Vliv kybernetických kapacit na vztah mezi Izraelem a Íránem / The Impact of Cyber Capabilities on the Israeli - Iranian Relationship

Losa, Luca

January 2020

In the last decade or so, Iran and Israel have found a new domain where to translate and protract their conflictual relationship: the cyberspace. Since the discovery of Stuxnet both countries have embarked on a significant cyber capabilities build-up, in accordance with their resources, and driven as well by mutual threat and perception of threat they pose to each other. Following their own cyber strategies embedded in their respective broader foreign policy agendas, the two foes confronted each other several times in a cyber feud which lasts to present days. Through the use of Event Data methodology, it is examined quantitatively the impact of cyber conflict on the Iranian- Israeli relationship, when cyber capabilities are utilized as a foreign policy tool vis-à-vis each other. The results of the quantitative study show no significant alteration of the conflict-cooperation dynamics between the dyad of interest due to the utilization of cyber capabilities. Furthermore, the qualitative assessment of the cyber feud shows that the balance of power between the two sides is not affected by increasing cyber capabilities, since Israel has the clear upper hand in the cyberspace. Keywords Iran, Israel, Foreign Policy, Cyber Capabilities, Cyber Conflict, Event Data

Adolescent Coping Strategies for In-person Bullying and Cyberbullying

Bradbury, Stacey Lynn

06 August 2013

No description available.

Psychology

Adolescent

Coping

Bullying

Cyberbullying

Victimization

Cyber-victimization

Cyber-aggression

A Study On API Security Pentesting

Asemi, Hadi

01 October 2023

Application Programming Interfaces (APIs) are essential in the digital realm as the bridge enabling seamless communication and collaboration between diverse software applications. Their significance lies in simplifying the integration of different systems, allowing them to work together effortlessly and share data. APIs are used in various applications, for example, healthcare, banks, authentication, etc. Ensuring the security of APIs is critical to ensure data security, privacy, and more. Therefore, the security of APIs is not only urgent but mandatory for pentesting APIs at every stage of development and to catch vulnerabilities early. The primary purpose of this research is to provide guidelines to help apply existing tools for reconnaissance and authentication pentesting. To achieve this goal, we first introduce the basics of API and OWASP's Top 10 API security vulnerabilities. Secondly, we propose deployable scripts developed for Ubuntu Debian Systems to install pentesting tools automatically. These scripts allow future students to participate in API security courses and conduct API security pentesting. API security pentesting, regarding reconnaissance and authentication, is discussed based on the configured system. For reconnaissance, passive and active approaches are introduced with different tools for authentication, including password-based authentication brute-forcing, one-time password (OTP) brute-forcing, and JSON web token brute force.

Cyber Security

API Pentesting

Cyber Tools

API

Ethical hacking

A Military Planning Methodology for Conducting Cyber Attacks on Power Grid

Saglam, Mehmet

09 July 2014

Power grids are regarded as significant military targets and have been targeted with kinetic attacks in previous military operations. These attacks resulted in significant levels of physical destruction, which, in the long-term, both undermined the success of the operations and caused severe adverse effects on the human terrain. Since power grids have grown as a result of introducing advanced technologies, they have also become more dependent upon cyberspace and are thus exposed to cyber attacks. Since cyber attacks have demonstrated the ability to creating physical/nonphysical effects with surgical precision, they have emerged as a credible option for disrupting power operations for a reasonable duration. However, these types of attacks sometimes require complex coordination with entities from distinct fields for efficient planning; a lack of awareness of the global picture about how to conduct these attacks could result in miscalculations and cause a repeat of the same past failures. Motivated by this fact, this thesis holistically analyzes the steps involved in conducting cyber attacks on power grids for the purpose of gaining military superiority and provides a comparison for the capabilities, challenges, and opportunities of kinetic and cyber attacks. For the purpose of creating a comprehensive framework for this thesis, the following considerations have been incorporated: the analyses of goals, targets, solutions, and effects of previous military operations; the physical and cyber infrastructures of power grids; and the features, challenges, and opportunities of cyber attacks. To present the findings, this document has adopted a novel military methodology for both the cyber attack analysis and the comparison of the means. / Master of Science

Cyber Warfare

Power Grid

Cyber Attack

Kinetic Attack

Prevention of cybercrimes in smart cities of India: from a citizen's perspective

Chatterjee, S., Kar, A.K., Dwivedi, Y.K., Kizgin, Hatice

10 July 2019

Yes / Purpose: The purpose of this paper is to identify the factors influencing the citizens of India to prevent cybercrimes in the proposed Smart Cities of India. Design/methodology/approach: A conceptual model has been developed for identifying factors preventing cybercrimes. The conceptual model was validated empirically with a sample size of 315 participants from India. Data were analyzed using structural equation modeling with SPSS and AMOS softwares. Findings: The study reveals that the “awareness of cybercrimes” significantly influences the actual usage of technology to prevent cybercrimes in Smart Cities of India. The study reveals that government initiative (GI) and legal awareness are less influential in spreading of the awareness of cybercrimes (AOC) to the citizens of the proposed smart cities. Research limitations/implications: The conceptual model utilizes two constructs from the technology adoption model, namely, perceived usefulness and ease of use. The study employs other factors such as social media, word of mouth, GIs, legal awareness and organizations constituting entities spreading awareness from different related literature works. Thereby, a comprehensive theoretical conceptual model has been proposed which helps to identify the factors that may help in preventing cybercrimes. Practical implications: This study provides an insight to the policy maker to understand several factors influencing the AOC of the citizens of the proposed Smart Cities of India for the prevention of cybercrimes. Originality/value: There are few existing studies analyzing the effect of AOC to mitigate cybercrimes. Thus, this study offers a novel contribution.

Smart city

Cyber security

Digital services

Cyber-infrastructure

Cyber governance in Africa: at the crossroads of politics, sovereignty and cooperation

Ifeanyi-Ajufo, Nnenna

01 November 2023

Yes / Africa has recently focused on an ambition to achieve digital transformation through the pursuit of various flagship initiatives which are aimed at achieving its ‘Agenda 2063’ objectives. Digital transformation will be better achieved through appropriate cyber governance policies and mechanisms, and the success of Africa’s Digital Transformation Strategy 2020-2030 hinges on diverse factors. According to the Strategy, African governments have a fundamental responsibility to create an enabling environment, with policies and regulations that promote digital transformation across foundation pillars, which include cybersecurity. The Strategy also stipulates the need to reinforce the region’s human and institutional capacity to secure the cyberspace by building trust and confidence in the use of cyber technologies. The aim of the paper is to examine Africa’s cyber governance agenda in relation to peace and security. While there are political dimensions to determining the thresholds of such discourses in Africa, the uncertainties of governance mechanisms, political underpinnings and limitations in digital capacity may mean that international standards of cyber governance have merely been theoretical in the African context. The paper examines Africa’s extant policies and political strategies for cyber governance, and the region’s interaction with international cyber governance processes. The paper further discusses the prospects and challenges to cyber governance in the region, and the approaches to leveraging international cooperation in promoting cyber stability in the region.

Africa

Cyber governance

Cyber politics

Digital sovereignty

Digital transformation

On Cyber-Physical Security of Smart Grid: Data Integrity Attacks and Experiment Platform

Tan, Song

07 May 2016

A Smart Grid is a digitally enabled electric power grid that integrates the computation and communication technologies from cyber world with the sensors and actuators from physical world. Due to the system complexity, typically the high cohesion of communication and power system, the Smart Grid innovation introduces new and fundamentally different security vulnerabilities and risks. In this work, two important research aspects about cyber-physical security of Smart Grid are addressed: (i) The construction, impact and countermeasure of data integrity attacks; and (ii) The design and implementation of general cyber-physical security experiment platform. For data integrity attacks: based on the system model of state estimation process in Smart Grid, firstly, a data integrity attack model is formulated, such that the attackers can generate financial benefits from the real-time electrical market operations. Then, to reduce the required knowledge about the targeted power system when launching attacks, an online attack approach is proposed, such that the attacker is able to construct the desired attacks without the network information of power system. Furthermore, a network information attacking strategy is proposed, in which the most vulnerable meters can be directly identified and the desired measurement perturbations can be achieved by strategically manipulating the network information. Besides the attacking strategies, corresponding countermeasures based on the sparsity of attack vectors and robust state estimator are provided respectively. For the experiment platform: ScorePlus, a software-hardware hybrid and federated experiment environment for Smart Grid is presented. ScorePlus incorporates both software emulator and hardware testbed, such that they all follow the same architecture, and the same Smart Grid application program can be tested on either of them without any modification; ScorePlus provides a federated environment such that multiple software emulators and hardware testbeds at different locations are able to connect and form a unified Smart Grid system; ScorePlus software is encapsulated as a resource plugin in OpenStack cloud computing platform, such that it supports massive deployments with large scale test cases in cloud infrastructure.

Cyber Security

Testbed

Smart Grid

H.264 encoded digital video protection using temporal redundancy LSB steganography

Mitchell, Scott

January 2018

A steganographic method was developed based on the temporal redundancies present in digital video streams, these redundancies are utilised by the H.264 encoding standard to reduce the bandwidth requirements of a digital video stream while maintaining content quality. The temporal redundancies are used to steganographically embed unique binary data within the digital video stream, this results in a unique embedding strategy within each video stream while also utilising areas that reduce the potential data loss experienced during the H.264 encoding process. The effectivness of the developed steganographic method is measured using the common steganographic metrics of Payload Capacity, Embedded Data Robustness and Media Impact. The results illustrate that the compensation of mutative factors in the embedding process using temporal redundancies result in a more robust method of data embedding within digital video encoded using H.264.

Youth and Technology: The risks youth take when using modern Technology

Krueger, Britt

15 December 2009

Faculty of Criminology, Justice and Policy Studies

youth

cyber culture

technology

risks

The Defense Against the latest Cyber Espionage both insider and outsider attacks

Nsambu, Emmanuel, Aziz, Danish

January 2012

This study was carried out with the intention of examining the defensive mechanism employed against the latest cyber espionage methods including both insider and outsider attacks. The main focus of this study was on web servers as the targets of the cyber attacks. Information in connection to the study was obtained from researchers’ online articles. A survey was also conducted at MidSweden University in order to obtain information about the latest cyber attacks on web servers and about the existing defensive mechanism against such attacks. The existing defensive mechanism was surveyed and a simple design was created to assist in the investigation of the efficiency of the system. Some simple implementations of the existing defensive mechanism were made in order to provide some practical results that were used for the study. The existing defensive mechanism was surveyed and improved upon where possible. The improved defensive mechanism was designed and implemented and its results were compared with the results from the existing defensive mechanism. Due to the fact that the majority of the attackers use defensive mechanisms’ vulnerability in order to find their way into devices such as web servers, it was felt that, even with the most sophisticated improved defensive mechanism in place, it would not be entirely correct to claim that it is possible to fully protect web servers against such attacks.

Cyber attacks

Cyber Esionage

Hackers

SQL injection

DDoS attack

DoS attack