Current Search: Information Security (x)
View All Items
- Title
- An Approach for Measuring the Confidentiality of Data Assured by the Confidentiality of Information Security Systems in Healthcare Organizations.
- Creator
-
Gallaher, Shawn, Elshennawy, Ahmad, Sala-Diakanda, Serge, Karwowski, Waldemar, Xanthopoulos, Petros, Yousef, Nabeel, University of Central Florida
- Abstract / Description
-
Because of the expansion in health information technology and the continued migration toward digital patient records as a foundation for the delivery of healthcare services, healthcare organizations face significant challenges in their efforts to determine how well they are protecting electronic health information from unauthorized disclosure. The disclosure of one's personal medical information to unauthorized parties or individuals can have broad-reaching and long-term impacts to both...
Show moreBecause of the expansion in health information technology and the continued migration toward digital patient records as a foundation for the delivery of healthcare services, healthcare organizations face significant challenges in their efforts to determine how well they are protecting electronic health information from unauthorized disclosure. The disclosure of one's personal medical information to unauthorized parties or individuals can have broad-reaching and long-term impacts to both healthcare providers and consumers. Although several classes and types of methodologies exist for measuring information security in general, a number of overarching issues have been identified which prevent their adaptation to the problem of measuring the confidentiality (the protection from unauthorized disclosure) of electronic information in complex organizational systems.In this study, a new approach for measuring the confidentiality of electronic information in healthcare-related organizations is developed. By leveraging systemic principles and concepts, an information security system (ISS) for assuring the confidentiality of electronic information in healthcare organizations is synthesized. The ISS is defined as a complex system composed of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule information security safeguards and the people, processes, and technologies that contribute to these safeguards. The confidentiality of the ISS (-) a desired emergent property defined in terms of the systemic interactions which are present (-) represents the measure of protection from the unauthorized disclosure of electronic information.An information security model (ISM) that leverages the structure and parametric modeling capabilities of the Systems Modeling Language (SysML) was developed for specifyingan ISS in addition to the contained systemic interactions which are present. Through the use of a parametric solver capability, the complex system of equations which quantify the contained interactions was executed for the purpose of generating a measure of confidentiality using a set of user-provided input values (-) a process referred to as ISM instantiation.
Show less - Date Issued
- 2012
- Identifier
- CFE0004378, ucf:49380
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0004378
- Title
- REGIONAL READINESS FOR INTELLIGENCE INFORMATION SHARING TO SUPPORT HOMELAND SECURITY.
- Creator
-
Kemp, Christine, Reynolds, Michael, University of Central Florida
- Abstract / Description
-
The Markle Task Force on National Security in the Information Age was created to produce recommendations on how to best leverage intelligence and information to improve security without compromising existing civil liberties. Their second report proposed that the government set up an information-sharing network using currently available technology to improve our ability to prevent terrorist attacks, while protecting civil liberties. The Markle recommendations have been incorporated into the...
Show moreThe Markle Task Force on National Security in the Information Age was created to produce recommendations on how to best leverage intelligence and information to improve security without compromising existing civil liberties. Their second report proposed that the government set up an information-sharing network using currently available technology to improve our ability to prevent terrorist attacks, while protecting civil liberties. The Markle recommendations have been incorporated into the recent Intelligence Reform and Terrorism Prevention Act of 2004. The proposition is that the Markle task force recommendations are sufficient to achieve the required data integration in the United States. To affirm or falsify the proposition, three existing systems will be reviewed: Alabama's Law Enforcement Tactical System Portal (LETS), Florida's Statewide Data Sharing Effort (FINDER), and Orange County, Florida's Integrated Criminal Justice System. This study found that there is no overall model for national intelligence analysis that incorporates the capabilities that law enforcement has for collection and analysis in with the federal capabilities for collection and analysis. This may ultimately limit the regional systems' success. Recommendations for potential initial models are made. In addition, recommendations for improvement in each regional system are provided. Finally, further research is needed to refine a national intelligence analysis model that can be supported by a distributed information sharing network.
Show less - Date Issued
- 2005
- Identifier
- CFE0000623, ucf:46542
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0000623
- Title
- Assessment of Information Security Culture in Higher Education.
- Creator
-
Glaspie, Henry, Karwowski, Waldemar, Wan, Thomas, Hancock, Peter, Caulkins, Bruce, University of Central Florida
- Abstract / Description
-
Information security programs are instituted by organizations to provide guidance to their users who handle their data and systems. The main goal of these programs is to protect the organization's information assets through the creation and cultivation of a positive information security culture within the organization. As the collection and use of data expands in all economic sectors, the threat of data breach due to human error increases. Employee's behavior towards information security is...
Show moreInformation security programs are instituted by organizations to provide guidance to their users who handle their data and systems. The main goal of these programs is to protect the organization's information assets through the creation and cultivation of a positive information security culture within the organization. As the collection and use of data expands in all economic sectors, the threat of data breach due to human error increases. Employee's behavior towards information security is influenced by the organizations information security programs and the overall information security culture. This study examines the human factors of an information security program and their effect on the information security culture. These human factors consist of stringency of organizational policies, behavior deterrence, employee attitudes towards information security, training and awareness, and management support of the information security programs. A survey questionnaire was given to employees in the Florida College System to measure the human aspects of the information security programs. Confirmatory factor analysis (CFA) and Structural Equation Modeling (SEM) were used to investigate the relationships between the variables in the study using IBM(&)#174; SPSS(&)#174; Amos 24 software. The study results show that management support and behavior deterrence have a significant positive relationship with information security. Additionally, the results show no significant association between information security culture and organization policies, employee commitment and employee awareness. This suggests a need for further refinement of the model and the survey tool design to properly assess human factors of information security programs and their effects on the organizational security culture.
Show less - Date Issued
- 2018
- Identifier
- CFE0007184, ucf:52272
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0007184
- Title
- On the security of NoSQL cloud database services.
- Creator
-
Ahmadian, Mohammad, Marinescu, Dan, Wocjan, Pawel, Heinrich, Mark, Brennan, Joseph, University of Central Florida
- Abstract / Description
-
Processing a vast volume of data generated by web, mobile and Internet-enabled devices, necessitates a scalable and flexible data management system. Database-as-a-Service (DBaaS) is a new cloud computing paradigm, promising a cost-effective and scalable, fully-managed database functionality meeting the requirements of online data processing. Although DBaaS offers many benefits it also introduces new threats and vulnerabilities. While many traditional data processing threats remain, DBaaS...
Show moreProcessing a vast volume of data generated by web, mobile and Internet-enabled devices, necessitates a scalable and flexible data management system. Database-as-a-Service (DBaaS) is a new cloud computing paradigm, promising a cost-effective and scalable, fully-managed database functionality meeting the requirements of online data processing. Although DBaaS offers many benefits it also introduces new threats and vulnerabilities. While many traditional data processing threats remain, DBaaS introduces new challenges such as confidentiality violation and information leakage in the presence of privileged malicious insiders and adds new dimension to the data security. We address the problem of building a secure DBaaS for a public cloud infrastructure where, the Cloud Service Provider (CSP) is not completely trusted by the data owner. We present a high level description of several architectures combining modern cryptographic primitives for achieving this goal. A novel searchable security scheme is proposed to leverage secure query processing in presence of a malicious cloud insider without disclosing sensitive information. A holistic database security scheme comprised of data confidentiality and information leakage prevention is proposed in this dissertation. The main contributions of our work are:(i) A searchable security scheme for non-relational databases of the cloud DBaaS; (ii) Leakage minimization in the untrusted cloud.The analysis of experiments that employ a set of established cryptographic techniques to protect databases and minimize information leakage, proves that the performance of the proposed solution is bounded by communication cost rather than by the cryptographic computational effort.
Show less - Date Issued
- 2017
- Identifier
- CFE0006848, ucf:51777
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0006848
- Title
- HEALTHCARE COMMUNICATION NETWORKS: THE DISSEMINATION OF EMPLOYEE INFORMATION FOR HOSPITAL SECURITY.
- Creator
-
Sumner, Jennifer, Liberman, Aaron, University of Central Florida
- Abstract / Description
-
ABSTRACT: Healthcare in the United States is a system that, organizationally speaking, is fragmented. Each hospital facility is independently operated and is responsible for the hiring of its own employees. However, corrupt individuals can take advantage of this fragmentation and move from hospital to hospital, gaining employment while hiding previous employment history. Traditionally, hospitals have been reluctant to share information on their previous employees, even with other hospitals,...
Show moreABSTRACT: Healthcare in the United States is a system that, organizationally speaking, is fragmented. Each hospital facility is independently operated and is responsible for the hiring of its own employees. However, corrupt individuals can take advantage of this fragmentation and move from hospital to hospital, gaining employment while hiding previous employment history. Traditionally, hospitals have been reluctant to share information on their previous employees, even with other hospitals, for fear of issues surrounding defamation, negligent hiring, and violation of the employee's privacy. However, growth in healthcare services is expected to rise exponentially in the near future, increasing the demand for employees. The need, therefore, to exchange pertinent information regarding employees will become necessary as hospitals seek qualified employees to fill positions throughout their organizations. One way to promote this information exchange is to develop trusted information sharing networks among hospital units. This study examined the problems surrounding organizational information sharing as well as the current level of employee information sharing being conducted by hospitals nationwide. Utilizing a survey of hospital administrators, this study drew upon the theoretical foundations of the Diffusion of Innovation Theory, the Knowledge Management Theory, the Social Exchange Theory and the earlier organizational information sharing frameworks established by Dawes (1996) and Landsbergen and Wolken (1998; 2001) in order to examine the variables that contribute to propensity of hospital administrators to engage in the sharing of employee information with other organizations.
Show less - Date Issued
- 2008
- Identifier
- CFE0002010, ucf:47609
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0002010
- Title
- EFFECTS OF IT GOVERNANCE ON INFORMATION SECURITY.
- Creator
-
Wu, Yu, Saunders, Carol, University of Central Florida
- Abstract / Description
-
This dissertation is composed by three essays that explore the relationship between good IT governance and effective information security services. Governance steers and verifies performance of fiduciary duties, through the implementation of proper governance mechanisms. With a focus on information security, this essay presents three categories of governance mechanisms process-based, structural, and relational. When properly instituted, they work together to ensure that IT understands...
Show moreThis dissertation is composed by three essays that explore the relationship between good IT governance and effective information security services. Governance steers and verifies performance of fiduciary duties, through the implementation of proper governance mechanisms. With a focus on information security, this essay presents three categories of governance mechanisms process-based, structural, and relational. When properly instituted, they work together to ensure that IT understands business requirements for information security and strives to fulfill them. An explanation is offered about the efficacy of those mechanisms, based on an agency theory perspective that views IT as an agent for business. The two underlying causes for agency problems are goal incongruence and information asymmetry between the agent and the principal. Governance mechanisms help to reduce both goal incongruence and information asymmetry. Hence, they lead to desired outcomes. A theoretical framework is presented and empirical tested.
Show less - Date Issued
- 2007
- Identifier
- CFE0001965, ucf:47435
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0001965
- Title
- SECURITY DESIGN THAT ADDRESSES AGENCY CONFLICTS AND INFORMATION ASYMMETRY.
- Creator
-
Tewari, Manish, Schnitzlein, Charles, University of Central Florida
- Abstract / Description
-
This study focuses on the role of structured derivative securities to meet diverse corporate financing objectives in the light of agency theory and asymmetric information. The focus is on the nonconvertible callable-puttable fixed-coupon bonds. The primary objective is to discern the marginal role of the put and put-deferred features in addressing the agency issues and asymmetric information. A sample of (159) securities issued over the period (1977-2005) are examined using Merton's (1974...
Show moreThis study focuses on the role of structured derivative securities to meet diverse corporate financing objectives in the light of agency theory and asymmetric information. The focus is on the nonconvertible callable-puttable fixed-coupon bonds. The primary objective is to discern the marginal role of the put and put-deferred features in addressing the agency issues and asymmetric information. A sample of (159) securities issued over the period (1977-2005) are examined using Merton's (1974) structural contingent claims valuation model. The put option as well as the deferred put option incorporated in these securities is found to mitigate the asset substitution issue. It is also found that these contract features provide considerable insurance against the asymmetric information about the firm's downside risk. Specifically, the effects of asset substitution are mitigated because the put option reduces sensitivity of the security's value to the changes in the firm's volatility. Prior to this study, this effect was believed to be driven primarily by the conversion feature in the convertible bonds and the preferred stocks. In addition, the long-term performance of the underlying common stock indicates systematic negative performance for the protracted periods both prior and subsequent to the issuance, yet it is found that this decline in the equity value has only a limited negative impact on the security.
Show less - Date Issued
- 2008
- Identifier
- CFE0002424, ucf:47756
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0002424
- Title
- An analysis of the preparedness of educational institutions to ensure the security of their institutional information.
- Creator
-
Ahmed, Vikram, Johnson, Jerry, Murray, Kenneth, Baldwin, Lee, Amiri, Shahram, University of Central Florida
- Abstract / Description
-
The purpose of this exploratory study was to analyze and examine the differences in the preparedness of educational institutions toward ensuring the security of their data by comparing their self-reported perceptions of security risks and their assessments of the corresponding risk-mitigating practices. Factors that were studied with reference to securing institutional data were aligned with the five components of information systems: hardware, software, data, procedures and people. The study...
Show moreThe purpose of this exploratory study was to analyze and examine the differences in the preparedness of educational institutions toward ensuring the security of their data by comparing their self-reported perceptions of security risks and their assessments of the corresponding risk-mitigating practices. Factors that were studied with reference to securing institutional data were aligned with the five components of information systems: hardware, software, data, procedures and people. The study examined the perceptions of security threats associated with these factors and explored the perceptions of the effectiveness of critical measures with respect to these factors within the constraints applicable to educational institutions. Given the dynamic nature of the threats to information security, this study further explored mechanisms and frequencies with which the different types of educational institutions conduct key security practices and stay up-to-date in their information security policies and procedures. The population of interest for this study consisted of a cross-sectional representation of the following types of educational institutions in the state of Florida: public and private PK-12 institutions, public and private universities, and virtual schools. At every stage of this exploratory study, comparative analyses were conducted. The researcher found no statistically significant differences between the types of educational institutions in their perceptions of security risks. However, in terms of their perceptions of the effectiveness of security measures, frequencies of key security practices and policy updates, budget allocations, and overall assessment of security preparedness, the educational institutions showed statistically significant differences.
Show less - Date Issued
- 2018
- Identifier
- CFE0007145, ucf:52293
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0007145
- Title
- TESTING THE IMPACT OF TRAINING WITH SIMULATED SCENARIOS FOR INFORMATION SECURITY AWARENESS ON VIRTUAL COMMUNITY OF PRACTICE MEMBERS.
- Creator
-
Tidwell, Craig, Reilly, Charles, University of Central Florida
- Abstract / Description
-
Information security has become a major challenge for all private and public organizations. The protection of proprietary and secret data and the proper awareness of what is entailed in protecting this data are necessary in all organizations. This treatise examines how simulation and training would influence information security awareness over time in virtual communities of practice under a variety of security threats. The hypothesis of the study was that security-trained members of a virtual...
Show moreInformation security has become a major challenge for all private and public organizations. The protection of proprietary and secret data and the proper awareness of what is entailed in protecting this data are necessary in all organizations. This treatise examines how simulation and training would influence information security awareness over time in virtual communities of practice under a variety of security threats. The hypothesis of the study was that security-trained members of a virtual community of practice would respond significantly better to routine security processes and attempts to breach security or to violate the security policy of their organization or of their virtual community of practice. Deterrence theory was used as the grounded theory and integrated in the information security awareness training with simulated scenarios. The study provided training with simulated scenarios and then tested the users of a virtual community of practice over an approximately twelve-week period to see if the planned security awareness training with simulated security problem scenarios would be effective in improving their responses to the follow-up tests. The research subjects were divided into four groups, the experimental group and three control groups. The experimental group received all of the training and testing events throughout the twelve-week period. The three control groups received various portions of the training and testing. The data from all of the tests were analyzed using the Kruskal-Wallis ranked order test, and it was determined that there was no significant difference between the groups at the end of the data collection. Even though the null hypothesis, which stated that there would be no difference between the groups scores on the information security awareness tests, was not rejected, the groups that received the initial training with the simulated scenarios did perform slightly better from the pre-training test to the post-training test when compared with the control group that did not receive the initial training. More research is suggested to determine how information security awareness training with simulated scenarios and follow-up testing can be used to improve and sustain the security practices of members of virtual communities of practice. Specifically, additional research could include: comparing the effect of training with the simulated scenarios and with training that would not use the simulated security scenarios; the potential benefits of using adaptive and intelligent training to focus on the individual subjects' weaknesses and strengths; the length of the training with simulated scenarios events, the time between each training event, and the overall length of the training; the demographics of the groups used in the training, and how different user characteristics impact the efficacy of the training with simulated scenarios and testing; and lastly examining how increasing the fidelity of the simulated scenarios might impact the results of the follow-up tests.
Show less - Date Issued
- 2011
- Identifier
- CFE0003566, ucf:48923
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0003566
- Title
- Federal, State and Local Law Enforcement Agency Interoperability Capabilities and Cyber Vulnerabilities.
- Creator
-
Trapnell, Tyrone, Caulkins, Bruce, Wiegand, Rudolf, Bockelman, Patricia, Canham, Matthew, University of Central Florida
- Abstract / Description
-
The National Data Exchange (N-DEx) System is the central informational hub located at the Federal Bureau of Investigation (FBI). Its purpose is to provide network subscriptions to all Federal, state and local level law enforcement agencies while increasing information collaboration across all domains. The National Data Exchange users must satisfy the Advanced Permission Requirements, confirming the terms of N-DEx information use, and the Verification Requirement (verifying the completeness,...
Show moreThe National Data Exchange (N-DEx) System is the central informational hub located at the Federal Bureau of Investigation (FBI). Its purpose is to provide network subscriptions to all Federal, state and local level law enforcement agencies while increasing information collaboration across all domains. The National Data Exchange users must satisfy the Advanced Permission Requirements, confirming the terms of N-DEx information use, and the Verification Requirement (verifying the completeness, timeliness, accuracy, and relevancy of N-DEx information) through coordination with the record-owning agency (Management, 2018). A network infection model is proposed to simulate the spread impact of various cyber-attacks within Federal, state and local level law enforcement networks that are linked together through the topologies merging with the National Data Exchange (N-DEx) System as the ability to manipulate the live network is limited. The model design methodology is conducted in a manner that creates a level of organization from the state level to the local level of law enforcement agencies allowing for each organizational infection probability to be calculated and entered, thus making the model very specific in nature for determining spread or outbreaks of cyber-attacks among law enforcement agencies at all levels. This research will enable future researchers to further develop a model that is capable of detecting weak points within an information structure when multiple topologies merge, allowing for more secure operations among law enforcement networks.
Show less - Date Issued
- 2019
- Identifier
- CFE0007543, ucf:52621
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0007543
- Title
- ARCHITECTURAL SUPPORT FOR IMPROVING COMPUTER SECURITY.
- Creator
-
Kong, Jingfei, Zhou, Huiyang, University of Central Florida
- Abstract / Description
-
Computer security and privacy are becoming extremely important nowadays. The task of protecting computer systems from malicious attacks and potential subsequent catastrophic losses is, however, challenged by the ever increasing complexity and size of modern hardware and software design. We propose several methods to improve computer security and privacy from architectural point of view. They provide strong protection as well as performance efficiency. In our first approach, we propose a new...
Show moreComputer security and privacy are becoming extremely important nowadays. The task of protecting computer systems from malicious attacks and potential subsequent catastrophic losses is, however, challenged by the ever increasing complexity and size of modern hardware and software design. We propose several methods to improve computer security and privacy from architectural point of view. They provide strong protection as well as performance efficiency. In our first approach, we propose a new dynamic information flow method to protect systems from popular software attacks such as buffer overflow and format string attacks. In our second approach, we propose to deploy encryption schemes to protect the privacy of an emerging non-volatile main memory technology ÃÂ phase change memory (PCM). The negative impact of the encryption schemes on PCM lifetime is evaluated and new methods including a new encryption counter scheme and an efficient error correct code (ECC) management are proposed to improve PCM lifetime. In our third approach, we deconstruct two previously proposed secure cache designs against software data-cache-based side channel attacks and demonstrate their weaknesses. We propose three hardware-software integrated approaches as secure protections against those data cache attacks. Also we propose to apply them to protect instruction caches from similar threats. Furthermore, we propose a simple change to the update policy of Branch Target Buffer (BTB) to defend against BTB attacks. Our experiments show that our proposed schemes are both security effective and performance efficient.
Show less - Date Issued
- 2010
- Identifier
- CFE0003211, ucf:48589
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0003211
- Title
- Quantifying Trust and Reputation for Defense against Adversaries in Multi-Channel Dynamic Spectrum Access Networks.
- Creator
-
Bhattacharjee, Shameek, Chatterjee, Mainak, Guha, Ratan, Zou, Changchun, Turgut, Damla, Catbas, Necati, University of Central Florida
- Abstract / Description
-
Dynamic spectrum access enabled by cognitive radio networks are envisioned to drivethe next generation wireless networks that can increase spectrum utility by opportunisticallyaccessing unused spectrum. Due to the policy constraint that there could be no interferenceto the primary (licensed) users, secondary cognitive radios have to continuously sense forprimary transmissions. Typically, sensing reports from multiple cognitive radios are fusedas stand-alone observations are prone to errors...
Show moreDynamic spectrum access enabled by cognitive radio networks are envisioned to drivethe next generation wireless networks that can increase spectrum utility by opportunisticallyaccessing unused spectrum. Due to the policy constraint that there could be no interferenceto the primary (licensed) users, secondary cognitive radios have to continuously sense forprimary transmissions. Typically, sensing reports from multiple cognitive radios are fusedas stand-alone observations are prone to errors due to wireless channel characteristics. Suchdependence on cooperative spectrum sensing is vulnerable to attacks such as SecondarySpectrum Data Falsification (SSDF) attacks when multiple malicious or selfish radios falsifythe spectrum reports. Hence, there is a need to quantify the trustworthiness of radios thatshare spectrum sensing reports and devise malicious node identification and robust fusionschemes that would lead to correct inference about spectrum usage.In this work, we propose an anomaly monitoring technique that can effectively cap-ture anomalies in the spectrum sensing reports shared by individual cognitive radios duringcooperative spectrum sensing in a multi-channel distributed network. Such anomalies areused as evidence to compute the trustworthiness of a radio by its neighbours. The proposedanomaly monitoring technique works for any density of malicious nodes and for any physicalenvironment. We propose an optimistic trust heuristic for a system with a normal risk attitude and show that it can be approximated as a beta distribution. For a more conservativesystem, we propose a multinomial Dirichlet distribution based conservative trust framework,where Josang's Belief model is used to resolve any uncertainty in information that mightarise during anomaly monitoring. Using a machine learning approach, we identify maliciousnodes with a high degree of certainty regardless of their aggressiveness and variations intro-duced by the pathloss environment. We also propose extensions to the anomaly monitoringtechnique that facilitate learning about strategies employed by malicious nodes and alsoutilize the misleading information they provide. We also devise strategies to defend against a collaborative SSDF attack that islaunched by a coalition of selfish nodes. Since, defense against such collaborative attacks isdifficult with popularly used voting based inference models or node centric isolation techniques, we propose a channel centric Bayesian inference approach that indicates how much the collective decision on a channels occupancy inference can be trusted. Based on the measured observations over time, we estimate the parameters of the hypothesis of anomalous andnon-anomalous events using a multinomial Bayesian based inference. We quantitatively define the trustworthiness of a channel inference as the difference between the posterior beliefsassociated with anomalous and non-anomalous events. The posterior beliefs are updated based on a weighted average of the prior information on the belief itself and the recently observed data.Subsequently, we propose robust fusion models which utilize the trusts of the nodes to improve the accuracy of the cooperative spectrum sensing decisions. In particular, we propose three fusion models: (i) optimistic trust based fusion, (ii) conservative trust based fusion, and (iii) inversion based fusion. The former two approaches exclude untrustworthy sensing reports for fusion, while the last approach utilizes misleading information. Allschemes are analyzed under various attack strategies. We propose an asymmetric weightedmoving average based trust management scheme that quickly identifies on-off SSDF attacks and prevents quick trust redemption when such nodes revert back to temporal honest behavior. We also provide insights on what attack strategies are more effective from the adversaries' perspective.Through extensive simulation experiments we show that the trust models are effective in identifying malicious nodes with a high degree of certainty under variety of network and radio conditions. We show high true negative detection rates even when multiple malicious nodes launch collaborative attacks which is an improvement over existing voting based exclusion and entropy divergence techniques. We also show that we are able to improve the accuracy of fusion decisions compared to other popular fusion techniques. Trust based fusion schemes show worst case decision error rates of 5% while inversion based fusion show 4% as opposed majority voting schemes that have 18% error rate. We also show that the proposed channel centric Bayesian inference based trust model is able to distinguish between attacked and non-attacked channels for both static and dynamic collaborative attacks. We are also able to show that attacked channels have significantly lower trust values than channels that are not(-) a metric that can be used by nodes to rank the quality of inference on channels.
Show less - Date Issued
- 2015
- Identifier
- CFE0005764, ucf:50081
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0005764
- Title
- BRAVE NEW WORLD RELOADED: ADVOCATING FOR BASIC CONSTITUTIONAL SEARCH PROTECTIONS TO APPLY TO CELL PHONES FROM EAVESDROPPING AND TRACKING BY THE GOVERNMENT AND CORPORATE ENTITIES.
- Creator
-
Berrios-Ayala, Mark, Milon, Abby, University of Central Florida
- Abstract / Description
-
Imagine a world where someone's personal information is constantly compromised, where federal government entities AKA Big Brother always knows what anyone is Googling, who an individual is texting, and their emoticons on Twitter. Government entities have been doing this for years; they never cared if they were breaking the law or their moral compass of human dignity. Every day the Federal government blatantly siphons data with programs from the original ECHELON to the new series like PRISM...
Show moreImagine a world where someone's personal information is constantly compromised, where federal government entities AKA Big Brother always knows what anyone is Googling, who an individual is texting, and their emoticons on Twitter. Government entities have been doing this for years; they never cared if they were breaking the law or their moral compass of human dignity. Every day the Federal government blatantly siphons data with programs from the original ECHELON to the new series like PRISM and Xkeyscore so they can keep their tabs on issues that are none of their business; namely, the personal lives of millions. Our allies are taking note; some are learning our bad habits, from Government Communications Headquarters' (GCHQ) mass shadowing sharing plan to America's Russian inspiration, SORM. Some countries are following the United States' poster child pose of a Brave New World like order of global events. Others like Germany are showing their resolve in their disdain for the rise of tyranny. Soon, these new found surveillance troubles will test the resolve of the American Constitution and its nation's strong love and tradition of liberty. Courts are currently at work to resolve how current concepts of liberty and privacy apply to the current conditions facing the privacy of society. It remains to be determined how liberty will be affected as well; liberty for the United States of America, for the European Union, the Russian Federation and for the people of the World in regards to the extent of privacy in today's blurred privacy expectations.
Show less - Date Issued
- 2014
- Identifier
- CFH0004537, ucf:45187
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFH0004537