Cybersecurity of Online Proctoring Systems

The online proctored examinations are adopted exceedingly in all forms of academic education and professional training. AI with Machine Learning technology take the leading role in supporting authentication, authorization, and operational control of proctored online examination. The paper discusses how administrative, physical, and technical controls can help mitigate related cybersecurity vulnerabilities of online proctoring systems (OPS). The paper considers two classes of OPS: fully automated AI-enabled systems and hybrid systems (automated AI-enabled with an expert live proctor in control). Based on the review of 20 online proctoring systems, the paper discusses methods and techniques of multi-factor authentication and authorizations, including the use of challenge-response, biometrics (face and voice recognition), and blockchain technology. The discussion of operational controls includes the use of lockdown browsers, webcam detection of behavioral signs of fraud, endpoint security, VPN and VM, screen-sharing and keyboard listening programs, technical controls to mitigate the absence of spatial (physical area) controls, compliance with regulations (GDPR), etc. Other topics discussed include confidentiality of the exam content, logging of control data, video and sound recording for auditing, limitations of endpoint-based security protection and detection techniques of behavior-based cheating and the effect of new intrusive technology on students’ privacy. In conclusion, the paper lists advanced features of online proctoring systems

The Need for International AI Activities Monitoring

This paper focuses primarily on the need to monitor the risks arising from the dual-use of Artificial Intelligence (AI). Dual-use AI technology capability makes it applicable for defense systems and consequently may pose significant security risks, both intentional and unintentional, with the national and international scope of effects. While domestic use of AI remains the prerogative of individual countries, the unregulated and nonmonitored use of AI with international implications presents a specific concern. An international organization tasked with monitoring potential threats of AI activities could help defuse AI-associated risks and promote global cooperation in developing and deploying AI technology. The paper reviews factors involved in the international monitoring of AI activities, strategies of dual-use technologies regulation, challenges, and potential solutions

Teaching Information Assurance Online

Cyber security threats, systems vulnerabilities, privacy concerns, and other security developments are progressing and proliferating rapidly.   This article describes experience accumulated in teaching an online Information Assurance course at a 4-year college for graduate and undergraduate students. The course content is based on the security curriculum structured by ten security domains of knowledge, as defined by the (ISC)² for professional certification programs CISSP of (ISC)². Only eight out of ten domains are included in the 10-week IA-Study course. The courses uses several basic e-learning activities - online studies supported with Via Voice-narrated slides presentation, video presentation, online reference book and supplemental readings; collaborative and individual coursework supported by Online WorkBook (WB) in Google Docs, assessment quizzes administered online via Blackboard/WebCT, and team/class discussions and networking supported with a dedicated Google Blog.   WB facilitates collaborative students’ work using Wiki technology; it provides both work instructions and the place to submit the students work. Using a log in the Google Docs, the instructor can see individual contributions of team members to a collaborative project.  In addition, each team is required to submit members’ peer evaluations.   WikiDigest project – a value-added work-in-progress - opens opportunities for the instructor and the students to work together on collecting Tips and Recommendations for an Information Security Awareness knowledge base that can be used on campus by students and faculty.   In conclusion, the article reviews students’ perceptions of online learning such as acceptance of online learning in general, time needed and actually spent to study the course, and effectiveness of team collaboration

Cyber Security Awareness Among College Students

This study reports the early results of a study aimed to investigate student awareness and attitudes toward cyber security and the resulting risks in the most advanced technology environment: the Silicon Valley in California, USA. The composition of students in Silicon Valley is very ethnically diverse. The objective was to see how much the students in such a tech-savvy environment are aware of cyber-attacks and how they protect themselves against them. The early statistical analysis suggested that college students, despite their belief that they are observed when using the Internet and that their data is not secure even on university systems, are not very aware of how to protect their data. Also, it appears that educational institutions do not have an active approach to improve awareness among college students to increase their knowledge on these issues and how to protect themselves from potential cyber-attacks, such as identity theft or ransomware

Cases in database design

x+186hlm.;24c