AN INVESTIGATION INTO THE USE AND USEFULNESS OF SECURITY SO TWARE IN DETECTING COMPUTER ABUSE

Computer security remains an important issue in the management of organizational information systems. Losses resulting from computer abuse and errors are substantial, and IS managers continue to cite security and control as a key management issue. With continued expansion of clistributed data processing and storage, the need to both prevent and detect violations also increases. This latter aspect, detection of computer abuse incidents, is the focus of this study. This empirical study examines the prevalence and sophistication of security software system installations across the United States. Using a victimization survey of 528 randomly-selected DPMA members, the study examines discovered incidents of computer abuse in organizations and attempts to identify relationships between comprehensive (i.e., sophisticated) security software and successful discovery of abuse. More comprehensive security software was found to be associated with greater ability to identify perpetrators of abuse and to discover more serious computer abuse incidents. Larger organizations used both a greater number and more sophisticated security software systems than smaller organizations. Wholesale/retail trade organizations used less comprehensive software than average, while manufacturing organizations and public utilities used more comprehensive software. Surprisingly, no relationships were found between the maturity of an organization\u27s security function and the number and/or sophistication of security software systems utilized

Evaluation of DoS attacks on Commercial Wi-Fi-Based UAVs

One of the biggest challenges for the use of Unmanned Aerial Vehicles (UAVs) in large-scale real-world applications is security.  However, most of research projects related to robotics does not discuss security issues, moving on directly to studying classical problems (i.e., perception, control, planning). This paper evaluates the effects of availability issues (Denial of Service attacks) in two commonly used commercially available UAVs (AR.Drone 2.0 and 3DR SOLO). Denial of Service (DoS) attacks are made while the vehicles are navigating, simulating common conditions found both by the general public and in a research scenario. Experiments show how effective such attacks are and demonstrate actual security breaches that create specific vulnerabilities. The results indicate that both studied UAVs are susceptible to several types of DoS attacks which can critically influence the performance of UAVs during navigation, including a decrease in camera functionality, drops in telemetry feedback and lack of response to remote control commands. We also present a tool that can be used as a failsafe mechanism to alert the user when a drone is reaching out a determined flight limit range, avoiding availability issues

Preserving the confidentiality of final examination question paper using image steganography technique / Aviefieorennia Tompell

Nowadays, examination is one of the important process in education. It is either done orally, in the form of written paper and practiced-based examination as well as participating in a course work. The rapid and constant paces of technology changing are creating both opportunities and challenges for schools and higher education community such as the universities. One of the challenges is the leakage of question papers before the final examination being conducted. The quality of the education system and the achievement of its objective are exposed to a serious threat with actions and practices that weaken the credibility of examination. In some countries, a centralized examination system is used and most education community does not realize the occurrence of final examination question paper leakage. It can affects the candidates in the whole country where the exam can be postponed or cancelled due to the leakage of question papers. The government are losing a lot of money to replace the leaked final examination question papers. The confidentiality of the question papers must be strictly maintained. Thus, this project emphasize strongly on developing a desktop based application that can hide final examination question paper in a digital bitmap cover image by using Image Steganography technique intended for the use of lecturer during the preparation of final examination question paper. This project focus on the Least Significant Bit algorithm in Image Steganography while providing a practical understanding of what Steganography is and how to accomplish it. The significance of this project is to help prevent unauthorized access, use and modification of the question paper before the final examination being conducted. It can preserve and enhance the confidentiality of the final examination question paper and can save lecturer time and it is cost efficient. The project overall objectives are achieved and it is successfully applied on .pdf and .doc file format of the final examination question paper. More testing on robustness of this project will be done in the future

Security Issues Facing Computer Users: An Overview

Abstract This paper is a broad overview of several issues pertaining to computer security. There are two types of computer security one is standalone computer security means security of computer when it is not connected with network and second is security of computer when it is connected with network. Using Biometrics methods the computer user can allow only authentication logins. And by using encryption technique the computer users can secure the data in the computer system. With the help of the firewall the computer user can control the incoming and outgoing network traffic by analyzing the data packets and determining whether it should be allowed through or not, based on a predetermined rule set. The overall aim of this paper is to discuss here the security issues facing computer user and methods to secure computer system

A path context model for computer security phenomena in potentially non-secure environments

D.Sc. (Computer Science)Please refer to full text to view abstrac

The automatic generation of information security profiles

D.Phil. (Computer Science)Security needs have changed considerably in the past decade as the economics of computer usage necessitates increased business reliance on computers. As more individuals need computers to perform their jobs, more detailed security controls are needed to offset the risk inherent in granting more people access to computer systems. Traditionally, computer security administrators have been tasked with configuring' , security systems by setting controls on the actions of users. This basically entails the compilation of access rules (contained in security profiles), which state who can access what resources in what way. The task of building these rules is of considerable magnitude and is in general not well understood. Adhoc approaches, characterized by exhaustive interviewing and endless printouts of organizational data repositories, are usually followed. In the end, too much is left to the discretion of the security administrators..

Automated secure systems development methodology

D.Com. (Informatics)The complexity of modern computer-based information systems is such that, for all but the simplest of examples, they cannot be produced without a considerable amount of prior planning and preparation. The actual difficulties of trying to design, develop and implement complex computer-based systems have been recognised as early as the seventies. In a bid to deal with what was then referred to as the "software crisis", a number of so- called "methodologies" were advocated. Those methodologies were, in turn, based on a collection of guidelines or methods thanks to which their designers could eventually make the claim that computer systems, and in particular information systems, could be designed and developed with a greater degree of success. By using a clear set of rules, or at least reasonably detailed principles, they could ensure that the various design and development tasks be performed in a methodical, organ ised fashion. Irrespective of the methodologies or guidelines that were adopted or laid down, the developers principal aim was to ensure that all relevant detail about the proposed information systems would be taken into account during the long and often drawn-out design and development process. Unfortunately, many of those methodologies and guidelines date from the early 1970s and, as a result, no longer meet the security requirements and guidelines of today's information systems. It was never attempted under any of those methodolog ies, however, to unriddle the difficulties they had come up against in information security in the domain of system development . Security concerns should however, form an integral part of the planning, development and maintenance of a computer application. Each application system should for example, take the necessary security measures in any given situation