Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Keyword
-
- Security (2)
- 1.2 COMPUTER AND INFORMATION SCIENCE (1)
- 5.1 PSYCHOLOGY (1)
- 5.2 ECONOMICS AND BUSINESS (1)
- Abuse Detection (1)
-
- Abuse Detection and Prevention (1)
- Blockchain security intrusion detection systems IDS architecture (1)
- CAmkES (1)
- Cache Attack (1)
- Cloud computing (1)
- Cloud computing Trust (1)
- Cloud computing Trust barrier (1)
- Cloud computing Trustworthiness (1)
- Cloud trust label (1)
- Computer Sciences (1)
- Cyber security (1)
- Cybersecurity (1)
- Facebook Abuse (1)
- Friend Spam (1)
- Information storage and retrieval systems; Software; Hardware; (1)
- Internet of Things (1)
- IoT (1)
- Issues (1)
- Machine Learning (1)
- Machine learning (1)
- Meltdown (1)
- Microarchitecture Attack (1)
- Model checking (1)
- Online Social Networks (1)
- Power system (1)
- Publication
- Publication Type
Articles 1 - 14 of 14
Full-Text Articles in Systems Architecture
Countering Cybersecurity Vulnerabilities In The Power System, Fengli Zhang
Countering Cybersecurity Vulnerabilities In The Power System, Fengli Zhang
Graduate Theses and Dissertations
Security vulnerabilities in software pose an important threat to power grid security, which can be exploited by attackers if not properly addressed. Every month, many vulnerabilities are discovered and all the vulnerabilities must be remediated in a timely manner to reduce the chance of being exploited by attackers. In current practice, security operators have to manually analyze each vulnerability present in their assets and determine the remediation actions in a short time period, which involves a tremendous amount of human resources for electric utilities. To solve this problem, we propose a machine learning-based automation framework to automate vulnerability analysis and …
Formally Designing And Implementing Cyber Security Mechanisms In Industrial Control Networks., Mehdi Sabraoui
Formally Designing And Implementing Cyber Security Mechanisms In Industrial Control Networks., Mehdi Sabraoui
Electronic Theses and Dissertations
This dissertation describes progress in the state-of-the-art for developing and deploying formally verified cyber security devices in industrial control networks. It begins by detailing the unique struggles that are faced in industrial control networks and why concepts and technologies developed for securing traditional networks might not be appropriate. It uses these unique struggles and examples of contemporary cyber-attacks targeting control systems to argue that progress in securing control systems is best met with formal verification of systems, their specifications, and their security properties. This dissertation then presents a development process and identifies two technologies, TLA+ and seL4, that can be …
An Architecture For Blockchain-Based Collaborative Signature-Based Intrusion Detection System, Daniel Laufenberg
An Architecture For Blockchain-Based Collaborative Signature-Based Intrusion Detection System, Daniel Laufenberg
Master of Science in Information Technology Theses
Collaborative intrusion detection system (CIDS), where IDS hosts work with each other and share resources, have been proposed to cope with the increasingly sophisticated cyberattacks. Despite the promising benefits such as expanded signature databases and alert data from multiple sites, trust management and consensus building remain as challenges for a CIDS to work effectively. The blockchain technology with built-in immutability and consensus building capability provides a viable solution to the issues of CIDS. In this paper, we introduce an architecture for a blockchain-enabled signature-based collaborative IDS, discuss the implementation strategy of the proposed architecture and developed a prototype using Hyperledger …
The Performance Cost Of Security, Lucy R. Bowen
The Performance Cost Of Security, Lucy R. Bowen
Master's Theses
Historically, performance has been the most important feature when optimizing computer hardware. Modern processors are so highly optimized that every cycle of computation time matters. However, this practice of optimizing for performance at all costs has been called into question by new microarchitectural attacks, e.g. Meltdown and Spectre. Microarchitectural attacks exploit the effects of microarchitectural components or optimizations in order to leak data to an attacker. These attacks have caused processor manufacturers to introduce performance impacting mitigations in both software and silicon.
To investigate the performance impact of the various mitigations, a test suite of forty-seven different tests was created. …
Securing Our Future Homes: Smart Home Security Issues And Solutions, Nicholas Romano
Securing Our Future Homes: Smart Home Security Issues And Solutions, Nicholas Romano
Senior Honors Theses
The Internet of Things, commonly known as IoT, is a new technology transforming businesses, individuals’ daily lives and the operation of entire countries. With more and more devices becoming equipped with IoT technology, smart homes are becoming increasingly popular. The components that make up a smart home are at risk for different types of attacks; therefore, security engineers are developing solutions to current problems and are predicting future types of attacks. This paper will analyze IoT smart home components, explain current security risks, and suggest possible solutions. According to “What is a Smart Home” (n.d.), a smart home is a …
Building Consumer Trust In The Cloud: An Experimental Analysis Of The Cloud Trust Label Approach, Lisa Van Der Werff, Grace Fox, Ieva Masevic, Vincent C. Emeakaroha, John P. Morrison, Theo Lynn
Building Consumer Trust In The Cloud: An Experimental Analysis Of The Cloud Trust Label Approach, Lisa Van Der Werff, Grace Fox, Ieva Masevic, Vincent C. Emeakaroha, John P. Morrison, Theo Lynn
Department of Computer Science Publications
The lack of transparency surrounding cloud service provision makes it difficult for consumers to make knowledge based purchasing decisions. As a result, consumer trust has become a major impediment to cloud computing adoption. Cloud Trust Labels represent a means of communicating relevant service and security information to potential customers on the cloud service provided, thereby facilitating informed decision making. This research investigates the potential of a Cloud Trust Label system to overcome the trust barrier. Specifically, it examines the impact of a Cloud Trust Label on consumer perceptions of a service and cloud service provider trustworthiness and trust in the …
Safety And Security With Aadl: Using Lattices To Model Data Flow, Erick Martinez
Safety And Security With Aadl: Using Lattices To Model Data Flow, Erick Martinez
Kansas State University Undergraduate Research Conference
Architecture and Design Language is a model based engineering language that is used to create safety-critical systems. The issue with the creation of these systems is the lack of importance in security when these systems are created. To improve and promote the increase if importance and reliability for the creation of these systems we are looking into creating a method in which we can create lattice formations to identify and restrict certain information to its own category/classification. Lattices form sets of nodes that can be restricted so that certain information can only be distributed between two nodes that have the …
Detection And Prevention Of Abuse In Online Social Networks, Sajedul Karim Talukder
Detection And Prevention Of Abuse In Online Social Networks, Sajedul Karim Talukder
FIU Electronic Theses and Dissertations
Adversaries leverage social networks to collect sensitive data about regular users and target them with abuse that includes fake news, cyberbullying, malware distribution, and propaganda. Such behavior is more effective when performed by the social network friends of victims. In two preliminary user studies we found that 71 out of 80 participants have at least 1 Facebook friend with whom (1) they never interact, either in Facebook or in real life, or whom they believe is (2) likely to abuse their posted photos or status updates, or (3) post offensive, false or malicious content. Such friend abuse is often considered …
Evaluating The Impacts Of Detecting X.509 Covert Channels, Cody Welu
Evaluating The Impacts Of Detecting X.509 Covert Channels, Cody Welu
Masters Theses & Doctoral Dissertations
This quasi-experimental before-and-after study examined the performance impacts of detecting X.509 covert channels in the Suricata intrusion detection system. Relevant literature and previous studies surrounding covert channels and covert channel detection, X.509 certificates, and intrusion detection system performance were evaluated. This study used Jason Reaves’ X.509 covert channel proof of concept code to generate malicious network traffic for detection (2018). Various detection rules for intrusion detection systems were created to aid in the detection of the X.509 covert channel. The central processing unit (CPU) and memory utilization impacts that each rule had on the intrusion detection system was studied and …
Mirai Bot Scanner Summation Prototype, Charles V. Frank Jr.
Mirai Bot Scanner Summation Prototype, Charles V. Frank Jr.
Masters Theses & Doctoral Dissertations
The Mirai botnet deploys a distributed mechanism with each Bot continually scanning for a potential new Bot Victim. A Bot continually generates a random IP address to scan the network for discovering a potential new Bot Victim. The Bot establishes a connection with the potential new Bot Victim with a Transmission Control Protocol (TCP) handshake. The Mirai botnet has recruited hundreds of thousands of Bots. With 100,000 Bots, Mirai Distributed Denial of Service (DDoS) attacks on service provider Dyn in October 2016 triggered the inaccessibility to hundreds of websites in Europe and North America (Sinanović & Mrdovic, 2017). A month …
Flashlight In A Dark Room: A Grounded Theory Study On Information Security Management At Small Healthcare Provider Organizations, Gerald Auger
Masters Theses & Doctoral Dissertations
Healthcare providers have a responsibility to protect patient’s privacy and a business motivation to properly secure their assets. These providers encounter barriers to achieving these objectives and limited academic research has been conducted to examine the causes and strategies to overcome them. A subset of this demographic, businesses with less than 10 providers, compose a majority 57% of provider organizations in the United States. This grounded theory study provides exploratory findings, discovering these small healthcare provider organizations (SHPO) have limited knowledge on information technology (IT) and information security that results in assumptions and misappropriations of information security implementation, who is …
A Malware Analysis And Artifact Capture Tool, Dallas Wright
A Malware Analysis And Artifact Capture Tool, Dallas Wright
Masters Theses & Doctoral Dissertations
Malware authors attempt to obfuscate and hide their execution objectives in their program’s static and dynamic states. This paper provides a novel approach to aid analysis by introducing a malware analysis tool which is quick to set up and use with respect to other existing tools. The tool allows for the intercepting and capturing of malware artifacts while providing dynamic control of process flow. Capturing malware artifacts allows an analyst to more quickly and comprehensively understand malware behavior and obfuscation techniques and doing so interactively allows multiple code paths to be explored. The faster that malware can be analyzed the …
Matching Possible Mitigations To Cyber Threats: A Document-Driven Decision Support Systems Approach, Martha Wagner Mcneil
Matching Possible Mitigations To Cyber Threats: A Document-Driven Decision Support Systems Approach, Martha Wagner Mcneil
Masters Theses & Doctoral Dissertations
Cyber systems are ubiquitous in all aspects of society. At the same time, breaches to cyber systems continue to be front-page news (Calfas, 2018; Equifax, 2017) and, despite more than a decade of heightened focus on cybersecurity, the threat continues to evolve and grow, costing globally up to $575 billion annually (Center for Strategic and International Studies, 2014; Gosler & Von Thaer, 2013; Microsoft, 2016; Verizon, 2017). To address possible impacts due to cyber threats, information system (IS) stakeholders must assess the risks they face. Following a risk assessment, the next step is to determine mitigations to counter the threats …
Information Systems For Business And Beyond, David T. Bourgeois, James L. Smith, Shouhong Wang, Joseph Mortati
Information Systems For Business And Beyond, David T. Bourgeois, James L. Smith, Shouhong Wang, Joseph Mortati
Open Textbooks
This book is written as an introductory text, meant for those with little or no experience with computers or information systems. While sometimes the descriptions can get a bit technical, every effort has been made to convey the information essential to understanding a topic while not getting overly focused in detailed terminology.
The text is organized around thirteen chapters divided into three major parts, as follows:
• Part 1: What Is an Information System?
◦ Chapter 1: What Is an Information System? – This chapter provides an overview of information systems, including the history of how information systems got to …