Global ETD Search

111	Technika SQL injection - její metody a způsoby ochrany / SQL Injection Technique - its Methods and Methods of Protection Bahureková, Beáta January 2020 (has links) SQL injection is a technique directed against web applications using an SQL database, which can pose a huge security risk. It involves inserting code into an SQL database, and this attack exploits vulnerabilities in the database or application layer. The main goal of my thesis is to get acquainted with the essence of SQL injection, to understand the various methods of this attack technique and to show ways to defend against it. The work can be divided into these main parts, which I will discuss as follows.In the introductory part of the work I mention the theoretical basis concerning SQL injection issues. The next chapter is focused on individual methods of this technique. The analytical part is devoted to mapping the current state of test subjects, scanning tools, which form the basis for optimal research and testing of individual SQL methods, which are discussed in this part from a practical point of view along with the analysis of commands. In the last part I will implement SQL methods on selected subjects and based on the outputs I will create a universal design solution how to defend against such attacks.
112	Detecting Insider and Masquerade Attacks by Identifying Malicious User Behavior and Evaluating Trust in Cloud Computing and IoT Devices Kambhampaty, Krishna Kanth January 2019 (has links) There are a variety of communication mediums or devices for interaction. Users hop from one medium to another frequently. Though the increase in the number of devices brings convenience, it also raises security concerns. Provision of platform to users is as much important as its security. In this dissertation we propose a security approach that captures user behavior for identifying malicious activities. System users exhibit certain behavioral patterns while utilizing the resources. User behaviors such as device location, accessing certain files in a server, using a designated or specific user account etc. If this behavior is captured and compared with normal users’ behavior, anomalies can be detected. In our model, we have identified malicious users and have assigned trust value to each user accessing the system. When a user accesses new files on the servers that have not been previously accessed, accessing multiple accounts from the same device etc., these users are considered suspicious. If this behavior continues, they are categorized as ingenuine. A trust value is assigned to users. This value determines the trustworthiness of a user. Genuine users get higher trust value and ingenuine users get a lower trust value. The range of trust value varies from zero to one, with one being the highest trustworthiness and zero being the lowest. In our model, we have sixteen different features to track user behavior. These features evaluate users’ activities. From the time users’ log in to the system till they log out, users are monitored based on these sixteen features. These features determine whether the user is malicious. For instance, features such as accessing too many accounts, using proxy servers, too many incorrect logins attribute to suspicious activity. Higher the number of these features, more suspicious is the user. More such additional features contribute to lower trust value. Identifying malicious users could prevent and/or mitigate the attacks. This will enable in taking timely action against these users from performing any unauthorized or illegal actions. This could prevent insider and masquerade attacks. This application could be utilized in mobile, cloud and pervasive computing platforms. cloud computing cyber attacks cyber security machine learning network security user behavior trust
113	NATO and Offensive Cybersecurity: A Strategic Analysis / NATO and Offensive Cybersecurity: A Strategic Analysis Lopes Carvalho Viana, André January 2018 (has links) This thesis presents a strategic analysis on the possibility of use of offensive cyber capabilities by NATO in its defensive efforts. There is a vast array of academic literature regarding the strategic value of the use of offensive capabilities in cybersecurity, and NATO's cyber posture, however, there is little available regarding the relationship between both. Through the use of tools borrowed from Strategic Studies, this thesis attempts to determine whether it is possible to formulate valid cybersecurity strategies for the use of offensive cyber capabilities from the combination of known academic concepts with current NATO capabilities. The thesis also analyzes the possible implications of using such strategies as well as the underlying causes of their potential success or failure. Viana, André Lopes C. NATO and Offensive Cybersecurity: A Strategic Analysis, [number of pages]p. Master Thesis. Charles University, Faculty of Social Sciences, Institute of Political Studies. Supervisor PhDr. Vít Střítecký, M.Phil., Ph.D.
114	Offensiva cyberoperationer : en undersökning ur ett humanitärrättsligt perspektiv / Offensive cyber operations : a study from an international humanitarian law perspective Arell, Viktor January 2022 (has links) Militär och civil verksamhet kan nyttja samma nätverk och vara beroende av samma digitala infrastruktur, vilket innebär att det kan uppstå svårigheter med att göra åtskillnad på vad som är civilt och vad som är militärt i samband med offensiva cyberoperationer. Offensiva cyberoperationers effekter kan dessutom vara svårkontrollerade. Följaktligen uppkommer frågan hur en offensiv cyberoperation ska genomföras med hänsyn till de humanitärrättsliga kraven på att skydda civila personer och objekt. Syftet med uppsatsen är att undersöka hur befälhavare i Försvarsmakten ska förhålla sig till humanitär rätt vid offensiva cyberoperationer under internationella väpnade konflikter. Med avstamp i detta syfte utgår uppsatsen från följande frågeställningar: Var går skiljelinjen mellan militära mål och civila i samband med Försvarsmaktens offensiva cyberoperationer under internationella väpnade konflikter? Hur kan sidoskador undvikas i samband med Försvarsmaktens offensiva cyberoperationer under internationella väpnade konflikter? Frågeställningarna besvaras genom att använda rättsdogmatiskmetod med Tilläggsprotokoll I till Genèvekonventionerna som huvudsaklig rättskälla. Analysen avseende hur sidoskador kan undvikas baseras på Lockheed Martins modell, Cyber kill chain. Uppsatsens slutsats är att det är ovidkommande för var skiljelinjen går om ett objekt ursprungligen är civilt, om användaren av objektet är civil eller om objektet delvis nyttjas för civila ändamål. Så länge objektet effektivt bidrar till militära operationer och en påverkan av objektet medför en avgjord militär fördel ska det klassificeras som ett militärt mål. Vidare är uppsatsens slutsats att informationsinhämtning och kontroll under hela operationsskedet är nyckeln till att undvika sidoskador i samband med Försvarsmaktens offensiva cyberoperationer under internationella väpnade konflikter. / Military and civilian functions can use the same network and depend on the same digital infrastructure, which means that there can be difficulties when distinguishing civilian objects from military objects during cyber operations. Moreover, the effects of offensive cyber operations can be difficult to control. Consequently, the question arises how an offensive cyber operation should be carried out in the light of the humanitarian law requirement to protect civilians and civilian objects. The purpose of the thesis is to examine how commanders in the Swedish Armed Forces shall comply with international humanitarian law during offensive cyber operations during international armed conflicts. Based on this purpose, the thesis revolves around the following questions: Where is the dividing line between military objectives and civilians when the Swedish Armed Forces carry out offensive cyber operations during international armed conflicts? How can collateral damage be avoided when the Swedish Armed Forces carry out offensive cyber operations during international armed conflicts? The questions are answered by using legal dogmatic method. Additional Protocol I to the Geneva Conventions is used as the main source of law. The analysis of how collateral damage can be avoided is based on Lockheed Martin's model, Cyber kill chain. The conclusion of the thesis is that it is irrelevant whether an object is originally civilian, if the user of the object is civilian or if the object is partly used for civilian purposes. As long as the object effectively contributes to military actions and an impact on the object entails a definite military advantage, it shall be classified as a military objective. Furthermore, the thesis concludes that information gathering and control throughout the operation is the key to avoiding collateral damage when the Swedish Armed Forces carry out offensive cyber operations during international armed conflicts. Cyber Offensiva cyberoperationer Cyber kill chain Humanitär rätt Distinktion Social Sciences Interdisciplinary
115	Modélisation conjointe de la sûreté et de la sécurité pour l’évaluation des risques dans les systèmes cyber-physiques / Joint safety and security modeling for risk assessment in cyber physical systems Kriaa, Siwar 11 March 2016 (has links) Les Systèmes Cyber Physiques (CPS) intègrent des composants programmables afin de contrôler un processus physique. Ils sont désormais largement répandus dans différentes industries comme l’énergie, l’aéronautique, l’automobile ou l’industrie chimique. Parmi les différents CPS existants, les systèmes SCADA (Supervisory Control And Data Acquisition) permettent le contrôle et la supervision des installations industrielles critiques. Leur dysfonctionnement peut engendrer des impacts néfastes sur l’installation et son environnement.Les systèmes SCADA ont d’abord été isolés et basés sur des composants et standards propriétaires. Afin de faciliter la supervision du processus industriel et réduire les coûts, ils intègrent de plus en plus les technologies de communication et de l’information (TIC). Ceci les rend plus complexes et les expose à des cyber-attaques qui exploitent les vulnérabilités existantes des TIC. Ces attaques peuvent modifier le fonctionnement du système et nuire à sa sûreté.On associe dans la suite la sûreté aux risques de nature accidentelle provenant du système, et la sécurité aux risques d’origine malveillante et en particulier les cyber-attaques. Dans ce contexte où les infrastructures industrielles sont contrôlées par les nouveaux systèmes SCADA, les risques et les exigences liés à la sûreté et à la sécurité convergent et peuvent avoir des interactions mutuelles. Une analyse de risque qui couvre à la fois la sûreté et la sécurité est indispensable pour l’identification de ces interactions ce qui conditionne l’optimalité de la gestion de risque.Dans cette thèse, on donne d’abord un état de l’art complet des approches qui traitent la sûreté et la sécurité des systèmes industriels et on souligne leur carences par rapport aux quatre critères suivants qu’on juge nécessaires pour une bonne approche basée sur les modèles : formelle, automatique, qualitative et quantitative, et robuste (i.e. intègre facilement dans le modèle des variations d’hypothèses sur le système).On propose ensuite une nouvelle approche orientée modèle d’analyse conjointe de la sûreté et de la sécurité : S-cube (SCADA Safety and Security modeling), qui satisfait les critères ci-dessus. Elle permet une modélisation formelle des CPS et génère l’analyse de risque qualitative et quantitative associée. Grâce à une modélisation graphique de l’architecture du système, S-cube permet de prendre en compte différentes hypothèses et de générer automatiquement les scenarios de risque liés à la sûreté et à la sécurité qui amènent à un évènement indésirable donné, avec une estimation de leurs probabilités.L’approche S-cube est basée sur une base de connaissance (BDC) qui décrit les composants typiques des architectures industrielles incluant les systèmes d’information, le contrôle et la supervision, et l’instrumentation. Cette BDC a été conçue sur la base d’une taxonomie d’attaques et modes de défaillances et un mécanisme de raisonnement hiérarchique. Elle a été mise en œuvre à l’aide du langage de modélisation Figaro et ses outils associés. Afin de construire le modèle du système, l’utilisateur saisit graphiquement l’architecture physique et fonctionnelle (logiciels et flux de données) du système. L’association entre la BDC et ce modèle produit un modèle d’états dynamiques : une chaîne de Markov à temps continu. Pour limiter l’explosion combinatoire, cette chaîne n’est pas construite mais peut être explorée de deux façons : recherche de séquences amenant à un évènement indésirable ou simulation de Monte Carlo, ce qui génère des résultats qualitatifs et quantitatifs.On illustre enfin l’approche S-cube sur un cas d’étude réaliste : un système de stockage d’énergie par pompage, et on montre sa capacité à générer une analyse holistique couvrant les risques liés à la sûreté et à la sécurité. Les résultats sont ensuite analysés afin d’identifier les interactions potentielles entre sûreté et sécurité et de donner des recommandations. / Cyber physical systems (CPS) denote systems that embed programmable components in order to control a physical process or infrastructure. CPS are henceforth widely used in different industries like energy, aeronautics, automotive, medical or chemical industry. Among the variety of existing CPS stand SCADA (Supervisory Control And Data Acquisition) systems that offer the necessary means to control and supervise critical infrastructures. Their failure or malfunction can engender adverse consequences on the system and its environment.SCADA systems used to be isolated and based on simple components and proprietary standards. They are nowadays increasingly integrating information and communication technologies (ICT) in order to facilitate supervision and control of the industrial process and to reduce exploitation costs. This trend induces more complexity in SCADA systems and exposes them to cyber-attacks that exploit vulnerabilities already existent in the ICT components. Such attacks can reach some critical components within the system and alter its functioning causing safety harms.We associate throughout this dissertation safety with accidental risks originating from the system and security with malicious risks with a focus on cyber-attacks. In this context of industrial systems supervised by new SCADA systems, safety and security requirements and risks converge and can have mutual interactions. A joint risk analysis covering both safety and security aspects would be necessary to identify these interactions and optimize the risk management.In this thesis, we give first a comprehensive survey of existing approaches considering both safety and security issues for industrial systems, and highlight their shortcomings according to the four following criteria that we believe essential for a good model-based approach: formal, automatic, qualitative and quantitative and robust (i.e. easily integrates changes on system into the model).Next, we propose a new model-based approach for a safety and security joint risk analysis: S-cube (SCADA Safety and Security modeling), that satisfies all the above criteria. The S-cube approach enables to formally model CPS and yields the associated qualitative and quantitative risk analysis. Thanks to graphical modeling, S-cube enables to input the system architecture and to easily consider different hypothesis about it. It enables next to automatically generate safety and security risk scenarios likely to happen on this architecture and that lead to a given undesirable event, with an estimation of their probabilities.The S-cube approach is based on a knowledge base that describes the typical components of industrial architectures encompassing information, process control and instrumentation levels. This knowledge base has been built upon a taxonomy of attacks and failure modes and a hierarchical top-down reasoning mechanism. It has been implemented using the Figaro modeling language and the associated tools. In order to build the model of a system, the user only has to describe graphically the physical and functional (in terms of software and data flows) architectures of the system. The association of the knowledge base and the system architecture produces a dynamic state based model: a Continuous Time Markov Chain. Because of the combinatorial explosion of the states, this CTMC cannot be exhaustively built, but it can be explored in two ways: by a search of sequences leading to an undesirable event, or by Monte Carlo simulation. This yields both qualitative and quantitative results.We finally illustrate the S-cube approach on a realistic case study: a pumped storage hydroelectric plant, in order to show its ability to yield a holistic analysis encompassing safety and security risks on such a system. We investigate the results obtained in order to identify potential safety and security interactions and give recommendations. Systèmes cyber physiques Sûreté Sécurité Modélisation Évaluation de risques Cyber Physical Systems Safety Security Modeling Risk assessment
116	Secure Control and Operation of Energy Cyber-Physical Systems Through Intelligent Agents El Hariri, Mohamad 05 November 2018 (has links) The operation of the smart grid is expected to be heavily reliant on microprocessor-based control. Thus, there is a strong need for interoperability standards to address the heterogeneous nature of the data in the smart grid. In this research, we analyzed in detail the security threats of the Generic Object Oriented Substation Events (GOOSE) and Sampled Measured Values (SMV) protocol mappings of the IEC 61850 data modeling standard, which is the most widely industry-accepted standard for power system automation and control. We found that there is a strong need for security solutions that are capable of defending the grid against cyber-attacks, minimizing the damage in case a cyber-incident occurs, and restoring services within minimal time. To address these risks, we focused on correlating cyber security algorithms with physical characteristics of the power system by developing intelligent agents that use this knowledge as an important second line of defense in detecting malicious activity. This will complement the cyber security methods, including encryption and authentication. Firstly, we developed a physical-model-checking algorithm, which uses artificial neural networks to identify switching-related attacks on power systems based on load flow characteristics. Secondly, the feasibility of using neural network forecasters to detect spoofed sampled values was investigated. We showed that although such forecasters have high spoofed-data-detection accuracy, they are prone to the accumulation of forecasting error. In this research, we proposed an algorithm to detect the accumulation of the forecasting error based on lightweight statistical indicators. The effectiveness of the proposed algorithms was experimentally verified on the Smart Grid testbed at FIU. The test results showed that the proposed techniques have a minimal detection latency, in the range of microseconds. Also, in this research we developed a network-in-the-loop co-simulation platform that seamlessly integrates the components of the smart grid together, especially since they are governed by different regulations and owned by different entities. Power system simulation software, microcontrollers, and a real communication infrastructure were combined together to provide a cohesive smart grid platform. A data-centric communication scheme was selected to provide an interoperability layer between multi-vendor devices, software packages, and to bridge different protocols together. smart grid cyber security cyber-physical systems IEC 61850 GOOSE SMV artificial intelligence dds Power and Energy
117	The Other means? Examining the patterns and dynamics of state competition in cyberspace Vicic, Jelena January 2021 (has links) No description available. Political Science stability-instability paradox cyber operations cyber escalation influence operations semantic network analysis experiments
118	Cybersoldater under frammarsch : Är vi på rätt väg? Andersson, Björn, Seger, Henrik January 2023 (has links) Syfte - Precis som samhället i övrigt digitaliserar Försvarsmakten sin verksamhet i ökande grad. Det höjer förmågan men ökar riskerna för cyberangrepp. Som en av flera åtgärder introducerade därför Försvarsmakten personalkategorin cybersoldat. Syftet med denna studie är att utreda hur införandet av cybersoldater har hanterats inom Försvarsmaktens organisation och på vilket sätt det har påverkat cyberförsvarsförmågan. Design/metod/approach - Studien är genomförd som en kvalitativ intervjustudie där respondenter från olika organisationsnivåer inom Försvarsmakten har gett sin syn på cybersoldatinförandet. Detta för att följa cybersoldatsrollen ur ett livscykelperspektiv från planeringsstadiet genom utbildningen och vidare mot karriären. Slutsatser – Resultatet av studien visar att strategin för uppbyggnaden av cyberförsvaret och cybersoldaternas roll inte är tillräckligt väl kommunicerad inom Försvarsmaktens organisation. Studien visar att det behövs ett livscykelperspektiv på cybersoldaternas kompetensutveckling som sträcker sig bortom värnplikten, vilket kan ses som ett paradigmskifte för hur Försvarsmakten normalt sett utbildar och hanterare krigsplacerad personal. / Purpose - Just like society in general, the Swedish Armed Forces are increasingly digitizing their operations. It increases capability but increases the risks of cyberattacks. As one of several measures, the Swedish Armed Forces therefore introduced the Cyber Soldier personnel category. The purpose of this study is to investigate how the introduction of cyber soldiers has been handled within the Swedish Armed Forces' organization and in what way it has affected cyber defence capability. Design/methodology/approach - The study was conducted as a qualitative interview study where respondents from different organizational levels gave their views on the cyber soldier introduction. This by following the cyber soldier role from a life cycle perspective from the planning stage through the education and on to the career. Findings - The findings of the study shows that the strategy for building up cyber defence and the role of cyber soldiers are not sufficiently well communicated within the Armed Forces. The study shows that there is a need for a life cycle perspective for cyber soldiers' competence development that extends beyond conscription, which can be seen as a paradigm shift for how the Armed Forces normally train and handle war-deployed personnel. cyber defence cyber soldier cyberprofession cyberförsvar cybersoldat cyberprofession Business Administration Företagsekonomi
119	Cyber attacks against small companies that outsource their services Haji Akbar, Mahan, Babar, Shahryar Khan January 2022 (has links) Companies outsource a lot of their development tasks. The use of external development teams introduces security problems which may lead to data breaches and even corporate espionage where business ideas are used in other companies, leading to leaking of trade secrets. A detailed explanation of the security implications of outsourcing is given, with ways to mitigate such risks in the first section of the report. The report also explains some basics theory in cyber security such as information gathering, vulnerability scanning, exploitation and post exploitation. We also look at some software tools used in the field. Due to the lack of knowledge and awareness about cyber security, most small companies do not have enough protection against these malicious attacks. The proposed intrusion detection system is capable of recognizing various kinds of cyber attacks including denial of serviceattack, spoofing attack, sniffing attack and so on. The proposed system employs ensemble learning and feature selection techniques to reduce the computational cost and improve the detection rate simultaneously. This paper presents an intelligent intrusion detection system based on tree-structure machine learning models. After the implementation of the proposed intrusion detection system on standard data sets, the system has achieved high detection rate and low computational cost simultaneously. The method used to bring results is python with scikit library that can help with machine learning. The results will show figures of heatmap and scores of models that will explain how likely it will identify a cyber attack. Outsourcing Cyber attack Cyber security Intrusion detection system Computer and Information Sciences Data- och informationsvetenskap
120	Cyber Attacks as Armed Attacks? : The Right of Self-Defence When a Cyber Attack Occurs Nyman, Mikaela January 2023 (has links) No description available. public international law cyber attack the right of self-defence armed attack cyber operation UN Charter Law Juridik

Search results