Physical Sciences and Mathematics Commons^™

Collaborcrack: A Collaborative Password Cracking Solution For Windows Penetration Testing, Andrew Griess

Theses/Capstones/Creative Projects

Cybersecurity professionals attempt to crack password hashes during penetration tests to determine if they are strong enough. A password hash is a way to encode a password securely. This paper describes a proof-of-concept program called CollaborCrack, a team-based password cracking solution. CollaborCrack addresses the issues of computational complexity, remote cracking security, duplication of work, and the cost associated with password cracking. To address computational complexity, CollaborCrack enables remote password cracking. Remote cracking requires additional safeguards, which CollaborCrack mitigates by storing sensitive information locally. To reduce the duplication of work, CollaborCrack provides a shared interface designed around collaboration and teamwork. CollaborCrack …

Analysis Of Deep Learning Methods For Wired Ethernet Physical Layer Security Of Operational Technology, Lucas Torlay

All Theses

The cybersecurity of power systems is jeopardized by the threat of spoofing and man-in-the-middle style attacks due to a lack of physical layer device authentication techniques for operational technology (OT) communication networks. OT networks cannot support the active probing cybersecurity methods that are popular in information technology (IT) networks. Furthermore, both active and passive scanning techniques are susceptible to medium access control (MAC) address spoofing when operating at Layer 2 of the Open Systems Interconnection (OSI) model. This thesis aims to analyze the role of deep learning in passively authenticating Ethernet devices by their communication signals. This method operates at …

Memory Forensics Comparison Of Apple M1 And Intel Architecture Using Volatility Framework, Joshua Duke

LSU Master's Theses

Memory forensics allows an investigator to get a full picture of what is occurring on-device at the time that a memory sample is captured and is frequently used to detect and analyze malware. Malicious attacks have evolved from living on disk to having persistence mechanisms in the volatile memory (RAM) of a device and the information that is captured in memory samples contains crucial information for full forensic analysis by cybersecurity professionals. Recently, Apple unveiled computers containing a custom designed system on a chip (SoC) called the M1 that is based on ARM architecture. Our research focused on the differences …

Predicting The Adoption Of Password Managers: A Tale Of Two Samples, Shelia Kennison, D. Eric Chan-Tin

Computer Science: Faculty Publications and Other Works

Using weak passwords and re-using passwords can make one vulnerable to cybersecurity breaches. Cybersecurity experts recommend the adoption of password managers (PMs), as they generate and store strong passwords for all accounts. Prior research has shown that few people adopt PMs. Our research examined PM adoption in a sample of 221 undergraduates from psychology courses and a sample of 278 MTurk workers. We hypothesized that PM adoption could be predicted using a small set of user characteristics (i.e., gender, age, Big Five personality traits, number of devices used, frequency of using social media, and cybersecurity knowledge). The results showed that …

Nudging Students To Use Stronger Passwords: A Test Of Big Five Personality-Based Messages, Shelia Kennison, Eric Chan-Tin

Computer Science: Faculty Publications and Other Works

Cybersecurity breaches can occur when one uses an easily hacked password. Prior research has investigated 1) possible steps to encourage users to use strong passwords and 2) how personality is related to users using strong passwords.

We investigated whether personality-based nudging messages based on Big Five traits could nudge people to create stronger passwords (c.f., Jones et al., 2021). We also examined how personal characteristics, such as gender, age, personality traits, password knowledge, attitudes, and behavior, and need for cognition, were related to password strength.

We tested the hypothesis that passwords created following messages matching participants’ personality would be stronger …

A Multiple Case Study Of Meti Cybersecurity Education And Training: A Basis For The Development Of A Guiding Framework For Educational Approaches, Jeric Bacasdoon

World Maritime University Dissertations

No abstract provided.

Towards Accurate Run-Time Hardware-Assisted Stealthy Malware Detection: A Lightweight, Yet Effective Time Series Cnn-Based Approach, Hossein Sayadi, Yifeng Gao, Hosein Mohammadi Makrani, Jessica Lin, Paulo Cesar Costa, Setareh Rafatirad, Houman Homayoun

Computer Science Faculty Publications and Presentations

According to recent security analysis reports, malicious software (a.k.a. malware) is rising at an alarming rate in numbers, complexity, and harmful purposes to compromise the security of modern computer systems. Recently, malware detection based on low-level hardware features (e.g., Hardware Performance Counters (HPCs) information) has emerged as an effective alternative solution to address the complexity and performance overheads of traditional software-based detection methods. Hardware-assisted Malware Detection (HMD) techniques depend on standard Machine Learning (ML) classifiers to detect signatures of malicious applications by monitoring built-in HPC registers during execution at run-time. Prior HMD methods though effective have limited their study on …

Professional Responsibility, Legal Malpractice, Cybersecurity, And Cyber-Insurance In The Covid-19 Era, Ethan S. Burger

St. Mary's Journal on Legal Malpractice & Ethics

In response to the COVID-19 outbreak, law firms conformed their activities to the Centers for Disease Control and Prevention (CDC), Occupational Safety and Health Administration (OSHA), and state health authority guidelines by immediately reducing the size of gatherings, encouraging social distancing, and mandating the use of protective gear. These changes necessitated the expansion of law firm remote operations, made possible by the increased adoption of technological tools to coordinate workflow and administrative tasks, communicate with clients, and engage with judicial and governmental bodies.

Law firms’ increased use of these technological tools for carrying out legal and administrative activities has implications …

Employees Breaking Bad With Technology: An Exploratory Analysis Of Human Factors That Drive Cyberspace Insider Threats, Marcus L. Green

USF Tampa Graduate Theses and Dissertations

As implementation of computer systems has continued to grow in business contexts, employee-driven cyberspace infractions have also grown in number. Employee cyberspace behaviors have continued to have detrimental effects on company computer systems. Actions that violate company cybersecurity policies can be either malicious or unmalicious. Solutions, by and large, have been electronic and centered on hardware and software. Those proposing solutions have begun to shift their focus to human risk vulnerabilities.

This study was novel in that its focus was identification of individual, cultural, and technological risk factors that drive cyberspace insider threat activities. Identifying factors that reduce insider threat …

Another Brick In The Wall: An Exploratory Analysis Of Digital Forensics Programs In The United States, Syria Mccullough, Stella Abudu, Ebere Onwubuariri, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

We present a comprehensive review of digital forensics programs offered by universities across the United States (U.S.). While numerous studies on digital forensics standards and curriculum exist, few, if any, have examined digital forensics courses offered across the nation. Since digital forensics courses vary from university to university, online course catalogs for academic institutions were evaluated to curate a dataset. Universities were selected based on online searches, similar to those that would be made by prospective students. Ninety-seven (n = 97) degree programs in the U.S. were evaluated. Overall, results showed that advanced technical courses are missing from curricula. We …

Who Creates Strong Passwords When Nudging Fails, Shelia M. Kennison, Ian T. Jones, Victoria H. Spooner, D. Eric Chan-Tin

Computer Science: Faculty Publications and Other Works

The use of strong passwords is viewed as a recommended cybersecurity practice, as the hacking of weak passwords led to major cybersecurity breaches. The present research investigated whether nudging with messages based on participants’ self-schemas could lead them to create stronger passwords. We modeled our study on prior health-related research demonstrating positive results using messages based on self-schema categories (i.e., True Colors categories -compassionate, loyal, intellectual, and adventurous). We carried out an online study, one with 256 (185 women, 66 men, 5 other) undergraduates and one with 424 (240 men, 179 women, 5 other) Amazon Mechanical Turk (MTurk) workers, in …

Industrial Control System Data Resiliency, Daniel A. Bovard

Boise State University Theses and Dissertations

This thesis identifies and fortifies against a critical vulnerability in industrial control system (ICS) security. A properly designed ICS security framework consists of a multi-layered approach starting with heavy fortifications in information technology and ending with control information of operational technology. Currently, ICS security frameworks lack visibility and place blind trust in devices at the lowest level of the control hierarchy. Attaining control data visibility at the lowest level of the control hierarchy is critical to increasing the resiliency of an ICS security posture. This thesis demonstrates how this data can be captured at the lowest level of the control …

Cybersecurity: Creating A Cybersecurity Culture, Steven Edward Ogden

Electronic Theses, Projects, and Dissertations

Human error has been identified as one of the highest contributing factors to successful cyber-attacks and security incidents that result in data leaks and theft of sensitive information. Human error has been caused by employees not behaving securely when interacting with information systems. This culminating experience project investigated how a cybersecurity culture can be developed to address the human error problem. The research was based on several key questions that focus on influencing factors of human behavior and best practices that have been used to develop a cybersecurity culture so that employees engage in secure behaviors. Social Cognitive Theory was …

A Wireguard Exploration, Alexander Master, Christina Garman

CERIAS Technical Reports

Internet users require secure means of communication. Virtual Private Networks (VPNs) often serve this purpose, for consumers and businesses. The research aims of this paper were an analysis and implementation of the new VPN protocol WireGuard. The authors explain the cryptographic primitives used, build server and client code implementations of WireGuard peers, and present the benefits and drawbacks of this new technology. The outcome was a functional WireGuard client and server implementation, capable of tunneling all Internet traffic through a cloud-based virtual private server (VPS), with minimal manual configuration necessary from the end user. The code is publicly available.

Observations, Evaluations, And Recommendations For Deterlab From An Educational Perspective, Ahmed Ibrahim, Vitaly Ford

Journal of Cybersecurity Education, Research and Practice

DETERLab is a cluster environment that provides a set of virtual machines that can be used by researchers and teachers to run cybersecurity experiments and competitions, and where it is possible to deploy different network configurations to research attack and defense mechanisms in the cyber world. While we were working to develop a pathway for producing more usable and effective cybersecurity educational resources by investigating and examining several projects, we examined DETERLab as a prospective platform to use in the classroom. Throughout our experimentation, we faced challenges that we decided to document in order to help other educators use the …

An Exploratory Study Of Mode Efficacy In Cybersecurity Training, Michael D. Workman

Journal of Cybersecurity Education, Research and Practice

Cybersecurity capabilities in organizations and governmental agencies continue to lag behind the threats. Given the current environment, these entities have placed renewed emphasis on cybersecurity education. However, education appears to lack its full potential in most settings. Few empirical studies have systematically tested the efficacy of various training methods and modes, and those that have been conducted have yielded inconsistent findings. Recent literature on the use of gamified simulations have suggested that they may improve cybersecurity behaviors. Similarly, live activities such as hackathons and capture the flag events have been surmised to augment learning and capabilities. We conducted an exploratory …

Design And Development Of Techniques To Ensure Integrity In Fog Computing Based Databases, Abdulwahab Fahad S. Alazeb

Graduate Theses and Dissertations

The advancement of information technology in coming years will bring significant changes to the way sensitive data is processed. But the volume of generated data is rapidly growing worldwide. Technologies such as cloud computing, fog computing, and the Internet of things (IoT) will offer business service providers and consumers opportunities to obtain effective and efficient services as well as enhance their experiences and services; increased availability and higher-quality services via real-time data processing augment the potential for technology to add value to everyday experiences. This improves human life quality and easiness. As promising as these technological innovations, they are prone …

Quantifying Cyber Risk By Integrating Attack Graph And Impact Graph, Omer F. Keskin

Engineering Management & Systems Engineering Theses & Dissertations

Being a relatively new risk source, models to quantify cyber risks are not well developed; therefore, cyber risk management in most businesses depends on qualitative assessments. With the increase in the economic consequences of cyber incidents, the importance of quantifying cyber risks has increased. Cyber risk quantification is also needed to establish communication among decision-makers of different levels of an enterprise, from technical personnel to top management.

The goal of this research is to build a probabilistic cybersecurity risk analysis model that relates attack propagation with impact propagation through internal dependencies and allows temporal analysis.

The contributions of the developed …

Deterring Intellectual Property Thieves: Algorithmic Generation Of Adversary-Aware Fake Knowledge Graphs, Snow Kang

Dartmouth College Undergraduate Theses

Publicly available estimates suggest that in the U.S. alone, IP theft costs our economy between $225 billion and $600 billion each year. In our paper, we propose combating IP theft by generating fake versions of technical documents. If an enterprise system has n fake documents for each real document, any IP thief must sift through an array of documents in an attempt to separate the original from a sea of fakes. This costs the attacker time and money - and inflicts pain and frustration on the part of its technical staff.

Leveraging a graph-theoretic approach, we created the Clique-FakeKG algorithm …

Deep Learning Modalities For Biometric Alteration Detection In 5g Networks-Based Secure Smart Cities, Ahmed Sedik, Lo'ai A. Tawalbeh, Mohamed Hammad, Ahmed A. Abd El-Latif, Ghada M. El-Banby, Ashref A.M. Khalaf, Fathi E. Abd El-Samie, Abdullah M. Iliyasu

Computer Science Faculty Publications

Smart cities and their applications have become attractive research fields birthing numerous technologies. Fifth generation (5G) networks are important components of smart cities, where intelligent access control is deployed for identity authentication, online banking, and cyber security. To assure secure transactions and to protect user’s identities against cybersecurity threats, strong authentication techniques should be used. The prevalence of biometrics, such as fingerprints, in authentication and identification makes the need to safeguard them important across different areas of smart applications. Our study presents a system to detect alterations to biometric modalities to discriminate pristine, adulterated, and fake biometrics in 5G-based smart …

A Framework To Detect The Susceptibility Of Employees To Social Engineering Attacks, Hashim H. Alneami

Doctoral Dissertations and Master's Theses

Social engineering attacks (SE-attacks) in enterprises are hastily growing and are becoming increasingly sophisticated. Generally, SE-attacks involve the psychological manipulation of employees into revealing confidential and valuable company data to cybercriminals. The ramifications could bring devastating financial and irreparable reputation loss to the companies. Because SE-attacks involve a human element, preventing these attacks can be tricky and challenging and has become a topic of interest for many researchers and security experts. While methods exist for detecting SE-attacks, our literature review of existing methods identified many crucial factors such as the national cultural, organizational, and personality traits of employees that enable …

Network-Based Detection And Prevention System Against Dns-Based Attacks, Yasir Faraj Mohammed

Graduate Theses and Dissertations

Individuals and organizations rely on the Internet as an essential environment for personal or business transactions. However, individuals and organizations have been primary targets for attacks that steal sensitive data. Adversaries can use different approaches to hide their activities inside the compromised network and communicate covertly between the malicious servers and the victims. The domain name system (DNS) protocol is one of these approaches that adversaries use to transfer stolen data outside the organization's network using various forms of DNS tunneling attacks. The main reason for targeting the DNS protocol is because DNS is available in almost every network, ignored, …

Privacy Is Infringed In Plain Sight And How To Dissapear, Zachary Taylor

Electronic Theses, Projects, and Dissertations

This culminating project explored how Amazon, Apple, Facebook, Google, and Microsoft infringe on their user's information privacy. Focus was on tools and techniques one can use to strengthen their information privacy. Privacy or information privacy was defined as the right to have some control over how your personal information is collected and used. This project will also introduce a verity of open-source tools and techniques that would help the unsuspected user to maintain their privacy.The questions asked were: what are some common techniques that Amazon, Apple, Facebook, Google, or Microsoft use to gain personal information?, At what cost would it …

How The Growth Of Technology Has Forced Accounting Firms To Put An Emphasis On Cybersecurity, Holden Halbach

Accounting Undergraduate Honors Theses

The advancement of technology has brought many changes to accounting firms. Computer applications such as Microsoft Excel have made calculators and physical spreadsheets obsolete. Then with the introduction of cloud computing employees can store, access, and exchange large amounts of data instantaneously from any location. These technological innovations have increased the accuracy and efficiency of firms substantially. However, this growth in technology has shown the importance of putting an emphasis on cybersecurity throughout the accounting industry. The emphasis placed on cybersecurity throughout accounting firms is more prevalent than any other industry. This is primarily because accounting firms not only deal …

Cross Domain Iw Threats To Sof Maritime Missions: Implications For U.S. Sof, Gary C. Kessler, Diane M. Zorri

Publications

As cyber vulnerabilities proliferate with the expansion of connected devices, wherein security is often forsaken for ease of use, Special Operations Forces (SOF) cannot escape the obvious, massive risk that they are assuming by incorporating emerging technologies into their toolkits. This is especially true in the maritime sector where SOF operates nearshore in littoral zones. As SOF—in support to the U.S. Navy— increasingly operate in these contested maritime environments, they will gradually encounter more hostile actors looking to exploit digital vulnerabilities. As such, this monograph comes at a perfect time as the world becomes more interconnected but also more vulnerable.

The Dns Bake Sale: Advertising Dns Cookie Support For Ddos Protection, Jacob Davis

Theses and Dissertations

The Domain Name System (DNS) has been frequently abused for Distributed Denial of Service (DDoS) attacks and cache poisoning because it relies on the User Datagram Protocol (UDP). Since UDP is connection-less, it is trivial for an attacker to spoof the source of a DNS query or response. DNS Cookies, a protocol standardized in 2016, add pseudo-random values to DNS packets to provide identity management and prevent spoofing attacks. This work finds that 30% of popular authoritative servers and open recursive resolvers fully support cookies and that 10% of recursive clients send cookies. Despite this, DNS cookie use is rarely …

Cyber Supply Chain Risk Management: Implications For The Sof Future Operating Environment, J. Philip Craiger, Laurie Lindamood-Craiger, Diane M. Zorri

Publications

The emerging Cyber Supply Chain Risk Management (C-SCRM) concept assists at all levels of the supply chain in managing and mitigating risks, and the authors define C-SCRM as the process of identifying, assessing, and mitigating the risks associated with the distributed and interconnected nature of information and operational technology products and service supply chains. As Special Operations Forces increasingly rely on sophisticated hardware and software products, this quick, well-researched monograph provides a detailed accounting of C-SCRM associated laws, regulations, instructions, tools, and strategies meant to mitigate vulnerabilities and risks—and how we might best manage the evolving and ever-changing array of …

Reflections On Setting Up The Cyber Range Intrusion Detection System, William Pearson

WWU Honors College Senior Projects

A short reflection on the project to set up an Intrusion Detection System for the Cyber Range at Western Washington University Poulsbo.

Cybersecurity Legislation And Ransomware Attacks In The United States, 2015-2019, Joseph Skertic

Graduate Program in International Studies Theses & Dissertations

Ransomware has rapidly emerged as a cyber threat which costs the global economy billions of dollars a year. Since 2015, ransomware criminals have increasingly targeted state and local government institutions. These institutions provide critical infrastructure – e.g., emergency services, water, and tax collection – yet they often operate using outdated technology due to limited budgets. This vulnerability makes state and local institutions prime targets for ransomware attacks. Many states have begun to realize the growing threat from ransomware and other cyber threats and have responded through legislative action. When and how is this legislation effective in preventing ransomware attacks? This …

Cybersecurity Risk Assessment Using Graph Theoretical Anomaly Detection And Machine Learning, Goksel Kucukkaya

Engineering Management & Systems Engineering Theses & Dissertations

The cyber domain is a great business enabler providing many types of enterprises new opportunities such as scaling up services, obtaining customer insights, identifying end-user profiles, sharing data, and expanding to new communities. However, the cyber domain also comes with its own set of risks. Cybersecurity risk assessment helps enterprises explore these new opportunities and, at the same time, proportionately manage the risks by establishing cyber situational awareness and identifying potential consequences. Anomaly detection is a mechanism to enable situational awareness in the cyber domain. However, anomaly detection also requires one of the most extensive sets of data and features …