Nationally, a shortage exists of qualified cybersecurity persons entering the field, posing challenges for higher education institutions in locating qualified educators to help fill the gap. A wealth of literature discusses the needs of students, yet literature outlining qualities of attracting graduates to become educators is lacking. The purpose…

Botnets remain a potent threat due to evolving modern architectures, inadequate remediation methods, and inaccurate measurement techniques. In response, this research exposes the architectures and operations of two advanced botnets, techniques to enumerate infected hosts, and pursues the scientific refinement of infected-host enumeration data by…

Operating systems rely heavily on access control mechanisms to achieve security goals and defend against remote and local attacks. The complexities of modern access control mechanisms and the scale of policy configurations are often overwhelming to system administrators and software developers. Therefore, mis-configurations are common, and the…

As the Internet moves towards a three-layer architecture consisting of overlay networks on top of the IP network layer on top of WDM-based physical networks, incorporating the interaction between and among network layers is crucial for efficient and effective implementation of survivability. This dissertation has four major foci as follows:…

Wireless Sensor Networks (WSNs) have unique characteristics which constrain them; including small energy stores, limited computation, and short range communication capability. Most traditional security algorithms use cryptographic primitives such as Public-key cryptography and are not optimized for energy usage. Employing these algorithms for the…

"End-to-End (E2E)" voting systems provide cryptographic proof that the voter's intention is captured, cast, and tallied correctly. While E2E systems guarantee integrity independent of software, most E2E systems rely on software to provide confidentiality, availability, authentication, and access control; thus, end-to-end integrity is not…

Quantum error-correcting codes have been the cornerstone of research in quantum information science (QIS) for more than a decade. Without their conception, quantum computers would be a footnote in the history of science. When researchers embraced the idea that we live in a world where the effects of a noisy environment cannot completely be…

The nation's critical infrastructure, information systems, and telecommunication networks are vulnerable and threatened by an ever-growing number of attacks in cyberspace. An essential element of the nation's comprehensive approach to cybersecurity is the ability for the Department of Defense to protect and defend its information enterprise.…

This project explores the way information about law is transformed into organizational policies and practices. Existing literature emphasizes the state and organized professional groups as primary interpreters of the law and as creators of legal implementation strategies in the organizational setting. This case study of university responses to…

Web browsers are plagued with vulnerabilities, providing hackers with easy access to computer systems using browser-based attacks. Efforts that retrofit existing browsers have had limited success since modern browsers are not designed to withstand attack. To enable more secure web browsing, we design and implement new web browsers from the ground…

Identification and access management has been among the top security issues facing institutions of higher education. Most institutions of higher education require end users to provide usernames and passwords to gain access to personally identifiable information (PII). This leaves universities vulnerable to unauthorized access and unauthorized…

Targeted email attacks to enable computer network exploitation have become more prevalent, more insidious, and more widely documented in recent years. Beyond nuisance spam or phishing designed to trick users into revealing personal information, targeted malicious email (TME) facilitates computer network exploitation and the gathering of sensitive…