Privacy-Preserving Bloom Filter-Based Keyword Search Over Large Encrypted Cloud Data, 2023 Singapore Management University
Privacy-Preserving Bloom Filter-Based Keyword Search Over Large Encrypted Cloud Data, Yanrong Liang, Jianfeng Ma, Yinbin Miao, Da Kuang, Xiangdong Meng, Robert H. Deng
Research Collection School Of Computing and Information Systems
To achieve the search over encrypted data in cloud server, Searchable Encryption (SE) has attracted extensive attention from both academic and industrial fields. The existing Bloom filter-based SE schemes can achieve similarity search, but will generally incur high false positive rates, and even leak the privacy of values in Bloom filters (BF). To solve the above problems, we first propose a basic Privacy-preserving Bloom filter-based Keyword Search scheme using the Circular Shift and Coalesce-Bloom Filter (CSC-BF) and Symmetric-key Hidden Vector Encryption (SHVE) technology (namely PBKS), which can achieve effective search while protecting the values in BFs. Then, we design a …
Ppdf: A Privacy-Preserving Cloud-Based Data Distribution System With Filtering, 2023 Singapore Management University
Ppdf: A Privacy-Preserving Cloud-Based Data Distribution System With Filtering, Yudi Zhang, Willy Susilo, Fuchun Guo, Guomin Yang
Research Collection School Of Computing and Information Systems
Cloud computing has emerged as a popular choice for distributing data among both individuals and companies. Ciphertext-policy attribute-based encryption (CP-ABE) has been extensively used to provide data security and enable fine-grained access control. With this encryption technique, only users whose attributes satisfy the access policy can access the plaintext. In order to mitigate the computational overhead on users, particularly on lightweight devices, partial decryption has been introduced, where the cloud assists in performing the decryption computations without revealing sensitive information. However, in this process, the cloud obtains the user's attributes, thus infringing on the user's privacy. To address this issue, …
Cyberattacks And Security Of Cloud Computing: A Complete Guideline, 2023 Edith Cowan University
Cyberattacks And Security Of Cloud Computing: A Complete Guideline, Muhammad Dawood, Shanshan Tu, Chuangbai Xiao, Hisham Alasmary, Muhammad Waqas, Sadaqat Ur Rehman
Research outputs 2022 to 2026
Cloud computing is an innovative technique that offers shared resources for stock cache and server management. Cloud computing saves time and monitoring costs for any organization and turns technological solutions for large-scale systems into server-to-service frameworks. However, just like any other technology, cloud computing opens up many forms of security threats and problems. In this work, we focus on discussing different cloud models and cloud services, respectively. Next, we discuss the security trends in the cloud models. Taking these security trends into account, we move to security problems, including data breaches, data confidentiality, data access controllability, authentication, inadequate diligence, phishing, …
Krover: A Symbolic Execution Engine For Dynamic Kernel Analysis, 2023 Singapore Management University
Krover: A Symbolic Execution Engine For Dynamic Kernel Analysis, Pansilu Madhura Bhashana Pitigalaarachchi Pitigala Arachchillage, Xuhua Ding, Haiqing Qiu, Haoxin Tu, Jiaqi Hong, Lingxiao Jiang
Research Collection School Of Computing and Information Systems
We present KRover, a novel kernel symbolic execution engine catered for dynamic kernel analysis such as vulnerability analysis and exploit generation. Different from existing symbolic execution engines, KRover operates directly upon a live kernel thread's virtual memory and weaves symbolic execution into the target's native executions. KRover is compact as it neither lifts the target binary to an intermediary representation nor uses QEMU or dynamic binary translation. Benchmarked against S2E, our performance experiments show that KRover is up to 50 times faster but with one tenth to one quarter of S2E memory cost. As shown in our four case studies, …
A Smart Chatbot System For Digitizing Service Management To Improve Business Continuity, 2023 United Arab Emirates University
A Smart Chatbot System For Digitizing Service Management To Improve Business Continuity, Asraa Mohammed Albeshr
Theses
Chatbots, also called digital systems that require a natural language-based interface for user interaction, are increasingly being integrated into our daily lives. These chatbots respond intelligently to voice and text and function as sophisticated entities. Its functioning includes the recognition of multiple human languages through the application of Natural Language Processing (NLP) techniques. These chatbots find applications in various areas such as e-commerce services, medical assistance, recommendation systems, and educational purposes. This reflects the versatility and widespread adoption of this technology. AI chatbots play a crucial role in improving IT support in IT Service Management (ITSM) for better business continuity. …
Link Tank, 2023 DePaul University
Link Tank
DePaul Magazine
A new JD certificate program in information technology, cybersecurity and data privacy provides DePaul University students with proficiency in both law and tech.
A Developed Framework For Studying Cyberethical Behaviour In North Central Nigeria, 2023 University of Ilorin, Nigeria
A Developed Framework For Studying Cyberethical Behaviour In North Central Nigeria, Aderinola Ololade Dunmade, Adeyinka Tella, Uloma Doris Onuoha
Journal of Cybersecurity Education, Research and Practice
ICT advancements have enabled more online activities, resulting in several cyberethical behaviours. Literature documents prevalence of plagiarism, and online fraud, among other misbehaviours. While behaviour has been explained by several theories, as scholarship and research advances, frameworks are modified to include more constructs. The researchers modified Fishbein and Ajzen (2011)'s Reasoned Action Approach to study female postgraduate students' perspectives toward cyberethical behaviour in North Central Nigerian universities.
The study focused on four variables, which were adequately captured by the model: perception, awareness, and attitude.
An adapted questionnaire collected quantitative data. This study used multistage sampling. A sample size of 989 …
Executive Order On The Safe, Secure, And Trustworthy Development And Use Of Artificial Intelligence, 2023 United States Office of the President
Executive Order On The Safe, Secure, And Trustworthy Development And Use Of Artificial Intelligence, Joseph R. Biden
Copyright, Fair Use, Scholarly Communication, etc.
Section 1. Purpose. Artificial intelligence (AI) holds extraordinary potential for both promise and peril. Responsible AI use has the potential to help solve urgent challenges while making our world more prosperous, productive, innovative, and secure. At the same time, irresponsible use could exacerbate societal harms such as fraud, discrimination, bias, and disinformation; displace and disempower workers; stifle competition; and pose risks to national security. Harnessing AI for good and realizing its myriad benefits requires mitigating its substantial risks. This endeavor demands a society-wide effort that includes government, the private sector, academia, and civil society.
My Administration places the highest urgency …
Leveraging Vr/Ar/Mr/Xr Technologies To Improve Cybersecurity Education, Training, And Operations, 2023 University of Arizona
Leveraging Vr/Ar/Mr/Xr Technologies To Improve Cybersecurity Education, Training, And Operations, Paul Wagner, Dalal Alharthi
Journal of Cybersecurity Education, Research and Practice
The United States faces persistent threats conducting malicious cyber campaigns that threaten critical infrastructure, companies and their intellectual property, and the privacy of its citizens. Additionally, there are millions of unfilled cybersecurity positions, and the cybersecurity skills gap continues to widen. Most companies believe that this problem has not improved and nearly 44% believe it has gotten worse over the past 10 years. Threat actors are continuing to evolve their tactics, techniques, and procedures for conducting attacks on public and private targets. Education institutions and companies must adopt emerging technologies to develop security professionals and to increase cybersecurity awareness holistically. …
Integrating Nist And Iso Cybersecurity Audit And Risk Assessment Frameworks Into Cameroonian Law, 2023 University of the Free State
Integrating Nist And Iso Cybersecurity Audit And Risk Assessment Frameworks Into Cameroonian Law, Bernard Ngalim
Journal of Cybersecurity Education, Research and Practice
This paper reviews cybersecurity laws and regulations in Cameroon, focusing on cybersecurity and information security audits and risk assessments. The importance of cybersecurity risk assessment and the implementation of security controls to cure deficiencies noted during risk assessments or audits is a critical step in developing cybersecurity resilience. Cameroon's cybersecurity legal framework provides for audits but does not explicitly enumerate controls. Consequently, integrating relevant controls from the NIST frameworks and ISO Standards can improve the cybersecurity posture in Cameroon while waiting for a comprehensive revision of the legal framework. NIST and ISO are internationally recognized as best practices in information …
Infrastructure As Code For Cybersecurity Training, 2023 Faculty of Engineering of the University of Porto
Infrastructure As Code For Cybersecurity Training, Rui Pinto, Rolando Martins, Carlos Novo
Journal of Cybersecurity Education, Research and Practice
An organization's infrastructure rests upon the premise that cybersecurity professionals have specific knowledge in administrating and protecting it against outside threats. Without this expertise, sensitive information could be leaked to malicious actors and cause damage to critical systems. These attacks tend to become increasingly specialized, meaning cybersecurity professionals must ensure proficiency in specific areas. Naturally, recommendations include creating advanced practical training scenarios considering realistic situations to help trainees gain detailed knowledge. However, the caveats of high-cost infrastructure and difficulties in the deployment process of this kind of system, primarily due to the manual process of pre-configuring software needed for the …
Building The Operational Technology (Ot) Cybersecurity Workforce: What Are Employers Looking For?, 2023 West Virginia University
Building The Operational Technology (Ot) Cybersecurity Workforce: What Are Employers Looking For?, Christopher A. Ramezan, Paul M. Coffy, Jared Lemons
Journal of Cybersecurity Education, Research and Practice
A trained workforce is needed to protect operational technology (OT) and industrial control systems (ICS) within national critical infrastructure and critical industries. However, what knowledge, skills, and credentials are employers looking for in OT cybersecurity professionals? To best train the next generation of OT cybersecurity professionals, an understanding of current OT cybersecurity position requirements is needed. Thus, this work analyzes 100 OT cybersecurity positions to provide insights on key prerequisite requirements such as prior professional experience, education, industry certifications, security clearances, programming expertise, soft verbal and written communication skills, knowledge of OT frameworks, standards, and network communication protocols, and position …
Leading K-12 Community Responsiveness To Cyber Threats Via Education Of School Community, 2023 James Madison University
Leading K-12 Community Responsiveness To Cyber Threats Via Education Of School Community, Michele Kielty, A. Renee Staton
Journal of Cybersecurity Education, Research and Practice
Cyber threats have escalated in recent years. Many of these threats have been direct and vicious attacks on K-12 systems. Educators are rarely trained on how to address cyber threats from a systemic and educational perspective when such challenges arise in their school buildings. This article explains the cyber threats that are looming large for K-12 systems and provides concrete tools for school leaders to employ in order to provide preventive education to their school communities.
An Interdisciplinary Approach To Experiential Learning In Cyberbiosecurity And Agriculture Through Workforce Development, 2023 Virginia Polytechnic Institute and State University
An Interdisciplinary Approach To Experiential Learning In Cyberbiosecurity And Agriculture Through Workforce Development, Kellie Johnson, Tiffany Drape, Joseph Oakes, Joseph Simpson, Ann Brown, Donna M. Westfall-Rudd, Susan Duncan
Journal of Cybersecurity Education, Research and Practice
Cyberbiosecurity and workforce development in agriculture and the life sciences (ALS) is a growing area of need in the curriculum in higher education. Students that pursue majors related to ALS often do not include training in cyber-related concepts or expose the ‘hidden curriculum’ of seeking internships and jobs. Exposing students through workforce development training and hands-on engagement with industry professionals can provide learning opportunities to bridge the two and is an area of growth and demand as the workforce evolves. The objectives of this work were 1) to learn key concepts in cybersecurity, including data security, visualization, and analysis, to …
What You See Is Not What You Know: Studying Deception In Deepfake Video Manipulation, 2023 Kennesaw State University
What You See Is Not What You Know: Studying Deception In Deepfake Video Manipulation, Cathryn Allen, Bryson R. Payne, Tamirat Abegaz, Chuck Robertson
Journal of Cybersecurity Education, Research and Practice
Research indicates that deceitful videos tend to spread rapidly online and influence people’s opinions and ideas. Because of this, video misinformation via deepfake video manipulation poses a significant online threat. This study aims to discover what factors can influence viewers’ capability to distinguish deepfake videos from genuine video footage. This work focuses on exploring deepfake videos’ potential use for deception and misinformation by exploring people’s ability to determine whether videos are deepfakes in a survey consisting of deepfake videos and original unedited videos. The participants viewed a set of four videos and were asked to judge whether the videos shown …
Integrating Certifications Into The Cybersecurity College Curriculum: The Efficacy Of Education With Certifications To Increase The Cybersecurity Workforce, 2023 Georgia Gwinnett College
Integrating Certifications Into The Cybersecurity College Curriculum: The Efficacy Of Education With Certifications To Increase The Cybersecurity Workforce, Binh Tran, Karen C. Benson, Lorraine Jonassen
Journal of Cybersecurity Education, Research and Practice
One only needs to listen to the news reports to recognize that the gap between securing the enterprise and cybersecurity threats, breaches, and vulnerabilities appears to be widening at an alarming rate. An un-tapped resource to combat these attacks lies in the students of the secondary educational system. Necessary in the cybersecurity education is a 3-tiered approach to quickly escalate the student into a workplace-ready graduate. The analogy used is a three-legged-stool, where curriculum content, hands-on skills, and certifications are equal instruments in the edification of the cybersecurity student. This paper endeavors to delve into the 3rd leg of …
Editorial, 2023 Kennesaw State University
Editorial, Michael E. Whitman, Herbert J. Mattord
Journal of Cybersecurity Education, Research and Practice
Editorial for Volume 2023, Issue 2
A Mixed-Method Study Exploring Cyber Ranges And Educator Motivation, 2023 Regent University
A Mixed-Method Study Exploring Cyber Ranges And Educator Motivation, Cheryl Beauchamp, Holly M. Matusovich
Journal of Cybersecurity Education, Research and Practice
A growing number of academic institutions have invested resources to integrate cyber ranges for applying and developing cybersecurity-related knowledge and skills. Cyber range developers and administrators provided much of what is known about cyber range resources and possible educational applications; however, the educator provides valuable understanding of the cyber range resources they use, how they use them, what they value, and what they do not value. This study provides the cyber range user perspective of cyber ranges in cybersecurity education by describing how K-12 educators are motivated using cyber ranges. Using mixed methods, this study explored educator motivation associated with …
Privacy Harm And Non-Compliance From A Legal Perspective, 2023 Dakota State University
Privacy Harm And Non-Compliance From A Legal Perspective, Suvineetha Herath, Haywood Gelman, Lisa Mckee
Journal of Cybersecurity Education, Research and Practice
In today's data-sharing paradigm, personal data has become a valuable resource that intensifies the risk of unauthorized access and data breach. Increased data mining techniques used to analyze big data have posed significant risks to data security and privacy. Consequently, data breaches are a significant threat to individual privacy. Privacy is a multifaceted concept covering many areas, including the right to access, erasure, and rectify personal data. This paper explores the legal aspects of privacy harm and how they transform into legal action. Privacy harm is the negative impact to an individual as a result of the unauthorized release, gathering, …
Exploring Network Security Educator Knowledge, 2023 University of Houston
Exploring Network Security Educator Knowledge, Jennifer B. Chauvot, Deniz Gurkan, Cathy Horn
Journal of Cybersecurity Education, Research and Practice
It is critical for nations to have trained professionals in network security who can safeguard hardware, information systems, and electronic data. Network security education is a key knowledge unit of the National Centers of Academic Excellence in Cybersecurity and various information systems security curricula at the master's and bachelor's levels in higher education. Network security units are components of computer science curricula in high school contexts as well. Educators who teach these concepts play a significant role in developing a skilled workforce of network security experts for both governmental and non-governmental organizations. Understanding the necessary knowledge and skills of network …