Safe Delivery Of Critical Services In Areas With Volatile Security Situation Via A Stackelberg Game Approach,
2023
Singapore Management University
Safe Delivery Of Critical Services In Areas With Volatile Security Situation Via A Stackelberg Game Approach, Tien Mai, Arunesh Sinha
Research Collection School Of Computing and Information Systems
Vaccine delivery in under-resourced locations with security risks is not just challenging but also life threatening. The COVID pandemic and the need to vaccinate added even more urgency to this issue. Motivated by this problem, we propose a general framework to set-up limited temporary (vaccination) centers that balance physical security and desired (vaccine) service coverage with limited resources. We set-up the problem as a Stackelberg game between the centers operator (defender) and an adversary, where the set of centers is not fixed a priori but is part of the decision output. This results in a mixed combinatorial and continuous optimization …
Improving Developers' Understanding Of Regex Denial Of Service Tools Through Anti-Patterns And Fix Strategies,
2023
Virginia Tech
Improving Developers' Understanding Of Regex Denial Of Service Tools Through Anti-Patterns And Fix Strategies, Sk Adnan Hassan, Zainab Aamir, Dongyoon Lee, James C. Davis, Francisco Servant
Department of Electrical and Computer Engineering Faculty Publications
Regular expressions are used for diverse purposes, including input validation and firewalls. Unfortunately, they can also lead to a security vulnerability called ReDoS (Regular Expression Denial of Service), caused by a super-linear worst-case execution time during regex matching. Due to the severity and prevalence of ReDoS, past work proposed automatic tools to detect and fix regexes. Although these tools were evaluated in automatic experiments, their usability has not yet been studied; usability has not been a focus of prior work. Our insight is that the usability of existing tools to detect and fix regexes will improve if we complement them …
Challenges And Measurements For Governance Of Modern Cyber Space Society,
2022
MOE Key Lab for Intelligent Networks and Network Security, Xi'an Jiaotong University, Xi'an 710049, China
Challenges And Measurements For Governance Of Modern Cyber Space Society, Pinghui Wang, Hongbin Pei, Junzhou Zhao, Tao Qin, Chao Shen, Dongliang Liu, Xiaohong Guan
Bulletin of Chinese Academy of Sciences (Chinese Version)
The rapid development of information technology has unprecedentedly created a prosperous cyber society and greatly enhanced productivity facilitated by social interaction. At the same time, many problems emerge in the cyber society, such as telecom fraud, privacy leakage, Internet pollution, and algorithmic discrimination. The problems bring new challenges to social order and security. In order to find the way of cyber society governance and promote the modernization of national governance, this paper first presents the analyses on the new problems encountered in the cyber society in three typical scenarios, i.e., identity governance, behavior governance, and algorithm governance, as well as …
Payload-Byte: A Tool For Extracting And Labeling Packet Capture Files Of Modern Network Intrusion Detection Datasets,
2022
Army Cyber Institute, United States Military Academy
Payload-Byte: A Tool For Extracting And Labeling Packet Capture Files Of Modern Network Intrusion Detection Datasets, Yasir Farrukh, Irfan Khan, Syed Wali, David A. Bierbrauer, John Pavlik, Nathaniel D. Bastian
ACI Journal Articles
Adapting modern approaches for network intrusion detection is becoming critical, given the rapid technological advancement and adversarial attack rates. Therefore, packet-based methods utilizing payload data are gaining much popularity due to their effectiveness in detecting certain attacks. However, packet-based approaches suffer from a lack of standardization, resulting in incomparability and reproducibility issues. Unlike flow-based datasets, no standard labeled dataset exists, forcing researchers to follow bespoke labeling pipelines for individual approaches. Without a standardized baseline, proposed approaches cannot be compared and evaluated with each other. One cannot gauge whether the proposed approach is a methodological advancement or is just being benefited …
Software Supply Chain Security Attacks And Analysis Of Defense,
2022
Kennesaw State University
Software Supply Chain Security Attacks And Analysis Of Defense, Juanjose Rodriguez-Cardenas, Jobair Hossain Faruk, Masura Tansim, Asia Shavers, Corey Brookins, Shamar Lake, Ava Norouzi, Marie Nassif, Kenneth Burke, Miranda Dominguez
Symposium of Student Scholars
The Software Supply chain or SSC is the backbone of the logistics industry and is crucial to a business's success and operation. The surge of attacks and risks for the SSC has grown in coming years with each attack's impact becoming more significant. These attacks have led to the leaking of both client and company sensitive information, corruption of the data, and having it subject to malware and ransomware installation, despite new practices implemented and investments into SSC security and its branches that have not stopped attackers from developing new vulnerabilities and exploits. In our research, we have investigated Software …
Secure Cloud-Based Iot Water Quality Gathering For Analysis And Visualization,
2022
Kennesaw State University
Secure Cloud-Based Iot Water Quality Gathering For Analysis And Visualization, Soin Abdoul Kassif Baba M Traore
Symposium of Student Scholars
Water quality refers to measurable water characteristics, including chemical, biological, physical, and radiological characteristics usually relative to human needs. Dumping waste and untreated sewage are the reasons for water pollution and several diseases to the living hood. The quality of water can also have a significant impact on animals and plant ecosystems. Therefore, keeping track of water quality is a substantial national interest. Much research has been done for measuring water quality using sensors to prevent water pollution. In summary, those systems are built based on online and reagent-free water monitoring SCADA systems in wired networks. However, centralized servers, transmission …
Addressing Human Error Through Effective Cyber Policy Design,
2022
University at Albany, State University of New York
Addressing Human Error Through Effective Cyber Policy Design, Katherine Amoresano
Emergency Preparedness, Homeland Security, and Cybersecurity
Human error is a significant contributing factor to the rise in Cybersecurity attacks regardless of increased technical control implemented to safeguard Information systems. Adversaries can circumvent technical safeguards due to human errors which result from inadequate enforceable policies and training on Cybersecurity for the everyday user. Several studies and articles show that the majority of successful attacks are human enabled, proving the need for human-centric cybersecurity research and practices. This exploratory work reviews the human aspect of Cybersecurity by investigating the cybersecurity policies at SUNY Albany and other SUNY institutions. We used a survey of students and faculty members at …
Detecting Selfish Mining Attacks Against A Blockchain Using Machine Learing,
2022
University of South Alabama
Detecting Selfish Mining Attacks Against A Blockchain Using Machine Learing, Matthew A. Peterson
Theses and Dissertations
Selfish mining is an attack against a blockchain where miners hide newly discovered blocks instead of publishing them to the rest of the network. Selfish mining has been a potential issue for blockchains since it was first discovered by Eyal and Sirer. It can be used by malicious miners to earn a disproportionate share of the mining rewards or in conjunction with other attacks to steal money from network users. Several of these attacks were launched in 2018, 2019, and 2020 with the attackers stealing as much as $18 Million. Developers made several different attempts to fix this issue, but …
A Cybersecurity Assessment Of Health Data Ecosystems,
2022
Boise State University
A Cybersecurity Assessment Of Health Data Ecosystems, Michelle N. Halsey
Cyber Operations and Resilience Program Graduate Projects
This paper is an exploratory study that investigates data collected and used by health plans and reviews the laws and regulations governing this data to identify the gaps in protections and provide recommendations for eliminating these gaps. Health insurance companies collect a wide array of data about the people they insure, data that is often only peripherally relevant to the service these companies provide. The data environment currently consists of seven categories of data: personal health information, summary health information, personally identifiable information, financial information, professional information, biometric information, and lifestyle data or social indicators of health. Much of this …
Secure Decentralized Blockchain Based Web Application For Medical Records,
2022
Kennesaw State University
Secure Decentralized Blockchain Based Web Application For Medical Records, Sri Harshini Popuri, Liang Zhao
Symposium of Student Scholars
The online storage and sharing of electronic health records has undergone a paradigm shift in recent years. The introduction of a centralized cloud computing concept to streamline records transfer between patients and healthcare providers has been an easy task. As a result, the availability of electronically stored health records with minimal operational costs is made possible, but the primary concern is related to the privacy and security of records. How can we securely exchange medical documents online while maintaining strong security standards? This research suggests a framework that fuses online federated learning with blockchain technology. In particular, we develop a …
Studies On The Development Of China’S Network And Information Security,
2022
School of Cryptography, University of Chinese Academy of Sciences, Beijing 100049, China
Studies On The Development Of China’S Network And Information Security, Jiwu Jing
Bulletin of Chinese Academy of Sciences (Chinese Version)
No abstract provided.
Accurately Grasp The New Features Of Cybersecurity Technology Development And Fully Promote The Modernization Of National Security System And Capabilities,
2022
Institute of Software, Chinese Academy of Sciences, Beijing 100190, China
Accurately Grasp The New Features Of Cybersecurity Technology Development And Fully Promote The Modernization Of National Security System And Capabilities, Dengguo Feng
Bulletin of Chinese Academy of Sciences (Chinese Version)
No abstract provided.
The Role Of It In Campus Sustainability Efforts: Model Sustainability In It Operations, Infrastructure, Cybersecurity, And Teaching And Learning,
2022
West Chester University of Pennsylvania
The Role Of It In Campus Sustainability Efforts: Model Sustainability In It Operations, Infrastructure, Cybersecurity, And Teaching And Learning, J. T. Singh, Kevin Partridge, Teresa Hudson, Pete Calvert
Sustainability Research & Practice Seminar Presentations
JT Singh (and colleagues), WCU Information Services and Technology - The Role of IT in Campus Sustainability Efforts
The Infosys Times, Vol. 7, No. 1,
2022
St. Cloud State University
The Infosys Times, Vol. 7, No. 1, Collen
The Infosys TIMES
- Cyber Security Awareness Week
- Anderson Trucking Field Visit
- The Values of Data Analytic Skills
- Information Systems Club: Meeting with CentraCare's IT Department
- Graduate Assistant for Digital Forensic Lab
- Data Analytics Certificates
- Study Abroad for 2 Weeks & Earn 6 Credits!
The Infosys Times, Vol.6, No.2,
2022
St. Cloud State University
The Infosys Times, Vol.6, No.2, Collen
The Infosys TIMES
- Teaching in the Challenging Times of Covid-19 Pandemic
- Farewell to Dr. Dien Phan
- Grants Received for Installing the Department's First Digital Forensic Lab
- Meet the New Faculty
- Stringline Video Shoot
- Cyber Security Awareness Week
- Today's Technology Opportunities for Women Leaders
- Excellence in Leadership Award Recipients
- Alumni Updates
- InfoSys Diaries
- $9,332 Research Fund received from Jazan University, Saudi Arabia
- The National Society of Leadership and Success Experience
Emerging Trends In Cybercrime Awareness In Nigeria,
2022
Michael Okpara University of Agriculture
Emerging Trends In Cybercrime Awareness In Nigeria, Ogochukwu Favour Nzeakor, Bonaventure N. Nwokeoma, Ibrahim Hassan, Benjamin Okorie Ajah, John T. Okpa
International Journal of Cybersecurity Intelligence & Cybercrime
The study examined the current trend in cybercrime awareness and the relationship such trend has with cybercrime vulnerability or victimization. Selecting a sample of 1104 Internet users from Umuahia, Abia State, Nigeria, We found that: 1) awareness of information security was high in that about 2 in every 3 (68%) participants demonstrated a favorable awareness of information security and cybercrime. It was, however, revealed that such a high level of awareness could be partial and weak. 2) most Internet users demonstrated the awareness of fraud-related cybercrime categories (39%), e-theft (15%), hacking (12%), and ATM theft (10%). However, they were rarely …
Understanding Deviance And Victimization In Cyber Space Among Diverse Populations,
2022
Bridgewater State University
Understanding Deviance And Victimization In Cyber Space Among Diverse Populations, Insun Park
International Journal of Cybersecurity Intelligence & Cybercrime
Recent years have witnessed a growing academic interest in deviance and victimization in the cyber space. The current issue of the International Journal of Cybersecurity Intelligence and Cybercrime features three empirical research articles on online behavior of traditionally under-researched populations and a review of much waited book on digital forensics and investigation. This paper was prepared to introduce these important scholarly works in the context of newly emerging scholarship that focuses on the experiences of diverse subgroups in cyberspace.
Aggressive Reality Docuseries And Cyberbullying: A Partial Test Of Glaser’S Differential Identification Theory,
2022
North Carolina Central University
Aggressive Reality Docuseries And Cyberbullying: A Partial Test Of Glaser’S Differential Identification Theory, J. Ra’Chel Fowler, Darren R. Beneby, Kenethia L. Fuller
International Journal of Cybersecurity Intelligence & Cybercrime
Reality docuseries have dominated primetime airwaves for the greater part of three decades. However, little is known about how viewers who are enamored with the genre’s most aggressive characters are influenced. Using Glaser’s (1956) theory of differential identification, this study employs survey data from 210 college students at a historically Black college and university to explore whether identification with characters from aggressive reality docuseries (ARDs) and the frequency of viewing ARD are positively associated with cyberbullying. Results of multivariate analyses revealed that men were more likely than women to publicly shame others and air other’s dirty laundry online. Additionally, the …
Book Review: Digital Forensics And Cyber Investigation,
2022
Bridgewater State University
Book Review: Digital Forensics And Cyber Investigation
International Journal of Cybersecurity Intelligence & Cybercrime
No abstract provided.
Vulcurator: A Vulnerability-Fixing Commit Detector,
2022
Singapore Management University
Vulcurator: A Vulnerability-Fixing Commit Detector, Truong Giang Nguyen, Cong Thanh Le, Hong Jin Kang, Xuan-Bach D. Le, David Lo
Research Collection School Of Computing and Information Systems
Open-source software (OSS) vulnerability management process is important nowadays, as the number of discovered OSS vulnerabilities is increasing over time. Monitoring vulnerability-fixing commits is a part of the standard process to prevent vulnerability exploitation. Manually detecting vulnerability-fixing commits is, however, time-consuming due to the possibly large number of commits to review. Recently, many techniques have been proposed to automatically detect vulnerability-fixing commits using machine learning. These solutions either: (1) did not use deep learning, or (2) use deep learning on only limited sources of information. This paper proposes VulCurator, a tool that leverages deep learning on richer sources of information, …