Formal security verification of the Drone Remote Identification Protocol using Tamarin / Formell säkerhetsverifiering av Drone Remote Identification Protocol med hjälp av Tamarin

Ahokas, Jakob, Persson, Jonathan

January 2022

The current standard for remote identification of unmanned aircraft does not contain anyform of security considerations, opening up possibilities for impersonation attacks. Thenewly proposed Drone Remote Identification Protocol aims to change this. To fully ensurethat the protocol is secure before real world implementation, we conduct a formal verification using the Tamarin Prover tool, with the goal of detecting possible vulnerabilities. Theunderlying technologies of the protocol are studied and important aspects are identified.The main contribution of this thesis is the formal verification of session key secrecy andmessage authenticity within the proposed protocol. Certain aspects of protocol securityare still missing from the scripts, but the protocol is deemed secure to the extent of themodel. Many features of both the protocol and Tamarin Prover are presented in detail,serving as a potential base for the continued work toward a complete formal verificationof the protocol in the future.

Cybersecurity

Formal verification

Unmanned aircraft

Cryptography

Other Computer and Information Science

Annan data- och informationsvetenskap

The Internal Auditor's Role in Cybersecurity Governance : A qualitative study about the internal auditor's influence on the people factor of cybersecurity

Simić, Nikola

January 2022

Internal auditors have a substantial impact on organisations’ governance. Hence this research aims to uncover the practice of internal auditors in Sweden, especially their part in cybersecurity and the people factor. While previous research point to internal auditing being an oversight governance mechanism for organisations, the threat of a changing risk landscape due to increased digitalisation and business transactions occurring in cyberspace leaves more questions undiscovered. The research implements a qualitative approach. The data was collected by semi-structured interviews conducted with members from IIA working as internal auditors. The IPPF authoritative guidance was also used as complementary data. The data was later analysed through theories such as the Three Lines of Defense. The results demonstrated how internal auditors provide assurance heavily influence organisations’ cybersecurity. However, it is equally essential for auditors to consider the indirect impact they have on the organisation, especially regarding the people factor of cybersecurity and the amount of influence internal auditors have. These findings indicate the need to focus on researching the indirect influence internal auditors have through their soft skills. Professionals should also reflect on their influence in their organisation not to overshadow other important risks.

Internal auditing

Cybersecurity

Assurance

Risk Assessment

Three Lines of Defense

Business Administration

Företagsekonomi

Threats to smart buildings : Securing devices in a SCADA network

Lindqvist, Anna

January 2021

This paper examines the possibilities of performing tests with the aim to ensure that devices in a SCADA network can be deemed secure before deployment. SCADA systems are found in most industries and have recently seen an increased use in building automation, most importantly the healthcare sector, which means that a successful attack toward such a system could endanger lives of patients and healthcare professionals.The method of testing was created to examine whether devices conflicted with the security flaws identified by OWASP IoT Top 10 list, meaning that OWASP IoT Top 10 was the foundation for the methodology used in this paper.Results of the tests show that the devices used in testing are not in conflict with the OWASP IoT Top 10 list when using the default settings. However, some settings that can be enabled on the devices would constitute a security risk if enabled.

Cybersecurity

SCADA

Penetration testing

Computer Engineering

Datorteknik

Software Engineering

Programvaruteknik

Information Systems

Nepoučitelní uživatelé: příčiny (ne)bezpečných hesel / Careless society: Drivers of (un)secure passwords

Nedvěd, Vojtěch

January 2021

Careless Society: Drivers of (Un)Secure Passwords Thesis abstract Vojtěch Nedvěd May 2, 2021 Vulnerabilities related to poor cybersecurity are a dangerous global economic issue. This thesis aims to explain two examples of poor password management. First, why users use similar password and username and second, why they reuse their passwords, as the main drivers of this behaviour are unknown. We examined the effects of selected macroeconomic variables, gender, password length and password complexity. Additionally, this thesis suggest how to estimate sentiment in passwords using models build on Twitter posts. The results are verified on large password data, including password leaks from recent years. There are four main findings. First, a higher cybersecurity index and diversity of a password seem to be related to the lower similarity between a username and a password. Second, it seems that there are structural differences between countries and languages. Third, the sentiment seems to be a significant determinant too. Fourth, password reuse seems to be positively affected by the cybersecurity level. The thesis contributes to the study of password management. It proposes how to model the relationship, derive the data, split the passwords into words, model the sentiment of passwords, what variables might be...

Adaptive Safety and Cyber Security for Connected and Automated Vehicle System

Hanlin Chen (11173323)

23 July 2021

<div> <div> <p>This dissertation discussed the potential benefits that CAV systems can bring to the general well-being, and how the threat lies within the CAV system can affect its performance and functionality.<br></p> <p>Particularly, this dissertation discovered how CAV technology can benefit homeland security and crime investigations involving child abduction crimes. By proposing the initial design network, this dissertation proposed a solution that enhances the current AMBER Alert system using CAV technology. This dissertation also discussed how CAV technology can help perception in corner-case driving scenarios and reduce the risk of traffic accidents, by proposing a dataset that covers various corner cases including different weather and lighting conditions targeting the work zone. Evaluation is made on the collected data and several impact factors have been figured out. </p> <p>This dissertation also discussed an attack scenario that a ROS-based CAV platform was attacked by DoS attacks. We analized the system response after we attacked the system. Discussion and analysis was made on the functionality and stability of the system. </p> <p>Overall, we determined that CAV technology can greatly benefit in general well-being, and threats within the CAV system can cast potential negative benefits once the CAV system is being attacked. </p> </div> </div>

Connected and Automated Vehicles

Adaptive Safety

Cybersecurity

A Machine Learning Approach for Reconnaissance Detection to Enhance Network Security

Bakaletz, Rachel

01 May 2022

Before cyber-crime can happen, attackers must research the targeted organization to collect vital information about the target and pave the way for the subsequent attack phases. This cyber-attack phase is called reconnaissance or enumeration. This malicious phase allows attackers to discover information about a target to be leveraged and used in an exploit. Information such as the version of the operating system and installed applications, open ports can be detected using various tools during the reconnaissance phase. By knowing such information cyber attackers can exploit vulnerabilities that are often unique to a specific version. In this work, we develop an end-to-end system that uses machine learning techniques to detect reconnaissance attacks on cyber networks. Successful detection of such attacks provides the target the time to devise plans on how to evade or mitigate the cyber-attack phases that supervene the reconnaissance phase.

Machine Learning

Reconnaissance

Intrusion Detection

Cybersecurity Analytics

Classification.

Artificial Intelligence and Robotics

Information Security

OS and Networks

Security related self-protected networks: Autonomous threat detection and response (ATDR)

Havenga, Wessel Johannes Jacobus

January 2021

>Magister Scientiae - MSc / Cybersecurity defense tools, techniques and methodologies are constantly faced with increasing challenges including the evolution of highly intelligent and powerful new-generation threats. The main challenges posed by these modern digital multi-vector attacks is their ability to adapt with machine learning. Research shows that many existing defense systems fail to provide adequate protection against these latest threats. Hence, there is an ever-growing need for self-learning technologies that can autonomously adjust according to the behaviour and patterns of the offensive actors and systems. The accuracy and effectiveness of existing methods are dependent on decision making and manual input by human experts. This dependence causes 1) administration overhead, 2) variable and potentially limited accuracy and 3) delayed response time.

Denial of service attacks

Machine learning

Neural networking

Self-protected networks

Anomaly detection

Cybersecurity

Identifying Challenges in Cybersecurity Data Visualization Dashboards

Shirazi, Patrick

January 2020

Nowadays, a massive amount of cybersecurity data-objects, such as security events, logs,messages, are flowing through different cybersecurity systems. With the enormous fastdevelopment of different cloud environments, big data, IoT, and so on, these amounts of data areincreasingly revolutionary. One of the challenges for different security actors, such as securityadmins, cybersecurity analysis, and network technicians, is how to utilize this amount of data inorder to reach meaningful insights, so they can be used further in diagnosis, validation, forensicand decision-making purposes. In order to make useful and get meaningful insights from this data, we need to have efficientdashboards that simplify the data and provide a human-understandable presentation of data. Currently, there are plenty of SIEM and visualization dashboard tools that are using a variety ofreport generator engines to generate charts and diagrams. Although there have been manyadvances in recent years due to utilizing AI and big data, security professionals are still facingsome challenges in using the visualization dashboards. During recent years, many research studies have been performed to discover and address thesetypes of challenges. However, due to the rapid change in the way of working in many companies(e.g. digital transformation, agile way of working, etc.) and besides utilizing cloud environments,that are providing almost everything as a service, it is needed to discover what challenges are stillthere and whether they are still experiencing the same challenges or new ones have emerged. Following a qualitative method and utilizing the Delphi technique with two rounds of interviews,the results show that although the technical and tool-specific concerns really matter, the mostsignificant challenges are due to the business architecture and the way of working.

Cybersecurity visualization

Security visualization

security dashboards

Delphi technique

Computer Systems

Datorsystem

Countering Expansion and Organization of Terrorism in Cyberspace

Ogunlana, Sunday Oludare

01 January 2018

Terrorists use cyberspace and social media technology to create fear and spread violent ideologies, which pose a significant threat to public security. Researchers have documented the importance of the application of law and regulation in dealing with the criminal activities perpetrated through the aid of computers in cyberspace. Using routine activity theory, this study assessed the effectiveness of technological approaches to mitigating the expansion and organization of terrorism in cyberspace. The study aligned with the purpose area analysis objective of classifying and assessing potential terrorist threats to preempt and mitigate the attacks. Data collection included document content analysis of the open-source documents, government threat assessments, legislation, policy papers, and peer-reviewed academic literature and semistructured interviews with fifteen security experts in Nigeria. Yin's recommended analysis process of iterative and repetitive review of materials was applied to the documents analysis, including interviews of key public and private sector individuals to identify key themes on Nigeria's current effort to secure the nation's cyberspace. The key findings were that the new generation of terrorists who are more technological savvy are growing, cybersecurity technologies are effective and quicker tools, and bilateral/multilateral cooperation is essential to combat the expansion of terrorism in cyberspace. The implementation of recommendations from this study will improve the security in cyberspace, thereby contributing to positive social change. The data provided may be useful to stakeholders responsible for national security, counterterrorism, law enforcement on the choice of cybersecurity technologies to confront terrorist expansion, and organization in cyberspace.

counterterrorism

cybersecurity

cyberspace

cyberterrorism

jihadist

Propaganda

Computer Sciences

Public Policy

Social and Behavioral Sciences

Conservation of Limited Resources: Design Principles for Security and Usability on Mobile Devices

Horcher, Ann-Marie

01 January 2018

Mobile devices have evolved from an accessory to the primary computing device for an increasing portion of the general population. Not only is mobile the primary device, consumers on average have multiple Internet-connected devices. The trend towards mobile has resulted in a shift to “mobile-first” strategies for delivering information and services in business organizations, universities, and government agencies. Though principles for good security design exist, those principles were formulated based upon the traditional workstation configuration instead of the mobile platform. Security design needs to follow the shift to a “mobile-first” emphasis to ensure the usability of the security interface. The mobile platform has constraints on resources that can adversely impact the usability of security. This research sought to identify design principles for usable security for mobile devices that address the constraints of the mobile platform. Security and usability have been seen as mutually exclusive. To accurately identify design principles, the relationship between principles for good security design and usability design must be understood. The constraints for the mobile environment must also be identified, and then evaluated for their impact on the interaction of a consumer with a security interface. To understand how the application of the proposed mobile security design principles is perceived by users, an artifact was built to instantiate the principles. Through a series of guided interactions, the importance of proposed design principles was measured in a simulation, in human-computer interaction, and in user perception. The measures showed a resounding difference between the usability of the same security design delivered on mobile vs. workstation platform. It also reveals that acknowledging the constraints of an environment and compensating for the constraints yields mobile security that is both usable and secure. Finally, the hidden cost of security design choices that distract the user from the surrounding environment were examined from both the security perspective and public safety perspective.

cybersecurity

design principles

location-based security

mobile devices

progressive security

usable security

Computer Sciences