Technologie 5G: Posouzení hrozeb a rizik implementace / The 5G Technology Nexus: Assessing Threats and Risks of Implementation

La Rosa, Giampaolo

January 2021

The new 5G technology, next generation of telecommunication and mobile network, is all around the world in course of inspection and inquiry for its astonishing novelty, from new services to functions and scalability. However, every technology brings alongside new possibilities and new threats scenarios, especially in this case where the impact on the present network is promised to be massive, with brand new features allowed by 5G, like Internet of Things, widespread virtualization and huge leap forward in rapidity and capability of the mobile transmission. An increase in the network surface, considered as more connections, more devices connected and more traffic load of data, will expand also the possible entry point and fault exploitable by a malevolent actor, raising common concern about the technology. The deployment of such a technology on European soil, especially in some states of the Union, caused uproar and critics primarily in the security field. Following a global trend, but also leading a best practice approach, the EU developed a series of mechanisms and agencies that are challenged to oversees the gradual shift from old 4G LTE to 5G. In this paper a Critical Information Infrastructure Protection (CIIP) framework is used to analyse the criticalities of the new technology. Definition of...

Optimizing Production System Maintenance Policies when Cyber Threats are Considered

Ta, Anh V

08 1900

In a production environment, physical and cyber-related failures become unavoidable because of the complexity of highly connected manufacturing systems and a finite equipment life cycle. The main purpose of this thesis is to investigate optimal maintenance outsourcing and replacement policies in the presence of cyber-threats, as well as policies to achieve channel coordination via cost subsidization. Although well-developed maintenance outsourcing literature has addressed many advanced and trending issues such as the costs and benefits of new technology adoptions, learning effects, forgetting effects, and systems with back-up machines, no study has looked at the effect of cyber threats on connected production systems. Besides filling this gap, this thesis addresses the most common replacement policies including preventive maintenance with minimal repairs and age replacement. The advent of the Internet of Things (IoT) has enabled the creation of "smart" manufacturing systems, However the resulting connected format makes these systems potential targets for cyber-attacks. Manufacturers have to face a difficult decision as to whether they should adopt costly security technologies or let the manufacturing systems be vulnerable to cyber-threats. This study develops a model addressing this dilemma by providing some insights into the effects of cost subsidization and installation of security systems on the system profit. Our findings suggest that a manufacturer can trade off cost subsidization to gain flexibility in the maintenance decision-making process. The study also provides evidence that, for a "smart" manufacturing system, the existence of a security system guarantees at least a marginal increase in system profit. With the help of an extensive numerical study, we provide guidelines for optimizing system profit and addressing the effect of various model parameters (such as a monetary parameter, failure rate and a cyber-attack related parameter) on the value of a security system.In the second part of this thesis, we build analytical models to deal with cyber-threats in the context of a production system that utilizes the age replacement policy. We propose two different scenarios involving cyber-threats. First, cyber-attacks do not disrupt the physical production system. In this case, we replace the broken components either when the system has a physical breakdown or when a predetermined amount of time (T) elapses. Second, we need to replace the system right after it suffers from a successful cyber-attack. Thus, we replace the system components if one of three following events happen, whichever comes first: (1) a successful cyber-attack, (2) a physical breakdown, or (3) a predetermined time (T) elapses. We analytically provide optimal policies to minimize the expected cost for these scenarios. Finally, we carry out sensitivity analyses to show the effect of different model parameters on the value of a cyber security system.

Cyber Threats

Optimization

Maintenance Management

Age Replacement

Cyber Threat Intelligence from Honeypot Data using Elasticsearch

Al-Mohannadi, Hamad, Awan, Irfan U., Al Hamar, J., Cullen, Andrea J., Disso, Jules P., Armitage, Lorna

18 May 2018

yes / Cyber attacks are increasing in every aspect of daily life. There are a number of different technologies around to tackle cyber-attacks, such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), firewalls, switches, routers etc., which are active round the clock. These systems generate alerts and prevent cyber attacks. This is not a straightforward solution however, as IDSs generate a huge volume of alerts that may or may not be accurate: potentially resulting in a large number of false positives. In most cases therefore, these alerts are too many in number to handle. In addition, it is impossible to prevent cyber-attacks simply by using tools. Instead, it requires greater intelligence in order to fully understand an adversary’s motive by analysing various types of Indicator of Compromise (IoC). Also, it is important for the IT employees to have enough knowledge to identify true positive attacks and act according to the incident response process. In this paper, we have proposed a new threat intelligence technique which is evaluated by analysing honeypot log data to identify behaviour of attackers to find attack patterns. To achieve this goal, we have deployed a honeypot on an AWS cloud to collect cyber incident log data. The log data is analysed by using elasticsearch technology namely an ELK (Elasticsearch, Logstash and Kibana) stack.

Cyber attacks

Cyber threats

Honeypot data

Elasticsearch

Cyber threat intelligence technique

Evropská právní úprava kyberzločinů s porovnáním právní úpravy kyberzločinů ve Spojených státech amerických / European legal regulation of cybercrimes in a comparison with the legal regulation of cybercrimes in the USA

Nováčková, Eliška

January 2015

6 Abstract Thesis title: European legal regulation of cybercrimes in a comparison with the legal regulation of cybercrimes in the USA The diploma thesis deals with the legislation of cybercrime and cyber security of the United States of America and the European Union. The introduction defines the basic concepts and important moments of history of related legislation and discusses key policy documents adopted in the transatlantic area. It also presents the politics of these two units and their key legislation and describes the international Convention on Cybercrime. Selected documents are subsequently compared and evaluated in the context of legal terminology, technological development and application of regulations in practice. The thesis is concluded by the basic steps of transatlantic cooperation on issues of cyber security. The conclusion summarizes the lessons learned by comparing documents, particularly international emphasis on ratification of the Convention on Cybercrime and adequate levels of awareness of cyber space, and highlights some terminological inaccuracies. Keywords Cyber threats * cyber security * cybercrime * international cooperation * strategic documents

Proces sekuritizace kybernetické bezpečnosti EU / Securitisation process of cyber security in the EU

Jiskra, Denis

January 2020

21. 5. 2020 Abstract Securitisation proces of the cyber security in the EU Denis Jiskra Institute of Political Science Studies, Faculty of Social Sciences, Charles University 2019/2020 The diploma thesis is dealing with the development of the European Union's cyber security policy during the specific time frame since the 1990's until the current time. The thesis is focused on the securitization process, that so, dynamic intersubjective process of threat construction with the aim to find out, to what extent securitization formed the cyber security policy of the European Union. The subject of the thesis is also an analysis of the cyber security narrative topics with the aim to determine which topic leads and if there are changes between them during the research period. In this respect, the model of cyber security discourse variations inspired by the Copenhagen school will be used. In the current thesis will be also introduced the development of cyber threats, its historical contextualization, as well as their gradual globalization.

Secure remote access to a work environment

Bergvall, Ricardo

January 2021

This project is about how free, open-source tools can create reasonable, secure and flexible remote access solutions for smaller companies with a limited budget.  Secure remote access to a working environment is a solution for its time, as last year Covid-19 change the working environment for millions of employers and employees. The importance of secure remote access to a working environment became noticeable as offices closed down and employers started working from home. Still, the need for secure access to the company's infrastructure remains. This is where Virtual Private Networks (VPNs) enter the picture, as it has a broad application scope and is particularly useful for secure remote access. My project was subdivided into three parts: How to implement secure remote access to a working environment within the requirements of the chosen company, which are an inexpensive solution with high-security features.  Automate the creation and distribution of all the necessary parts that their employees will need in a VPN structure. Research about the future direction regarding VPN and the importance of cybersecurity to help ensure security preparedness for the company. The chosen solution was OpenVPN and Google authenticator, together with a written bash script. It became a solution that was free, flexible, secure and scalable. But why the need and what about the future?  Research shows that a high percentage of small and medium-sized enterprises are vulnerable to cyberattacks. It also shows that these companies have the lowest cybersecurity. "It wouldn't happen to us" is dangerous but, sadly, a typical mindset throughout the S&M companies. It's primarily because of this S&M's are more exposed than larger companies. The future of VPN's has become more important than ever before, and it's something that during Covid-19 has risen in use all over the world, the research and development of VPNs has accelerated. The research objectives of this project are of high interest to many other organizations in the same position, and the presented work has helped answer the question: "Where will we stand in a few years regarding secure remote work, cybersecurity andencrypted networks?"

secure remote-access

virtual private network servers

multi-factor authentication

encryption

cyber-threats

OpenVPN

Computer and Information Sciences

Data- och informationsvetenskap

Lutte aux botnets : les politiques de prévention s'avèrent-elles efficaces?

Allaire, Marie-Renée

07 1900

No description available.

Menaces informatiques

cybercriminalité

cybermenaces

Politiques de prévention

Botnets

Security threats

cyber crime

cyber threats

Prevention policies

Literature review on trustworthiness of Signature-Based and Anomaly detection in Wireless Networks

Spångberg, Josephine, Mikelinskas, Vainius

January 2023

The internet has become an essential part of most people's daily lives in recent years, and as more devices connect to the internet, the risk of cyber threats increases dramatically. As malware becomes more sophisticated, traditional security prevention measures are becoming less effective at defending from cyber attacks. As a result, Signature Based Detection and Anomaly Detection are two of many advanced techniques that have become crucial to defend against cyber threats such as malware, but even these are sometimes not enough to stop modern cyberattacks. In this literature review the goal is to discuss how trustworthy each of the mentioned malware detection techniques are at detecting malware in wireless networks. The study will measure trustworthiness by looking further into scalability, adaptability and robustness and resource consumption. This study concludes that both anomaly and signature-based malware detection methods exhibit strengths and weaknesses in scalability, robustness, adaptability, and resource consumption. Furthermore, more research is needed and as malware becomes more sophisticated and an increased threat to the world it is an area that is highly relevant.

Cyber threats

Malware

Cyber attacks

Signature Based Detection

Anomaly Detection

Cyber defense

Sophisticated attacks

Modern cyberattacks

malware detection in wireless network

IoT

Computer Sciences

Datavetenskap (datalogi)

IT security expert’s perceptions of cybersecurity when working remotely compared to working in the office : A quality study on Swedish insurance companies / IT-säkerhetsexperters uppfattningar om cybersäkerhet vid distansarbete jämfört med arbete på kontoret : En kvalitativ studie på svenska försäkringsbolag

Kullander, Kristoffer, Cselenyi, Mathilda

January 2024

Teleworking has become a significant aspect of working life, especially after the outbreak of the COVID-19 pandemic, which accelerated the trend of teleworking. However, this shift has increased the risk of cyber threats and security risks. Despite organizations' efforts to strengthen cybersecurity, a significant risk remains, with employees posing one of the main security risks in the form of human error and mistakes. Previous research highlights that employees tend to exhibit lower levels of cybersecurity awareness and are more likely to perform riskful actions when working remotely compared to working in the office. However, recent research has shown the opposite, where employees are more conscious of cybersecurity awareness and more likely to apply security-based precaution measures during remote work compared to office work. In light of these research findings, this study focuses on examining how IT-security experts perceive cybersecurity when working remotely compared to working in the office. To explore this, the study has, through qualitative mapping, conducted semi-structured interviews with a theoretical basis in Protection Motivation Theory (PMT). Overall, the study showed that IT- security experts perceive cybersecurity as more manageable when working in the office compared to remote work, with an increased awareness of the importance of the human factor. / Distansarbete har blivit en betydande aspekt av arbetslivet, särskilt efter utbrottet av Covid-19- pandemin, vilket accelererade trenden med distansarbete. Denna omställning har emellertid ökat risken för cyberhot och säkerhetsrisker. Trots organisationers insatser för att stärka cybersäkerheten kvarstår en betydande risk, då anställda utgör en av de främsta säkerhetsriskerna i form av mänskliga fel och misstag. Tidigare forskning framhäver att anställda ofta är mindre säkerhetsmedvetna och mer benägna att utföra riskfyllda handlingar när de arbetar på distans jämfört med arbete på kontoret. Däremot har senare forskning visat motsatsen, där anställda är mer säkerhetsmedvetna och mer benägna att vidta säkerhetsåtgärder under distansarbete jämfört med arbete på kontoret. Mot bakgrund till dessa forskningsresultat, fokuserar denna studie på att undersöka hur IT-säkerhetsexperter uppfattar cybersäkerhet vid distansarbete jämfört med arbete på kontoret. För att utforska detta har studien, genom kvalitativ kartläggning, genomfört semistrukturerade intervjuer med teoretisk grund i Protection Motivation Theory (PMT). Sammantaget visade studien på att IT-säkerhetsexperter uppfattar cybersäkerhet som mer hanterbar vid arbete på kontoret jämfört med distansarbete, med en ökad medvetenhet om den mänskliga faktorns betydelse.

Cyber security

cyber threats

cybersecurity awareness

remote work

Protection Motivation Theory

Cybersäkerhet

cyberhot

säkerhetsmedvetenhet

distansarbete

Protection Motivation Theory

Information Systems

Att förebygga det interna hotet med IT-regler / Preventing internal threats with IT-policy

Olsson, Martin, Ring, Max, Sabbagh, Hassan

January 2018

Uppsatsen ämnar undersöka det interna hotet inom organisationer som medförs av mänskliga misstag och ovarsamhet hos anställda. Syftet med uppsatsen är att identifiera orsaker bakom misstagen och ovarsamheten, redogöra för några konsekvenser av det och även undersöka hur utformningen och arbetet med IT-regler, som är regler och riktlinjer för IT-säkerhetsarbete, bör utföras för att minimera misstag och ovarsamhet. Till det har en undersökning av tidigare litteratur och en kvalitativ datainsamling gjorts, den kvalitativa undersökningen innefattade intervjuer med ett E-handelsföretag, ett IT-konsultföretag samt en IT-säkerhetskonsult. Teori och insamlad data har analyserats och genererat ett antal förslag, där bland annat ett anpassat språkbruk och kategorisering av IT-regler men även kontinuerlig utbildning av anställda förespråkas för att förebygga anställdas misstag och ovarsamhet. Därigenom förebyggs det interna hotet. Uppsatsens framförda förslag kan användas av alla typer av företag som vill förbättra sin IT-säkerhet genom att förebygga det interna hotet som orsakas av de anställda. / The study aims to investigate the internal threat within organizations caused by human mistakes and negligence amongst employees. The purpose of this paper is to identify reasons for the mistakes and the negligence, describe some of the consequences and also investigate how the design of and work with IT policies, which is a set of rules and guidelines for IT security work, should be performed to minimize mistakes and negligence. A survey of previous literature has been conducted and a qualitative data collection has been made. The qualitative data collection included interviews with an e-commerce company, an IT consulting company and an IT security consultant. Previous literature and collected data have been analysed which resulted in a set of suggestions, for instance that customized language usage and categorization of IT policies, together with continuous training of employees is advocated to help prevent employees' mistakes and negligence. Thereby minimizing the internal threat. Any type of company that wants to improve its IT security by preventing the internal threat caused by its employees will benefit from these suggestions.

Human mistakes and negligence

IT security

IT-policies

information systems

internal threats

employees

cyber threats

Mänskliga misstag och ovarsamhet

IT-säkerhet

IT-regler

Interna hot

Informationssystem

Anställda

IT-hot

Information Systems