Global ETD Search

191	Towards an Understanding of the Interaction of Hair with the Depositional Environment Wilson, Andrew S., Dixon, Ronald A., Edwards, Howell G.M., Farwell, Dennis W., Janaway, Robert C., Pollard, A. Mark, Tobin, Desmond J. January 2001 (has links) No / There is developing interest in the analytical use of human hair from archaeological contexts in key research areas such as DNA, trace elemental and isotopic analyses. Other human tissues, especially bone, that have been used for trace element, isotopic and DNA analyses have had extensive study concerning their diagenesis, but this has not been done for hair. Consideration must be given to the complex interaction of hair with its buried environment, thereby laying a firm basis for the use of hair in future research. Since human hair is known to survive under a diverse range of environmental conditions, a pilot study has investigated the basic processes of hair degradation, using samples from different climatic zones and burial types. Variation in the degree of preservation of archaeological hair was characterized by light microscopy, electron microscopy, and FT-Raman spectroscopy, relating morphological change of the surface and internal structure of hair to its biochemical integrity. The results demonstrate a breakdown of cortical cell boundaries and disruption of the cuticular layering, coupled with infiltration of material from the burial matrix that suggests a progressive loss of cohesion that is in part due to microbiological activity. Medullated hair is shown to be more susceptible to physical breakdown by providing two routes for microbial and environmental attack. At the molecular level the proteinaceous component undergoes alteration, and the S-S cystine linkages, responsible for the strength and resilience of hair in living individuals, are lost. Scalp hair Degradation Contamination Microbial attack TEM FT-raman spectroscopy
192	Scan and Get Scammed : Using QR Codes as an attack vector Pettersson, Hugo, Gonzalez Alvarado, Michael January 2024 (has links) Quick Response codes are a widespread feature commonly used to conveyinformation to users who scan them. During Covid 19 these codes became evenmore widespread as restaurants had to adapt to using contactless visits to hinder thespread of the disease, but since quick response codes can also be leveraged formalicious purposes the number of phishing attempts also increased. In this thesis, weexplored the security implications of QR codes by investigating how they can beexploited and secured, as well as surveying how aware people are of these securityimplications. The result of the thesis shows that QR codes can be leveraged to send maliciousprograms directly through the QR code without having to download anything.Through the survey we learned that people are relatively unaware of phishingthrough QR codes, but also that some of the participants knew someone who hadbeen a victim of it. QR codes malware attack vector Computer and Information Sciences Data- och informationsvetenskap
193	Side-Channel Attacks on Intel SGX: How SGX Amplifies The Power of Cache Attack Moghimi, Ahmad 27 April 2017 (has links) In modern computing environments, hardware resources are commonly shared, and parallel computation is more widely used. Users run their services in parallel on the same hardware and process information with different confidentiality levels every day. Running parallel tasks can cause privacy and security problems if proper isolation is not enforced. Computers need to rely on a trusted root to protect the data from malicious entities. Intel proposed the Software Guard eXtension (SGX) to create a trusted execution environment (TEE) within the processor. SGX allows developers to benefit from the hardware level isolation. SGX relies only on the hardware, and claims runtime protection even if the OS and other software components are malicious. However, SGX disregards any kind of side-channel attacks. Researchers have demonstrated that microarchitectural sidechannels are very effective in thwarting the hardware provided isolation. In scenarios that involve SGX as part of their defense mechanism, system adversaries become important threats, and they are capable of initiating these attacks. This work introduces a new and more powerful cache side-channel attack that provides system adversaries a high resolution channel. The developed attack is able to virtually track all memory accesses of SGX execution with temporal precision. As a proof of concept, we demonstrate our attack to recover cryptographic AES keys from the commonly used implementations including those that were believed to be resistant in previous attack scenarios. Our results show that SGX cannot protect critical data sensitive computations, and efficient AES key recovery is possible in a practical environment. In contrast to previous attacks which require hundreds of measurements, this is the first cache side-channel attack on a real system that can recover AES keys with a minimal number of measurements. We can successfully recover the AES key from T-Table based implementations in a known plaintext and ciphertext scenario with an average of 15 and 7 samples respectively. key recovery trusted execution environment security cache attack T-Table TEE SGX cache side-channel attack AES cryptography
194	Modelization and identification of multi-step cyberattacks in sets of events / Modélisation et identification de cyberattaques multi-étapes dans des ensembles d'événements Navarro Lara, Julio 14 March 2019 (has links) Une cyberattaque est considérée comme multi-étapes si elle est composée d’au moins deux actions différentes. L’objectif principal de cette thèse est aider l’analyste de sécurité dans la création de modèles de détection à partir d’un ensemble de cas alternatifs d’attaques multi-étapes. Pour répondre à cet objectif, nous présentons quattre contributions de recherche. D’abord, nous avons réalisé la première bibliographie systématique sur la détection d’attaques multi-étapes. Une des conclusions de cette bibliographie est la manque de méthodes pour confirmer les hypothèses formulées par l’analyste de sécurité pendant l’investigation des attaques multi-étapes passées. Ça nous conduit à la deuxième de nos contributions, le graphe des scénarios d’attaques abstrait ou AASG. Dans un AASG, les propositions alternatives sur les étapes fondamentales d’une attaque sont répresentées comme des branches pour être évaluées avec l’arrivée de nouveaux événements. Pour cette évaluation, nous proposons deux modèles, Morwilog et Bidimac, qui font de la détection au même temps que l’identification des hypothèses correctes. L’évaluation des résultats par l’analyste permet l’évolution des modèles.Finalement, nous proposons un modèle pour l’investigation visuel des scénarios d’attaques sur des événements non traités. Ce modèle, qui s’appelle SimSC, est basé sur la similarité entre les adresses IP, en prenant en compte la distance temporelle entre les événements. / A cyberattack is considered as multi-step if it is composed of at least two distinct actions. The main goal of this thesis is to help the security analyst in the creation of detection models from a set of alternative multi-step attack cases. To meet this goal, we present four research contributions. First of all, we have conducted the first systematic survey about multi-step attack detection. One of the conclusions of this survey is the lack of methods to confirm the hypotheses formulated by the security analyst during the investigation of past multi-step attacks. This leads us to the second of our contributions, the Abstract Attack Scenario Graph or AASG. In an AASG, the alternative proposals about the fundamental steps in an attack are represented as branches to be evaluated on new incoming events. For this evaluation, we propose two models, Morwilog and Bidimac, which perform detection and identification of correct hypotheses. The evaluation of the results by the analyst allows the evolution of the models. Finally, we propose a model for the visual investigation of attack scenarios in non-processed events. This model, called SimSC, is based on IP address similarity, considering the temporal distance between the events. Cybersécurité Attaque multi-étapes Correlation d’événements Détection d’attaques Cybersecurity Multi-step attack Event correlation Attack detection 005.8
195	The Defense Against the latest Cyber Espionage both insider and outsider attacks Nsambu, Emmanuel, Aziz, Danish January 2012 (has links) This study was carried out with the intention of examining the defensive mechanism employed against the latest cyber espionage methods including both insider and outsider attacks. The main focus of this study was on web servers as the targets of the cyber attacks. Information in connection to the study was obtained from researchers’ online articles. A survey was also conducted at MidSweden University in order to obtain information about the latest cyber attacks on web servers and about the existing defensive mechanism against such attacks. The existing defensive mechanism was surveyed and a simple design was created to assist in the investigation of the efficiency of the system. Some simple implementations of the existing defensive mechanism were made in order to provide some practical results that were used for the study. The existing defensive mechanism was surveyed and improved upon where possible. The improved defensive mechanism was designed and implemented and its results were compared with the results from the existing defensive mechanism. Due to the fact that the majority of the attackers use defensive mechanisms’ vulnerability in order to find their way into devices such as web servers, it was felt that, even with the most sophisticated improved defensive mechanism in place, it would not be entirely correct to claim that it is possible to fully protect web servers against such attacks. Cyber attacks Cyber Esionage Hackers SQL injection DDoS attack DoS attack
196	Providing Location Privacy to Base Station in Wireless Sensor Networks Gottumukkala, Venkata Praneeth Varma January 2012 (has links) No description available. Computer Science Wireless Sensor Networks Security Physical Location Privacy Base Station Protection Packet Tracer Attack Traffic Analysis Attack
197	Cyber Attacks as Armed Attacks? : The Right of Self-Defence When a Cyber Attack Occurs Nyman, Mikaela January 2022 (has links) No description available. Cyber attack cyber operation armed attack self-defence public international law UN Charter art.51 Law Juridik
198	Visualization and Natural Language Representation of Simulated Cyber Attacks Mao, Xinyue January 2018 (has links) The attack path is an effective tool for showing possible hacking routestaken by an attacker to target a specific computer network. It also informsadministrators about potential weakness in a network helpingthem roll-out network configuration changes. Based on predefinedcomputing methods, a large number of attack paths can be generated.However, attack paths show all possible routes for each calculationand represent them with terminologies specific to the cybersecurityfield. A major portion of attack routes and representations aretoo complicated for normal users, making it difficult to identify theparts they should pay more attention to. In this thesis project, a frameworkfor generating a concise and user-friendly attack path throughgrouping continuous attack steps is described. The framework is designedwith 6 levels of hierarchical abstraction. Top 3 levels of theseabstractions are classified based on the predefined structure of the softwareand named Structural Division. The other 3 lower levels areclassified based on semantics involving a taxonomy for natural languagerepresentation called SCV (Security Community Vocabulary),named semantics division. This visualization method is released aspart of securiCADR , a cybersecurity product released by Foreseeti,which provides a concise and understandable interaction by aggregatingoriginal attack steps according to different requirements of customers. / Anfallsstigen är ett effektivt verktyg för att visa möjliga hackningsvägarsom en angripare tar emot ett specifikt datornätverk. Det informerarockså administratörer om eventuell svaghet i ett nätverk somhjälper dem att utrulla nätverkskonfigurationsändringar. Baserat påfördefinierade datormetoder kan ett stort antal attackvägar genereras.Åtkomstvägar visar dock alla möjliga vägar för varje beräkning och representerardem med terminologier som är specifika för fältet Cybersecurity.En stor del av attackvägar och representationer är för kompliceradeför vanliga användare vilket gör det svårt att identifiera de delarsom de borde ägna mer uppmärksamhet åt. I denna avhandlingsrapportbeskrivs ett ramverk för att generera en kortfattad och användarvänligattackväg genom att gruppera kontinuerliga angreppssteg.Ramverket är utformat med 6 nivåer av hierarkisk abstraktion. Topp3 nivåer av dessa abstraktioner klassificeras baserat på den fördefinieradestrukturen av mjukvaran och namngiven strukturell uppdelning.De övriga 3 lägre nivåerna klassificeras baserat på semantik meden taxonomi för naturlig språkrepresentation som heter SCV (SecurityCommunity Vocabulary), namngiven semantikavdelning. Denna visualiseringsmetodsläpps som en del av securiCADR en cybersecurityproduktsom släpptes av Foreseeti, vilket ger en kortfattad och förståeliginteraktion genom att aggregera ursprungliga attacksteg enligtolika kunders krav. attack path visualization taxonomy for attack graph natural language representation attackvägsvisualisering taxonomi för attackgraf naturlig språkrepresentation Engineering and Technology Teknik och teknologier
199	Cyber Attacks as Armed Attacks? : The Right of Self-Defence When a Cyber Attack Occurs Nyman, Mikaela January 2023 (has links) This thesis examined the relationship between cyber operations and armed attacks to determine when the right of self-defence is triggered by cyber operations. The research question for this thesis was under what circumstances a cyber operation is considered a cyber attack and what kind of self-defence the targeted victim State can use. The thesis concluded that it is not the weaponry used, but the scale and effects of an operation that determines whether it amounts to an armed attack or not. Thus, cyber operations can be amount to armed attacks i.e., cyber attacks if the scale and effects caused by the operations are severe enough. However, the thesis concluded that there are certain challenges regarding the determination of the severity threshold of operations through cyberspace that do not exist for operations of kinetic nature. Specifically regarding whether cyber operations that cause disruption of critical infrastructure can amount to a cyber attack. The thesis concluded that it is unclear whether these kinds of effects can be comparable to the effects caused by traditional military force. However, cyber operations that result in mere economic damages do not reach the scale and effects needed to amount to cyber attacks. The thesis concluded that an imminent threat of a cyber attack triggers the right of self-defence. The meaning of imminence is ‘the last possible window of opportunity’ to repel the cyber attack, as this meaning coheres with the purpose of being able to resort to force in self-defence against an attack that has yet occurred. The issue of responsibility of non-State actors was addressed in the thesis. The essay demonstrated that the questions regarding non-State actors are even more relevant for operations carried out in cyberspace. It was concluded that although the high threshold of attribution becomes even more challenging in cyberspace, the threshold is necessary in order to maintain international peace and security. Regarding independent non-State actors, it was concluded that State practice has shown acceptance of resorting to force against non-State actors without attribution to the territorial State. To balance opposed interests, this thesis concluded that the doctrine of unwilling and unable should be followed when a victim State considers resorting to force against a non-State actor. Regarding the principles of necessity and proportionality, this thesis could conclude that the means used against a cyber attack, whether kinetic or cyber, are not vital to determine whether the self-defence used is legal or not. Instead, force used in self-defence used must be a means of last resort and cannot exceed the force needed to repel the attack. public international law cyber attack the right of self-defence armed attack cyber operation UN Charter self-defence Law Juridik
200	Mitigation of Microbially Induced Concrete Corrosion: Quantifying the Efficacy of Surface Treatments using ASTM Standards Folorunso, Oluwafisayomi 03 August 2023 (has links) No description available. Civil Engineering Environmental Engineering Chemical Engineering Engineering Microbially induced concrete corrosion Sulfate attack Acid attack ASTM Standards

Search results