Global ETD Search

141	Budování bezpečnostního povědomí na fakultě podnikatelské / Building security awareness at the Faculty of Business and Management Volfová, Jana January 2021 (has links) This diploma thesis is focused on Security Awareness Education at the Faculty of Business and Management. It consists of three main parts: theoretical, analytical and practical considerations. The theoretical part is the introduction to basic terms, processes and analysis to help understand the thesis. The analytical part includes an introduction to the chosen organization and the implementation of analysis, which were presented in the theoretical part. The practical part contains, among other things, the actual proposals for Security Awareness Education at the faculty and its benefits.
142	[en] AUTOMATION OF MEASUREMENT AND DATA SAFETY IN SMART GRID: STUDY OF THE BRAZILIAN EXPERIENCE / [pt] AUTOMAÇÃO DA MEDIÇÃO E SEGURANÇA DE DADOS EM REDES INTELIGENTES: ESTUDO DA EXPERIÊNCIA BRASILEIRA 08 November 2021 (has links) [pt] Indutoras de inovação, as redes inteligentes de energia (smart grid) têm promovido mudanças significativas nos processos de fornecimento e controle de energia elétrica. Diante das oportunidades e desafios de incorporação da tecnologia de smart grid em suas práticas operacionais, as concessionárias de energia elétrica ficam expostas a novos riscos de segurança relacionados às suas necessidades de comunicação, automação de sistemas, introdução de novas tecnologias e tratamento de dados. O presente trabalho tem por objetivo mostrar que tais riscos podem ser minimizados pela adoção de recomendações normativas específicas. Objetiva, também, analisar parâmetros relacionados à segurança da informação na implantação da infraestrutura de medição inteligente no smart grid, assim contribuindo para a reflexão e produção de conhecimento na área. A experiência brasileira foi identificada a partir de uma pesquisa realizada junto a concessionárias inovadoras de energia elétrica que, tendo percebido a importância estratégica de adoção da tecnologia de redes inteligentes, já adotaram medidas estratégicas para a sua implantação. A pesquisa desenvolveu-se no contexto de cinco grandes vertentes de análise: contexto geral, segurança e vulnerabilidade da informação, impactos e aderência às normas aplicáveis. No Brasil, a motivação para o uso das redes inteligentes volta-se à confiabilidade do sistema elétrico nacional e ao combate às perdas não técnicas, refletindo compromisso com a melhoria da qualidade do serviço prestado ao consumidor final. Dentre os resultados do trabalho destacam o recenseamento da legislação aplicável e, à luz de iniciativas bem sucedidas de outros países em smart grid, o diagnóstico da experiência brasileira. Como conclusão, o trabalho (i) produz evidências de que as redes inteligentes contribuem para a redução de custos operacionais e perdas não técnicas e (ii) sinaliza para a necessidade de se intensificar a pesquisa sobre redes inteligentes como alternativa eficaz de superação da vulnerabilidade de acesso à informação imposta pelos medidores eletrônicos. / [en] Inducing innovation, the smart grids have promoted significant changes in electrical energy s supply and control processes. Given the opportunities and challenges for incorporating smart grid technology in their operating practices, the electrical utilities are exposed to new security risks related to their needs of communication, systems automation, new technologies introduction and data processing. This paper aims to show that these risks can be minimized by the adoption of specific policy recommendations. Also aims in analyzing parameters related to information security on the deployment of smart metering infrastructure on smart grids, this way contributing on reflection and knowledge production in the area. The Brazilian experience was idenified from a survey of innovative electrical utilities that, having realized the strategic importance of adoption of smart grid technology, were early adopters of strategic measures for its implementation. The research was developed in the context of five main pillars of analysis: general context, security and information vulnerability, impacts and adherence to applied standards. In Brazil, the motivation for the use of smart grids back to the national electrical system reliability and mitigation of non-technical losses, reflecting commitment to improve quality of service provided to the end consumer. Among the results of the survey it is highlighted the revision of legislation and, considering successful smart grid initiatives in other countries, the diagnosis of the Brazilian experience. In conclusion, the work (i) produces evidence that smart grids help reduce operating costs and non-technical losses and (ii) indicates the need to intensify research on smart grids as an effective alternative to overcome the vulnerability of access to information imposed by electronic meters. [pt] REGULACAO [pt] CYBER SEGURANCA [pt] MEDICAO INTELIGENTE [pt] REDES INTELIGENTES [pt] NORMAS [pt] SETOR ELETRICO [pt] METROLOGIA [en] REGULATION [en] CYBER SECURITY [en] SMART GRIDS [en] RULES [en] ELECTRICAL SECTOR [en] METROLOGY
143	Blockchain on Data Security : An interpretive approach on Cyber Security Professionals’ perceptions Gkougkaras, Vasileios January 2021 (has links) This Master’s Thesis main purpose is to identify the perceptions of Cyber Security Professionals on Blockchain Technology and whether it could potentially become a substitutefor the current data security systems or not. A literature review was initially performed in order to explore previous related research on the field of Cyber Security, its infrastructure andthe main aspects of Blockchain Technology.Qualitative research was conducted in regards to the participants’ perceptions. Morespecifically, individual interviews were held with each one of the participants all of whom are professionals in the field of Cyber Security. Five different themes emerged from theinterviews which were performed by asking open-ended questions and holding a dialogue with the participants. Those themes start with (1) their opinions on current data security infrastructure and methods. Following that theme a half hour presentation on basic blockchain operations and applications were held in order to identify their (2) current understanding onblockchain. (3) Discussions were held in regards to blockchain’s scalability and sustainability,followed by (4) the security of Blockchains. In the end the (5) fifth and final theme covered the main purpose of this master’s thesis which is whether blockchain can be implemented asan alternate technology on data privacy and security.This Master’s Thesis contributes to the current knowledge on Blockchain within the field ofinformatics by providing the perceptions of Cyber Security Professionals in regards to its operation and implementation. Furthermore it aims to identify whether any possible applications of blockchain technology could be suggested for future implementation in thedomain of data security.The discussion summarizes the empirical findings acquired from the interviews and theperceptions of the participants on Blockchain Technology. By exploring the themes thatemerged from the interviews, it is clearly evident that blockchain is still not a technology thatcan be trusted as an alternative to the current security infrastructures and methods according to the participants. Despite that fact a lot of advantages and optimistic elements were derived since blockchain’s immutability and security demonstrates a high level of tamperingresistance, thus making it suitable as a technology within the Information security industry. Incase blockchain manages to overcome its shortcomings it could prove to be a necessary tool in data privacy and security. Information Systems Informatics Qualitative Research Blockchain Cyber Security DataSecurity ICT Privacy Infrastructure Human Factor Consensus Mechanisms SmartContracts Authentication Encryption Mining Immutability Scalability Networks Information Systems
144	Zavedení ISMS v malém podniku / The Implementation of ISMS in a Small Company Svoboda, Milan January 2016 (has links) The diploma thesis focuses on proposing an information security management system (ISMS) in a small company. This publication includes theoretical facts, which are needed to understand and design a ISMS. The design proposal of the ISMS itself is based on an analysis of the current status of the company's information security. The proposed security measures are based on the actual state of information security within the company, and on recommendations stemming from the ISO/IEC 27000 standard.
145	A MACHINE LEARNING BASED WEB SERVICE FOR MALICIOUS URL DETECTION IN A BROWSER Hafiz Muhammad Junaid Khan (8119418) 12 December 2019 (has links) Malicious URLs pose serious cyber-security threats to the Internet users. It is critical to detect malicious URLs so that they could be blocked from user access. In the past few years, several techniques have been proposed to differentiate malicious URLs from benign ones with the help of machine learning. Machine learning algorithms learn trends and patterns in a data-set and use them to identify any anomalies. In this work, we attempt to ﬁnd generic features for detecting malicious URLs by analyzing two publicly available malicious URL data-sets. In order to achieve this task, we identify a list of substantial features that can be used to classify all types of malicious URLs. Then, we select the most signiﬁcant lexical features by using Chi-Square and ANOVA based statistical tests. The effectiveness of these feature sets is then tested by using a combination of single and ensemble machine learning algorithms. We build a machine learning based real-time malicious URL detection system as a web service to detect malicious URLs in a browser. We implement a chrome extension that intercepts a browser’s URL requests and sends them to web service for analysis. We implement the web service as well that classifies a URL as benign or malicious using the saved ML model. We also evaluate the performance of our web service to test whether the service is scalable. Computer System Security Machine learning in cyber-security Real time malicious URL detection Generic features for malicious URLs Cybersecurity cybersecurity engineering
146	Zrození kybernetické bezpečnosti jako národně bezpečnostní agendy / The Birth of Cyber as a National Security Agenda Schmidt, Nikola January 2016 (has links) The following dissertation studies the question how cyber security has become a national security agenda and discusses implications of the observed processes to current international security status quo. I divided the research into three parts. The first part embodies theoretical and methodological approach. The second part studies three distinct discourses related to cyber security, the techno-geek discourse, the crime-espionage discourse and the nation-defense discourse using the method of Michel Foucault about archaeology of knowledge. The third part then draws on these three discourses and discusses implications through lens of several theoretical perspectives. Namely through concepts taken from science and technology studies, from actor network theory and network assemblages. The critical point of the research is a distinct reading of these discourses. While techno-geeks are understood as a source of semiosis, hackers' capability and crypto-anarchy ideology influenced by cyberpunk subculture, the cyber-crime and espionage discourse is read as a source of evidence of the hackers' capability. The inspiration in popular subculture is combined with current efforts in development of liberating technologies against oppression by authorities, oppression recognized by the eyes of the crypto-anarchist...
147	Development of Generic Communication Middleware for Embedded Sensor Systems Transmitting Health Parameters Kailayanathan, Subaharan, Kamdod, Saji January 2020 (has links) Health technology or e-Health is one of the most rapidly growing areas in healthcare today and it has been an important requirement as a new concept of healthcare industry. Since global society has been changed to aging society and the healthcare cost has been increasing in the 21st century since 2007. As the total number of people aged 65 or older is expected to increase from 12% to 22% in 2050 which is double the rate, and at the same time there is a decrease in in-fertility rates and increase in life expectancy due to the increase in life quality, there is a need to investigate the needs and requirements of an intelligent embedded sensor systems in health applications, and to develop a new communication protocol or set of protocols that can be used to send data collected from a hub within a house, home-care or a complex and send it securely and reliably to a central database where the gathered data can be monitored by a medical professional to make decisions for further interventions. The employed communication protocol should also be able to securely transmit confidential parameters from the hospital network to a central server outside of the hospital network. The final protocol must be inline with the regulations of the EU. This thesis is done in collaboration with Tjeders AB, Stille AB, and Embedded Sensor Systems for Health Plus (ESS-H+) research profile at Mälardalen University. In this thesis, different communication protocols such as IPSec and TLS and algorithms such as AES and RSA are examined and based on the requirements provided by the companies certain of these protocols and algorithms will be used in the final implementation. Different performance metrics such as overhead, round trip delay and throughput will be measured for the chosen communication protocols and recommendations will be given on which of the protocols and algorithms needs to be used to obtain an optimized, secure and reliable network. Health technology e-Health Embedded Sensor Systems Middleware IPSec MQTT Cyber Security Bluetooth 5.0 Embedded Systems Inbäddad systemteknik Communication Systems Kommunikationssystem Medical Equipment Engineering Medicinsk apparatteknik
148	Design of Mobility Cyber Range and Vision-Based Adversarial Attacks on Camera Sensors in Autonomous Vehicles Ramayee, Harish Asokan January 2021 (has links) No description available. Computer Engineering Electrical Engineering 2D Semantic segmentation Vision-based attacks Adversarial images Cyber Range Autonomous Vehicles machine learning computer vision Cyber security Traffic sign recognition Neural network optimization
149	Sea Traffic Management : Efficiency and Cybersecurity / Sea Traffic Management : Effektivitet och Cybersäkerhet Gülenay, Johan C, Guirguis, Mark January 2022 (has links) Sea Traffic Management has developed with the aim of facilitating work and increasing efficiency at sea, both in terms of productivity and environmental contexts. The technical development and digitization of the equipment on ships has led to new problems that have been developed such as cyber-attacks and technical problems. This study is based on a qualitative research method. The purpose of the work is to investigate how effective STM is and how safe it is to use for merchant vessels. The study showed that STM can have a positive effect on the environment and increase time savings, provided that more vessels in the industry use it as standard equipment. Results indicate that Sea Traffic Management is a helpful tool that will increase safety for navigation and have a positive effect on the environment for longer sea voyages. However, this is assumed if the shipping industry itself is ready for a digitalized world that is constantly developing, where a new type of issues arises with a nuanced threat for both ships and land bases. / Sea Traffic Management har utvecklats i syfte att underlätta arbetet och öka effektiviteten till sjöss, både när det gäller i produktivitet samt i miljösammanhang. I samband med den tekniska utvecklingen och digitaliseringen av utrustningen på fartyg så har nya lösningar samt problem uppstått, såsom cyberattacker och tekniska bekymmer. Studien grundar sig i en kvalitativ forskningsmetod. Arbetet har i syfte att undersöka hur effektivt STM är samt hur säker den är för användning av olika handelsfartyg på marknaden. I studien visade det sig att STM kan påverka miljön positivt samt öka tidsbesparingar förutsatt att fler fartyg inom branschen nyttjar det som en standardutrustning. Resultat tyder på att Sea Traffic Management är ett hjälpsamt verktyg som kommer att öka säkerheten för navigeringen samt påverka miljön positivt för längre sjöresor. Detta är dock förutsatt om själva sjöfartsbranschen är redo för en digitaliserad värld som ständigt utvecklas, där en ny typ av problematik uppstår med en nyanserad hotbild för både fartyg och olika land baser. STM digitization cyber security shipping Just in Time E-navigation bunker saving environmental impact efficiency STM digitalisering cybersäkerhet sjöfart Just in Time E-navigering bunkerbesparing miljöpåverkan effektivitet Engineering and Technology Teknik och teknologier
150	Automating software installation for cyber security research and testing public exploits in CRATE / Att automatisera mjukvaruinstallationer för cybersäkerhetsforskning och testandet av publika angreppskoder i CRATE Kahlström, Joakim, Hedlin, Johan January 2021 (has links) As cyber attacks are an ever-increasing threat to many organizations, the need for controlled environments where cyber security defenses can be tested against real-world attacks is increasing. These environments, called cyber ranges, exist across the world for both military and academic purposes of various scales. As the function of a cyber range involves having a set of computers, virtual or physical, that can be configured to replicate a corporate network or an industrial control system, having an automated method of configuring these can streamline the process of performing different exercises. This thesis aims to provide a proof of concept of how the installation of software with known vulnerabilities can be performed and examines if the software is vulnerable directly after installation. The Cyber Range And Training Environment (CRATE) developed by the Swedish Defence Research Agency (FOI) is used as a testbed for the installations and FOI-provided tools are used for launching automated attacks against the installed software. The results show that installations can be performed without Internet access and with minimal network traffic being generated and that our solution can rewrite existing software packages from the package manager Chocolatey to work with an on-premises repository with an 85% success rate. It is also shown that very few publicly available exploits succeed without any manual configuration of either the exploit or the targeted software. Our work contributes to making it easier to set up environments where cyber security research and training can be conducted by simplifying the process of installing vulnerable applications. cyber range software installation cyber security CRATE exploit testing automation cyberanläggning mjukvaruinstallation cybersäkerhet CRATE angreppstestning automatisering Software Engineering Programvaruteknik Computer Sciences Datavetenskap (datalogi)

Search results