Exploring the integration of CDIO, crowdsourcing and gamification into information security courses

© 2019 WIETE. With the integration of technology into our lives and the availability of on-line sources, traditional teachingmethods have been under scrutiny. Specifically, information security courses pose a challenge, because learningtheory is not sufficient. These courses require students to develop hands-on skills and the use of tools that mightcause serious damage if improperly used. The work reported here was to design and deliver a security course followingCDIO (conceive, design, implement and operate) methodology. The course culminates in a capture the flag competitionin a gamified crowdsourced way. The courses ran for three semesters and a survey was administered to gaugestudent satisfaction, perceived enjoyment and attitude (Likert scale questionnaire). The overwhelming majority of respondents, 71.4%, had positive feelings towards the courses; felt they made it easier to learn; found the laboratory experimentsenjoyable and would consider enrolling in a similar course in the future. More interestingly, the majority reportedthe courses helped develop their collaboration (75.4%), communication and interpersonal skills (72.2%)

Automated malicious advertisement detection using VirusTotal, URLVoid, and TrendMicro

© 2017 IEEE. The Internet economy is based on free access to content in exchange of viewing advertisements that might lead to online purchases. Advertisements represent an important source of revenue to Advertising companies. Those companies employ every possible technique and trick to maximize clicks and visits to advertisers\u27 websites. Modern websites exchange advertisement contents from ads\u27 providers (such as Google AdSense), which means they do not control the contents of those advertisements. Although large providers such as Google and Yahoo! are supposed to be trustworthy, ad arbitration allows them to auction of those ad slots to other providers. Therefore, web administrators cannot guarantee the source of the ads on their delegated website areas. Those advertisements contain Javascript and may redirect to malicious websites which might lead to malicious code being executed or malware being installed. This paper proposes and implements a system for automatically detecting malicious advertisements. It employs three different online malware domain detections systems (VirusTotal, URLVoid, and TrendMicro) for malicious advertisements detection purposes and reports the number of detected malicious advertisements using each system. In addition, we study the efficiency of each system by calculating the confusion matrix and accuracy. We find that URLVoid is the best in terms of accuracy (73%) because it uses a combination of well known website scanners and domain blacklists

The impact of CDIO\u27s dimensions and values on IT Learner\u27s attitude and behavior: A regression model using Partial Least Squares

CDIO (Conceiving-Designing-Implementing-Operating), crowdsourcing and gamification are gaining more popularity in IT education. However, factors that influence learners\u27 attitude toward this method are yet to be discovered. Therefore, this study aims to develop and test a conceptual model of implementing CDIO-based curriculum in IT education. For this purpose, CDIO dimensions were conceptualized and developed into questionnaire items. Then 141 students who experienced the CDIO method in information security course and lab, were sampled through action-research approach to investigate their perceptions and experiences about the learning stages, dimensions and values of this teaching method. Data gathered were analyzed by multiple regression algorithm using Partial Least Squares-Structural Equation Modeling (PLS-SEM) statistical approach. The results reveal that the ‘mastery of the concept’, ‘implement and operate’, ‘perceived values’, ‘demonstration and resources’, and ‘admin’ could significantly (in direct and indirect paths) affect learner\u27s intention to accept the CDIO method and adopt it in IT classes. Finally, implications to theory and practice were indicated, and future research directions were suggested

Detecting Fake News in Social Media Networks

© 2018 The Authors. Published by Elsevier Ltd. Fake news and hoaxes have been there since before the advent of the Internet. The widely accepted definition of Internet fake news is: fictitious articles deliberately fabricated to deceive readers\u27. Social media and news outlets publish fake news to increase readership or as part of psychological warfare. Ingeneral, the goal is profiting through clickbaits. Clickbaits lure users and entice curiosity with flashy headlines or designs to click links to increase advertisements revenues. This exposition analyzes the prevalence of fake news in light of the advances in communication made possible by the emergence of social networking sites. The purpose of the work is to come up with a solution that can be utilized by users to detect and filter out sites containing false and misleading information. We use simple and carefully selected features of the title and post to accurately identify fake posts. The experimental results show a 99.4% accuracy using logistic classifier

Students’ acceptance of CDIO as a crowdsourcing and gamification methodology in IT classrooms: A multiple regression model

© WIETE 2019 Crowdsourcing, gamification, and the conceive - design - implement - operate (CDIO) framework provide innovative techniques for educating the next generation of engineers. The CDIO method was implemented for an ethical hacking course where students face challenges such as inadequacy of theoretical coverage, and the ramification of the improper use of hacking tools. The study outcomes are suggestions for, and testing of, work designs, as well as the delivery of security courses with CDIO methodology. The courses ran for three semesters and 141 students were surveyed. The data were analysed through structural equation modelling-partial least squares (SEM-PLS) multiple regression analysis. Examined were perceptions and experiences of the CDIO method, and how student attitudes to CDIO could be affected by factors that include enjoyment, interpersonal and technical skills. The relationship between these constructs and how they are influenced was also examined. The conclusions present theoretical and practical implications for researchers and teachers. Specified are research limitations and future work

An Enhanced AODV Protocol for Avoiding Black Holes in MANET

© 2018 The Authors. Published by Elsevier Ltd. Black hole attack is one of the well-known attacks on Mobile Ad hoc Networks, MANET. This paper discusses this problem and proposes a new approach based on building a global reputation system that helps AODV protocol in selecting the best path to destination, when there is more than one possible route. The proposed protocol enhances the using of watchdogs in AODV by collecting the observations and broadcasting them to all nodes in the network using a low overhead approach. Moreover, the proposed protocol takes into account the detection challenge when a black hole continuously moves

Exhaust: Optimizing Wu-Manber pattern matching for intrusion detection using Bloom filters

© 2015 IEEE. Intrusion detection systems are widely accepted as one of the main tools for monitoring and analyzing host and network traffic to protect data from illegal access or modification. Almost all types of signature-based intrusion detection systems must employ a pattern matching algorithm to inspect packets for malicious signatures. Unfortunately, pattern matching algorithms dominate the execution time and have become the bottleneck. To remedy that, we introduce a new software-based pattern matching algorithm that modifies Wu-Manber pattern matching algorithm using Bloom filters. The Bloom filter acts as an exclusion filter to reduce the number of searches to the large HASH table. The HASH table is accessed if there is a probable match represented by a shift value of zero. On average the HASH table search is skipped 10.6% of the time with a worst case average running time speedup over Wu-Manber of 33%. The maximum overhead incurred on preprocessing time is 1.1% and the worst case increase in memory usage was limited to 0.33%

FLUKES: Autonomous log forensics, intelligence and visualization tool

© 2017 Association for Computing Machinery. The number of structured and unstructured logs datasets is increasing, and the complexity of analyzing threats from log files poses a challenge to the research community. We propose intelligent technique to visualize and extract threats from logs files using D3.js modules with standard RegEx API, called FLUKES . In this paper we investigate the text-based ASCII format FTP, Snort, Apache and IIS server logs. When a content of a file type .json, .csv, .log, and .txt format is loaded into FLUKES, a representative summary is executed with least signi?cant a?ack traces. FLUKES will formalize and generate a new signature pa?ern that eases the process of detection and analysis of threat anomalies in log files. Forensic investigators can then determine a set of certain fields relevant to the a?ack according to the corresponding target. We present an example investigation comparison based on FTP and Apache server logs collected and managed using Snort. The ultimate contribution is to forensically determine the summary of authentication (failed and successful) a?empts to secure systems and traces found without altering the log evidence

Security techniques for intelligent spam sensing and anomaly detection in online social platforms

Copyright © 2020 Institute of Advanced Engineering and Science. All rights reserved. The recent advances in communication and mobile technologies made it easier to access and share information for most people worldwide. Among the most powerful information spreading platforms are the Online Social Networks (OSN)s that allow Internet-connected users to share different information such as instant messages, tweets, photos, and videos. Adding to that many governmental and private institutions use the OSNs such as Twitter for official announcements. Consequently, there is a tremendous need to provide the required level of security for OSN users. However, there are many challenges due to the different protocols and variety of mobile apps used to access OSNs. Therefore, traditional security techniques fail to provide the needed security and privacy, and more intelligence is required. Computational intelligence adds high-speed computation, fault tolerance, adaptability, and error resilience when used to ensure security in OSN apps. This research provides a comprehensive related work survey and investigates the application of artificial neural networks for intrusion detection systems and spam filtering for OSNs. In addition, we use the concept of social graphs and weighted cliques in the detection of suspicious behavior of certain online groups and to prevent further planned actions such as cyber/terrorist attacks before they happen

Security techniques for intelligent spam sensing and anomaly detection in online social platforms

Copyright © 2020 Institute of Advanced Engineering and Science. All rights reserved. The recent advances in communication and mobile technologies made it easier to access and share information for most people worldwide. Among the most powerful information spreading platforms are the Online Social Networks (OSN)s that allow Internet-connected users to share different information such as instant messages, tweets, photos, and videos. Adding to that many governmental and private institutions use the OSNs such as Twitter for official announcements. Consequently, there is a tremendous need to provide the required level of security for OSN users. However, there are many challenges due to the different protocols and variety of mobile apps used to access OSNs. Therefore, traditional security techniques fail to provide the needed security and privacy, and more intelligence is required. Computational intelligence adds high-speed computation, fault tolerance, adaptability, and error resilience when used to ensure security in OSN apps. This research provides a comprehensive related work survey and investigates the application of artificial neural networks for intrusion detection systems and spam filtering for OSNs. In addition, we use the concept of social graphs and weighted cliques in the detection of suspicious behavior of certain online groups and to prevent further planned actions such as cyber/terrorist attacks before they happen