Physical Sciences and Mathematics Commons^™

Challenges For Mapreduce In Big Data, Katarina Grolinger, Michael Hayes, Wilson Higashino, Alexandra L'Heureux, David Allison, Miriam Capretz

Wilson A Higashino

In the Big Data community, MapReduce has been seen as one of the key enabling approaches for meeting continuously increasing demands on computing resources imposed by massive data sets. The reason for this is the high scalability of the MapReduce paradigm which allows for massively parallel and distributed execution over a large number of computing nodes. This paper identifies MapReduce issues and challenges in handling Big Data with the objective of providing an overview of the field, facilitating better planning and management of Big Data projects, and identifying opportunities for future research in this field. The identified challenges are grouped …

Live Musical Steganography, Latia Hutchinson

Senior Theses

Live Musical Steganography is a project created as a way to combine the two typically unrelated fields of music and information security into a cohesive entity that will hopefully spark one’s imagination and inspire further development that could one day be beneficial in the world of security. For those who are unfamiliar with the term steganography, it can be defined as the art and science of preserving the integrity and confidentiality of a message by hiding the existence of that message within some larger body of data. In the field of steganography, much research and development has gone into methods …

Capturing And Analyzing Network Traffic From Common Mobile Devices For Security And Privacy, Billy Overton

Undergraduate Honors Theses

Mobile devices such as tablets and smartphones are becoming more common, and they are holding more information. This includes private information such as contacts, financial data, and passwords. At the same time these devices have network capability with access to the Internet being a prime feature. Little research has been done in observing the network traffic produced by these mobile devices. To determine if private information was being transmitted without user knowledge, the mobile capture lab and a set of procedures have been created to observe, capture and analyze the network traffic produced by mobile devices. The effectiveness of the …

On The Privacy Concerns Of Url Query Strings, Andrew G. West, Adam J. Aviv

Andrew G. West

URLs often utilize query strings (i.e., key-value pairs appended to the URL path) as a means to pass session parameters and form data. Often times these arguments are not privacy sensitive but are necessary to render the web page. However, query strings may also contain tracking mechanisms, user names, email addresses, and other information that users may not wish to reveal. In isolation such URLs are not particularly problematic, but the growth of Web 2.0 platforms such as social networks and micro-blogging means URLs (often copy-pasted from web browsers) are increasingly being publicly broadcast.

This position paper argues that the …

Zebra: Zero-Effort Bilateral Recurring Authentication, Shrirang Mare, Andrés Molina-Markham, Cory Cornelius, Ronald Peterson, David Kotz

Dartmouth Scholarship

Common authentication methods based on passwords, tokens, or fingerprints perform one-time authentication and rely on users to log out from the computer terminal when they leave. Users often do not log out, however, which is a security risk. The most common solution, inactivity timeouts, inevitably fail security (too long a timeout) or usability (too short a timeout) goals. One solution is to authenticate users continuously while they are using the terminal and automatically log them out when they leave. Several solutions are based on user proximity, but these are not sufficient: they only confirm whether the user is nearby but …

Mobile Banking Security Using Gps And Ldpc Codes, Matthew Francis Moccaro

Graduate Theses and Dissertations

Mobile Banking is becoming a major part of our world's financial system. Being able to manage one's finances on a mobile device can provide services that can make users more productive. It can also serve as a means of financial freedom to those who are unable to access physical banking facilities due to distance, or other problems. However, with such freedom also comes the need for security. A person's financial information is one of the most targeted groups of information by attackers. To secure these mobile freedoms, this paper presents a system to secure mobile banking procedures using global positioning …

Machine Learning In Wireless Sensor Networks: Algorithms, Strategies, And Applications, Mohammad Abu Alsheikh, Shaowei Lin, Dusit Niyato, Hwee-Pink Tan

Research Collection School Of Computing and Information Systems

Wireless sensor networks (WSNs) monitor dynamic environments that change rapidly over time. This dynamic behavior is either caused by external factors or initiated by the system designers themselves. To adapt to such conditions, sensor networks often adopt machine learning techniques to eliminate the need for unnecessary redesign. Machine learning also inspires many practical solutions that maximize resource utilization and prolong the lifespan of the network. In this paper, we present an extensive literature review over the period 2002-2013 of machine learning methods that were used to address common issues in WSNs. The advantages and disadvantages of each proposed algorithm are …

Two-Bit Pattern Analysis For Quantitative Information Flow, Ziyuan Meng

FIU Electronic Theses and Dissertations

Protecting confidential information from improper disclosure is a fundamental security goal. While encryption and access control are important tools for ensuring confidentiality, they cannot prevent an authorized system from leaking confidential information to its publicly observable outputs, whether inadvertently or maliciously. Hence, secure information flow aims to provide end-to-end control of information flow. Unfortunately, the traditionally-adopted policy of noninterference, which forbids all improper leakage, is often too restrictive. Theories of quantitative information flow address this issue by quantifying the amount of confidential information leaked by a system, with the goal of showing that it is intuitively “small” enough to be …

How Many Credit Card Frauds Must We Endure Before Security Improves?, Maritza Martinez

UCF Forum

Yes, it can happen to you…

A Firewall Model Of File System Security, Lihui Hu

Dissertations, Master's Theses and Master's Reports - Open

File system security is fundamental to the security of UNIX and Linux systems since in these systems almost everything is in the form of a file. To protect the system files and other sensitive user files from unauthorized accesses, certain security schemes are chosen and used by different organizations in their computer systems. A file system security model provides a formal description of a protection system. Each security model is associated with specified security policies which focus on one or more of the security principles: confidentiality, integrity and availability. The security policy is not only about “who” can access an …

Using Database Management System Todevelop And Implement An Automated Vehicle Management System, Dr. Dipo Theophilus Akomolafe Mbcs, Mncs, Mcpn,, Naomi Timothy, Francis Ofere

Dr. Dipo Theophilus Akomolafe MBCS, MNCS, MCPN,

The automated motor vehicle management system is a system developed for managing the movement of vehicles in and out of an organization. Presently, movemnts of vehicles in most organisations are handled manually bythe security officials that are stationed at the gates. This system is associated with mismanaged data, inaccurate data or no data at all in some instances. Consequently, it is imperative to develop a computerized system to manage data taken from the large number of vehicles that move in and out of organisations in order to deal with cases of theft, proper monitoring of people and vehicles and to …

The Bad Guys Are Using It, Are You?, Hong-Eng Koh

Australian Security and Intelligence Conference

From Occupy Wall Street to 2011 England riots to Arab Spring to Mumbai 26/11 to the ethnic cleansing rumors in India and increasingly used by pedophiles, social media is a very powerful tool for pedophiles, troublemakers, criminals and even terrorists to target individuals and even to go against the establishment. On the other hand, social media can save lives in a disaster, and its a natural extension of community policing or engagement. Community engagement is a must-have strategy for any public safety and security agency. However, this strategy requires the removal of stovepipe processes and systems within an agency, allowing …

I Remember Richelieu: Is Anything Secure Anymore?, Michael G. Crowley, Michael N. Johnstone

Australian Security and Intelligence Conference

Petraeus-gate, hacked nude celebrity photos in the cloud and the recent use of a search and seizure warrant in the United States of America to seek production of customer email contents on an extraterritorial server raises important issues for the supposably safe storage of data on the World Wide Web. Not only may there be nowhere to hide in cyberspace but nothing in cyberspace may be private. This paper explores the legal and technical issues raised by the these matters with emphasis on the courts decision “In the Matter of a Warrant to Search a Certain E-Mail Account Controlled and …

7th Australian Security And Intelligence Conference, 2014, Edith Cowan University: Conference Details, Security Research Institute, Edith Cowan University, Security Research Institute, Edith Cowan University

Australian Security and Intelligence Conference

No abstract provided.

Authentication And Authorisation In Entrusted Unions, Ayed F. Dhouha, Jan Camenisch, Tanya Ignatenko, Michael N. Johnstone, Paul Koster, Brigitta Lange, Milan Petkovic, Dieter Sommer, John Zic

Australian Information Security Management Conference

This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two …

Evaluating The Security Vulenerabilities Of The Ip6to4 Tunnelling Mechanism, Brian Cusack, Raymond Lutui

Australian Information Security Management Conference

The two versions of Internet Protocol (IP) rely on mechanisms that will convert one protocol to the other and vice versa. Version 4 is still prevalent in the Internet backbone and version 6 in most private networks. In this research we focus on the automatic tunnelling mechanism that provides the encapsulation at one end of the transition tunnel and the de-encapsulation at the other end dependant on the direction of transition. In our research we asked: How secure is the automatic tunnelling mechanism? It is a simple question but important given the number of times transition may occur in any …

Securing Identity Information With Image Watermarks, Brian Cusack, Reza Khaleghparas

Australian Information Security Management Conference

In this paper, we describe the requirements for embedding watermarks in images used for identity verification and demonstrate a proof of concept in security sciences. The watermarking application is designed for verifying the rightful ownership of a driving license or similar identity object. The tool we built and tested embeds and extracts watermarks that contain verification information of the rightful owner. We used the human finger print of the rightful owner as the watermark. Such information protection mechanisms add an extra layer of security to the information system and improve verification of identification attributes by providing strong security. The issues …

The Impact Of Social Constructivism On Erp Systems Security: A Critical Social Review, Kennedy Njenga

Australian Information Security Management Conference

Little is understood about the effects of social constructivism that shapes conflicting concerns regarding Enterprise Resource Planning (ERP) security and usability during implementation. This work looks at social constructivism as produced and reproduced by stakeholders in the ERP systems implementation phase. Social constructivism is characterised by the embedded trade-off for usability, espoused by end-user and security, espoused by developers. Social constructivism was conceptualised qualitatively from a selected case study. Critical Social Theory (CST) was used as the theoretical lens. Stakeholders concerned with ERP security aspects in the implementation phase were interviewed and data transcribed and interpreted. Hermeneutical interpretation was applied …

Supporting And Securing Personal Mobile Devices Within An Existing Information Technology Environment, George Allen Patton

Walden Dissertations and Doctoral Studies

Personal mobile devices are becoming integrated into the daily operations of business. Managers are realizing that employees who are allowed to use personal mobile devices to access corporate information systems may reduce costs as users buy their own devices. The problem was that managers have a limited understanding of the need to secure or support personal mobile devices. The purpose of this survey study was to examine the relationship between employees' desire to use personal mobile devices and corporation needs for security and support. Hypotheses were tested by examining the relationships between the requirement to support and secure personal mobile …

Challenges For Mapreduce In Big Data, Katarina Grolinger, Michael Hayes, Wilson A. Higashino, Alexandra L'Heureux, David S. Allison, Miriam A.M. Capretz

Electrical and Computer Engineering Publications

In the Big Data community, MapReduce has been seen as one of the key enabling approaches for meeting continuously increasing demands on computing resources imposed by massive data sets. The reason for this is the high scalability of the MapReduce paradigm which allows for massively parallel and distributed execution over a large number of computing nodes. This paper identifies MapReduce issues and challenges in handling Big Data with the objective of providing an overview of the field, facilitating better planning and management of Big Data projects, and identifying opportunities for future research in this field. The identified challenges are grouped …

Evidentiary Power And Propriety Of Digital Identifiers And The Impact On Privacy Rights In The United States, Michael Losavio, Deborah Keeling

Journal of Digital Forensics, Security and Law

Media and network systems capture and store data about electronic activity in new, sometimes unprecedented ways; computational systems make for new means of analysis and knowledge development. These new forms offer new, powerful tactical tools for investigations of electronic malfeasance under traditional legal regulation of state power, particular that of Fourth Amendment limitations on police searches and seizures under the U.S. Constitution. But autonomy, identity and authenticity concerns with electronic data raise issues of public policy, privacy and proper police oversight of civil society. We examine those issues and their implications for digital and computational forensics

Efficient Detection Of Counterfeit Products In Large-Scale Rfid Systems Using Batch Authentication Protocols, Farzana Rahman, Sheikh Iqbal Ahamed

Mathematics, Statistics and Computer Science Faculty Research and Publications

RFID technology facilitates processing of product information, making it a promising technology for anti-counterfeiting. However, in large-scale RFID applications, such as supply chain, retail industry, pharmaceutical industry, total tag estimation and tag authentication are two major research issues. Though there are per-tag authentication protocols and probabilistic approaches for total tag estimation in RFID systems, the RFID authentication protocols are mainly per-tag-based where the reader authenticates one tag at each time. For a batch of tags, current RFID systems have to identify them and then authenticate each tag sequentially, one at a time. This increases the protocol execution time due to …

From Map To Dist: The Evolution Of A Large-Scale Wlan Monitoring System, Keren Tan, Chris Mcdonald, Bennet Vance, Chrisil Arackaparambil, Sergey Bratus, David Kotz

Dartmouth Scholarship

The edge of the Internet is increasingly becoming wireless. Therefore, monitoring the wireless edge is important to understanding the security and performance aspects of the Internet experience. We have designed and implemented a large-scale WLAN monitoring system, the Distributed Internet Security Testbed (DIST), at Dartmouth College. It is equipped with distributed arrays of “sniffers” that cover 210 diverse campus locations and more than 5,000 users. In this paper, we describe our approach, designs and solutions for addressing the technical challenges that have resulted from efficiency, scalability, security, and management perspectives. We also present extensive evaluation results on a production network, …

Impacts Of U.S. Biofuels Mandates On Environmental And Energy Security, Mohammad Alshawaf

Graduate Doctoral Dissertations

Congress passed the Energy Policy Act of 2005 and the Energy Independence and Security Act (EISA) of 2007 to reduce dependency on foreign oil by increasing the use of biofuels. EISA mandates 36 billion gallons of biofuel production in 2022, representing an increase of 118% in eight years. Existing and new farmland are expected to be employed to produce corn and other feedstock necessary to fulfill the biofuel mandate. There is little research on the potential environmental impact on water resources of meeting the ESIA biofuel mandates.

The objectives of this EISA study were twofold. First, the study measured the …

Rfid-Based Anti-Theft Auto Security System With An Immobilizer, Geeth Jayendra, Sisil Kumarawadu, Lasantha Meegahapola

Dr Lasantha G Meegahapola

This paper presents a novel radio frequency identification (RFID) based vehicle immobilizer system, which features low hacking probability while preserving the safety of the passengers of the hijacked vehicle. The immobilizer uses the active RFID technology where the tag is generated with comparatively large character sets. The receiving unit is intelligently integrated into three control circuits in the vehicle, namely, ignition circuit, power control unit, and automatic gear changing system, enabling it to bring the vehicle speed down to zero in a safe step by step manner. The anti-theft auto security system proposed here was tested under different weather conditions …

An Access Control Model For Nosql Databases, Motahera Shermin

Electronic Thesis and Dissertation Repository

Current development platforms are web scale, unlike recent platforms which were just network scale. There has been a rapid evolution in computing paradigm that has created the need for data storage as agile and scalable as the applications they support. Relational databases with their joins and locks influence performance in web scale systems negatively. Thus, various types of non-relational databases have emerged in recent years, commonly referred to as NoSQL databases. To fulfill the gaps created by their relational counter-part, they trade consistency and security for performance and scalability. With NoSQL databases being adopted by an increasing number of organizations, …

A 2013 Study Of Wireless Network Security In New Zealand: Are We There Yet?, Alastair Nisbet

Australian Information Security Management Conference

This research examines the current level of security in wireless networks in New Zealand. A comprehensive wardrive covering the length of the country was made in January 2013 to ensure accurate comparisons from two previous wardrives as well as comparisons between the four main cities and the suburbs can be made. With 16 years since the introduction of the original IEEE 802.11 wireless standard having passed, an examination is made of the current state of wireless security of networks throughout New Zealand and the Auckland suburbs, and where possible compares these results with similar studies undertaken in 2004 and 2011. …

Privacy And Legal Issues In Cloud Computing - The Smme Position In South Africa, Mathias Mujinga

Australian Information Security Management Conference

Cloud computing (CC) brings substantial benefits to organizations and their clients. Information technology (IT) users in developing countries, especially those in underdeveloped communities, are gaining easy and cost‐effective access to a variety of services, from entertainment to banking. South Africa has outlined a national e‐strategy that aims to improve those communities, by providing frameworks for access to information and communications technology (ICT). The products and services of small‐, medium and micro‐sized enterprises (SMME) are now reaching a wider audience through the use of technology. CC can go a long way to help government realize the national e‐strategy. There are numerous …

Towards Detection And Control Of Civilian Unmanned Aerial Vehicles, Matthew Peacock, Michael N. Johnstone

Australian Information Warfare and Security Conference

Considering the significant number of non‐military unmanned aerial vehicles (UAVs) that can be purchased to operate in unregulated air space and the range of such devices, the potential for security and privacy problems to arise is significant. This can lead to consequent harm for critical infrastructure in the event of these UAVs being used for criminal or terrorist purposes. Further, if these devices are not being detected, there is a privacy problem to be addressed as well. In this paper we test a specific UAV, the Parrot AR Drone version 2, and present a forensic analysis of tests used to …

Security Analysis And Forensic Investigation Of Home & Commercial Alarm Systemsin New Zealand: Current Research Findings, Alastair Nisbet, Maria Kim

Australian Digital Forensics Conference

Alarm systems with keypads, sensors and sirens protect our homes and commercial premises from intruders. The reliability of these systems has improved over the past years but the technology has remained largely as it was 3 decades ago. With simple keypads and generally 4 digit PIN codes used for setting and unsetting the alarms, the main protection against a determined intruder is the necessity to choose robust PIN codes. However, with PIN codes chosen that are generally easy to remember and therefore relatively easy to guess, or numbers chosen to follow a pattern on the keypad, the main protection from …