The Defense Against the latest Cyber Espionage both insider and outsider attacks

Nsambu, Emmanuel, Aziz, Danish

January 2012

This study was carried out with the intention of examining the defensive mechanism employed against the latest cyber espionage methods including both insider and outsider attacks. The main focus of this study was on web servers as the targets of the cyber attacks. Information in connection to the study was obtained from researchers’ online articles. A survey was also conducted at MidSweden University in order to obtain information about the latest cyber attacks on web servers and about the existing defensive mechanism against such attacks. The existing defensive mechanism was surveyed and a simple design was created to assist in the investigation of the efficiency of the system. Some simple implementations of the existing defensive mechanism were made in order to provide some practical results that were used for the study. The existing defensive mechanism was surveyed and improved upon where possible. The improved defensive mechanism was designed and implemented and its results were compared with the results from the existing defensive mechanism. Due to the fact that the majority of the attackers use defensive mechanisms’ vulnerability in order to find their way into devices such as web servers, it was felt that, even with the most sophisticated improved defensive mechanism in place, it would not be entirely correct to claim that it is possible to fully protect web servers against such attacks.

Cyber attacks

Cyber Esionage

Hackers

SQL injection

DDoS attack

DoS attack

On Line Behavior Of Using Cyber Coffee : A Case Study For The User Of Cyber Coffee in Kaohsiung

Chang, Joseph

08 July 2002

Abstract Most of people were introduced that cyber coffee shop equivalent to electrical game shop, and electrical game shop was regard as gambling place. Therefore , cyber coffee shop was misinterpreted to gambling place before. Meanwhile , people who merely know the addiction of cyber coffee shop , but do not try to know the reason why people have such addiction. The young people like to stay at cyber coffee shop where has not only hi-end facility but also good partnership can be found there. Especially , for some people who can escape from parent¡¦s or others interruptions and enjoy themselves while they stay at the cyber coffee shop. After reviewing the previous literatures, we adopt to do the case study from the point of view of schoolwork , relationship and filiation. In principle , we focus on studying the user¡¦s on line behavior of cyber coffee shop in Kaohsiung. Finally we found that the young students are major users of cyber coffee shop in Kaohsiung , and they express that they can well handle the schoolwork. Even though they are good users who have better intelligence , we still worry them will be affected by poor circumstance and play with highly potential risk if the owners of cyber coffee shop have not well management. It worthy to think how to well manage the discipline of cyber coffee shop by responsible education department of government after concluded some guideline through this study.

Cyber Coffee Shop

On Line Behavior

the entrepreneurship model of mask in dot-com era

Tsao, Fang-Chen

14 July 2008

Due to the renewing technologies and the rapid growing of the electronic transaction, the market share of the industry of mask in Taiwan is getting greater in the skin care products market. The products that sold in different channels make the effects to consumers¡¦ tastes. The progressing of internet technologies make the industry of mask in Taiwan growing lager and arrestive. This study discusses the evolvement of mask industry in Taiwan, which makes consumers increasing with products¡¦ low price and prevailing internet auctions. The market of mask expands while the numbers of companies and brands which manufacture facial masks raise rapidly. Further, the technologies applied on the process of manufacturing facial masks develop drastically. The outcomes of the trend for skin care brought about by low-price mask not only show on sales but also the business models via net. This study wants to help entrepreneurs to realize how to start their business through such researches on the models of facial masks¡¦ sales via net. Within the cosmetics industry, no matter the brands initiated by cosmetologist, the brands started by state-operated business, or the brands created by the general public, they will work on the promotion of mask, even to make mask become the hit products. Meanwhile, the products belonging to own-built brands show a great result on sales. From the viewpoint of entrepreneurship on mask, the cyber commerce market in Taiwan evolves for the traits of the infinity of the net. The chances to start businesses are generated while the consumer market expands. This study talks about making use the internet platform as the new trading channel. Further, this study focuses on seeing if such business model via net on facial masks could be a trend of entrepreneurship. In the end, this study wants to provide those who want to start their business on cosmetics via net some reference to initiate their operations.

entrepreneurship

mask

cyber commerce market

Hacking for peace: the case for cyber coercion

Kemmer, Tara A.

15 September 2021

Are cyber capabilities a useful method for coercive diplomacy? If so, what conditions favor successful cyber coercion to produce a desired victim response? This research explores how cyber coercion can be used as a tool of statecraft to change an adversary’s behavior and examines two cases over three temporal values. Examining the two cases of North Korea versus Sony and Russia versus Estonia illustrates practical lessons about the constraints and abilities of the employment of cyber coercion as well as how victim responses operate on a spectrum and can change over time. In examining George’s seven factors that favor coercive diplomacy and applying them to these cases, this research reveals four additional factors that ought to be included when addressing the dynamics that contribute to a victim changing their behavior in response to cyber coercion. The difference between a low-level attack (e.g. web defacement) compared with a high-level attack (e.g. paralyzing backbone servers) communicates two vastly different levels of threat to a victim and incurs extremely different costs for the victim. These technical aspects of cyber statecraft and their ramifications for cyber coercion are not covered by George’s earlier works on coercive diplomacy, as few people in the 1990s were even considering cyber as a threat landscape. This research does not provide one generalizable theory of how to conduct cyber coercion; rather, it provides a Utilitarian theory that identifies additional factors that favor cyber coercion and contributes to a conditional generalization. Further, it introduces the idea of examining this change in behavior over time to properly assess the impact of cyber coercion on the totality of the victim’s behavior. Extending the time intervals reveals additional critical data necessary to fully analyze the nature of a cyber coercion dyad. Finally, it provides a hybrid method to attain attribution by fusing social science methodology with cybersecurity techniques. Together, this data and method serve to correct the conventional wisdom on two influential cases; this research traces the process that proves why a correction for each case is warranted; and, it shows how the choices an aggressor makes in its cyber coercive strategy can result in different outcomes for the victims.

International relations

Coercion

Cyber

Hacking

How do the Baltic States bolster their national resilience through cyber security? / Cybersecurity and national resilience in Estonia

Nicol, Cameron

January 2018

This thesis is an attempt to analyse the relationship between the increasingly popular concept of national resilience and cybersecurity. National resilience is a concept that has permeated the security and policy making realms in recent times. This relationship is examined by using the Baltic nation of Estonia as a model due to the nation being regarded as the 'most digitally advanced in the world'. The main objective of the thesis is to investigate the relationship between cybersecurity and national resilience and discuss the implications of this relationship in the wider security context. The thesis begins by establishing if a nexus exists between the concept of national resilience and cybersecurity. In order to better understand the potential impact cyber security could have on a nation's resilience, it is important to establish the relationship between the two concepts. After the nexus is successfully established, the thesis then charts the development of the concept of resilience within the Estonian national security documents. The aim of this exercise is to demonstrate how the concept of resilience has been transformed over the years within an Estonian context while comparing its trajectory to the wider global trend of the concept. The research technique of content analysis is utilised to...

Používání kybernetických útoků proti Íránu jako nástroj hybridní války / Cyber Attacks against Iran as Instruments of Hybrid Warfare

Utinková, Hana

January 2021

Cyber security is quickly becoming one of the most important issues in the field of global politics. For this reason, it is vital to pay attention to topics in this field since they can impact international relations in a major way. Inspired by this, the thesis is focused on analysis, characterization, and categorization of cyber-attacks, which had been aimed at the Islamic Republic of Iran since 2007. The goal of the thesis is dual: to provide a complex picture of such incidents, and also to decide whether those attacks can be considered as evidence of hybrid warfare of some states against Iran. Data and reports about cyber-attacks were analyzed using AVOIDIT taxonomy in order to outline their basic characteristics. The characteristics were then contrasted with the definition of hybrid warfare. The final result of the analysis is that the cyber-attacks against Iran cannot be considered as hybrid warfare, because they do not meet the basic tenets of the concept of hybrid warfare. The aspiration of the thesis is to provide a clearer insight into the topic of cyber- attacks and global politics and can serve as a guide for future discussions since the topic of hybrid warfare has become very divisive.

cyber security; hybrid warfare; Iran

A Virtualized Scada Laboratory for Research and Teaching

Thornton, Joseph Zachary

09 May 2015

This thesis describes a virtual Supervisory Control and Data Acquisition (SCADA) laboratory. This virtual laboratory was built using virtual devices that simulate industrial processes, emulate control system ladder logic functionality, and utilize control system communication protocols. Human machine interfaces (HMIs) were developed for distribution and testing, and commercially available HMIs were implemented. In addition to virtual devices and HMIs, attacks were implemented against this virtual system. Uses for this laboratory include both SCADA security research and pedagogy. The laboratory serves research purposes, as it utilizes industry standard SCADA communication protocols as well as commercial HMIs, and is capable of interfacing with physical SCADA equipment, and is also capable of producing volumes of industrial control system traffic. It also serves pedagogical purposes as several laboratory exercises were developed in conjunction with the simulators to demonstrate the workings of cyber-physical security in a classroom environment.

SCADA

Cyber-Security

Virtual

Laboratory

Establishment of a Cyber-Physical Systems (CPS) Test Bed to Explore Traffic Collision Avoidance System (TCAS) Vulnerabilities to Cyber Attacks

Graziano, Timothy Michael

10 August 2021

Traffic Collision Avoidance Systems (TCAS) are safety-critical, unauthenticated, ranging systems required in commercial aircraft. Previous work has proposed TCAS vulnerabilities to attacks from malicious actors with low cost software defined radios (SDR) and inexpensive open-source software (GNU radio) where spoofing TCAS radio signals in now possible. This paper outlines a proposed threat model for several TCAS vulnerabilities from an adversarial perspective. Periodic and aperiodic attack models are explored as possible low latency solutions to spoof TCAS range estimation. A TCAS test bed is established with commercial avionics to demonstrate the efficacy of proposed vulnerabilities. SDRs and Vector Waveform Generators (VWGs) are used to achieve desired latency. Sensor inputs to the TCAS system are spoofed with micro-controllers. These include Radar Altimeter, Barometric Altimeter, and Air Data Computer (ADC) heading and attitude information transmitted by Aeronautical Radio INC (ARINC) 429 encoding protocol. TCAS spoofing is attempted against the test bed and analysis conducted on the timing results and test bed performance indicators. The threat model is analyzed qualitatively and quantitatively. / Master of Science / Traffic Collision Avoidance Systems (TCAS), or Airborne Collision Avoidance Systems ACAS), are safety-critical systems required by the Federal Aviation Administration (FAA) in commercial aircraft. They work by sending queries to surrounding aircraft in the form of radio transmission. Aircraft in the who receive these transmissions send replies. Information in these replies allow the TCAS system to determine if a nearby aircraft may travel too close to itself. TCAS can then determine help both pilots avoid a mid-air collision. Information in the messages can be faked by a malicious actor. To explore these vulnerabilities a test bed is built with commercial grade TCAS equipment. Several types of attacks are evaluated.

Cyber-Physical Systems

Avionics

Security

Cyber-Physical Security for Advanced Manufacturing

Desmit, Zachary James

16 January 2018

The increased growth of cyber-physical systems, controlling multiple production processes within the manufacturing industry, has led to an industry susceptible to cyber-physical attacks. Differing from traditional cyber-attacks in their ability to alter the physical world, cyber-physical attacks have been increasing in number since the early 2000's. To combat and ultimately prevent the malicious intent of such attacks, the field of cyber-physical security was launched. Cyber-physical security efforts can be seen across many industries that employ cyber-physical systems but little work has been done to secure manufacturing systems. Through the completion of four research objectives, this work provides the foundation necessary to begin securing manufacturing systems from cyber-physical attacks. First, this work is motivated through the systematic review of literature surrounding the topic. This objective not only identifies and highlights the need for research efforts within the manufacturing industry, but also defines the research field. Second, a framework is developed to identify cyber-physical vulnerabilities within manufacturing systems. The framework is further developed into a tool allowing manufacturers to more easily identify the vulnerabilities that exist within their manufacturing systems. This tool will allow a manufacturer to utilize the developed framework and begin the steps necessary to secure the manufacturing industry. Finally, game theoretic models is applied to cyber-physical security in manufacturing to model the interactions between adversaries and defenders. The results of this work provide the manufacturing industry with the tools and motivation necessary to begin securing manufacturing facilities from malicious cyber-physical attacks and create a more resilient industry. / PHD / Cyber-physical attacks and cyber-physical security differ from traditional cyber-only incidents in their ability to alter the physical world, cyber-physical attacks have been increasing in number since the early 2000’s. To combat and ultimately prevent the malicious intent of such attacks, the field of cyber-physical security was launched. Cyber-physical security efforts can be seen across many industries that employ cyber-physical systems but little work has been done to secure manufacturing systems. Through the completion of four research objectives, this work provides the foundation necessary to secure manufacturing systems from cyber-physical attacks. First, this work is motivated through the systematic review of literature surrounding the topic. This objective not only identifies and highlights the need for research efforts within the manufacturing industry, but also defines the research field. Second, a framework is developed to identify cyber-physical vulnerabilities within manufacturing systems. The framework is further developed into a tool allowing manufacturers to more easily identify the vulnerabilities that exist within their manufacturing systems. This tool will allow a manufacturer to utilize the developed framework and begin the steps necessary to secure the manufacturing industry. Finally, game theoretic models is applied to cyber-physical security in manufacturing to model the interactions between adversaries and defenders. The results of this work provide the manufacturing industry with the tools and motivation necessary to begin securing manufacturing facilities from malicious cyber-physical attacks and create a more resilient industry.

Cyber-physical

Industry4.0

Advanced Manufacturing

Security Weaknesses of the Android Advertising Ecosystem

Tate, Jeremy

27 January 2015

Mobile device security is becoming increasingly important as the number of devices that are used continues to grow and has surpassed one billion active devices globally. In this thesis, we will investigate the security of Android ad supported apps, security vulnerabilities that have been identified in the way those ads are delivered to the device and improvements that can be made to protect the privacy of the end user. To do this, we will discuss the Android architecture and the ecosystems of apps and ads on those devices. To better understand the threats to mobile devices, a threat analysis will be conducted, investigating the different attack vectors that devices are susceptible to. This will also include a survey of existing work that has been conducted within the realm of Android security and web based exploits. The specific attacks that are detailed in this research are addJavascriptInterface attacks against a WebView used to display an ad and information leakage from the ad URL request. These attack vectors are discussed in detail with applicability and feasibility studies conducted. The results of these attacks will be analyzed with a discussion of the methodology used to obtain them. In order to combat such attacks, there will also be discussion of potential solutions to mitigate the threats of attack from a variety of angles, to include steps that users can take to protect themselves as well as changes that should be made to the Android operating system itself. / Master of Science

Android

Cyber Security

Advertising Network