The COVID-19 pandemic forced schools across the nation to increase their reliance on IT to deliver educational instruction to students. This amplified the vulnerability of K-12 schools to potentially serious cyberattacks. The US Government Accountability Office (GAO) was asked to review cybersecurity in K-12 schools. The objectives of this report…

This research study explores the challenges and barriers in school digital transformation based on the perspectives and experiences of school leaders within the Republic of Cyprus. This study employs a qualitative research approach, using interviews to collect insights from 11 purposively selected primary and secondary school leaders. The…

The Science DMZ is a network research tool offering superior large science data transmission between two locations. Through a network design that places the Science DMZ at the edge of the campus network, the Science DMZ defines a network path that avoids packet inspecting devices (firewalls, packet shapers) and produces near line-rate transmission…

As the Internet moves towards a three-layer architecture consisting of overlay networks on top of the IP network layer on top of WDM-based physical networks, incorporating the interaction between and among network layers is crucial for efficient and effective implementation of survivability. This dissertation has four major foci as follows:…

Too often, organizations make the mistake of treating malware infections as a series of independent occurrences. Each time a malicious program is discovered, IT simply cleans up or rebuilds the affected host, and then moves on with routine operational tasks. Yet, this approach doesn't allow the institution to keep up with the increasingly…

This dissertation deals with a multiterminal source model for secret key generation by multiple network terminals with prior and privileged access to a set of correlated signals complemented by public discussion among themselves. Emphasis is placed on a characterization of secret key capacity, i.e., the largest rate of an achievable secret key,…

Much of our critical infrastructure is controlled by large software systems whose participants are distributed across the Internet. As our dependence on these critical systems continues to grow, it becomes increasingly important that they meet strict availability and performance requirements, even in the face of malicious attacks, including those…

Historically, managing access to information systems (ISs) required direct interaction with a limited number of users. Increasingly, managing access involves handling an increased numbers of internal and external students, faculty, and staff as well as partners such as workforce development centers, the U.S. Department of Education, and the…

This paper describes a competition-style of exercise to teach system and network security and to reinforce themes taught in class. The exercise, called NetSecLab, is conducted on a closed network with student-formed teams, each with their own Linux system to defend and from which to launch attacks. Students are expected to learn how to: 1) install…

With the ability of modern system developers to develop intelligent programs that allows machines to learn, modify and evolve themselves, current trends of reactionary methods to detect and eradicate malicious software code from infected machines is proving to be too costly. Addressing malicious software after an attack is the current methodology…

Location is fundamental information in Vehicular Ad-hoc Networks (VANETs). Almost all VANET applications rely on location information. Therefore it is of importance to ensure location information integrity, meaning that location information is original (from the generator), correct (not bogus or fabricated) and unmodified (value not changed). We…

Current technology enables schools to provide remote or virtual computing labs that can be implemented in multiple ways ranging from remote access to banks of dedicated workstations to sophisticated access to large-scale servers hosting virtualized workstations. This paper reports on the implementation of a specific lab using remote access to…

Targeted email attacks to enable computer network exploitation have become more prevalent, more insidious, and more widely documented in recent years. Beyond nuisance spam or phishing designed to trick users into revealing personal information, targeted malicious email (TME) facilitates computer network exploitation and the gathering of sensitive…

Information systems educators must balance the need to protect the stability, availability, and security of computer laboratories with the learning objectives of various courses. In advanced courses where students need to install, configure, and otherwise manipulate application and operating system settings, this is especially problematic as these…

In the past three years, higher education institutions have made a number of moves to secure their critical systems and protect their users, resulting in a marked change in the techniques used to combat security threats. Today, continued progress may depend on the development of an enterprise IT security program. (Contains 10 notes.)