Media is loading


Hackers target universities for the sensitive and proprietary information stored in their systems. Cutting edge research conducted by university researchers makes them a prime target to cyber attackers. Universities, by nature, support open networks and access concepts to their stakeholders. Recent attacks attempted to exploit this open strategy to compromise or steal institutions’ data, research innovations, intellectual property and sensitive personally identifiable information (PII). This research study proposes a methodology for threat modeling and presents an example attack tree depicting a phishing attack to compromise the university network and steal sensitive information in research. A black-box threat model is proposed to categorize and rank cyber-threats to academic research. Furthermore, we provide a set of best practices to prevent and mitigate information security threats to academic research.

Abstract Only



When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.