Proceedings of the 26th ACM Conference on Innovation and Technology in Computer Science Education V. 2, 2021
Esports has generated an industry of increasing economic and cultural importance. In recent years... more Esports has generated an industry of increasing economic and cultural importance. In recent years, universities and other higher education institutions have responded to its growth by establishing undergraduate courses to satisfy the needs of innovators operating in the area. However, there is not yet consensus on what an esports curriculum should include. Despite being a technology-driven sector with ethical and professional dimensions that intersect computing, current ACM and IEEE curricula do not mention esports. Furthermore, existing courses tend to provide teaching and training on a wide variety of topics aside from those traditionally in computer science. These include: live events management; psychological research; sports science; marketing; public relations; video (livestream) production; and community management; in addition to coaching. This working group seeks to examine the requirements for developing esports studies at universities with a focus on understanding career ...
In recent years, the growing use of Software as a Service (SaaS) presents both new opportunities ... more In recent years, the growing use of Software as a Service (SaaS) presents both new opportunities and challenges for organizations. Specifically, building trust in SaaS as an alternative to traditional methods of conducting business presents unique challenges for the CPA industry, who deals with sensitive financial client information and strict regulations.
In this thesis, we explore the use of audio (sound) for computer and wireless security. Audio is ... more In this thesis, we explore the use of audio (sound) for computer and wireless security. Audio is a physical medium that exhibits unique characteristics that, on one hand, can serve as an enabler in many fundamental security applications, and, on the other hand, can introduce new threats. In this thesis, we consider both constructive and destructive uses of audio. The former usage advances the state-of-the-art in security directly by providing defenses. The latter usage advances the understanding towards building defenses. First, we focus on audio-based secure association of wireless devices, especially those with limited resources. Due to its "human perceptibility," audio communication provides an intuitive means for the users to detect the man-in-the-middle attacks. However, due to its "broadcast" nature, audio becomes vulnerable to eavesdropping. Indeed, we demonstrate eavesdropping attacks on three notable audio-based secure association mechanisms designed for...
Phishing attacks have become an increasing threat to online users. Recent research has begun to f... more Phishing attacks have become an increasing threat to online users. Recent research has begun to focus on the factors that cause people to respond to them. Our study examines the correlation between the Big Five personality traits and email phishing response. We also examine how these factors affect users behavior on Facebook, including posting personal information and choosing Facebook privacy settings. Our research shows that when using a prize phishing email, we find a strong correlation between gender and the response to the phishing email. In addition, we find that the neuroticism is the factor most correlated to responding to this email. Our study also found that people who score high on the openness factor tend to both post more information on Facebook as well as have less strict privacy settings, which may cause them to be susceptible to privacy attacks. In addition, our work detected no correlation between the participants estimate of being vulnerable to phishing attacks and...
This paper studies continuous authentication for touch interface based mobile devices. A Hidden M... more This paper studies continuous authentication for touch interface based mobile devices. A Hidden Markov Model (HMM) based behavioral template training approach is presented, which does not require training data from other subjects other than the owner of the mobile. The stroke patterns of a user are modeled using a continuous left-right HMM. The approach models the horizontal and vertical scrolling patterns of a user since these are the basic and mostly used interactions on a mobile device. The effectiveness of the proposed method is evaluated through extensive experiments using the Toucha-lytics database which comprises of touch data over time. The results show that the performance of the proposed approach is better than the state-of-the-art method.
Recent research has begun to focus on the factors that cause people to respond to phishing attack... more Recent research has begun to focus on the factors that cause people to respond to phishing attacks as well as affect user behavior on social networks. This study examines the correlation between the Big Five personality traits and email phishing response. Another aspect examined is how these factors relate to users’ tendency to share information and protect their privacy on Facebook (which is one of the most popular social networking sites). This research shows that when using a prize phishing email, neuroticism is the factor most correlated to responding to this email, in addition to a gender-based difference in the response. This study also found that people who score high on the openness factor tend to both post more information on Facebook as well as have less strict privacy settings, which may cause them to be susceptible to privacy attacks. In addition, this work detected no correlation between the participants estimate of being vulnerable to phishing attacks and actually bein...
Hyperledger Fabric is a “permissioned” blockchain architecture, providing a consistent distribute... more Hyperledger Fabric is a “permissioned” blockchain architecture, providing a consistent distributed ledger, shared by a set of “peers” that must all have the same view of its state. For many applications, it is desirable to keep private data on the ledger, but the same-view principle makes it challenging to implement. In this paper, we explore supporting private data on Fabric using secure multiparty computation (MPC). In our solution, peers encrypt their private data before storing it on the chain and use secure MPC whenever such private data are needed in a transaction. We created a demo of our solution, implementing a bidding system where sellers list assets on the ledger with a secret reserve price, and bidders publish their bids on the ledger but keep secret the bidding price. We implemented a smart contract that runs the auction on this secret data, using a simple secure-MPC protocol that was built using the EMP-toolkit library. We identified two basic services that should be added to Hyperledger Fabric to support our solution, inspiring follow-up work to implement and add these services to the Hyperledger Fabric architecture.
Proceedings of the 26th ACM Conference on Innovation and Technology in Computer Science Education V. 2, 2021
Esports has generated an industry of increasing economic and cultural importance. In recent years... more Esports has generated an industry of increasing economic and cultural importance. In recent years, universities and other higher education institutions have responded to its growth by establishing undergraduate courses to satisfy the needs of innovators operating in the area. However, there is not yet consensus on what an esports curriculum should include. Despite being a technology-driven sector with ethical and professional dimensions that intersect computing, current ACM and IEEE curricula do not mention esports. Furthermore, existing courses tend to provide teaching and training on a wide variety of topics aside from those traditionally in computer science. These include: live events management; psychological research; sports science; marketing; public relations; video (livestream) production; and community management; in addition to coaching. This working group seeks to examine the requirements for developing esports studies at universities with a focus on understanding career ...
In recent years, the growing use of Software as a Service (SaaS) presents both new opportunities ... more In recent years, the growing use of Software as a Service (SaaS) presents both new opportunities and challenges for organizations. Specifically, building trust in SaaS as an alternative to traditional methods of conducting business presents unique challenges for the CPA industry, who deals with sensitive financial client information and strict regulations.
In this thesis, we explore the use of audio (sound) for computer and wireless security. Audio is ... more In this thesis, we explore the use of audio (sound) for computer and wireless security. Audio is a physical medium that exhibits unique characteristics that, on one hand, can serve as an enabler in many fundamental security applications, and, on the other hand, can introduce new threats. In this thesis, we consider both constructive and destructive uses of audio. The former usage advances the state-of-the-art in security directly by providing defenses. The latter usage advances the understanding towards building defenses. First, we focus on audio-based secure association of wireless devices, especially those with limited resources. Due to its "human perceptibility," audio communication provides an intuitive means for the users to detect the man-in-the-middle attacks. However, due to its "broadcast" nature, audio becomes vulnerable to eavesdropping. Indeed, we demonstrate eavesdropping attacks on three notable audio-based secure association mechanisms designed for...
Phishing attacks have become an increasing threat to online users. Recent research has begun to f... more Phishing attacks have become an increasing threat to online users. Recent research has begun to focus on the factors that cause people to respond to them. Our study examines the correlation between the Big Five personality traits and email phishing response. We also examine how these factors affect users behavior on Facebook, including posting personal information and choosing Facebook privacy settings. Our research shows that when using a prize phishing email, we find a strong correlation between gender and the response to the phishing email. In addition, we find that the neuroticism is the factor most correlated to responding to this email. Our study also found that people who score high on the openness factor tend to both post more information on Facebook as well as have less strict privacy settings, which may cause them to be susceptible to privacy attacks. In addition, our work detected no correlation between the participants estimate of being vulnerable to phishing attacks and...
This paper studies continuous authentication for touch interface based mobile devices. A Hidden M... more This paper studies continuous authentication for touch interface based mobile devices. A Hidden Markov Model (HMM) based behavioral template training approach is presented, which does not require training data from other subjects other than the owner of the mobile. The stroke patterns of a user are modeled using a continuous left-right HMM. The approach models the horizontal and vertical scrolling patterns of a user since these are the basic and mostly used interactions on a mobile device. The effectiveness of the proposed method is evaluated through extensive experiments using the Toucha-lytics database which comprises of touch data over time. The results show that the performance of the proposed approach is better than the state-of-the-art method.
Recent research has begun to focus on the factors that cause people to respond to phishing attack... more Recent research has begun to focus on the factors that cause people to respond to phishing attacks as well as affect user behavior on social networks. This study examines the correlation between the Big Five personality traits and email phishing response. Another aspect examined is how these factors relate to users’ tendency to share information and protect their privacy on Facebook (which is one of the most popular social networking sites). This research shows that when using a prize phishing email, neuroticism is the factor most correlated to responding to this email, in addition to a gender-based difference in the response. This study also found that people who score high on the openness factor tend to both post more information on Facebook as well as have less strict privacy settings, which may cause them to be susceptible to privacy attacks. In addition, this work detected no correlation between the participants estimate of being vulnerable to phishing attacks and actually bein...
Hyperledger Fabric is a “permissioned” blockchain architecture, providing a consistent distribute... more Hyperledger Fabric is a “permissioned” blockchain architecture, providing a consistent distributed ledger, shared by a set of “peers” that must all have the same view of its state. For many applications, it is desirable to keep private data on the ledger, but the same-view principle makes it challenging to implement. In this paper, we explore supporting private data on Fabric using secure multiparty computation (MPC). In our solution, peers encrypt their private data before storing it on the chain and use secure MPC whenever such private data are needed in a transaction. We created a demo of our solution, implementing a bidding system where sellers list assets on the ledger with a secret reserve price, and bidders publish their bids on the ledger but keep secret the bidding price. We implemented a smart contract that runs the auction on this secret data, using a simple secure-MPC protocol that was built using the EMP-toolkit library. We identified two basic services that should be added to Hyperledger Fabric to support our solution, inspiring follow-up work to implement and add these services to the Hyperledger Fabric architecture.
Uploads
Papers