Physical Sciences and Mathematics Commons^™

Immunology Inspired Detection Of Data Theft From Autonomous Network Activity, Theodore O. Cochran

CCE Theses and Dissertations

The threat of data theft posed by self-propagating, remotely controlled bot malware is increasing. Cyber criminals are motivated to steal sensitive data, such as user names, passwords, account numbers, and credit card numbers, because these items can be parlayed into cash. For anonymity and economy of scale, bot networks have become the cyber criminal’s weapon of choice. In 2010 a single botnet included over one million compromised host computers, and one of the largest botnets in 2011 was specifically designed to harvest financial data from its victims. Unfortunately, current intrusion detection methods are unable to effectively detect data extraction techniques …

Usable Security Using Goms: A Study To Evaluate And Compare The Usability Of User Accounts On E-Government Websites, Amran Din

CCE Theses and Dissertations

The term e-Government refers to providing citizens a series of services that can be conveniently conducted over the Internet. However, the potential to redefine and transform e-Government increasingly relies on citizens successfully establishing and managing a user account profile online. E-Government has not adequately addressed user-centric designs for social inclusion of all citizens on e-Government websites. There is a lack of research on the usability of user account management, and a clear lack of innovation in incorporating user-friendly authentication interfaces to accommodate a diverse user population given the wealth of existing research in web authentication techniques within Identity Management. The …

Modeling Heterogeneous User Churn And Local Resilience Of Unstructured P2p Networks, Zhongmei Yao, Derek Leonard, Dmitri Loguinov, Xiaoming Wang

Zhongmei Yao

Previous analytical results on the resilience of unstructured P2P systems have not explicitly modeled heterogeneity of user churn (i.e., difference in online behavior) or the impact of in-degree on system resilience. To overcome these limitations, we introduce a generic model of heterogeneous user churn, derive the distribution of the various metrics observed in prior experimental studies (e.g., lifetime distribution of joining users, joint distribution of session time of alive peers, and residual lifetime of a randomly selected user), derive several closed-form results on the transient behavior of in-degree, and eventually obtain the joint in/out degree isolation probability as a simple …

Incremental Sparse-Pca Feature Extraction For Data Streams, Jean-Pierre Nziga

CCE Theses and Dissertations

Intruders attempt to penetrate commercial systems daily and cause considerable financial losses for individuals and organizations. Intrusion detection systems monitor network events to detect computer security threats. An extensive amount of network data is devoted to detecting malicious activities.

Storing, processing, and analyzing the massive volume of data is costly and indicate the need to find efficient methods to perform network data reduction that does not require the data to be first captured and stored. A better approach allows the extraction of useful variables from data streams in real time and in a single pass. The removal of irrelevant attributes …

Examining The Security Awareness, Information Privacy, And The Security Behaviors Of Home Computer Users, Keith Edwards

CCE Theses and Dissertations

Attacks on computer systems continue to be a problem. The majority of the attacks target home computer users. To help mitigate the attacks some companies provide security awareness training to their employees. However, not all people work for a company that provides security awareness training and typically, home computer users do not have the incentive to take security awareness training on their own. Research in security awareness and security behavior has produced conflicting results. Therefore, it is not clear, how security aware home computer users are or to what extent security awareness affects the security behavior of home computer users. …

Designing An Effective Information Security Policy For Exceptional Situations In An Organization: An Experimental Study, George S. Antoniou

CCE Theses and Dissertations

An increasing number of researchers are recognizing the importance of the role played by employees in maintaining the effectiveness of an information security policy. Currently, little research exists to validate the relationship between the actions (behaviors) taken by employees in response to exceptional situations (antecedents) regarding an organization’s information security policy, the impact (consequences) those actions have on an organization, and the motives that prompt those actions. When these exceptional situations occur, employees may feel compelled to engage in behaviors that violate the terms of an information security policy because strict compliance with the policy could cause the organization to …

An Electroencephalogram (Eeg) Based Biometrics Investigation For Authentication: A Human-Computer Interaction (Hci) Approach, Ricardo J. Rodriguez

CCE Theses and Dissertations

Encephalogram (EEG) devices are one of the active research areas in human-computer interaction (HCI). They provide a unique brain-machine interface (BMI) for interacting with a growing number of applications. EEG devices interface with computational systems, including traditional desktop computers and more recently mobile devices. These computational systems can be targeted by malicious users. There is clearly an opportunity to leverage EEG capabilities for increasing the efficiency of access control mechanisms, which are the first line of defense in any computational system.

Access control mechanisms rely on a number of authenticators, including “what you know”, “what you have”, and “what you …

Legal Issues: Security And Privacy With Mobile Devices, Brian Leonard, Maurice Dawson

Maurice Dawson

Privacy and security are two items being woven into the fabric of American law concerning mobile devices. This chapter will review and analyze the associated laws and policies that are currently in place or have been proposed to ensure proper execution of security measures for mobile and other devices while still protecting individual privacy. This chapter will address the fact that as the American society significantly uses mobile devices, it is imperative to understand the legal actions surrounding these technologies to include their associated uses. This chapter will also address the fact that with 9/11 in the not so distant …