Global ETD Search

201	Whose Responsibility is Cybersecurity? : A Comparative Qualitative Content Analysis of Discourses in the EU’s Cybersecurity Strategies 2013-2020 Siltanen, Ella January 2021 (has links) Cybersecurity is an increasingly important topic to all actors from the private individuals to international institutions. The borderless nature of the internet has however made it more difficult for nation states to take care of their own security and institutions like the EU are also coping with the difficulties of defending themselves from attacks that can affect practically any part of the system and cause wide-spread damage. The EU has tried to address these issues by publishing strategies to improve the cybersecurity of the Union and its Member States. This thesis studies the discourse that is used by the Union in its strategies from 2013 and 2020. This is done to determine how the EU portrays each level, the national, institutional, or private and how responsible they are for the cybersecurity in the Union and to see how this discourse has changed in the previous few years. The theoretical framework of the thesis consists of neofunctionalism and historical institutionalism which are used to explain the direction of the development of the EU’s discourse. The study is conducted using critical discourse analysis and qualitative content analysis. The findings of the analysis suggest that there is noticeable shift to the EU taking more responsibility and actions to ensure its cybersecurity. Similarly it seems remarkable how the importance of the private sector seems to have diminished in the newer discourse. European Union EU cybersecurity institutionalism neofunctionalism critical discourse analysis qualitative content analysis Political Science Statsvetenskap
202	Understanding the behaviour of IOCs during their lifecycle Godavarti, Navya sree, Modali, Sivani January 2022 (has links) An indicator of compromise is a digital artefact that detects data compromise. They sense the compromise happening, trace the intrusion and collect data. This data includes breached data and the address. All indicators have a limited period of a lifetime, in which these work the best time in their peak. Once the indicator starts decaying, then its performance of it deteriorates. Meaning there is an increase in false alarms of compromise. The most influential parameters in the performance of an IOC are related pulse, alerts, file score and IDS. These parameters influence both the working and decay of an indicator. But the relation between these is unknown; therefore, this thesis investigates the nature of the correlation between these parameters. Evaluating an IOC and its performance or decay is essential as these determine the quality of an indicator known as confidence in cybersecurity. In cybersecurity management, confidence (quality) is crucial in preventing or detecting threats. By understanding IOC's performance and decay, we can determine its confidence level. There has been a model generated to find confidence levels, and this thesis aims to improve those models. Here, the thesis proposes a case study to find the relation between parameters and use the findings in making an improved model finding confidence level. Indicator of compromise (IOC) Cybersecurity Confidence level of IOC. Elektroteknik och elektronik
203	Innovative Simulation and Tree Models and Reinforcement Learning Methods with Applications in Cybersecurity Liu, Enhao January 2021 (has links) No description available. Industrial Engineering Optimal Trees Discrete Event Simulation Cybersecurity
204	Utilizing games as a tool to increase cybersecurity awareness in organizations : A systematic literature review / Spel som ett verktyg för att öka medvetenhet om cybersäkerhet inom organisationer : En systematisk litteraturstudie Karlberg, Anton January 2022 (has links) Cybersecurity is an important aspect within organizations as threats are many and often not fully understood, which requires individuals employed within organizations to be educated. Training implementations to increase cybersecurity knowledge and awareness are varied in their methodology of teaching. This study has employed a qualitative systematic literature review of academic articles from five databases to investigate how games are utilized as a training tool to increase cybersecurity awareness in organizations. A thematic analysis was applied to the collected bibliography to extract the design mediums of the games and the subject areas that were trained, the target audience, and reported results were also analyzed. The analysis found that the games followed a collection of similar design themes, which were collected and categorized into three distinct categories consisting of card & board games, challenge games, and simulation games. By cross-analysis of the distinct categories and cybersecurity subjects trained, gathered results indicate that through different game design mediums different cybersecurity topics are favored, conclusions were then drawn on how games are applied in cybersecurity training within organizational environments. / Cybersäkerhet är en viktig aspekt inom organisationer och hoten som existerar är många och ofta inte helt förstådda. Vilket skapar behovet att utbilda individer inom organisationer om cybersäkerhet. Utbildningsimplementationer kommer i många former och varierar i sin metodik i att lära ut. Denna studie har brukat en kvalitativ systematisk litteraturstudie av akademiska artiklar inom fem databaser för att undersöka hur spel används som träningsverktyg för att utöka cybersäkerhetskompetens inom organisationer. En tematisk analys applicerades på den samlade bibliografin för att extrahera spelens designstrategier och vilka områden av cybersäkerhet som blir utlärda samt målgrupp och resultat. Analysen visade att spel följde en samling av liknande teman av design som kategoriserades i tre distinkta kategorier bestående utav kort & brädspel, utmaningsspel och simulationsspel. Genomkorsanalys av de distinkta kategorierna och område av cybersäkerhet som tränades indikerade samlade resultat att skilda designstrategier föredrar utlärning av olika cybersäkerhetsområden. Slutsatser formulerades av dessa resultat som ger väg till hur spel appliceras för cybersäkerhetsträning inom organisatoriska miljöer. Cybersecurity training serious games organizations Cybersäkerhet träning seriösa spel organisationer Information Systems
205	Security Analysis of Smart Buildings Friman, Nelly January 2020 (has links) In recent years, buildings have been starting to become more automated to match the demand forenergy efficient and sustainable housing. Subsystems, or so-called Building Management Systems(BMS), such as heating, electricity or access control, are gradually becoming more automated. Thenext step is to integrate all BMS in a building within one system, which is then called a smartbuilding. However, while buildings are becoming more and more automated, the concerns ofcybersecurity grow larger. While integrating a wide range of Internet of Things (IoT) devices withthe system, the attack surfaces is larger, and this, together with the automation of criticalsubsystems in the building leads to that attacks in worse case can harm the occupants of thebuilding.In this paper, the threats and risks are analyzed by using a security threat model. The goal isto identify and analyze potential threats and risks to smart buildings, with the purpose to giveinsight in how to develop secure systems for them. The process of the model includes five phases ofwhich this study focuses on phase one and three, identifying losses after a successful attack, anddetermine goals and intentions of the attackers for specific attacks, respectively.As a result of the security analysis potential threats were defined, in which the ones withhighest threat event frequency included data leaks and disabling the heating system. Somevulnerabilities and recommendations to improv the system is also discussed, which is of importanceso that occupants can continue to live and work in sustainable, reliable and secure facilities. / På senare år har fastigheter utvecklats till att bli mer automatiserade för att matcha efterfrågan påenergieffektiva och hållbara bostäder. Fastighetslösningarna (Building Management Systems,BMS), såsom värme- eller passersystem, blir gradvis mer automatiserade. Nästa steg är att integreraalla BMS i en byggnad till ett gemensamt system, som då kallas för en smart fastighet. Medanbyggnader blir alltmer automatiserade, växer oron kring cybersäkerhet eftersom man delsintegrerar ett stort antal Internet of Things (IoT)-enheter med systemet och samtidigt automatiserarmånga kritiska fastighetslösningar. I värsta fall skulle därför en utomstående attack kunna leda tillfysisk skada på fastigheter eller personer som befinner sig där.I denna studie utförs en säkerhetsanalys där dessa hot och risker analyseras med hjälp av enhotmodellering. Målet är att identifiera och analysera potentiella hot och risker för smartafastigheter, med syftet att ge insikt i hur man bör säkra dessa system. Modelleringen innehåller femfaser, av vilka denna studie fokuserar på fas ett och tre. I första fasen identifieras vilka förluster somfinns för företag och boende efter en framgångsrik attack och i fas tre identifieras angriparnas måloch avsikter för specifika attacker.Ett resultat av säkerhetsanalysen är att av de potentiella hot som definierats, är de medhögsta antalet försök till attack per år (Threat Event Frecquency, TEF) dataläckage och attinaktivera värmesystemet. Några sårbarheter med smarta fastigheter och rekommendationer för attförbättra systemet diskuteras också. Att utveckla säkra system till smarta fastigheter är av störstavikt för att personer kan fortsätta bo och arbeta i hållbara, pålitliga och säkra byggnader. Smart Buildings Cybersecurity Threat Risk Smarta fastigheter Cybersäkerhet Hot Risk Computer and Information Sciences Data- och informationsvetenskap
206	An Ontology and Guidelines for Cybersecurity Risk Assessment in the Automotive Domain Khalil, Karim January 2023 (has links) This study aims to propose a knowledge base ontology for the ISO/SAE 21434 cybersecurity risk assessment activities in the automotive domain. The focus of the paper is to model how the standard views the tasks of Threat Analysis and Risk Assessment (TARA) and cybersecurity concept. The model is supported by practical knowledge gained from a design science activity at a major organization for supplying automotive solutions and components. The scope is limited to matters of methodology in systems security assessment. The meta-model shows concepts, relationships, and axioms describing the different activities, stakeholders, and inter-dependencies. Based on the model knowledge, an integrated approach of TARA guideline is created, describing the steps of each of the activities in which it has been adapted by the organization participating in an applied study. Additionally, to increase the efficiency of the human resources involved in the creation of the security artifacts, a proposal to utilize the model relationships and the guideline to automate recurring TARA tasks. Lessons learned from the applied study are presented. The study has adapted an evaluation strategy based on technical evaluation and user evaluation. The guideline was evaluated through gathering expert’s opinions in a qualitative approach. The ontology meta-model has been qualified for consistency through technical evaluation. ISO/SAE 21434 Threat Analysis and Risk Assessment Ontology Cybersecurity Concept Information Systems
207	Few-Shot Malware Detection Using A Novel Adversarial Reprogramming Model Kumar, Ekula Praveen January 2022 (has links) No description available. Computer Science Computer Engineering Information Technology malware malware detection few-shot cybersecurity machine learning adversarial reprogramming
208	Practical and Lightweight Defense Against Website Fingerprinting McGuan, Colman January 2022 (has links) No description available. Computer Science Censorship Cybersecurity Deep Learning Machine Learning Tor Website Fingerprinting
209	Towards Real-World Adversarial Examples in AI-Driven Cybersecurity Liu, Hao January 2022 (has links) No description available. Artificial Intelligence Adversarial Examples Adversarial Machine Learning Cybersecurity Encrypted Network Traffic Searchable Encryption Malware Detection
210	Cybersecurity of Maritime Communication Systems : Spoofing attacks against AIS and DSC Forsberg, Joakim January 2022 (has links) For a long time, ships have relied on navigators that could figure out their course andlocation based on seeing objects around them. However, this approach is limited to thenavigators’ ability, and with the increasing number of ships, this job becomes harder andharder. With these aspects in mind, the new system, the Automatic identification system(AIS), was created as a tool to help navigators to navigate and increase safety on the sea.AIS is an automatic identification system and is designed to send out information aboutthe vessel and its location. This thesis looks at the state of the art of Automatic identifica-tion systems and Digital selective calling systems to evaluate the security aspects of thesesystems. The thesis aims to investigate if these two systems are susceptible to spoofingattacks and what resources are required for creating successful attacks. Two experimentswere used to achieve this aim and answer the research questions. The first one was to eval-uate the Automatic identification system and test different spoofing attacks on that system.The second experiment was to test different spoofing attacks on the Digital selective callingsystem. Both of these experiments used two software-defined radios for the experiments.The experiment results show that some of the attacks tested on the systems were success-ful, and the attacks tested were successfully executed against the created system. Theseattacks were created and performed using two software-defined radios to send and receivemessages. To conclude, the two systems are susceptible to spoofing attacks. However, anattacker can gain the necessary information to create spoofing attacks on the systems, withvarying consequences and some limitations. Cybersecurity AIS DSC Spoofing Software Defined Radios Computer Sciences Datavetenskap (datalogi)

Search results