Gregory White

Followers

Following

Public Views

Robha Murha

Willis Hale

Palm Beach State College

Ali Tym

Google

Mary Adgie

Mayur Desai

Texas Southern University

Fred Thompson

Willamette University

Adam R Bryant

US Air Force Research Laboratory

Amit Sawant

Veerduth Rughoonauth

Interests

Uploads

Papers by Gregory White

Obtaining an ROI with Telecommunication Firewalls

Download

The NIST Cybersecurity Framework

Research Anthology on Business Aspects of Cybersecurity, 2022

With the increase in cybercrimes over the last few years, a growing realization for the need for ... more With the increase in cybercrimes over the last few years, a growing realization for the need for cybersecurity has begun to be recognized by the nation. Unfortunately, being aware that cybersecurity is something you need to worry about and knowing what steps to take are two different things entirely. In the United States, the National Institute of Standards and Technology (NIST) developed the Cyber Security Framework (CSF) to assist critical infrastructures in determining what they need in order to secure their computer systems and networks. While aimed at organizations, much of the guidance provided by the CSF, especially the basic functions it identifies, are also valuable for communities attempting to put together a community cybersecurity program.

Download

Introduction to the Minitrack on Cybersecurity and Privacy in Government

Proceedings of the ... Annual Hawaii International Conference on System Sciences, 2020

Download

Multi-Tenant Access Control for Cloud Services

It is acceptable for this Doctoral Dissertation to include as chapters authentic copies of papers... more It is acceptable for this Doctoral Dissertation to include as chapters authentic copies of papers already published, provided these meet type size, margin, and legibility requirements. In such cases, connecting texts, which provide logical bridges between different manuscripts, are mandatory. Where the student is not the sole author of a manuscript, the student is required to make an explicit statement in the introductory material to that manuscript describing the student's contribution to the work and acknowledging the contribution of the other author(s). The approvals of the Supervising Committee which precede all other material in the Doctoral Dissertation attest to the accuracy of this statement.

Download

Provenance-Based Access Control Models

Towards Secure Information Sharing models for community Cyber Security

Proceedings of the 6th International ICST Conference on Collaborative Computing: Networking, Applications, Worksharing, 2010

In this paper, we motivate the need for new models for Secure Information Sharing (SIS) in the sp... more In this paper, we motivate the need for new models for Secure Information Sharing (SIS) in the specific domain of community cyber security. We believe that similar models will be applicable in numerous other domains. The term community in this context refers to a county or larger city size unit with a clearly demarcated geographical boundary aligned more or less with a governance boundary. Our choice of the community domain is based on the decade long experience of the Center for Infrastructure Assurance and Security (CIAS), now part of the Institute for Cyber Security (ICS-CIAS) at the University of Texas at San Antonio. Over the past decade ICS-CIAS has conducted cyber security preparedness exercises and training at communities throughout the nation specifically dealing with communication, incident response, disaster recovery, business continuity, security awareness and similar issues. We discuss the insights gained from these frequent exercises to illustrate the limitations of prior models for SIS, such as discretionary access control, mandatory access control and role-based access control. Specifically, we argue that these traditional models, while effective in addressing the issues that they were developed for, lack the agility to dynamically configure a system to facilitate SIS scenarios such as monitoring and response during a community cyber security incident life cycle. We discuss how our current research efforts at the Institute for Cyber Security on groupcentric SIS models directly address the limitations of existing models in such scenarios.

Download

A Sublexical Unit Based Hash Model Approach for Spam Detection

... removed. Then an anomaly score was assigned to each connection by applying a local outlier ..... more

State and Community Information Sharing and Analysis Organizations

Proceedings of the 50th Hawaii International Conference on System Sciences (2017)

Download

$Research paper thumbnail of The Role of Exercises in Training the Nation\u27s Cyber First-Responders$

The Role of Exercises in Training the Nation\u27s Cyber First-Responders

Terrorism has become a topic of much concern in this country since the events of September 11, 20... more Terrorism has become a topic of much concern in this country since the events of September 11, 2001. As a result, an increased emphasis has been placed on training the nation's first-responders who will be called upon in the event of an attack to effectively respond to whatever the incident entails. Of growing interest is the possible use of cyber attacks as either the primary or a contributing mode of attack. As such, the need for a trained corps of cyber first-responders is increasing. Who are the nation's cyber first-responders and how best can they be trained to detect and respond to cyber attacks? One method that has seen some success is the use of scenario-based exercises to provide awareness and training to community cyber firstresponders. A three-phased approach for such an exercise is proposed and initial results discussed.

Download

An Approach to Detect Executable Content for Anomaly Based Network Intrusion Detection

2007 IEEE International Parallel and Distributed Processing Symposium, 2007

Since current internet threats contain not only malicious codes like Trojan or worms, but also sp... more Since current internet threats contain not only malicious codes like Trojan or worms, but also spyware and adware which do not have explicit illegal content, it is necessary to have a mechanism to prevent hidden executable files downloading in the network traffic. In this paper, we present a new solution to identify executable content for anomaly based network intrusion detection system (NIDS) based on file byte frequency distribution. First, a brief introduction to application level anomaly detection is given, as well as some typical examples of compromising user computers by recent attacks. In addition to a review of the related research on malicious code identification and file type detection in section 2, we will also discuss the drawback when applying them for NIDS. After that, the background information of our approach is presented with examples, in which the details of how we create the profile and how to perform the detection are thoroughly discussed. The experiment results are crucial in our research because they provide the essential support for the implementing. In the final experiment simulating the situation of uploading executable files to a FTP server, our approach demonstrates great performance on the accuracy and stability. 1.

Download

Play It Safe: An Educational Cyber Safety Game for Children in Elementary School

2019 11th International Conference on Virtual Worlds and Games for Serious Applications (VS-Games), 2019

The objective of this research is to measure the effectiveness of a game-based learning approach ... more The objective of this research is to measure the effectiveness of a game-based learning approach for cyber safety education for children in elementary school. To date, few cyber safety games have been developed and evaluated for elementary school children. To address this gap in knowledge, we developed a novel cyber safety computer game and conducted a study with elementary school children ranging from age 7 to 10 (n=49). Children were taught concepts of cyber safety through either our plain TEXT, our interactive E-LEARNING website, or our GAME. Knowledge increased significantly more in the group that played the game, indicating that elementary school children can learn about the concepts of cyber safety more effectively through a game-based learning approach compared to traditional text and/or e-Learning based approaches.

Is a Significant Demographic Left Out of the Equation? An Overview of Possible Inequitable Access to Cybersecurity Educational Programs in the United States

Proceedings of the Annual Hawaii International Conference on System Sciences, 2022

Download

Introduction to the Minitrack on Cybersecurity in Digital Government

Proceedings of the Annual Hawaii International Conference on System Sciences, 2019

Download

Introduction to the Minitrack on Cybersecurity and Privacy in Government

Proceedings of the Annual Hawaii International Conference on System Sciences, 2021

Download

Fundamentals of Computer Security

Secure Computers and Networks, 1999

Download

Cyber security exercises: testing an organization's ability to prevent, detect, and respond to cyber security events

37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the, 2004

The digital age has transformed how today's organizations operate. The production and delivery of... more The digital age has transformed how today's organizations operate. The production and delivery of essential goods and services takes place through complex and interconnected business processes that in turn rely on a set of interdependent infrastructures. These infrastructures and their supporting information systems transcend individual organizations. However, information systems security research is largely under the purview of computer science and engineering departments, and consequently often focuses on technological issues while overlooking the pervasive nature of information systems in today's society. This has generated calls for a new approach to information systems security; one that employs a socioorganizational perspective that includes not only individual organizations but entire industry sectors and government agencies as well. This paper presents one such approach, the use of scenario-based exercises in addressing security issues common to large organizations, industry sectors, and various levels of government. Lessons learned from illustrative examples of such exercises, as well as suggestions to help organizations conduct their own exercise, are discussed.

Download

Introduction to the Cybersecurity Minitrack

2016 49th Hawaii International Conference on System Sciences (HICSS), 2016

Download

e-Government and Cyber Security: The Role of Cyber Security Exercises

Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06), 2006

02-16-cyber-attacks_N.htm?csp=34. Based on data reportedly provided to USA Today, the U.S. Comput... more 02-16-cyber-attacks_N.htm?csp=34. Based on data reportedly provided to USA Today, the U.S. Computer Emergency Readiness Team (US-CERT), a Department of Homeland Security entity, found that known cyberattacks on U.S. government networks rose 40% in 2008 compared to 2007. While this survey focused on U.S. government computer systems, telecommunications networks are maintained by private industry, and any degradation to these services or components would necessarily have negative implications for both public and private cyber activities. 10 For more information on cyberattackers' capabilities, see CRS Report RL33123, Terrorist Capabilities for Cyberattack: Overview and Policy Issues, by John Rollins and Clay Wilson.

Download

An Evolution Roadmap for Community Cyber Security Information Sharing Maturity Model

Proceedings of the 50th Hawaii International Conference on System Sciences (2017), 2017

Cyber security has become one of the most important challenges, which is especially true for comm... more Cyber security has become one of the most important challenges, which is especially true for communities. A community generally consists of all of the entities within a geographical region, including both public and private infrastructures. Cyber attacks and other cyber threats can result in disruption and destruction of critical services and cause potentially devastating impacts in a community. An effective information collection, sharing and incident collaboration and coordination process is needed in communities to detect potential risks, prevent cyber attacks at an early stage, and facilitate incident response and preparedness activities. In this paper, an expanded collaborative information sharing framework that aims to improve community cyber security is presented. An Information Sharing Maturity Model is developed as a roadmap with evolutionary procedures and incremental steps for community organizations to advance in information sharing maturity.

Download

Introduction to the Minitrack on Cybersecurity and Government

Proceedings of the 51st Hawaii International Conference on System Sciences, 2018

Download

Obtaining an ROI with Telecommunication Firewalls

Download

The NIST Cybersecurity Framework

Research Anthology on Business Aspects of Cybersecurity, 2022

Download

Introduction to the Minitrack on Cybersecurity and Privacy in Government

Proceedings of the ... Annual Hawaii International Conference on System Sciences, 2020

Download

Multi-Tenant Access Control for Cloud Services

Download

Provenance-Based Access Control Models

Towards Secure Information Sharing models for community Cyber Security

Proceedings of the 6th International ICST Conference on Collaborative Computing: Networking, Applications, Worksharing, 2010

Download

A Sublexical Unit Based Hash Model Approach for Spam Detection

... removed. Then an anomaly score was assigned to each connection by applying a local outlier ..... more

State and Community Information Sharing and Analysis Organizations

Proceedings of the 50th Hawaii International Conference on System Sciences (2017)

Download

$Research paper thumbnail of The Role of Exercises in Training the Nation\u27s Cyber First-Responders$

The Role of Exercises in Training the Nation\u27s Cyber First-Responders

Download

An Approach to Detect Executable Content for Anomaly Based Network Intrusion Detection

2007 IEEE International Parallel and Distributed Processing Symposium, 2007

Download

Play It Safe: An Educational Cyber Safety Game for Children in Elementary School

2019 11th International Conference on Virtual Worlds and Games for Serious Applications (VS-Games), 2019

Is a Significant Demographic Left Out of the Equation? An Overview of Possible Inequitable Access to Cybersecurity Educational Programs in the United States

Proceedings of the Annual Hawaii International Conference on System Sciences, 2022

Download

Introduction to the Minitrack on Cybersecurity in Digital Government

Proceedings of the Annual Hawaii International Conference on System Sciences, 2019

Download

Introduction to the Minitrack on Cybersecurity and Privacy in Government

Proceedings of the Annual Hawaii International Conference on System Sciences, 2021

Download

Fundamentals of Computer Security

Secure Computers and Networks, 1999

Download

Cyber security exercises: testing an organization's ability to prevent, detect, and respond to cyber security events

37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the, 2004

Download

Introduction to the Cybersecurity Minitrack

2016 49th Hawaii International Conference on System Sciences (HICSS), 2016

Download

e-Government and Cyber Security: The Role of Cyber Security Exercises

Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06), 2006

Download

An Evolution Roadmap for Community Cyber Security Information Sharing Maturity Model

Proceedings of the 50th Hawaii International Conference on System Sciences (2017), 2017

Download

Introduction to the Minitrack on Cybersecurity and Government

Proceedings of the 51st Hawaii International Conference on System Sciences, 2018

Download

Gregory White

Uploads

Papers by Gregory White

Log In