Global ETD Search

1	Representing attacks in a cyber range / Representation av attacker i en cyber range Hätty, Niklas January 2019 (has links) Trained security experts can be a mitigating factor to sophisticated cyberattacks that aim to violate the confidentiality, integrity, and availability of information. Reproducible sessions in a safe training environment is an effective way of increasing the excellence of security experts. One approach to achieving this is by using cyber ranges, which essentially is a set of hardware nodes that can virtually represent a large organization or system. The Swedish Defense Research Agency (FOI) develops and maintains a fully functioning cyber range and has the ability to automatically deploy sophisticated attacks against organizations and systems represented in this cyber range through a system called SVED. In this thesis, the capability to deploy different types of cyberattacks through SVED against virtual organizations in a cyber range, CRATE, is investigated. This is done by building a dataset of publicly disclosed security incidents from a database and attempting to represent each of them in SVED, and subsequently instantiating these attack representations against organizations in CRATE. The results show that the prevalence of at least one CVE-entry (Common Vulnerabilities and Exposures) in the incident description is a key factor to be able to represent an attack in SVED. When such an entry does exist, SVED is likely able to implement a representation of the attack. However, for certain type of attacks a CVE-entry is not enough to determine how an attack was carried out, which is why some attacks are harder to implement in SVED. This was the case for Denial of Service (DoS) attacks, which are too reliant on infrastructure rather than one or more vulnerabilities, and SQL injections, which are more reliant on the implementation of database access. Finally, CRATE is able to handle almost all attacks implemented in SVED, given that the correct vulnerable application software is installed on at least one machine in one of the organizations in CRATE. it-security cyber range information security penetration testing SVED CRATE cyber range it-säkerhet informationssäkerherhet penetrationstestning SVED CRATE Computer Sciences Datavetenskap (datalogi)
2	Monitoring of Cyber Security Exercise Environments in Cyber Ranges : with an implementation for CRATE / Övervakning av spelmiljöer i cyberanläggningar : med en implementation för CRATE Sjöstedt, Matildha January 2021 (has links) In a world where much of society is dependent on digital infrastructure, various cyber threats can pose a great risk to businesses, critical infrastructure and potentially entire nations. For this reason, research and education as well as the preparation of strategies, training of personnel etc., is imperative. Cyber ranges can provide ''safe environments'' in which for example cyber security exercises and experiments can be conducted. While easier to deploy and configure than ''real'' infrastructures, monitoring of such environments during ongoing exercises/experiments poses a number of challenges. During this thesis work, the question of what types of data and information could be relevant to provide in a monitoring system for this context was investigated, with regard to aspects such as providing technical support or gaining situational awareness during exercises. Results gained from a survey with participants from relevant organizations, contributed greatly to this question. The survey and literature study also provided insights into challenges and potential problems of developing and running such monitoring. CRATE is a cyber range developed and maintained by the Swedish Defence Research Agency (FOI). In this thesis work, some of the challenges and potential problems found are tackled with a suggested design and an implemented monitoring system prototype for CRATE. Apart from providing functionality to retrieve information about accounts and privileges as well as status of services, the design of the prototype also lays the foundation for a flexible and extensible monitoring system -- fully adapted for use within a cyber range. With cyber exercises becoming both more prevalent and extensive, the need for capable monitoring of exercise environments will naturally arise. While the developed prototype may facilitate future cyber exercises/experiments in CRATE, the results of this thesis work are also ready to be used as a source of inspiration for other cyber range operators. cyber range monitoring CRATE cyber security cyber security exercises virtual machine cyberanläggning övervakning CRATE cybersäkerhet cybersäkerhetsövningar virtuell maskin Information Systems Software Engineering Programvaruteknik
3	Automating software installation for cyber security research and testing public exploits in CRATE / Att automatisera mjukvaruinstallationer för cybersäkerhetsforskning och testandet av publika angreppskoder i CRATE Kahlström, Joakim, Hedlin, Johan January 2021 (has links) As cyber attacks are an ever-increasing threat to many organizations, the need for controlled environments where cyber security defenses can be tested against real-world attacks is increasing. These environments, called cyber ranges, exist across the world for both military and academic purposes of various scales. As the function of a cyber range involves having a set of computers, virtual or physical, that can be configured to replicate a corporate network or an industrial control system, having an automated method of configuring these can streamline the process of performing different exercises. This thesis aims to provide a proof of concept of how the installation of software with known vulnerabilities can be performed and examines if the software is vulnerable directly after installation. The Cyber Range And Training Environment (CRATE) developed by the Swedish Defence Research Agency (FOI) is used as a testbed for the installations and FOI-provided tools are used for launching automated attacks against the installed software. The results show that installations can be performed without Internet access and with minimal network traffic being generated and that our solution can rewrite existing software packages from the package manager Chocolatey to work with an on-premises repository with an 85% success rate. It is also shown that very few publicly available exploits succeed without any manual configuration of either the exploit or the targeted software. Our work contributes to making it easier to set up environments where cyber security research and training can be conducted by simplifying the process of installing vulnerable applications. cyber range software installation cyber security CRATE exploit testing automation cyberanläggning mjukvaruinstallation cybersäkerhet CRATE angreppstestning automatisering Software Engineering Programvaruteknik Computer Sciences Datavetenskap (datalogi)
4	An electronic model of the ATLAS Phase-1 Upgrade Hadronic Endcap Calorimeter Front End Crate Baseplane Porter, Ryan 07 August 2015 (has links) This thesis presents an electrical model of two pairs of interconnects of the ATLAS Phase-1 Upgrade Hadronic Endcap Front End Crate prototype baseplane. Stripline transmission lines of the baseplane are modeled using Keysight Technologies' Electromagnetic Professional's (EMPro) 3D electromagnetic simulation (Finite Element Method) and the connectors are modeled using built-in models in Keysight Technologies' Advanced Design System (ADS). The model is compared in both the time and frequency domain to measured Time Domain Reflectometer (TDR) traces and S-parameters. The S-parameters of the model are found to be within 5% of the measured S-parameters for transmission and reflection, and range from 25% below to 100% above for forward and backward crosstalk. To make comparisons with measurements, the cables used to connect the prototype HEC baseplane to the measurement system had to be included in the model. Plots of the S-parameters of a model without these cables are presented for one pair of interconnects for which the crosstalk is expected to be the higher than most other interconnects of the baseplane. / Graduate / 0605 / 0798 / rdporter@uvic.ca Electronic Model ATLAS Phase-1 Upgrade Hadronic Endcap Calorimeter Front End Crate Baseplane Trigger
5	Memory Vague: A History of City Pop Salazar, Jeffrey 20 October 2021 (has links) This thesis gives a definition and chronology of city pop and places it within the context of Japanese history. City pop can be traced from the 1960s folk movement in Japan until its demise in the early 1990s, coinciding with the end of the bubble economy. This thesis also examines the mid-2010s resurgence of interest in city pop among English-speaking internet users, beginning with a nostalgic rediscovery and curation of city pop around the turn of the century by DJs in Japan known as “crate diggers.” City pop was then transmitted to the West through sampling in hip-hop and especially within the internet-based genre of vaporwave. The character of vaporwave is one of dystopia and is highly contrasted with the breezy, optimistic sound of city pop. City pop was eventually discovered in the late-2010s by a wider international audience through YouTube, largely due to the suggestion algorithm and the sudden popularity of Takeuchi Mariya’s “Plastic Love.” This thesis will define nostalgia in relation to music and show in what ways it has been present as a factor throughout the history of city pop. Japanese music city pop vaporwave nostalgia hauntology crate digging Asian History Ethnomusicology Japanese Studies Musicology Other Film and Media Studies
6	Návrh koncepce zakladače SMC se symetricky umístěným hnacím členem / Design of an SMC Storage Machine with a Symmetrically Placed Driving Element Plesník, Dalibor January 2016 (has links) This thesis presents design solution of SMC storage machine (Schäfer Miniload Crane) with symmetrically placed driving element towards blocks of idle pulleys. Solution of SMC storage machine with symmetrically placed driving element could reduce excessive abrasion of idle pulleys and contribute to more stable ride on the rail.
7	Simulation of industrial control system field devices for cyber security Andersson, Dorothea January 2017 (has links) Industrial Control Systems (ICS) are an integral part of modernsociety, not least when it comes to controlling and protecting criticalinfrastructure such as power grids and water supply. There is a need to testthese systems for vulnerabilities, but it is often difficult if not impossible to doso in operational real time systems since they have been shown to be sensitiveeven to disturbances caused by benign diagnostic tools. This thesis exploreshow ICS field devices can be simulated in order to fool potential antagonists,and how they can be used in virtualized ICS for cyber security research. 8different field devices were simulated using the honeypot daemon Honeyd,and a generally applicable simulation methodology was developed. It was alsoexplored how these simulations can be further developed in order to functionlike real field devices in virtualized environments. / Industriella informations- och styrsystem utgör en viktig delav vårt moderna samhälle, inte minst när det gäller kontroll och skydd avkritisk infrastruktur som elnät och vattenförsörjning. Det finns stora behov avatt säkerhetstesta dessa typer av system, vilket ofta är omöjligt iproduktionsmiljöer med realtidskrav som är erkänt känsliga för störningar, tilloch med från vanligt förekommande analysverktyg. Denna rapport presenterarhur vanliga komponenter i industriella informations- och styrsystem kansimuleras för att lura potentiella antagonister, och hur de kan användas ivirtualiserade styrsystem för cybersäkerhetsforskning. 8 olika komponentersimulerades med hjälp av Honeyd, och en generellt applicerbarsimuleringsmetodik utvecklades. Hur dessa simuleringar kan vidareutvecklasför att fungera som riktiga styrsystemskomponenter i virtualiserade miljöer harockså undersökts. Elektroteknik och elektronik
8	Communi-crate jako soubor komunikačních nástrojů a postupů pro práci s ohroženými dětmi a rodinami ve Velké Británii a v České republice / Community-crare as a set of communication tools and methods in working with vulnerable children and families in Great Britain and in the Czech Republic Fořtová, Lenka January 2014 (has links) This thesis constitutes an analysis and instructions for use of the Communi-crate resources, the 'communication crate' which is a set of specific practical tools used in working with vulnerable children and families as used in the United Kingdom of Great Britain and Northern Ireland and are being introduced in practice in the Czech Republic. The tools contained in this thesis are designed for use by special educators and social workers in direct work with vulnerable families, children, young persons, or even adults. All of these tools have actually been tested and proven in practice and some have been adapted from their original language versions for use in the Czech Republic. In this thesis, the resources contained in the Communi-crate are divided into logical groups and each of them is described structured into chapters accordingly. Each tool is described in more or less detail, including tips for use. Most resources are also illustrated. The case studies described have been collected from practice in the Czech Republic and in the United Kingdom of Great Britain and Northern Ireland. This thesis has been compiled from materials gathered by the author during foreign study visits and in seminars conducted by foreign experts in the Czech Republic in 2009 through 2014. This thesis uses analytical...

Search results