Global ETD Search

201	Privacy and user profiling : Profile-based evaluation of what different third party services may learn about a user / : En studie kring hur mycket av användares integritet som samlasin online Öknegård Enavall, Isabell, Mineur, Julia January 2021 (has links) Online behavioural targeted advertising has become a leading method to increase theeffectiveness of advertisement online. The advertisement is based on information aboutusers’ internet activities collected by third party tracking services. However, there is a fineline between whether this should be considered a privacy leakage or an unharmful way toimprove the experience. This thesis presents a methodology for understanding and analyzing how significant personal information leakage to third parties is. To investigate theinformation leakage, a web crawler was implemented with the purpose to imitate fictiveusers browsing the web. The users’ activity online was based on the fictive user’s interestsand personal information. For every webpage visited, data such as text, URLs and screenshots were saved. The data were analyzed and the finding revealed that third parties generated targeted ads based on personal information regardless of the browser, user’s profile,and geographical location. However, we observed that targeted ads are a frequent practiceand noticed that categories valued more by advertisers are more intensely targeted. third parties privacy network security user modeling Computer and Information Sciences Data- och informationsvetenskap
202	Evaluating the effectiveness of free rule sets for Snort / En utvärdering av effektiviteten av gratis regeluppsättningar för Snort Granberg, Niklas January 2022 (has links) As more of the modern world is connected to the Internet, threats can reach further than ever before. Attacks happen all the time and many have serious consequences that disrupts the daily processes of people and companies, possibly causing lasting damage. To fight back, defensive tools are used to find and counter attacks. One of these tools is Snort. Snort finds malicious data packets and warns the user and counters the found attack. Snort relies on a list of signatures of different attacks, called a rule set, to know what is malicious. Many rule sets are available as paid subscriptions, but there are free alternatives. But how well can Snort defend a network using these free rule sets? By designing a network for experimentation and populating it with realistic background traffic, a group of rule sets are evaluated using a set of common attacks and tools. The performance hit when defending in a high speed, high bandwidth environment is evaluated as well. The results favour the Emerging Threats rule set. As for performance, Snort could not handle the most extreme amounts of traffic, with the rate of dropped packets making security dubious, but that occurred at the absolute peak of what consumer hardware can provide. Snort rule sets Snort rule sets information security network security Computer Sciences Datavetenskap (datalogi)
203	Wireless Network Physical Layer Security with Smart Antenna Wang, Ting 17 June 2013 (has links) Smart antenna technique has emerged as one of the leading technologies for enhancing the quality of service in wireless networks. Because of its ability to concentrate transmit power in desired directions, it has been widely adopted by academia and industry to achieve better coverage, improved capacity and spectrum efficiency of wireless communication systems. In spite of its popularity in applications of performance enhancement, the smart antenna's capability of improving wireless network security is relatively less explored. This dissertation focuses on exploiting the smart antenna technology to develop physical layer solutions to anti-eavesdropping and location security problems. We first investigate the problem of enhancing wireless communication privacy. A novel scheme named "artificial fading" is proposed, which leverages the beam switching capability of smart antennas to prevent eavesdropping attacks. We introduce the optimization strategy to design a pair of switched beam patterns that both have high directional gain to the intended receiver. Meanwhile, in all the other directions, the overlap between these two patterns is minimized. The transmitter switches between the two patterns at a high frequency. In this way, the signal to unintended directions experiences severe fading and the eavesdropper cannot decode it. We use simulation experiments to show that the artificial fading outperforms single pattern beamforming in reducing the unnecessary coverage area of the wireless transmitter. We then study the impact of beamforming technique on wireless localization systems from the perspectives of both location privacy protection and location spoofing attack. For the location privacy preservation scheme, we assume that the adversary uses received signal strength (RSS) based localization systems to localize network users in Wireless LAN (WLAN). The purpose of the scheme is to make the adversary unable to uniquely localize the user when possible, and otherwise, maximize error of the adversary's localization results. To this end, we design a two-step scheme to optimize the beamforming pattern of the wireless user's smart antenna. First, the user moves around to estimate the locations of surrounding access points (APs). Then based on the locations of the APs, pattern synthesis is optimized to minimize the number of APs in the coverage area and degenerate the localization precision. Simulation results show that our scheme can significantly lower the chance of being localized by adversaries and also degrade the location estimation precision to as low as the coverage range of the AP that the wireless user is connected to. As personal privacy preservation and security assurance at the system level are always conflictive to some extent, the capability of smart antenna to intentionally bias the RSS measurements of the localization system also potentially enables location spoofing attacks. From this aspect, we present theoretical analysis on the feasibility of beamforming-based perfect location spoofing (PLS) attacks, where the attacker spoofs to a target fake location by carefully choosing the beamforming pattern to fool the location system. The PLS problem is formulated as a nonlinear feasibility problem, and due to its intractable nature, we solve it using semidefinite relaxation (SDR) in conjunction with a heuristic local search algorithm. Simulation results show the effectiveness of our analytical approach and indicate the correlation between the geometry of anchor deployment and the feasibility of PLS attacks. Based on the simulation results, guidelines for guard against PLS attacks are provided. / Ph. D. Wireless Network Security Localization Location privacy Anti-eavesdropping Smart Antenna Beamforming Location Spoofing
204	IT-världens Paradise Hotel – lita inte på någon! : En kvalitativ studie om Zero Trust inom svenska företag och myndigheter Michel, Johan, Nordgren, Amanda, Boqvist, David January 2023 (has links) In today's world, network security is of utmost importance for companies and authorities as data and information are increasingly being stored and transmitted through cloud solutions. This has led to a higher risk of cyberattacks. To enhance security during this transition, Zero Trust has emerged as a promising concept, with its direction from an internal IT-environment to a more secure cloud solution. Its main motto "never trust, always verify" emphasizes the importance of a high level of security. This study aims to highlight the significance of Zero Trust and compare the attitudes of Swedish companies and authorities towards its implementation. The study was conducted using semi-structured interviews with IT experts who possess knowledge in this domain. Additionally, a literature review was conducted to connect the outcomes of the interviews with the existing research in the field of Zero Trust. The results indicate that several barriers must be considered during the implementation phase. These include cost-related issues, lack of expertise, and outdated systems that cannot handle Zero Trust at the required security level. Despite these challenges, the respondents' attitudes towards Zero Trust were positive. They believed that it could be applied to sporadic and isolated parts of the network infrastructure, and that striving towards it at a theoretical level was essential. Zero Trust network security cybersecurity Zero Trust nätverkssäkerhet cybersäkerhet Computer and Information Sciences Data- och informationsvetenskap
205	Towards Robust Side Channel Attacks with Machine Learning Wang, Chenggang 06 June 2023 (has links) No description available. Computer Engineering Side-channel attacks Deep learning Transfer learning Domain adaptation Network security
206	Practical Encryption Gateways to Integrate Legacy Industrial Machinery Lackorzynski, Tim 12 August 2022 (has links) Future industrial networks will consist of a mixture of old and new components, due to the very long life-cycles of industrial machines on the one hand and the need to change in the face of trends like Industry 4.0 or the industrial Internet of things on the other. These networks will be very heterogeneous and will serve legacy as well as new use cases in parallel. This will result in an increased demand for network security and precisely within this domain, this thesis tries to answer one specific question: how to make it possible for legacy industrial machines to run securely in those future heterogeneous industrial networks. The need for such a solution arises from the fact, that legacy machines are very outdated and hence vulnerable systems, when assessing them from an IT security standpoint. For various reasons, they cannot be easily replaced or upgraded and with the opening up of industrial networks to the Internet, they become prime attack targets. The only way to provide security for them, is by protecting their network traffic. The concept of encryption gateways forms the basis of our solution. These are special network devices, that are put between the legacy machine and the network. The gateways encrypt data traffic from the machine before it is put on the network and decrypt traffic coming from the network accordingly. This results in a separation of the machine from the network by virtue of only decrypting and passing through traffic from other authenticated gateways. In effect, they protect communication data in transit and shield the legacy machines from potential attackers within the rest of the network, while at the same time retaining their functionality. Additionally, through the specific placement of gateways inside the network, fine-grained security policies become possible. This approach can reduce the attack surface of the industrial network as a whole considerably. As a concept, this idea is straight forward and not new. Yet, the devil is in the details and no solution specifically tailored to the needs of the industrial environment and its legacy components existed prior to this work. Therefore, we present in this thesis concrete building blocks in the direction of a generally applicable encryption gateway solution that allows to securely integrate legacy industrial machinery and respects industrial requirements. This not only entails works in the direction of network security, but also includes works in the direction of guaranteeing the availability of the communication links that are protected by the gateways, works to simplify the usability of the gateways as well as the management of industrial data flows by the gateways. Industrial security, network security info:eu-repo/classification/ddc/004 ddc:004
207	INTRUSION DETECTION SYSTEM FOR CONTROLLER AREA NETWORK Vinayak Jayant Tanksale (13118805) 19 July 2022 (has links) <p>The rapid expansion of intra-vehicle networks has increased the number of threats to such networks. Most modern vehicles implement various physical and data-link layer technologies. Vehicles are becoming increasingly autonomous and connected. Controller Area Network (CAN) is a serial bus system that is used to connect sensors and controllers (Electronic Control Units – ECUs) within a vehicle. ECUs vary widely in processing power, storage, memory, and connectivity. The goal of this research is to design, implement, and test an efficient and effective intrusion detection system for intra-vehicle CANs. Such a system must be capable of detecting intrusions in almost real-time with minimal resources. The research proposes a specific type of recursive neural network called Long Short-Term Memory (LSTM) to detect anomalies. It also proposes a decision engine that will use LSTM-classified anomalies to detect intrusions by using multiple contextual parameters. We have conducted multiple experiments on the optimal choice of various LSTM hyperparameters. We have tested our classification algorithm and our decision engine using data from real automobiles. We will present the results of our experiments and analyze our findings. After detailed evaluation of our intrusion detection system, we believe that we have designed a vehicle security solution that meets all the outlined requirements and goals.</p> System and network security Controller Area Network Intrusion detection LSTM networks RNN Deep Learning Applications Cybersecurity
208	Machine Learning-Enabled Security in Internet of Things and Cyber-Physical Systems Liu, Jinxin 13 April 2023 (has links) Internet of Things (IoT) is a promising and thriving technology that incorporates a variety of smart devices that provide enhanced services for remote communication and interaction between humans and physical items. The number of deployed IoT devices will increase to 41.6 billion in 2025, as predicted by International Data Corporation. With such a large population, assaults on IoT networks will harm a vast number of users and IoT devices. In light of this, we explore security from physical and network viewpoints in this thesis. To preserve privacy in IoT environment, this thesis begins by proposing RASA, a context-sensitive access authorization approach. We evaluate the promise of RASA-generated policies against a heuristic rule-based policy. The decisions of the RASA and that of the policy are more than 99% consistent. Furthermore, not only physical attacks but also cybercrimes will threaten IoT networks; consequently, this thesis proposes various Network Intrusion Detection System (NIDS) to identify network intrusions. In this thesis, we firstly examine traditional attacks in the NSL-KDD dataset that can impact sensor networks. Furthermore, in order to detect the introduced attacks, we study eleven machine learning algorithms, among which, XGBoost ranks the first with 97% accuracy. As attack tactics continue to evolve, Advanced Persistent Threat (APT) poses a greater risk to IoT networks than traditional incursions. This thesis presents SCVIC-APT-2021 to define a APT benchmark. Following upon this, an ML-based Attack Centric Method (ACM) is introduced achieving 9.4% improvement with respect to the baseline performance. This thesis proposes a Combined Intrusion Detection System (CIDS) that takes network and host information into consideration to reduce data noise and improve the performance of IDS. Two new CIDS datasets, SCVIC-CIDS-2021 and SCVIC-CIDS-2022, are generated. We further propose CIDS-Net to incorporate network and host related data. CIDS-Net boost the macro F1 score of the best baseline by 5.8% (up to 99.95%) and 5.1% (up to 91.3%), respectively on the two datasets. Besides of detection performance, timely response is considered as a critical metric of NIDS. This thesis introduces Multivariate Time Series (MTS) early detection into NIDS . We form TS-CICIDS2017 which is a time series based NIDS dataset and a new deep learning-based early detection model called Multi-Domain Transformer (MDT) is proposed, resulting in a 84.1% macro F-score with only few of the initial packets. To reduce the size of NIDS inputs, this work proposes a deep learning-based lossy time series compressor (Deep Dict) to achieve a high compression ratio while limiting the decompression error within a desired range. As demonstrated by the results, Deep Dict outperforms the compression ratio of the state-of-the-art lossy compression methods by up to 53.66%. Machine Learning Deep Learning Transformers IoT Cyber Physical System Network Security Intrusion Detection System Time Sereis
209	Sustaining the Performance of Artificial Intelligence in Networking Analytics Zhang, Jielun 07 August 2023 (has links) No description available. Electrical Engineering Computer Engineering Networking analytics Artificial Intelligence network traffic classification network security Internet-of-Things
210	LEVERAGING MULTIMODAL SENSING FOR ENHANCING THE SECURITY AND PRIVACY OF MOBILE SYSTEMS Habiba Farrukh (13969653) 26 July 2023 (has links) <p>Mobile systems, such as smartphones, wearables (e.g., smartwatches, AR/VR headsets),<br> and IoT devices, have come a long way from being just a method of communication to<br> sophisticated sensing devices that monitor and control several aspects of our lives. These<br> devices have enabled several useful applications in a wide range of domains ranging from<br> healthcare and finance to energy and agriculture industries. While such advancement has<br> enabled applications in several aspects of human life, it has also made these devices an<br> interesting target for adversaries.<br> In this dissertation, I specifically focus on how the various sensors on mobile devices can<br> be exploited by adversaries to violate users’ privacy and present methods to use sensors<br> to improve the security of these devices. My thesis posits that multi-modal sensing can be<br> leveraged to enhance the security and privacy of mobile systems.<br> In this, first, I describe my work that demonstrates that human interaction with mobile de-<br> vices and their accessories (e.g., stylus pencils) generates identifiable patterns in permissionless<br> mobile sensors’ data, which reveal sensitive information about users. Specifically, I developed<br> S3 to show how embedded magnets in stylus pencils impact the mobile magnetometer sensor<br> and can be exploited to infer a users incredibly private handwriting. Then, I designed LocIn<br> to infer a users indoor semantic location from 3D spatial data collected by mixed reality<br> devices through LiDAR and depth sensors. These works highlight new privacy issues due to<br> advanced sensors on emerging commodity devices.<br> Second, I present my work that characterizes the threats against smartphone authentication<br> and IoT device pairing and proposes usable and secure methods to protect against these threats.<br> I developed two systems, FaceRevelio and IoTCupid, to enable reliable and secure user and<br> device authentication, respectively, to protect users’ private information (e.g., contacts,<br> messages, credit card details) on commodity mobile and allow secure communication between<br> IoT devices. These works enable usable authentication on diverse mobile and IoT devices<br> and eliminate the dependency on sophisticated hardware for user-friendly authentication.</p> Data and information privacy System and network security Mobile computing Multimodal sensing Mobile Security & Privacy

Search results