Research

an experience report on using interactive program visualization to teach stack smashing. Stack smashing is a critical cybersecurity topic, and effective teaching methods are essential for students to understand and apply defensive techniques. The report discusses the development and implementation of interactive visualization tools for stack smashing education, providing insights into the effectiveness and student engagement of these tools.

READ MORE >

a practical experience report on creating a large-scale memory error IoT botnet using NS3DockerEmulator. Botnets are a significant threat in the IoT security landscape, and understanding their creation and operation is crucial for defense and mitigation strategies. The report details the process of setting up and simulating a memory error IoT botnet using NS3DockerEmulator, highlighting the challenges and insights gained from this practical exercise.

READ MORE >

Penetration testing is a vital aspect of IoT security assessment, and involving students in real-world testing scenarios can enhance their understanding and skills. The poster describes the methodology and outcomes of class-sourced penetration testing conducted on IoT devices, showcasing the collaborative effort between students and instructors to identify vulnerabilities and improve device security.

READ MORE >

A framework for thwarting ActionScript web attacks from within. ActionScript-based web attacks pose significant security risks, and effective defense mechanisms are necessary to protect against them. Inscription provides a comprehensive approach to detecting and mitigating ActionScript web attacks within web applications, enhancing overall security posture and resilience against exploitation attempts.

READ MORE >

Much research has found that social influences (such as social proof, storytelling, and advice-seeking) help boost security awareness. But we have lacked a systematic approach to tracing how awareness leads to action, and to identifying which social influences can be leveraged at each step. Toward this goal, we develop a framework that synthesizes our design ideation, expertise, prior work, and new interview data into a six-step adoption process.

READ MORE >

How can we encourage end-user acceptance of expert recommended cybersecurity and privacy (S&P) behaviors? We review prior art in human-centered S&P and identified three barriers to end-user acceptance of expert recommendations: (1) awareness: i.e., people may not know of relevant security threats and appropriate mitigation measures;

READ MORE >

With the advent of mobile apps such as Periscope, Facebook Live, and now TikTok, live-streaming video has become a commonplace form of social computing. It has not been clear, however, to what extent the current ubiquity of smartphones is impacting this technology’s acceptance in everyday social situations, and how mobile contexts or affordances will affect and be affected by shifts in social norms and policy debates regarding privacy, surveillance, and intellectual property.

READ MORE >

The introduction of mobile apps such as Meerkat, Periscope, and Facebook Live has sparked enthusiasm for live-streaming video. This study explores the legal and ethical implications of mobile live-streaming video apps through a review of public-policy considerations and the computing literature as well as analyses of a mix of quantitative and qualitative user data. We identify lines of research inquiry for five policy challenges and two areas of the literature in which the impact of these apps is so far unaddressed.

READ MORE >

IoT Lab confronts cybersecurity challenges exemplified by Mirai malware, which orchestrated massive DDoS attacks using compromised IoT devices, aiming to develop defenses against such threats.

READ MORE >

Securing IoT companion apps is essential to safeguard user privacy and device integrity in the interconnected landscape, ensuring protection against potential cyber threats and breaches.

READ MORE >

As smart home tech proliferates, safeguarding device security and privacy is critical. Human-centered evaluations, accounting for user needs and behaviors, are essential alongside technical assessments.

READ MORE >

The Smart Home Router Security Project is designed to provide students with hands-on experience in assessing and enhancing the security of smart home routers.

READ MORE >