Global ETD Search

51	Informační a kybernetické hrozby v roce 2019 / Information and Cyber Threats in 2019 Bača, Jonatán January 2020 (has links) Diploma thesis focuses on information and cyber threats in 2019. It comprises theoretical basis for better understanding of the issue. Afterward the thesis describes the analysis of the current situation which combined several analyses primarily aimed on Czech companies. In the last part draft measures is created which contain predictions and preventive actions and recommendations for companies.
52	Zavedení standardu ISO 27701 do firmy využitím Gap analýzy / Implementation of standard ISO 27701 in the company using Gap analysis Vicen, Šimon January 2020 (has links) This thesis analyses current state of the system for implementation of standard ISO 27701: 2019 extention. This standard extends already established standard ISO 27001. The thesis evaluates set of controls to the requirements of standard ISO 27701: 2019. Theoretical part contains information regarding the information security, describes a set of ISO 27000 standards as well as European and Czech legal acts related to information security. Following analysis of the company is performed with the application of security measures while implementing the extension standard ISO 27701. Contribution of this thesis is evaluation of the analysis which results from implementation of recommended standard to address the increased number of security threats and the protection of security information.
53	Technika SQL injection - její metody a způsoby ochrany / SQL Injection Technique - its Methods and Methods of Protection Bahureková, Beáta January 2020 (has links) SQL injection is a technique directed against web applications using an SQL database, which can pose a huge security risk. It involves inserting code into an SQL database, and this attack exploits vulnerabilities in the database or application layer. The main goal of my thesis is to get acquainted with the essence of SQL injection, to understand the various methods of this attack technique and to show ways to defend against it. The work can be divided into these main parts, which I will discuss as follows.In the introductory part of the work I mention the theoretical basis concerning SQL injection issues. The next chapter is focused on individual methods of this technique. The analytical part is devoted to mapping the current state of test subjects, scanning tools, which form the basis for optimal research and testing of individual SQL methods, which are discussed in this part from a practical point of view along with the analysis of commands. In the last part I will implement SQL methods on selected subjects and based on the outputs I will create a universal design solution how to defend against such attacks.
54	Detecting Insider and Masquerade Attacks by Identifying Malicious User Behavior and Evaluating Trust in Cloud Computing and IoT Devices Kambhampaty, Krishna Kanth January 2019 (has links) There are a variety of communication mediums or devices for interaction. Users hop from one medium to another frequently. Though the increase in the number of devices brings convenience, it also raises security concerns. Provision of platform to users is as much important as its security. In this dissertation we propose a security approach that captures user behavior for identifying malicious activities. System users exhibit certain behavioral patterns while utilizing the resources. User behaviors such as device location, accessing certain files in a server, using a designated or specific user account etc. If this behavior is captured and compared with normal users’ behavior, anomalies can be detected. In our model, we have identified malicious users and have assigned trust value to each user accessing the system. When a user accesses new files on the servers that have not been previously accessed, accessing multiple accounts from the same device etc., these users are considered suspicious. If this behavior continues, they are categorized as ingenuine. A trust value is assigned to users. This value determines the trustworthiness of a user. Genuine users get higher trust value and ingenuine users get a lower trust value. The range of trust value varies from zero to one, with one being the highest trustworthiness and zero being the lowest. In our model, we have sixteen different features to track user behavior. These features evaluate users’ activities. From the time users’ log in to the system till they log out, users are monitored based on these sixteen features. These features determine whether the user is malicious. For instance, features such as accessing too many accounts, using proxy servers, too many incorrect logins attribute to suspicious activity. Higher the number of these features, more suspicious is the user. More such additional features contribute to lower trust value. Identifying malicious users could prevent and/or mitigate the attacks. This will enable in taking timely action against these users from performing any unauthorized or illegal actions. This could prevent insider and masquerade attacks. This application could be utilized in mobile, cloud and pervasive computing platforms. cloud computing cyber attacks cyber security machine learning network security user behavior trust
55	Posouzení a návrh informační bezpečnosti v organizaci / Assessment and a Proposal for Information Security in the Organization Rybáková, Alena January 2015 (has links) This diploma thesis deals with the issue of information security in the organization. Author's effort is to gain a broad overview of connections, which will then be evaluated in the final section, providing concrete recommendations. In this thesis it is discussed information security management system, service management system and cyber security, both in theory and in terms of real application in a particular organization. The aim is to provide own recommendations for improvement.
56	Who Watches The Privileged Users Persson, Sebastian January 2020 (has links) Today, companies are spending millions of dollars on cybersecurity, but compromised systems and stealing sensitive information are still huge problems. Protecting sensitive information has always been of vital importance. However, the struggle today is that digital information can be distributed to an endless amount of users, everywhere in the world. Security solutions today focus on role-based access control and "the principle of the least privilege". They can affect the productivity of employees, which is also a key aspect to be considered when it comes to security. Privilege users are the ones that possess the most permissions within a system and are, therefore, a significant risk. This thesis project is focusing on developing a solution that protects against security risks connected to the users with the most privilege. The developed solution resulted in a modular role-based access methodology, also adding the "four-eye principle" (4EP). By introducing an extra shield outside the standard API, sensitive commands sent unwittingly or wittingly by a privileged user can be discovered before compromising a system or leaking sensitive information. Introducing the "four-eye principle" in a secure proxy solution, a "third-party" user approves sensitive commands before reaching the intended system. The solution is developed in JAVA and is adaptable to different organisations by letting the system administrators choose an intended system, which policies of sensitive commands to apply and whom that needs to approve them. The concepts implemented in this prototype can be used in future industrial developments. Information security cybersecurity cyber security access control four-eye principle 4EP Computer and Information Sciences Data- och informationsvetenskap
57	Experience of immersion in serious games : A quantitative study of educational games in the field of cyber security Gustafsson, Erik January 2022 (has links) It is not always easy to immersive oneself in a new field, maybe even harder so if it is obligatory. This study focused on how serious games can immerse players and potential students in educational games for a learning purpose. More specifically, the study compared two similar educational games in cyber security. One of them was pretty lengthy and explained the topics in-depth, while the other was short and simpler. By allowing participants to play at least one of the two games and then answer a questionnaire about their experience with immersion, this study attempted to conclude which approach was the most immersive of the two. With the replies collected, the data on the whole suggest longer games that are more in-depth are generally more immersive, with the possible exception of participants that had no prior knowledge of the topic tend to prefer the simpler ones. / <p>Det finns övrigt digitalt material (t.ex. film-, bild- eller ljudfiler) eller modeller/artefakter tillhörande examensarbetet som ska skickas till arkivet.</p> Educational serious games cyber security immersion Information Systems
58	Kategorisera föreställningar om digitala hot / Categorize conceptions about digital threats Pettersson, Fredrik January 2022 (has links) Användandet av internet ökar ständigt och allt fler företag digitaliserar sin verksamhet. Dock har detta lett till att kriminaliteten ökar på de digitala plattformarna. Detta sätter hög press på företag att satsa på sin datasäkerhet för att hänga med i utvecklingen. Målsättningen med denna rapport är att kategorisera allmänhetens uppfattning om digitala hot och ställa dessa i jämförelse med den forskning som finns. Detta för att se vilka hot som allmänheten behöver eller inte behöver oroa sig för. Rapporten lägger även ett stort fokus på de ekonomiska konsekvenser som cyberattackerna har på samhället. Resultatet visar att allmänheten rent generellt har dålig uppfattning om de digitala hoten även fast de överlag uppskattar hoten som allvarliga. Detta visar på en kunskapslucka hos befolkningen vilket kan vara naturlig då utvecklingen har gått mycket fort inom området. De hot som denna rapport lyfter upp är några av de mest relevanta digitala hot som finns på marknaden idag. Detta kompletteras med en genomgång av de ekonomiska konsekvenser och prognoser för framtida konsekvenser av cyberattacker. / The use of the internet is constantly increasing and more and more companies are digitizing their work. However, this has led to an increase in crime on the digital platforms. This puts a lot of pressure on companies to invest in their data security to keep up with the progress of cyber crime. The aim of this report is to categorize the public's perception of digital threats and compare them with existing research. This is to see what threats the public needs or does not need to worry about. The report also places great emphasis on the economic consequences that cyber attacks have on society. The result shows that the general public has a poor perception of the digital threats, even though they generally regard the threats as serious. This shows a knowledge gap among the population, which may be natural as the development has been very fast in the scientific area. The threats that this report highlights are some of the most relevant digital threats on the market today. This is supplemented by a review of the economic consequences and forecasts for future consequences of cyber attacks. security data security cyber security public opinion säkerhet datasäkerhet cybersäkerhet allmänhetens uppfattning Computer Sciences Datavetenskap (datalogi)
59	En analys kring det civila försvaret på lokal nivå. : En jämförande studie mellan Värmland och Örebros resurser och samarbetsförmågor / An analysis of civil local defense. : A comparative study between Värmland and Örebros, resources and their ability to work together. Kullander, Nathalia January 2021 (has links) The purpose of this essay is to study the civil defense work in Värmland and Örebro, connected to their resources whithin the respective county. To get a clear picture of how the counties are equipped when it comes to a crisis I have been focusing on the necessary principle connected to civil defense. The study also includes their work with the confederation of enterprise, warehousing and cyber security. To be able to see if they have the potential to collaborating with their resources. I use Emerson's theory of collaborative governance to see if Värmland and Örebro have the potential to work together during a conceivable crisis. Which is about cross-border governance where public and non-public actors prepare overall decisions. When I read about previous research regarding civil defense, I saw Lunde Saxis report Nordic Defense cooperation after the Cold war. And then I got the idea of studying the cooperation between Värmland and Örebro County. Like his theory, it is most optimal if two smaller actors merge during a crisis instead of managing it individually. The counties cannot challenge each other, but they can complement each other during a crisis. The thesis has a larger issue that is linked to the purpose of looking at the potential for collaboration within the theory Collaborative governance:- Can Emerson's theory of Collaborative Governance be established in today's civil defense at the local level?In order to be able to answer that question, the essay will have three sub-questions based on answering whether Örebro and Värmland have opportunities to find possible collaboration with each other.- Are there co-operation capabilities between the two counties according to Collaborative governance?- What assets do the two counties have at their disposal in civil defense?- Do the counties have physical proximity to the various assets required for a stable civil defense?The thesis concludes that the two counties have good conditions for coping with a crisis with their resources available, and that there is great potential for developing new methods and establishing more working methods linked to business, warehousing and cyber security. Collaboration can take place within Emerson's theory, the counties have good chances of collaborating within collaborative governance.Keywords- Civil Defense, The Confederation Of Enterprise, Warehousing, Cyber Security, Cooperation, Collaborative Governance. Civil Defense The Confederation Of Enterprise Warehousing Cyber Security Cooperation Collaborative Governance Political Science Statsvetenskap
60	Implementation of GNSS/GPS Navigation and its Attacks in UAVSim Testbed Jahan, Farha January 2015 (has links) No description available. Computer Engineering UAVs UAVSim GPS-GNSS Implementation cyber-security OMNET CNIOS3 GPS Spoofing

Search results