The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The field of digital forensics has evolved to allow security professionals to examine evidence from the increasing plethora of digital devices to help determine what individuals might have done in the past. The evidence collected is used in a wide variety of settings: from corporate server farms to police raids on criminals' houses to the modern battlefield, and now to international cloud environments...
Securing public-facing services is a challenging task for all types of users and even best practices might not be sufficient at stopping attackers with an 0-day. It is often the case that when a new vulnerability is discovered, there is a race between attackers to exploit the vulnerability, and system administrators to patch the system in a manner that does not break existing functionality nor induce...
The field of digital forensics has evolved to allow security professionals to examine evidence from the increasing plethora of digital devices to help determine what individuals might have done in the past. The evidence collected is used in a wide variety of settings: from corporate server farms to police raids on criminals' houses to the modern battlefield, and now to international cloud environments...
IT systems are, without a doubt, fundamental to almost all facets of modern life, including government operations, commerce and manufacturing, financial systems, education, communications, energy production and distribution, and transportation. However, given the global connectedness of such systems, they are under constant attack from a variety of actors ranging from automated malware and so-called...
As cloud and virtualized environments become more widely used to solve challenges faced by companies of all sizes, it is increasingly likely that this infrastructure will be a common focus of attacks in the years to come. Successful attacks against this infrastructure could allow an attacker to "break out" of the virtual environment and gain control of the physical infrastructure effectively...
The field of digital forensics has evolved to allow security professionals to examine evidence from the increasing plethora of digital devices to help determine what individuals might have done in the past. The evidence collected is used in a wide variety of settings: from corporate server farms to police raids on criminals' houses to the modern battlefield, and now to international cloud environments...
The use of cryptography is becoming increasingly prevalent, and we see it in more and more contexts -on both sides of the fence. It is used to protect data from unauthorized access, but is also being used by adversaries - often for botnet C&C, manual control of compromised hosts, and data exfiltration. Virtual Machine Introspection (VMI) provides a mechanism by which the state of a virtual machine...
People relish the flexibility of being able access their monetary assets when and where they need them. The abundance of cards able to withdraw funds from Automatic Teller Machines (ATMs) has not gone unnoticed by the cyber criminal element. Means for skimming and cloning cards exist and the market continues to grow. While the methods for obtaining access to another's funds vary greatly, there are...
As cloud usage continues to increase, new issues with respect to managing and securing resources in the cloud are becoming more apparent. While some people may believe that security and privacy in the cloud can be addressed without the consumer considering the physical location and internal structure of the cloud, we show that this is clearly not the case. Furthermore, we describe a mechanism by which...
The evolution of phishing methods has resulted in a plethora of new tools and techniques to coerce users into providing credentials, generally for nefarious purposes. This paper discusses the relatively recent emergence of an evolutionary phishing technique called phishing by form that relies on the abuse of online forms to elicit information from the target population. We evaluate a phishing corpus...
Government agencies and organizations are just beginning to harness the powerful capabilities of visualization to aid in the prevention, detection, and mitigation of security threats. Most advances in this area have focused on protecting an agency or organization from malicious outsiders. While not a new threat, the malicious insider has recently earned increased focus. This paper investigates methods...
As a Center of Academic Excellence (CAE) in information assurance education, the University of Alaska Fairbanks is committed to promoting a culture of awareness and advancement of the current state of knowledge in the field of information assurance in Alaska and beyond through dedicated research, education, training, and outreach. The Advanced System Security Education, Research, and Training (ASSERT)...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.