Filtering by
Machine learning has a near infinite number of applications, of which the potential has yet to have been fully harnessed and realized. This thesis will outline two departments that machine learning can be utilized in, and demonstrate the execution of one methodology in each department. The first department that will be described is self-play in video games, where a neural model will be researched and described that will teach a computer to complete a level of Super Mario World (1990) on its own. The neural model in question was inspired by the academic paper “Evolving Neural Networks through Augmenting Topologies”, which was written by Kenneth O. Stanley and Risto Miikkulainen of University of Texas at Austin. The model that will actually be described is from YouTuber SethBling of the California Institute of Technology. The second department that will be described is cybersecurity, where an algorithm is described from the academic paper “Process Based Volatile Memory Forensics for Ransomware Detection”, written by Asad Arfeen, Muhammad Asim Khan, Obad Zafar, and Usama Ahsan. This algorithm utilizes Python and the Volatility framework to detect malicious software in an infected system.
During October 2022, I contributed to the annual Cybersecurity Awareness Month (CSAM) program at Arizona State University (ASU). 4 cybersecurity domains were explored during the month: phishing, password hygiene, physical security, and social media security. The scope of my work involved designing and developing activities related to phishing and social media security. The deliverables included 8 emails for the ‘Spot the Phish’ activity, an educational flier on phishing indicators, discussion questions for The Tinder Swindler documentary, and a password security question guessing game. I also collected feedback from students and faculty who participated in ‘Spot the Phish’ and the security question game. Participants answered questions about the difficulty of the activities and how their cybersecurity knowledge improved. The security question game didn’t have much participation, so there wasn’t much information to gather from the feedback. The ‘Spot the Phish’ activity had over 50 feedback submissions. That data suggested that the ‘Spot the Phish’ activity improved participants’ confidence in identifying phishing emails. After reviewing the feedback and my own anecdotal experience conducting the activities, I looked into research regarding tools for cybersecurity education. Based on that research, I designed new activities to better inform students and faculty about phishing and social media security for 2023 CSAM.
Fuzzing is currently a thriving research area in the cybersecurity field. This work begins by introducing code that brings partial replayability capabilities to AFL++ in an attempt to solve the challenge of the highly random nature of fuzzing that comes from the large amount of random mutations on input seeds. The code addresses two of the three sources of nondeterminism described in this work. Furthermore, this work introduces Fuzzing Debugger (FDB), a highly configurable framework to facilitate the debugging of fuzzing by interfacing with GDB. Three debugging modes are described which attempt to tackle two use cases of FDB: (1) pinpointing nondeterminism in fuzz runs, therefore paving the way for replayable fuzz runs and (2) systematically finding preferable stopping points seed analysis.
When one pursues a Bachelor's degree they are generally under the impression that the degree they are after will provide them with the necessary skills and knowledge to enter their career at entry-level. This is not the case for all students in every degree program. Many times Bachelor's degree holders find it difficult to enter the field. The goal of this paper is to identify gaps or discrepancies between Arizona State University's (ASU’s) Applied Computing (ACO) - Cybersecurity program's learning objectives and industry requirements for entry-level positions in the cybersecurity industry. The data used in this textual analysis were gathered from several popular employment websites and ACO course syllabi. Using this relatively small data pool several gaps were identified between the cybersecurity industry; the private and public sectors job listing requirements; and ASU's ACO course objectives. By analyzing the gaps found in the data, I have been able to provide many suggestions for ASU and some for the cybersecurity industry to implement to better prepare ACO students for entry-level cybersecurity industry positions.
concerning citizens of the United States. The first step is to explore the need for federal
legislation because of the problems of cyberattacks, data loss and leakage, and big data. The
proposal then analyses how other countries had already addressed these concerns for their
citizens through legislation by looking at their regulation and the results of implementation. The
paper adjacently discusses the importance of American values of privacy as a fundamental right,
the free market, and protection from the private sector within a cybersecurity paradigm. From
this combined research, the paper yields a proposal of how the U.S. government should address
the situation through federal policy. The policy outlines cybersecurity measures to protect
information from cyberattacks and data loss and leakage, rights of American citizens that
organizations need to uphold, and the creation of a commission that provides resources and
education to domestic and foreign organizations.