Explore the vast range of titles available.

Design and development of ubiquitous computer network systems has become increasingly difficult as technology continues to grow. From the introduction of new technologies to the discovery of existing threats, weaknesses, and vulnerabilities there is a constantly changing landscape of potential risks and rewards. The cyber security community, and industry at large, is learning to account for these increasing threats by including protections and mitigations from the beginning of the design V process. However, issues still come from limitations in time for thoroughly exploring a potential design space and the knowledge base required to easily account for potential vulnerabilities in each. To address this problem we propose the G-T-S framework, which is an automated tool that allows a user to provide a set of inputs relating to the desired design space and returns a monetary security risk evaluation of each. This methodology first generates a series of potential designs, then dissects their contents to associate possible vulnerabilities to device elements, and finally evaluates the security risk poised to a central asset of importance. We exemplify the tools, provide methodologies for required background research, and discuss the results in evaluating a series of IoT Home models using the GTS framework. Through implementation of our framework we simplify the information an individual will require to begin the design process, lower the bar for entry to perform evaluating security risk, and present the risk as an easily understood monetary metric.

Continued growth and development in the consumer electronic market have greatly increased in the realm of home automation. With this swelling in smart, Internet‐connected consumer electronics, there is a need to ensure the safe and secure use of these products. So how does one authenticate each product in a large connected environment? How can the authors minimise counterfeiting, cloning, and the presence of Trojans in customer electronics? In this study, they explore their method of using various physically unclonable functions (PUFs) as a potential seed for a pseudorandom number generators (PRNGs) element. These can then be used to authenticate consumer electronic devices or protect communication over a large interconnected network. The advantage of this work is that their method increases the difficulty of attackers to learn patterns of the seed of each PRNG while optimising PUF‐based constraints in different consumer electronic domains. Through this work they enhance the function of PRNGs, increasing the difficulty of attackers’ ability to model security systems, as well as present a lightweight and efficient solution to the growing security concerns. By making the PRNG more difficult to model, malicious actors are less able to overcome their proposed security enhancement leading to a safe and secure environment.

As development and deployment of secure systems continue to grow at scale, there is an equal need to evaluate these systems for vulnerabilities and other problems. However, the process of evaluating these designs is complicated and mainly proprietary to the group performing the evaluation. Generally, one follows the generic risk equation of probability and impact. In addition, one should examine the costs related to the adversary and the defender of a system. Without accounting for all of these different aspects, one cannot expect to properly assess the security of a system model or design. This work presents a security model adversarial risk-based tool (SMART) for systems security design evaluation. Our tool reads in a systems security model an attack graph and collects the necessary information for the purpose of determining the best solution based on a calculated security risk represented as a monetary amount. The advantage of the tool is the level of automation provided in the evaluation of security attack trees while providing meaningful metrics that are effortless to compare and contrast.

The present study is based on the theoretical model of college retention developed by Tinto (1975, 1987, 1993) and subsequent validation efforts of others (Bers and Smith, 1991; Munro, 1981; Pascarella and Chapman, 1983a, b; Pascarella and Terenzini, 1983, 1991). The first goal of the study was to assess the validity of the model on a two-year community college sample. The second goal was to extend and further refine the model by examining the mediational influences of a comprehensive set of psychosocial measures (i.e., life events occurring during the first semester of college, social support, self-esteem, social competence, personal conscientiousness, psychological well-being, and satisfaction with the academic, administrative, and social systems of college) on the constructs within Tinto's (1987, 1993) model. Results confirm the generalizability of the model to two-year community college populations. In addition, the structural equations model revealed that the psychosocial measures have both direct and indirect effects on college persistence.

As the development and deployment of secure systems continue to grow at scale, there is a pressing need to evaluate these systems for vulnerabilities and other potential security problems. These issues are further augmented with the ubiquitous deployment of embedded systems within the Internet of Things, smart device networks, and even with their inclusion in medical devices. However, the process of evaluating these de- signs is complicated and mainly proprietary to the group performing the evaluation. In current practice, one follows the generic risk equation of probability and impact. A system designer should also be examining the costs related to the adversary as well as to the defender of a system. Without accounting for all of these different aspects, one cannot expect to properly assess the security of a system model or design. To help address these concerns, this dissertation provides a framework by which security can be baked into the initial design of a system and can help identify areas of particular risk. Furthermore, the framework leverages the Architecture Analysis & Design Language (AADL) modeling language with a low barrier to entry for allowing broader adaption within the security community.

Storage system traces are important for examining real-world applications, studying potential bottlenecks, as well as driving benchmarks in the evaluation of new system designs. While file system traces have been well-studied in earlier work, it has been some time since the last examination of the Server Message Block (SMB) network file system. The purpose of this work is to continue previous SMB studies to better understand the use of the protocol in a real-world production system in use at the University of Connecticut. The main contribution of our work is the exploration of I/O behavior in modern file system workloads as well as new examinations of the inter-arrival times and run times for I/O events. We further investigate if the recent standard models for traffic remain accurate. Our findings reveal interesting data relating to the number of read and write events. We notice that the number of read events are approximately as frequent as writes and that the average of bytes transferred over the wire is greater for reads. Furthermore, we find an increase in the use of metadata for overall network communication that can be taken advantage of through the use of smart storage devices.