Global ETD Search

131	Asymmetric information games and cyber security Jones, Malachi G. 13 January 2014 (has links) A cyber-security problem is a conflict-resolution scenario that typically consists of a security system and at least two decision makers (e.g. attacker and defender) that can each have competing objectives. In this thesis, we are interested in cyber-security problems where one decision maker has superior or better information. Game theory is a well-established mathematical tool that can be used to analyze such problems and will be our tool of choice. In particular, we will formulate cyber-security problems as stochastic games with asymmetric information, where game-theoretic methods can then be applied to the problems to derive optimal policies for each decision maker. A severe limitation of considering optimal policies is that these policies are computationally prohibitive. We address the complexity issues by introducing methods, based on the ideas of model predictive control, to compute suboptimal polices. Specifically, we first prove that the methods generate suboptimal policies that have tight performance bounds. We then show that the suboptimal polices can be computed by solving a linear program online, and the complexity of the linear program remains constant with respect to the game length. Finally, we demonstrate how the suboptimal policy methods can be applied to cyber-security problems to reduce the computational complexity of forecasting cyber-attacks. Game theory Asymmetric information games Cyber security Cyber-attack forecasting Model predictive control Stochastic games Repeated games Cyber intelligence (Computer security) Decision making Game theory
132	Monitoring of Cyber Security Exercise Environments in Cyber Ranges : with an implementation for CRATE / Övervakning av spelmiljöer i cyberanläggningar : med en implementation för CRATE Sjöstedt, Matildha January 2021 (has links) In a world where much of society is dependent on digital infrastructure, various cyber threats can pose a great risk to businesses, critical infrastructure and potentially entire nations. For this reason, research and education as well as the preparation of strategies, training of personnel etc., is imperative. Cyber ranges can provide ''safe environments'' in which for example cyber security exercises and experiments can be conducted. While easier to deploy and configure than ''real'' infrastructures, monitoring of such environments during ongoing exercises/experiments poses a number of challenges. During this thesis work, the question of what types of data and information could be relevant to provide in a monitoring system for this context was investigated, with regard to aspects such as providing technical support or gaining situational awareness during exercises. Results gained from a survey with participants from relevant organizations, contributed greatly to this question. The survey and literature study also provided insights into challenges and potential problems of developing and running such monitoring. CRATE is a cyber range developed and maintained by the Swedish Defence Research Agency (FOI). In this thesis work, some of the challenges and potential problems found are tackled with a suggested design and an implemented monitoring system prototype for CRATE. Apart from providing functionality to retrieve information about accounts and privileges as well as status of services, the design of the prototype also lays the foundation for a flexible and extensible monitoring system -- fully adapted for use within a cyber range. With cyber exercises becoming both more prevalent and extensive, the need for capable monitoring of exercise environments will naturally arise. While the developed prototype may facilitate future cyber exercises/experiments in CRATE, the results of this thesis work are also ready to be used as a source of inspiration for other cyber range operators. cyber range monitoring CRATE cyber security cyber security exercises virtual machine cyberanläggning övervakning CRATE cybersäkerhet cybersäkerhetsövningar virtuell maskin Information Systems Software Engineering Programvaruteknik
133	Literature review on trustworthiness of Signature-Based and Anomaly detection in Wireless Networks Spångberg, Josephine, Mikelinskas, Vainius January 2023 (has links) The internet has become an essential part of most people's daily lives in recent years, and as more devices connect to the internet, the risk of cyber threats increases dramatically. As malware becomes more sophisticated, traditional security prevention measures are becoming less effective at defending from cyber attacks. As a result, Signature Based Detection and Anomaly Detection are two of many advanced techniques that have become crucial to defend against cyber threats such as malware, but even these are sometimes not enough to stop modern cyberattacks. In this literature review the goal is to discuss how trustworthy each of the mentioned malware detection techniques are at detecting malware in wireless networks. The study will measure trustworthiness by looking further into scalability, adaptability and robustness and resource consumption. This study concludes that both anomaly and signature-based malware detection methods exhibit strengths and weaknesses in scalability, robustness, adaptability, and resource consumption. Furthermore, more research is needed and as malware becomes more sophisticated and an increased threat to the world it is an area that is highly relevant. Cyber threats Malware Cyber attacks Signature Based Detection Anomaly Detection Cyber defense Sophisticated attacks Modern cyberattacks malware detection in wireless network IoT Computer Sciences Datavetenskap (datalogi)
134	Digital säkerhet i tillverkningssektorn : En kvalitativ studie om EU:s Cyber Resilience Act och tillverkningsföretags arbete med säkerhetsluckor i produkter med digitala element. / Digital security in the manufacturing sector : A qualitative study on the EU:s Cyber Resilience Act and manufacturing companies' work with security gaps in products with digital elements. Ivarsson, Jens, Malmström, David January 2024 (has links) Produkter med digitala element utsätts alltmer frekvent för framgångsrika cyberattacker och därmed har EU introducerat Cyber Resilience Act. Förordningen har blivit godkänd och förväntas träda i kraft under 2024, men tillverkningsföretagen behöver inte uppfylla kraven förrän 2027. Det huvudsakliga kravet i förordningen är att tillverkningsföretag inte får ha några kända säkerhetsluckor i produkter med digitala element. Denna studie, Digital säkerhet i tillverkningssektorn, undersöker hur tillverkningsföretag förhåller sig till förordningen samt hur tillverkningsföretag förebygger, identifierar och hanterar säkerhetsluckor i produkter med digitala element. En kvalitativ metod genomfördes där nio respondenter intervjuades. Studien Digital säkerhet i tillverkningssektorn visar att tillverkningsföretagens förhållningssätt gentemot förordningen baseras på mognad och medvetenhet. Penetrationstest, sårbarhetshantering och patchhantering är de främsta metoderna som används för att förebygga, identifiera och hantera säkerhetsluckor. Människans kunskap är viktig för att skapa cyberresiliens, men varierar utifrån hur avancerad tekniken är i företaget och hur mycket mänsklig expertis som finns inom området. / Products with digital elements are increasingly subject to successful cyber attacks and with that the EU has introduced the Cyber Resilience Act. The regulation has been approved and is expected to enter into force in 2024, but the manufacturing companies do not have to meet the requirements until 2027. The main requirement of the regulation is that manufacturing companies must not have any known security gaps in products with digital elements. This study, Digital security in the manufacturing sector, examines how manufacturing companies relate to the regulation and how manufacturing companies prevent, identify and manage security gaps in products with digital elements. A qualitative method was carried out where nine respondents were interviewed. The study Digital security in the manufacturing sector shows that the manufacturing companies' approach to the regulation is primarily based on their maturity and awareness. Penetration testing, vulnerability management, and patch management are the main methods used to prevent, identify and manage security gaps. Human knowledge is important for creating cyber resilience, but varies based on how advanced the technology is in a company and how much human expertise there is within the field. Cyber Resilience Act Cyber Resilience Security gap Socio-technical perspective Manufacturing companies Cyber Resilience Act Cyberresiliens Säkerhetsluckor Sociotekniskt perspektiv Tillverkningsföretag Information Systems
135	Modeling vulnerabilities in cyber-physical spaces McVey, Keith January 1900 (has links) Master of Science / Department of Computer Science / Eugene Vasserman / There is continuing growth in the need to secure critical infrastructures from malicious adversaries. These adversaries can attack systems from different forms. They can physically break in and steal something important, or they can attack from the cyber realm in order to steal critical information. This project combines the modeling process for physical spaces along with a logic reasoning tool that can identify the state of a networked device in order to analyze large enterprise systems for combined cyber-physical vulnerabilities. Using a pure model checker would not be able to handle the near infinite states that a computer or networked device may be in. Therefore this new approach combines the use of a logic analyzer tool that with a well-defined set of rules that reasons about the security and trustworthiness of devices in the model. While there has been long study of how to secure a building from intrusion, and much research about defense against cyber attacks, there is always a large gap between the two in practice. This approach may no longer be sufficient against today’s adversaries and offers little to no defense against insider threats. Combining the two in this new form allows for a more complete security view and protection against more advanced adversaries. Then this thesis shows how this approach meets a series of requirements for an effective vulnerability analysis. This is achieved by executing a model based on a real world facility with a series of induced faults that would on their own not be enough to be a vulnerability but tied together would have series consequences. This thesis shows how this approach can then be used to detail potentially unseen vulnerabilities and develop fixes for them to help create a more secure facility. Computer science Modeling Cyber-physical Vulnerabilities Computer Science (0984)
136	Algorithmically induced architectures for multi-agent system Ramachandran, Thiagarajan 27 May 2016 (has links) The objective of this thesis is to understand the interactions between the computational mechanisms, described by algorithms and software, and the physical world, described by differential equations, in the context of networked systems. Such systems can be denoted as cyber-physical nodes connected over a network. In this work, the power grid is used as a guiding example and a rich source of problems which can be generalized to networked cyber-physical systems. We address specific problems that arise in cyber-physical networks due to the presence of a computational network and a physical network as well as provide directions for future research. Cyber-physical systems Model predictive control MPC Optimization
137	Actuators and Sensors for Smart Systems Scheidl, Rudolf 03 May 2016 (has links) (PDF) Smartness of technical systems relies also on appropriate actuators and sensors. Different to the prevalent definition of smartness to be embedded machine intelligence, in this paper elegance and simplicity of solutions is postulated be a more uniform and useful characterization. This is discussed in view of the current trends towards cyber physical systems and the role of components and subsystems, as well as of models for their effective realization. Current research on actuators and sensing in the fluid power area has some emphasis on simplicity and elegance of solution concepts and sophisticated modeling. This is demonstrated by examples from sensorless positioning, valve actuation, and compact hydraulic power supply. Actuators Sensors Smartness Cyber Physical Systems ddc:620 rvk:ZQ 5460
138	La construction de la conjugalité chez des conjoints de couples formés sur des sites de rencontre en ligne : une perspective interactionniste symbolique Okalla Bana, Edy-Claude 05 1900 (has links) Le couple est le commencement de la famille, la cellule fondamentale de la société et un des principaux lieux de solidarité pour les individus. Or, depuis quelques années l’irruption d’internet a permis l’instauration de rapports sociaux nouveaux que l’on peut identifier dans les façons de rencontrer quelqu’un ou de tomber amoureux. L’apparition des sites de rencontre a notamment permis à des individus de pouvoir faire la rencontre amoureuse de l’autre sur un site dédié et à convenance. Cette étude vise à une meilleure compréhension du phénomène social qu’est la construction de la conjugalité à partir de la rencontre sur des sites dédiés sur internet et partant des représentations des participants interrogés. Notre but était également de démontrer comme l’a souligné Marie-Chantal Doucet (2009) que l’action de l’individu sur les sites de rencontre en ligne n’est pas le fait de déterminations mais qu’il bénéficie plutôt d’une marge de jeu, lui permettant d’interpréter les codes et de donner un sens à ses actions et aux actions des autres car l’individu sur les sites de rencontre en ligne joue un personnage. Pour mener à bien cette étude, nous avons adopté un cadre théorique qui s’inscrit dans la perspective de l’interactionnisme symbolique en nous appuyant sur une approche par théorisation ancrée. Il ressort entre autre de l’enquête qualitative que nous avons menée que la construction conjugale est surtout le fruit de la rencontre en face à face car la rencontre en ligne proprement dite est marquée par le stigma et la marchandisation des corps que proposent les sites de rencontre ne sont pas propice au sentiment d’intimité favorable au développement du lien conjugal. / The couple is at the beginning of the family, which is the fundamental cell of the society and one of the main places of people solidarity. Though, from a few years, the inrush of internet has favoured the establishment of new social rules in relationship that we can identify in the new way of encountering somebody or fall into love. The appearance of dating websites has namely favoured to individuals to encounter a partner on a website at the convenience. This study aims to a better understanding of the social phenomenon of the marrital construction from the meeting from a dating website and going from the own perceptions of the participants interviewed. Our purpose was to demonstrate as Marie-Chantal Doucet (2009) that the action of the individual on the dating websites was not due to some determinations but benefited rather of a scope allowing him to perform codes and to make clear senses to his action as to the others actions because the individual is performing a character on the dating website. In order to carry out this study, we have adopted a theoretical framework which is a part of the symbolic interactionism perspective by supporting an grounded theory approach. It emerses from the qualitative method that we have carried out that the marrital construction is, above all, the result of the face to face dating after dating the partner on the dating website because dating on a website is still labelled by a stigma and it is the place of the human body commoditification that the dating website are not conducive to the feeling of closeness which favor the development of a matrimonial bond. Internet Web Conjugalité Cyber-rencontre Couples Stigma Interactionisme Constructivisme Hypermodernité Cyber-amoureux Internet Web Conjugality Cyber-Dating Couples Stigma Interactionism Constructivism Hypermodernity Cyber-Lovers
139	A self-healing framework to combat cyber attacks : analysis and development of a self-healing mitigation framework against controlled malware attacks for enterprise networks Alhomoud, Adeeb M. January 2014 (has links) Cybercrime costs a total loss of about $338 billion annually which makes it one of the most profitable criminal activities in the world. Controlled malware (Botnet) is one of the most prominent tools used by cybercriminals to infect, compromise computer networks and steal important information. Infecting a computer is relatively easy nowadays with malware that propagates through social networking in addition to the traditional methods like SPAM messages and email attachments. In fact, more than 1/4 of all computers in the world are infected by malware which makes them viable for botnet use. This thesis proposes, implements and presents the Self-healing framework that takes inspiration from the human immune system. The designed self-healing framework utilises the key characteristics and attributes of the nature’s immune system to reverse botnet infections. It employs its main components to heal the infected nodes. If the healing process was not successful for any reason, it immediately removes the infected node from the Enterprise’s network to a quarantined network to avoid any further botnet propagation and alert the Administrators for human intervention. The designed self-healing framework was tested and validated using different experiments and the results show that it efficiently heals the infected workstations in an Enterprise network. 364.16
140	The Markov multi-phase transferable belief model : a data fusion theory for enhancing cyber situational awareness Ioannou, Georgios January 2015 (has links) eXfiltration Advanced Persistent Threats (XAPTs) increasingly account for incidents concerned with critical information exfiltration from High Valued Targets (HVT's) by terrorists, cyber criminals or enemy states. Existing Cyber Defence frameworks and data fusion models do not adequately address (i) the multi-stage nature of XAPTs and (ii) the uncertainty and conflicting information associated with XAPTs. A new data fusion theory, called the Markov Multi-phase Transferable Belief Model (MM-TBM) is developed, for tracking and predicting XAPTs. MM-TBM expands the attack kill-chain model to attack trees and introduces a novel approach for combining various sources of cyber evidence, which takes into account the multi-phased nature of XAPTs and the characteristics of the cyberspace. As a data fusion theory, MM-TBM constitutes a novel approach for performing hypothesis assessment and evidence combination across phases, by means of a new combination rule, called the Multi-phase Combination Rule with conflict Reset (MCR2). This is the first combination rule in the field of data fusion that formalises a new method for combining evidence from multiple, causally connected hypotheses spaces and eliminating the bias from preceding phases of the kill-chain. Moreover, this is the first time a data fusion theory utilises the conflict mass m(Ø) for identifying paradoxes. In addition, a diagnostic formula for managing missing pieces of evidence within attack trees is presented. MM-TBM is designed, developed and evaluated using a Design Science Research approach within two iterations. Evaluation is conducted in a relevant computer network environment using scenario-based testing. The experimental design has been reviewed and approved by Cyber Security Subject Matter Experts from MoD’s Defence Science Technology Laboratory and Airbus Group. The experimental results validate the novel capabilities introduced by the new MM-TBM theory to Cyber Defence in the presence of information clutter, conflict and congestion. Furthermore, the results underpin the importance of selecting an optimal sampling policy to effectively track and predict XAPTs. This PhD bridges the gaps in the body of knowledge concerned with multi-phase fusion under uncertainty and Cyber SA against XAPTs. MM-TBM is a novel mathematical fusion theory for managing applications that existing fusion models do not address. This research has demonstrated MM-TBM enables the successful Tracking and Prediction of XAPTs to deliver an enhanced Cyber SA capability.

Search results