Global ETD Search

201	Cyber Supply Chain Security and the Swedish Security Protected Procurement with Security Protective Agreement Dios Falk, Carina January 2023 (has links) Digitalisation and globalisation are increasing the number of integrated and interconnected information technology (IT) systems worldwide. Consequently, these relationships and dependencies develop technological relationships through their services. Identifying all these relations is for organisations a challenge and complex since it involves millions of source code lines and global connections. For this reason, cyber supply chain risk management (C-SCRM) is becoming ever more critical for organisations to manage risks associated with information technology and operational technology (OT). At the same time, during a press conference, the Swedish Minister for Defense Peter Hultquist estimated that there are approx. 100.000 cyber activities against Swedish targets every year that targets both the Private and Public sector. In response to the evolving threat landscape, Sweden is experiencing a paradigm shift in protective security processes with new legislation entering into force that aims to protect Sweden's security against espionage, sabotage, terrorist offences and other crimes against national security. These rules on protective security, the Protective Security Act (2018:585) and Protective Security Ordinance (2021:955) apply to operators that are important for Sweden's national security and affect how public procurement processes are regulated. This thesis aims to study how the Swedish Security Protected Procurement with Security Protective Agreements (SUA) process and Cyber Supply Chain Risk Management (C-SCRM) relate and to understand what practices increase and decrease the level of C-SCRM in the current SUA process. The research questions are Q1) How does the SUA process relate to C-SCRM? and Q2) How does the SUA process affect the level of C-SCRM? This research paper contributes to understanding C-SCRM in the context of the Swedish Security Protected Procurement with Security Protective Agreements (SUA). To answer the research questions a Case study strategy was used, and interviews were conducted with eight key experts as well as a document analysis. The results showed that audit, regulation and people and processes are essential to managing C-SCRM and that processes within other international models, including the CMMC and Cyber Essential Plus, should be adopted to the SUA process to better manage cyber supply chain risks. Cyber Security Protective Security Public Procurement Cyber Supply Chain Security Swedish National Security Risk Management Cyber Security Risk Management NIST 800-161 ISO/IEC 27036 NISTIR 8276 Computer Sciences Datavetenskap (datalogi)
202	AWSLang: Probabilistic Threat Modelling of the Amazon Web Services environment Singh Virdi, Amandeep January 2018 (has links) Attack simulations provide a viable means to test the cyber security of a system. The simulations trace the steps taken by the attacker to compromise sensitive assets within the system. In addition to this, they can also estimate the time taken by the attacker for the same, measuring from the initial step up to the final. One common approach to implement such simulations is the use of attack graph, which trace the various dependencies of every step and their connection to one another in a formal way. To further facilitate attack simulations and to reduce the effort of creating new attack graphs for each system of a given type, domain-specific languages are employed. Another advantage of utilizing such a language is that they organize the common attack logics of the domain in a systematic way, allowing for both ease of use and reuse of models. MAL (the Meta Attack Language) has been proposed by Johnson et al. to serve as a framework to develop domain-specific languages [1]. My work is based upon the same. This thesis report presents AWSLang, which can be used to design IT system models in context to the AWS (Amazon Web Services) environment and analyse their weaknesses. The domain specifics of the language are inspired from and based on existing literature. A Systematic Literature Review (SLR) is performed to identify possible attacks against the elements in an AWS environment. These attacks are then used as groundwork to write test cases and validate the specification. / Attacksimuleringar är ett användbart sätt att testa cybersäkerheten i ett system. Simuleringarna spårar de steg som angriparen tog för att försvaga säkerheten av känsliga tillgångar inom systemet. Utöver detta kan de uppskatta hur länge attacken varade, mätt från första till sista steget. Ett gemensamt tillvägagångssätt för att implementera sådana simuleringar är användningen av attackgrafer, som spårar olika beroenden av varje steg och deras koppling till varandra på ett formellt sätt.För att ytterligare underlätta attacksimuleringar och minska ansträngningen att skapa nya attackgrafer för varje system av en given typ, används domänspecifika språk. En annan fördel med att använda ett sådant språk är att det organiserar domänens gemensamma attacklogiker på ett systematiskt sätt, vilket möjliggör både en enkel användning och återanvändning av modeller. MAL (Meta Attack Language) har föreslagits av Johnson et al. att fungera som ramverk för utvecklingen av domänspecifika språk [1]. Mitt arbete är baserat på detsamma.I denna uppsats presenteras AWSLang, som kan användas för att utforma IT-systemmodeller i kontexten av AWS-miljön (Amazon Web Services) och analysera deras svagheter. Språkets domänspecifikationer är inspirerade av och baserade på befintlig litteratur. En systematisk litteraturöversikt görs för att identifiera möjliga attacker mot elementen i en AWS-miljö. Dessa attacker används sedan som grund för att skriva testfall och validera specifikationen. Domain Specific Language Cyber Security Threat Modelling Attack Graphs Amazon Web Services Domänspecifikt Språk Cybersäkerhet Hotmodellering Attackgrafer Amazon Web Services Computer and Information Sciences Data- och informationsvetenskap Elektroteknik och elektronik
203	azureLang: a probabilistic modeling and simulation language for cyber attacks in Microsoft Azure cloud infrastructure Hawasli, Ahmad January 2018 (has links) Cyber-attack simulation is a suitable method used for assessing the security ofnetwork systems. An attack simulation advances step-wise from a certain systementry-point to explore the attack paths that lead to dierent weaknesses inthe model. Each step is analyzed, and the time to compromise is calculated.Attack simulations are primarily based on attack graphs. The graphs areemployed to model attack steps where nodes can represent assets in the system,and edges can represent the attack steps. To reduce the computational cost associatedwith building an attack graph for each specic system, domain-specicattack languages, or DSL for short, are used.The nal product of this thesis work is azureLang, a probabilistic modelingand simulation language for modeling Microsoft Azure cloud infrastructure.AzureLang is a DSL which denes a generic attack logic for MicrosoftAzure systems. Using azureLang, system administrators can easily instantiatespecic-system scenarios which emulate their Microsoft Azure cloud system infrastructure.After creating the model, attack simulation can be run to assessthe security of the model. / Cyberattacksimulering är en lämplig metod som används för att bedöma säkerhetenhos nätverkssystem. En angrepsimulering går stegvis från ett visst systeminmatningspunkt för att utforska angreppsbanorna som leder till olika svagheter i modellen. Varje steg analyseras och tiden för kompromettera beräknas.Attack-simuleringar baseras huvudsakligen på attackgrafer. Graferna används för att modellera angreppssteg där noder kan representera tillgångar i systemet, och kanterna kan representera attackenstegen. För att minska kostnaden för att skapa attackgrafer för varje specifikt system används domänspecifika språk eller DSL förkortat.Den slutliga produkten av detta examensarbete är azureLang, ett probabilistisk hotmodelleringsoch attacksimuleringsspråk för analys av Microsoft Azure Cloud Infrastructure. AzureLang är en DSL som definierar en generisk attacklogik för Microsoft Azure-system. Med hjälp av azureLang kan systemadministratörer enkelt ordna specifika systemscenarier som efterliknar deras Microsoft Azure cloudsystem infrastruktur. Efter att ha skapat modellen kan attack simu-lering köras för att bedöma modellens säkerhet. Domain Specic Language Cyber Security Threat Modeling Attack Graphs Domanspecikt sprak Cybersakerhet Hotmodellering Attack Grafer Engineering and Technology Teknik och teknologier
204	Förändringar vid införande av cybersäkerhetsdirektiv hos kommuner : En kvalitativ kartläggning över vilka förändringar som kan uppstå i svenska kommuner till följd av EU-direktiv för cybersäkerhet / Changes when implementing cybersecurity directives in municipalities : A qualitative survey of the changes that may occur in Swedish municipalities as a result of EU cybersecurity directives Ström, Sandra, Plyhr, Matilda January 2024 (has links) The purpose of this study is to investigate changes in municipalities that occur when the NIS and NIS 2 directives are introduced. The changes refer to internal and external changes that municipalities experience. Furthermore, an increased threat of cyber attacks as well as a lack of cyber security is the basis for conducting the survey. A research gap has been identified regarding municipalities' work with EU directives for cyber security, which the study intends to contribute to. The study's empirical data consists of six semi-structured interviews with various Swedish municipalities, where the result is the identified changes that the municipalities state. In a thematic analysis, the following themes are presented: IT focus, IT systems, competence development and cooperation, employment, clarity, conflict of interest, prerequisites for the NIS 2 directive and meaningfulness. The study uses Bolman and Deal's (2021) framework Four frame model, which forms the structure for the results and the analysis and strengthens the study by contributing with a comprehensive theory for possible changes. The study contributes with insight into the changes that municipalities may face upon the introduction of the NIS 2 directive, as well as what changes municipalities have experienced upon the introduction of the NIS directive. / Denna studie har till syfte att undersöka förändringar hos kommuner som uppstår vid införandet av NIS- och NIS 2-direktivet. Förändringarna avser interna och externa förändringar som kommuner upplever. Vidare ligger ett ökat hot om cyberattacker samt en bristande cybersäkerhet till grund för undersökningens genomförande. Ett forskningsgap har identifierats kring kommuners arbete med EU-direktiv för cybersäkerhet, vilket studien ämnar bidra till. Studiens empiri utgörs av sex stycken semistrukturerade intervjuer med olika svenska kummuner, där resultatet utgörs av de identifierade förändringar som kommunerna uppger. I en tematisk analys presenteras följande teman: IT-fokus, IT-system, kompetensutveckling och samarbete, anställning, tydlighet, intressekonflikter, förutsättningar för NIS 2-direktivet samt meningsfullhet. I studien tillämpas även Bolman och Deals (2021) ramverk Four frame model, vilken utgör strukturen för resultatet och analysen samt stärker studien genom att bidra med en heltäckande teori för möjliga förändringar. Studien ämnar bidra med insikt i de förändringar som kommuner kan ställas inför vid införandet av NIS 2-direktivet, samt vilka förändringar kommuner har upplevt vid införandet av NIS-direktivet. NIS directive NIS 2 directive Municipality Cyber security Information security IT security EU directive Change NIS-direktivet NIS 2-direktivet Kommun Cybersäkerhet Informationssäkerhet IT-säkerhet EU-direktiv Förändring Information Systems
205	Hardware Implementation and Applications of Deep Belief Networks Imbulgoda Liyangahawatte, Gihan Janith Mendis January 2016 (has links) No description available. Artificial Intelligence Computer Engineering Electrical Engineering Engineering Experiments Information Technology deep belief networks multiplierless digital architecture Xilinx FPGA implementations low-complexity applications of deep belief networks spectral correlation function modulation classification drone detection doppler radar cyber security
206	Advanced metering infrastructure reference model with automated cyber security analysis Blom, Rikard January 2017 (has links) European Union has set a target to install nearly 200 million smart metersspread over Europe before 2020, this leads into a vast increase of sensitiveinformation flow for Distribution System Operators (DSO’s), simultaneously thisleads to raised cyber security threats. The in and outgoing information of the DSOneeds to be processed and stored by different Information technology (IT)- andOperational Technology (OT)-systems depending on the information. High demandsare therefore required of the enterprise cyber security to be able to protect theenterprise IT- and OT-systems. Sensitive customer information and a variety ofservices and functionality is examples that could be fatal to a DSO if compromised.For instance, if someone with bad intentions has the possibility to tinker with yourelectricity, while you’re away on holiday. If they succeed with the attack and shuttingdown the house electricity, your food stored in your fridge and freezer would mostlikely to be rotted, additionally damage from defrost water leaking could cause severedamaging on walls and floors. In this thesis, a detailed reference model of theadvanced metering architecture (AMI) has been produced to support enterprisesinvolved in the process of implementing smart meter architecture and to adapt to newrequirements regarding cyber security. This has been conduct using foreseeti's toolsecuriCAD, foreseeti is a proactive cyber security company using architecturemanagement. SecuriCAD is a modeling tool that can conduct cyber security analysis,where the user can see how long time it would take for a professional penetrationtester to penetrate the systems in the model depending of the set up and defenseattributes of the architecture. By varying defense mechanisms of the systems, fourscenarios have been defined and used to formulate recommendations based oncalculations of the advanced meter architecture. Recommendation in brief: Use smalland distinct network zones with strict communication rules between them. Do diligentsecurity arrangements for the system administrator PC. The usage of IntrusionProtection System (IPS) in the right fashion can delay the attacker with a percentageof 46% or greater. / Europeiska Unionen har satt upp ett mål att installera nära 200miljoner smarta elmätare innan år 2020, spritt utöver Europa, implementeringen ledertill en rejäl ökning av känsliga dataflöden för El-distributörer och intresset av cyberattacker ökar. Både ingående och utgående information behöver processas och lagraspå olika IT- och OT-system beroende på informationen. Höga krav gällande ITsäkerhet ställs för att skydda till exempel känslig kundinformation samt en mängdvarierande tjänster och funktioner som är implementerade i systemen. Typer avattacker är till exempel om någon lyckats få kontroll over eltillgängligheten och skullestänga av elektriciteten till hushåll vilket skulle till exempel leda till allvarligafuktskador till följd av läckage från frysen. I den här uppsatsen så har en tillräckligtdetaljerad referens modell för smart elmätar arkitektur tagits fram för att möjliggörasäkerhetsanalyser och för att underlätta för företag i en potentiell implementation avsmart elmätare arkitektur. Ett verktyg som heter securiCAD som är utvecklat avforeseeti har använts för att modellera arkitekturen. securiCAD är ett modelleringsverktyg som använder sig av avancerade beräknings algoritmer för beräkna hur långtid det skulle ta för en professionell penetrationstestare att lyckats penetrera de olikasystem med olika sorters attacker beroende på försvarsmekanismer och hurarkitekturen är uppbyggd. Genom att variera systemens försvar och processer så harfyra scenarion definierats. Med hjälp av resultaten av de fyra scenarierna så harrekommendationer tagits fram. Rekommendationer i korthet: Använd små ochdistinkta nätverkszoner med tydliga regler som till exempel vilka system som fårkommunicera med varandra och vilket håll som kommunikationen är tillåten.Noggranna säkerhetsåtgärder hos systemadministratörens dator. Användningen avIPS: er, genom att placera och använda IPS: er på rätt sätt så kan man fördröjaattacker med mer än 46% enligt jämförelser mellan de olika scenarier. Advanced Metering infrastructure AMI Smart meter infrastructure smart meter securiCAD DSO Enterprise architecture system architecture architecture analysis cyber security analysis network security Elektroteknik och elektronik
207	Modellering av en cyberattack på ett industriellt säkerhetssystem Eriksson, Alma, Lindh, Oskar January 2020 (has links) Stuxnet, Havex, BlackEnergy, Crashoverride, and now Triton/Trisis are all examples of cyber security incidents where industrial systems were targeted. The incident Triton/Trisis is new in it’s kind, as the attacker got all the way into the safety industrial system of an oil and gas refinery. Even if the final goal of the attack is still unknown the attacker had the power to put human life directly at risk. Details of the attack are still unknown and research and reverse engineering is still going on of the attack. The purpose of this study is to create an attack graph of the case. By collecting and combining information from publicly available material and grade all the sources by its trustworthiness the study resulted in a two-layered attack graph. Each node and vector in the graph have specified trustworthiness and the nodes contain related sources, tools, and network segments. The study shows that it is possible to construct an attack graph of the case even if details are still missing. Furthermore, it shows that the specific malicious code was tailor-made, but the steps needed to reach the safety industrial system itself were largely possible with the help of publicly available tools. As a result, the whole industrial industry needs to prepare for an escalation of cyber security incidents. / Stuxnet, Havex, BlackEnergy, Crashoverride och Triton/Trisis är alla exempel på cybersäkerhetsincidenter där industrisystem blivit angripna. Händelsen Triton/Trisis är ny i sitt slag, eftersom angriparen kom hela vägen in i det industriella säkerhetssystemet i ett olje- och gasraffinaderi. Ä ven om det slutliga målet för attacken fortfarande är okänt, hade angriparen möjlighet att sätta människor i fara. Detaljer av attacken är fortfarande okända och forskning samt rekonstruktion av attacken pågår. Syftet med denna studie är att skapa en attackgraf över incidenten. Genom att samla in och kombinera information från allmänt tillgängligt material och betygsätta alla källor genom dess tillförlitlighet resulterade studien i en attackgraf med två lager. Varje nod och vektor i grafen har givits en tillförlitlighet och noderna innehåller relaterade källor, verktyg och nätverkssegment. Studien visar att det är möjligt att konstruera en attackgraf av incidenten även om det saknas detaljer. Dessutom visar den att den specifika skadliga koden var skräddarsydd, men stegen som behövdes för att nå det industriella säkerhetssystemet var till stor del möjliga med hjälp av offentligt tillgängliga verktyg. Som ett resultat behöver hela den industriella industrin förbereda sig för en upptrappning av cybersäkerhetsincidenter. / Kandidatexjobb i elektroteknik 2020, KTH, Stockholm Triton/Trisis Trisis malware Cyber security IT-s ̈akerhet Cyber attack Industrial control systems Cyber ware-fare ICS malware ICS attack Elektroteknik och elektronik
208	Cognitive Dynamic System for Control and Cyber Security in Smart Grid Oozeer, Mohammad Irshaad January 2020 (has links) The smart grid is forecasted to be the future of the grid by integrating the traditional grid with information and communication technology. However, the use of this technology has not only brought its benefits but also the vulnerability to cyber-attacks. False data injection (FDI) attacks are a new category of attacks targeting the smart grid that manipulates the state estimation process to trigger a chain of incorrect control decisions leading to severe impacts. This research proposes the use of cognitive dynamic systems (CDS) to address the cyber-security issue and improve state estimation. CDS is a powerful research tool inspired by certain features of the brain that can be used to study complex systems. As two of its special features, Cognitive Control (CC) is concerned with control in the absence of uncertainty, Cognitive Risk Control (CRC) uses the concept of predictive adaptation to bring risk under control in the presence of unexpected uncertainty. The primary research objective of this thesis is to apply the CDS for the SG with emphasis on state estimation and cyber-security. The main objective of CC is to improve the state estimation process while CRC is concerned with mitigating cyber-attacks. Simulation results show that the proposed methods have robust performance for both state estimation and cyber-attack mitigation under various challenging scenarios. This thesis contributes to the body of knowledge by achieving the following objectives: proposes the first theoretical work that integrates the CDS with the DC model of the SG for control and cyber-attack detection; demonstrates the first experimental work that brings a new concept of CRC for cyber-attack mitigation for the DC state estimator; introduces a new CDS architecture adapted for the AC model of the SG for state estimation and cyber-attack mitigation which builds upon all the research efforts made previously. / Thesis / Doctor of Philosophy (PhD) / The smart grid is forecasted to be the future of the grid by integrating the traditional grid with information and communication technology. However, the use of this technology has not only brought its benefits but also the vulnerability to cyber-attacks. False data injection attacks is a new category of attacks targeting the smart grid that can cause serious damage by manipulating the state estimation process and starting a chain of incorrect control decisions. The cognitive dynamic system is a powerful research tool inspired by the brain that can be used to study real time cyber physical systems. The key goal of this thesis is to apply cognitive dynamic systems to the smart grid to improve the state estimation process, detect cyber-attacks and mitigate their effects. Simulation results show that the proposed methods have robust performance in both state estimation and cyber-attack mitigation under various challenging scenarios. Cognitive Dynamic System Smart Grid Cognitive Control Cognitive Risk Control Reinforcement Learning Kalman Filter Cyber Security False Data Injection Power System Security Adaptive Control DC State Estimation AC State Estimation
209	The impact of the NIS 2 directive on subcontractors in the transportation sector Sandström, Isabel January 2024 (has links) This study examines the impact of the NIS2 Directive on subcontractors in the transport sector, a critical infrastructure. By focusing on small and medium-sized enterprises (SMEs) operating as subcontractors, the study analyzes the challenges and obstacles these companies face in implementing the NIS2 requirements in their supply chain. The study also highlights the strategies used to ensure adequate cyber security within the transport sector's supply chain. A qualitative research method was used, where data was collected through semi-structured in-depth interviews and document analysis. The results show that companies with ISO/IEC 27001 certification have a solid foundation to meet the NIS2 requirements, while companies without such certification face greater challenges. The study also identifies the need for cooperation and knowledge sharing between companies to effectively navigate the new regulations and strengthen collective cyber security within the EU. The conclusions show that the NIS2 directive will require significant adaptations for SMEs, but also that it offers opportunities to improve their cyber security capabilities and strengthen the trust of customers and partners. The study emphasizes the importance of implementing robust information security to ensure continuity and protection of critical services, and that proactive adaptation and collaboration are key to achieving full compliance with NIS2 requirements. NIS2 directive Cyber security Subcontractors The transport sector Information security ISO/IEC 27001 Supply chain Risk management Incident management NIS2-direktivet Cybersäkerhet Underleverantörer Transportsektorn Informationssäkerhet ISO/IEC 27001 leverantörskedja Riskhantering Incidenthantering Other Engineering and Technologies Annan teknik
210	Cyberepidemiologi : Hur kan utbrottsdetektion inom folkhälsa hjälpa IT-incidentsövervakning? Richter, Andreas January 2018 (has links) This study aims to shed light on what a comparison between cybersecurity intelligence and public health surveillance systems can yield in practical improvements. The issue at hand is best described by the amount of threats both systems must detect. Intelligent malicious software, malware, designed by humans to spread and reap havoc in the abundance of unprotected networks worldwide and contagious diseases with millions of years of evolution behind their design to bypass human defences, infect and multiply. These two threats stand as mighty competitors to actors who try to monitor their presence to be able to give advice on further action to hinder their spread. The sheer amount of experience in public health of dealing with surveillance of contagious disease can contribute with important lessons to cyber intelligence when malware is becoming an even more alarming threat against everybody who uses the Internet. To compare them both this study uses high reliability theory to understand how Folkhälsomyndigheten, Sweden’s main authority in public health surveillance, and CERT-SE, Sweden’s national computer emergency response team, operate to make their surveillance as reliable as possible to detect emerging threats. Some key findings of the study points to the lack of regional or global binding policy’s to share information in the cyber security sector of which CERT-SE takes part in. The major roll of trust-based information sharing can be subject to shifts in relationships between states and excludes states with which no bilateral arrangements are made, but who may possess information of urgent necessity. The lack of arrangements in the cybersecurity sector, correspondent to the International health regulations by World Health Organization in public health, stands as a major difference between the two sectors access to information. However, this study may not stretch as far as to prove that the greater access to information would have proved to be of ease in a specific cyberincident. Case studies of this kind or further research of how agreements can be made in an anarchistic domain like the Internet are to be continued from this study. cyber cyber security cyber intelligence cyber surveillance high reliability organisation high reliability theory public health epidemiology Folkhälsomyndigheten CERT-SE informationssäkerhet folkhälsa cybersäkerhet cyber cyberövervakning it-incident

Search results