Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 5 of 5
Full-Text Articles in Systems Architecture
Privacy Assessment Breakthrough: A Design Science Approach To Creating A Unified Methodology, Lisa Mckee
Privacy Assessment Breakthrough: A Design Science Approach To Creating A Unified Methodology, Lisa Mckee
Masters Theses & Doctoral Dissertations
Recent changes have increased the need for and awareness of privacy assessments. Organizations focus primarily on Privacy Impact Assessments (PIA) and Data Protection Impact Assessments (DPIA) but rarely take a comprehensive approach to assessments or integrate the results into a privacy risk program. There are numerous industry standards and regulations for privacy assessments, but the industry lacks a simple unified methodology with steps to perform privacy assessments. The objectives of this research project are to create a new privacy assessment methodology model using the design science methodology, update industry standards and present training for conducting privacy assessments that can be …
A False Sense Of Security - Organizations Need A Paradigm Shift On Protecting Themselves Against Apts, Srinivasulu R. Vuggumudi
A False Sense Of Security - Organizations Need A Paradigm Shift On Protecting Themselves Against Apts, Srinivasulu R. Vuggumudi
Masters Theses & Doctoral Dissertations
Organizations Advanced persistent threats (APTs) are the most complex cyberattacks and are generally executed by cyber attackers linked to nation-states. The motivation behind APT attacks is political intelligence and cyber espionage. Despite all the awareness, technological advancements, and massive investment, the fight against APTs is a losing battle for organizations. An organization may implement a security strategy to prevent APTs. However, the benefits to the security posture might be negligible if the measurement of the strategy’s effectiveness is not part of the plan. A false sense of security exists when the focus is on implementing a security strategy but not …
Improving Adversarial Attacks Against Malconv, Justin Burr
Improving Adversarial Attacks Against Malconv, Justin Burr
Masters Theses & Doctoral Dissertations
This dissertation proposes several improvements to existing adversarial attacks against MalConv, a raw-byte malware classifier for Windows PE files. The included contributions greatly improve the success rates and performance of gradient-based file overlay attacks. All improvements are included in a new open-source attack utility called BitCamo.
Several new payload initialization strategies for use with gradient-based attacks are proposed and evaluated as potential replacements for the randomized initialization method used by current attacks. An algorithm for determining the optimal payload size is also proposed. The resulting improvements achieve a 100% evasion rate against eligible target executables using an average payload size …
Aligning Recovery Objectives With Organizational Capabilities, Jude C. Ejiobi
Aligning Recovery Objectives With Organizational Capabilities, Jude C. Ejiobi
Masters Theses & Doctoral Dissertations
To reduce or eliminate the impact of a cyber-attack on an organization, preparations to recover a failed system and/or data are usually made in anticipation of such an attack. To avoid a false sense of security, these preparations should, as closely as possible, reflect the organization’s capabilities, in order to inform future improvement and avoid unattainable goals. There is an absence of a strong basis for the selection of the metrics that are used to measure preparation. Informal and unreliable processes are widely used, and they often result in metrics that conflict with the organization’s capabilities and interests. The goal …
A Metric For Machine Learning Vulnerability To Adversarial Examples, Matt Bradley
A Metric For Machine Learning Vulnerability To Adversarial Examples, Matt Bradley
Masters Theses & Doctoral Dissertations
Machine learning is used in myriad aspects, both in academic research and in everyday life, including safety-critical applications such as robust robotics, cybersecurity products, medial testing and diagnosis where a false positive or negative could have catastrophic results. Despite the increasing prevalence of machine learning applications and their role in critical systems we rely on daily, the security and robustness of machine learning models is still a relatively young field of research with many open questions, particularly on the defensive side of adversarial machine learning. Chief among these open questions is how best to quantify a model’s attack surface against …