Global ETD Search

81	Cyber Attacks as Armed Attacks? : The Right of Self-Defence When a Cyber Attack Occurs Nyman, Mikaela January 2023 (has links) No description available. public international law cyber attack the right of self-defence armed attack cyber operation UN Charter Law Juridik
82	Multi-stage attack detection: emerging challenges for wireless networks Lefoane, Moemedi, Ghafir, Ibrahim, Kabir, Sohag, Awan, Irfan U. 03 February 2023 (has links) Yes / Multi-stage attacks (MSAs) are among the most serious threats in cyberspace today. Criminals target big organisations and government critical infrastructures mainly for financial gain. These attacks are becoming more advanced and stealthier, and thus have capabilities to evade Intrusion Detection Systems (IDSs). As a result, the attack strategies used in the attack render IDSs ineffective, particularly because of new security challenges introduced by some of the key emerging technologies such as 5G wireless networks, cloud computing infrastructure and Internet of Things (IoT), Advanced persistent threats (APTs) and botnet attacks are examples of MSAs, these are serious threats on the Internet. This work analyses recent MSAs, outlines and reveals open issues, challenges and opportunities with existing detection methods. 5G Internet of Things Multi-stage attack Botnet attack Advanced persistent threats Machine learning
83	Neural Network-Based Crossfire Attack Detection in SDN-Enabled Cellular Networks Perry, Nicholas 13 July 2023 (has links) No description available. Computer Science crossfire attack DoS cybersecurity SDN mininet ryu open flow networking attack
84	Integrating the Meta Attack Language in the Cybersecurity Ecosystem: Creating new Security Tools Using Attack Simulation Results Grönberg, Frida, Thiberg, Björn January 2022 (has links) Cyber threat modeling and attack simulations arenew methods to assess and analyze the cybersecurity of ITenvironments. The Meta Attack Language (MAL) was createdto formalize the underlying attack logic of such simulationsby providing a framework to create domain specific languages(DSLs). DSLs can be used in conjunction with modeling softwareto simulate cyber attacks. The goal of this project was to examinehow MAL can be integrated in a wider cybersecurity context bydirectly combining attack simulation results with other tools inthe cybersecurity ecosystem. The result was a proof of conceptwhere a small DSL is created for Amazon EC2. Informationis gathered about a certain EC2 instance and used to create amodel and run an attack simulation. The resulting attack pathwas used to perform an offensive measure in Pacu, an AWSexploitation framework. The result was examined to arrive atconclusions about the proof of concept itself and about integratingMAL in the cybersecurity ecosystem in a more general sense. Itwas found that while the project was successful in showing thatintegrating MAL results in such manner is possible, the CADmodeling process is not an optimal route and that other domainsthan the cloud environment could be targeted. / Cyberhotsmodellering och attacksimuleringar är nya metoder för att bedöma och analysera cybersäkerheten i en IT-miljö. Meta Attack Language (MAL) skapades för att formalisera den underliggande attacklogiken för sådana simuleringar genom att tillhandahålla ett ramverk för att skapa domain-specific languages (DSL). En DSL kan användas tillsammans med modelleringsprogramvara för att simulera cyberattacker. Målet med detta projekt var att undersöka hur MAL kan integreras i ett bredare sammanhang genom att direkt kombinera MAL-resultat med andra verktyg inom IT-säkerhet. Resultatet blev ett koncepttest där en mindre DSL skapades för Amazon EC2. Information samlades in om en viss EC2-instans och användes för att skapa en modell och genomföra en attacksimulering. Den resulterande attackvägen användes för att utföra en offensiv åtgärd i Pacu, ett ramverk för AWS-exploatering. Resultatet undersöktes för att nå slutsatser om konceptet i sig och om att integrera MAL i IT-säkerhetens ekosystem i allmänhet. Det visade sig att även om projektet lyckades visa att det är möjligt att integrera MAL-resultat på ett sådant sätt, är CAD-modelleringsprocessen inte en optimal metodik och lämpar sig illa för syftet. Det visade sig också att andra domäner än molnmiljön skulle vara en givande riktning. / Kandidatexjobb i elektroteknik 2022, KTH, Stockholm Meta Attack Language Attack Simulation Amazon EC2 Cybersecurity Elektroteknik och elektronik
85	Utvärdering av säkerheten hos smarta hem IoT-enheter Alatrash, Mohammed Ali January 2024 (has links) Syftet med den här studien är att bedöma säkerheten och motståndskraften hos ett Matter-protokoll som används av ett multinationellt företag. Protokollet används för att möjliggöra kommunikation mellan en gateway och en applikation för styrning av smarta produkter. Utvärderingen inleddes genom att ansluta en gateway till ett nätverk och installera operativsystemet Kali Linux på datorn. Därefter utfördes flera DoS-attacker med varierande intervall, antal paket och paketstorlekar. Dessutom genomfördes en Man in the Middle-attack för att bedöma säkerheten och försöka attackera protokollet för att uppnå säkrare resultat. Resultaten från de första DoS-attackerna visade att applikationen kopplades bort från företagets gateway efter att den attackerats med ett specifikt TCP-paket. Applikationen tappade kontakten med gateway när den utsattes för en viss mängd skickade paket. Vid de efterföljande DoS-attackerna visade resultaten att gatewayen tog tid innan den reagerade. Studiens slutsats indikerar således att Matter-protokollet uppvisar dröjsmålseffekt vid DoS-attacker där gatewayen inte omedelbart reagerar. Dessa observationer har betydelse för protokollets säkerhetsaspekter och kan leda till rekommendationer för att förbättra dess motståndskraft mot olika attacker. / The purpose of this study is to assess the security and resilience of a Matter protocol used by a multinational company. The protocol is employed to facilitate communication between a gateway and an application for the control of smart products. The evaluation commenced by connecting a gateway to a network and installing the Kali Linux operating system on the computer. Subsequently, multiple Denial-of-Service (DoS) attacks were conducted with varying intervals, packet quantities, and packet sizes. Additionally, a Man-in-the-Middle attack was executed to assess security and attempt to compromise the protocol for more secure results. The results from the initial DoS attacks revealed that the application was disconnected from the company's gateway after being targeted with a specific TCP packet. The application lost contact with the gateway when subjected to a certain number of transmitted packets. In the subsequent DoS attacks, the results indicated a delay in the gateway's response. The study's conclusion suggests that the Matter protocol exhibits a latency effect during DoS attacks, where the gateway does not respond immediately. These observations have implications for the security aspects of the protocol and may lead to recommendations for enhancing its resilience against various attacks. DoS-attack IoT MATTER MIMT. DoS-attack IoT MATTER MIMT Software Engineering Programvaruteknik
86	Design and Analysis of Anomaly Detection and Mitigation Schemes for Distributed Denial of Service Attacks in Software Defined Network. An Investigation into the Security Vulnerabilities of Software Defined Network and the Design of Efficient Detection and Mitigation Techniques for DDoS Attack using Machine Learning Techniques Sangodoyin, Abimbola O. January 2019 (has links) Software Defined Networks (SDN) has created great potential and hope to overcome the need for secure, reliable and well managed next generation networks to drive effective service delivery on the go and meet the demand for high data rate and seamless connectivity expected by users. Thus, it is a network technology that is set to enhance our day-to-day activities. As network usage and reliance on computer technology are increasing and popular, users with bad intentions exploit the inherent weakness of this technology to render targeted services unavailable to legitimate users. Among the security weaknesses of SDN is Distributed Denial of Service (DDoS) attacks. Even though DDoS attack strategy is known, the number of successful DDoS attacks launched has seen an increment at an alarming rate over the last decade. Existing detection mechanisms depend on signatures of known attacks which has not been successful in detecting unknown or different shades of DDoS attacks. Therefore, a novel detection mechanism that relies on deviation from confidence interval obtained from the normal distribution of throughput polled without attack from the server. Furthermore, sensitivity analysis to determine which of the network metrics (jitter, throughput and response time) is more sensitive to attack by introducing white Gaussian noise and evaluating the local sensitivity using feed-forward artificial neural network is evaluated. All metrics are sensitive in detecting DDoS attacks. However, jitter appears to be the most sensitive to attack. As a result, the developed framework provides an avenue to make the SDN technology more robust and secure to DDoS attacks. Software Defined Networks (SDN) Network security Attack detection Attack mitigation Controller
87	Resilient Waveform Design for OFDM-MIMO Communication Systems Shahriar, Chowdhury M. R. 23 October 2015 (has links) This dissertation addresses physical layer security concerns, resiliency of the Orthogonal Frequency Division Multiplexing (OFDM) and the Multiple Input Multiple Output (MIMO) systems; the `de-facto' air-interface of most wireless broadband standards including LTE and WiMAX. The major contributions of this dissertation are: 1) developing jamming taxonomy, 2) proposing OFDM and MIMO equalization jamming attacks and countermeasures, 3) developing antijam (AJ) MIMO systems, and 4) designing null space projected overlapped-MIMO radar waveform for spectrum sharing between radar and communications system. First, we consider OFDM systems under various jamming attacks. Previous research is focused on jamming OFDM data transmissions. We focus on energy efficient attacks that can disrupt communication severely by exploiting the knowledge of target waveform. Specifically, these attacks seek to manipulate information used by the equalization algorithm to cause errors to a significant number of symbols, i.e., pilot tones jamming and nulling. Potential countermeasures are presented in an attempt to make OFDM waveform robust and resilient. The threats were mitigated by randomizing the location and value of pilot tones, causing the optimal attack to devolve into barrage jamming. We also address the security aspects of MIMO systems in this dissertation. All MIMO systems need a method to estimate and equalize channel, whether through channel reciprocity or sounding. Most OFDM-based MIMO systems use sounding via pilot tones. Like OFDM attacks, this research introduces MIMO channel sounding attack, which attempts to manipulate pilot tones to skew the channel state information (CSI) at the receiver. We describe methods of designing AJ MIMO system. The key insight is that many of the theoretical concepts learned from transmit beamforming and interference alignment (IA) in MIMO systems can be applied to the field of AJ and robust communications in the presence of jammers. We consider a realistic jamming scenario and provide a `receiver-only' and a transmitter `precoding' technique that allow a pair of two-antenna transceivers to communicate while being jammed by a malicious non-cooperative single-antenna adversary. Finally, we consider designing a collocated MIMO radar waveform, which employs a new MIMO architecture where antenna arrays are allowed to overlap. This overlapped-MIMO radar poses many advantages including superior beampattern and improvement in SNR gain. We combine this radar architecture with a projection-based algorithm that allows the radar waveform to project onto the null space of the interference channel of MIMO communications system, thus enabling the coexistence of radar and communications system. / Ph. D. Physical-Layer Security Communications Security OFDM MIMO Jamming Antijam Equalization Attack Pilot Attack LTE WiMAX
88	Distributed Denial of Service Attacks (DDoS)- Consequences and Future Namuduri, Sarita January 2006 (has links) <p>Denial of Service and the Distributed Denial of Service Attacks have recently emerged as one of the most newsworthy, if not the greatest, weaknesses of the Internet. This paper attempt to explain how they work, why they are hard to combat today, and what will need to happen if they are to be brought under control. It is divided into eight sections. The first is an overview of the current situation and also brief explanatory of the rest of the chapters being covered. The second is a detailed description of exactly how this attack works, and why it is hard to cope with today; of necessity it includes a description of how the Internet works today. The third section is totally about the different attacks in recent years and how they affected the people or the bigorganizations. The fourth section describes the short-term prospects, the tools which are used to rectify these attacks. The fifth is problems being faced with an explanatory of the percentage of attack in recent years and comparing the problems. The sixth is what can be done today to help alleviate this problem. The seventh section describes the legal actions and also legal actions that can be followed against the attack by the victim; and the eighth section describes the long-term picture, what will change to bring this class of problem under control, if not eliminate it entirely. And finally there are some appendices: a bibliography, giving references to original research work and announcements; a brief article on securing servers; and acknowledgments for the many people who helped make this paper possible.</p> Denial of Service attack DoS DDoS Distributed Deinal of Service Attack Seriouness of DDoS Defences against DoS attack Effects of DoS and DDoS Defending against DoS and DDoS Electrical engineering Elektroteknik
89	Distributed Denial of Service Attacks (DDoS)- Consequences and Future Namuduri, Sarita January 2006 (has links) Denial of Service and the Distributed Denial of Service Attacks have recently emerged as one of the most newsworthy, if not the greatest, weaknesses of the Internet. This paper attempt to explain how they work, why they are hard to combat today, and what will need to happen if they are to be brought under control. It is divided into eight sections. The first is an overview of the current situation and also brief explanatory of the rest of the chapters being covered. The second is a detailed description of exactly how this attack works, and why it is hard to cope with today; of necessity it includes a description of how the Internet works today. The third section is totally about the different attacks in recent years and how they affected the people or the bigorganizations. The fourth section describes the short-term prospects, the tools which are used to rectify these attacks. The fifth is problems being faced with an explanatory of the percentage of attack in recent years and comparing the problems. The sixth is what can be done today to help alleviate this problem. The seventh section describes the legal actions and also legal actions that can be followed against the attack by the victim; and the eighth section describes the long-term picture, what will change to bring this class of problem under control, if not eliminate it entirely. And finally there are some appendices: a bibliography, giving references to original research work and announcements; a brief article on securing servers; and acknowledgments for the many people who helped make this paper possible. Denial of Service attack DoS DDoS Distributed Deinal of Service Attack Seriouness of DDoS Defences against DoS attack Effects of DoS and DDoS Defending against DoS and DDoS Electrical engineering Elektroteknik
90	Gamifying Attack Path Reporting : Preliminary design of an educational cyber security game Misnik, Anna, Zakko, Shafeek January 2022 (has links) With rapid digitalization and technical growth, the IT systems that we are using are becoming extremely complicated and intertwined. This created as a result, more challenging security problems that get complicated alongside the systems, and the need for advanced solutions to prevent the exploitation of systems vulnerabilities. Cloud computing services are one of the infrastructures in most need for complex security systems for mitigating and preventing possible threats. Education in cyber security field is obligated to maintain continuous innovation and advancement to meet the market needs of cyber security specialists. The options available today for educating about cyber security are mostly part of the traditional teaching approaches. To supplement the cyber security field with more educational solutions, our project studies the pattern of attack graphs and maps them to design a simple 2D video game level that presents an educational hacking game and evaluates the different design aspects and their matching for the prespecified requirement. The outcome of the project is a Minimum Viable Product (MVP) in the form of a testable demo level of the game. The produced MVP connects cyber security aspects within cloud computing to its own objects. The game’s graphical and level design had the biggest focus in the project, functionality was not largely implemented. The MVP is to be developed further in future work to implement a full functioning design. / IT-system som används blir extremt komplicerade och sammanflätade på grund av snabb digitalisering och teknisk tillväx. Detta orsakade mer utmanande säkerhetsproblem och därför behov av avancerade lösningar för att förhindra exploatering av systemsårbarheter blir mer aktuellt. Molntjänster är en av de infrastrukturer med det största behovet av komplexa säkerhetssystem för att mildra och förebygga möjliga hot. Utbildning inom cybersäkerhetsområdet är skyldig att upprätthålla kontinuerliga innovationer och framsteg för att möta marknadens behov för cybersäkerhetsspecialister. För att förse cybersäkerhetsområdet med fler pedagogiska lösningar, studerar vårt projekt mönster för attackgrafer och kartlägger dem. Resultatet blir ett enkel 2D-videospel presenterat i form av ett pedagogiskt hackingspel som utvärderar de olika designaspekterna och deras matchning med det förspecificerade kravet. Resultatet av projektet är en Minsta Lönsamma Produkt (MLP), nämligen ett körbart demo av potentiella spelet. Den producerade MLP:n kopplar cybersäkerhetsaspekter inom molntjänster till sina objekter. Spelets grafiskdesign och banadesign hade det största fokuset i projektet, funktionaliteten var inte till stor del implementerad. MVP:n borde utvecklas vidare i framtida arbeten i syfte att implementera en fullständig körbar design för produkten. Gamification Cyber Security Education Game Design Meta Attack Language Attack Simulations Hacking Spelifiering Cybersäkerhetsutbildning Spel Design Meta Attack Språk Attacksimuleringar Dataintrång Computer and Information Sciences Data- och informationsvetenskap

Search results