Asking the wrong questions when building and deploying systems results in systems that cannot be sufficiently protected against the threats they face.

Recalling malware milestones.

The number and sophistication of cyberattacks continues to increase, but no national policy is in place to confront them. Critical systems need to be built on secure foundations, rather than the cheapest general-purpose platform. A program that combines education in cyber security, increasing resources for law enforcement, development of reliable systems for critical applications, and expanding research support in multiple areas of security and reliability is essential to combat risks that are far beyond the nuisances of spam email and viruses, and involve widespread espionage, theft, and attacks on essential services.

There is considerable research being conducted on insider threats is directed to developing new technologies. At the same time, ex- isting technology is not being fully utilized because of non-technological issues that pertain to economics and the human dimension. Issues re- lated to how insiders actually behave are critical to ensuring that the best technologies are meeting their intended purpose. In our research, we have investigated accepted models of perceptions of risk and charac- teristics unique to insider threat, and we have introduced ordinal scales to these models to measure insider perceptions of risk. We have also in- vestigated decision theories, leading to a conclusion that Prospect The- ory, developed by Tversky and Kahneman, may be used to describe the risk-taking behavior of insiders and can be accommodated in our model. We discuss the results of validating that model with thirty-five senior information security executives from a variety of organizations. We also discuss how the model may be used to identify characteristics of insid- ers’ perceptions of risk and benefit, their risk-taking behavior and how to frame insider decisions.

This paper argues the need for providing a covert back-channel communication mechanism in authentication protocols, discusses various practical uses for such a channel, and desirable features for its design and deployment. Such a mechanism would leverage the current authentication channel to carry out the covert communication rather than introducing a separate one. The communication would need to be oblivious to an adversary observing it, possibly as a man-in-the-middle. We discuss the properties that such channels would need to have for the various scenarios in which they would be used. Also, we show their potential for mitigating the effects of a number of security breaches currently occurring in these scenarios.

Process Coloring is an information-preserving, provenance-aware software system for computer malware detection and investigation. By tainting each application process with a distinct color and propagating the color to other processes or system objects along with system call operations, Process Coloring preserves the “provenance” of malware attacks (namely, “Through which process did a malware program infiltrate the system?”). Process Coloring enables three useful malware defense capabilities: (1) color-based malware detection, (2) color-based malware break-in point identification, and (3) color-based log partitioning. Implemented on top of a virtualization platform, Process Coloring achieves strong tamper-resistance as the logs generated by the protected (virtual) machine are stored and processed outside the machine under attack. Finally, Process Coloring can be integrated with techniques that track information flows inside a program. The resultant integrated system achieves better malware detection accuracy by eliminating false positive alerts, especially for client-side environments. This report gives an overview of the Process Coloring project and presents the design, implementation, and evaluation highlights in the research effort.

Multitenancy and virtualization features of cloud computing enhance resource utilization and lower the cloud provider total cost of hosting customers data for big data applications. However, the cloud computing has many security challenges that are exacerbated by virtual resource sharing. In particular, sharing of resources among potentially untrusted tenants can result in an increased risk of information leakage due to vulnerability of virtual resources causing side channel attacks or VM escape. For the big data applications, an access control policy such as RBAC can be used to control the data sharing among cloud customers. However, an unintelligent cloud resources management mechanism can significantly increase the risk of data leakage among roles. The goal of this paper is to develop efficient risk-aware virtual resource assignment mechanisms for Cloud’s multitenant environment. The objective is to minimize of risk of information leakage due to Cloud virtual resources vulnerability. Such an assignment problem is shown to be NP-Complete. We present several scheduling heuristics including a scalable solution and compare their relative performance.

While online social networking sites have brought convenience and diversity in people’s social lives, they have also been the source for information leakage. Researchers have been looking for ways to balance user privacy protection and information disclosure. However, literature suggested that many users either failed to perceive privacy risks correctly or they failed to behave in accordance with privacy awareness even they have already perceived potential risks.  This thesis conducted a survey to measure social network users’ privacy attitude, privacy perception and their actual behavior when using social networking sites. The survey targeted at three populations of different cultural contexts: U.S. college students, Chinese students in the U.S. and Chinese students in China. It also targeted at 6 populate sites – Facebook, Twitter. WhatsApp, RenRen, Weibo and WeChat. Based on the survey results, this thesis conducted a cross-cultural and cross-site study to explore the relationships of social network users’ privacy attitudes, privacy perceptions and various user behaviors. It also studied whether cultural contexts and the differences of sites had an impact on privacy attitude, perception and behavior.

The American Engineers’ Council for Professional Development, the precursor institution of the Accreditation Board for Engineering and Technology (ABET), defined engineering as the “creative application of scientific principles to design or develop structures, machines, apparatus, or manufacturing processes, or works utilizing them singly or in combination; or to construct or operate the same with full cognizance of their design; or to forecast their behavior under specific operating conditions; all as respects an intended function, economics of operation or safety to life and property.”1 In light of this definition, engineers must have a working familiarity beyond the scope of their technical work. They must be able to identify and understand the social environments and its interactions in order to develop solutions to global engineering challenges. Chapter 3 endeavors to provide a necessary social and global framework for the more detailed examination of specific energy topics undertaken in later chapters. The chapter describes systems within the social environment; introduces theories, concepts, and ideas to help students understand the social context and engineering’s place within it; and addresses the necessity for social engagement among engineers. The chapter also provides two energy themed case studies as examples of how the social environment affects engineering practice. Case Study 1 is designed to complement chapters 4 and 7 and Case Study 2 is designed to demonstrate how political, social, and economic forces may emerge in the energy sector.

There is an increased need to teach public policy issues in the engineering curriculum. The purpose of this paper is to present an example of a way in which a policy discussion can be integrated into an engineering classroom. The paper will discuss a case study approach envisioned as a module. The module outlined in this paper considers four major social goals (i.e., equity, efficiency, security and liberty) prevalent in the policy world and the implications of their pursuit on energy policy. The interplay of the social goals and energy policy is illustrated using the career of Samuel Insull who was a founding member of General Electric and who is credited with creating integrated power grids in the United States. The module is intended to help engineering students understand the policy context of this major technical achievement in the energy sector and its implications for the current and future energy industry. This particular module uses a case study to achieve this goal. The paper discusses the process of creating and teaching this kind of topic. Specifically, the authors will use this module as an example to discuss choosing a topic, providing a framework for your students, choosing the appropriate scope, and selecting an appropriate case study to illustrate the topic and service the outcomes. Additionally, the authors will discuss more specific concerns such as responding to your students and how to connect the case study to current events. In order to provide a clear example, the authors go into great detail about the topic covered and the case study used in this module. This has the additional benefit of providing instructors interested in social goals and energy with content they can use in their own classrooms.

Policy education has been deemed an important component in engineering and technology education. Several approaches can be taken to ensure that engineering students receive some education in policy. These approaches may range from a brief introduction to a comprehensive program integrating engineering and public policy; the goal of all these curricular interventions being to introduce the concept of public policy and promote an understanding of how policy and engineering are interrelated. This paper outlines various methods that may be employed to integrate policy into engineering and technology curricula. This paper takes a case study approach, describing some of the options and discussing the advantages and disadvantages of the various options. These case studies include modules, courses, a certificate program and a study abroad experience.

The purpose of this paper was to extend the work of Chong, Depew, Ngambeki, and Dark “Teaching social topics in engineering: The case of energy policy and social goals,” that discussed a process to create, integrate, and teach public policy topics in an engineering and technology curriculum. The aim of this paper was to explore a perspective by introducing public policy using a case study approach to undergraduate engineering technology students in the engineering economics course in the College of Technology at Purdue University. The course was an introduction to the time value of money and how it relates to capital investments, equipment replacement, production cost, and various engineering technology alternatives. The substantive contribution of this paper will address the following questions: 1) did the students understand and identify the policy context, 2) how effective was the use of case studies to introduce the students to policy, and 3) areas of improvement to enhance efficacy of the case studies to introduce students to policy?

The proliferation of cloud computing resources in recent years offers a way for mobile devices with limited resources to achieve computationally intensive tasks in real-time. The mobile-cloud computing paradigm, which involves collaboration of mobile and cloud resources in such tasks, is expected to become increasingly popular in mobile application development. While mobile-cloud computing is promising to overcome the computational limitations of mobile devices, the lack of frameworks compatible with standard technologies makes it harder to adopt dynamic mobile- cloud computing at large. In this dissertation, we present a dynamic code offloading framework for mobile-cloud computing, based on autonomous agents. Our approach does not impose any requirements on the cloud platform other than providing isolated execution containers, and it alleviates the management burden of offloaded code by the mobile platform using autonomous agent-based application partitions. We also investigate the effects of different runtime environment conditions on the performance of mobile-cloud computing, and present a simple and low-overhead dynamic makespan estimation model for computation offloaded to the cloud that can be integrated into mobile agents to enhance them with self-performance evaluation capability. Offloading mobile computation to the cloud entails security risks associated with handing sensitive data and code over to an untrusted platform. Security frameworks for mobile-cloud computing are not very numerous and most of them focus only on privacy, and ignore the very important aspect of integrity. Perfect security is hard to achieve in real-time mobile-cloud computing due to the extra computational overhead introduced by complex security mechanisms. In this dissertation, we propose a dynamic tamper-resistance approach for protecting mobile computation offloaded to the cloud, by augmenting mobile agents with self-protection capability. The tamper- resistance framework achieves very low execution time overhead and is capable of detecting both load-time and runtime modications to agent code. Lastly, we propose novel applications of mobile-cloud computing for helping context- aware navigation by visually-impaired people. Specifically, we present the results of a feasibility study for using real-time mobile-cloud computing for the task of guiding blind users at pedestrian crossings with no accessible pedestrian signal.

Derived from the field of art curation, digital provenance is an unforgeable record of a digital object’s chain of successive custody and sequence of operations performed on the object. It plays an important role in accessing the trustworthiness of the object, verifying its reliability and conducting audit trails of its lineage. Digital provenance forms an immutable directed acyclic graph (DAG) structure. Since history of an object cannot be changed, once a provenance chain has been created it must be protected in order to guarantee its reliability. Provenance can face attacks against the integrity of records and the confidentiality of user information, making security an important trait required for digital provenance. The digital object and its associated provenance can have different security requirements, and this makes the security of provenance different from that of traditional data.

Research on digital provenance has primarily focused on provenance generation, storage and management frameworks in different fields. Security of digital provenance has also gained attention in recent years, particularly as more and more data is migrated in cloud environments which are distributed and are not under the complete control of data owners. However, there still lacks a viable secure digital provenance scheme which can provide comprehensive security for digital provenance, particularly for generic and dynamic ones. In this work, we address two important aspects of secure digital provenance that have not been investigated thoroughly in existing works: 1) capturing the DAG structure of provenance and 2) supporting dynamic information sharing. We propose a scheme that uses signature-based mutual agreements between successive users to clearly delineate the transition of responsibility of the digital object as it is passed along the chain of users. In addition to preserving the properties of confidentiality, immutability and availability for a digital provenance chain, it supports the representation of DAG structures of provenance. Our scheme supports dynamic information sharing scenarios where the sequence of users who have custody of the document is not predetermined. Security analysis and empirical results indicate that our scheme improves the security of the typical secure provenance schemes with comparable performance.

The following paper looks at past cyber attacks on the United States financial industry for analysis on attack patterns by individuals, groups, and nationstates to determine if the industry really is under attack. The paper first defines the terms used, then explains the theory and paradigm of cyber attacks on the U.S. financial industry. Following is a graphical and detailed timeline of known cyber attacks on the U.S. financial industry reaching from 1970 through 2014. Four attack cases are chosen to be researched in summary and four attack cases are chosen to be researched in depth. These cases include: Kalinin & Nasenkov, Mt. Gox, Stock Market Manipulation Scheme, Project Blitzkrieg, Union Dime Savings Bank Embezzlement, National Bank of Chicago Wire Heist, and an attempted Citibank Heist. An analysis then explores attack origination from individuals, groups, and/or nation states as well as type of attacks and any patterns seen. After gathering attacks and creation of a timeline, a taxonomy of attacks is then created from the analysis of attack data. AStrenghts, Weakness, Opportunities, and Threats (S.W.O.T.) analysis is then applied to the case study Heartland Payment Systems.