Global ETD Search

231	A comparison between on-premise and cloud environments in terms of security : With an emphasis on Software-as-a-Service & Platform-as-a-Service Byström, Oliver January 2022 (has links) Background: Cloud- and on-premise environments have been compared in terms of security several times. Many of these comparisons based their assessments on qualitative data rather than quantitative metrics. Some recent articles have considered comparing environments by using quantitative data. These methodologies are often complicated and based on incident simulations that might not be relevant in a real-life scenario. Therefore it could be troublesome for a company to evaluate and compare two environments before deciding which environment they would prefer in terms of security. Before an environment migration, it is decisive to know if that environment has been a target for recent cyberattacks. Unfortunately, this data is not available to the public. Objectives: This study aims to provide the reader with an overview of the environmental aspects of the victims of recent cyberattacks. It will reveal what environment cybercriminals have targeted the most. The study will also propose a methodology to compare two environments to each other based on quantitative measurements. The measurements were based on cybersecurity metrics that quantified the threats in each environment. Methods: A structured literature- and dataset review was conducted to find how much each environment had been exposed to cybersecurity incidents. Several expert interviews were held to help explain the findings made in the reviews. A threat analysis was used as the foundation for the proposed comparison methodology. A case study of a recent environment migration was used to test the proposed comparison methodology. Results: The results show that on-premise environments have been more exposed to cybersecurity incidents during recent years than cloud environments. The proposed methodology showed that the cloud environment was the preferred choice in the conducted case study. Conclusions: In recent years, cloud environments have been the preferred choice in terms of security as long as the cloud consumer takes heed to best practices. There is a knowledge gap when it comes to cloud environments. It has been the same for both cloud consumers and cybercriminals. However, according to recent threat reports, cybercriminals have started to improve. Therefore there will likely be more cloud-related incidents in the future. It was determined that the proposed methodology could represent the security posture of each environment. However, a decision should not be based entirely on this methodology because it has not been tested on a large scale. / Bakgrund: Moln- och on-premise-miljöer har jämförts vad gäller säkerhet flera gånger. De flesta jämförelser baserade sina bedömningar på kvalitativ data snarare än kvantitativa mått. Några nya artiklar har jämfört miljöer med hjälp av kvantitativ data. Dessa metoder är ofta komplicerade och baserade på incidentsimuleringar som kanske inte är relevanta i ett verkligt scenario. Därför kan det vara besvärligt för ett företag att utvärdera och jämföra två miljöer innan de bestämmer sig för vilken miljö de skulle föredra vad gäller säkerhet. Innan en miljömigrering är det avgörande att veta om den miljön har varit ett mål för de senaste cyberattackerna. Tyvärr är denna information inte tillgänglig för allmänheten. Syfte: Denna studie syftar till att ge läsaren en översikt av miljöaspekterna hos offren för de senaste cyberattackerna. Det kommer att avslöja vilken miljö cyberkriminella har riktat sig mest mot. Studien kommer också att föreslå en metodik för att jämföra två miljöer med varandra baserat på kvantitativa mått. Mätningarna baserades på cybersäkerhetsmått som kvantifierade hoten i varje miljö. Metod: En strukturerad litteratur- och datasetgranskning genomfördes för att ta reda på hur mycket varje miljö har varit utsatt för cybersäkerhetsincidenter. Flera expertintervjuer hölls för att förklara resultaten som gjorts i granskningarna. En hotanalys genomfördes för att ge underlag för den föreslagna jämförelsemetodiken. Jämförelsemetoden testades i en fallstudie av en nyligen genomförd miljömigrering. Resultat: Resultaten visar att on-premise miljöer har varit mer utsatta för cybersäkerhetsincidenter under de senaste åren än molnmiljöer. Den föreslagna metoden visade att molnmiljön var det föredragna valet i den genomförda fallstudien. Slutsatser: Under de senaste åren har molnmiljöer varit det föredragna valet när det gäller säkerhet så länge som molnkonsumenten tar hänsyn till bästa praxis. Det finns en kunskapslucka när det kommer till molnmiljöer. Det har varit samma sak för både molnkonsumenter och cyberkriminella. Men enligt de senaste hotrapporterna har cyberkriminella börjat kommit ikapp. Därför kommer det troligen att finnas fler molnrelaterade incidenter i framtiden. Det fastställdes att den föreslagna metoden kunde representera säkerheten för varje miljö väl. Ett beslut bör dock inte baseras helt på denna metodik eftersom den inte har testats i stor skala. on-premise cloud comparison cybersecurity metric on-premise moln jämförelse cybersäkerhet mått Computer Sciences Datavetenskap (datalogi)
232	A DYNAMIC CYBER-BASED VIEW OF THE FIRM Schwartz, Tamara January 2019 (has links) Technology, perceived by many organizations to be a tool, has evolved from a set of tools, to a location in which many companies have located their key terrain through digitization. That location is cyberspace, an inherently compromised, hostile environment, marked by rapid change and intense competition. It is analogous to a dark alley lined with dumpsters and shadowy doorways with numerous people seeking to challenge organizational objectives. Despite the prevalence of digitization, which has transformed the organization from an anthropological manifestation to a cyborg construction, there does not currently exist a strategic view of the firm which explores the integration of the organization and cyberspace. This paper conceptualizes the Cyber-Based View of the Firm, a dynamic view designed to capture the complex interactions between people, technology, and data that enable cyberattack. A meta-analysis of current theory frames the research gap into which the Cyber-Based View fits. This meta-analysis, in conjunction with an exploratory case study of the Stuxnet attack, identified the need for physical mediation of the cognitive – informational interaction. Finally, the Cyber-Based View was used as a forensic tool to conduct a qualitative multi-case study. Using a failure autopsy approach, eight events were developed into case studies by examining, coding, and recombining the narratives within the qualitative data. A pattern matching technique was used to compare the empirical patterns of the case studies with the proposed patterns of the research construct, providing strong evidence of model validity. / Business Administration/Strategic Management Business Administration Information Technology Cyberattack Cyber-based View Cybersecurity Cyberthreat Hybrid Warfare
233	Praktisk analys av vilken skyddsförmåga VLAN har mot cyberattacker i nätverk / Practical analysis of the protective capability of VLAN against cyberattacks in networks Berglund, Anton, Ayoub, Yousif January 2024 (has links) Nätverkssäkerheten har blivit viktigare än någonsin med tanke på de allt mer sofistikeradecyberattackerna. Bristande nätverkssäkerhet kan leda till förödande konsekvenser såsomdataförluster, läckage av konfidentiella dokument eller total systemnedgång. Det är en allmänfakta mellan nätverksingenjörer att VLAN är en teknik för att höja säkerheten i nätverk genomatt segmentera det. Men hur effektivt kan det skydda mot verkliga cyberattacker? Det härarbetet bidrar till att öka kunskapen om vilken förmåga VLAN har för att skydda mot olikacyberattacker. I arbetet används programvaran GNS3 för att bygga två likadana nätverk där enaär segmenterat med VLAN och andra är inte segmenterat. Nätverken bestod av bland annat tvåklientdatorer där ena var offret med operativsystemet Windows 10 och andra var angriparenmed Kali Linux. I nätverken fanns även en switch och en router. Med hjälp av verktygenEttercap, Dsniff och Hping3 utfördes attackerna ARP spoofing, MAC flooding och Pingflooding. Syftet med detta är att jämföra attackernas skadeeffekt med och utan VLAN.Resultaten visade att VLAN-tekniken kunde mildra skadeeffekterna mot Ping flooding,blockera ARP spoofing, men hade ingen effekt mot MAC flooding-attacken. Slutsatsen vikunde dra av arbetet är att VLAN kan vara ett bra skydd mot vissa typer av attacker, men äringet skydd mot andra. Därför bör nätverksingenjörer inte förlita sig enbart på VLAN somsäkerhetsåtgärd för sina nätverk. / Network security has become more important than ever, given the increasingly sophisticatedcyberattacks. Lacking network security can lead to devastating consequences such as data loss,leakage of confidential documents, or complete system downtime. It is a well-known factbetween network engineers that VLANs is a technique to enhance network security bysegmenting it. But how effective can it be against real cyberattacks? This work contributes toincreasing the knowledge of VLAN ability to protect against various cyberattacks. In the study,the software GNS3 is used to build two identical networks where one is segmented with VLANand the other is not segmented. The networks consisted of among other things two clientcomputers where one acted as the victim with the Windows 10 operating system and the otheras the attacker with Kali Linux. The networks also included a switch and a router. Using thetools Ettercap, Dsniff, and Hping3, the attacks ARP spoofing, MAC flooding, and Ping floodingwere carried out. The purpose of this is to compare the impact of the attacks with and withoutVLAN. The results showed that the VLAN technique could mitigate the damage from Pingflooding, block ARP spoofing, but had no effect against the MAC flooding attack. Theconclusion we drew from the study is that VLAN can be a good protection against certain typesof attacks but are of no use against others. Therefore, network engineers should not rely solelyon VLAN as a security measure for their networks. VLAN Cybersecurity DOS MIM Computer Systems Datorsystem Communication Systems Kommunikationssystem Computer Engineering Datorteknik
234	Algorithms and Frameworks for Accelerating Security Applications on HPC Platforms Yu, Xiaodong 09 September 2019 (has links) Typical cybersecurity solutions emphasize on achieving defense functionalities. However, execution efficiency and scalability are equally important, especially for real-world deployment. Straightforward mappings of cybersecurity applications onto HPC platforms may significantly underutilize the HPC devices' capacities. On the other hand, the sophisticated implementations are quite difficult: they require both in-depth understandings of cybersecurity domain-specific characteristics and HPC architecture and system model. In our work, we investigate three sub-areas in cybersecurity, including mobile software security, network security, and system security. They have the following performance issues, respectively: 1) The flow- and context-sensitive static analysis for the large and complex Android APKs are incredibly time-consuming. Existing CPU-only frameworks/tools have to set a timeout threshold to cease the program analysis to trade the precision for performance. 2) Network intrusion detection systems (NIDS) use automata processing as its searching core and requires line-speed processing. However, achieving high-speed automata processing is exceptionally difficult in both algorithm and implementation aspects. 3) It is unclear how the cache configurations impact time-driven cache side-channel attacks' performance. This question remains open because it is difficult to conduct comparative measurement to study the impacts. In this dissertation, we demonstrate how application-specific characteristics can be leveraged to optimize implementations on various types of HPC for faster and more scalable cybersecurity executions. For example, we present a new GPU-assisted framework and a collection of optimization strategies for fast Android static data-flow analysis that achieve up to 128X speedups against the plain GPU implementation. For network intrusion detection systems (IDS), we design and implement an algorithm capable of eliminating the state explosion in out-of-order packet situations, which reduces up to 400X of the memory overhead. We also present tools for improving the usability of Micron's Automata Processor. To study the cache configurations' impact on time-driven cache side-channel attacks' performance, we design an approach to conducting comparative measurement. We propose a quantifiable success rate metric to measure the performance of time-driven cache attacks and utilize the GEM5 platform to emulate the configurable cache. / Doctor of Philosophy / Typical cybersecurity solutions emphasize on achieving defense functionalities. However, execution efficiency and scalability are equally important, especially for the real-world deployment. Straightforward mappings of applications onto High-Performance Computing (HPC) platforms may significantly underutilize the HPC devices’ capacities. In this dissertation, we demonstrate how application-specific characteristics can be leveraged to optimize various types of HPC executions for cybersecurity. We investigate several sub-areas, including mobile software security, network security, and system security. For example, we present a new GPU-assisted framework and a collection of optimization strategies for fast Android static data-flow analysis that achieve up to 128X speedups against the unoptimized GPU implementation. For network intrusion detection systems (IDS), we design and implement an algorithm capable of eliminating the state explosion in out-of-order packet situations, which reduces up to 400X of the memory overhead. We also present tools for improving the usability of HPC programming. To study the cache configurations’ impact on time-driven cache side-channel attacks’ performance, we design an approach to conducting comparative measurement. We propose a quantifiable success rate metric to measure the performance of time-driven cache attacks and utilize the GEM5 platform to emulate the configurable cache. Cybersecurity HPC GPU Intrusion Detection Automata Processor Android Program Analysis Cache Side-Channel Attack
235	SECURING THE FUTURE : Exploring Barriers to Sustainable Cybersecurity Practices Egelrud, Andrea, Holmgren, Johanna January 2024 (has links) Organizations are embracing technological solutions to improve efficiency; however, this also opens organizations to new threats. The rapid development of new technology, such as AI, combined with a changing threat landscape, puts organizations under pressure to adapt. Simultaneously, the EU has proposed a new directive that forces organizations to adopt stricter cybersecurity measures. This raises the question of how organizations can create sustainable cybersecurity practices that will ensure safety over time despite rapid changes in the environment. This has resulted in the following research question: What are the barriers to establishing sustainable cybersecurity practices? To answer this question, ten semi-structured interviews with experts in the cybersecurity field were conducted. Five barriers were identified: (1) barriers in cybersecurity activities, (2) barriers of existing resources, (3) barriers in the human factor, (4) technical barriers, and (5) external barriers, which contribute to bridging the gap between best practices established in research and issues that practitioners are facing. Further, it contributes to an understanding of the importance of a more holistic approach to cybersecurity measures contributing to previous research within the field of IS. Cybersecurity practices Awareness Readiness Competencies Information Systems, Social aspects
236	Trustworthy Embedded Computing for Cyber-Physical Control Lerner, Lee Wilmoth 20 February 2015 (has links) A cyber-physical controller (CPC) uses computing to control a physical process. Example CPCs can be found in self-driving automobiles, unmanned aerial vehicles, and other autonomous systems. They are also used in large-scale industrial control systems (ICSs) manufacturing and utility infrastructure. CPC operations rely on embedded systems having real-time, high-assurance interactions with physical processes. However, recent attacks like Stuxnet have demonstrated that CPC malware is not restricted to networks and general-purpose computers, rather embedded components are targeted as well. General-purpose computing and network approaches to security are failing to protect embedded controllers, which can have the direct effect of process disturbance or destruction. Moreover, as embedded systems increasingly grow in capability and find application in CPCs, embedded leaf node security is gaining priority. This work develops a root-of-trust design architecture, which provides process resilience to cyber attacks on, or from, embedded controllers: the Trustworthy Autonomic Interface Guardian Architecture (TAIGA). We define five trust requirements for building a fine-grained trusted computing component. TAIGA satisfies all requirements and addresses all classes of CPC attacks using an approach distinguished by adding resilience to the embedded controller, rather than seeking to prevent attacks from ever reaching the controller. TAIGA provides an on-chip, digital, security version of classic mechanical interlocks. This last line of defense monitors all of the communications of a controller using configurable or external hardware that is inaccessible to the controller processor. The interface controller is synthesized from C code, formally analyzed, and permits run-time checked, authenticated updates to certain system parameters but not code. TAIGA overrides any controller actions that are inconsistent with system specifications, including prediction and preemption of latent malwares attempts to disrupt system stability and safety. This material is based upon work supported by the National Science Foundation under Grant Number CNS-1222656. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation. We are grateful for donations from Xilinx, Inc. and support from the Georgia Tech Research Institute. / Ph. D. Trustworthy Computing Secure Computing Autonomic Computing Cybersecurity Embedded Systems Cyber-Physical Systems Process Control Systems
237	An Examination of the Audit Implications of Third-Party Risk Filosa, Jessica Rose 23 May 2024 (has links) Doctor of Philosophy / This study explores whether companies that engage in outsourcing suffer negative audit-related consequences. Outsourcing exposes companies to third-party risk, which is the risk associated with outsourcing IT systems and/or business operations to external companies. Publicly traded companies in the United States are required to file a financial report with the Securities and Exchange Commission each year that includes a discussion of significant risks the company faces. I use this disclosure to identify companies that reveal third-party risk as a major threat to their organization and use machine learning to develop a measure that distinguishes companies exposed to third-party risk from those that are not. Using this measure, I examine whether companies exposed to third-party risk arrangements are more likely to suffer from low quality internal controls, to experience a cybersecurity incident, or to pay higher fees to their external auditor. The results do not show an association between my measure of third-party risk and the likelihood that a company reports a problem with internal controls. However, I do find that companies exposed to third-party risk are more likely to experience a cybersecurity incident. Lastly, I find that companies exposed to third-party risk pay higher fees to their external auditors in the initial year that this risk appears in their annual report. Overall, these results provide initial empirical evidence on the existence and consequences of third-party risk. The findings may be of interest to accounting professionals and managers who are in the early stages of learning to identify and manage their third-party risk exposure. Regulators may also benefit from this study as they contemplate updating the auditing standards related to outsourcing. third-party risk outsourcing internal control cybersecurity audit fees operational efficiency
238	Verification of MAKE, a security protocol for LDACS : Modeling 'Mutual Authentication and Key Exchange' protocol in Tamarin Prover / Verifiering av säkerhetsprotokollet MAKE i Tamarin Prover Styfberg, Max, Odermalm, Josefin January 2024 (has links) This report presents an approach to reinforce the security of the L-band Digital Aeronautical Communications System (LDACS) by developing and testing an enhanced protocol model. We have created a protocol model of MAKE, Mutual authentication and Key Exchange, based on the paper "Enhancing Cybersecurity for LDACS: a Secure and Lightweight Mutual Authentication and Key Agreement Protocol" by Suleman Khan, Gurjot Singh Gaba, Andrei Gurtov, in which the research paper addresses the security challenges inherent in LDACS. Using the open-source tool Tamarin Prover, we analysed and simulated the protocol to evaluate its effectiveness against posing threats. In this paper, our methodology involves an understanding of the MAKE protocol's architecture, identifying vulnerabilities and modeling in Tamarin Prover, to strengthen the security of LDACS. We developed two models of the protocol. The test consisted of four different lemmas and revealed partial verification of the two models, but with different outcomes. Some aspects of the model were proven to be true. Therefore, further research needs to be done to successfully validate these lemmas to ensure the robustness and reliability of the analyzed security protocol, MAKE. Cybersecurity LDACS Tamarin-Prover MAKE Verification FCI Aviation Other Computer and Information Science Annan data- och informationsvetenskap
239	Multi-Cloud architecture attacks through Application Programming Interfaces Lander, Theodore Edward, Jr. 10 May 2024 (has links) (PDF) Multi-cloud applications are becoming a universal way for organizations to build and deploy systems. Multi-cloud systems are deployed across several different service providers, whether this is due to company mergers, budget concerns, or services provided with each provider. With the growing concerns of potential cyber attacks, security of multi-cloud is an important subject, especially within the communications between systems through Application Programming Interfaces (APIs). This thesis presents an in depth analysis of multi-cloud, looking at APIs and security, creates a mock architecture for a multi-cloud system, and executes a cyber attack on this architecture to demonstrate the catastrophic effects that could come of these systems if left unprotected. Finally, some solutions for security are discussed as well as the potential plan for more testing of cyber attacks in this realm
240	Designing value propositions by addressing cyber security in IoT devices : A case study of V2X / Konstruera värdeerbjudanden genom att adressera cybersäkerhet i IoT-enheter : En fallstudie av V2X Bellwood, Anton, Hjärtstam, Max January 2024 (has links) Purpose: This study aims to identify how OEM can design value propositions when addressing cybersecurity challenges. Currently there are no studies found that pinpoint the value that can be created regarding cybersecurity. Therefore, the purpose of this master thesis is to bridge cybersecurity and value proposition into a roadmap OEM can use to organize the activities required for mitigating cyberthreats, and thereby create value. Method: An abductive approach has been utilized in this thesis. The analysis was based on 15 interviews with industry experts and employees at the thesis company. Secondary data was gathered through a thorough literature review. To derive findings from the data collection, a thematic analysis was conducted. Findings: The findings resulted in 3 clusters, cybersecurity challenges, mitigation strategies and value proposition. From this, the value proposition for secure IoT devices framework was developed. The framework has three elements which is derived from the thematical clustering’s. Cybersecurity challenges, Value proposition design and core value dimensions. Theoretical contributions: We believe our thesis have three theoretical contributions. Firstly, it contributes to the literature on crafting value propositions for IoT products. Secondly, the report adds to the growing literature regarding V2X. Lastly, the thesis presents the fusion of the two first contributions, where value proposition and V2X works in continuum, thereby contributing to business and commercialisation aspect of V2X. Practical contributions: The practical contribution for the thesis is the framework which can be used as a managerial guide in designing value propositions for IoT devices. The framework brings together different strategies to address cybersecurity challenges, and the importance of collaborative value creation. The practical contributions also include the placement of cybersecurity within the kano model, which is important to keep in mind when creating value. Limitations and future research: The first limitation is that the data collection was mainly conducted with industry professionals specializing in cybersecurity, though not specifically within the automotive sector. This may have introduced some bias in the findings. Another limitation is that majority of end users don’t have general knowledge regarding cybersecurity, which led to the decision to not pursue interviews directly with end users. Consequently, there are no mitigation activities based on end user’s input. However, anticipating that awareness and perceptions on cybersecurity will intensify in the future, this presents an opportunity for future research. / Syfte: Denna studie syftar till att identifiera hur OEMs kan utforma värdeerbjudanden genom att adressera diverse cybersäkerhetsutmaningar. För närvarande finns det inga studier som undersöker det värde som kan skapas gällande cybersäkerhet. Syftet med denna uppsats är därför att integrera cybersäkerhet och värdeerbjudande i en färdplan som OEMs kan använda för att organisera de aktiviteter som krävs för att motverka cyberhot och därigenom skapa värde. Metod: I denna rapport har en abduktiv ansats använts. Analysen baserades på 15 intervjuer med branschexperter och anställda på exjobb-företaget. Sekundärdata samlades in genom en noggrann litteraturöversikt. För att analysera resultat från datainsamlingen genomfördes en tematisk analys som resulterade i tre huvudteman; Cybersäkerhetsutmaningar, förebyggande strategier och värdeerbjudande. Resultat: Studien resulterade i flera viktiga aspekter att ta i beaktning vid konstruerandet av värdeerbjudanden för säkra IoT-enheter. Utifrån våra resultat konstruerades ett ramverk som ämnas användas av OEMs vid utformning av värdeerbjudanden. Ramverket består av tre element som härstammar från de tematiska klustren. Cybersäkerhetsutmaningar, Värdeerbjudande design och kärnvärden. Teoretiska bidrag: Vi anser att vår studie har tre teoretiska bidrag. För det första bidrar den till litteraturen för att utforma värdeerbjudanden för IoT-enheter. För det andra bidrar rapporten till den växande litteraturen inom V2X. Slutligen presenterar studien fusionen av de två första bidragen, där värdeförslag och V2X fungerar i kontinuitet och därigenom bidrar till affärs- och kommersialiseringssidan av V2X. Praktiska bidrag: Det praktiska bidraget för studien är ramverket som kan användas som en ledningsguide vid utformningen av värdeerbjudanden för V2X och övriga IoT-enheter. Ramverket sammanför olika strategier för att hantera cybersäkerhetsutmaningar och betydelsen av samarbete vid värdeskapande. De praktiska bidragen inkluderar också placeringen av cybersäkerhet inom Kano-modellen, vilket är viktigt att ha i åtanke när värde ska skapas för IoT produkter. Begränsningar och vidare forskning: Det finns två huvudsakliga begränsningar i vår studie. För det första så utfördes datainsamlingen huvudsakligen med branschexperter som specialiserat sig på cybersäkerhet, även om inte specifikt inom V2X säkerhet. Detta kan ha introducerat viss partiskhet i resultaten. En annan begränsning är att majoriteten av slutanvändare saknar allmän kunskap om cybersäkerhet, vilket ledde till beslutet att inte genomföra intervjuer direkt med slutanvändare. Följaktligen finns det inga förebyggande aktiviteter baserade på slutanvändares input. Däremot, med tanke på att medvetenheten och uppfattningarna om cybersäkerhet förväntas öka i framtiden, utgör detta en möjlighet för framtida forskning. Nyckelord: Innovation; Värdeerbjudande; Cybersäkerhet, Internet of Things, V2X Innovation value proposition cybersecurity Internet of things v2x Information Systems Business Administration Företagsekonomi

Search results