MS, University of Cincinnati, 2011, Engineering and Applied Science: Computer Science

Hospital IT security presents many unique challenges that must be solved by the entire organization. Network and computer threats can cause thousands of dollars in lost time and resources, legal repercussions, and damaged repu- tation. Despite warnings from a wealth of public breach notifications, many hospitals are inadequately prepared to deal with today's computer-based at- tacks. This thesis explores the root causes of hospital network and computer in- security, and addresses these problems with methods implemented in actual hospitals. A lack of comprehension of methods to assess and implement secu- rity measures by hospital IT security employees can hinder network visibility and prevent their ability to stop threats. In addition, these same people are unable to express security concerns in terms management can understand, harming their credibility within the business as a whole. Without this sup- port, organizational change is impossible. By addressing these concerns with a combination of people, process, and tools, we can solve complex problems, protect patient data, and ensure IT operations so hospitals can serve their community and save lives.

Bachelor of Business Administration (BBA), Ohio University, 2021, Business Administration

This study looks into the human element of information security (IS) by testing changes in attitude and behavioral intention following personalized IS awareness and training. Some modern IS research has left out attitude despite its theoretical foundation and ability to predict behavior, which is why the present study emphasizes its inclusion alongside behavioral intention. Traditional IS awareness and training programs fail to motivate employees to behave more securely due to a lack of empathy in the design of the IS program. This lack of motivation has caused employees to be the most commonly reported IS vulnerability for organizations. Many programs lack a degree of personal relevance that is needed to motivate employees to change their attitude and behavior towards IS. We propose a personalized awareness and training initiative that relies on personal relevance to address this issue. We argue that personalized awareness and training initiatives that rely on personal relevance are capable of significantly and positively changing IS attitude and behavioral intention amongst participants. The results of this study indicate that the type of awareness and training initiative participants received (general versus personalized) significantly and positively changed participant attitude, with no significant difference found in behavioral intention.

Doctor of Philosophy, The Ohio State University, 2012, Computer Science and Engineering

Malicious codes are one of the biggest threats on the Internet according to the US-CERT vulnerability database. One salient example is Conficker, a malicious code targeting MS Windows that was released in 2009. Before it was discovered, millions of computers on the Internet were infected. Many approaches to malicious code detection have been proposed. However, such approaches have a key weakness: they do not leverage context information from target systems and input data in order to perform detection. Malicious codes can fully utilize context information for attack purposes, thereby evading detection. To address this issue, we propose a methodology that leverages such context information for malicious code detection. Based on this methodology, we design and implement three detection systems for malicious code detection on servers, Web browsers, and smartphones. Our first system takes ``snapshots'' of a target process's virtual memory space and leverages these snapshots to reveal malicious codes' true behaviors when consuming input data. Based on the first system, we construct the second system, which leverages Web browsers' JavaScript code execution environment to detect malicious JavaScript codes that exploit browsers' memory errors. Our third system uses an information flow tracking mechanism to detect malicious codes that steal sensitive information stored in smartphones. We comprehensively evaluate these detection systems with many real-world malicious codes. Our experimental results indicate that the context information can be used to greatly improve detection effectiveness with reasonable overhead.

Doctor of Philosophy, Case Western Reserve University, 2016, EECS - Computer Engineering

For logical correlation and clustering similar approaches together, this thesis is divided into two parts. Part I proposes three light-weight, proactive IC integrity validation approaches as countermeasures against the two major forms of counterfeit ICs namely Recycled and Cloned chips. Hence the security threats considered here revolve around the legitimacy of the procured components from the vast, ever-expanding global supply chain, used to design electronic systems. The first approach is a low overhead, on-die protection mechanism against both types of above-mentioned counterfeit digital ICs based on one-time programmable Antifuses inserted in the I/O port logic and a key stored in secure non-volatile memory. Second is an antifuse based IC package level solution against both counterfeit types, that does not require any design modification, on-die resources and hence can be applied to legacy designs (i.e. production ready designs), which comprise a significant portion of the semiconductor market. The last is an intrinsic pin resistance based IC authentication approach against cloned ICs, which does not require any overhead (die or package), changes in the design cycle and is applicable to legacy ICs. In addition to digital ICs, the latter two techniques also work efficiently for analog and mixed-signal designs. The protection against recycling offered by the first two methods involves active defense rather than only detection, i.e. the ICs are non-functional (hence of no value) until the antifuses are programmed. Overall, as compared to existing Design-for-Security (DfS) techniques, utilization of one or more of these proposed approaches would incur minimal to virtually zero design modifications and associated hardware overhead, offer easy integrability in existing chips and are potentially applicable to legacy designs and ICs of all types at comparable security. Part II of the thesis revolves around efficient protection against threats (open full item for complete abstract)

BA, Kent State University, 2014, College of Arts and Sciences / Department of History

The United States Air Force Security Service (USAFSS), created in 1948, was the first signals intelligence organization to be created post-World War II and played an integral role in Cold War intelligence gathering. Indeed, despite its relatively young age compared to its Army and Navy counterparts, the USAFSS soon became the premier agency for signals intelligence in the early Cold War and was responsible for hundreds of secret listening posts around the world. This thesis argues that the USAFSS was able to have such a large impact on the post-World War II intelligence community due to a high level of technological proficiency, dedication, and a close working relationship with the National Security Agency (NSA) after its establishment in 1952. Using oral history interviews and declassified government documents, this thesis explores how the USAFSS was established and how it grew to leave a lasting impact for both contemporary Cold War intelligence agencies and the modern incarnation of Air Force intelligence.

Master of Computing and Information Systems, Youngstown State University, 2009, Department of Computer Science and Information Systems

Is Microsoft a threat to national security? This thesis evaluates Microsoft's policies, business model, and products to determine whether Microsoft is a threat to national security. The first part of this thesis investigated Microsoft's policies and products. In the second part of this thesis, two networks were investigated. The first network, which will be known as network “honey,” was designed and configured to examine the techniques of hackers. The second network, which will be known as network “X,” is a real business enterprise network that was the target for penetration testing. The investigation provided an inside look at the security threats in Microsoft Windows XP SP3, Windows Vista SP1, Microsoft Server 2000 SP4, and Microsoft Server 2003 SP2 operating systems on a network. The results of this investigation serve as a microcosm to a macro-problem. Microsoft Windows networks are too vulnerable to serve as the backbone for any institution or organization's networking infrastructure, especially entities considered to be government critical infrastructures.

MARCH, University of Cincinnati, 2004, Design, Architecture, Art and Planning : Architecture

The primary thesis of this project is that a successful implementation of security measures in a historic city hall must be mediated by the public function and historic nature of such a structure. Many current commonly-used measures to satisfy security requirements can easily destroy the aesthetic pleasures of a space as well as hinder the building's function as a democratic forum. Additionally, the historic nature of these buildings provides additional aesthetic and technical challenges. It is the intention of this thesis to formulate a holistic approach to consideration and design of security measures in historic city halls. In order to accomplish this, my thesis analyzes the need for security in public buildings, the inherent tensions between security and the public building, and the special circumstances of security in historic contexts. The project design applies the holistic approach to a specific historic public building—medium-scale renovation and addition at Louisville City Hall.

Doctor of Philosophy, The Ohio State University, 2013, Agricultural, Environmental and Developmental Economics

Large public and private costs result from attacks on firms' information technology networks. Successful attacks result in data breaches with private damages from business interruption, reputation, and investigation forensics. Social losses result from exposing individuals' personal information, leading to state, national, and international policymakers enacting legislation to manage these costs. Inadequate economic modeling exists to analyze this phenomenon, despite the large economic impact of cyberspace, e-commerce, and social networking. This research advances information security economics by deviating from a firm-level model to focus on the social welfare implications of firm and regulator decisions. I comprehensively review the economic and policy environment and develop the first rigorous economic model of regulatory approaches to data breach. I develop a one-period model of information security and analyze the efficacy of regulatory interventions in the face of asymmetric information. The model builds upon existing models of firm and firm-consumer information security investment and draws analogy between information security and managing asymmetric information in the biosecurity and livestock disease literature. I analyze firm and social planner incentives in a non-regulatory environment and three regulatory environments. Without regulation, the firm underinvests in network and data protection relative to the social optimum. In the first regime, the regulator must expend a fixed cost to observe social losses and overcome the firm's moral hazard. The interaction between network and data protection permits the regulator to induce optimal behavior in two investment decisions with a single regulatory instrument. With sufficiently low regulatory costs, this result is socially preferred. In the second regulatory regime, the regulator must expend the same fixed cost for imperfect observation of social losses and administer a program requiring that the firm r (open full item for complete abstract)

MS, University of Cincinnati, 2024, Engineering and Applied Science: Electrical Engineering

The advent of the single purpose microcontrollers, coupled with the evolution in battery technology and wireless communication has accelerated the development and widespread of IoT devices. These omnipresent devices, due to their inherent benefit, have been employed in every aspect of our lives including the very critical ones from medical devices to security and defense. Despite their myriads of benefits, IoT devices have for the few years been one of the favorite targets of bad cyber actors due to diverse reasons. Securing IoT devices is challenging because they are not only deployed in remote places where control and supervision is unfeasible, but they also have limited computation resources which renders the current security infrastructure obsolete. To fix this issue methodologies that use hardware malware detectors (HMD) have been employed. An HMD is a security device deployed to detect and combat malicious software by analyzing activities at the hardware level. This methodology uses either built in performance monitor units and machine learning algorithms to create models capable of detecting malware operation or malware detection units created using different heuristics capable of differentiating benign or malware programs. One such heuristic is the negative selection algorithm from the field of artificial immune system which allows to build a detector set capable of differentiating between self and non-self-samples. Since malware is spread in diverse families and its development tends to have a rapid evolution, it is necessary to find a way to store critical detection information without requiring too much memory to detect a vast array of attacks. A methodology for reducing the size of the detector set and a partial implementation in hardware to assess the power and area implication of the reduction is proposed in this work. The methodology entitled Reduction of Detector Set for a Hardware (open full item for complete abstract)

Master of Arts, Miami University, 2024, Geography

In rural Sub-Saharan Africa (SSA), access to safe drinking water remains a huge challenge as the majority of residents rely on unsafe water sources. This thesis examines and documents household water security and vulnerability within rural settlements, Malawi. I obtained data on water access, and availability by interviewing sixty households from geographically disadvantaged settlements with a historical record of experiencing water insecurity. Given that safe water is crucial for human health, the quality of water consumed by various households was established by analyzing samples from the existing water sources. The thesis revealed existing differences in access to safe water within rural Malawi. While most households were generally subjected to unsafe water sources, residents from Masawani were in an even more dire state as they lacked adequate water sources that rendered them more vulnerable to water insecurity. Households' water (in)security was manifested by place of residence, socio-economic status, water taste preferences, and prevailing gender norms, which often place the burden of water collection on women and girls. Therefore, addressing water insecurity in Sub-Saharan Africa requires adopting a holistic approach that not only involves constructing adequate water infrastructure, but also understanding the intricate social and geographic dynamics of rural communities.

Doctor of Philosophy, The Ohio State University, 2024, Computer Science and Engineering

Software and protocol development has followed the design-develop-break-patch cycle for many years. One resolution to mitigate such a persistent cycle is to build the systems with formal analysis following the "analysis-prior-to-development'' philosophy. At present, state space explosion and the limited expressibility of formal model languages limit the scalability and efficiency of this approach. Expanding the scope of formal methods to broader cases requires augmented modeling and a deeper understanding of the underlying operating mechanisms. In particular, by modeling with a precise system environment and refined adversary capabilities, I wish to expand the boundaries of formal methods, exposing limiting root causes and opening novel paths for improvement. For example, considering how concurrent execution influences the processes; modeling a granular access control for user and adversary groups; incorporating human interactions; allowing adversaries to control program execution at the instruction level; and trading off between literal cryptographic accuracy and modeled theory imprecisions augments the formal modeling to reason about unconventional properties. Apart from raising security assurance, such comprehensive coverage of the system environment and precise adversary capability expand the utility of formal methods to large systems and facilitate the derivation of unconventional properties. Additionally, such design provides further feedback to formal tool development to design targeted building blocks that improve the efficiency, scalability, and expressibility of formal modeling. In this thesis, I first present an enhanced and generic formal analysis of the trusted execution environment (TEE) technology -- Software Guard Extension -- built by Intel. In particular, I made a first attempt toward extending formal verification to program logic for SGX enclaves with the powerful SGX threat model. In this effort, I derived state continuity properties with r (open full item for complete abstract)

PhD, University of Cincinnati, 2024, Education, Criminal Justice, and Human Services: Information Technology

The transition to a fully remote or hybrid work model, expedited by the COVID-19 pandemic, marks a significant shift in the traditional organizational work model, ushering in new vulnerabilities and reshaping the cyber threat landscape. This shift has necessitated organizations worldwide to rethink their Cybersecurity strategies. Notably, Zero Trust Security model emerging as a more secure alternative to the traditional perimeter-based security approach due to its array of benefits. Despite the promising benefits of Zero Trust Security Model, its adoption is often met with hesitation, partly due to the lack of a unified implementation framework and comprehensive data-driven research on the cost-benefits of adopting the model. To address these gaps, the first part of this research focuses on identifying core components required to implement Zero Trust security effectively and to advance its global adoption through a comprehensive novel implementation framework. The second part of this research presents a novel secure and cost-effective approach that integrates open-source technology with cloud-based agent and non-agent tools to centrally monitor, detect, respond to, and prevent diverse attacks capable of breaching the security of an enterprise network. In our third study, we validated the effectiveness of our framework proposed in this research through a simulation deployed on a virtual environment to test the effectiveness of Zero Trust security in preventing and minimizing the risk of data breaches. The findings and contributions of this research are poised to significantly advance Cybersecurity by providing a practical and data-driven approach for implementing Zero Trust security in small, medium and large-scale organizations. Insights from this study are intended to benefit researchers working in the Zero Trust Security domain, as well as industry practitioners looking to transition to the Zero Trust security paradigm.

Master of Science in Computer Engineering (MSCE), Wright State University, 2024, Computer Engineering

Hardware components are becoming prone to threats with increasing technological advances. Malicious modifications to such components are increasing and are known as hardware Trojans. Traditional approaches rely on functional assessments and are not sufficient to detect such malicious actions of Trojans. Machine learning (ML) assisted techniques play a vital role in the overall detection and improvement of Trojan. Our novel approach using various ML models brings an improvement in hardware Trojan identification with power signal side channel analysis. This study brings a paradigm shift in the improvement of Trojan detection in integrated circuits (ICs). In addition to this, our further analysis towards hardware authentication extends towards PUFs (Physical Unclonable Functions). Arbiter PUFs were chosen for this purpose. These are also Vulnerable towards ML attacks. Advanced ML assisted techniques predict the responses and perform attacks which leads to the integrity of PUFs. Our study helps improve ML-assisted hardware authentication for ML attacks. In addition, our study also focused on the defense part with the addition of noise and applying the same attack ML-assisted model. Detection of Trojan in hardware components is achieved by implementing machine learning techniques. For this Purpose, several Machine learning models were chosen. Among them, Random Forest classifier (RFC) and Deep neural network shows the highest accuracy. This analysis plays a vital role in the security aspect of all hardware components and sets a benchmark for the overall security aspects of hardware. Feature extraction process plays major role for the improvement of accuracy and reliability of hardware Trojan classification. Overall, this study brings significant improvement in the field of overall hardware security. Our study shows that RFC performs best in hardware classification with an average of 98. 33% precision of all chips, and deep learning techniques give 93. 16% prec (open full item for complete abstract)

Doctor of Philosophy, Case Western Reserve University, 2023, Epidemiology and Biostatistics

Broad-scale interventions to improve food security and healthy food access for populations with a high chronic disease burden have largely not resulted in improved dietary patterns or reduced diet-related disease risk. These findings indicate current interventions may not be effective in modifying food system elements that drive health outcomes, illuminating a disconnect between a collective scientific understanding of food insecurity and creating successful interventions to improve population health. Food insecurity is currently operationalized and measured as a lack of financial resources to purchase food; however, this framework does not account for the multidimensional factors that compromise nutrition quality among low-income households. Nutrition security, a recently proposed term that expands on food security, has been defined as “consistent access, availability, and affordability of foods and beverages that promote well-being and prevent (and if needed, treat) disease.” Emphasizing nutrition in this context provides an opportunity to capture the complex and interrelated life experiences that structure diet quality outcomes in the development of a new nutrition security metric. This transitional phase poses an opportunity to conceptualize nutrition security with a system thinking lens to capture and unpack the interacting, multidimensional, and complex food system components that drive diet-related inequities among low-income populations. The goal of this dissertation is to gain system insights related to the complex food system that perpetuates nutritional and health disparities as well as examine proposed solutions (Chapter 2) and explore the relationship between diet quality, food security, and healthy food access factors to identify unique nutrition security typologies for low-income residents living in an urban area with low access to healthy food retail (Chapter 3). Chapter 2 investigates the system architecture and mechanisms related to nutrition secu (open full item for complete abstract)

PhD, University of Cincinnati, 2023, Arts and Sciences: Political Science

Recent cases of hybrid warfare and other forms of ambiguous conflict present a challenge to crisis bargaining models, which describe crisis escalation as a three-part signaling process. First, states engaged in a policy dispute will make public demands about the disputed issue. Second, states follow with coercive threats if the demand is not met. Finally, states demonstrate resolve through increasingly hostile public behaviors that move the crisis closer to war. Thus, signaling is the primary strategic mechanism in crisis bargaining models. However, this traditional view of crisis escalation conflicts with some cases of international crisis. This presents a theoretical challenge to conventional bargaining and traditional views of escalation. To resolve this discrepancy, an alternative escalation model is presented below that attempts to resolve this theoretical and empirical discrepancy and explain cases of “hybrid warfare” without violating the foundational tenets of bargaining theory. The theory posits that states do not always utilize signaling as the primary strategic mechanism during an international crisis. Instead, they may utilize other strategic mechanisms to advance their interests. The model presented here, labeled “hybrid escalation,” describes one approach states take to crisis escalation that utilizes ambiguity. While escalating with military means, the hybrid state generates ambiguity by distorting information about the crisis using informational means like propaganda, censorship, proxies, disinformation, and other forms of deception. This allows the hybrid state to lower the traditional costs of escalation by exploiting various cost-lowering mechanisms that limit the typical material and political costs of escalation. To test the efficacy of this theory, I examine two recent conflicts associated with hybrid warfare. I test the data against two crisis bargaining models, traditional and hybrid escalation. I hypothesize that trad (open full item for complete abstract)

PHD, Kent State University, 2021, College of Arts and Sciences / Department of Political Science

This study is focused on understanding what factors impact the transition of the KGB to a successor organization in a former Soviet Republic. The case chosen for this research was the case of the Security Services of Ukraine (SBU), which inherited the role of the second largest contingent of the KGB upon the collapse of the USSR. This case provides context-driven insights into the understanding of the institutional evolution of a security service in the post-Soviet context. This study addresses the question of how the SBU evolved in terms of its formal and informal mission objectives (what tasks the SBU is being asked to carry out), personnel practices, and organizational structure. Furthermore, this study investigates the factors shaping the reforms that took place, regarding the SBU and why some reforms failed to progress towards their intended outcome. The methods used to identify the answers to these questions were a content analysis of media reports, archival documents, and semi-structured elite interviews with individuals holding knowledge and experience pertaining to the security apparatus of Ukraine. The triangulation of these data identify and explain how the SBU evolved into the organization it is today. They demonstrate the impact of the KGB legacy, informal practices and corruption, foreign and domestic pressures, leadership transitions, and political crises on the SBU's mission, personnel practices, and organizational structure. These findings generate knowledge on the factors that influence and determine the course of the SBU's evolution and provide insights that improve the understanding of the post-Soviet security apparatus.

Master of Arts (MA), Ohio University, 2021, Geography (Arts and Sciences)

The policy and governance dimensions of food security is of growing interest among geographers, yet there is a need for more empirical research in this area that moves beyond polemical arguments. The objective of this study is to understand the local food security governance framework in northern Ghana and examine the agency of and interaction among major actors (state-NGO). This study employs qualitative analysis in the form of semi-structured interviews. Using modified grounded theory, interview transcripts were analyzed to explain how these governance relationships have affected the (evolution of) food security priorities in northern Ghana over time. The results revealed that while the government institutions know and decide the broad direction of food security priorities of northern Ghana, NGOs provide the funds and the technical capacity to address the food security needs and implement interventions in complex local contexts. Ultimately, this study suggests that food security governance in northern Ghana has benefited greatly from the cordial relationships between NGOs and government institutions with clear definition of governance rules, obligations, and responsibilities.

Master of Computer Science (M.C.S.), University of Dayton, 2021, Computer Science

Malicious webpages with JavaScript code that launch attacks on web browsers have become an increasing problem in recent years. JavaScript is a scripting language that allows developers to create sophisticated client-side interfaces for web applications. However, JavaScript code is also used to carry out attacks against the user's browser such as stealing the user's credentials or downloading additional malware. JavaScript detection tools and commercial anti-virus tools mostly use signature-based approaches to detecting JavaScript malware. Unfortunately, the dynamic nature of the JavaScript language and its tight integration with the browser make it difficult to detect and block malicious JavaScript code. This work presents a novel approach to analyzing and detecting malicious JavaScript code in webpages. Our method combines a static analysis algorithm and a runtime monitoring mechanism to extract rich features of JavaScript code. We have built several machine-learning models to classify the maliciousness of webpages based on the extracted features. The experiments on a dataset of 11,000 malicious and 11,000 benign samples demonstrate that our method achieves a great accuracy of 99.97 percentage. We also show that our method can be adopted into future browsers to provide real-time detection of malicious webpages to protect web users.

Master of Arts (MA), Ohio University, 2021, Political Science (Arts and Sciences)

Epistemic communities supply advice for policy makers. Like in other areas, these communities have the capacity to research, organize, and influence policy in the security realm. Israel does not have a long history of utilizing epistemic communities as is the case in the United States and much of the Western world. Israel's security paradigm and its perception as existing in a perpetual state of conflict has created a highly insular network of policy makers, wary of new and outside perspectives. The growing number of security challenges facing the state have, however, created a situation whereby policymakers are beginning to seek outside expert opinion. The proliferation of academic programs of study and security-oriented think tanks have provided a new cadre of experts and institutions eager to breach the closed circle of decision makers. As the security landscape continues to evolve, so too will the role of epistemic communities in responding to these changes.

Doctor of Philosophy, The Ohio State University, 2020, Computer Science and Engineering

Today, mobile applications (apps for short) are everywhere and they often need to talk to remote backends to provide a variety of services. These backends, regardless of traditional servers or emerging cloud-based backends, are typically multi-user computing systems that need to regulate who can view or use a resource. A particular security mechanism to achieve this objective is to use access control, which typically consists of both authentication and authorization. In this dissertation, we present a systematic methodology to automatically identify vulnerable access control implementations in mobile applications (i.e., remote backends including traditional servers and cloud-based backends, and mobile apps) through automated reverse engineering of the binary code of mobile apps available in the app stores (e.g., Google Play). In particular, this methodology involves four key components: AutoForge, AuthScope, LeakScope, and MultiScope, where the first three components focus on vulnerable access controls that involve two parties (e.g., app and server, or app and cloud-based backend) and the last one focuses on vulnerable multi-party access controls (e.g., multi-party payment transactions for in-app purchases). More specifically, in order to identify vulnerable access controls in traditional servers, we designed two components that depend on traffic analysis to identify vulnerable authentication and authorization respectively. First, with respect to the identification of vulnerable authorization, we designed AutoForge that forges traffic for login to identify whether servers are subject to password brute-forcing attacks. Second, to identify vulnerable authorization, we implemented AuthScope that manipulates traffic by mutating fields used for authorization between two different users to inspect whether servers have enforced the authorization token properly. Additionally, to identify vulnerable access controls in cloud-based backends and multi-party communication model (open full item for complete abstract)