Faculty of Business & Information Technology

Permanent URI for this communityhttps://hdl.handle.net/10155/320

The Faculty of Business & Information Technology (FBIT) offers undergraduate and graduate degree programs in business and information technology. Areas of study include Accounting, Organizational Behaviour and Human Resources Management, Technology Management, Game Development and Interactive Media, Master of Information Technology Security and Master of Information Technology Security.

Browse

Browsing Faculty of Business & Information Technology by Title

Filter results by typing the first few letters
Now showing 1 - 20 of 21
  • Thumbnail Image
    Item
    A Study of Accessible and Inclusive Virtual and Blended Information and Communication Technologies (ICTs) for the Federal Public Service and Federally Regulated Industries in Post-COVID-19 Canada
    (2024-03-28) Coppin (Dr.), Peter; Hung (Dr.), Patrick; Uribe Quevedo (Dr.), Alvaro; Sukhai (Dr.), Mahadeo; Ingino, Robert
  • Thumbnail Image
    Item
    Assessing the profitability of cooperative advertising programs in competing channels
    (Elsevier, 2017-02) Karray, Salma; Martin-Herran, Guiomar; Zaccour, Georges
    A large literature studied the profitability (effectiveness) of cooperative advertising programs (CAPs) in distribution channels, but very few studies modeled pricing decisions in competitive markets under different channel structures. This paper fills this gap. We propose a game-theoretic model where two competing channels make pricing and promotional decisions. The efectiveness of CAPs is studied under different channel structures to examine how vertical and horizontal externalities can impact the effectiveness of CAPs. Each channel structure can be integrated or decentralized to account for different vertical interaction effects, resulting in three cases: (i) both channels are decentralized (DD), (ii) both are integrated (II), and (iii) a hybrid structure where one channel is decentralized and is competing with an integrated channel (DI). We solve six non-cooperative games: (1) both manufacturers offer CAPs under DD, (2) only one manufacturer offers a CAP under DD, (3) both manufacturers do not offer CAPs under DD, (4) the decentralized manufacturer offers a CAP under DI, (5) the decentralized manufacturer does not offer a CAP under DI, and (6) the channel problem under II. Then, we obtain and compare equilibrium profits and strategies across these games. The main results indicate that the profitability of CAPs depends on the levels of price competition and of the advertising effects. Also, while manufacturers benefit from CAPs, retailers may not find such programs profitable. Finally, the decentralized or integrated structure of the competing channel significantly impacts the effects of cooperative advertising. For example, CAPs can effectively coordinate the DD channel and even help it exceed profits earned by a vertically integrated channel. However, in the DI case, although CAPs can improve total channel profits, they do not fully coordinate the channel.
  • Thumbnail Image
    Item
    ‘Buy n times, get one free’ loyalty cards: Are they profitable for competing firms? A game theoretic analysis
    (2017-08-10) Bazargan, Amirhossein; Karray, Salma; Zolfaghari, Saeed
    This paper evaluates whether firms offering loyalty programs (LPs) should choose a restricted redemption policy by imposing a specific number of purchases before customers can redeem their points. Such restriction is commonly offered in form of ‘buy n times, get one free’ loyalty cards. We develop a multinomial logit model where consumer's utility depends on the value of the product and of the rewards. Using an iterative algorithm, we numerically solve a Nash game for two firms offering loyalty programs. Optimal strategies and profits are obtained for three different scenarios (games): (1) both firms do not restrict redemption; (2) both firms restrict redemption; and (3) only one firm restricts redemption while the other firm does not. Our main findings indicate that each firm's optimal strategies are significantly affected by whether the competitor decides to restrict or not to restrict redemption. In particular, a firm that restricts reward redemption should offer a higher price if its competitor also restricts redemption. Further, the dominant strategy of the game depends on customers’ valuations of time and rewards. For example, when customers highly value time but do not highly value rewards, the dominant strategy for both firms is not to restrict redemption. Alternatively, firms can face a Prisoner dilemma situation leading to unrestricted redemption policy for intermediate levels of customer valuation of both time and rewards.
  • No Thumbnail Available
    Item
    Cooperative advertising for competing manufacturers: The impact of long-term promotional effects
    (ScienceDirect, 2017-02) Karray, Salma; Martin-Herran, Guiomar; Sigue, Simon-Pierre
    The effectiveness of cooperative advertising programs is studied in a market where two competing manufacturers deal with an exclusive retailer and two products. Two two-stage game theoretic models are developed to analyze the long-term effects of retailer's promotions, which can be positive or negative, on the effectiveness of cooperative advertising. Closed-form equilibrium solutions are obtained and compared. We find that the level of product substitutability and the sign and magnitude of the long-term effects of retailer's promotions on sales determine whether cooperative advertising should be offered and accepted by the manufacturers and retailer. In particular, depending on the level of product substitutability, cooperative advertising can benefit both the manufacturers and retailer even when retailer's promotions negatively affect future sales. Conversely, it may not be in the interest of the manufacturers to offer cooperative advertising when the products are fairly undifferentiated regardless of the nature of the long-term effects of promotions. Finally, the manufacturers and retailer may refuse to respectively offer or participate in cooperative advertising programs that enhance total channel profits.
  • Thumbnail Image
    Item
    Cooperative advertising in competing supply chains and the long-term effects of retail advertising
    (2021-09-03) Karray, Salma; Martin-Herran, Guiomar; Sigue, Simon Pierre
    The profitability of cooperative advertising (CA) programs is analyzed in a supply chain where competing manufacturers sell their products through competing retailers. We study a two-period game-theoretic model that accounts for positive and negative long-term effects of retail advertising on consumer preferences. We obtain closed-form equilibria in two particular cases where either stores or products are perfectly differentiated. For the general case where both products and stores can be substitutable, we develop a numerical algorithm to find the equilibrium. We compare the equilibria obtained in games where CA is offered and where it is not. The results show that the long-term effects of retail advertising and the levels of substitutability between products and retailers all play a key role in assessing the profitability of CA programs. CA only benefits manufacturers when store and product competition are both low, or retailers are highly differentiated. However, in most cases, retailers do not find such programs profitable except when product substitutability levels are high while store competition is low. Finally, CA can only be win-win arrangements for manufacturers and retailers when the level of store differentiation is very high, the products are moderately substitutable, and retail advertising has a substantial positive long-term impact.
  • Thumbnail Image
    Item
    Cooperative advertising programs: are accrual constraints necessary?
    (Wiley, 2017-06) Punya, Chattergee; Salma, Karray; Simon Pierre, Sigue
    This paper investigates how the use of an accrual constraint in a cooperative advertising program affects channel members’ profits in a bilateral monopoly, as well as their pricing and advertising decisions. The main findings indicate that, compared to unconstrained cooperative advertising programs, when an accrual constraint is used and the manufacturer’s contribution to the retailer’s advertising costs exceeds the accrued cooperative advertising budget, the retailer reduces both her retail price and advertising efforts to the level where cooperative advertising is not offered; while the manufacturer also reduces his wholesale price and advertising efforts, but this time, the wholesale price remains higher than when there is no cooperative advertising. These strategic moves translate to less (more) profits for the manufacturer (retailer). The use of an accrual constraint is counterproductive for the manufacturer as the retailer uses the accrued advertising fund as a side payment rather than a direct incentive to invest more in advertising. The manufacturer and retailer are better off when unconstrained cooperative advertising programs are supplemented with other incentives, including side payments and advertising support services.
  • Thumbnail Image
    Item
    The Effectiveness of Movie Trailer Advertising
    (2015-09-24) Karray, Salma; Debernitz, Lidia
    Prior to a movie release in theatres, trailer advertising provides valuable information that can help viewers and investors form expectations about the movie's future success. While previous research has looked at the financial implications of movie advertising budgets, the effects of trailers' creative characteristics on abnormal returns have not yet been investigated. Using a sample of movie trailers, results from our event study and cross-sectional analysis show that the appeal of the movie plot revealed in the trailer, the number of scene cuts and the inclusion of violent, sexual, or humorous scenes influence the movie's abnormal returns. However, the use of special effects in the movie trailer does not impact investors. Results also suggest that investors react more strongly to first than to follow-up trailers released for the movie, and that early release of the first positively impacts the movie's returns.
  • Thumbnail Image
    Item
    Enhancing password security: a quest for optimal honeywords
    (2023-10-01) Nety, Meher Viswanath; Vargas Martin, Miguel
    In this capstone report, our primary focus is on harnessing the capabilities of the GPT4 model to enhance password security through the generation of honeywords. Honeywords are decoy passwords designed to strengthen the security of sensitive systems by confusing potential attackers. The utilization of GPT4, a powerful language model developed by OpenAI, offers a n innovative approach to this challenge. By directly generating honeywords without relying on password segmentation, GPT4 introduces a unique dimension to password security. This approach is particularly valuable in thwarting targeted attacks, as honeywords generated by GPT4 are designed to deceive potential attackers effectively. In addition to the exploration of GPT4, this report also delves into the realm of Chunk-GPT3. Chunk-GPT3, as detailed in previous research, employs advanced language models to generate honeywords through the segmentation of passwords into discrete chunks. These chunks are ingeniously recombined to form decoy passwords. The re-engineered Chunk-GPT3 approach incorporates enhancements to the password segmentation process, including ”mapping digits to alphabets” and ”removal of digits” functions. These modifications aim to produce more potent and effective honeywords, ultimately elevating password security. The report includes a comprehensive comparative analysis of honeywords generated by the original Chunk-GPT3 approach and the re-engineered Chunk GPT3 approach, as well as honeywords created by GPT4. By assessing the effectiveness of these honeyword generation methods using the HWSimilarity metric, the report provides valuable insights into the strengths and weaknesses of each approach. Examining the capabilities of both GPT4 and Chunk-GPT3 in the context of honeyword generation, this report aims to provide a holistic perspective on cutting-edge strategies for safeguarding sensitive data in the ever-evolving digital landscape.
  • Thumbnail Image
    Item
    Enhancing password security: advancements in password segmentation technique for high-quality honeywords
    (2023-07-01) Sannihith Lingutla, Satya; Vargas Martin, Miguel
    Passwords play a major role in the field of network security and play as a first line of defense against attackers who gain unauthorized access to the profiles. However, passwords are vulnerable to various types of attacks making it essential to ensure that they are strong, unique, and confidential. One of the major techniques that evolved over time to enhance password security is the use of honeywords that are decoy passwords designed to alert the administrator when a data breach has happened. The main goal of this project is to addresses one of the limitations of a honeyword generation technique, called Chunk-GPT3, by performing better password segmentation through a re-engineered chunking algorithm that maps digits into characters, and which would seem to lead to better honeywords. We justify our re-engineering method and generate honeywords that we compare to those generated by Chunk-GPT3. Nonetheless, after evaluating honeywords using the HWSimilarity metric, the results suggest that improved chunking does not necessarily lead to better honeywords in all cases.
  • Thumbnail Image
    Item
    Filtering honeywords using probabilistic context free grammar
    (2023-10-01) Tanniru, Alekhya; Vargas Martin, Miguel
    With the growing prevalence of cyber threats, effective password policies have become crucial for safeguarding sensitive information. Traditional password-based authentication techniques are open to a number of threats. The idea of honeywords, which was developed to improve password-based security, entails using dummy passwords with real ones to build a defence mechanism based on deceit. The importance of password policies is examined in the context of honeywords in this study, emphasizing how they might improve security and reduce password-related risks. We present the idea of using the existing passwords to extract a policy and using this policy to filter good and strong passwords. Through this capstone project, we aim to contribute to the broader understanding of honeywords and their role in improving password-based authentication systems. I have conducted experiments on Chunk-GPT3 and GPT 4 models, to see which one of the models produces more honeywords which are very similar to the real passwords.
  • No Thumbnail Available
    Item
    A game-theoretic model for co-promotions: Choosing a complementary versus an independent product ally
    (Elsevier, 2015-07) Karray, Salma; Sigué, Simon Pierre
    This paper studies the optimal choice of promotional partners in a three-firm market where two firms sell complementary products and a third firm sells an independent product. Game-theoretic models are developed to investigate the following scenarios: no promotional partnership, partnership between the two complementary products, partnership between a complementary product and the independent product, and partnership between the three products. Equilibrium Nash solutions are obtained and conditions under which each of the four scenarios above can be implemented are identified. Results show that these conditions depend on various parameters, mainly the degree of product complementarity, the effectiveness of individual promotion, the effectiveness of joint promotion, and the base demand for each product. Commonly, a partnership between a complementary product and the independent product is optimal when the price effect of the complementary product is large, while the partnership between the two complementary products is more appealing when the effect of individual promotion is large enough. When feasible, a promotional partnership between the three products is preferred, except in some specified conditions.
  • Thumbnail Image
    Item
    Guarding the gate: using honeywords to enhance authentication security
    (2023-10-01) Koppada, Gowtham; Vargas Martin, Miguel
    A honeyword (false password) can be defined as a duplicate password (rearranged) resembling the same characteristics of the original password. It is very challenging for any cyberpunk to distinguish between a real password and honeyword (containing PI). Using HGT’s (honeyword generation technique), these honeywords are generated in lump sum and the hashed honeywords are placed in an organization database with triggers to identify breach before it’s too late. In accordance with the previous research, the concept of HGT’s might fail if the generated honeywords does not contain the personal information of the user, making it easy for the attacker to perform targeted attack. It is a good practice to include the chucks containing PI or part of the original password of that particular user in generated honeywords to make it look natural. In order to generate such honeywords with chunks, the concept of prompt engineering in LLM (Large Learning Models) is used. In this report, we tried to improve the existing prompt, making it easy for the LLM to get deep understanding and to produce better throughput. In addition to that, we compared the base GPT Learning model (existing) with the newly upgraded GPT models like GPT-3.5-turbo and GPT-4. Considering the ‘strength of password‘ as a base factor, we came up with results and statements stating which model outperformed the others.
  • Thumbnail Image
    Item
    Informational and/or Transactional Websites: Strategic Choices in a Distribution Channel
    (Elsevier, 2017) Karray, Salma; Sigue, Simon Pierre
    While most businesses have faced the decision of whether to operate an informational and/or a transactional website, the literature on website selection in marketing channels remains very sparse. This paper proposes an analytical framework that compares scenarios where a manufacturer uses either an informational, a transactional, or both transactional and informational website in a distribution channel formed by one manufacturer and one retailer. We find that the selection of the optimal website depends on the online market base of the product, the effectiveness of the manufacturer-controlled online communications, and the cross-price effect between online and offline channels. For both the manufacturer and retailer, informational websites are preferable when the online market base is small. With larger online markets, the manufacturer may prefer either informational and transactional websites or exclusively informational websites, while the retailer is always better off with an exclusively informational website. Theoretical and managerial implications of these findings are discussed.
  • Thumbnail Image
    Item
    Matching expectations and reality in AI systems - cybersecurity use case
    (2023-04-01) Defo Aymar, Tala; Lewis, Peter
    Artificial intelligence (AI) is a growing field in computer science which develops intelligent systems capable of performing things that a human mind can do. The manufacturers of security systems integrate AI capabilities into their systems for threat hunting, and market them with an emphasis on AI used to provide security features. This study evaluates the expectations of marketed AI features with reality in a use case of a cybersecurity system. To this end, we evaluated a system in a real-live environment with huge amount of data sent to it for analysis. Our evaluation demonstrates that, first, the virtual security analyst feature provided by the system cannot replace a human security analyst as it can only perform 3 amongst the 8 tasks of a human security analyst. Secondly, marketing claims exaggerate regarding the features provided by AI in the system.
  • Thumbnail Image
    Item
    Modeling reward expiry for loyalty programs in a competitive market
    (2017-08-10) Bazargan, Amirhossein; Karray, Salma; Zolfaghari, Saeed
    This paper investigates reward expiry for loyalty programs. It provides insights into the profitability of setting reward expiry for competing firms and identifies conditions under which such a policy would be beneficial. We develop and solve a game-theoretic model that reflects consumer behavior in choosing products and redeeming rewards. Applying a new iterative algorithm, we get the Nash equilibrium outputs for three scenarios (games): (1) neither firm sets an expiry date, (2) both firms set an expiry date, and (3) only one firm sets an expiry date. Comparison of the firms' profits across scenarios shows that the firms' prices and profits are affected by the loyalty program of the competing firm and by consumers' valuation of rewards and of time to rewards. In particular, a firm offering rewards that do not expire should increase its price if the competing firm changes its reward policy from no expiry to expiry, even when the expiry period is quite long. Finally, when customers highly value rewards and time, reward expiry is a dominant strategy for both firms. This means that firms would benefit from setting expiry on their loyalty rewards only if their customers highly value both rewards and time. Alternatively, both firms' rewards should not expire if consumers have low valuations of both rewards and time.
  • Thumbnail Image
    Item
    Polymorphic attack feature validation: bridging the gap between intrusion detection and evolving threats
    (2024-08-01) Begwani, Raksha; Heydari, Shahram S.
    This project focuses on enhancing the detection of polymorphic attacks, which can evade traditional Intrusion Detection Systems (IDS) by changing their form with each attack. While IDS are crucial for network security, their effectiveness diminishes against such dynamic threats. The project aims to identify key features exploited by polymorphic attacks, enabling the creation of a feature list to improve detection. Using the SlowHTTP tool for generating attack profiles and the LycoStand tool for essential feature extraction, this research seeks to develop effective mechanisms to analyze polymorphic attacks and its features, addressing the limitations of IDS in identifying these attacks.
  • Thumbnail Image
    Item
    Privacy Implications of GSM Network Services
    (2013-07-15) Kosa, Tracy Ann; el-Khatib, Khalil; Marsh, Steve
    Current research on GSM does not deal with privacy requirements, or confuses privacy (legislated) with security (standards based). This paper seeks to examine how the applicable privacy legislation in Canada (PIPEDA) would apply to GSM services. Part I provides an overview of the evolution of network communications and how privacy legislation applies, ending with a discussion of GSM functionality and players. An description of the kind of personal information in GSM service delivery is presented in Part 2, while the privacy analysis is conducted in Part 3. Part 4 is a brief inter-disciplinary literature review demonstrating how GSM research is focused respectively on public policy and functionality, while security work focuses on authentication techniques. Various approaches to privacy are described in Part 5, and a short conclusion of the implications is presented in Part 6.
  • Thumbnail Image
    Item
    Security Analysis of Onos Software-Defined Network Platform
    (2016-10-12) Adenuga-Taiwo, Oluwadamilola; Shah Heydari, Shahram
    Software Defined Networking (SDN) enables organizations strengthen their network architectures, reduce running costs and enable sophisticated network functions. The adoption of software defined networks by top industry players like CISCO, IBM and Ericsson implies its increased application in mainstream networks and real world applications. Security challenges in SDN networks are quite similar to the traditional networks where many attacks occur at the control layer. This issue is further escalated by the fact that information is synchronized between the data layer, which houses the network devices; and the control layer, in which the SDN controller operates. The control layer contains policies for operating the data layer, providing a single point of failure on the network as a whole. This technical report examines a number of security challenges within the control layer of ONOS SDN platform – an open source initiative under the Linux foundation for carrier-grade software-defined networking, which is quickly gaining popularity within the industry. In particular, we examine ONOS vulnerability Northbound and Southbound DOS and MITM attacks in a test environment and provide observation, analysis and some defensive measures.
  • No Thumbnail Available
    Item
    Should Companies Jointly Promote their Complementary Products when they Compete in other Product Categories?
    (ScienceDirect, 2016-12) Karray, Salma; Sigue, Simon-Pierre
    Joint promotions, whereby companies pool marketing resources to promote their brands, are increasingly used to reduce marketing costs and develop common business opportunities, but formal knowledge about how they should be effectively implemented remains sparse. This paper investigates whether firms should jointly promote their complementary products when they also offer substitute products in another category. It also studies whether companies should partner with allies that can or cannot leverage on joint promotion to create spillover in their product portfolios. Our main findings are as follows. A company’s decision to enter or not to enter into a joint promotion depends on the presence and nature (positive or negative) of promotion spillover in its own product portfolio and the effect of joint promotion on each complementary product demand. Particularly, in the absence of spillover effect, joint promotion may not be mutually beneficial if its direct effects on the two complementary products are asymmetric. On the other hand, depending on its direct effects on the complementary products, joint promotion could be a profit-enhancing activity for the two firms even when it negatively affects the demand of their substitute products by intensifying price competition. Finally, we discuss the implications of branding strategies on the effectiveness of joint promotion. The results in this paper are useful for firms offering products in different categories where joint promotional spillover can occur.
  • Thumbnail Image
    Item
    Systems and models for secure fallback authentication
    (2018-12-01) Addas, Alaadin; Thorpe, Julie
    Fallback authentication (FA) techniques such as security questions, Email resets, and SMS resets have significant security flaws that easily undermine the primary method of authentication. Security questions have been shown to be often guessable. Email resets assume a secure channel of communication and pose the threat of the avalanche effect; where one compromised email account can compromise a series of other accounts. SMS resets also assume a secure channel of communication and are vulnerable to attacks on telecommunications protocols. Additionally, all of these FA techniques are vulnerable to the known adversary. The known adversary is any individual with elevated knowledge of a potential victim, or elevated access to a potential victim's devices that uses these privileges with malicious intent, undermining the most commonly used FA techniques. An authentication system is only as strong as its weakest link; in many cases this is the FA technique used. As a result of that, we explore one new and one altered FA system: GeoPassHints a geographic authentication system paired with a secret note, as well as GeoSQ, an autobiographical authentication scheme that relies on location data to generate questions. We also propose three models to quantify the known adversary in order to establish an improved measurement tool for security research. We test GeoSQ and GeoPassHints for usability, security, and deployability through a user study with paired participants (n=34). We also evaluate the models for the purpose of measuring vulnerabilities to the known adversary by correlating the scores obtained in each model to the successful guesses that our participant pairs made.