Matching Items (16)
Filtering by
- Creators: Wang, Ruoyu
- Creators: Department of Information Systems
- Creators: Acuna, Ruben
- Resource Type: Text
Description
This software can process transactions for small businesses and store those transactions for reporting purposes. The specific build is tailor made for a small business run by the author and their partners. The software is a customized, in house solution for maintaining accurate accounting information. It uses C# code and windows forms to create a unique GUI to both enter and retrieve data. The code for each form is attached at the end of the user manual.
ContributorsGodfrey, David Emmanuel (Author) / Olsen, Christopher (Thesis director) / Anderson, Dennis (Committee member) / Barrett, The Honors College (Contributor) / School of Accountancy (Contributor) / Department of Information Systems (Contributor)
Created2014-05
Description
Healthcare facilities are essential for any community, and they must stay up-to-date with the latest equipment and technology. They provide necessary resources for keeping populations healthy and safe. In order to provide healthcare services, these healthcare facilities must be adequately equipped with appropriate physical capital as well as software to meet the demands of their patients. Healthcare capital equipment planning involves building up a facility with all it’s equipment and is a part of the healthcare supply chain. Attainia is a healthcare capital equipment planning software used to assist equipment planners in organizing the procurement of equipment for their projects. Attainia has a large amount of data about the capital equipment supply chain through the Attainia equipment catalog. Analysis of this catalog data reveals different patterns in the spending patterns of capital equipment planners as well as trends in the supplier offerings. Since Attainia itself is a software, Attainia’s users have experience with implementing and integrating software into healthcare IT solutions. Their experiences give some insight into the complex nature of software implementations at healthcare facilities. The COVID-19 pandemic has affected healthcare facilities all over the world. Impacting the supply chain and hitting hospitals’ finances, COVID-19 has drastically changed many parts of the healthcare system. This paper will examine some of these ongoing effects from COVID-19 along with analysis on capital equipment planning, supply chain, and healthcare software implementation.
ContributorsShah, Shailee (Author) / Pye, Jessica (Thesis director) / Roumina, Kavous (Committee member) / School of International Letters and Cultures (Contributor) / Department of Information Systems (Contributor, Contributor) / Barrett, The Honors College (Contributor)
Created2021-05
DescriptionA two-way deterministic finite pushdown automaton ("2PDA") is developed for the Lua language. This 2PDA is evaluated against both a purpose-built Lua syntax test suite and the test suite used by the reference implementation of Lua, and fully passes both.
ContributorsStevens, Kevin A (Author) / Shoshitaishvili, Yan (Thesis director) / Wang, Ruoyu (Committee member) / School of Mathematical and Statistical Sciences (Contributor) / Computer Science and Engineering Program (Contributor, Contributor) / Barrett, The Honors College (Contributor)
Created2020-05
Description
This thesis explores cybersecurity as a profession and whether it belongs in academia. It also explores exactly how it should be implemented into universities. Whether in a bachelor's program or master's program, cybersecurity degree or cybersecurity concentration, engineering school or business school, cybersecurity has a place in higher education that plays an integral role in helping fix the issue of a lack of cybersecurity professionals. At Arizona State University, a cybersecurity concentration currently exists in the engineering school at both the bachelor's and master's level as well as the business school at the bachelor level. The one location it is missing from is the master's level of the business school. The goal of this report is to suggest a change to the specific curriculum in the Information Systems Department at the W.P. Carey School of Business. This thesis compares the curriculum of the Master of Science in Information Management (MSIM) program at Arizona State to eight other programs around the country that either offer a cybersecurity concentration option, offer cybersecurity degrees, or have highly ranked MSIM programs. A new curriculum is recommended that includes greater flexibility for students in customizing their education to specific career fields within information systems, offers multiple certificate options including cybersecurity, and better matches what the other highly ranked programs are offering to students. This curriculum is not only better for students attending or seeking Arizona State University but better for the University itself. It offers a more well-rounded scope of topics than the current program does while maintaining the identity and strengths of the current program.
ContributorsWelcome, Anthony (Author) / Sopha, Matthew (Thesis director) / Mazzola, Daniel (Committee member) / Department of Information Systems (Contributor) / Barrett, The Honors College (Contributor)
Created2018-12
Description
Recent advances in techniques allow the extraction of Cyber Threat Information (CTI) from online content, such as social media, blog articles, and posts in discussion forums. Most research work focuses on social media and blog posts since their content is often contributed by cybersecurity experts and is usually of cleaner formats. While posts in online forums are noisier and less structured, online forums attract more users than other sources and contain much valuable information that may help predict cyber threats. Therefore, effectively extracting CTI from online forum posts is an important task in today's data-driven cybersecurity defenses. Many Natural Language Processing (NLP) techniques are applied to the cybersecurity domains to extract the useful information, however, there is still space to improve. In this dissertation, a new Named Entity Recognition framework for cybersecurity domains and thread structure construction methods for unstructured forums are proposed to support the extraction of CTI. Then, extend them to filter the posts in the forums to eliminate non cybersecurity related topics with Cyber Attack Relevance Scale (CARS), extract the cybersecurity knowledgeable users to enhance more information for enhancing cybersecurity, and extract trending topic phrases related to cyber attacks in the hackers forums to find the clues for potential future attacks to predict them.
ContributorsKashihara, Kazuaki (Author) / Baral, Chitta (Thesis advisor) / Doupe, Adam (Committee member) / Blanco, Eduardo (Committee member) / Wang, Ruoyu (Committee member) / Arizona State University (Publisher)
Created2022
Description
Human civilization within the last two decades has largely transformed into an online one, with many of its associated activities taking place on computers and complex networked systems -- their analog and real-world equivalents having been rendered obsolete.These activities run the gamut from the ordinary and mundane, like ordering food, to complex and large-scale, such as those involving critical infrastructure or global trade and communications.
Unfortunately, the activities of human civilization also involve criminal, adversarial, and malicious ones with the result that they also now have their digital equivalents.
Ransomware, malware, and targeted cyberattacks are a fact of life today and are instigated not only by organized criminal gangs, but adversarial nation-states and organizations as well.
Needless to say, such actions result in disastrous and harmful real-world consequences. As the complexity and variety of software has evolved, so too has the ingenuity of attacks that exploit them; for example modern cyberattacks typically involve sequential exploitation of multiple software vulnerabilities.Compared to a decade ago, modern software stacks on personal computers, laptops, servers, mobile phones, and even Internet of Things (IoT) devices involve a dizzying array of interdependent programs and software libraries, with each of these components presenting attractive attack-surfaces for adversarial actors.
However, the responses to this still rely on paradigms that can neither react quickly enough nor scale to increasingly dynamic, ever-changing, and complex software environments.
Better approaches are therefore needed, that can assess system readiness and vulnerabilities, identify potential attack vectors and strategies (including ways to counter them), and proactively detect vulnerabilities in complex software before they can be exploited. In this dissertation, I first present a mathematical model and associated algorithms to identify attacker strategies for sequential cyberattacks based on attacker state, attributes and publicly-available vulnerability information.Second, I extend the model and design algorithms to help identify defensive courses of action against attacker strategies.
Finally, I present my work to enhance the ability of coverage-based fuzzers to identify software vulnerabilities by providing visibility into complex, internal program-states.
ContributorsPaliath, Vivin Suresh (Author) / Doupe, Adam (Thesis advisor) / Shoshitaishvili, Yan (Thesis advisor) / Wang, Ruoyu (Committee member) / Shakarian, Paulo (Committee member) / Arizona State University (Publisher)
Created2023
Description
With the recent focus of attention towards remote work and mobile computing, the possibility of taking a powerful workstation wherever needed is enticing. However, even emerging laptops today struggle to compete with desktops in terms of cost, maintenance, and future upgrades. The price point of a powerful laptop is considerably higher compared to an equally powerful desktop computer, and most laptops are manufactured in a way that makes upgrading parts of the machine difficult or impossible, forcing a complete purchase in the event of failure or a component needing an upgrade. In the case where someone already owns a desktop computer and must be mobile, instead of needing to purchase a second device at full price, it may be possible to develop a low-cost computer that has just enough power to connect to the existing desktop and run all processing there, using the mobile device only as a user interface. This thesis will explore the development of a custom PCB that utilizes a Raspberry Pi Computer Module 4, as well as the development of a fork of the Open Source project Moonlight to stream a host machine's screen to a remote client. This implementation will be compared against other existing remote desktop solutions to analyze it's performance and quality.
ContributorsLathrum, Dylan (Author) / Heinrichs, Robert (Thesis director) / Acuna, Ruben (Committee member) / Jordan, Shawn (Committee member) / Barrett, The Honors College (Contributor) / Software Engineering (Contributor)
Created2022-05
Description
The project was to develop a US GAAP and IFRS based financial reporting software application. The application will
reference the relevant codification under US GAAP or IFRS accounting standards and provide the user
with a step-by-step guide to recording technical accounting entries dictated under the relevant
codification or standard. The software solves for the need to hire external expertise to perform such
tasks. Through a series of relevant inputs, in-house accounting staff (or students) are afforded the
opportunity to methodically work through the accounting topic or arrangement with reference to the
codification and accounting standards. The software provides the final deliverables generally expected
for financial reporting.
ContributorsVillani, Jacob (Author) / Macabou, Elise (Co-author) / Jain, Sejal (Co-author) / Lim, Jonathan (Co-author) / Call, Andy (Thesis director) / Hunt, Neil (Committee member) / Barrett, The Honors College (Contributor) / School of Accountancy (Contributor) / Department of Information Systems (Contributor)
Created2024-05
Description
Virtual Private Networks (VPNs) are used in a wide range of applications, rangingfrom commercial applications like accessing resources remotely to security and pri-
vacy for targeted users like journalists, Non-governmental organizations (NGOs), etc.
However, VPNs were not inherently designed with security in mind. The interaction
between the kernel processes and the connection tracking framework is uncoordi-
nated. This leaves VPNs vulnerable to certain attacks due to their implementation.
This work explores the extent to which these attacks are possible on certain imple-
mentations of VPN servers which have a separate exit IP and entry IP on the VPN
server.
Further, this work also formally models the VPN connection tracking behavior
between servers and clients. The formal models enables a deeper analysis to identify
exactly at what point of the VPN process the vulnerabilities are introduced and if
the instances of VPN which have separate entry and exit IPs are still vulnerable to
the same attacks. Through simulations done in a virtual lab environment and testing
on formal models, it is observed that having a separate exit and entry IP leaves may
affect the practicality of certain attacks.
ContributorsAyyagari, Tarun (Author) / Crandall, Jedidiah (Thesis advisor) / Wang, Ruoyu (Committee member) / Gary, Kevin (Committee member) / Arizona State University (Publisher)
Created2024
Description
As computers and the Internet have become integral to daily life, the potential gains from exploiting these resources have increased significantly. The global landscape is now rife with highly skilled wrongdoers seeking to steal from and disrupt society. In order to safeguard society and its infrastructure, a comprehensive approach to research is essential. This work aims to enhance security from three unique viewpoints by expanding the resources available to educators, users, and analysts. For educators, a capture the flag as-a-service was developed to support cybersecurity education. This service minimizes the skill and time needed to establish the infrastructure for hands-on hacking experiences for cybersecurity students. For users, a tool called CloakX was created to improve online anonymity. CloakX prevents the identification of browser extensions by employing both static and dynamic rewriting techniques, thwarting contemporary methods of detecting installed extensions and thus protecting user identity. Lastly, for cybersecurity analysts, a tool named Witcher was developed to automate the process of crawling and exercising web applications while identifying web injection vulnerabilities. Overall, these contributions serve to strengthen security education, bolster privacy protection for users, and facilitate vulnerability discovery for cybersecurity analysts.
ContributorsTrickel, Erik (Author) / Doupe, Adam (Thesis advisor) / Shoshitaishvili, Yan (Thesis advisor) / Bao, Tiffany (Committee member) / Wang, Ruoyu (Committee member) / Arizona State University (Publisher)
Created2023