring Your Own Device (BYOD). This paper analysed the current state of the problem and the challenges that this creates in an environment that has stringent privacy and security requirements. The discourse demonstrates that the issue is not …
3rd Australian Ehealth Informatics And Security Conference, 2014, Edith Cowan University: Conference Details, Security Research Institute, Edith Cowan University
3rd Australian Ehealth Informatics And Security Conference, 2014, Edith Cowan University: Conference Details, Security Research Institute, Edith Cowan University
Australian eHealth Informatics and Security Conference
No abstract provided.
Customising Doctor-Nurse Communications, Brian Cusack, Dave Parry
Customising Doctor-Nurse Communications, Brian Cusack, Dave Parry
Australian eHealth Informatics and Security Conference
Doctor-Nurse communications are critical for patient safety and workflow effectiveness. Our research question was: What further improvements can be made to current communication systems? A variety of mobile and land based communication systems have been used and experimented with. In the study, the pager was found to be most common and more recent attempts to provide broadband capability with systems such as the iBeep. We built an alternative information system using Android phones and a software application that was customised by feedback from the medical professionals. The trial in five wards with 22 doctors and 170 nurses over one month …
Managing Wireless Security Risks In Medical Services, Brian Cusack, Akar Kyaw
Managing Wireless Security Risks In Medical Services, Brian Cusack, Akar Kyaw
Australian eHealth Informatics and Security Conference
Medical systems are designed for a range of end users from different professional skill groups and people who carry the devices in and on their bodies. Open, accurate, and efficient communication is the priority for medical systems and consequently strong protection costs are traded against the utility benefits for open systems. In this paper we assess the vulnerabilities created by the professional and end user expectations, and theorise ways to mitigate wireless security vulnerabilities. The benefits of wireless medical services are great in terms of efficiencies, mobility, and information management. These benefits may be realised by treating the vulnerabilities and …
Security Of Electronic Health Records In A Resource Limited Setting: The Case Of Smart-Care Electronic Health Record In Zambia, Keith Mweebo
Security Of Electronic Health Records In A Resource Limited Setting: The Case Of Smart-Care Electronic Health Record In Zambia, Keith Mweebo
Australian eHealth Informatics and Security Conference
This paper presents a case study of security issues related to the operationalization of smart-care, an electronic medical record (EMR) used to manage Human Immunodeficiency Virus (HIV) health information in Zambia. The aim of the smart-care program is to link up services and improve access to health information, by providing a reliable way to collect, store, retrieve and analyse health data in a secure way. As health professionals gain improved access to patient health information electronically, there is need to ensure this information is secured, and that patient privacy and confidentiality is maintained. During the initial stages of the program …
Avoiding Epic Fails: Software And Standards Directions To Increase Clinical Safety, Patricia A H Williams, Vincent B. Mccauley
Avoiding Epic Fails: Software And Standards Directions To Increase Clinical Safety, Patricia A H Williams, Vincent B. Mccauley
Australian eHealth Informatics and Security Conference
No abstract provided.
Detecting Camouflaged Applications On Mobile Application Markets, Mon Kywe Su, Yingjiu Li, Huijie Robert Deng, Jason Hong
Detecting Camouflaged Applications On Mobile Application Markets, Mon Kywe Su, Yingjiu Li, Huijie Robert Deng, Jason Hong
Research Collection School Of Computing and Information Systems
Application plagiarism or application cloning is an emerging threat in mobile application markets. It reduces profits of original developers and sometimes even harms the security and privacy of users. In this paper, we introduce a new concept, called camouflaged applications, where external features of mobile applications, such as icons, screenshots, application names or descriptions, are copied. We then propose a scalable detection framework, which can find these suspiciously similar camouflaged applications. To accomplish this, we apply text-based retrieval methods and content-based image retrieval methods in our framework. Our framework is implemented and tested with 30,625 Android applications from the official …
Android Or Ios For Better Privacy Protection?, Jin Han, Qiang Yan, Debin Gao, Jianying Zhou, Huijie Robert Deng
Android Or Ios For Better Privacy Protection?, Jin Han, Qiang Yan, Debin Gao, Jianying Zhou, Huijie Robert Deng
Research Collection School Of Computing and Information Systems
With the rapid growth of the mobile market, security of mobile platforms is receiving increasing attention from both research community as well as the public. In this paper, we make the first attempt to establish a baseline for security comparison between the two most popular mobile platforms. We investigate applications that run on both Android and iOS and examine the difference in the usage of their security sensitive APIs (SS-APIs). Our analysis over 2,600 applications shows that iOS applications consistently access more SS-APIs than their counterparts on Android. The additional privileges gained on iOS are often associated with accessing private …
Factors Impacting Information Security Noncompliance When Completing Job Tasks, Martha Nanette Harrell
Factors Impacting Information Security Noncompliance When Completing Job Tasks, Martha Nanette Harrell
CCE Theses and Dissertations
Work systems are comprised of the technical and social systems that should harmoniously work together to ensure a successful attainment of organizational goals and objectives. Information security controls are often designed to protect the information system and seldom consider the work system design. Using a positivist case study, this research examines the user's perception of having to choose between completing job tasks or remaining compliant with information security controls. An understanding of this phenomenon can help mitigate the risk associated with an information system security user's choice. Most previous research fails to consider the work system perspective on this issue. …
Hacking Back: Not The Right Solution, Emilio Iasiello
Hacking Back: Not The Right Solution, Emilio Iasiello
Emilio Iasiello
In cyberspace attackers enjoy an advantage over defenders, which has popularized the concept of “active cyber defense”— offensive actions intended to punish or deter the adversary. This article argues active cyber defense is not a practical course of action to obtain tactical and strategic objectives. Instead, “aggressive cyber defense,” a proactive security solution, is a more appropriate option.
Information System Security Commitment: A Study Of External Influences On Senior Management, Kevin Andrew Barton
Information System Security Commitment: A Study Of External Influences On Senior Management, Kevin Andrew Barton
CCE Theses and Dissertations
This dissertation investigated how senior management is motivated to commit to information system security (ISS). Research shows senior management participation is critical to successful ISS, but has not explained how senior managers are motivated to participate in ISS. Information systems research shows pressures external to the organization have greater influence on senior managers than internal pressures. However, research has not fully examined how external pressures motivate senior management participation in ISS. This study addressed that gap by examining how external pressures motivate senior management participation in ISS through the lens of neo-institutional theory. The research design was survey research. Data …
Unsupervised Learning Trojan, Arturo Geigel
Unsupervised Learning Trojan, Arturo Geigel
CCE Theses and Dissertations
This work presents a proof of concept of an Unsupervised Learning Trojan. The Unsupervised Learning Trojan presents new challenges over previous work on the Neural network Trojan, since the attacker does not control most of the environment. The current work will presented an analysis of how the attack can be successful by proposing new assumptions under which the attack can become a viable one. A general analysis of how the compromise can be theoretically supported is presented, providing enough background for practical implementation development. The analysis was carried out using 3 selected algorithms that can cover a wide variety of …
Ironfox: Securing The Web, Stephen Mcmurtry, William Johnson, Khadija Stewart (Advisor)
Ironfox: Securing The Web, Stephen Mcmurtry, William Johnson, Khadija Stewart (Advisor)
Annual Student Research Poster Session
No abstract provided.
Measuring Privacy Disclosures In Url Query Strings, Andrew G. West, Adam J. Aviv
Measuring Privacy Disclosures In Url Query Strings, Andrew G. West, Adam J. Aviv
Andrew G. West
Publicly posted URLs may contain a wealth of information about the identities and activities of the users who share them. URLs often utilize query strings (i.e., key-value pairs appended to the URL path) as a means to pass session parameters and form data. While often benign and necessary to render the web page, query strings sometimes contain tracking mechanisms, user names, email addresses, and other information that users may not wish to publicly reveal. In isolation this is not particularly problematic, but the growth of Web 2.0 platforms such as social networks and micro-blogging means URLs (often copy-pasted from web …
Web Application Vulnerability Prediction Using Hybrid Program Analysis And Machine Learning, Lwin Khin Shar, Lionel Briand, Hee Beng Kuan Tan
Web Application Vulnerability Prediction Using Hybrid Program Analysis And Machine Learning, Lwin Khin Shar, Lionel Briand, Hee Beng Kuan Tan
Research Collection School Of Computing and Information Systems
Due to limited time and resources, web software engineers need support in identifying vulnerable code. A practical approach to predicting vulnerable code would enable them to prioritize security auditing efforts. In this paper, we propose using a set of hybrid (staticþdynamic) code attributes that characterize input validation and input sanitization code patterns and are expected to be significant indicators of web application vulnerabilities. Because static and dynamic program analyses complement each other, both techniques are used to extract the proposed attributes in an accurate and scalable way. Current vulnerability prediction techniques rely on the availability of data labeled with vulnerability …
Stopwatch: A Cloud Architecture For Timing Channel Mitigation, Peng Li, Debin Gao, Michael K Reiter
Stopwatch: A Cloud Architecture For Timing Channel Mitigation, Peng Li, Debin Gao, Michael K Reiter
Research Collection School Of Computing and Information Systems
This article presents StopWatch, a system that defends against timing-based side-channel attacks that arise from coresidency of victims and attackers in infrastructure-as-a-service clouds. StopWatch triplicates each cloud-resident guest virtual machine (VM) and places replicas so that the three replicas of a guest VM are coresident with nonoverlapping sets of (replicas of) other VMs. StopWatch uses the timing of I/O events at a VM’s replicas collectively to determine the timings observed by each one or by an external observer, so that observable timing behaviors are similarly likely in the absence of any other individual, coresident VMs. We detail the design and …
Semantics-Aware Android Malware Classification Using Weighted Contextual Api Dependency Graphs, Mu Zhang, Yue Duan, Heng Yin, Zhiruo Zhao
Semantics-Aware Android Malware Classification Using Weighted Contextual Api Dependency Graphs, Mu Zhang, Yue Duan, Heng Yin, Zhiruo Zhao
Research Collection School Of Computing and Information Systems
The drastic increase of Android malware has led to a strong interest in developing methods to automate the malware analysis process. Existing automated Android malware detection and classification methods fall into two general categories: 1) signature-based and 2) machine learning-based. Signature-based approaches can be easily evaded by bytecode-level transformation attacks. Prior learning-based works extract features from application syntax, rather than program semantics, and are also subject to evasion. In this paper, we propose a novel semantic-based approach that classifies Android malware via dependency graphs. To battle transformation attacks, we extract a weighted contextual API dependency graph as program semantics to …
Workplace Surveillance, Tamara Kneese
Workplace Surveillance, Tamara Kneese
Media Studies
Employers have long devised techniques and used new technologies to surveil employees in order to increase efficiency, decrease theft, and otherwise assert power and control over subordinates. New and cheaper networked technologies make surveillance easier to implement, but what are the ramifications of widespread workplace surveillance?