Global ETD Search

1	A self-healing framework to combat cyber attacks : analysis and development of a self-healing mitigation framework against controlled malware attacks for enterprise networks Alhomoud, Adeeb M. January 2014 (has links) Cybercrime costs a total loss of about $338 billion annually which makes it one of the most profitable criminal activities in the world. Controlled malware (Botnet) is one of the most prominent tools used by cybercriminals to infect, compromise computer networks and steal important information. Infecting a computer is relatively easy nowadays with malware that propagates through social networking in addition to the traditional methods like SPAM messages and email attachments. In fact, more than 1/4 of all computers in the world are infected by malware which makes them viable for botnet use. This thesis proposes, implements and presents the Self-healing framework that takes inspiration from the human immune system. The designed self-healing framework utilises the key characteristics and attributes of the nature’s immune system to reverse botnet infections. It employs its main components to heal the infected nodes. If the healing process was not successful for any reason, it immediately removes the infected node from the Enterprise’s network to a quarantined network to avoid any further botnet propagation and alert the Administrators for human intervention. The designed self-healing framework was tested and validated using different experiments and the results show that it efficiently heals the infected workstations in an Enterprise network. 364.16
2	Systém prevence průniků využívající Raspberry Pi / Intrusion prevention system based on Raspberry Pi Hirš, David January 2021 (has links) The number of discovered vulnerabilities rapidly increases. For example in 2019 there were discovered 20 362 vulnerabilities. The probability of cyber-attacks realization is high. Therefore it is necessary to propose and implement automated and low-cost Intrusion Prevention or Intrusion Detection Systems (IPS/IDS). This implemetation can focus on home use or small corporate networks. The main goal of the system is to detect or mitigate cyber-attack impact as fast as possible. The master's thesis proposes IPS/IDS based on Raspberry Pi that can detect and prevent various cyber-attacks. Contents of this thesis are focus on description of cyber-attacks based on ISO/OSI model's Link and Network layers. Then there is description of IPS/IDS systems and theirs open source representatives. The practical part is focus on experimental workspace, hardware consumption of choosen detection systems, cyber-attacks scenarios and own implementation of detection program. Detection program is based on these chosen systems and puts them together to be easily manageable.
3	Increasing the Predictive Potential of Machine Learning Models for Enhancing Cybersecurity Ahsan, Mostofa Kamrul January 2021 (has links) Networks have an increasing influence on our modern life, making Cybersecurity an important field of research. Cybersecurity techniques mainly focus on antivirus software, firewalls and intrusion detection systems (IDSs), etc. These techniques protect networks from both internal and external attacks. This research is composed of three different essays. It highlights and improves the applications of machine learning techniques in the Cybersecurity domain. Since the feature size and observations of the cyber incident data are increasing with the growth of internet usage, conventional defense strategies against cyberattacks are getting invalid most of the time. On the other hand, the applications of machine learning tasks are getting better consistently to prevent cyber risks in a timely manner. For the last decade, machine learning and Cybersecurity have converged to enhance risk elimination. Since the cyber domain knowledge and adopting machine learning techniques do not align on the same page in the case of deployment of data-driven intelligent systems, there are inconsistencies where it is needed to bridge the gap. We have studied the most recent research works in this field and documented the most common issues regarding the implementation of machine learning algorithms in Cybersecurity. According to these findings, we have conducted research and experiments to improve the quality of service and security strength by discovering new approaches. artificial intelligence cyber attacks cybersecurity data science machine learning statistics
4	A New SCADA Dataset for Intrusion Detection System Research Turnipseed, Ian P 14 August 2015 (has links) Supervisory Control and Data Acquisition (SCADA) systems monitor and control industrial control systems in many industrials and economic sectors which are considered critical infrastructure. In the past, most SCADA systems were isolated from all other networks, but recently connections to corporate enterprise networks and the Internet have increased. Security concerns have risen from this new found connectivity. This thesis makes one primary contribution to researchers and industry. Two datasets have been introduced to support intrusion detection system research for SCADA systems. The datasets include network traffic captured on a gas pipeline SCADA system in Mississippi State University’s SCADA lab. IDS researchers lack a common framework to train and test proposed algorithms. This leads to an inability to properly compare IDS presented in literature and limits research progress. The datasets created for this thesis are available to be used to aid researchers in assessing the performance of SCADA IDS systems. cyber attacks machine learning IDS intrusion detection dataset SCADA
5	Analyzing Global Cyber Attack Correlates Through an Open Database Aiello, Brady Benjamin 01 June 2018 (has links) (PDF) As humanity becomes more reliant on digital storage and communication for every aspect of life, cyber attacks pose a growing threat. However, cyber attacks are generally understood as individual incidents reported in technological circles, sometimes tied to a particular vulnerability. They are not generally understood through the macroscopic lens of statistical analysis spanning years over several countries and sectors, leaving researchers largely ignorant of the larger trends and correlates between attacks. This is large part due to the lack of a coherent and open database of prominent attacks. Most data about cyber attacks has been captured using a repository of common vulnerabilities and exposures (CVE’s), and \honey pots", unsecured internet-connected devices which record attacks as they occur against them. These approaches help in the process of identifying vulnerabilities, but they do not capture the real world impact these attacks achieve. Therefore, in this thesis I create a database of 4,000 cyber attacks using a semi-open data source, and perform analytical queries on it to gather insights into how cyber attack volume varies among countries and sectors, and the correlates of cyber attack victims. From here, it is also possible to relate socio-economic data such as GDP and World Happiness Index to cyber attack volume. The end result is an open database of cyber attacks that allows researchers to understand the larger underlying forces which propel cyber attacks. cybersecurity cyber attacks socioeconomic political malware Information Security
6	A self-healing framework to combat cyber attacks. Analysis and development of a self-healing mitigation framework against controlled malware attacks for enterprise networks. Alhomoud, Adeeb M. January 2014 (has links) Cybercrime costs a total loss of about $338 billion annually which makes it one of the most profitable criminal activities in the world. Controlled malware (Botnet) is one of the most prominent tools used by cybercriminals to infect, compromise computer networks and steal important information. Infecting a computer is relatively easy nowadays with malware that propagates through social networking in addition to the traditional methods like SPAM messages and email attachments. In fact, more than 1/4 of all computers in the world are infected by malware which makes them viable for botnet use. This thesis proposes, implements and presents the Self-healing framework that takes inspiration from the human immune system. The designed self-healing framework utilises the key characteristics and attributes of the nature’s immune system to reverse botnet infections. It employs its main components to heal the infected nodes. If the healing process was not successful for any reason, it immediately removes the infected node from the Enterprise’s network to a quarantined network to avoid any further botnet propagation and alert the Administrators for human intervention. The designed self-healing framework was tested and validated using different experiments and the results show that it efficiently heals the infected workstations in an Enterprise network.
7	Evaluation of a Generator Networked Control System in the Presence of Cyberattacks Irwin, Robert January 2017 (has links) With the advancement of technology, there has been a push to transition from the conventional electric grid to a smart grid. A smart grid is an electric delivery system that uses technology such as electronic sensors and digital communication networks to improve the reliability, resilience, and efficiency of the system. The transition toward a smart grid has increased the importance of networked control systems (NCS), which are the infrastructure that allows sensors, actuators and controllers to exchange information via a digital communication network. The research presents the development of an islanded generator NCS, and a grid connected NCS, and the investigation of the effects of cyberattacks on the NCS. This research considers two types of cyberattacks, such as Denial-of-Service (DoS) attack, and false data injection in the generator control loop. DoS attacks greatly increase the rate of packet loss and the duration of packet delay in a network. A high degree of packet drop and delay degrade the performance of the controller, which causes problems in the synchronization of the generator with the rest of the grid. False data injection in the sensors alters the generator terminal voltage and power output, and can cause the generator to lose synchronism. A mathematical model of the generator NCS systems is developed which includes the data acquisition and network characteristics, as well as the generator dynamics. The stability analysis of each NCS is performed which provides a mathematical approach to understanding the severity of cyberattacks that the system can tolerate before becoming unstable. The performance of the controllers, with respect to voltage control, is experimentally evaluated. / Educational Psychology Electrical Engineering Cyber-attacks Microgrid Networked Control Sytems
8	Machine Learning for Botnet Detection: An Optimized Feature Selection Approach Lefoane, Moemedi, Ghafir, Ibrahim, Kabir, Sohag, Awan, Irfan U. 05 April 2022 (has links) Yes / Technological advancements have been evolving for so long, particularly Internet of Things (IoT) technology that has seen an increase in the number of connected devices surpass non IoT connections. It has unlocked a lot of potential across different organisational settings from healthcare, transportation, smart cities etc. Unfortunately, these advancements also mean that cybercriminals are constantly seeking new ways of exploiting vulnerabilities for malicious and illegal activities. IoT is a technology that presents a golden opportunity for botnet attacks that take advantage of a large number of IoT devices and use them to launch more powerful and sophisticated attacks such as Distributed Denial of Service (DDoS) attacks. This calls for more research geared towards the detection and mitigation of botnet attacks in IoT systems. This paper proposes a feature selection approach that identifies and removes less influential features as part of botnet attack detection method. The feature selection is based on the frequency of occurrence of the value counts in each of the features with respect to total instances. The effectiveness of the proposed approach is tested and evaluated on a standard IoT dataset. The results reveal that the proposed feature selection approach has improved the performance of the botnet attack detection method, in terms of True Positive Rate (TPR) and False Positive Rate (FPR). The proposed methodology provides 100% TPR, 0% FPR and 99.9976% F-score. Botnet detection Machine learning Cyber attacks Internet of Things Network security
9	The Defense Against the latest Cyber Espionage both insider and outsider attacks Nsambu, Emmanuel, Aziz, Danish January 2012 (has links) This study was carried out with the intention of examining the defensive mechanism employed against the latest cyber espionage methods including both insider and outsider attacks. The main focus of this study was on web servers as the targets of the cyber attacks. Information in connection to the study was obtained from researchers’ online articles. A survey was also conducted at MidSweden University in order to obtain information about the latest cyber attacks on web servers and about the existing defensive mechanism against such attacks. The existing defensive mechanism was surveyed and a simple design was created to assist in the investigation of the efficiency of the system. Some simple implementations of the existing defensive mechanism were made in order to provide some practical results that were used for the study. The existing defensive mechanism was surveyed and improved upon where possible. The improved defensive mechanism was designed and implemented and its results were compared with the results from the existing defensive mechanism. Due to the fact that the majority of the attackers use defensive mechanisms’ vulnerability in order to find their way into devices such as web servers, it was felt that, even with the most sophisticated improved defensive mechanism in place, it would not be entirely correct to claim that it is possible to fully protect web servers against such attacks. Cyber attacks Cyber Esionage Hackers SQL injection DDoS attack DoS attack
10	Cyber attacks & coercion in the digital era. : A qualitative case analysis of the North Korean cyber attack on Sony Pictures. Holm, Linnéa January 2017 (has links) The 2014 cyber attack on Sony Pictures Entertainment is an example of a disruptive event where a nation state utilized cyber tools in order to coerce a target into changing their course of action. Cyber attacks, something that might be perceived as a looming futuristic threat, became reality for Sony and its employees under the course of a few months in late 2014. The coercer’s attempt to change the behavior of the company eventually failed and North Korea who was attributed as coercer was imposed with new sanctions. This paper takes on the task of evaluating the Sony case against both the traditional theory of coercion and specific factors of cyber coercion in order to determine how the failure can be explained. The findings implicate that the failure can be explained by the traditional theory but needs to be complemented with the specifics of cyber coercion due to the difficulties in assessing the credibility of cyber attacks. Further studies are advised in the area of cyber coercion and a comparative approach would do particularly well in assessing causal explanations in a more comprehensive way. Cyber Attacks Sony North Korea Cyber Coercion Coercive Diplomacy Political Science Statsvetenskap

Search results