Physical Sciences and Mathematics Commons^™

Hacker, Influencer, Counter-Culture Spy: Cyberspace Actors’ Models Of Misinformation And Counter-Operations, Benjamin Kessell

College of Computing and Digital Media Dissertations

As misinformation continues to spread on social media, its residents have begun to fight back, independent of any platform. This organic resistance to the diffusion of misinformation is a clearly observable phenomenon with roots in Anonymous’ distributed campaigns from the 2010s outwards. Hacker and information security communities are acting in defense of some of their favorite spaces, most notably, Twitter. Security researchers of all stripes use it for sharing indicators of compromise but, as the diffusion of misinformation becomes more problematic it becomes more difficult to find signals in the noise.

These actors’ response to the issues at hand is …

Going Dark And Encryption, Brendan Funk

Mathematics and Computer Science Capstones

Law officers across the country and around the world are being left in the technological dust by their criminal counterparts. They have no problem obtaining evidence, however they run into issues accessing this information due to various encryption techniques being used. This phenomenon has been dubbed the “Going Dark” problem. James Comey describes the Going Dark problem as, “We have the legal authority to intercept and access communications and information pursuant to court order, but we often lack the technical ability to do so” (Comey, 2014).

The Going Dark problem is a relatively new problem facing law enforcement officers (LEOs) …

The 2020 Twitter Hack – So Many Lessons To Be Learned, Paul D. Witman, Scott Mackelprang

Journal of Cybersecurity Education, Research and Practice

In mid-July 2020, the social media site Twitter had over 100 of its most prominent user accounts start to tweet requests to send Bitcoin to specified Bitcoin wallets. The requests promised that the Bitcoin senders would receive their money back doubled, as a gesture of charity amidst the COVID-19 pandemic. The attack appears to have been carried out by a small group of hackers, leveraging social engineering to get access to internal Twitter support tools. These tools allowed the hackers to gain full control of the high-profile user accounts and post messages on their behalf. The attack provides many paths …

Examining The Crime Prevention Claims Of Crime Prevention Through Environmental Design On System-Trespassing Behaviors: A Randomized Experiment, Daren Fisher, David Maimon, Tamar Berenblum

EBCS Articles

Crime prevention through environmental design (CPTED) is a non-punitive method for reducing crime through the design of the built environment. The relevance of CPTED strategies however is less clear in the context of computing environments. Building upon prior research indicating that computing environments may change computer users’ behaviors, this study tests the effectiveness of CPTED based approaches in mitigating system trespassing events. Findings from this randomized controlled field trial demonstrate that specific CPTED strategies can mitigate hacking events by: reducing the number of concurrent activities on the target computer, attenuating the number of commands typed in the attacked computer, and …

Email Data Breach Analysis And Prevention Using Hook And Eye System, Shubhankar Jayant Jathar

Electronic Theses, Projects, and Dissertations

Due to the recent COVID-19 outbreak, there were a lot of data leaks from the health sector. This project is about the increase in data breach incidents that are taking place. In this project, There is an analysis of different types of breaches that are found online and are practiced to steal valuable information. Talking about different aspects that lead to data breaches and which are the main sector or main epicenter for data leaks. The analysis tells that most of the data breaches are done using emails and to overcome this limitation a system has been designed that will …

Hacking For Intelligence Collection In The Fight Against Terrorism: Israeli, Comparative, And International Perspectives, Asaf Lubin

Articles by Maurer Faculty

תקציר בעברית: הניסיון של המחוקק הישראלי להביא להסדרה מפורשת של סמכויות השב״כ במרחב הקיברנטי משקף מגמה רחבה יותר הניכרת בעולם לעיגון בחקיקה ראשית של הוראות בדבר פעולות פצחנות מצד גופי ביון ומודיעין ורשויות אכיפת חוק למטרות איסוף מודיעין לשם סיכול עבירות חמורות, ובייחוד עבירות טרור אם בעבר היו פעולות מסוג אלה כפופות לנהלים פנימיים ומסווגים, הרי שהדרישה לשקיפות בעידן שלאחר גילויי אדוארד סנודן מחד והשימוש הנרחב בתקיפות מחשב לביצוע פעולות חיפוש וחקירה לסיכול טרור מאידך, מציפים כעת את הדרישה להסמכה מפורשת. במאמר זה אבקש למפות הן את השדה הטכנולוגי והן את השדה המשפטי בכל האמור בתקיפות מחשבים למטרות ריגול ומעקב. …

Social Engineering In Non-Linear Warfare, Bill Gardner

Journal of Applied Digital Evidence

This paper explores the use of hacking, leaking, and trolling by Russia to influence the 2016 United States Presidential Elections. These tactics have been called “the weapons of the geek” by some researchers. By using proxy hackers and Russian malware to break into the email of the Democratic National Committee and then giving that email to Wikileaks to publish on the Internet, the Russian government attempted to swing the election in the favor of their preferred candidate.

The source of the malware used in the DNC hack was determined to be of Russian in nature and has been used on …

Malware For Macintosh, Nathan C. Shinabarger, Josiah E. Bills, Richard W. Lively, Noah S. Shinabarger

The Research and Scholarship Symposium (2013-2019)

Technology is a cornerstone of modern society. Unfortunately, it seems that every new piece of technology is accompanied by five computer-security breaches elsewhere. Most people associate hacks with Windows computers. This is a problem because Apple computers, and other non-Windows systems, are also extremely vulnerable to attacks and risk being compromised. Dolos is a piece of malware we developed intended to exploit the macOS Sierra operating system. It provides a framework for running exploits and comes built in with certain control and data exfiltration capabilities. Dolos also helps destroy the misconception of "the impenetrable Macintosh computer" by showing that Apple …

Ethical Hacking: Network Security And Penetration Testing, Lei Li, Zhigang Li, Hossain Shahriar, Rebecca Rutherfoord, Svetana Peltsverger, Dawn Tatum

Computer Science and Information Technology Grants Collections

This Grants Collection for Ethical Hacking: Network Security and Penetration Testing was created under a Round Eight ALG Textbook Transformation Grant.

Affordable Learning Georgia Grants Collections are intended to provide faculty with the frameworks to quickly implement or revise the same materials as a Textbook Transformation Grants team, along with the aims and lessons learned from project teams during the implementation process.

Documents are in .pdf format, with a separate .docx (Word) version available for download. Each collection contains the following materials:

• Linked Syllabus
• Initial Proposal
• Final Report

Ethical Hacking For Effective Defense, Lei Li, Zhigang Li, Hossain Shahriar, Rebecca H. Rutherfoord, Svetana Peltsverger, Dawn Tatum

Computer Science and Information Technology Grants Collections

This Grants Collection for Ethical Hacking for Effective Defense was created under a Round Eight ALG Textbook Transformation Grant.

Affordable Learning Georgia Grants Collections are intended to provide faculty with the frameworks to quickly implement or revise the same materials as a Textbook Transformation Grants team, along with the aims and lessons learned from project teams during the implementation process.

Documents are in .pdf format, with a separate .docx (Word) version available for download. Each collection contains the following materials:

• Linked Syllabus
• Initial Proposal
• Final Report

Practical Attacks On Cryptographically End-To-End Verifiable Internet Voting Systems, Nicholas Chang-Fong

Electronic Thesis and Dissertation Repository

Cryptographic end-to-end verifiable voting technologies concern themselves with the provision of a more trustworthy, transparent, and robust elections. To provide voting systems with more transparency and accountability throughout the process while preserving privacy which allows voters to express their true intent.

Helios Voting is one of these systems---an online platform where anyone can easily host their own cryptographically end-to-end verifiable election, aiming to bring verifiable voting to the masses. Helios does this by providing explicit cryptographic checks that an election was counted correctly, checks that any member of the public can independently verify. All of this while still protecting one …

A Sri Lankan Hacking Case Study, Ishan Senarathna, Matthew Warren

Australian Information Security Management Conference

The aim of the paper is to consider how hacking could impact a country that had historically experienced major cyber-attacks. The aim of the paper is to explore a cyber incident that occurred against the Sri Lankan president and how Sri Lankan authorities reacted to the incident. The paper will focus upon the motivations of the attack, the impact of the attack and how Sri Lankan authorities reacted to the situation.

Evaluating Ip Surveillance Camera Vulnerabilities, Brian Cusack, Zhuang Tian

Australian Information Security Management Conference

Hacking of IP surveillance camera systems came to public attention in 2016 when the high bandwidth and resources were exploited for a massive DDoS attack that affected one third of all US Internet services. A review of previous studies show that a vast number of IP cameras have been hacked because the default usernames and passwords have not been changed from the factory defaults. In this research we asked, What are the vulnerabilities of an IP surveillance camera? The purpose of the study was to provide identification of vulnerabilities and guidance for the protection of surveillance camera systems. The research …

Assessment Of Security Vulnerabilities In Wearable Devices, Brian Cusack, Bryce Antony, Gerard Ward, Shaunak Mody

Australian Information Security Management Conference

Wearable devices have proliferated in usage and human experience, and they provide convenience for personal information requirements. These devices are both sensory and immersive for the diverse global network that is generally termed the Internet of things (IoT). The immediacy of the two-way communication created in the IoT has made vulnerable human behaviour and raised debate around information ownership and privacy expectations. The legitimacy of ownership of information and its reuse are prevalent problems. In this research, we tested four wearable devices that share 44% of the current market, for security vulnerabilities. We found serious weaknesses that could result in …

Ramping Down Chinese Commercial Cyber Espionage, Emilio Iasiello

Emilio Iasiello

While detractors believe that commercial cyber espionage hasn’t really stopped, recent Chinese efforts show a government trying to get a handle on its large spying apparatus that could include hired and independent contractors acting autonomously in addition to its other resources. While complete cessation may never occur, significant timely reduction demonstrates Beijing’s willingness to work with the United States as a partner and not a pariah, and provides a foundation from which the two governments can move forward on other cyber security areas where incongruity persists.

Handling Human Hacking: Creating A Comprehensive Defensive Strategy Against Modern Social Engineering, Charles Snyder

Senior Honors Theses

Social engineering is one of the most devastating threats to any company or business. Rather than relying upon technical flaws in order to break into computer networks, social engineers utilize a suave personality in order to deceive individuals through clever conversation. These devious conversations frequently provide the attacker with sufficient information to compromise the company’s computer network. Unlike common technical attacks, social engineering attacks cannot be prevented by security tools and software. Instead of attacking a network directly, a social engineer exploits human psychology in order to coerce the victim to inadvertently divulge sensitive information. Further complicating the issue, the …

Analysis Of Password Cracking Methods & Applications, John A. Chester

Williams Honors College, Honors Research Projects

This project examines the nature of password cracking and modern applications. Several applications for different platforms are studied. Different methods of cracking are explained, including dictionary attack, brute force, and rainbow tables. Password cracking across different mediums is examined. Hashing and how it affects password cracking is discussed. An implementation of two hash-based password cracking algorithms is developed, along with experimental results of their efficiency.

Hacking Back: Not The Right Solution, Emilio Iasiello

Emilio Iasiello

In cyberspace attackers enjoy an advantage over defenders, which has popularized the concept of “active cyber defense”— offensive actions intended to punish or deter the adversary. This article argues active cyber defense is not a practical course of action to obtain tactical and strategic objectives. Instead, “aggressive cyber defense,” a proactive security solution, is a more appropriate option.

Is Your Online Data Really Private?, Nathan Pitchaikani

A with Honors Projects

In the present age everyone depends on technology. At least once per day someone uses a machine to help them accomplish their tasks. For example, imagine not using a cell phone for a whole day. These days, machines contain personal information or data about their owner. In most cases this isn’t an issue. However, with technology becoming more advanced day by day, there has become a reason to worry. People are able to illegally enter other people’s computers and steal information. Leading to the point that being able to protect one’s personal data is crucial. Learning how to safeguard one’s …

Decrypting The Code Of Ethics: The Relationship Between An Attorney's Ethical Duties And Network Security, Ash Mayfield

Oklahoma Law Review

No abstract provided.

Alphaco: A Teaching Case On Information Technology Audit And Security, Hüseyin Tanriverdi, Joshua Bertsch, Jonathan Harrison, Po-Ling Hsiao, Ketan S. Mesuria, David Hendrawirawan

Journal of Digital Forensics, Security and Law

Recent regulations in the United States (U.S.) such as the Sarbanes-Oxley Act of 2002 require top management of a public firm to provide reasonable assurance that they institute internal controls that minimize risks over the firm’s operations and financial reporting. External auditors are required to attest to the management’s assertions over the effectiveness of those internal controls. As firms rely more on information technology (IT) in conducting business, they also become more vulnerable to IT related risks. IT is critical for initiating, recording, processing, summarizing and reporting accurate financial and non-financial data. Thus, understanding IT related risks and instituting internal …