Remediating all vulnerabilities on computer systems in a timely and cost effective manner is difficult given that the window of time between the announcement of a new vulnerability and an automated attack has decreased. Hence, organizations need to prioritize the vulnerability remediation process on their computer systems. The goal of this…

In its role helping the nation's schools connect to the Internet and other telecommunications services, the "E-rate" has been among the most consistent of federal programs. Funding for the "education rate" program has held at about $2.25 billion a year since it was created under the Telecommunications Act of 1996, and it covers…

Increasing complexity and sophistication of ever evolving information technologies has spurred unique and unprecedented challenges for organizations to protect their information assets. Companies suffer significant financial and reputational damage due to ineffective information technology security management, which has extensively been shown to…

Sender anonymity in Location-based services (LBS) refers to hiding the identity of a mobile device user who sends requests to the LBS provider for services in her proximity (e.g. "find the nearest gas station etc."). The goal is to keep the requester's interest private even from attackers who (via hacking or subpoenas) gain access to the LBS…

Botnets remain a potent threat due to evolving modern architectures, inadequate remediation methods, and inaccurate measurement techniques. In response, this research exposes the architectures and operations of two advanced botnets, techniques to enumerate infected hosts, and pursues the scientific refinement of infected-host enumeration data by…

The evolution of information technology has included new methodologies that use information technology to control and manage various industries and government activities. Information Technology has also evolved as its own industry with global networks of interconnectivity, such as the Internet, and frameworks, models, and methodologies to control…

The information leakage of electronic devices, especially those used in cryptographic or other vital applications, represents a serious practical threat to secure systems. While physical implementation attacks have evolved rapidly over the last decade, relatively little work has been done to allow system designers to effectively counter the…

The current computing landscape owes its roots to the birth of hardware and software technologies from the 1940s and 1950s. Since then, the advent of mainframes, miniaturized computing, and internetworking has given rise to the now prevalent cloud computing era. In the past few months just after 2010, cloud computing adoption has picked up pace…

"Models for Information Assurance Education and Outreach" (MIAEO) is an NSF-funded, three-year project to support hands-on explorations in "network security" and "cryptography" through Research Experience Vitalizing Science-University Program (REVS-UP) at California State University, Bakersfield. In addition, the…

Operating systems rely heavily on access control mechanisms to achieve security goals and defend against remote and local attacks. The complexities of modern access control mechanisms and the scale of policy configurations are often overwhelming to system administrators and software developers. Therefore, mis-configurations are common, and the…

Wireless ad hoc networks are suitable and sometimes the only solution for several applications. Many applications, particularly those in military and critical civilian domains (such as battlefield surveillance and emergency rescue) require that ad hoc networks be secure and stable. In fact, security is one of the main barriers to the extensive use…

The purpose of this quantitative study was to investigate six factors that may influence adoption of virtual private network (VPN) technologies in small businesses with fewer than 100 employees. Prior research indicated small businesses employing fewer than 100 workers do not adopt VPN technology at the same rate as larger competitors, and the…

The reality of students' cyber lives has thrust upon educators a new approach: creating character education programs tuned to digital youth that are proactive and aggressive. This will help integrate students' digital activities within the context of the communities in which they live, both local and digital. The digital age beckons a new era of…

With the success of applications spurring the tremendous increase in the volume of data transfer, efficient and reliable content distribution has become a key issue. Peer-to-peer (P2P) technology has gained popularity as a promising approach to large-scale content distribution due to its benefits including self-organizing, load-balancing, and…

Hands-on experiments are essential for computer network security education. Existing laboratory solutions usually require significant effort to build, configure, and maintain and often do not support reconfigurability, flexibility, and scalability. This paper presents a cloud-based virtual laboratory education platform called V-Lab that provides a…