Global ETD Search

131	Segurança cibernética com hardware reconfigurável em subestações de energia elétrica utilizando o padrão IEC 61850 / Cyber security with reconfigurable hardware in power substations using the IEC 61850 standard Miranda, Juliano Coêlho 20 September 2016 (has links) Com a tecnologia digital, as redes de comunicação têm sido de fundamental importância para o bom funcionamento das subestações de energia elétrica. Criado em 2002, o padrão IEC 61850 busca harmonizar a diversidade de equipamentos e fabricantes, e possibilitar a integração de dados para que o máximo de benefícios possa ser extraído. Nesse contexto, o protocolo GOOSE (Generic Object Oriented Substation Event), pertinente ao padrão IEC 61850, é um datagrama multicast concebido para funcionar na rede local ou de longa distância que interliga as subestações de energia elétrica. Nos ambientes de longa distância, o tráfego de dentro para fora, e vice-versa, deveria passar por um firewall. Porém, a tecnologia de firewall atual não é capaz de inspecionar as mensagens GOOSE reais ou originadas a partir de um ataque, e afeta o tempo de transferência das mesmas, que, no enlace de comunicação, não deve exceder 5ms. Dessa forma, o objetivo deste trabalho é desenvolver um firewall em hardware reconfigurável, por meio da plataforma NetFPGA, de modo que o incremento no tempo de propagação de uma mensagem GOOSE, Tipo 1A (Trip), ao transpor o dispositivo de segurança, não ultrapasse 20% do tempo total destinado ao enlace de comunicação. Por ter a capacidade de ser um acelerador, construído por meio de hardware reconfigurável FPGA (Field Programmable Gate Array), a NetFPGA conduz enlaces Gigabit, e torna possível examinar e estabelecer regras iniciais de autorização ou negação para o tráfego de mensagens GOOSE, manipulando os campos do quadro ISO/IEC 8802-3. O incremento no tempo máximo de propagação de uma mensagem com 1518 bytes foi de 77,39 μs, com 77,38 μs de tempo médio. Um algoritmo de criptografia e outro de autenticação também foram testados e mensagens falsas não conseguiram transpor o firewall. No momento atual da pesquisa, concluiu-se que o firewall em NetFPGA, pertinente ao conjunto de recursos de hardware e software destinados a garantir a segurança de uma rede, é capaz de rejeitar mensagens GOOSE falsas e fornecer segurança aos dispositivos ativos de uma subestação, sem atrasos adicionais superiores a 1ms. / With the digital technology, the communication networks have been of fundamental importance for the good performance of power substations. Created in 2002, the IEC 61850 standard seeks for harmonization of the different equipment and manufacturers, enabling the integration of data for maximum performance. In this context, the GOOSE (Generic Object Oriented Substation Event) message, concerning the IEC 61850 standard, is a multicast datagram, designed to operate in LAN or WAN that connects power substations. In the long-distance environment, the propagation time in the communication link must not exceed 5ms. The current firewall technology is not able to differ true GOOSE messages from the ones originated from an attack, and it affects the transfer time of messages. The objective of this research is to develop a reconfigurable firewall hardware, using the NetFPGA platform, so that the increase in propagation time of a GOOSE message, Type 1A (Trip), does not exceed 20% of the total time allocated to the link communication. Due to the ability of NetFPGA of being an accelerator, and having been built by using reconfigurable FPGA (Field Programmable Gate Array) leading to Gigabit links, it was possible to examine and establish initial rules of authorization or denial of GOOSE messages by manipulating some of the fields from the table ISO/IEC 8802-3. The increase in the maximum propagation time of a message of 1518 bytes was 77.39 μs, with the average of 77.38 μs. Fake messages failed to cross the firewall. Results from a process of authentication and encryption were also presented. At the present study, it has been concluded that the firewall using NetFPGA, concerning the hardware and software in order to ensure the security of a network, is able to reject false GOOSE messages and provide security to devices of a power substation without time increments greater than 1ms. Firewall Hardware Reconfigurável Cyber security Firewall GOOSE GOOSE IEC 61850 IEC 61850 IEC 62351 IEC 62351 NetFPGA NetFPGA Network communications Reconfigurable hardware Redes de comunicação Segurança cibernética
132	Segurança cibernética com hardware reconfigurável em subestações de energia elétrica utilizando o padrão IEC 61850 / Cyber security with reconfigurable hardware in power substations using the IEC 61850 standard Juliano Coêlho Miranda 20 September 2016 (has links) Com a tecnologia digital, as redes de comunicação têm sido de fundamental importância para o bom funcionamento das subestações de energia elétrica. Criado em 2002, o padrão IEC 61850 busca harmonizar a diversidade de equipamentos e fabricantes, e possibilitar a integração de dados para que o máximo de benefícios possa ser extraído. Nesse contexto, o protocolo GOOSE (Generic Object Oriented Substation Event), pertinente ao padrão IEC 61850, é um datagrama multicast concebido para funcionar na rede local ou de longa distância que interliga as subestações de energia elétrica. Nos ambientes de longa distância, o tráfego de dentro para fora, e vice-versa, deveria passar por um firewall. Porém, a tecnologia de firewall atual não é capaz de inspecionar as mensagens GOOSE reais ou originadas a partir de um ataque, e afeta o tempo de transferência das mesmas, que, no enlace de comunicação, não deve exceder 5ms. Dessa forma, o objetivo deste trabalho é desenvolver um firewall em hardware reconfigurável, por meio da plataforma NetFPGA, de modo que o incremento no tempo de propagação de uma mensagem GOOSE, Tipo 1A (Trip), ao transpor o dispositivo de segurança, não ultrapasse 20% do tempo total destinado ao enlace de comunicação. Por ter a capacidade de ser um acelerador, construído por meio de hardware reconfigurável FPGA (Field Programmable Gate Array), a NetFPGA conduz enlaces Gigabit, e torna possível examinar e estabelecer regras iniciais de autorização ou negação para o tráfego de mensagens GOOSE, manipulando os campos do quadro ISO/IEC 8802-3. O incremento no tempo máximo de propagação de uma mensagem com 1518 bytes foi de 77,39 μs, com 77,38 μs de tempo médio. Um algoritmo de criptografia e outro de autenticação também foram testados e mensagens falsas não conseguiram transpor o firewall. No momento atual da pesquisa, concluiu-se que o firewall em NetFPGA, pertinente ao conjunto de recursos de hardware e software destinados a garantir a segurança de uma rede, é capaz de rejeitar mensagens GOOSE falsas e fornecer segurança aos dispositivos ativos de uma subestação, sem atrasos adicionais superiores a 1ms. / With the digital technology, the communication networks have been of fundamental importance for the good performance of power substations. Created in 2002, the IEC 61850 standard seeks for harmonization of the different equipment and manufacturers, enabling the integration of data for maximum performance. In this context, the GOOSE (Generic Object Oriented Substation Event) message, concerning the IEC 61850 standard, is a multicast datagram, designed to operate in LAN or WAN that connects power substations. In the long-distance environment, the propagation time in the communication link must not exceed 5ms. The current firewall technology is not able to differ true GOOSE messages from the ones originated from an attack, and it affects the transfer time of messages. The objective of this research is to develop a reconfigurable firewall hardware, using the NetFPGA platform, so that the increase in propagation time of a GOOSE message, Type 1A (Trip), does not exceed 20% of the total time allocated to the link communication. Due to the ability of NetFPGA of being an accelerator, and having been built by using reconfigurable FPGA (Field Programmable Gate Array) leading to Gigabit links, it was possible to examine and establish initial rules of authorization or denial of GOOSE messages by manipulating some of the fields from the table ISO/IEC 8802-3. The increase in the maximum propagation time of a message of 1518 bytes was 77.39 μs, with the average of 77.38 μs. Fake messages failed to cross the firewall. Results from a process of authentication and encryption were also presented. At the present study, it has been concluded that the firewall using NetFPGA, concerning the hardware and software in order to ensure the security of a network, is able to reject false GOOSE messages and provide security to devices of a power substation without time increments greater than 1ms. Firewall Hardware Reconfigurável GOOSE IEC 61850 IEC 62351 NetFPGA Redes de comunicação Segurança cibernética Cyber security Firewall GOOSE IEC 61850 IEC 62351 NetFPGA Network communications Reconfigurable hardware
133	IoT Security in Practice : A Computer Security Analysis of the IKEA “TRÅDFRI” Platform / IoT Säkerhet i Praktiken : En datorsäkerhetsanalys av IKEAs “TRÅDFRI” Szreder, Mikael January 2019 (has links) In order to develop secure Internet of Things (IoT) devices, it is vital that security isconsidered throughout the development process. However, this is not enough as vulnerabledevices still making it to the open market. To try and solve this issue, this thesis presentsa structured methodology for performing security analysis of IoT platforms. The presented methodology is based on a black box perspective, meaning that theanalysis starts without any prior knowledge of the system. The aim of the presentedmethodology is to obtain information in such a way as to recreate the system design fromthe implementation. In turn, the recreated system design can be used to identify potentialvulnerabilities. Firstly the potential attack surfaces are identified, which the methodology calls inter-faces. These interfaces are the point of communication or interaction between two partsof a system. Secondly, since interfaces do not exist in isolation, the surrounding contextsin which these interfaces exist in are identified. Finally the information processed by theseinterfaces and their contexts are analyzed. Once the information processed by the iden-tified interfaces in their respective contexts are analysed, a risk assessment is performedbased on this information. The methodology is evaluated by performing an analysis of the IKEA “TRÅDFRI”smart lighting platform. By analysing the firmware update process of the IKEA “TRÅD-FRI” platform it can be concluded that the developers have used standardized protocolsand standardized cryptographic algorithms and use these to protect devices from ma-licious firmware. The analysis does however find some vulnerabilities, even though thedevelopers have actively taken steps to protect the system. IoT Internet of Things Cyber Security Computer Security Internet IKEA TRÅDFRI ZigBee IoT Sakernas Internet Cybersäkerhet Datorsäkerhet Internet IKEA TRÅDFRI ZigBee Embedded Systems Inbäddad systemteknik
134	Asymmetric information games and cyber security Jones, Malachi G. 13 January 2014 (has links) A cyber-security problem is a conflict-resolution scenario that typically consists of a security system and at least two decision makers (e.g. attacker and defender) that can each have competing objectives. In this thesis, we are interested in cyber-security problems where one decision maker has superior or better information. Game theory is a well-established mathematical tool that can be used to analyze such problems and will be our tool of choice. In particular, we will formulate cyber-security problems as stochastic games with asymmetric information, where game-theoretic methods can then be applied to the problems to derive optimal policies for each decision maker. A severe limitation of considering optimal policies is that these policies are computationally prohibitive. We address the complexity issues by introducing methods, based on the ideas of model predictive control, to compute suboptimal polices. Specifically, we first prove that the methods generate suboptimal policies that have tight performance bounds. We then show that the suboptimal polices can be computed by solving a linear program online, and the complexity of the linear program remains constant with respect to the game length. Finally, we demonstrate how the suboptimal policy methods can be applied to cyber-security problems to reduce the computational complexity of forecasting cyber-attacks. Game theory Asymmetric information games Cyber security Cyber-attack forecasting Model predictive control Stochastic games Repeated games Cyber intelligence (Computer security) Decision making Game theory
135	An agent-based Bayesian method for network intrusion detection Pikoulas, John January 2003 (has links) Security is one of the major issues in any network and on the Internet. It encapsulates many different areas, such as protecting individual users against intruders, protecting corporate systems against damage, and protecting data from intrusion. It is obviously impossible to make a network totally secure, as there are so many areas that must be protected. This thesis includes an evaluation of current techniques for internal misuse of computer systems, and tries to propose a new way of dealing with this problem. This thesis proposes that it is impossible to fully protect a computer network from intrusion, and shows how different methods are applied at differing levels of the OSI model. Most systems are now protected at the network and transport layer, with systems such as firewalls and secure sockets. A weakness, though, exists in the session layer that is responsible for user logon and their associated password. It is thus important for any highly secure system to be able to continually monitor a user, even after they have successfully logged into the system. This is because once an intruder has successfully logged into a system, they can use it as a stepping-stone to gain full access (often right up to the system administrator level). This type of login identifies another weakness of current intrusion detection systems, in that they are mainly focused on detecting external intrusion, whereas a great deal of research identifies that one of the main problems is from internal intruders, and from staff within an organisation. Fraudulent activities can often he identified by changes in user behaviour. While this type of behaviour monitoring might not be suited to most networks, it could be applied to high secure installations, such as in government, and military organisations. Computer networks are now one of the most rapidly changing and vulnerable systems, where security is now a major issue. A dynamic approach, with the capacity to deal with and adapt to abrupt changes, and be simple, will provide an effective modelling toolkit. Analysts must be able to understand how it works and be able to apply it without the aid of an expert. Such models do exist in the statistical world, and it is the purpose of this thesis to introduce them and to explain their basic notions and structure. One weakness identified is the centralisation and complex implementation of intrusion detection. The thesis proposes an agent-based approach to monitor the user behaviour of each user. It also proposes that many intrusion detection systems cannot cope with new types of intrusion. It thus applies Bayesian statistics to evaluate user behaviour, and predict the future behaviour of the user. The model developed is a unique application of Bayesian statistics, and the results show that it can improve future behaviour prediction than existing ARIMA models. The thesis argues that the accuracy of long-term forecasting questionable, especially in systems that have a rapid and often unexpected evolution and behaviour. Many of the existing models for prediction use long-term forecasting, which may not be the optimal type for intrusion detection systems. The experiments conducted have varied the number of users and the time interval used for monitoring user behaviour. These results have been compared with ARIMA, and an increased accuracy has been observed. The thesis also shows that the new model can better predict changes in user behaviour, which is a key factor in identifying intrusion detection. The thesis concludes with recommendations for future work, including how the statistical model could be improved. This includes research into changing the specification of the design vector for Bayesian. Another interesting area is the integration of standard agent communication agents, which will make the security agents more social in their approach and be able to gather information from other agents 005.8
136	Attitudes toward, and awareness of, online privacy and security: a quantitative comparison of East Africa and U.S. internet users Ruhwanya, Zainab Said January 1900 (has links) Master of Science / Computing and Information Sciences / Eugene Vasserman / The increase in penetration of Internet technology throughout the world is bringing an increasing volume of user information online, and developing countries such as those of East Africa are included as contributors and consumers of this voluminous information. While we have seen concerns from other parts of the world regarding user privacy and security, very little is known of East African Internet users’ concern with their online information exposure. The aim of this study is to compare Internet user awareness and concerns regarding online privacy and security between East Africa (EA) and the United States (U.S.) and to determine any common attitudes and differences. The study followed a quantitative research approach, with the EA population sampled from the Open University of Tanzania, an open and distance-learning university in East Africa, and the U.S. population sampled from Kansas State University, a public university in the U.S. Online questionnaires were used as survey instruments. The results show no significant difference in awareness of online privacy between Internet users from East Africa and the U.S. There is however, significant difference in concerns about online privacy, which differ with the type of information shared. Moreover, the results have shown that the U.S. Internet users are more aware of online privacy concerns, and more likely to have taken measure to protect their online privacy and conceal their online presence, than the East African Internet users. This study has also shown that East Africans Internet users are more likely to be victims of online identity theft, security issues and reputation damage. Privacy Security Data protection and privacy law Online Privacy Cyber security Internet Computer Science (0984) Information Technology (0489) Sub-Saharan Africa Studies (0639)
137	SPICE: A Software Tool for Studying End-user’s Insecure Cyber Behavior and Personality-traits Tamrakar, Anjila 10 August 2016 (has links) Insecure cyber behavior of end users may expose their computers to cyber-attack. A first step to improve their cyber behavior is to identify their tendency toward insecure cyber behavior. Unfortunately, not much work has been done in this area. In particular, the relationship between end users cyber behavior and their personality traits is much less explored. This paper presents a comprehensive review of a newly developed, easily configurable, and flexible software SPICE for psychologist and cognitive scientists to study personality traits and insecure cyber behavior of end users. The software utilizes well-established cognitive methods (such as dot-probe) to identify number of personality traits, and further allows researchers to design and conduct experiments and detailed quantitative study on the cyber behavior of end users. The software collects fine-grained data on users for analysis. Cognitive Psychology Computer and Systems Architecture Experimental Analysis of Behavior Science and Technology Studies
138	Weaponized malware, physical damage, zero casualties – what informal norms are emerging in targeted state sponsored cyber-attacks? : The dynamics beyond causation: an interpretivist-constructivist analysis of the US media discourse regarding offensive cyber operations and cyber weapons between 2010 and 2020 Sallinen, Margarita January 2021 (has links) In 2010, the discovery of the malicious computer worm Stuxnet shocked the world by its sophistication and unpredictability. Stuxnet was deemed as the world’s first cyber weapon and started discussions concerning offensive cyber operations – often called “cyber warfare” – globally. Due to Stuxnet, rapid digitalisation and evolving technology, it became vital for decision makers in the US to consider formal norms such as laws, agreements, and policy decisions regarding cyber security. Yet, to obtain a holistic understanding of cyber security, this thesis uses constructivism as its theoretical framework to understand changing informal norms and social factors including the ideas and morals of the US society regarding offensive cyber operations. This thesis critically analyses the discourse of three of the largest US newspapers by circulation: the New York Times, the Washington Post and The Wall Street Journal. A significant shift was discovered in the US media’s publications and in informal norms regarding offensive cyber operations and the use of cyber weapons in just one decade, by comparing the discourses relating to Stuxnet in 2010 and the US presidential election in 2020. This thesis concludes that it is equally important to consider ideas and morals when researching a technical field such as cyber security by arguing that informal norms guide the choices actors make when developing formal norms at the international level. The findings of this thesis are intended to provoke a normative, urgent, and focused discussion about cyber security. The findings are also intended to shift attention to how language is used in discussions about the cyber sphere, offensive cyber operations and cyber weapons as components of the traditional battlefield. constructivism critical discourse analysis cyber operations cyber security cyber warfare cyber weapons interpretivism informal norms media war studies Other Social Sciences Annan samhällsvetenskap
139	Data tampering in Vehicle CAN Bus networks Arapantonis, Elpidoforos January 2019 (has links) The paradigm of the automotive industry has changed, over the course of the last10-15 years. Electronics and software, have introduced in many dierents parts ofa vehicle and the drive-by-wire it is taking over the vehicle functions. Connectivityfunctionalities are increasing in the context of the automotive industry as well. Allthe aforementioned parts have more than one common link. This thesis project willfocus on one of these links, which is the security. The focus will be the CAN busprotocol and specically, on investigating the implications of an adversary havingphysical access in a vehicle. An experiment will be contucted as part of this thesiswork, by using open source hardware (Arduino and Raspberry Pi) and a Man-inthe-middle (MITM) attack scenario, will be implemented. The application, whichwill perform the MITM attack (small scale CAN bus fuzzer) will be developedduring this project and it will be distributed as an open source software afterwards. Automotive Cyber Security CAN bus vulnerabilities Raspberry Pi Arduino Instrument Cluster Annan elektroteknik och elektronik
140	Návrh zavedení bezpečnostních opatření v souladu s ISMS pro obchodní společnost / Design of security countermeasures implementation in accordance with ISMS for business company Dočekal, Petr January 2018 (has links) The master’s thesis focuses on area of security countermeasures in accordance with information security management system. Presents basic theoretical background of information and cyber security and describes a current state in the company. The thesis’s output is the design of security countermeasures implementation which contribute to information security in the company.

Search results