• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 6
  • 1
  • Tagged with
  • 7
  • 7
  • 5
  • 5
  • 4
  • 3
  • 3
  • 3
  • 3
  • 3
  • 2
  • 2
  • 2
  • 2
  • 2
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Representing attacks in a cyber range / Representation av attacker i en cyber range

Hätty, Niklas January 2019 (has links)
Trained security experts can be a mitigating factor to sophisticated cyberattacks that aim to violate the confidentiality, integrity, and availability of information. Reproducible sessions in a safe training environment is an effective way of increasing the excellence of security experts. One approach to achieving this is by using cyber ranges, which essentially is a set of hardware nodes that can virtually represent a large organization or system. The Swedish Defense Research Agency (FOI) develops and maintains a fully functioning cyber range and has the ability to automatically deploy sophisticated attacks against organizations and systems represented in this cyber range through a system called SVED. In this thesis, the capability to deploy different types of cyberattacks through SVED against virtual organizations in a cyber range, CRATE, is investigated. This is done by building a dataset of publicly disclosed security incidents from a database and attempting to represent each of them in SVED, and subsequently instantiating these attack representations against organizations in CRATE. The results show that the prevalence of at least one CVE-entry (Common Vulnerabilities and Exposures) in the incident description is a key factor to be able to represent an attack in SVED. When such an entry does exist, SVED is likely able to implement a representation of the attack. However, for certain type of attacks a CVE-entry is not enough to determine how an attack was carried out, which is why some attacks are harder to implement in SVED. This was the case for Denial of Service (DoS) attacks, which are too reliant on infrastructure rather than one or more vulnerabilities, and SQL injections, which are more reliant on the implementation of database access. Finally, CRATE is able to handle almost all attacks implemented in SVED, given that the correct vulnerable application software is installed on at least one machine in one of the organizations in CRATE.
2

Virtualizace energetické infrastruktury / Virtualization of energy infrastructure

Hraboš, Šimon January 2021 (has links)
This work describes the virtualization process, virtualization tools and virtualization automation. The work also deals with the description of energy infrastructure, KYPO cyber range platform and DLMS/COSEM protocol used in energy. The practical part deals with the virtualization of energy infrastructure using OpenStack and KYPO cyber range platforms. A virtual environment was created using Vagrant application. The OpenStack and KYPO cyber range platforms were subsequently installed in this environment. Next, a sandbox definition was created. The sandbox definition creates a scenario with an energy infrastructure using KYPO platform. The functionality of the energy infrastructure was verified using the Gurux DLMS library.
3

Design of Mobility Cyber Range and Vision-Based Adversarial Attacks on Camera Sensors in Autonomous Vehicles

Ramayee, Harish Asokan January 2021 (has links)
No description available.
4

Monitoring of Cyber Security Exercise Environments in Cyber Ranges : with an implementation for CRATE / Övervakning av spelmiljöer i cyberanläggningar : med en implementation för CRATE

Sjöstedt, Matildha January 2021 (has links)
In a world where much of society is dependent on digital infrastructure, various cyber threats can pose a great risk to businesses, critical infrastructure and potentially entire nations. For this reason, research and education as well as the preparation of strategies,  training of personnel etc., is imperative. Cyber ranges can provide ''safe environments'' in which for example cyber security exercises and experiments can be conducted. While easier to deploy and configure than ''real'' infrastructures, monitoring of such environments during ongoing exercises/experiments poses a number of challenges. During this thesis work, the question of what types of data and information could be relevant to provide in a monitoring system for this context was investigated, with regard to aspects such as providing technical support or gaining situational awareness during exercises. Results gained from a survey with participants from relevant organizations, contributed greatly to this question. The survey and literature study also provided insights into challenges and potential problems of developing and running such monitoring. CRATE is a cyber range developed and maintained by the Swedish Defence Research Agency (FOI). In this thesis work, some of the challenges and potential problems found are tackled with a suggested design and an implemented monitoring system prototype for CRATE. Apart from providing functionality to retrieve information about accounts and privileges as well as status of services, the design of the prototype also lays the foundation for a flexible and extensible monitoring system -- fully adapted for use within a cyber range. With cyber exercises becoming both more prevalent and extensive, the need for capable monitoring of exercise environments will naturally arise. While the developed prototype may facilitate future cyber exercises/experiments in CRATE, the results of this thesis work are also ready to be used as a source of inspiration for other cyber range operators.
5

Automating software installation for cyber security research and testing public exploits in CRATE / Att automatisera mjukvaruinstallationer för cybersäkerhetsforskning och testandet av publika angreppskoder i CRATE

Kahlström, Joakim, Hedlin, Johan January 2021 (has links)
As cyber attacks are an ever-increasing threat to many organizations, the need for controlled environments where cyber security defenses can be tested against real-world attacks is increasing. These environments, called cyber ranges, exist across the world for both military and academic purposes of various scales. As the function of a cyber range involves having a set of computers, virtual or physical, that can be configured to replicate a corporate network or an industrial control system, having an automated method of configuring these can streamline the process of performing different exercises. This thesis aims to provide a proof of concept of how the installation of software with known vulnerabilities can be performed and examines if the software is vulnerable directly after installation. The Cyber Range And Training Environment (CRATE) developed by the Swedish Defence Research Agency (FOI) is used as a testbed for the installations and FOI-provided tools are used for launching automated attacks against the installed software. The results show that installations can be performed without Internet access and with minimal network traffic being generated and that our solution can rewrite existing software packages from the package manager Chocolatey to work with an on-premises repository with an 85% success rate. It is also shown that very few publicly available exploits succeed without any manual configuration of either the exploit or the targeted software. Our work contributes to making it easier to set up environments where cyber security research and training can be conducted by simplifying the process of installing vulnerable applications.
6

An Attribution Method for Alerts in an Educational Cyber Range based on Graph Database

Wang, Yang January 2023 (has links)
Finding the source of events in a network is a critical problem in network security, and this process is called network attribution. This thesis develops a system to attribute alerts from the cyber range of the Ethical Hacking Course at KTH to students. The cyber range is an essential component of the Ethical Hacking course. It provides a platform for students to practice their hacking knowledge and skills while recording their actions for research or course purposes. To use the alerts generated by the cyber range to study student behavior, it is necessary to find which student triggered the alert. In this thesis, the system uses a method based on a graph database to attribute alerts to students. The system designed in this thesis use the log data recorded by the cyber range to create nodes and relationships and use the data related to the traffic between hosts to attribute the traffic. After the attribution is complete, the system uses the attributed student traffic to reconstruct the path from the student to the host that captured the alert. If the path from the student to the host is successfully constructed, the attribution of the alert is considered successful. In the end, the system was able to attribute 94% of the student traffic. Using the student traffic that is successfully attributed, the system can attribute 79.75% of the bad-samba alerts to students and build the path from the student to the host. The system designed in this thesis is helpful for understanding and managing the students’ hacking behavior in the cyber range of the Ethical Hacking course. / Att hitta källan till händelser i ett nätverk är ett kritiskt problem inom nätverkssäkerhet och denna process kallas för nätverksattribuering. Denna avhandling utvecklar ett system för att attribuera varningar från cyberrummet i kursen Etisk Hacking på KTH till studenter. Cyberrummet är en viktig komponent i Etisk Hacking-kursen och det ger en plattform för studenter att öva på sina hackningskunskaper och färdigheter samtidigt som deras handlingar spelas in för forsknings- eller kursändamål. För att använda de varningar som genereras av cyberrummet för att studera studenters beteende är det nödvändigt att hitta vilken student som utlöste varningen. I denna avhandling använder systemet en metod baserad på en grafisk databas för att attribuera varningar till studenter. Vi använder loggdata som registreras av cyberrummet för att skapa noder och relationer och använder data relaterade till trafiken mellan värdar för att attribuera trafiken. Efter att attribueringen är klar använder systemet den attribuerade studenttrafiken för att återkonstruera vägen från studenten till värdet som fångade varningen. Om vägen från studenten till värdet framgångsrikt konstrueras anses attribueringen av varningen vara lyckad. I slutändan kunde systemet attribuera 94% av studenttrafiken. Genom att använda den studenttrafik som framgångsrikt attribueras kan systemet attribuera 79,75% av de dåliga-samba varningarna till studenter och bygga vägen från studenten till värdet. Systemet som designats i denna avhandling är till hjälp för att förstå och hantera studenters hackningsbeteende i cyberrummet i kursen Etisk Hacking.
7

Strengthening Cyber Defense : A Comparative Study of Smart Home Infrastructure for Penetration Testing and National Cyber Ranges / Stärkning av cyberförsvar : En jämförande studie av smarta heminfrastrukturer för penetrationstestning och nationella cyberanläggningar

Shamaya, Nina, Tarcheh, Gergo January 2024 (has links)
This thesis addresses the critical issue of security vulnerabilities within the Internet of Things (IoT) ecosystem, with a particular emphasis on everyday devices such as refrigerators, vacuum cleaners, and cameras. The widespread adoption of IoT devices across various sectors has raised significant concerns regarding their security, underscoring the need for more effective penetration testing methods to mitigate potential cyberattacks. In response to this need, the first part of this thesis presents an approach to creating a penetration testing environment specifically tailored for IoT devices. Unlike existing studies that primarily focus on isolated or specific device testing, this work integrates various common household IoT appliances into a single testbed, enabling the testing of a complex system. This setup not only reflects a more realistic usage scenario but also allows for a comprehensive analysis of network traffic and interactions between different devices, thereby potentially identifying new, complex security vulnerabilities. The second part of the thesis undertakes a comparative study of cyber range infrastructures and architectures, an area relatively unexplored in existing literature. This study aims to provide nuanced insights and practical recommendations for developing robust, scalable cyber range infrastructures at a national level. By examining different frameworks, this research contributes to the foundational knowledge necessary for advancing national cybersecurity defenses. Overall, the findings from this research aim to contribute to improving IoT security and guiding the development of robust national cyber range frameworks. / Denna avhandling tar upp de säkerhetsbrister som finns inom det ekosystem som omfattar Internet of Things (IoT) enheter, med särskilt fokus på vardagliga apparater som kylskåp, dammsugare och kameror. Den stora spridningen av IoT-enheter inom olika sektorer har väckt många säkerhetsfrågor, vilka betonar behovet av effektivare metoder för penetrationstestning för att förhindra möjliga cyberattacker. För att möta detta behov presenterar den första delen av avhandlingen en metod för att skapa en penetrationstestningsmiljö särskilt anpassad för IoT-enheter. Till skillnad från tidigare studier, vilka främst fokuserar på enskilda eller specifika enhetstestningar, kombinerar detta arbete olika hushållsapparater i en enda testbädd, vilket möjliggör testningen av ett komplext system. Detta upplägg speglar inte bara en mer realistisk användningssituation, utan tillåter också en mer omfattande analys av nätverkstrafik och interaktioner mellan olika enheter, vilket potentiellt kan identifiera nya, komplexa säkerhetsbrister. Den andra delen av avhandlingen genomför en jämförande studie av cyberanläggningars infrastrukturer och arkitekturer, ett område som är relativt outforskat i befintlig litteratur. Denna studie syftar till att ge insikter och praktiska rekommendationer för att utveckla robusta, skalbara infrastrukturer för cyberanläggningar på nationell nivå. Genom att undersöka olika ramverk bidrar denna forskning till den grundläggande kunskap som behövs för att förbättra nationella cybersäkerhetsförsvar. Sammanfattningsvis syftar resultaten från denna forskning till att förbättra IoT-säkerheten och vägleda utvecklingen av robusta nationella ramverk för cyberanläggningar.

Page generated in 0.0597 seconds