Current Search: Caulkins, Bruce (x)
View All Items
- Title
- SESSION-BASED INTRUSION DETECTION SYSTEM TO MAP ANOMALOUS NETWORK TRAFFIC.
- Creator
-
Caulkins, Bruce, Wang, Morgan, University of Central Florida
- Abstract / Description
-
Computer crime is a large problem (CSI, 2004; Kabay, 2001a; Kabay, 2001b). Security managers have a variety of tools at their disposal firewalls, Intrusion Detection Systems (IDSs), encryption, authentication, and other hardware and software solutions to combat computer crime. Many IDS variants exist which allow security managers and engineers to identify attack network packets primarily through the use of signature detection; i.e., the IDS recognizes attack packets due to their well...
Show moreComputer crime is a large problem (CSI, 2004; Kabay, 2001a; Kabay, 2001b). Security managers have a variety of tools at their disposal firewalls, Intrusion Detection Systems (IDSs), encryption, authentication, and other hardware and software solutions to combat computer crime. Many IDS variants exist which allow security managers and engineers to identify attack network packets primarily through the use of signature detection; i.e., the IDS recognizes attack packets due to their well-known "fingerprints" or signatures as those packets cross the network's gateway threshold. On the other hand, anomaly-based ID systems determine what is normal traffic within a network and reports abnormal traffic behavior. This paper will describe a methodology towards developing a more-robust Intrusion Detection System through the use of data-mining techniques and anomaly detection. These data-mining techniques will dynamically model what a normal network should look like and reduce the false positive and false negative alarm rates in the process. We will use classification-tree techniques to accurately predict probable attack sessions. Overall, our goal is to model network traffic into network sessions and identify those network sessions that have a high-probability of being an attack and can be labeled as a "suspect session." Subsequently, we will use these techniques inclusive of signature detection methods, as they will be used in concert with known signatures and patterns in order to present a better model for detection and protection of networks and systems.
Show less - Date Issued
- 2005
- Identifier
- CFE0000906, ucf:46762
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0000906
- Title
- Analysis of Remote Tripping Command Injection Attacks in Industrial Control Systems Through Statistical and Machine Learning Methods.
- Creator
-
Timm, Charles, Caulkins, Bruce, Wiegand, Rudolf, Lathrop, Scott, University of Central Florida
- Abstract / Description
-
In the past decade, cyber operations have been increasingly utilized to further policy goals of state-sponsored actors to shift the balance of politics and power on a global scale. One of the ways this has been evidenced is through the exploitation of electric grids via cyber means. A remote tripping command injection attack is one of the types of attacks that could have devastating effects on the North American power grid. To better understand these attacks and create detection axioms to...
Show moreIn the past decade, cyber operations have been increasingly utilized to further policy goals of state-sponsored actors to shift the balance of politics and power on a global scale. One of the ways this has been evidenced is through the exploitation of electric grids via cyber means. A remote tripping command injection attack is one of the types of attacks that could have devastating effects on the North American power grid. To better understand these attacks and create detection axioms to both quickly identify and mitigate the effects of a remote tripping command injection attack, a dataset comprised of 128 variables (primarily synchrophasor measurements) was analyzed via statistical methods and machine learning algorithms in RStudio and WEKA software respectively. While statistical methods were not successful due to the non-linearity and complexity of the dataset, machine learning algorithms surpassed accuracy metrics established in previous research given a simplified dataset of the specified attack and normal operational data. This research allows future cybersecurity researchers to better understand remote tripping command injection attacks in comparison to normal operational conditions. Further, an incorporation of the analysis has the potential to increase detection and thus mitigate risk to the North American power grid in future work.
Show less - Date Issued
- 2018
- Identifier
- CFE0007257, ucf:52193
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0007257
- Title
- Assessing the Suitability of the Division Exercise Training and Review System (DXTRS) to Support Sustainment Training.
- Creator
-
Naylor, Jacob, Proctor, Michael, Caulkins, Bruce, Morrow, Patricia Bockelman, University of Central Florida
- Abstract / Description
-
The military has used simulations to train Soldiers for several decades. Army Commanders use live, virtual and constructive training to prepare troops for combat and to improve their Military Occupational Specialty (MOS) skillset. During training and other military operations, the Army Battle Command Systems (ABCS) provide Army commanders with a Common Operational Picture (COP) which typically includes a real-time status of personnel, supplies, munitions, and equipment. In 2016, the Combined...
Show moreThe military has used simulations to train Soldiers for several decades. Army Commanders use live, virtual and constructive training to prepare troops for combat and to improve their Military Occupational Specialty (MOS) skillset. During training and other military operations, the Army Battle Command Systems (ABCS) provide Army commanders with a Common Operational Picture (COP) which typically includes a real-time status of personnel, supplies, munitions, and equipment. In 2016, the Combined Arms Support Command (CASCOM) divested the Battle Command Sustainment Support System (BCS3) due to data latency issues. The sustainment Warfighting Function (WfF) used BCS3 as a dual-purpose system for real world operations and constructive simulation training events. The same year, the Army also streamlined its Joint Land Component Constructive Training Capability (JLCCTC) to reduce costs further limiting the usefulness of JLCCTC to train sustainment units. This study considers the suitability of the Division Exercise Training and Review System (DXTRS) to fill the sustainment training gap. A combination of face to face and telephonic interviews are conducted with Soldiers and select Department of Defense (DoD) contractors to determine the appropriateness of DXTRS for sustainment training. Interview questions designed using the Technology Acceptance Model (TAM) are used to measure DXTRS version 1.06 suitability as a sustainment training tool. Inductive thematic content analysis is used to analyze the interview transcripts and provide findings, conclusions, and recommend future research.
Show less - Date Issued
- 2018
- Identifier
- CFE0007348, ucf:52133
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0007348
- Title
- The Profession of Modeling and Simulations: Unifying the Organization.
- Creator
-
Lord, John, Caulkins, Bruce, Truman, Barbara, Maraj, Crystal, Bockelman, Patricia, University of Central Florida
- Abstract / Description
-
The organization of Modeling and Simulation (M(&)S) as a profession started in the early twenty-first century spurred by the advent of computers and the vast networking capabilities of contemporary computing. M(&)S is still in its infancy when compared to other disciplines, such as engineering, computer science and mathematics. However, the profession has experienced significant growth in part due to the varied use of M(&)S techniques and tools within almost every discipline.Professional...
Show moreThe organization of Modeling and Simulation (M(&)S) as a profession started in the early twenty-first century spurred by the advent of computers and the vast networking capabilities of contemporary computing. M(&)S is still in its infancy when compared to other disciplines, such as engineering, computer science and mathematics. However, the profession has experienced significant growth in part due to the varied use of M(&)S techniques and tools within almost every discipline.Professional organizations and academic programs supporting M(&)S across the country have started to materialize. In a short timeframe, the growth of these supporting organizations has outpaced their ability to stay unified as a discipline, aligned with standardized Knowledge, Skills, and Abilities (KSAs) and with growing stakeholder needs.Consequently, there appear to be gaps in the M(&)S professional organization. Such as a lack of synchronization between the three primary stakeholder groups of the M(&)S profession: academia, government, and industry. The discipline's professional organization fails to recognize a single body of knowledge as an authoritative reference for M(&)S KSAs. Academic institutions do not have unanimity regarding targeted KSAs. Industry lacks the confidence to hire M(&)S professionals who have a core understanding of KSAs directly associated with the version of M(&)S used by each separate industry.This research study attempts to take a coordinated step forward in unifying the M(&)S discipline by assessing and prioritizing the current competencies and standards required of M(&)S professionals and identifying the needs and competencies valued by primary stakeholders. A survey instrument was developed in conjunction with Rebecca Leis' doctorate research. The instrument was distributed to M(&)S stakeholders to ascertain the breadth of the needed, valued, and required KSAs within the domain. The survey was evaluated by cross-referencing questions and tabulating responses. Results from this research suggest ways in which stakeholders can coordinate efforts in advancing the M(&)S professional organization and support a uniformed set of KSAs needed in academia, government, and industry now and in the future.
Show less - Date Issued
- 2019
- Identifier
- CFE0007489, ucf:52876
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0007489
- Title
- Assessment of Information Security Culture in Higher Education.
- Creator
-
Glaspie, Henry, Karwowski, Waldemar, Wan, Thomas, Hancock, Peter, Caulkins, Bruce, University of Central Florida
- Abstract / Description
-
Information security programs are instituted by organizations to provide guidance to their users who handle their data and systems. The main goal of these programs is to protect the organization's information assets through the creation and cultivation of a positive information security culture within the organization. As the collection and use of data expands in all economic sectors, the threat of data breach due to human error increases. Employee's behavior towards information security is...
Show moreInformation security programs are instituted by organizations to provide guidance to their users who handle their data and systems. The main goal of these programs is to protect the organization's information assets through the creation and cultivation of a positive information security culture within the organization. As the collection and use of data expands in all economic sectors, the threat of data breach due to human error increases. Employee's behavior towards information security is influenced by the organizations information security programs and the overall information security culture. This study examines the human factors of an information security program and their effect on the information security culture. These human factors consist of stringency of organizational policies, behavior deterrence, employee attitudes towards information security, training and awareness, and management support of the information security programs. A survey questionnaire was given to employees in the Florida College System to measure the human aspects of the information security programs. Confirmatory factor analysis (CFA) and Structural Equation Modeling (SEM) were used to investigate the relationships between the variables in the study using IBM(&)#174; SPSS(&)#174; Amos 24 software. The study results show that management support and behavior deterrence have a significant positive relationship with information security. Additionally, the results show no significant association between information security culture and organization policies, employee commitment and employee awareness. This suggests a need for further refinement of the model and the survey tool design to properly assess human factors of information security programs and their effects on the organizational security culture.
Show less - Date Issued
- 2018
- Identifier
- CFE0007184, ucf:52272
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0007184
- Title
- Federal, State and Local Law Enforcement Agency Interoperability Capabilities and Cyber Vulnerabilities.
- Creator
-
Trapnell, Tyrone, Caulkins, Bruce, Wiegand, Rudolf, Bockelman, Patricia, Canham, Matthew, University of Central Florida
- Abstract / Description
-
The National Data Exchange (N-DEx) System is the central informational hub located at the Federal Bureau of Investigation (FBI). Its purpose is to provide network subscriptions to all Federal, state and local level law enforcement agencies while increasing information collaboration across all domains. The National Data Exchange users must satisfy the Advanced Permission Requirements, confirming the terms of N-DEx information use, and the Verification Requirement (verifying the completeness,...
Show moreThe National Data Exchange (N-DEx) System is the central informational hub located at the Federal Bureau of Investigation (FBI). Its purpose is to provide network subscriptions to all Federal, state and local level law enforcement agencies while increasing information collaboration across all domains. The National Data Exchange users must satisfy the Advanced Permission Requirements, confirming the terms of N-DEx information use, and the Verification Requirement (verifying the completeness, timeliness, accuracy, and relevancy of N-DEx information) through coordination with the record-owning agency (Management, 2018). A network infection model is proposed to simulate the spread impact of various cyber-attacks within Federal, state and local level law enforcement networks that are linked together through the topologies merging with the National Data Exchange (N-DEx) System as the ability to manipulate the live network is limited. The model design methodology is conducted in a manner that creates a level of organization from the state level to the local level of law enforcement agencies allowing for each organizational infection probability to be calculated and entered, thus making the model very specific in nature for determining spread or outbreaks of cyber-attacks among law enforcement agencies at all levels. This research will enable future researchers to further develop a model that is capable of detecting weak points within an information structure when multiple topologies merge, allowing for more secure operations among law enforcement networks.
Show less - Date Issued
- 2019
- Identifier
- CFE0007543, ucf:52621
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0007543
- Title
- A Behavioral Model of Law Enforcement Applicant Characteristics Derived from a Simulated Cheating Task: Implications for Pre-Employment Hiring Practices.
- Creator
-
Montaquila, Julian, Caulkins, Bruce, Wiegand, Rudolf, Teo, Grace, Beever, Jonathan, University of Central Florida
- Abstract / Description
-
Recently, numerous high-profile instances of police misconduct and corruption have been thrust into the national spotlight. Hiring police officers who will act with integrity and not betray public trust remains essential. The present research experimentally examines this phenomenon by evaluating pre-employment assessment results against applicant performance on a simulated cheating task (i.e., The Dots Task) in order to derive information to improve contemporary pre-employment screening and...
Show moreRecently, numerous high-profile instances of police misconduct and corruption have been thrust into the national spotlight. Hiring police officers who will act with integrity and not betray public trust remains essential. The present research experimentally examines this phenomenon by evaluating pre-employment assessment results against applicant performance on a simulated cheating task (i.e., The Dots Task) in order to derive information to improve contemporary pre-employment screening and selection models. Four case examples are presented which depict malicious actors who possessed privileged access, assumed no one would ever scrutinize their activities, and attempted to leverage a lack of oversight for their personal benefit. A literature review of previous research findings is presented, and results from the current study are discussed. Spearman correlation analyses consistently indicated that participants who cheated were predisposed to moral disengagement via advantageous comparison. Participants who left all or part of their monetary award were less prone to general moral disengagement, particularly displacement of responsibility, while the opposite effect was observed for participants who took more than their earned award. Impression management was positively associated with stealing extra money, and cheating was more common among participants with elevated distorted thought patterns, including obsessional thinking, paranoid ideation, and alienation/perceptual distortion. Stepwise linear multiple regression analyses further substantiated the relationship between cheating and both distorted thought patterns and impression management, as well as provided evidence that (1) internalizing morality as part of one's self-identity and (2) warmth act as protective factors against cheating behavior. Positive relationships between cheating and distortion of consequences were also present within multiple regression analyses. Behavioral models produced from stepwise linear multiple regression analyses offer the potential to predict the likelihood and severity of cheating behavior that an individual may be predisposed to commit based upon their pre-employment assessment data, thereby enhancing pre-employment screening and selection decisions.
Show less - Date Issued
- 2018
- Identifier
- CFE0007409, ucf:52714
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0007409