Global ETD Search

191	A MACHINE LEARNING BASED WEB SERVICE FOR MALICIOUS URL DETECTION IN A BROWSER Hafiz Muhammad Junaid Khan (8119418) 12 December 2019 (has links) Malicious URLs pose serious cyber-security threats to the Internet users. It is critical to detect malicious URLs so that they could be blocked from user access. In the past few years, several techniques have been proposed to differentiate malicious URLs from benign ones with the help of machine learning. Machine learning algorithms learn trends and patterns in a data-set and use them to identify any anomalies. In this work, we attempt to ﬁnd generic features for detecting malicious URLs by analyzing two publicly available malicious URL data-sets. In order to achieve this task, we identify a list of substantial features that can be used to classify all types of malicious URLs. Then, we select the most signiﬁcant lexical features by using Chi-Square and ANOVA based statistical tests. The effectiveness of these feature sets is then tested by using a combination of single and ensemble machine learning algorithms. We build a machine learning based real-time malicious URL detection system as a web service to detect malicious URLs in a browser. We implement a chrome extension that intercepts a browser’s URL requests and sends them to web service for analysis. We implement the web service as well that classifies a URL as benign or malicious using the saved ML model. We also evaluate the performance of our web service to test whether the service is scalable. Computer System Security Machine learning in cyber-security Real time malicious URL detection Generic features for malicious URLs Cybersecurity cybersecurity engineering
192	Zrození kybernetické bezpečnosti jako národně bezpečnostní agendy / The Birth of Cyber as a National Security Agenda Schmidt, Nikola January 2016 (has links) The following dissertation studies the question how cyber security has become a national security agenda and discusses implications of the observed processes to current international security status quo. I divided the research into three parts. The first part embodies theoretical and methodological approach. The second part studies three distinct discourses related to cyber security, the techno-geek discourse, the crime-espionage discourse and the nation-defense discourse using the method of Michel Foucault about archaeology of knowledge. The third part then draws on these three discourses and discusses implications through lens of several theoretical perspectives. Namely through concepts taken from science and technology studies, from actor network theory and network assemblages. The critical point of the research is a distinct reading of these discourses. While techno-geeks are understood as a source of semiosis, hackers' capability and crypto-anarchy ideology influenced by cyberpunk subculture, the cyber-crime and espionage discourse is read as a source of evidence of the hackers' capability. The inspiration in popular subculture is combined with current efforts in development of liberating technologies against oppression by authorities, oppression recognized by the eyes of the crypto-anarchist...
193	Development of Generic Communication Middleware for Embedded Sensor Systems Transmitting Health Parameters Kailayanathan, Subaharan, Kamdod, Saji January 2020 (has links) Health technology or e-Health is one of the most rapidly growing areas in healthcare today and it has been an important requirement as a new concept of healthcare industry. Since global society has been changed to aging society and the healthcare cost has been increasing in the 21st century since 2007. As the total number of people aged 65 or older is expected to increase from 12% to 22% in 2050 which is double the rate, and at the same time there is a decrease in in-fertility rates and increase in life expectancy due to the increase in life quality, there is a need to investigate the needs and requirements of an intelligent embedded sensor systems in health applications, and to develop a new communication protocol or set of protocols that can be used to send data collected from a hub within a house, home-care or a complex and send it securely and reliably to a central database where the gathered data can be monitored by a medical professional to make decisions for further interventions. The employed communication protocol should also be able to securely transmit confidential parameters from the hospital network to a central server outside of the hospital network. The final protocol must be inline with the regulations of the EU. This thesis is done in collaboration with Tjeders AB, Stille AB, and Embedded Sensor Systems for Health Plus (ESS-H+) research profile at Mälardalen University. In this thesis, different communication protocols such as IPSec and TLS and algorithms such as AES and RSA are examined and based on the requirements provided by the companies certain of these protocols and algorithms will be used in the final implementation. Different performance metrics such as overhead, round trip delay and throughput will be measured for the chosen communication protocols and recommendations will be given on which of the protocols and algorithms needs to be used to obtain an optimized, secure and reliable network. Health technology e-Health Embedded Sensor Systems Middleware IPSec MQTT Cyber Security Bluetooth 5.0 Embedded Systems Inbäddad systemteknik Communication Systems Kommunikationssystem Medical Equipment Engineering Medicinsk apparatteknik
194	Design of Mobility Cyber Range and Vision-Based Adversarial Attacks on Camera Sensors in Autonomous Vehicles Ramayee, Harish Asokan January 2021 (has links) No description available. Computer Engineering Electrical Engineering 2D Semantic segmentation Vision-based attacks Adversarial images Cyber Range Autonomous Vehicles machine learning computer vision Cyber security Traffic sign recognition Neural network optimization
195	Sea Traffic Management : Efficiency and Cybersecurity / Sea Traffic Management : Effektivitet och Cybersäkerhet Gülenay, Johan C, Guirguis, Mark January 2022 (has links) Sea Traffic Management has developed with the aim of facilitating work and increasing efficiency at sea, both in terms of productivity and environmental contexts. The technical development and digitization of the equipment on ships has led to new problems that have been developed such as cyber-attacks and technical problems. This study is based on a qualitative research method. The purpose of the work is to investigate how effective STM is and how safe it is to use for merchant vessels. The study showed that STM can have a positive effect on the environment and increase time savings, provided that more vessels in the industry use it as standard equipment. Results indicate that Sea Traffic Management is a helpful tool that will increase safety for navigation and have a positive effect on the environment for longer sea voyages. However, this is assumed if the shipping industry itself is ready for a digitalized world that is constantly developing, where a new type of issues arises with a nuanced threat for both ships and land bases. / Sea Traffic Management har utvecklats i syfte att underlätta arbetet och öka effektiviteten till sjöss, både när det gäller i produktivitet samt i miljösammanhang. I samband med den tekniska utvecklingen och digitaliseringen av utrustningen på fartyg så har nya lösningar samt problem uppstått, såsom cyberattacker och tekniska bekymmer. Studien grundar sig i en kvalitativ forskningsmetod. Arbetet har i syfte att undersöka hur effektivt STM är samt hur säker den är för användning av olika handelsfartyg på marknaden. I studien visade det sig att STM kan påverka miljön positivt samt öka tidsbesparingar förutsatt att fler fartyg inom branschen nyttjar det som en standardutrustning. Resultat tyder på att Sea Traffic Management är ett hjälpsamt verktyg som kommer att öka säkerheten för navigeringen samt påverka miljön positivt för längre sjöresor. Detta är dock förutsatt om själva sjöfartsbranschen är redo för en digitaliserad värld som ständigt utvecklas, där en ny typ av problematik uppstår med en nyanserad hotbild för både fartyg och olika land baser. STM digitization cyber security shipping Just in Time E-navigation bunker saving environmental impact efficiency STM digitalisering cybersäkerhet sjöfart Just in Time E-navigering bunkerbesparing miljöpåverkan effektivitet Engineering and Technology Teknik och teknologier
196	Cybersäkerhet - Att stärka den svaga länken : En flerfallsstudie om hur formella och informella styrmedel förebygger interna cyberhot i banksektorn Olsson, Sanna, Hultberg, Isabella January 2021 (has links) Bakgrund: Banker fyller en mycket viktig funktion i samhället och har sedan digitaliseringen varit särskilt utsatta för cyberhot. Samtidigt bygger bankens verksamhet till stor del på att upprätthålla förtroendet hos sina kunder, varpå det är av stor vikt för banker att ha en hög cybersäkerhet. Framför allt kan interna cyberhot i form av mänskliga misstag konstateras vara den svaga länken i bankers säkerhetsarbete idag. Därför är det intressant att undersöka hur banker i Sverige arbetar för att öka cybersäkerheten genom formella och informella styrmedel, som kan påverka anställdas beteenden. Syfte: Studien syftar till att bidra till ökad förståelse om hur banker styr sin verksamhet med formella och informella styrmedel för att förebygga interna cyberhot på arbetsplatsen. Metod: Studien har ett hermeneutiskt perspektiv och är utformad enligt en kvalitativ metod. Vidare har en abduktiv ansats format uppsatsen. Syfte och frågeställningar har besvarats genom en flerfallstudie av fyra olika banker i Sverige. Det empiriska materialet har inhämtats med hjälp av intervjuer med representanter från respektive bank som arbetar med säkerhet. Slutsats: För att förebygga interna cyberhot arbetar banker med formella styrmedel främst i form av regler, där de tar hjälp av globala standarder vid utformningen. Reglerna utformas även utifrån bankens kultur och uppdateras ofta. Vi har sett att kompetens och medvetenhet inom cybersäkerhet hos anställda är något som samtliga fallföretag värderar högt, och för att stärka kompetensen lägger bankerna stora resurser på utbildning. Att göra säkerhetstänket till en naturlig del av anställdas dagliga arbete har framför allt understrukits av respondenterna, samtidigt som arbetet med kultur till stor del görs passivt då det starka regelverket formar kulturen. Informella dialoger menas dock vara något som ökar medvetenheten och därmed stärker kulturen. Slutligen har vi identifierat att samtliga styrmedel nämnda ovan påverkar varandra, varpå det är viktigt att ha ett helhetstänk vid styrningsarbetet vad gäller cybersäkerhet. / Background: Banks play an important role in society and have since the increasing digitalization been particularly exposed to cyber threats. At the same time, the bank's operations are largely based on maintaining trust of its customers, and therefore it is of great importance for banks to have a high level of cyber security. Above all, internal cyber threats in the form of human error constitute one of the greatest risks to banks' security work today. Therefore, it is interesting to investigate how banks work to mitigate internal cyber threats through formal and informal management controls. Purpose: This study aims to contribute to an increased understanding of how banks use formal and informal management control to mitigate internal cyber threats in the workplace. Methodology: This study adopts a hermeneutic perspective and uses qualitative method. Furthermore, an abductive approach has shaped the essay. The purpose and research questions have been answered through a multiple case study of four different banks in Sweden. The empirical material has been obtained with the help of interviews with representatives from each bank who work with security. Conclusion: To prevent internal cyber threats, banks work with rules which global standards and the company’s culture help design. We have noted that competence and awareness in cyber security is something that is valued highly. To strengthen the competence banks invest large resources in training. Making the idea of safety a natural part of employees' daily work has above all been emphasized by, at the same time as cultural development is largely done passively as the strong regulations shape culture. Informal dialogues, however, increase awareness and thus strengthen culture. Finally, we have identified that all the management controls mentioned above affect each other. Therefore, it is important to have a holistic approach to the governance work regarding cyber security. Cyber security cyber threat management control bank security policy education security culture Cybersäkerhet cyberhot styrning bank standarder regler utbildning kultur Business Administration Företagsekonomi
197	Automating software installation for cyber security research and testing public exploits in CRATE / Att automatisera mjukvaruinstallationer för cybersäkerhetsforskning och testandet av publika angreppskoder i CRATE Kahlström, Joakim, Hedlin, Johan January 2021 (has links) As cyber attacks are an ever-increasing threat to many organizations, the need for controlled environments where cyber security defenses can be tested against real-world attacks is increasing. These environments, called cyber ranges, exist across the world for both military and academic purposes of various scales. As the function of a cyber range involves having a set of computers, virtual or physical, that can be configured to replicate a corporate network or an industrial control system, having an automated method of configuring these can streamline the process of performing different exercises. This thesis aims to provide a proof of concept of how the installation of software with known vulnerabilities can be performed and examines if the software is vulnerable directly after installation. The Cyber Range And Training Environment (CRATE) developed by the Swedish Defence Research Agency (FOI) is used as a testbed for the installations and FOI-provided tools are used for launching automated attacks against the installed software. The results show that installations can be performed without Internet access and with minimal network traffic being generated and that our solution can rewrite existing software packages from the package manager Chocolatey to work with an on-premises repository with an 85% success rate. It is also shown that very few publicly available exploits succeed without any manual configuration of either the exploit or the targeted software. Our work contributes to making it easier to set up environments where cyber security research and training can be conducted by simplifying the process of installing vulnerable applications. cyber range software installation cyber security CRATE exploit testing automation cyberanläggning mjukvaruinstallation cybersäkerhet CRATE angreppstestning automatisering Software Engineering Programvaruteknik Computer Sciences Datavetenskap (datalogi)
198	A Literature Review of Connected and Automated Vehicles : Attack Vectors Due to Level of Automation Kero, Chanelle January 2020 (has links) The manufacturing of connected and automated vehicles (CAVs) is happening and they are aiming at providing an efficient, safe, and seamless driving experience. This is done by offering automated driving together with wireless communication to and from various objects in the surrounding environment. How automated the vehicle is can be classified from level 0 (no automation at all) to level 5 (fully automated). There is many potential attack vectors of CAVs for attackers to take advantage of and these attack vectors may change depending on what level of automation the vehicle have. There are some known vulnerabilities of CAVs where the security has been breached, but what is seemed to be lacking in the academia in the field of CAVs is a place where the majority of information regarding known attack vectors and cyber-attacks on those is collected. In addition to this the attack vectors may be analyzed for each level of automation the vehicles may have. This research is a systematic literature review (SLR) with three stages (planning, conducting, and report) based on literature review methodology presented by Kitchenham (2004). These stages aim at planning the review, finding articles, extracting information from the found articles, and finally analyzing the result of them. The literature review resulted in information regarding identified cyberattacks and attack vectors the attackers may use as a path to exploit vulnerabilities of a CAV. In total 24 types of attack vectors were identified. Some attack vectors like vehicle communication types, vehicle applications, CAN bus protocol, and broadcasted messages were highlighted the most by the authors. When the attack vectors were analyzed together with the standard of ‘Levels of Driving Automation’ it became clear that there are more vulnerabilities to consider the higher level of automation the vehicle have. The contributions of this research are hence (1) a broad summary of attack vectors of CAVs and (2) a summary of these attack vectors for every level of driving automation. This had not been done before and was found to be lacking in the academia. Attack Vector CAV Connected and Automated Vehicle Cyber-Attacks Cyber-Security ITS Levels of Driving Automation VANET Vehicular Communication Computer and Information Sciences Data- och informationsvetenskap Information Systems
199	Cyber Security Risks and Opportunities of Artificial Intelligence: A Qualitative Study : How AI would form the future of cyber security Kirov, Martin January 2023 (has links) Cybercriminals' digital threats to security are increasing, and organisations seek smarter solutions to combat them. Many organisations are using artificial intelligence (AI) to protect their assets. Statistics show that the adoption of AI in cyber security worldwide has grown steadily over the past few years, demonstrating that more and more companies are searching for more effective methods than traditional ones. At the same time, some are cautious about its implementation. Previous research shows this is a topic of discussion in the cyber security branch. Researchers seek to understand further how AI is used, uncovering how it may benefit security and the challenges organisations face. Sweden is a country known for its high level of technological advancement and innovation, and it has seen a particularly significant increase in the integration of AI in cyber security practices. Using semi-structured interviews as the primary research method, a diverse range of companies, were interviewed regarding their viewpoints on the topic, both those implementing AI-based cyber security solutions and those who do not. The research objectives were to examine how companies in Sweden understand and perceive AI in cyber security, identify their perceived risks associated with any potential opportunities with AI adoption, and explore possible future developments in the field. Through in-depth interviews, participants discussed their experiences, concerns, and expectations surrounding the topic, showing anywhere from mixed to negative opinions from companies not utilising AI cyber security. This study shows how more research is needed to advance our understanding of AI cyber security and how it is implemented in companies. The study concludes that when showing interest in strengthening their security with the help of AI, organisations should consider the ethical and legal issues as well as the importance of choosing the right AI solutions. Professionals recommend AI implementation for companies wishing to increase cyber security defences in the rising and ever-changing cyber threats landscape. / Cyberbrottslingarnas digitala hot mot säkerheten ökar, och organisationer söker smartare lösningar för att bekämpa dem. Många organisationer använder artificiell intelligens (AI) för att skydda sina tillgångar. Statistik visar att användningen av AI inom cybersäkerhet världen över har ökat stadigt under de senaste åren, vilket visar att allt fler företag söker efter mer effektiva metoder än de traditionella. Samtidigt är vissa försiktiga vad gäller AI:s implementering. Tidigare forskning visar att detta är ett diskussionsämne inom cybersäkerhetsbranschen. Forskarna vill förstå mer om hur AI används, hur det kan gynna säkerheten och vilka utmaningar organisationerna står inför. Sverige är ett land som är känt för sin höga nivå av teknisk utveckling och innovation och man har sett en särskilt betydande ökning av integrationen av AI i cybersäkerhetspraxis i landet. Med hjälp av semistrukturerade intervjuer som primär forskningsmetod intervjuades en rad olika företag om deras syn på ämnet, både de som implementerar AI-baserade cybersäkerhetslösningar och de som inte gör det. Målet var att undersöka hur företag i Sverige förstår och uppfattar AI inom cybersäkerhet, att identifiera deras upplevda risker i samband med eventuella möjligheter med AI-adoption och utforska möjlig framtida utveckling inom området. Genom djupintervjuer diskuterade deltagarna sina erfarenheter, farhågor och förväntningar i ämnet, som visade allt från blandade till negativa åsikter från företag som inte använder AI i cybersäkerhet. Studien visar att det behövs ytterligare forskning för att öka vår förståelse för AI-cybersäkerhet och hur den ska implementeras i företag. Studien drar slutsatsen att organisationer som visar intresse för att stärka sin säkerhet med hjälp av AI bör ta hänsyn till etiska och juridiska frågor samt vikten av att välja rätt AI-lösningar. Experter rekommenderar att AI implementeras för företag som vill stärka sin cybersäkerhet i det ständigt ökande och föränderliga cyberhotslandskapet. AI Cyber Security qualitative research semi-structured interviews perceptions risks opportunities ethical considerations legal implications responsible AI deployment. Computer Systems Datorsystem Robotics Robotteknik och automation Embedded Systems Inbäddad systemteknik
200	Model-Based Autonomic Security Management of Networked Distributed Systems Chen, Qian 13 December 2014 (has links) This research focuses on the development and validation of an autonomic security management (ASM) framework to proactively protect distributed systems (DSs) from a wide range of cyber assaults with little or no human intervention. Multi-dimensional cyber attack taxonomy was developed to characterize cyber attack methods and tactics against both a Web application (Web-app) and an industrial control system (ICS) by accounting for their impacts on a set of system, network, and security features. Based on this taxonomy, a normal region of system performance is constructed, refined, and used to predict and identify abnormal system behavior with the help of forecasting modules and intrusion detection systems (IDS). Protection mechanisms are evaluated and implemented by a multi-criteria analysis controller (MAC) for their efficiency in eliminating and/or mitigating attacks, maintaining normal services, and minimizing operational costs and impacts. Causes and impacts of unknown attacks are first investigated by an ASM framework learning module. Attack signatures are then captured to update IDS detection algorithms and MAC protection mechanisms in near real-time. The ASM approach was validated within Web-app and ICS testbeds demonstrating the effectiveness of the self-protection capability. Experiments were conducted using realworld cyber attack tools and profiles. Experimental results show that DS security behavior is predicted, detected, and eliminated thus validating our original hypothesis concerning the self-protection core capability. One important benefit from the self-protection feature is the cost-effective elimination of malicious requests before they impede, intrude or compromise victim systems. The ASM framework can also be used as a decision support system. This feature is important especially when unknown attack signatures are ambiguous or when responses selected automatically are not efficient or are too risky to mitigate attacks. In this scenario, man-in-the-loop decisions are necessary to provide manual countermeasures and recovery operations. The ASM framework is resilient because its main modules are installed on a master controller virtual machine (MC-VM). This MC-VM is simple to use and configure for various platforms. The MC-VM is protected; thus, even if the internal network is compromised, the MC-VM can still maintain “normal” self-protection services thereby defending the host system from cyber attack on-thely. Intrusion Mitigation and Response System Self-Protection Autonomic Computing Intrusion Detection/Protection System Network Forensics Cyber Attack Taxonomy Cyber Security Intrusion Estimation Security Model-based Validation

Search results