Password Cracking and Countermeasures in Computer Security: A Survey

With the rapid development of internet technologies, social networks, and other related areas, user authentication becomes more and more important to protect the data of the users. Password authentication is one of the widely used methods to achieve authentication for legal users and defense against intruders. There have been many password cracking methods developed during the past years, and people have been designing the countermeasures against password cracking all the time. However, we find that the survey work on the password cracking research has not been done very much. This paper is mainly to give a brief review of the password cracking methods, import technologies of password cracking, and the countermeasures against password cracking that are usually designed at two stages including the password design stage (e.g. user education, dynamic password, use of tokens, computer generations) and after the design (e.g. reactive password checking, proactive password checking, password encryption, access control). The main objective of this work is offering the abecedarian IT security professionals and the common audiences with some knowledge about the computer security and password cracking, and promoting the development of this area.Comment: add copyright to the tables to the original authors, add acknowledgement to helpe

Reactive Rules for Emergency Management

The goal of the following survey on Event-Condition-Action (ECA) Rules is to come to a common understanding and intuition on this topic within EMILI. Thus it does not give an academic overview on Event-Condition-Action Rules which would be valuable for computer scientists only. Instead the survey tries to introduce Event-Condition-Action Rules and their use for emergency management based on real-life examples from the use-cases identified in Deliverable 3.1. In this way we hope to address both, computer scientists and security experts, by showing how the Event-Condition-Action Rule technology can help to solve security issues in emergency management. The survey incorporates information from other work packages, particularly from Deliverable D3.1 and its Annexes, D4.1, D2.1 and D6.2 wherever possible

Computer Security Documentation for a Non-Technical Audience

This research project investigates the development of computer security documentation. Computer security includes the protection of hardware, software, and/or digital information from theft and/or damage, along with preventing disruption or misdirection of the services a computer may provide.The scope of the research was to develop a document detailing the basic fundamental concepts of computer security that individuals of all backgrounds can use without requiring prerequisite knowledge of computer security. The core concepts of the document encompass phishing, social engineering, password security, trusted/untrusted networks, viruses, malware, and antivirus software. Both technical and non-technical individuals can utilize the document to learn how to be safe online and make informed decisions on the internet. The evaluation of the efficacy of the document relies on two surveys. The methodology involved participants taking a pre-survey before reading the document. Followed by reading the developed document and afterward taking a post-survey. The results of the first survey, in comparison to the second survey, are used to determine the efficacy. The participants were selected on a voluntary basis, with the focus being on non-technical individuals of varying backgrounds.https://openriver.winona.edu/urc2018/1000/thumbnail.jp

System Security in an Open Lab Environment

This thesis presents a system security process for computer workstations in a university open lab environment, which was developed and implemented for the Lumpkin Hall Computer Labs at Eastern Illinois University (EIU). The system security includes the use of policies and NTFS permissions, registry hacks and script files. These techniques were applied to a mixture of Windows NT 4.0 service pack 6a and Windows 2000 Professional workstations in the Lumpkin Hall Computer Labs. They were then tested for appropriate security setup using a Network Security Checksheet and a survey. The Network Security Checksheet ensured that all of the workstations were configured properly and that the security settings where working properly to protect against known Windows exploits. A survey was used to validate the accessibility to the workstations for students in the School of Business at EIU. This new system security setup has decreased the maintenance workload by approximately 25%

Determinants of Computer Security Practices

A survey of computer security practices at 67 medium and large organizations in Singapore shows that the level of computer security practices at these organizations is predicted better using their needs for confidentiality, integrity and availability rather than through a more traditional risk assessment methodolog

Game Based Learning for Safety and Security Education

Safety and security education are important part of technology related education, because of recent number of increase in safety and security related incidents. Game based learning is an emerging and rapidly advancing forms of computer-assisted instruction. Game based learning for safety and security education enables students to learn concepts and skills without the risk of physical injury and security breach. In this paper, a pedestal grinder safety game and physical security game have been developed using industrial standard modeling and game development software. The average score of the knowledge test of grinder safety game was 82%, which is higher than traditional lecture only instruction method. In addition, the survey of physical security game shows 84% average satisfaction ratio from high school students who played the game during the summer camp. The results of these studies indicated that game based learning method can enhance students' learning without potential harm to the students