Proceedings of the 2015 Information Security Curriculum Development Conference最新文献

筛选
英文 中文
Ongoing threats to information protection 对信息保护的持续威胁
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2885994
M. Whitman, H. Mattord
{"title":"Ongoing threats to information protection","authors":"M. Whitman, H. Mattord","doi":"10.1145/2885990.2885994","DOIUrl":"https://doi.org/10.1145/2885990.2885994","url":null,"abstract":"The threat landscape facing the use of information systems is constantly changing. This short summary of a recent survey of the threats to information protection provides a concise summary of the perceptions of number of current practitioners and how the organizations with which they are associated perceive this evolving threat environment.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125858785","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Disaster recovery planning 灾难恢复计划
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2886006
J. Vuong
{"title":"Disaster recovery planning","authors":"J. Vuong","doi":"10.1145/2885990.2886006","DOIUrl":"https://doi.org/10.1145/2885990.2886006","url":null,"abstract":"In this paper, the importance of formulating a proper disaster recovery plan is discussed. The disaster recovery plan is part of the contingency plans that organizations create to prepare for adverse events that could affect the productivity or daily operations of the work place. To create a disaster recovery plan, an organization must have an understanding of the use of the plan, the creation process, and the types of possible adverse events.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"156 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133006314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 24
Penetration testing in a box 在一个盒子里进行渗透测试
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2885996
L. Epling, Brandon Hinkel, Yim-Fun Hu
{"title":"Penetration testing in a box","authors":"L. Epling, Brandon Hinkel, Yim-Fun Hu","doi":"10.1145/2885990.2885996","DOIUrl":"https://doi.org/10.1145/2885990.2885996","url":null,"abstract":"Network and application vulnerability assessments have a tendency to be difficult and costly; however, failing to have an assessment done and fixing security loopholes may result in a security breach by malicious attackers. A security breach can cost an organization time and money remediating the damage, such as lost confidential business information, which far exceeds the cost of a security assessment. Our solution for this problem is a semi-automated system that can help a penetration tester, security professional, or systems administrator, scan and report on the vulnerabilities of a network and services running on the network. It is also able to perform some simulated attacks. This system relies on a miniaturized computer to host the necessary components to conduct a security assessment. This system has been done in an open source manner to allow others to contribute and benefit from a community effort in the name of security.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127719722","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Integrate mobile devices into CS security education 将移动设备融入CS安全教育
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2885991
H. Chi
{"title":"Integrate mobile devices into CS security education","authors":"H. Chi","doi":"10.1145/2885990.2885991","DOIUrl":"https://doi.org/10.1145/2885990.2885991","url":null,"abstract":"Mobile computing, popularized for social media, has emerged as a delivery vehicle of choice for commercial, medical and military applications. The ubiquity of wireless and satellite communication and the rapid evolution of powerful devices that exploit this infrastructure have pushed mobile application development, in many instances, ahead of the capabilities to ensure the secure and safe utilization of these applications. The gap between capabilities and the ability to safeguard information assets must not be ignored, given the documented rise in the number and sophistication of threats and the broadening vulnerabilities of mobile applications and systems worldwide. We are focusing on how to integrate mobile apps/devices into our cyber security courses. In addition, case studies and hands-on labs are discussed in our practice","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128447618","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
From student research to intrusion detection 从学生研究到入侵检测
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2885995
N. Paul Schembari
{"title":"From student research to intrusion detection","authors":"N. Paul Schembari","doi":"10.1145/2885990.2885995","DOIUrl":"https://doi.org/10.1145/2885990.2885995","url":null,"abstract":"We describe a multi-year project that began as mostly undergraduate student research in data mining applied to computer forensics and has now grown into a prototype for an intrusion detection system. The IDS assumes we have delimited data that can be separated into records such as IP packets, system calls, etc. The data mining approach uses the Bag of Words methodology where we form a matrix model of the data, and then cluster the records using k-means clustering and sparse nonnegative matrix factorization. With no training, these clusters are evaluated to determine if they represent normal system actions or attack vectors. This prototype system has accuracy levels similar to systems that use supervised learning on a specific set of data. We discuss future plans to make improvements with continued student investigation. Overall, we found this to be a great partnership between faculty and student research.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128649978","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Creation of a bootable Kali Linux USB drive with persistent storage 创建具有持久存储的可引导Kali Linux USB驱动器
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2885997
Ryan Wilson
{"title":"Creation of a bootable Kali Linux USB drive with persistent storage","authors":"Ryan Wilson","doi":"10.1145/2885990.2885997","DOIUrl":"https://doi.org/10.1145/2885990.2885997","url":null,"abstract":"Information Security training requires hands-on experimentation to develop skills and apply classroom instruction. The ideal environment is available to students in class and at home and should provide resources from which the students can further their learning independently. This paper describes an approach to building a bootable USB flash drive based on Kali Linux that contains a persistent storage partition containing additional resources for student learning. Students are then able to use the same environment for completing in class labs and at home learning and experimentation.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115364990","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Undergraduate student perceptions of personal social media risk 大学生对个人社交媒体风险的认知
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2885998
Julio C. Rivera, P. Gangi, Allen C. Johnston, James L. Worrell
{"title":"Undergraduate student perceptions of personal social media risk","authors":"Julio C. Rivera, P. Gangi, Allen C. Johnston, James L. Worrell","doi":"10.1145/2885990.2885998","DOIUrl":"https://doi.org/10.1145/2885990.2885998","url":null,"abstract":"This paper describes a study designed to collect student perceptions of the personal risks incurred when using social media. The study used the Delphi method to rank the social media risks perceived by students. The students' rankings were compared to the personal risks identified and ranked by a group of Library and Information Science professionals. Although there is some agreement between the rankings from the two groups, there are also considerable differences. The paper suggests that educating students about the actual risks they face in using social media is important, and should include all students. For students specializing in information security, it suggests that additional emphasis should be placed on learning about human behavior and social engineering.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"124 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124886923","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
A course module on web tracking and privacy 关于网络跟踪和隐私的课程模块
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2886000
L. Simpkins, Xiaohong Yuan, Jwalit Modi, J. Zhan, Li Yang
{"title":"A course module on web tracking and privacy","authors":"L. Simpkins, Xiaohong Yuan, Jwalit Modi, J. Zhan, Li Yang","doi":"10.1145/2885990.2886000","DOIUrl":"https://doi.org/10.1145/2885990.2886000","url":null,"abstract":"Companies track users' online behavior for profit, using technologies such as browser cookies, flash cookies, AdID, and web beacons. This data is typically anonymous, but there are still privacy concerns. Users also may not know they are being tracked in this manner. There are regulations in the US and legislation in the EU pertaining to online behavioral tracking, and several methods to prevent or limit this tracking. This paper covers a course module which includes an introduction to the topic of web tracking and privacy, and two case studies. Our teaching experience with this course module is discussed. This course module can be adopted in web security courses introducing legal and privacy issues related to the web.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129400868","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Proceedings of the 2015 Information Security Curriculum Development Conference 2015信息安全课程发展会议论文集
M. Whitman, Humayun Zafar
{"title":"Proceedings of the 2015 Information Security Curriculum Development Conference","authors":"M. Whitman, Humayun Zafar","doi":"10.1145/2885990","DOIUrl":"https://doi.org/10.1145/2885990","url":null,"abstract":"","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116803111","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Sandboxing: aid in digital forensic research 沙箱:帮助数字法医研究
Proceedings of the 2015 Information Security Curriculum Development Conference Pub Date : 2015-10-10 DOI: 10.1145/2885990.2885993
Asif Iqbal, Hanan Al Obaidli, Mário A. M. Guimarães, O. Popov
{"title":"Sandboxing: aid in digital forensic research","authors":"Asif Iqbal, Hanan Al Obaidli, Mário A. M. Guimarães, O. Popov","doi":"10.1145/2885990.2885993","DOIUrl":"https://doi.org/10.1145/2885990.2885993","url":null,"abstract":"Finding digital forensic artifacts in the ever changing and complex digital world can be a daunting task for any digital forensic investigator. Familiar tools, such as Sandboxie and Symantec Workspace virtualization used as an aid in forensic investigations may significantly decrease the learning curve. The value of sandboxing for digital forensic investigations is demonstrated here through the research via the appropriate comparative analysis.","PeriodicalId":236418,"journal":{"name":"Proceedings of the 2015 Information Security Curriculum Development Conference","volume":"145 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124665589","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信