Abstracts 2018: Highlights of Student Research and Creative Endeavors

What follows is a collection of abstracts summarizing the scholarship conducted by undergraduates at Columbus State University during the 2017-2018 academic year. These projects highlight undergraduates research in a variety of disciplines, ranging from literary analysis to laboratory-based sciences. The abstracts represent many ongoing projects on our campus and catalog those that have been published or presented. This volume begins with projects that have been selected for presentations at national, regional and statewide disciplinary conferences. Among them are several that have garnered awards for outstanding undergraduate scholarship. Projects that have received competitive research grants, including our campus Student Research and Creative Endeavor (SRACE) Grants, are also featured. Many undergraduates have presented their work to our local community, either through the dissemination of best practices in nursing to regional hospitals, colloquium presentations of lecture-recitals at the RiverCenter for the Performing Arts, or at Columbus State University\u27s Tower Day held in April 2018. Together these abstracts demonstrate the commitment of our faculty to engage students in their disciplines and represent outstanding mentorship that occurs on and off our campus throughout the year. Our students have amassed an impressive collection of projects that contributes to both academia and our local community, and these abstracts will hopefully inspire others to delve into scientific and creative inquiry.https://csuepress.columbusstate.edu/abstracts/1012/thumbnail.jp

Designing a framework for data populating alarms based on MITRE techniques

In this paper we aim to develop a proof of concept framework as a step-by-step process for identifying what type of information and log types a SOC analyst needs to analyze and handle an alarm based on the alarms MITRE technique. To solve this, it was decided that using both theoretical and experimental research methodologies could be advantageous. Hence we first used a Systematic Literature Review to search, screen, and select relevant literature. Followed by the usage of Design Science Research method for conducting the research based upon a theoretical basis, and an experimental process. To develop a framework consisting of an easy to understand and independent step-by-step process. The proof of concept framework introduced in this paper, is an eight step process describing how one may proceed when gathering data needed for automating information gathering based on alarms MITRE techniques. In these eight steps it revolves around three main concepts, which are gathering a theoretical foundation by research and discussion, improving the theoretical foundation by testing and adjusting, and ends with a continuous process of maintaining the constructed automations when used in a production setting. This framework produced accurate results when tested during research, and we believe it should be further explored and tested in a larger scale. Also it should be considered a stepping stone into further automating the whole alarm handling process, from gathering data to response

Designing a framework for data populating alarms based on mitre techniques

In this paper we aim to develop a proof of concept framework as a step-by-step process for identifying what type of information and log types a SOC analyst needs to analyze and handle an alarm based on the alarms MITRE technique. To solve this, it was decided that using both theoretical and experimental research methodologies could be advantageous. Hence we first used a Systematic Literature Review to search, screen, and select relevant literature. Followed by the usage of Design Science Research method for conducting the research based upon a theoretical basis, and an experimental process. To develop a framework consisting of an easy to understand and independent step-by-step process. The proof of concept framework introduced in this paper, is an eight step process describing how one may proceed when gathering data needed for automating information gathering based on alarms MITRE techniques. In these eight steps it revolves around three main concepts, which are gathering a theoretical foundation by research and discussion, improving the theoretical foundation by testing and adjusting, and ends with a continuous process of maintaining the constructed automations when used in a production setting. This framework produced accurate results when tested during research, and we believe it should be further explored and tested in a larger scale. Also it should be considered a stepping stone into further automating the whole alarm handling process, from gathering data to response

Annual Report of Undergraduate Research Fellows, August 2012 to May 2013

Annual Report of Undergraduate Research Fellows from August 2012 to May 2013

Factors Influencing Cybersecurity Risk Among Minority-Owned Small Businesses

Small businesses are increasingly becoming targets of cyberattacks. Minority-owned small businesses may face additional challenges when it comes to cybersecurity, due to factors such as limited resources and lack of awareness. Therefore, it is important to understand the specific factors that influence cybersecurity risk among minority-owned small businesses in order to develop effective strategies to protect them from cyber threats. This study aimed to identify the factors influencing cybersecurity risk among minority-owned small businesses. The variables examined were lack of resources, lack of awareness, use of outdated technology, limited training, and targeted attacks. A multiple regression analysis was conducted with a sample size of 252 minority-owned small businesses. The results showed that all of the variables were statistically significant in predicting cybersecurity risk. Lack of resources, lack of awareness, and use of outdated technology were found to be significant predictors of cybersecurity risk. Limited training and targeted attacks were also significant predictors. These findings suggest that minority-owned small businesses are vulnerable to cybersecurity risks due to a combination of factors, including limited resources, lack of awareness, outdated technology, and inadequate training. Therefore, it is important for small business owners to prioritize cybersecurity and invest in the necessary resources and training to protect their businesses from cyber threats

Mustang Daily, April 26, 2006

Student newspaper of California Polytechnic State University, San Luis Obispo, CA.https://digitalcommons.calpoly.edu/studentnewspaper/7439/thumbnail.jp

An automated system to search, track, classify and report sensitive information exposed on an intranet

Tese de mestrado em Segurança Informática, Universidade de Lisboa, Faculdade de Ciências, 2015Through time, enterprises have been focusing their main attentions towards cyber attacks against their infrastructures derived from the outside and so they end, somehow, underrating the existing dangers on their internal network. This leads to a low importance given to the information available to every employee connected to the internal network, may it be of a sensitive nature and most likely should not be available to everyone’s access. Currently, the detection of documents with sensitive or confidential information unduly exposed on PTP’s (Portugal Telecom Portugal) internal network is a rather time consuming manual process. This project’s contribution is Hound, an automated system that searches for documents, exposed to all employees, with possible sensitive content and classifies them according to its degree of sensitivity, generating reports with that gathered information. This system was integrated in a PT project of larger dimensions, in order to provide DCY (Cybersecurity Department) with mechanisms to improve its effectiveness on the vulnerability detection area, in terms of exposure of files/documents with sensitive or confidential information in its internal network.Ao longo do tempo, as empresas têm vindo a focar as suas principais atenções para os ataques contra as suas infraestruturas provenientes do exterior acabando por, de certa forma, menosprezar os perigos existentes no interior da sua rede. Isto leva a que não dêem a devida importância à informação que está disponível para todos os funcionários na rede interna, podendo a mesma ser de caráter sensível e que muito provavelmente não deveria estar disponível para o acesso de todos. Atualmente, a deteção de ficheiros com informação sensível ou confidencial indevidamente expostos na rede interna da PTP (Portugal Telecom Portugal) é um processo manual bastante moroso. A contribuição deste projeto é o Hound, um sistema automatizado que procura documentos, expostos aos colaboradores, com conteúdo potencialmente sensível. Estes documentos são classificados de acordo com o seu grau de sensibilidade, gerando relatórios com a informação obtida. Este sistema foi integrado num projeto de maiores dimensões da PT de forma a dotar o Departamento de Cibersegurança dos mecanismos necessários a melhorar a sua eficácia nas áreas de deteção de vulnerabilidades, em termos de exposição de ficheiros/documentos com informação sensível ou confidencial na sua rede interna

An Investigation of Personal and Professional Secondary Traumatic Stress Predictors in Urban School Personnel

Due to the high rates of exposure to potentially traumatic events in childhood, educators may experience high levels of indirect trauma exposure that can lead to adverse consequences, such as Secondary Traumatic Stress (STS). STS is a potential “constellation of symptoms that may run parallel to those of posttraumatic stress disorder (PTSD) including symptoms of intrusion, avoidance, arousal, and emotional numbing” (Molnar et al., 2017, p. 130). However, STS remains understudied in the school personnel population. This quantitative survey study explored to what extent a set of professional (i.e., supervisor support, colleague support, trauma-informed practices professional development, professional role) and personal factors (self-care, personal trauma history, perceived dosage of student trauma, and subjective impact of the COVID-19 pandemic) predicted STS scores for a sample of 225 urban school personnel. Analyses included conducting descriptives and a series of hierarchical and moderation multiple regression analyses. Results reveal 41.2% of the participants met criteria for STS on the Secondary Traumatic Stress Scale (Bride et al., 2007). The results suggest the set of personal factors are significantly associated with STS scores. Professional factors, however, were found to be less strongly related, with the possible exception of supervisor support. Finally, the results suggest supervisor support may moderate or positively impact the relationship between some risk factors (e.g., perceived dosage of student trauma) and STS scores. Implications, limitations, and future directions are discussed