Global ETD Search

511	ICAO's aviation security programme post 911 : a legal analysis Jallow-Sey, Aisatou January 2003 (has links) No description available. September 11 Terrorist Attacks, 2001
512	Investigating Attacks on Vehicular Platooning and Cooperative Adaptive Cruise Control / Undersökning av attacker på fordonståg och kollaborativ adaptiv farthållning Kalogiannis, Konstantinos January 2020 (has links) Autonomous vehicles are a rising technology that aims to change the way people think about mobility in the future. A crucial step towards that goal is the assurance that malicious actors cannot instigate accidents that could lead to damages or loss of life. Currently, vehicle platoons, that is vehicles cooperating together to increase fuel saving and driver comfort, are used in limited environments and are the focus of research aimed to make them suitable for real-world wide usage. In that regard, guaranteeing that the vehicle is able to operate alongside other entities, autonomous or not, in the traditional sense is not adequate. The computer systems involved can be the target or the source of a malicious act without the knowledge of the operator in either case. In the context of platooning, these acts can have devastating effects and can originate either from other vehicles on the road or from within, from compromised vehicles that are part of the formation. In this thesis, the focus is centered around the latter. We investigate jamming and data falsification attacks that aim to either destabilize the platoon, thus, reducing its benefits or provoke an accident. These attacks are more difficult to discern and will range from simple falsification attacks to more complex ones that aim to bypass defensive mechanisms. In that sense, we direct our experiments against the platoon maneuvers that are a core functionality of platooning and are required for its nominal operation. The results of this analysis show that several attacks can lead to accidents with position falsification being the most productive. It is also demonstrated that a malicious leader can pose a serious threat to the viability of the platoon because of his unique capability of interacting with all the platoon members. Attacks during the platoon maneuvers are demonstrated to pose a threat, not only to the stability of the formation but also the nature of the platooning application itself. This is achieved by effectively isolating the platoon from potential joiners. / Självkörande fordon är en framväxande teknologi med mål att ändra människors framtida inställning till mobilitet. Ett kritiskt steg mot målet är att försäkra sig om att aktörer med ont uppsåt inte kan orsaka olyckor som kan leda till skador eller dödsfall. För närvarande används fordonståg, alltså fordon som samarbetar för att minska bränsleförbrukning och öka körkomfort, i avgränsade miljöer med fokus på att anpassa dessa för verklig användning. Att garantera att fordonet kan köras tillsammans med andra enheter är då inte tillräckligt eftersom dessa system kan bli mål för externa och interna attacker som kan ha förödande konsekvenser. Denna uppsats fokuserar på det senare fallet och undersöker interna datafalsifierings- och frekvensstörningsattacker avsedda att destabilisera fordonståg i syfte att minska deras fördelar eller provocera fram en olycka. Dessa attacker är svåra att urskilja och inkluderar allt från enkla falsifikationsattacker till komplexa attacker som syftar till att kringgå specifika försvarsmekanismer. Med det i åtanke inriktar vi våra experiment mot de manövrar som är en del av fordonstågens grundfunktionalitet och krävs för deras nominella drift. Resultaten av arbetet visar att under fordonstågmanövrar så kan flertalet av de utvärderade attackerna orsaka olyckor och att attacker genom förfalskning av position var speciellt förödande. Vi har även påvisat att en fordonstågsledare med ont uppsåt utgör ett speciellt allvarligt hot mot fordonstågets funktionalitet på grund av dennes unika möjlighet att interagera med alla medlemmar. Attacker under manövrar har visats utgöra ett hot, inte bara mot stabiliteten av formationen, men även mot de grundläggande egenskaperna hos systemet själv såsom att isolera fordonståget från nya medlemmar. V2V security Injection Attacks CACC Anomaly Detection V2V säkerhet Falsifieringsattacker CACC Avvikelse Upptäckt Computer and Information Sciences Data- och informationsvetenskap
513	Improving Filtering of Email Phishing Attacks by Using Three-Way Text Classifiers Trevino, Alberto 13 March 2012 (has links) (PDF) The Internet has been plagued with endless spam for over 15 years. However, in the last five years spam has morphed from an annoying advertising tool to a social engineering attack vector. Much of today's unwanted email tries to deceive users into replying with passwords, bank account information, or to visit malicious sites which steal login credentials and spread malware. These email-based attacks are known as phishing attacks. Much has been published about these attacks which try to appear real not only to users and subsequently, spam filters. Several sources indicate traditional content filters have a hard time detecting phishing attacks because the emails lack the traditional features and characteristics of spam messages. This thesis tests the hypothesis that by separating the messages into three categories (ham, spam and phish) content filters will yield better filtering performance. Even though experimentation showed three-way classification did not improve performance, several additional premises were tested, including the validity of the claim that phishing emails are too much like legitimate emails and the ability of Naive Bayes classifiers to properly classify emails. email spam filtering phish phishing attacks support vector machines maximum entropy naive bayes bayesian filters Information Security
514	Secure Self-Reconfiguring Services to Mitigate DoS Attacks Zeller, Silvan January 2019 (has links) Protecting web services from cyber attacks is a complex problem requiring many layers of defense and mitigation strategies. Out of the diverse range of attacks, denial of service (DoS) attacks on the business logic – or the domain – are poorly studied and no widely accepted general-purpose software product to prevent these attacks exists today. At the same time, in light of the growing importance of e-commerce, defense mechanisms should be designed in a way to be self-reconfiguring, as manual reconfiguration does not scale well. In this work, a rule-based intrusion detection system (IDS) is proposed which logs the behaviour of each user and decides upon a service level based on past behaviour. The implementation is achieved by applying runtime verification (RV), a lightweight formal method which can be utilized to observe traces of user behaviour in real time. The applicability of this approach is measured by means of conducting experiments on a web service, a mock-up hotel chain which grants three different service levels for users based on their individual trust rating. Synthetic traces of bookings and cancellations are issued to account for the detection rate of the IDS and the efficacy of its mitigation strategy. The results indicate that RV is a viable approach for creating a rule-based IDS. The IDS may be tuned to attain a high detection rate of more than 95% while preserving a low false positive rates of less than 3%. Furthermore, attacks are mitigated by changing the business rules for users who have been identified as being malicious, resulting in an increased occupancy of the hotel. Lastly, RV is shown to be significantly more scalable and expressive than regular formal methods, such as model checking. Even though the results seem promising, testing the system on real traces and possibly with varying thresholds remains future work. / Att skydda webbtjänster från cyberattacker är ett komplicerat problem som kräver många lager av försvarsoch lindringsstrategier. Av det olika utbudet av attacker, denial of service attacker (DoS) på affärslogiken – eller domänen – undersöks sällan och ingen allmän accepterad mjukvara för att förhindra dessa attacker finns idag. Samtidigt, mot bakgrund av den växande betydelsen av e-handel, bör förvarsmekanismer utformas för att vara självkonfigurerande, eftersom manuell omkonfigurering inte är skalbart. I detta arbete föreslås ett regelbaserat intrusion detection system (IDS) som loggar varje användares beteende och beslutar om en servicenivå baserad på tidigare beteenden. Implementeringen uppnås genom att använda runtime verification (RV), en lättviktig formell metod som kan användas för att observera spår av användarbeteende i realtid. Tillämpningen av denna metod mäts med hjälp av experiment på en webbtjänst, en mock-up hotellkedja som ger tre olika servicenivåer för användare baserat på deras individuella förtroendevärdering. Syntetiska spår av bokningar och avbokningar används för att redovisa IDS:s detektionsgrad och effektiviteten i dess lindringsstrategi. Resultaten indikerar att RV är ett genomförbart tillvägagångssätt för att skapa ett regelbaserat IDS. Systemet kan vara inställt för att uppnå en hög detektionsgrad på mer än 95% och bevarar samtidigt en låg falsk positiv nivå på mindre än 3%. Dessutom mildras attackerna genom att ändra affärsreglerna för användare som har identifierats som skadliga, vilket resulterar i en ökad beläggning hos hotellet. Slutligen visas RV vara betydligt mer skalbar och uttrycksfull än vanliga formella metoder, till exempel model checking. Även om resultaten verkar lovande, återstår testning av systemet på riktiga spår och eventuellt med olika trösklar som framtida arbete. Rule-Based IDS Runtime Verification Domain Attacks Self-Reconfiguring Systems Elektroteknik och elektronik
515	A novel intrusion detection system (IDS) architecture. Attack detection based on snort for multistage attack scenarios in a multi-cores environment. Pagna Disso, Jules F. January 2010 (has links) Recent research has indicated that although security systems are developing, illegal intrusion to computers is on the rise. The research conducted here illustrates that improving intrusion detection and prevention methods is fundamental for improving the overall security of systems. This research includes the design of a novel Intrusion Detection System (IDS) which identifies four levels of visibility of attacks. Two major areas of security concern were identified: speed and volume of attacks; and complexity of multistage attacks. Hence, the Multistage Intrusion Detection and Prevention System (MIDaPS) that is designed here is made of two fundamental elements: a multistage attack engine that heavily depends on attack trees and a Denial of Service Engine. MIDaPS were tested and found to improve current intrusion detection and processing performances. After an intensive literature review, over 25 GB of data was collected on honeynets. This was then used to analyse the complexity of attacks in a series of experiments. Statistical and analytic methods were used to design the novel MIDaPS. Key findings indicate that an attack needs to be protected at 4 different levels. Hence, MIDaPS is built with 4 levels of protection. As, recent attack vectors use legitimate actions, MIDaPS uses a novel approach of attack trees to trace the attacker¿s actions. MIDaPS was tested and results suggest an improvement to current system performance by 84% whilst detecting DDOS attacks within 10 minutes. Intrusion Detection System (IDS) Visibility of attacks Performance evaluation Snort Computer network security
516	Benevolent and Malevolent Adversaries: A Study of GANs and Face Verification Systems Nazari, Ehsan 22 November 2023 (has links) Cybersecurity is rapidly evolving, necessitating inventive solutions for emerging challenges. Deep Learning (DL), having demonstrated remarkable capabilities across various domains, has found a significant role within Cybersecurity. This thesis focuses on benevolent and malevolent adversaries. For the benevolent adversaries, we analyze specific applications of DL in Cybersecurity contributing to the enhancement of DL for downstream tasks. Regarding the malevolent adversaries, we explore the question of how resistant to (Cyber) attacks is DL and show vulnerabilities of specific DL-based systems. We begin by focusing on the benevolent adversaries by studying the use of a generative model called Generative Adversarial Networks (GAN) to improve the abilities of DL. In particular, we look at the use of Conditional Generative Adversarial Networks (CGAN) to generate synthetic data and address issues with imbalanced datasets in cybersecurity applications. Imbalanced classes can be a significant issue in this field and can lead to serious problems. We find that CGANs can effectively address this issue, especially in more difficult scenarios. Then, we turn our attention to using CGAN with tabular cybersecurity problems. However, visually assessing the results of a CGAN is not possible when we are dealing with tabular cybersecurity data. To address this issue, we introduce AutoGAN, a method that can train a GAN on both image-based and tabular data, reducing the need for human inspection during GAN training. This opens up new opportunities for using GANs with tabular datasets, including those in cybersecurity that are not image-based. Our experiments show that AutoGAN can achieve comparable or even better results than other methods. Finally, we shift our focus to the malevolent adversaries by looking at the robustness of DL models in the context of automatic face recognition. We know from previous research that DL models can be tricked into making incorrect classifications by adding small, almost unnoticeable changes to an image. These deceptive manipulations are known as adversarial attacks. We aim to expose new vulnerabilities in DL-based Face Verification (FV) systems. We introduce a novel attack method on FV systems, called the DodgePersonation Attack, and a system for categorizing these attacks based on their specific targets. We also propose a new algorithm that significantly improves upon a previous method for making such attacks, increasing the success rate by more than 13%. Cybersecurity Machine Learning Computer Vision and Pattern Recognition Generative Adversarial Networks Face Verification systems Class Imbalance Problem Adversarial Attacks
517	Resilient planning, task assignment and control for multi-robot systems against plan-deviation attacks Yang, Ziqi 30 August 2023 (has links) The security of multi-robot systems is critical in various applications such as patrol, transportation, and search and rescue operations, where they face threats from adversaries attempting to gain control of the robots. These compromised robots are significant threats as they allow attackers to steer robots towards forbidden areas without being detected, potentially causing harm or compromising the mission. To address this problem, we propose a resilient planning, task assignment, and control framework. The proposed framework builds a multi-robot plan where robots are designed to get close enough to other robots according to a co-observation schedule, in order to mutually check for abnormal behaviors. For the first part of the thesis, we propose an optimal trajectory solver based on the alternating direction method of multipliers (ADMM) to generate multi-agent trajectories that satisfy spatio-temporal requirements introduced by the co-observation schedules. As part of the formulation, we provide a new reachability constraint to guarantee that, despite adversarial movement by the attacker, a compromised robot cannot reach forbidden areas between co-observations without being detected. In the second part of the thesis, to further enhance the system's performance, reliability, and robustness, we propose to deploy multiple robots on each route to form sub-teams. A new cross-trajectory co-observation scheme between sub-teams is introduced that preserves the optimal unsecured trajectories. The new planner ensures that at least one robot in each sub-team sticks to the planned trajectories, while sub-teams can constantly exchange robots during the task introducing additional co-observations that can secure originally unsecured routes. We show that the planning of cross-trajectory co-observations can be transformed into a network flow problem and solved using traditional linear program technique. In the final part of the thesis, we show that the introduction of sub-teams also improves the multi-robot system's robustness to unplanned situations, allowing servicing unplanned online events without breaking the security requirements. This is achieved by a distributed task assignment algorithm based on consensus ADMM which can handle tasks with different priorities. The assignment result and security requirements are formulated as spatio-temporal schedules and guaranteed through control barrier function (CBF) based controls. Robotics Control barrier function Distributed task assignment Multi-agent trajectory planning Multi-robot system Plan deviation attacks Reachability analysis
518	EVALUATING CRYSTAL FRAMEWORK IN PRACTICE Mertala, Victor, Christopher, Nordin January 2024 (has links) Cyber-physical systems (CPSs) are used in several industries, such as healthcare, automotive, manufacturing, and more. The fact that CPSs often contain components integrated via communication networks means that malicious actors can exploit vulnerabilities in these components through cyber attacks. CRYSTAL Framework has been shown in previous research to be able to detect cyber attacks on CPSs. However, this has only been proven in simulation. Our research builds upon these previous research as we aim to prove that CRYSTAL Framework is a viable method for monitoring real systems to detect abnormal behaviours. The Tiny Twin is an abstract behavioral model that defines normal running behaviour of a system, which can then be used by to compare the current state of a monitored system to detect possible attacks and abnormal behaviours. We built a monitor that integrates such a Tiny Twin, working by passively listening on input and output of components in a monitored system. We designed and implemented two different scenarios, a security alarm system and a temperature control system (TCS), to test the CRYSTAL Framework. In testing both implemented scenarios our monitor successfully detected all but one attacks during runtime by comparing the system's current state with the expected state as defined in the Tiny Twin. CRYSTAL Framework Tiny Twin Tiny Digital Twin Rebeca Timed Rebeca monitor cyber attacks Engineering and Technology Teknik och teknologier
519	An Edge-Based Blockchain-Enabled Framework for Preventing Insider Attacks in Internet of Things (IoT) Tukur, Yusuf M. January 2021 (has links) The IoT offers enormous potentials thanks to its Widespread adoption by many industries, individuals, and governments, leading explosive growth and remarkable breakthroughs that have made it a technology with seemingly boundless applications. However, the far-reaching IoT applications cum its characteristic heterogeneity and ubiquity come with a huge price for more security vulnerabilities, making the deployed IoT systems increasingly susceptible to, and prime targets of many different physical and cyber-attacks including insider attacks, thereby growing the overall security risks to the systems. This research, which focuses on addressing insider attacks on IoT, studies the likelihood of malicious insiders' activities compromising some of the security triad of Confidentiality, Integrity and Availability (CIA) of a supposedly secure IoT system with implemented security mechanisms. To further establish the vulnerability of the IoT systems to the insider attack being investigated in our research, we first produced a research output that emphasized the need for multi-layer security of the overall system and proposed the implementation of security mechanisms on components at all layers of the IoT system to safeguard the system and ensure its CIA. Those conventional measures however do not safeguard against insider attacks, as found by our experimental investigation of a working IoT system prototype. The outcome of the investigation therefore necessitates our proposed solution to the problem, which leverages the integration of distributed edge computing with decentralized Ethereum blockchain technology to provide countermeasures that preserve the Integrity of the IoT system data and improve effectiveness of the system. We employed the power of Ethereum smart contracts to perform integrity checks on the system data logically and take risk management decisions. We considered the industry use case of Downstream Petroleum sector for application of our solution. The solution was evaluated using datasets from different experimental settings and showed up to 86% accuracy rate. / Government of the Federal Republic of Nigeria through the Petroleum Technology Development Fund (PTDF) Overseas Scholarship Scheme (OSS) Internet of Things (IoT) LORaWAN Threat model Insider attacks IoT security Edge computing Blockchain Ethereum Smart contracts Petroleum downstream
520	Denial-of-service attacks against the Parrot ANAFI drone / DoS- attacker mot drönaren Parrot ANAFI. Feng, Jesse, Tornert, Joakim January 2021 (has links) As the IoT market continues to grow, so does the need for secure wireless communication. Drones have become a popular gadget among both individuals and various industries during the last decade, and the popularity continues to grow. Some drones use Wi-Fi technology for communication, such as the Parrot ANAFI, which introduces many of the same security threats that are frequently found in general IoT. Therefore, this report covers a common group of cyberattacks, known as denial-of-service attacks, their effects on the Parrot ANAFI, and their ease of use. A threat model was created to have an overview of the system architecture, and all of the identified threats were assessed using DREAD. All of the software tools used in this report can be found for free on the Internet using search engines and simple key words. The results showed that the drone is generally secure, but it is vulnerable to a certain denial-of-service attack, which can open the door to multiple attack surfaces if the password for the drone’s Wi-Fi is not strong enough. Some suggestions for mitigating these threats are presented at the end of the report. / I takt med att IoT-marknaden fortsätter att växa ökar också behovet av säker trådlös kommunikation. Drönare har blivit en populär pryl bland såväl privatpersoner som diverse industrier under det senaste decenniet, och populariteten fortsätter att växa. Vissa drönare använder Wi-Fi-teknik för kommunikation, till exempel Parrot ANAFI, vilket introducerar många av de säkerhetshot som ofta existerar bland IoT i allmänhet. Den här rapporten täcker därför en välkänd grupp av cyberattacker, som kallas denial-of-service-attacker, deras effekter på Parrot ANAFI och deras användarvänlighet. En hotmodell skapades för att ha en överblick över systemarkitekturen och alla identifierade hot rangordnades med hjälp av DREAD. Alla programvaruverktyg som används i denna rapport kan hittas gratis på Internet med hjälp av enkla sökningar på nyckelord. Resultaten påvisar att drönaren i allmänhet är säker, men att den är sårbar för en viss typ av denial-of-service-attack, vilket kan öppna dörren till flera attackytor om lösenordet för drönarens Wi-Fi inte är tillräckligt starkt. Några förslag för att mildra dessa hot presenteras i slutet av rapporten. Penetration testing cyber security drone denial-of-service attacks Wi-Fi IEEE 802.11. Computer and Information Sciences Data- och informationsvetenskap

Search results