Defending against Adversarial Malware

Nair, Rohit

January 2022

No description available.

Computer Engineering

Malware

Adversarial Examples

Defense

Attacks

Portable Executables

Neural Networks

An Integrated Intelligent Approach to Enhance the Security Control of IT Systems. A Proactive Approach to Security Control Using Artificial Fuzzy Logic to Strengthen the Authentication Process and Reduce the Risk of Phishing

Salem, Omran S.A.

January 2012

Hacking information systems is continuously on the increase. Social engineering attacks is performed by manipulating the weakest link in the security chain; people. Consequently, this type of attack has gained a higher rate of success than a technical attack. Based in Expert Systems, this study proposes a proactive and integrated Intelligent Social Engineering Security Model to mitigate the human risk and reduce the impact of social engineering attacks. Many computer users do not have enough security knowledge to be able to select a strong password for their authentication. The author has attempted to implement a novel quantitative approach to achieve strong passwords. A new fuzzy logic tool is being developed to evaluate password strength and measures the password strength based on dictionary attack, time crack and shoulder surfing attack (social engineering). A comparative study of existing tools used by major companies such as Microsoft, Google, CertainKey, Yahoo and Facebook are used to validate the proposed model and tool. A comprehensive literature survey and analytical study performed on phishing emails representing social engineering attacks that are directly related to financial fraud are presented and compared with other security threats. This research proposes a novel approach that successfully addresses social engineering attacks. Another intelligent tool is developed to discover phishing messages and provide educational feedback to the user focusing on the visible part of the incoming emails, considering the email’s source code and providing an in-line awareness security feedback.

The Chemical Ecology of Rapid Ohia Death

Kylle Alohilani Minei Roy (17538252)

02 December 2023

<p dir="ltr">Rapid ʻōhiʻa death (ROD) is a disease complex caused by two <i>Ceratocystis fungi</i>, <i>C. lukuohia</i> and <i>C. huliohia</i>, that is devastating the keystone tree of the Hawaiian Islands, ʻōhiʻa lehua (<i>Metrosideros polymoropha</i>). The causal agents of ROD were identified in 2015 and I began researching entomological aspects of the complex in 2016. Much like other <i>Ceratocystis</i> diseases, my colleagues and I suspected that beetles and frass might be involved in the system. Together, we identified four species of invasive ambrosia beetles (Coleoptera: Curculionidae) that contribute to the spread of ROD: <i>Xyleborinus saxesenii, Xyleborus affinis, Xyleborus ferrugineus</i>, and <i>Xyleborus perforans</i>. Both ROD-<i>Ceratocystis</i> fungi and the ambrosia beetles inhabit the xylem of ʻōhiʻa. When these beetles create their home galleries, they produce frass particles infested with resting chlamydospores that can be transported in the environment through the soil, wind, and water. Secondly, the beetles are capable of vectoring the fungi directly to stressed trees via viable propagules attached to their exoskeleton. The natural progression of this research was to investigate the chemical ecology of the system, therefore building the foundations for management strategies to reduce the spread of ROD. In addition, I satisfied my curiosity to explore the fungal mutualisms of these beetles through the use of phylogenetics.</p><p dir="ltr">In Chapter 1, I review the literature describing ROD and the four ROD-associated ambrosia beetle species. I report all of the research to date regarding ROD, including current monitoring and management strategies. Then, I introduce ambrosia beetles and the Xyleborini tribe, focusing on the life history of the ROD-associated beetles and current literature describing the use of semiochemicals to control them.</p><p dir="ltr">In Chapter 2, I determine the volatile organic compounds associated with the ROD <i>Ceratocystis</i> – ʻōhiʻa pathosystem and the response of the associated beetles to those compounds. I investigated the volatiles produced by <i>C. lukuohia</i> and <i>C. hulihia</i> in culture in addition to when inoculated into ʻōhiʻa seedlings. Then, I describe olfactometer assays to determine if the ROD-associated beetles are attracted to the volatiles emitted from ROD-<i>Ceratocysti</i>s in culture.</p><p dir="ltr">In Chapter 3, I investigate semiochemicals for attracting and repelling ambrosia beetles in ʻōhiʻa forests. I describe separate trapping experiments, first, testing the attraction of beetles to 100% ethanol and 1:1 methanol ethanol. Second, we investigate the use of two beetle repellent products, one with verbenone and the other with verbenone + methyl salicylate active ingredients.</p><p dir="ltr">In Chapter 4, I describe the testing of the repellent, verbenone, in the SPLAT^® Verb formulation, to deter ambrosia beetle attack from both healthy ʻōhiʻa trees and trees infested with ROD-<i>Ceratocystis</i>. Over two field seasons, we monitored ambrosia beetle attacks on trees treated with verbenone and measured the abundance of verbenone released from the repellents over time during the first season.</p><p dir="ltr">In Chapter 5, I investigate the ambrosia fungi of the ROD-associated beetles and native Hawaiian ambrosia beetles on the Island of Hawaiʻi. We isolated a dozen fungal symbionts from the mycetangia of ambrosia beetles, most of which are first reports in Hawaiʻi, and use phylogenetics to investigate putative new species of <i>Raffaelea</i> and <i>Ambrosiozyma.</i></p><p dir="ltr">Finally, in Chapter 6, I synthesize the results and future directions of the aforementioned chapters. Together, these dissertation chapters provide insights into ambrosia beetle monitoring and management strategies in Hawaiʻi and beyond. I describe the groundwork for understanding the pathosystem from a chemical ecology perspective and touch on the understudied world of Hawaiʻi fungi and potential pathogens.</p>

Behavioural ecology

Mycology

Plant pathology

Invertebrate biology

ambrosia beetle attacks

Ambrosia fungi

rapid ohia death

ohia

Improving Email Security in Organizations : Solutions and Guidelines

Andrén, Axel, Kashlan, Ghaith, Nantarat, Atichoke

January 2023

Data breaches from email attacks have been an issue since email was first implemented. Common attack methods like phishing are still a threat to organizations to this very day. That is because it never seems to stop evolving and keeps becoming more and more convincing. Email compromises have caused billions of dollars in damage worldwide, and it shows no sign of stopping. The purpose and research questions of this thesis are formulated to find guidelines or solutions that organizations can follow to improve their overall email security and awareness. In this thesis, both a systematic literature review and interviews are methods used to conduct the research. That way, both the technical portion of the subject, as well as the human perspective are covered. We found that the most common and significant email threats to organizations are phishing, BEC, and APT attacks. This thesis provides methods to mitigate these threats. What has also become clear is that human mistakes are a large portion of the problem concerning email attacks.

Email Security

Email Awareness

Phishing

Email Attacks

Social Engineering

Computer and Information Sciences

Data- och informationsvetenskap

Ranking Social Engineering Attack Vectors in The Healthcare and Public Health Sector

Gaurav Sachdev (14563787)

06 February 2023

<p>The National Institute of Standards and Technology defines social engineering as an attack vector that deceives an individual into divulging confidential information or performing unwanted actions. Different methods of social engineering include phishing, pretexting, tailgating, baiting, vishing, SMSishing, and quid pro quo. These attacks can have devastating effects, especially in the healthcare sector, where there are budgetary and time constraints. To address these issues, this study aimed to use cybersecurity experts to identify the most important social engineering attacks to the healthcare sector and rank the underlying factors in terms of cost, success rate, and data breach. By creating a ranking that can be updated constantly, organizations can provide more effective training to users and reduce the overall risk of a successful attack. This study identified phishing attacks via email, voice and SMS to be the most important to defend against primarily due to the number of attacks. Baiting and quid pro quo consistently ranked as lower in priority and ranking.</p>

Social Engineering

Phishing attacks

Healthcare and Public Health

cybersecurity

Survey of ongoing and NextGeneration Cybersecurity of Maritime Communication Systems / Undersökning av dagens och nästa generations cybersäkerhetför sjöfartskommunikationssytem

Björnlund, Pontus, Faqiri, Feraidon

January 2023

The maritime industry is growing more and more for every year that passes. As the industry grows it also becomes a more attractive target for cyber criminals. The amount ofcyberattacks in the industry are few, but it is growing at an alarming rate. This literaturestudy identifies the most common datacom systems and infrastructure in the maritimeindustry and their vulnerabilities. This paper also identifies possible solutions and improvements that can be made to existing datacom systems to make them less susceptible tocyber attacks. The results show that there are many solutions that could be implementedthat would increase the cyber security in the industry, but many of them require international cooperation to implement. Therefore standards are suggested to be implemented inorder to push organisations to update their systems. Additionally, this paper delves intothe aviation industry to examine how the datacom infrastructure utilized in the maritimeindustry could be adopted to enhance both efficiency and security

Next Generation Cybersecurity

Maritime Communication Systems

Cyber Attacks

Maritime Infrastructure

Communication Systems

Kommunikationssystem

Securing SDN Data Plane:Investigating the effects of IP SpoofingAttacks on SDN Switches and its Mitigation : Simulation of IP spoofing using Mininet

JABBU, SHIVAKUMAR YADAV, MADIRAJU, ANIRUDH SAI

January 2023

Background:Software-Defined Networking (SDN) represents a network architecture that offers a separate control and data layer, facilitating its rapid deployment and utilization for diverse purposes. However, despite its ease of implementation, SDN is susceptible to numerous security attacks, primarily stemming from its centralized nature. Among these threats, Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks pose the most substantial risks. In the event of a successful attack on the SDNcontroller, the entire network may suffer significant disruption. Hence, safe guarding the controller becomes crucial to ensure the integrity and availability of the SDN network. Objectives:This thesis focuses on examining the IP spoofing attack and its impact on the Data Plane, particularly concerning the metrics of an SDN switch. The investigation centers around attacks that manipulate flow-rules to amplify the number of rules and deplete the resources of a switch within the Data Plane of an SDN network. To conduct the study, a software-defined network architecture was constructed using Mininet, with a Ryu controller employed for managing network operations. Various experiments were carried out to observe the response of the SDN system when subjected to an IP spoofing attack, aiming to identify potential mitigation strategies against such threats. Method and Results: To simulate the resource exhaustion scenario on the SDN network’s Data Plane,we deliberately triggered an escalation in the number of flow-rules installed in the switch. This was achieved by sending packets with spoofed IP addresses, there by exploiting the switch’s limited resources. Specifically, we focused on monitoring the impact on CPU utilization, storage memory, latency, and throughput within the switch. Detailed findings were presented in the form of tables, accompanied by graphical representations to visually illustrate the effects of increasing flow rules on the switches. Furthermore, we explored potential mitigation measures by developing an application that actively monitors the flow rules on the Ryu controller, aiming to detect and counteract such resource-exhausting effects.

Software Defined Networking

IP Spoofing

Flooding

DDoS Attacks

Data Plane

Mininet

Telecommunications

Telekommunikation

TASK, KNOWLEDGE, SKILL, AND ABILITY: EQUIPPING THE SMALL-MEDIUM BUSINESSES CYBERSECURITY WORKFORCE

Vijaya Raghavan, Aadithyan

11 July 2023

No description available.

Electrical Engineering

Computer Science

Computer Engineering

Cybersecurity Framework

Knowledge

Malware

Skills

Social Engineering

Tasks

Web Attacks

Fundamental Attacks on Ethereum Oracles and How to Prevent Them

Jafari, Mikael

January 2023

Many applications and protocols on blockchain platforms are reliant on real-world data which exists outside the blockchain, something which is not directly accessible through these platforms. To bridge this gap, blockchain oracles help these applications and protocols by providing them with this data. As different data used by these applications and protocols can result in different outcomes occurring, one way for attackers to attack these applications and protocols is to attack the oracles they rely on. This thesis investigates what types of fundamental attacks are possible on oracles hosted on Ethereum, potential ways to protect against them and how these attacks can be categorized. It also investigates if the different attributes of Solana or Corda provides any protection against these attacks in some way. In order to answer these questions, the different blockchain platforms are researched and investigated, along with different oracles and attacks on oracles. A framework which describes the different states data in a oracle can be in was also created in order to help find attacks. In total, eleven different fundamental attacks on Ethereum oracles were found along with different methods to protect against them. A majority of these attacks were deemed to be able to be done in full capability by both independent and nation-state attackers. Both Solana and Corda were found to provide some inherent protection against some of these attacks. Solana was found to be able to almost fully eliminate one type of attack due to its execution environment. Corda was found to make many of the found attacks harder to execute for an attacker, mainly due to its lack of anonymity. / Många applikationer och protokoll på blockkedje-plattformar är beroende av verklig data som existerar utanför blockkedjan, något som inte är direkt nåbart genom dessa plattformar. I syfte att göra denna data nåbar, så hjälper orakel på blockkedjor dessa applikationer och protokoll genom att tillhandahålla dem denna data. Eftersom dessa applikationer och protokoll kan ha olika utfall beroende på vilken data de använder sig av, så är en metod att attackera dem genom att attackera dem orakel som de använder sig av. Denna avhandling undersöker vilka typer av fundamentala attacker som är möjliga mot orakel som körs på Ethereum, potentiella sätt att skydda mot attackerna samt hur dessa attacker kan kategoriseras. Den undersöker även ifall de olika attributen som finns hos Solana eller Corda ger något skydd mot dessa attacker på något sätt. För att besvara dessa frågor har de olika blockkedjeplattformarna undersökts. Även olika orakel samt attacker mot orakel har undersökts. Ett ramverk som beskriver de olika tillstånden som data i ett orakel kan befinna sig i skapades med syfte att underlätta hittandet av attacker. Totalt så hittades elva olika fundamentala attacker mot orakel som körs på Ethereum tillsammans med tillhörande skyddsmetoder. Majoriteten av dessa attacker bedömdes kunna genomföras i full förmåga av både självständiga angripare samt nationssponsrade angripare. Både Solana och Corda visade sig ge skydd mot vissa av de elva attackerna genom sina attribut. Solana kan genom sin exekveringsmiljö nästan helt eliminera möjligheten av en av attackerna. Corda visade sig göra flera av de olika attackerna svårare att genomföra för angripare, främst på grund av sin avsaknad av anonymitet i plattformen.

Blockchain

Attacks

Ethereum

Solana

Corda

Oracle

Blockkedja

Attacker

Ethereum

Solana

Corda

Orakel

Computer Sciences

Datavetenskap (datalogi)

Detecting Manipulated and Adversarial Images: A Comprehensive Study of Real-world Applications

Alkhowaiter, Mohammed

01 January 2023

The great advance of communication technology comes with a rapid increase of disinformation in many kinds and shapes; manipulated images are one of the primary examples of disinformation that can affect many users. Such activity can severely impact public behavior, attitude, and belief or sway the viewers' perception in any malicious or benign direction. Additionally, adversarial attacks targeting deep learning models pose a severe risk to computer vision applications. This dissertation explores ways of detecting and resisting manipulated or adversarial attack images. The first contribution evaluates perceptual hashing (pHash) algorithms for detecting image manipulation on social media platforms like Facebook and Twitter. The study demonstrates the differences in image processing between the two platforms and proposes a new approach to find the optimal detection threshold for each algorithm. The next contribution develops a new pHash authentication to detect fake imagery on social media networks, using a self-supervised learning framework and contrastive loss. In addition, a fake image sample generator is developed to cover three major image manipulating operations (copy-move, splicing, removal). The proposed authentication technique outperforms the state-of-the-art pHash methods. The third contribution addresses the challenges of adversarial attacks to deep learning models. A new adversarial-aware deep learning system is proposed using a classical machine learning model as the secondary verification system to complement the primary deep learning model in image classification. The proposed approach outperforms current state-of-the-art adversarial defense systems. Finally, the fourth contribution fuses big data from Extra-Military resources to support military decision-making. The study proposes a workflow, reviews data availability, security, privacy, and integrity challenges, and suggests solutions. A demonstration of the proposed image authentication is introduced to prevent wrong decisions and increase integrity. Overall, the dissertation provides practical solutions for detecting manipulated and adversarial attack images and integrates our proposed solutions in supporting military decision-making workflow.

Image Authentication

Manipulation Detection

Adversarial Attacks Detection

Fake News Detection

Cybersecurity

Computer Vision

Computer Engineering