Currently, there are many threats to small businesses, from simple employee mishandling of sensitive data to hackers attempting to breach systems for consumer data. In this paper, I attempt to review what threats businesses are currently facing, current challenges to implementing a security program, and possible ways to implement a security solution.
Keywords: Information Security, Cyber Security, Least Privilege, Risk Mitigation, Small Business, Trojan, Phishing, Malware, Ransomware, Skimmers, Security Program
In the field of information technology, virtual reality and simulation learning have become huge trends, not only in gaming and entertainment, but also in academic fields such as medicine. In the past, medical training has always been costly in providing tools and resources for entry-level medical students to acquire proper training. Medical training conducted in a virtual environment has not only yielded higher success rates, but has also reduced resource costs overall. However, with no standardized guidelines for conducting certain training regimens and learning skills, there are still studies that show some medical training programs do not produce the best results. This research focuses on analyzing the usage of virtual reality in current medical training programs to design a medical, virtual reality, training program. This program will revolve around entry-level medical students who will be attending the University of Cincinnati’s College of Medicine. This research proposal will not only examine previous research on the utilization of virtual reality in various types of medical training, but also discuss the potential benefits of developing this training program at UC.
This research explores race related issues within Sherman Alexie's novel The Absolutely True Diary of a Part-Time Indian to generalize how race and racism is portrayed between different races within America, in this case Native Americans and white Americans. From there, the research presents the need to present these racial aspects through high school classroom instructions in order to raise awareness of race in secondary education. This research was presented at University of Cincinnati's 2018 Scholarly Showcase and was awarded in Top 25 poster presentation at the showcase.
In this paper, I study how medical records are being used by cyber-criminal for financial gain and patient manipulation. I studied what kind of criminal organizations may be involved in these operations and confirmed incidents from the black market. I conducted a literature review which generated several sources from online databases. I determined five major criminal factions that are most likely to use compromised medical records, determined possible motivations and looked at several cases of medical records being sold on the black market. The healthcare industry’s digitization efforts have left it tremendously ill-equip to combat emerging threats. It is evident that the healthcare industry must take extreme measures in order to counteract the evolving threat landscape. It is my hope that the findings of paper will being to shed light on these issues and help healthcare professionals understand what kind of threats the industry is facing.
In this paper, I study how general technology users perceive the dark web. In this study,
I conducted research on what these users know about dark web technologies, activities,
content, and how their perceptions changed after a first-hand experience on dark web
marketplaces and sites. I aimed to tackle myths and misconceptions that users had about the
dark web and present new data in order to educate and bring awareness to the dark web to
those who may never have the opportunity or reason to come upon this information on their
own. It is my hope that the findings of this paper and the experiences of the participants will
foster the spread of knowledge and awareness to both the threats and benefits that the dark
web contributes to society.
Intelligent Application if defined technically is a strategy that uses hyper-personalized mobile app experiences and services and knowledge-extraction processes to increases the user experience (Jessica Ekholm, 2017). In simple words, the applications that not only know how to support or enable key decisions but also continually learn from the user interactions to become even more relevant and valuable to those users, are known as Intelligent apps. Such applications are smart enough to differentiate between relevant and irrelevant information with the help of AI algorithms. Moreover, these apps have the capability to ease the complex task into the as simple task as a single touch.
This paper presents a prime aspect of Augmented and Virtual Reality development in the field of healthcare. We explored several recent works and articles and a comparison between generic application development and immersive technology-based application is included. The paper talks about more practical approaches that can be taken to enhance the effectiveness of the application.
The resources (infrastructure) to complete this study are provided by the University of Cincinnati’s Center for Simulation and Virtual Environment Research (UCSIM). And several experiments and projects in the field of health care are used as a reference to make conclusions.
Hypervisor-based hardware virtualization- also known as the first phase of virtualization uses Virtual Machines (VM) to provide better hardware resource utilization and application isolation. A VM provides some level of portability, but still requires a full operating system (OS) with all the binaries and libraries required to run the service it hosts. Therefore, moving an application from a development to a production environment for instance is no different than moving them between two Physical Machines (PM). Container-based virtualization-sometimes known as the next phase of virtualization addresses some of these limitations by providing virtualization at the OS level. Docker is an open source engine launched in 2013 by a company called Docker, Inc. Docker is used to manage the lifecycle of containers. Using containers, it is no longer necessary to dedicate an entire VM to an application in order to provide isolation, thus saving OS license costs. In this project we plan to formulate a generic model that can be used to fine tune a container-based setup for maximum performance benefit.
The healthcare industry is thriving and the abundant amount of data involved raises call for help
relating to managing and maintaining them. It becomes a hassle to keep the data in it’s required
place and to pull and retrieve whenever necessary. The search for a proper data mining technique
to enhance the process is always appreciated and encouraged. Our era is controlled by the
upcoming technologies that are fast paced and yield great results. There is always a scope for
improvement and optimization. Every individual from every generation has been an avid user of
mobile phone and its applications. Healthcare facilities have slowly begun to depend on applications and technologies associated and supported by mobile phones and other networking platforms in order to have everyone within the facility and also the patients who have ties to the facility have access to the information that they are entitled to have.
The principles of minimalist design are evident in much of the technology we use today. This is especially the case with mobile applications. The most successful of which attempt to minimize the amount of user input needed to provide users with the information they are seeking. Although many mobile applications use data gathered by in-system activity such as a GPS to minimize input from users—some systems require user input, such is the case with roommate matching. This study utilizes the RoomUP mobile application as a testbed to define minimal criteria that can be used to gather user input and produce a compatible roommate match. Participatory design with prospective student users is used to reduce the number of variables and provide recommendations for a minimalistic user interface. The resulting prototype is then used to verify that it meets design goals and supports a satisfactory user experience.
Shooting crime is a serious public health problem in the US. The analysis of any historical crime data reveals that crime is non-randomly distributed in time and space. Based on this notion, hot spots policing has gained its momentum to effectively predict future crime locations. Recent studies; however, pointed out that traditional hot spots policing occasionally predict rare crimes such as homicides and shootings due to their less frequent recurring counts in a given place and time (specifically for shorter time periods such as weeks and months). Given this context, we developed a new shooting prediction system (SHOPS) to explore whether recent dynamic/mobility activity patterns of known violent individuals increase the prediction of short-term fatal and non-fatal shootings compared to the traditional hot spots policing. Findings suggest that SHOPS predicts fatal and non-fatal shooting locations more precisely by identifying fewer hotspot locations. Policy implications of the study were discussed in the conclusion section.
Cloud computing has been one of the major disruptive technology of this century changing the entire face of IT infrastructure across all spectrum. This has led to tremendous development, improvement and cost efficient means of securing IT infrastructures. Virtualization is the backbone driving the numerous cloud solutions and also making them marketable in the pay-as-you-use mechanism for all kind of deployment. This research is focus on improving the security and performance of cloud storage, backup and disaster recovery by evaluating the possibility of eliminating the Recovery Point Objective (RPO) and Recovery Time Objective (RTO). A live synchronization between production and Disaster Recovery (DR) sites is presented. We considered the mechanism behind Virtual Machines (VM) and hypervisor interaction with physical memory on host computers and evaluated the ability of VM to read/write directly to a unified multiple storage locations. Dependencies, requirements and guidelines for implementing this solution would also be analyzed.
Depression is a common illness that negatively affects feelings, thoughts and behaviors and can harm regular activities like sleeping. It is a leading cause of disability and many other diseases (Choudhury, et al 2013, Mathur et al, 2016, Watkins et al, 2013). According to WHO (World Health Organization) 1 statistics, more than 300 million people over the world are affected in depression and in each country at least 10% are provided treatment. Poor recognition and treatment of depression may aggravate heart failure symptoms, precipitate functional decline, disrupt social and occupational functioning, and lead to an increased risk of mortality (Cully, et al 2009). Early detection of depression is thus necessary. Unfortunately the rates of detecting and treating depression among those with medical illness are quite low (Egede, 2007). This research proposes a solution of using random forest classifier algorithm to detect and predict detection. A mobile application will be developed in order to collect user data and make prediction.
A great deal of data is generated every day on social media, although this information is used for marketing purposes regularly, it has the potential to serve other purposes, such as in crisis management. This study focuses on collecting data from social media, specifically Twitter, in order to help 911 telecommunicators (floor supervisors, call takers, and dispatchers) to 1) identify Twitter users requesting assistance during a crisis, 2) identify information that may be useful to incidents that were called into 911, and 3) pass the information to the first responders (police, fire, and emergency medical services). Previous research in this area can be summarized into three stages. First, a set of information requirements has been developed that must be satisfied to dispatch first responders and meet their immediate awareness needs. Second, a coding schema has been presented to identify six types of actionable information. Finally, it proposed automated methods based on previous literature which can be used to implement these methods in the future (Kropczynski et al. 2018). This research concentration is on refining social media data by starting with finding local tweets that contain this information and recognize patterns of how it is used. Next, patterns will be used in the development of automated methods in the future. The contribution of this work is extending the coding schema of the 6Ws and put it on an action, develop an interface to view the data of social media separated by the 6Ws. It will begin with just on of the six Ws (Weapons).
As incessant cyber-attacks on organizations increase in complexity and destructiveness with the aim
to disrupt services and steal information, proactive measures are critically needed to mitigate these
attacks, cyber security risk assessment tops the list of measures. This study provides an overview of
cybersecurity risk assessment, various types of frameworks, and the difference between qualitative
and quantitative cybersecurity risk assessments. The aim of this early research is the creation of a
hybrid system which integrates an existing cybersecurity risk assessment system based on the NIST framework into the Factor Analysis of Information Risk (FAIR) model, an analytic risk assessment model that enables true quantitative measurement. In this study, we propose a hybrid-assessment tool which will be used to describe and compare the impact of using NIST driven values
as inputs for the resistance strength to determine the Loss Event Frequent (LEF) and Annual Loss
Expectancy (ALE) of a risk scenario as opposed to using experts’ opinion as user inputs for determination of the LEF and ALE values.
Devices in the Internet of Things (IoT) have enhanced our ability to automate functions in smart homes and increased our ability to monitor day to day activities regardless of whether we are in our home. Despite these benefits of IoT devices, it is the case that notifications about threats to our home when we are away are typically only sent to one or two people within the home. We proposed enhanced monitoring of threats by allowing temporary access to IoT devices to extended networks of homeowners in situations where primary IoT device owners are not able to address a smartphone notification quickly.
Internet of Things (IoT) enabled smart homes to have made our daily lives easier, but these conveniences have also introduced security concerns. IoT devices hold security risks as well as smart home hubs and gateways. Gateways present a centralized point of communication among devices that can create a backdoor into network data for hackers but also present a detection opportunity. Intrusion detection is a common way to detect anomalies in network traffic. This paper introduces early work on an intrusion detection system (IDS) by detecting anomalies in the smart home network using Extreme Learning Machine and Artificial Immune System (AIS ELM). AIS uses the clonal Algorithm for the optimization of the input parameters, and ELM analyzes the input parameter for better convergence in detecting anomalous activity. The larger goal of this work is to apply this approach to a smart home network gateway and combined it with a push notification system that will allow the homeowner to identify any abnormalities in the smart home network and take appropriate action.
Open Government Data (OGD) promotes transparency, innovation, and value creation that makes information gathered by the government about the city and community open to all. The City of Cincinnati Open Government Data Portal allows citizens to access local data as part of a local OGD initiative. Although these datasets are available and are used by a broad audience, little is known about how users engage with this data and the general usability of the platforms. To learn more about this audience, this study is conducted in two steps 1)- a think-aloud activity and 2)- an online survey. Through these activities, we aim to gather information about how the users are interacting with the available data and for what purpose are they interacting with different sections of the portal. After gathering relevant data from the think-aloud activity, we aim to generate a questionnaire by analyzing all the information collected in the previous event at a larger scale. Using a web-based survey shared with individuals via Qualtrics, we will explore the use of the portal to gain more insight and knowledge on user requirements and their suggestions. The endpoint of this study is to develop insights that will help us understand user expectations and how changes could benefit the portal.
This is an ongoing research project focused on creating a framework for capturing various artifacts concerning Internet of Things devices. Research has shown a severe lack of frameworks focusing on collecting data from and about IoT devices. Mozilla’s WebThings Gateway focuses on collecting this information from the devices. This project expects to find methods of IoT data collection through a proposed test-bed utilizing the WebThings Gateway.
This study proposes enhanced oversight of smart homes by leveraging the social networks of homeowners to co-monitor for emergencies, while being mindful of privacy preserving features necessary for adoption. A pilot co-design workshop was conducted to determine features for co-monitoring. A group of four participants provided early findings and informed modifications to study design, and new insights for user behavior were emphasized. By refining the study design, we hope to better target users’ tacit knowledge in future workshops. Early findings include the users’ need for more than simply sharing access to a camera during an emergency in the home; users desired control over the microphone, the camera video stream, and the length of time. We believe this work will contribute to a broader understanding of features that better meet the needs and goals of smart device owners to enable co-monitoring.
The paper focuses on exploring the social networks of technology caregivers and caregivees and also work on learning their preferred mode of information exchange. Responses from the participants of the study will throw light on the relationships between different efficacies (discussed in detail in the paper) that may have an impact on an individual’s decision. Participant’s responses are recorded through well constructed surveys that have been distributed around by word of mouth or specific social media platforms which will also prove if being a power user has any effect on the end result. The responses will be analyzed and the various efficacy constructs such as self efficacy, community collective efficacy will be kept in mind.
Previous studies have offered a variety of explanations on the relationship between democracy and the internet. Some argue that with free access to information, knowledge sharing without any constraint, and the spread of political knowledge, the internet will help change people’s political attitudes and spread democracy. Other studies found that authoritarian regimes by censoring the internet, tracking the political activist, prosecuting the dissidents, and using the internet to spread their propaganda limit the democratization. Also, some studies explored the effects of diffusion of false news through the internet and especially via social media. However, most of these studies concentrate on regions, specific states or authoritarian regimes. No study has investigated the influence of the internet in partly free countries defined by the Freedom House. Moreover, very little is known about the effects of online censorship on the development, stagnation, or decline of democracy. To fully understand the impact of the internet and online censorship on democratization in partly free countries, we must explore these relationships in these countries. Drawing upon the International Telecommunication Union, Freedom House, and World Bank reports and using machine learning methods, this study sheds new light on the effects of the internet on democratization in partly free countries. The findings suggest that internet penetration and online censorship both have a negative impact on democracy scores and the internet’s effect on democracy scores is conditioned by online censorship. Moreover, results from random forest suggest that online censorship is the most important variable followed by governance index and education on democracy scores.
Signature-based intrusion detection methods report high accuracy with a low false alarm rate. However, they do not perform well when faced with new or emerging threats. This work focuses on anomaly-based data driven methods to identify potential zero-day-attacks using a specific class of neural networks known as the autoencoder.
This paper looks at the opportunities and challenges of implementing blockchain technology across the medical sector and provides a clear view which can enable blockchain for more extents. After a notable research on underlying blockchain technology which offers distributed governance, immutable audit trail, provenance of data, robustness and privacy, we contrasted blockchain innovations and identified prominent applications of it in historically decentralized healthcare sectors. As the healthcare industry faces many challenges like unauthorised data sharing, lack of data transparency, ransomware, data breaches and cyber crimes, blockchain is one of the best ways to enhance data sharing and to mitigate prominent cyber crimes. By proper designing of a decentralized and immutable blockchain network where the data is dispersed among credentialed social insurance experts guarantees that cybercriminals cannot touch single patient’s confidential data, which facilitates encryption or cryptography of personal data where no patient’s emergency data is at extreme hazard. Blockchain trust-worthy cloud is one of the most powerful and secure ways of storing high confidential data. After analysing Blockchain implementations and identifying its potential in healthcare, we conclude with several promising directions for future research.
Cyberspace is one of the most complex systems ever built by humans. The utilization of cybertechnology resources are used ubiquitously by many, but sparsely understood by the majority of the users. In the past, cyberattacks were usually orchestrated in a random pattern of attack to lure unsuspecting targets. However, the cyber virtual environment is an ecosystem that provided a platform for an organized and sophisticated approach to launch an attack against a specific target group or organization by nefarious actors. In 2019, the average cost of cyber-attack in the US was about $1.6 million. This paper proposes a 3D framework to signal new threat alert before the actual occurrence of the threat on the surface web to alert cybersecurity experts and law enforcement agencies in preventive measures or means of mitigating the severity of damage caused by cyberattacks. The methodology combines information extracted from the deep web through a smart web crawler with socio-personal and technical indicators from twitter which is mapped with OTX (Open Threat Exchange). The OTX is an open-source cyber threat platform managed by security experts. The OTX endpoint security tool(OTX python SDK) will be used to identify a new type of cyber threats. The effectiveness of the framework will be tested using the machine learning algorithm precision-recall rate.
This research focuses on two fundamental aspects of hot spot policing that have been widely neglected by previous scholarly research. These aspects include the adequate concentration of crime at a smaller geographical unit to be considered a crime hot spot, and the cost-benefit implication of focusing limited police resources on such a smaller place in an effort to prevent criminal activities. Substantial limitations in call-t- service data from police departments raise concern on the purported concentration of crime at places that warrant such strategy in the first place. We will examine data from the Cincinnati Police Department and propose guidelines on adopting a threshold when designating places as crime hot spots, using time and cost-benefit analysis as key determinants.
The current rapid growth in the computer and internet development has ushered in numerous cybersecurity challenges which are constantly evolving with time. The current cybersecurity solutions are no longer optimal in tackling these emerging cyber threats and attacks. This paper proposes the creation of a cybersecurity dataset to be used for a hybrid machine learning (ML) approach of supervised and unsupervised learning for an effective intrusion detection system. The proposed model entails a five-stage process which starts at the setup of a simulated network environment of network attacks to generate a dataset which feeds into the data normalization stage and then to data dimension reduction stage using the principal component analysis as a feature extraction method after which the data of reduced dimension is clustered using the k-Means method to bring about a new data set with fewer features. This new dataset is afterward classified using the enhanced support vector machine (ESVM). The proposed model is expected to provide a high-quality dataset and an efficient intrusion detection system in terms of intrusion detection accuracy of 99.5%, short train time of 3seconds and a low false-positive rate of 0.4%.
Small office home office networks have become a target for many threat actors, hackers and cyber attackers and hence there is an urgent need to secure the network from such attackers. Most small office home office network users do not see the need to provide enough security to their networks because they assume no one is going to hack them forgetting that the biggest threat of our small home networks today comes from the outside. The challenge of misconfiguration of routers, firewalls and default configurations in our small home networks renders the network vulnerable to attacks such as DDos , phishing attacks , virus and other network attacks hence the need to implement a detection algorithm to help identify flaws in the pattern of the small office network. It turns out that about 75% of existing approaches focused on intrusion detection in 802.11 wireless networks of a SOHO and not the entire network. These approaches do not efficiently secure the network entirely leaving the rest prone to attacks can occur with or without the internet. This paper proposes to add another layer of security to the other preventive measures in a SOHO network by designing, implementing and testing a supervised neural network algorithm to identify attacks on the small home network and also to send a notification to users to keep them informed of the activities on their network. The supervised neural network algorithm will have a dataset representing both attacks and non-attacks which will be used in the training phase. The system should be able to detect and identify the various attacks and anomalies when they occur on the network and help keep the users informed.
This analytical paper asks, does the One-China policy shape the People’s Republic of China’s foreign policy? This paper begins by briefly defining the One-China policy and situating it in the respective histories of China and its current incarnation as the People’s Republic of China (PRC). Then, after untangling the often muddled classifications of soft, sharp, and hard power, the question is interrogated in the context of each class of power (Nye, 2004; Nye, 2011; Nye, 2018; Raby, 2019; Walker & Ludwig, 2017). This analytical essay concludes that the PRC does employ predominantly sharp and hard power strategies that are heavily influenced by the One-China policy.
The current debates revolving around 5G, Huawei, and how they are resolved, are highly visible indicators of the technology based shifts in the global order which are setting the tone for the 21st century. Currently, it seems that many in the US and the PRC are using Cold War and Thucydides Trap paradigms, with a zero-sum mentality. At least in the case of 5G technology, the UK seems to have taken a more nuanced approach.
This article comes as the UK prepares its new National Cyber Security Strategy, reviewing the 5G and cyber security debates surrounding Huawei in a highly interdisciplinary manner, and directing readers to a rich variety of resources. In addition to its analysis of issues and solutions often absent from the discourse, this article’s feature contribution is the argument that the UK can be more than an example of a middle way. Specifically, if the UK scales up and internationalizes its Huawei Cyber Security Evaluation Center, perhaps by creating an International Cyber Security Evaluation Center, it can lead its allies and the world in 5G, 6G, cybersecurity, and international relations, filling a vital leadership vacuum.