Mark A. Flynn scite author profile

Abstract.We propose a new model for estimating the time to compromise a system component that is visible to an attacker. The model provides an estimate of the expected value of the time-to-compromise as a function of known and visible vulnerabilities, and attacker skill level. The time-to-compromise random process model is a composite of three subprocesses associated with attacker actions aimed at the exploitation of vulnerabilities. In a case study, the model was used to aid in a risk reduction estimate between a baseline Supervisory Control and Data Acquisition (SCADA) system and the baseline system enhanced through a specific set of control system security remedial actions. For our case study, the total number of system vulnerabilities was reduced by 86% but the dominant attack path was through a component where the number of vulnerabilities was reduced by only 42% and the time-to-compromise of that component was increased by only 13% to 30% depending on attacker skill level.

show abstract

Measuring the attack surfaces of two FTP daemons

Manadhata

Wing

Flynn

et al. 2006

View full text Add to dashboard Cite

Software consumers often need to choose between different software that provide the same functionality. Today, security is a quality that many consumers, especially system administrators, care about and will use in choosing one software system over another. An attack surface metric is a security metric for comparing the relative security of similar software systems [7]. The measure of a system's attack surface is an indicator of the system's security: given two systems, we compare their attack surface measurements to decide whether one is more secure than another along each of the following three dimensions: methods, channels, and data. In this paper, we use the attack surface metric to measure the attack surfaces of two open source FTP daemons: ProFTPD 1.2.10 and Wu-FTPD 2.6.2. Our measurements show that ProFTPD is more secure along the method dimension, ProFTPD is as secure as Wu-FTPD along the channel dimension, and Wu-FTPD is more secure along the data dimension. We also demonstrate how software consumers can use the attack surface metric in making a choice between the two FTP daemons.

show abstract

Objectification in Popular Music Lyrics: An Examination of Gender and Genre Differences

et al. 2016

View full text Add to dashboard Cite

Anything but Real: Body Idealization and Objectification of MTV Docusoap Characters

et al. 2015

View full text Add to dashboard Cite

Social Support in a Men's Online Eating Disorder Forum

Flynn¹,

Stana²

2012

International Journal of Men's Health

View full text Add to dashboard Cite

“Drunk in Love”: The Portrayal of Risk Behavior in Music Lyrics

Holody

Anderson

Craig

et al. 2016

Journal of Health Communication

View full text Add to dashboard Cite

The current study investigated the prevalence of multiple risk behaviors in popular music lyrics as well as the contexts within which they occur. We conducted a content analysis of the top 20 Billboard songs from 2009 to 2013 in the genres of rap, country, adult contemporary, rock, R&B/hip-hop, and pop, coding for the presence of alcohol, marijuana, nonmarijuana drugs, and sex as well as the contexts intoxication, binging/addiction, partying/socializing, disregard for consequences, and emotional states. The contexts relationship status and degradation were also coded for when sex was present. Of the 600 songs, 212 mentioned sexual behaviors, which were most frequent in rap and R&B/hip-hop. Alcohol was the next most frequent risk behavior, again with greatest mention in rap and R&B/hip-hop. Alcohol, marijuana, and nonmarijuana drugs were most often associated with positive emotions, and sex was most often described within the context of casual relationships. Alcohol and sex were associated with disregard for consequences most often in 2011, when the "you only live once" motto was most popular. These findings are concerning because exposure to popular music is associated with increased risk behaviors for adolescents and young adults, who are the greatest consumers of music.

show abstract

Deconstructing Media in the College Classroom: A Longitudinal Critical Media Literacy Intervention

Bergstrom¹,

Flynn²,

Craig³

2018

JMLE

View full text Add to dashboard Cite

While many studies have addressed the impact of media literacy interventions on knowledge of specific topic areas, fewer have explored improvements in media literacy skills as outcome measures. This study analyzed the impact of a media literacy intervention on participants' critical thinking skills and understanding of media literacy principles by addressing the topics of body image and media representations of gender and race. A two-group, longitudinal experimental design was implemented using college-aged student participants across multiple introductory communication course sections (n = 198) at a public university in the southeast. Results were significant for several media literacy measures for the treatment group after exposure to the intervention compared to the control group. These findings were persistent over the duration of the semester as demonstrated in the second posttest.

show abstract

12 3 4

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Mark A. Flynn

Quantitative Cyber Risk Reduction Estimation Methodology for a Small SCADA Control System

Time-to-Compromise Model for Cyber Risk Reduction Estimation

Measuring the attack surfaces of two FTP daemons

Objectification in Popular Music Lyrics: An Examination of Gender and Genre Differences

Anything but Real: Body Idealization and Objectification of MTV Docusoap Characters

Social Support in a Men's Online Eating Disorder Forum

“Drunk in Love”: The Portrayal of Risk Behavior in Music Lyrics

Deconstructing Media in the College Classroom: A Longitudinal Critical Media Literacy Intervention

Contact Info

Product

Resources

About