Spelling suggestions: "subject:"[een] CYBER SECURITY"" "subject:"[enn] CYBER SECURITY""
31 |
Prevention of cybercrimes in smart cities of India: from a citizen's perspectiveChatterjee, S., Kar, A.K., Dwivedi, Y.K., Kizgin, Hatice 10 July 2019 (has links)
Yes / Purpose: The purpose of this paper is to identify the factors influencing the citizens of India to prevent cybercrimes in the proposed Smart Cities of India.
Design/methodology/approach: A conceptual model has been developed for identifying factors preventing cybercrimes. The conceptual model was validated empirically with a sample size of 315 participants from India. Data were analyzed using structural equation modeling with SPSS and AMOS softwares.
Findings: The study reveals that the “awareness of cybercrimes” significantly influences the actual usage of technology to prevent cybercrimes in Smart Cities of India. The study reveals that government initiative (GI) and legal awareness are less influential in spreading of the awareness of cybercrimes (AOC) to the citizens of the proposed smart cities.
Research limitations/implications: The conceptual model utilizes two constructs from the technology adoption model, namely, perceived usefulness and ease of use. The study employs other factors such as social media, word of mouth, GIs, legal awareness and organizations constituting entities spreading awareness from different related literature works. Thereby, a comprehensive theoretical conceptual model has been proposed which helps to identify the factors that may help in preventing cybercrimes.
Practical implications: This study provides an insight to the policy maker to understand several factors influencing the AOC of the citizens of the proposed Smart Cities of India for the prevention of cybercrimes.
Originality/value: There are few existing studies analyzing the effect of AOC to mitigate cybercrimes. Thus, this study offers a novel contribution.
|
32 |
Kybernetická bezpečnost a legislativa ČR / Cyber security and legislation of the Czech RepublicKratochvíl, David January 2012 (has links)
Contemporary society is increasingly influenced by computers and internet environment and it meets with issues related to cybercrime. There are already a number of laws, whether at EU or national governments, which are trying to reduce or prevent risks associated with hackers, cyber terrorism or any other illegal activities in cyberspace. Thesis "Cyber security and legislation of the Czech Republic", is divided into two main parts. In the first theoretical part, the reader apprise with cybercrime in general. You can read about methods of investigation, types of illegal activities and how to prevent such practices. The second part consists of an analysis of the current legislation of the Czech Republic, EU and Legislative intent of the law on cyber security. I will describe the bill, analyze and appraise its benefits to society. In conclusion of this thesis, I will summarize the achievement of results and objectives of the work.
|
33 |
Monitoring of Cyber Security Exercise Environments in Cyber Ranges : with an implementation for CRATE / Övervakning av spelmiljöer i cyberanläggningar : med en implementation för CRATESjöstedt, Matildha January 2021 (has links)
In a world where much of society is dependent on digital infrastructure, various cyber threats can pose a great risk to businesses, critical infrastructure and potentially entire nations. For this reason, research and education as well as the preparation of strategies, training of personnel etc., is imperative. Cyber ranges can provide ''safe environments'' in which for example cyber security exercises and experiments can be conducted. While easier to deploy and configure than ''real'' infrastructures, monitoring of such environments during ongoing exercises/experiments poses a number of challenges. During this thesis work, the question of what types of data and information could be relevant to provide in a monitoring system for this context was investigated, with regard to aspects such as providing technical support or gaining situational awareness during exercises. Results gained from a survey with participants from relevant organizations, contributed greatly to this question. The survey and literature study also provided insights into challenges and potential problems of developing and running such monitoring. CRATE is a cyber range developed and maintained by the Swedish Defence Research Agency (FOI). In this thesis work, some of the challenges and potential problems found are tackled with a suggested design and an implemented monitoring system prototype for CRATE. Apart from providing functionality to retrieve information about accounts and privileges as well as status of services, the design of the prototype also lays the foundation for a flexible and extensible monitoring system -- fully adapted for use within a cyber range. With cyber exercises becoming both more prevalent and extensive, the need for capable monitoring of exercise environments will naturally arise. While the developed prototype may facilitate future cyber exercises/experiments in CRATE, the results of this thesis work are also ready to be used as a source of inspiration for other cyber range operators.
|
34 |
Reconnaissance de forme dans cybersécuritéVashaee, Ali January 2014 (has links)
Résumé : L’expansion des images sur le Web a provoqué le besoin de mettre en œuvre des méthodes de classement d’images précises pour plusieurs applications notamment la cybersécurité. L’extraction des caractéristiques est une étape primordiale dans la procédure du classement des images vu son impact direct sur la performance de la catégorisation finale des images et de leur classement. L’objectif de cette étude est d’analyser l’état de l’art des différents espaces de caractéristiques pour évaluer leur
efficacité dans le contexte de la reconnaissance de forme pour les applications de
cybersécurité. Les expériences ont montré que les descripteurs de caractéristiques
HOG et GIST ont une performance élevée. Par contre, cette dernière se dégrade
face aux transformations géométriques des objets dans les images. Afin d’obtenir
des systèmes de classement d’image plus fiables basés sur ces descripteurs, nous proposons deux méthodes. Dans la première méthode (PrMI) nous nous concentrons
sur l’amélioration de la propriété d’invariance du système de classement par tout
en maintenant la performance du classement. Dans cette méthode, un descripteur
invariant par rapport à la rotation dérivé de HOG est utilisé (RIHOG) dans une technique de recherche "top-down" pour le classement des images. La méthode (PrMI)
proposée donne non seulement une robustesse face aux transformations géométriques des objets, mais aussi une performance élevée similaire à celle de HOG. Elle est aussi efficace en terme de coût de calcul avec une complexité de l’ordre de O(n). Dans la deuxième méthode proposée (PrMII), nous nous focalisons sur la performance du classement en maintenant la propriété d’invariance du système de classement. Les objets sont localisés d’une façon invariante aux changement d’échelle dans l’espace de caractéristiques de covariance par région. Ensuite elles sont décrites avec les descripteurs HOG et GIST. Cette méthode procure une performance de classement meilleure en comparaison avec les méthodes implémentées dans l’étude et quelques méthodes CBIR expérimentées sur les données Caltech-256 dans les travaux antérieurs. // Abstract : The tremendous growth of accessible online images (Web images), provokes the need to perform accurate image ranking for applications like cyber-security. Feature extraction is an important step in image ranking procedures due to its direct impact on final categorization and ranking performance. The goal of this study is to analyse the state of the art feature spaces in order to evaluate their efficiency in the abject recognition context and image ranking framework for cyber-security applications. Experiments show that HOG and GIST feature descriptors exhibit high ranking performance. Whereas, these features are not rotation and scale invariant. In order to obtain more reliable image ranking systems based on these feature spaces, we proposed two methods. In the first method (PrMI) we focused on improving the invariance property of the ranking system while maintaining the ranking performance. In this method, a rotation invariant feature descriptor is derived from HOC (RIHOC). This descriptor is used in a top-down searching technique to caver the scale variation of the abjects in the images. The proposed method (PrMI) not only pro vides robustness against geometrical transformations of objects but also provides high ranking performance close to HOC performance. It is also computationally efficient with complexity around O(n). In the second proposed method (PrMII) we focused on the ranking performance while maintaining the invariance property of the ranking system. Objects are localized in a scale invariant fashion under a Region Covariance feature space, then they are described using HOC and CIST features. Finally to ob tain better evaluation over the performance of proposed method we compare it with existing research in the similar domain(CBIR) on Caltech-256. Proposed methods provide highest ranking performance in comparison with implemented methods in this study, and some of the CBIR methods on Caltech-256 dataset in previous works.
|
35 |
The use of Big Data Analytics to protect Critical Information Infrastructures from Cyber-attacksOseku-Afful, Thomas January 2016 (has links)
Unfortunately, cyber-attacks, which are the consequence of our increasing dependence on digital technology, is a phenomenon that we have to live with today. As technology becomes more advanced and complex, so have the types of malware that are used in these cyber-attacks. Currently, targeted cyber-attacks directed at CIIs such as financial institutions and telecom companies are on the rise. A particular group of malware known as APTs, which are used for targeted attacks, are very difficult to detect and prevent due to their sophisticated and stealthy nature. These malwares are able to attack and wreak havoc (in the targeted system) within a matter of seconds; this is very worrying because traditional cyber security defence systems cannot handle these attacks. The solution, as proposed by some in the industry, is the use of BDA systems. However, whilst it appears that BDA has achieved greater success at large companies, little is known about success at smaller companies. Also, there is scarcity of research addressing how BDA is deployed for the purpose of detecting and preventing cyber-attacks on CII. This research examines and discusses the effectiveness of the use of BDA for detecting cyber-attacks and also describes how such a system is deployed. To establish the effectiveness of using a BDA, a survey by questionnaire was conducted. The target audience of the survey were large corporations that were likely to use such systems for cyber security. The research concludes that a BDA system is indeed a powerful and effective tool, and currently the best method for protecting CIIs against the range of stealthy cyber-attacks. Also, a description of how such a system is deployed is abstracted into a model of meaningful practice.
|
36 |
The MaRiQ model: A quantitative approach to risk managementCarlsson, Elin, Mattsson, Moa January 2019 (has links)
In recent years, cyber attacks and data fraud have become major issues to companies, businesses and nation states alike. The need for more accurate and reliable risk management models is therefore substantial. Today, cybersecurity risk management is often carried out on a qualitative basis, where risks are evaluated to a predefined set of categories such as low, medium or high. This thesis aims to challenge that practice, by presenting a model that quantitatively assesses risks - therefore named MaRiQ (Manage Risks Quantitatively). MaRiQ was developed based on collected requirements and contemporary literature on quantitative risk management. The model consists of a clearly defined flowchart and a supporting tool created in Excel. To generate scientifically validated results, MaRiQ makes use of a number of statistical techniques and mathematical functions, such as Monte Carlo simulations and probability distributions. To evaluate whether our developed model really was an improvement compared to current qualitative processes, we conducted a workshop at the end of the project. The organization that tested MaRiQexperienced the model to be useful and that it fulfilled most of their needs. Our results indicate that risk management within cybersecurity can and should be performed using more quantitative approaches than what is praxis today. Even though there are several potential developments to be made, MaRiQ demonstrates the possible advantages of transitioning from qualitative to quantitative risk management processes.
|
37 |
Advanced applications for state estimators in smart grids : identification, detection and correction of simultaneous measurement, parameter and topology cyber-attacksKlas, Juliana January 2018 (has links)
Growing demand and concern over climate change are key drivers for renewable sources of electricity and grid modernization. Grid modernization, or the so called smart grid, not only enables renewable sources but also opens the door to new applications with far-reaching impacts such as preventing or restoring outages (self-healing capabilities), and enabling consumers to have greater control over their electricity consumption and to actively participate in the electricity market. According to the Electric Power Research Institute (EPRI), one of the biggest challenges facing smart grid deployment is related to the cyber security of the systems. The current cyber-security landscape is characterized by rapidly evolving threats and vulnerabilities that pose challenges for the reliability, security, and resilience of the electricity sector. Power system state estimators (PSSE) are critical tools for grid reliability, under a system observable scenario, they allow power flow optimization and detection of incorrect data. In this work cyber-attacks are modeled as malicious data injections on system measurements, parameters and topology. The contributions of this work are twofold. First, a model for cyber-attack as a false data injection detection and identification is presented. The presented model considers the minimization of the composed measurement error while applying the Lagrangian relaxation. The presented contribution, enables false data injection attacks detection even if this belongs to the subspace spanned by the columns of the Jacobian matrix and in network areas with low measurement redundancy Second, state-of-the-art solutions consider correction of parameters or topology when measurements are free of error. However, how may one correct measurements if parameters or topology might be simultaneously in error? To solve this problem, a relaxed model is presented and solved iteratively in a continuous manner. Once identified and detected, cyber-attacks in parameters, topology and measurements are corrected. The proposed solution is based on a Taylor series relaxed, composed normalized error (CNE) hybrid approach with Lagrange multipliers. Validation is made on the IEEE-14 and IEEE-57 bus systems. Comparative results highlight the proposed methodology’s contribution to the current state-of-the-art research on this subject. Providing mitigation, response and system recovery capabilities to the state estimator with reduced computational burden, the proposed model and methodology have strong potential to be integrated into SCADA state estimators for real-world applications. / O aumento da demanda e a preocupação com as mudanças climáticas são importantes motivadores para as fontes de energia renováveis e a modernização da rede elétrica. A modernização da rede elétrica inteligentes (REI) ou smart grid, não somente possibilita as fontes de energia renováveis mas também abre portas à novas aplicações de grande impacto como a prevenção e restauração automática de falhas e a possibilidade dos consumidores terem grande controle sobre o consumo de eletricidade e atuação participativa no mercado de energia. De acordo com o Instituto Norte Americano de Pesquisas do Setor Elétrico, um dos principais desafios a ser enfrentado no desenvolvimento das REIs é relacionado a segurança cibernética dos sistemas. O cenário da segurança cibernética atual é caracterizado pela rápida evolução dos riscos e vulnerabilidades que impõe desafios para a confiabilidade, segurança e resiliência do setor elétrico. Neste contexto, estimadores de estado do sistema de potência são ferramentas críticas para a confiabilidade da rede, sob um cenário de observabilidade do sistema eles possibilitam o fluxo de potência do sistema e a análise de dados incorretos. Neste trabalho, ataques cibernéticos são modelados como injeção de dados incorretos em medidas, parâmetros e topologia do sistema. A metodologia proposta possibilita detecção de ataques mesmo se eles pertencerem ao subespaço ortogonal formado pelas colunas da matriz Jacobiana e em áreas do sistema com reduzida redundância de medidas. A solução proposta pelo estado da arte considera correções em parâmetros ou topologia quando medidas estão livres de erros. Porém, como pode-se corrigir medidas se parâmetros ou a topologia estão simultaneamente com erros? Para resolver este problema um modelo relaxado é proposto e resolvido iterativamente. Assim que detectado e identificado, ataques cibernéticos em parâmetros, topologia e/ou medidas são corrigidos. As contribuições específicas do trabalho são: cálculo do desvio padrão para pseudomedidas (iguais à zero) e medidas de baixa magnitude baseado em medidas correlatas e propriedades da covariância; modelo baseado em relaxação lagrangiana e erro composto de medida para identificação e detecção de ataques cibernéticos; estratégia hibrida de relaxamento iterativo (EHRI) para correção de ataque cibernético em parâmetros da rede de modo contínuo e com reduzido esforço computacional e metodologia baseada em ciclo holístico de resiliência para estimadores de estado sob ataques cibernéticos simultâneos em parâmetros, topologia e medidas. A validação é feita através dos sistemas de teste do IEEE de 14 e 57 barras, testes comparativos elucidam as contribuições da metodologia proposta ao estado da arte nesta área de pesquisa. Trazendo as capacidades de mitigação, resposta e recuperação ao estimador de estado com esforço computacional reduzido, o modelo e metodologia propostos tem grande potencial de ser integrado em SCADAs para aplicação em casos reais.
|
38 |
Fall in Line or Fall Behind? : Cooperation in cyberspace between the North Atlantic Treaty Organisation and the European Union.Rupp, Vendela January 2019 (has links)
This study explores the relationship between the North Atlantic Treaty Organisation and the European Union in cyberspace. The two organisations have differing approaches to combat threats from cyberspace but are continuously deepening their cooperative efforts. The former is arguably militarising the domain and is less inclined to share information with outside parties, while the latter is more willing in this respect but is struggling to balance a free and open Internet with a secure one. NATO’s focus on cyber defence and the EU’s focus on cyber security is connected to the organisations’ different identities as security actors. The difference is identifiable in the Joint Declaration on EU-NATO Cooperation established in 2016. While cyber defence and cyber security are notable in texts, it is yet to be determined how the respective organisations’ differing focus impacts their cooperation in cyberspace. The purpose of this study is thus to investigate the continuation of the Joint-Declaration given NATO and the EU’s different frameworks to combat cyberthreats. The study will use Michel Foucault’s Security Dispositive theory by looking at normalising discourses within the organisations’ respective agendas influenced by various cyberattacks in the 21st century. NATO focuses on developing offensive as well as defensive cyber capabilities while the EU primarily presents a more passive strategy. Considering the Alliance’s ability to set demands on partner actors, results suggested that the Joint Declaration is able to continue if the EU falls in line with the precedent set by NATO as the organisation continues to expand its militarising discourse of cyberspace.
|
39 |
Computer literacy : Does a background in computer programming give you better cyber security habits?Ivanov, Bozhidar, Vaino, Joonas January 2019 (has links)
Background: Computers are everywhere around us today and skills must be acquired in order for a person to use them. However, the topic of computer literacy is not researched enough to specify basic computer skills to consider an individual computer literate. This thesis will contribute to the research gap by investigating the computer skills of the workforce in the IT sector. Purpose: The purpose of this thesis is to examine the connection between computer programming and cyber security skills of the IT professional, e.g. is there a beneficial factor of this connection. Method: For this study the quantitative research method was used to gather data. The authors decided that the best way to reach their target group and answer the research questions was to conduct a survey and pose questions on the topics of computer literacy and cyber security. Conclusion: The results show that there is a statistical significance between the user’s security habits and his or her programming skills (or the absence of them). People who write code, defined as programmers, scored better on security skills survey, whereas their counterparts, the non-programmers, have some knowledge on the topic but they can never be absolutely sure of their cyber safety in the fast changing world of IT.
|
40 |
Assessing the Global Cyber and Biological ThreatMezzour, Ghita 01 April 2015 (has links)
In today’s inter-connected world, threats from anywhere in the world can have serious global repercussions. In particular, two types of threats have a global impact: 1) cyber crime and 2) cyber and biological weapons. If a country’s environment is conducive to cyber criminal activities, cyber criminals will use that country as a basis to attack end-users around the world. Cyber weapons and biological weapons can now allow a small actor to inflict major damage on a major military power. If cyber and biological weapons are used in combination, the damage can be amplified significantly. Given that the cyber and biological threat is global, it is important to identify countries that pose the greatest threat and design action plans to reduce the threat from these countries. However, prior work on cyber crime lacks empirical substantiation for reasons why some countries’ environments are conducive to cyber crime. Prior work on cyber and biological weapon capabilities mainly consists of case studies which only focus on select countries and thus are not generalizeable. To sum up, assessing the global cyber and biological threat currently lacks a systematic empirical approach. In this thesis, I take an empirical and systematic approach towards assessing the global cyber and biological threat. The first part of the thesis focuses on cyber crime. I examine international variation in cyber crime infrastructure hosting and cyber crime exposure. I also empirically test hypotheses about factors behind such variation. In that work, I use Symantec’s telemetry data, collected from 10 million Symantec customer computers worldwide and accessed through the Symantec’s Worldwide Intelligence Network Environment (WINE). I find that addressing corruption in Eastern Europe or computer piracy in Sub-Saharan Africa has the potential to reduce the global cyber crime. The second part of the thesis focuses on cyber and biological weapon capabilities. I develop two computational methodologies: one to assess countries’ biological capabilities and one to assess countries’ cyber capabilities. The methodologies examine all countries in the world and can be used by non-experts that only have access to publicly available data. I validate the biological weapon assessment methodology by comparing the methodology’s assessment to historical data. This work has the potential to proactively reduce the global cyber and biological weapon threat.
|
Page generated in 0.0355 seconds