Physical Sciences and Mathematics Commons^™

An Analysis Of Significant Cyber Incidents And The Impact On The Past, Present, And Future, Seth E. Smith

Cybersecurity Undergraduate Research Showcase

This report discusses data collected on significant cybersecurity incidents from the early 2000s to present. The first part of the report addresses previously discussed information, data, and literature (e.g. case studies), pertinent to cybersecurity incidents. The findings from this study are framed by scholarly sources and information from the Federal Bureau of Investigation, a number of notable universities, and literature online, of which all support information discussed within this report. The second part of the report discusses data compiled upon analyzing significant cyber incidents and events from the Center for Strategic and International Affairs (CSIS). Finally, the last portion of …

Analytical Approach To Biometric Security And How It Affects Privacy, Torré A. Williams

Cybersecurity Undergraduate Research Showcase

In this time where the world is using technology every day, there is going to be a need for some type of security to take place to protect its citizens from unwanted harm or danger. The use of any authentication methods is becoming very essential for a lot of companies and even for your own personal belongings. The use of biometric technology has offered companies the chance to upgrade their security system. This has also provided easier ways that people authenticate themselves as who they say they are. Due to their growth of usage, there is a privacy and security …

Developing An International Framework For Addressing Non-State Actors In Cyberspace, Joanna C. Di Scipio

Cybersecurity Undergraduate Research Showcase

On May 7, 2021, Colonial Pipeline shut down its operations following a ransomware attack by the criminal group DarkSide (Bordoff, 2021). It took five days to resume normal operations, but this short period led to panic buying, rising prices, and significant gas shortages. The attack underscores an emerging threat in the landscape of cybersecurity: critical infrastructure attacks carried out by non-state actors.

Internet Of Things: Cybersecurity In Small Businesses, Zobair Wali

Cybersecurity Undergraduate Research Showcase

Small businesses are the most vital part of a nation’s economy. In today’s world, as we are moving towards digitizing almost everything around us, cybersecurity is essential and vital for our digitalized world to function. Small businesses are no exception. All businesses collect, use, and store information. They store employees’ information, tax information, customers’ information, business transaction information, and all other operational information that is needed for a business to function. Without an appropriate cybersecurity program, these businesses are vulnerable and can be easily impacted by cyber incidents and malicious attacks. Businesses are putting resources to protect their systems against …

Gdpr, Pipl & Lgpd: Privacy Regulations & Policies Across The Globe, Raymond H. Geistel

Cybersecurity Undergraduate Research Showcase

Several privacy laws around the world are adopting similar regulations to the GPDR; this has effects on privacy policies of companies providing services in across multiple countries & continents. While these regulations share many attributes, their differing requirements can make things difficult for companies regarding said policies. Automation could be a potential solution to both analyze and compare regulations from different nations & international organizations, analyze and monitor privacy policy adherence to said regulations.

How Secure Are Android And Apple’S Operating Systems And Based Applications Against Cyber Attacks And Cyber Crime, Marlowe Cosby Jr.

Cybersecurity Undergraduate Research Showcase

Smartphone has become an important part of our everyday life. Android and apple are the two most used operating system (OS) for smart phones. We usually store important information in our smart phone, e.g.: credit card, bank account, driving ID, SSN. As a result, Android and Apple operating systems and applications have both been subject to a wide number of vulnerabilities and attacks. This directly effects many people being that they are the global leaders of users within their platforms reaching billions of people daily. It is important that smartphones receive better defense and security. In this paper, we aim …

Self-Supervised Perceptual Ad-Blocker, Killian Robinson

Cybersecurity Undergraduate Research Showcase

This project proposes a new self-supervised ad-blocker to minimize the amount of human effort required to effectively combat pushed advertisements. Current ad-blocker models are expensive to develop and not always effective in identifying advertisements. We investigated the possibility of solving these problems with the introduction of a deep learning, self-supervised ad-blocker model. More specifically, the proposed ad-blocker will be trained in a self-supervised fashion to tackle the issue of lacking labelled training data. The proposed solution was prototyped using Pytorch and achieved a detection accuracy of 81% on a diverse selection of popular websites.

Protection Of Patient Privacy On Mobile Device Machine Learning, Matthew Nguyen

Cybersecurity Undergraduate Research Showcase

An existing StudentLife Study mobile dataset was evaluated and organized to be applied to different machine learning methods. Different variables like user activity, exercise, sleep, study space, social, and stress levels are optimized to train a model that could predict user stress level. The different machine learning methods would test if both patient data privacy and training efficiency can be ensured.

Cybersecurity Maturity Model Certification (Cmmc) Compliance For Dod Contractors, Sierra Burnett

Cybersecurity Undergraduate Research Showcase

The DoD is currently taking a supply-chain risk management strategy to foster cybersecurity. This unique strategy is often referred to as CMMC which stands for “Cybersecurity Maturity Model Certification”. The approach requires that all the 300,000 DoD contractors acquire third-party authentication that may attain the requirements for the CMMC maturity level suitable to the work they desire to do for the DoD. CMMC typically examines the organization's capability to safeguard Federal Contract Information as well as CUI. It integrates various cybersecurity standards already in place and plots the best practices alongside processes to five maturity levels that range from the …

Effects Of Cloud Computing In The Workforce, Kevin Rossi Acosta

Cybersecurity Undergraduate Research Showcase

In recent years, the incorporation of cloud computing and cloud services has increased in many different types of organizations and companies. This paper will focus on the philosophical, economical, and political factors that cloud computing and cloud services have in the workforce and different organizations. Based on various scholarly articles and resources it was observed that organizations used cloud computing and cloud services to increase their overall productivity as well as decrease the overall cost of their operations, as well as the different policies that were created by lawmakers to control the realm of cloud computing. The results of this …

Sql Injection & Web Application Security: A Python-Based Network Traffic Detection Model, Nyki Anderson

Cybersecurity Undergraduate Research Showcase

The Internet of Things (IoT) presents a great many challenges in cybersecurity as the world grows more and more digitally dependent. Personally identifiable information (PII) (i,e., names, addresses, emails, credit card numbers) is stored in databases across websites the world over. The greatest threat to privacy, according to the Open Worldwide Application Security Project (OWASP) is SQL injection attacks (SQLIA) [1]. In these sorts of attacks, hackers use malicious statements entered into forms, search bars, and other browser input mediums to trick the web application server into divulging database assets. A proposed technique against such exploitation is convolution neural network …

Encryption And Decryption With A Raspberry Pi Device, Taylor Powell

Undergraduate Research Symposium

The functioning of our modern digital world relies heavily on the security of modern encryption algorithms and their resistance to systematic attempts to access secure information. For the 2020 Department of Computer Science’s Raspberry Pi Programming Competition, I decided to explore encryption and decryption techniques available to any user with some programming knowledge and a desire to secure information from unwanted access.

I developed a program which allows a user to select between three types of encryption algorithms: a Caesar Cipher, a Vigenère Cipher, and a Stream Cipher. I also gave the user the option to further secure their encrypted …

Cybersecurity: Building A Better Defense With A Great Offense, David M. Cooke

Cybersecurity Undergraduate Research Showcase

The current industry standard for cybersecurity is risk mitigation, which is the identification, evaluation, and categorization of threats that are posed to an organization's network. The goal is to prevent attacks and if an organization is attacked popular standard is to react and remedy the attack. This form of cyber defense isn’t very reassuring to an organization and its users, once an attack is executed based on a study conducted by Booz Allen the average time an advanced persistent threat (APT) dwells on a victims’ network before it’s discovered is 200-250 days. That’s plenty of time for a malicious third …

Best Cybersecurity Practices For Companies, Post Van Buren, Mary Riley

Cybersecurity Undergraduate Research Showcase

Imagine this scenario: you are a small business owner, and you’ve just been informed of a network security breach. In your Zoom meeting with the IT Department, you learned the details: network activity logs revealed aberrant behavior after hours. Threat actors accessed systems containing sensitive information and downloaded copies of key files containing company trade secrets, market strategies, and customer data – all within a matter of minutes. Immediately, you review the consequences of the breach in your mind: reputational harm, monetary loss, and potential lawsuits. You ask the IT professional about the root cause of the breach. Was it …

Tackling Ai Bias With Gans, Noam Stanislawski

Cybersecurity Undergraduate Research Showcase

Throughout the relatively short history of artificial intelligence (AI), there has been a significant concern surrounding AI’s ability to incorporate and maintain certain characteristics which were not inherently modeled out in its coding. These behaviors stem from the prominent usage of neural network AI, which can inherit human biases from the input data it receives. This paper argues for two possible avenues to combat these biases. The first is to rethink the traditional framework for neural network projects and retool them to be usable by a Generative Adversarial Network (GAN). In a GAN’s zero-sum game, two network techniques can combat …

Leverage Psychological Factors Associated With Lapses In Cybersecurity In Organizational Management, Chad Holm

Cybersecurity Undergraduate Research Showcase

With computers being a standard part of life now with the evolution of the internet, many aspects of our lives have changed, and new ways of thinking must come. One of the biggest challenges in most cyber security problems is not related to the software or the hardware; it is the people that are using the computers to access the data and communicate with others, where the hackers could simply find a weak entry point that naturally exists and a weak link caused by human hands. The human factor as an “insider threat” will affect unauthorized access, credentials stealing, and …

On The Usage And Vulnerabilities Of Api Systems, Conner D. Yu

Cybersecurity Undergraduate Research Showcase

To some, Application Programming Interface (API) is one of many buzzwords that seem to be blanketed in obscurity because not many people are overly familiar with this term. This obscurity is unfortunate, as APIs play a crucial role in today’s modern infrastructure by serving as one of the most fundamental communication methods for web services. Many businesses use APIs in some capacity, but one often overlooked aspect is cybersecurity. This aspect is most evident in the 2018 misuse case by Facebook, which led to the leakage of 50 million users’ records.1 During the 2018 Facebook data breach incident, threat actors …