NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 2
  • 1
  • Tagged with
  • 4
  • 4
  • 4
  • 2
  • 2
  • 2
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 1 to 4 of 4 (0.1 seconds)

Spelling suggestions: "subject:"fcritical infrastructure security"" "subject:"3critical infrastructure security""

1

BotDet: a system for real time Botnet command and control traffic detection

Ghafir, Ibrahim, Prenosil, V., Hammoudeh, M., Baker, T., Jabbar, S., Khalid, S., Jaf, S. 24 January 2020 (has links)
Yes / Over the past decade, the digitization of services transformed the healthcare sector leading to a sharp rise in cybersecurity threats. Poor cybersecurity in the healthcare sector, coupled with high value of patient records attracted the attention of hackers. Sophisticated advanced persistent threats and malware have significantly contributed to increasing risks to the health sector. Many recent attacks are attributed to the spread of malicious software, e.g., ransomware or bot malware. Machines infected with bot malware can be used as tools for remote attack or even cryptomining. This paper presents a novel approach, called BotDet, for botnet Command and Control (C&C) traffic detection to defend against malware attacks in critical ultrastructure systems. There are two stages in the development of the proposed system: 1) we have developed four detection modules to detect different possible techniques used in botnet C&C communications and 2) we have designed a correlation framework to reduce the rate of false alarms raised by individual detection modules. Evaluation results show that BotDet balances the true positive rate and the false positive rate with 82.3% and 13.6%, respectively. Furthermore, it proves BotDet capability of real time detection.
Critical infrastructure security
Healthcare cyber attacks
Malware
Botnet
Command and control server
Intrusion detection system
Alert correlation
2

A Novel Approach to Determining Real-Time Risk Probabilities in Critical Infrastructure Industrial Control Systems

Elrod, Michael 01 January 2017 (has links)
Critical Infrastructure Industrial Control Systems are substantially different from their more common and ubiquitous information technology system counterparts. Industrial control systems, such as distributed control systems and supervisory control and data acquisition systems that are used for controlling the power grid, were not originally designed with security in mind. Geographically dispersed distribution, an unfortunate reliance on legacy systems and stringent availability requirements raise significant cybersecurity concerns regarding electric reliability while constricting the feasibility of many security controls. Recent North American Electric Reliability Corporation Critical Infrastructure Protection standards heavily emphasize cybersecurity concerns and specifically require entities to categorize and identify their Bulk Electric System cyber systems; and, have periodic vulnerability assessments performed on those systems. These concerns have produced an increase in the need for more Critical Infrastructure Industrial Control Systems specific cybersecurity research. Industry stakeholders have embraced the development of a large-scale test environment through the Department of Energy’s National Supervisory Control and Data Acquisition Test-bed program; however, few individuals have access to this program. This research developed a physical industrial control system test-bed on a smaller-scale that provided an environment for modeling a simulated critical infrastructure sector performing a set of automated processes for the purpose of exploring solutions and studying concepts related to compromising control systems by way of process-tampering through code exploitation, as well as, the ability to passively and subsequently identify any risks resulting from such an event. Relative to the specific step being performed within a production cycle, at a moment in time when sensory data samples were captured and analyzed, it was possible to determine the probability of a real-time risk to a mock Critical Infrastructure Industrial Control System by comparing the sample values to those derived from a previously established baseline. This research achieved such a goal by implementing a passive, spatial and task-based segregated sensor network, running in parallel to the active control system process for monitoring and detecting risk, and effectively identified a real-time risk probability within a Critical Infrastructure Industrial Control System Test-bed. The practicality of this research ranges from determining on-demand real-time risk probabilities during an automated process, to employing baseline monitoring techniques for discovering systems, or components thereof, exploited along the supply chain.
Critical Infrastructure Security
ICS
ICS test-bed
Industrial Control Systems
Parallel Risk Monitoring
Risk Assessment Methodology
Computer Sciences
3

Security threats to critical infrastructure: the human factor

Ghafir, Ibrahim, Saleem, J., Hammoudeh, M., Faour, H., Prenosil, V., Jaf, S., Jabbar, S., Baker, T. 24 January 2020 (has links)
Yes / In the twenty-first century, globalisation made corporate boundaries invisible and difficult to manage. This new macroeconomic transformation caused by globalisation introduced new challenges for critical infrastructure management. By replacing manual tasks with automated decision making and sophisticated technology, no doubt we feel much more secure than half a century ago. As the technological advancement takes root, so does the maturity of security threats. It is common that today’s critical infrastructures are operated by non-computer experts, e.g. nurses in health care, soldiers in military or firefighters in emergency services. In such challenging applications, protecting against insider attacks is often neither feasible nor economically possible, but these threats can be managed using suitable risk management strategies. Security technologies, e.g. firewalls, help protect data assets and computer systems against unauthorised entry. However, one area which is often largely ignored is the human factor of system security. Through social engineering techniques, malicious attackers are able to breach organisational security via people interactions. This paper presents a security awareness training framework, which can be used to train operators of critical infrastructure, on various social engineering security threats such as spear phishing, baiting, pretexting, among others.
Critical infrastructure security
Security awareness
Cyber security training
Work-based security training
4

Uma ferramenta de manipula??o de pacotes para an?lise de protocolos de redes industriais baseados em TCP/IP

Kobayashi, Tiago Hiroshi 07 June 2009 (has links)
Made available in DSpace on 2014-12-17T14:55:38Z (GMT). No. of bitstreams: 1 TiagoHK.pdf: 2636025 bytes, checksum: ce24354f7859d7a6bcea2ea448265402 (MD5) Previous issue date: 2009-06-07 / This work presents a packet manipulation tool developed to realize tests in industrial devices that implements TCP/IP-based communication protocols. The tool was developed in Python programming language, as a Scapy extension. This tool, named IndPM- Industrial Packet Manipulator, can realize vulnerability tests in devices of industrial networks, industrial protocol compliance tests, receive server replies and utilize the Python interpreter to build tests. The Modbus/TCP protocol was implemented as proof-of-concept. The DNP3 over TCP protocol was also implemented but tests could not be realized because of the lack of resources. The IndPM results with Modbus/TCP protocol show some implementation faults in a Programmable Logic Controller communication module frequently utilized in automation companies / Neste trabalho ? apresentada uma ferramenta de manipula??o de pacotes destinada ? realiza??o de testes em dispositivos que implementam protocolos de comunica??o baseados em TCP/IP utilizados em redes industriais. A ferramenta foi desenvolvida em linguagem de programa??o Python, como uma extens?o ao Scapy. Esta ferramenta, denominada IndPM - Industrial Packet Manipulator, permite testar os dispositivos presentes em redes industriais em rela??o a poss?veis vulnerabilidades, realizar testes de conformidade de protocolos, coletar respostas de servidores existentes nas redes e utilizar os recursos do interpretador Python para compor testes. Como prova de conceito, foi implementado o protocolo Modbus/TCP. O protocolo DNP3 sobre TCP tamb?m foi implementado, mas n?o foi testado por indisponibilidade de recursos. Os resultados dos testes obtidos com a manipula??o de pacotes Modbus/TCP mostram falhas de implementa??o em um m?dulo de comunica??o para um Controlador L?gico Program?vel bastante utilizado na ind?stria
Seguran?a em redes industriais
Modbus/TCP
DNP3 sobre TCP
Industrial network security
Critical infrastructure security
Industrial protocols compliance tests
Modbus/TCP
DNP3 over TCP
CNPQ::ENGENHARIAS::ENGENHARIA ELETRICA

Page generated in 0.115 seconds