Global ETD Search

31	EVALUATING CRYSTAL FRAMEWORK IN PRACTICE Mertala, Victor, Christopher, Nordin January 2024 (has links) Cyber-physical systems (CPSs) are used in several industries, such as healthcare, automotive, manufacturing, and more. The fact that CPSs often contain components integrated via communication networks means that malicious actors can exploit vulnerabilities in these components through cyber attacks. CRYSTAL Framework has been shown in previous research to be able to detect cyber attacks on CPSs. However, this has only been proven in simulation. Our research builds upon these previous research as we aim to prove that CRYSTAL Framework is a viable method for monitoring real systems to detect abnormal behaviours. The Tiny Twin is an abstract behavioral model that defines normal running behaviour of a system, which can then be used by to compare the current state of a monitored system to detect possible attacks and abnormal behaviours. We built a monitor that integrates such a Tiny Twin, working by passively listening on input and output of components in a monitored system. We designed and implemented two different scenarios, a security alarm system and a temperature control system (TCS), to test the CRYSTAL Framework. In testing both implemented scenarios our monitor successfully detected all but one attacks during runtime by comparing the system's current state with the expected state as defined in the Tiny Twin. CRYSTAL Framework Tiny Twin Tiny Digital Twin Rebeca Timed Rebeca monitor cyber attacks Engineering and Technology Teknik och teknologier
32	Digital Battlegrounds: Evaluating the Impact of Cyber Warfare on International Humanitarian Law in the Russian-Ukraine War Broekstra, Aaron January 2024 (has links) This study investigates the legal and ethical challenges posed by cyber warfare in the ongoing Russian-Ukraine war. Cyber warfare represents a transition from traditional conflict dynamics, impacting civilian populations and national security without direct physical confrontations. The significance of this research is the inadequacy of current legal norms that govern the rapidly evolving techniques of cyber-attacks which challenge established norms of International Humanitarian Law. Hence, the research question explores how cyber warfare challenges existing legal and ethical norms for civilian protection, and what the broader implications are for the regulation of modern conflicts. Through a qualitative case study approach, the thesis analyses three cases of Russian cyber-attacks on Ukrainian civilian infrastructure: the 2015 attack on the Ukrainian power grid, the 2023 cyber-attack on Kyivstar, and the 2022 Asylum Ambuscade. In the simplified legal framework by Hoffman and Rumsey, these cases were analysed using the Tallinn Manual, and Mary Kaldor’s New Wars theory to highlight the challenges and violations of IHL. The findings conclude that the IHL framework is insufficient for the unique challenges of cyber warfare. Moreover, the study addresses for the revaluation and updating of international legal norms to keep up with the constant development of cyber warfare. In all, this thesis showcases the need for enhanced legal standards that can safeguard civilian populations and maintain international security, contributing to the fields of international law and conflict resolution. History Historia
33	Improving the Cyber defence of an organisation based on IP Geolocation and security appliances / Förbättra en organisations cyberförsvar baserad på IP Geolocation och säkerhetssystem Opasinov, Aleksandar, Eftekhari, Sina January 2020 (has links) As advancement and usage of data communication has increased exponentially on a global scale, with a devastating exposure to attacks and varying security threats to home offices as well as to large enterprises, there is always a need for enhanced network protection. The IT department of the company OneDefence, located in western Sweden, was chosen for the thesis and based on the stated information from the organisation, aims were set on how to improve their network defence capabilities. The aim of this thesis is to list ten countries posing the most serious IT threats, and to limit the attack surface of OneDefence’s IT network as much as possible while still providing the necessary services to users abroad. After researching the countries, a prototype was set up to mimic OneDefence’s topology of interest and test attacks were conducted as detailed in the Methodology chapter. The results of the investigations showed the countries posing most serious cyber threats included China, Russia and North Korea among others which were statistically calculated based on the total number of recognised cyberwarfare attacks. The results obtained from the different DoS attacks in the prototype showed that an IPS should be at the heart of an organisation's network defence for combating these intrusions, as well as potentially other types. With the help of a prototype built based on the organisation's topology, several attacks were somewhat successfully mitigated with the equipment used on hand, with only a low percentage of packets allowed to pass through the security unit. Lastly, to explore further enhancements of defence capabilities of OneDefence, a comparison between different products and devices were performed. This resulted in products from the Fortinet brand such as FortiGate NGFW and UTM capabilities as they are offering several advantages compared to competitors. / Då stora framsteg och användning av datakommunikation har ökat exponentiellt på en global skala, med en förödande exponering av attacker och säkerhetshot mot hemanvändare såväl som stora företag, finns detalltid ett behov av förbättrad nätverksskydd. IT-avdelningen hos företaget OneDefence, valdes för att utföra examensprojektet och baserade sig på organisationens angivna information för att förbättra deras nätverksförsvar. Syftet med denna rapport är att sammanställa en lista på tio länder som utgör de allvarligaste IT-hoten i världen, samt begränsa attackytan för organisationens nätverk så mycket som möjligt medan man behåller alla nödvändiga tjänster till användare utomlands. Efter att ha undersökt länderna, anordnades en prototyp för att efterlikna delar av OneDefences topologi av intresse och testattacker utfördes enligt metodologikapitlet. Resultaten av utredningarna visade att från de länder som utfört de allra allvarliga cyberhoten inkluderade bland annat Kina, Ryssland och Nordkorea, som har beräknats statistiskt baserat på antalet igenkända cyberwarfare attacker. Resultaten från de olika DoS-attackerna visade att en IPS bör vara kärnan i en organisations nätverksförsvar för att kunna bekämpa dessa intrång, samt potentiellt andra typer. Med hjälp av den prototyp som byggdes baserad på organisationens topologi, blockerades flera attacker rätt framgångsrikt, med en låg procentandel av paketen som gick genom säkerhetsenheten. Slutligen utforskades ytterligare förbättringar av försvarsförmågan hos organisationen genom att jämföra olika produkter och enheter. Detta resulterade i produkter från Fortinet-varumärket såsom FortiGate NGFW med UTM förmåga, då de erbjuder flera fördelar jämfört med konkurrenter. Cybersecurity Cisco ASA Firewall IP Geolocation Malware Cyber Attacks IPS IT-säkerhet Cisco ASA Brandvägg IP Geolocation Malware Cyberattacker IPS Information Systems
34	Generátor kybernetických útoků / Cyberattack Generator Gregr, Filip January 2017 (has links) This thesis is focused on developing a tool that is capable of generating cyber attacks. In the opening there are introduced some attacks using the ISO/OSI application layer protocols. Specifically, these are attacks known as Slowloris, RUDY, Slow Read, HTTP flood, and dictionary attack on the SSH. These attacks are implemented into an existing DoSgen Linux tool that already contains several famous network attacks. The main part of the thesis is devoted to the description of the tool and to the implementation of its own extension. The created tool is practically tested in an experimental enviroment against the Apache web server. Part of the thesis is the documentation for the improved DoSgen tool.
35	Kybernetická bezpečnost ve vesmírném prostoru: Rámec zvládání rizik spojených s kybernetickými útoky a model vylepšení evropských politik / Cybersecurity for Outer Space - A Transatlantic Study Perrichon, Lisa January 2018 (has links) Cyber attacks can target any nodes of the space infrastructure, and while these attacks are called non-violent, there is a credible capability to use cyber attacks to cause direct or indirect physical damage, injury or death. However, the vulnerability of satellites and other space assets to cyber attack is often overlooked, which is a significant failing given society's substantial and ever increasing reliance on satellite technologies. Through a policy analysis, this dissertation assess the set of political provisions provided by the European Union to address the cyber security issue of the space infrastructure. Such study aims at exploring the geopolitical consequences linked to space cyber security risks, and at assessing the political preparedness of the European Union to address these challenges. The perspective of transatlantic cooperation to further support both American and European effort to tackle this security risk is also addressed. The overarching value of the study is to contribute to future European cyber security for space and transatlantic debates by providing useful perspectives and key takeaways on these two domains. Ultimately, he existing set of policies are not sufficient to address the cyber security issue in Outer Space, a unified approach by the European Union and the United...
36	A Literature Review of Connected and Automated Vehicles : Attack Vectors Due to Level of Automation Kero, Chanelle January 2020 (has links) The manufacturing of connected and automated vehicles (CAVs) is happening and they are aiming at providing an efficient, safe, and seamless driving experience. This is done by offering automated driving together with wireless communication to and from various objects in the surrounding environment. How automated the vehicle is can be classified from level 0 (no automation at all) to level 5 (fully automated). There is many potential attack vectors of CAVs for attackers to take advantage of and these attack vectors may change depending on what level of automation the vehicle have. There are some known vulnerabilities of CAVs where the security has been breached, but what is seemed to be lacking in the academia in the field of CAVs is a place where the majority of information regarding known attack vectors and cyber-attacks on those is collected. In addition to this the attack vectors may be analyzed for each level of automation the vehicles may have. This research is a systematic literature review (SLR) with three stages (planning, conducting, and report) based on literature review methodology presented by Kitchenham (2004). These stages aim at planning the review, finding articles, extracting information from the found articles, and finally analyzing the result of them. The literature review resulted in information regarding identified cyberattacks and attack vectors the attackers may use as a path to exploit vulnerabilities of a CAV. In total 24 types of attack vectors were identified. Some attack vectors like vehicle communication types, vehicle applications, CAN bus protocol, and broadcasted messages were highlighted the most by the authors. When the attack vectors were analyzed together with the standard of ‘Levels of Driving Automation’ it became clear that there are more vulnerabilities to consider the higher level of automation the vehicle have. The contributions of this research are hence (1) a broad summary of attack vectors of CAVs and (2) a summary of these attack vectors for every level of driving automation. This had not been done before and was found to be lacking in the academia. Attack Vector CAV Connected and Automated Vehicle Cyber-Attacks Cyber-Security ITS Levels of Driving Automation VANET Vehicular Communication Computer and Information Sciences Data- och informationsvetenskap Information Systems
37	A security analysis in a life science environment : a case study / En säkerhetsanalys inom life science : en fallstudie Gripenstedt, Daniel, Öberg, Joakim January 2021 (has links) The cyber-threat against life-science is much larger today than just a couple of years back. Companies within the field have valuable information from example R& Din pharmaceuticals, biotech, personal data of vulnerable patients or medical devices and that is something attackers are very much aware of. Lab equipment have generally been disconnected from the internet to protect their data even more but the benefits a company would gain in diagnostics and support could outweigh it. In this paper a fictional environment with lab instruments, control units and databases is set up based on a real system used by Company X. A security analysis for the system is conducted with the goal to identify and analyse potential threats and risks. This was done by first study relevant literature along with meetings with representatives from Company X. The security analysis is made with a threat model called Yacraf which includes six different phases, the process was easy to follow and resulted in potential ways how an attacker could gain access to the system. The results also show different protection scenarios for these attacks and how Company X could implement preventive measures in advance. If Company X where to implement such a remote control system a first step would be to educate the employees to recognize common cyber-threats and only set up the remote connection when needed. / Cyberhotet mot life science är mycket större idag än för bara ett par år tillbaka. Företag sitter på värdefull information från exempel forskning och utveckling inom läkemedel, bioteknik, personuppgifter om utsatta patienter eller medicintekniska produkter och det är något som hackare är mycket medvetna om. Labutrustning har i allmänhet kopplats bort från internet för att skydda deras data ännu mer, men fördelar företag kan vinna på diagnistik och support skulle kunna uppväga det. I denna uppsats skapas en fiktiv miljö med laboratorieinstrument, styrenheter och databaser baserat på ett verkligt system som används av företag X. En säkerhetsanalys för systemet genomförs med målet att identifiera och analysera potentiella hot och risker. Detta gjordes genom att först studera relevant litteratur tillsammans med möten med företrädare för företag X. Säkerhetsanalysen är gjord med en hotmodell som heter Yacraf som innehåller sex olika faser, processen var lätt att följa och resulterade i potentiella sätt hur en angripare kunde vinna tillgång till systemet. Resultaten visar också olika skyddsscenarier för dessa attacker och hur Company X kunde genomföra förebyggande åtgärder i förväg. Om företag X skulle implementera ett sådant fjärrkontrollsystem skulle ett första steg vara att utbilda de anställda att känna igen vanliga cyberhot och bara ansluta fjärranslutningen vid behov. Cyber-security in life-science Cyberbiosecurity Remote controlling software Cyber-attacks Threat modelling Yacraf. Cybersäkerhet inom life science Fjärrstyrningprogram Cyberattack Hotmodellering Yacraf Computer and Information Sciences Data- och informationsvetenskap
38	Literature review on trustworthiness of Signature-Based and Anomaly detection in Wireless Networks Spångberg, Josephine, Mikelinskas, Vainius January 2023 (has links) The internet has become an essential part of most people's daily lives in recent years, and as more devices connect to the internet, the risk of cyber threats increases dramatically. As malware becomes more sophisticated, traditional security prevention measures are becoming less effective at defending from cyber attacks. As a result, Signature Based Detection and Anomaly Detection are two of many advanced techniques that have become crucial to defend against cyber threats such as malware, but even these are sometimes not enough to stop modern cyberattacks. In this literature review the goal is to discuss how trustworthy each of the mentioned malware detection techniques are at detecting malware in wireless networks. The study will measure trustworthiness by looking further into scalability, adaptability and robustness and resource consumption. This study concludes that both anomaly and signature-based malware detection methods exhibit strengths and weaknesses in scalability, robustness, adaptability, and resource consumption. Furthermore, more research is needed and as malware becomes more sophisticated and an increased threat to the world it is an area that is highly relevant. Cyber threats Malware Cyber attacks Signature Based Detection Anomaly Detection Cyber defense Sophisticated attacks Modern cyberattacks malware detection in wireless network IoT Computer Sciences Datavetenskap (datalogi)
39	Hur åtgärdar offentliga aktörer deras cybersäkerhet efter att ha blivit utsatta för cyberattacker? / How do public actors address their cyber security after cyber attacks against them? Mohammed Abdu, Mohammed, Alsaif, Anas January 2023 (has links) Digitization has been a growing phenomenon in today's society where organizations, individuals and society at large are affected by it. In pace with the emerging use of digitization,a realization of the relevance of cyber security in the public sector has increased, but not to a sufficient extent. Cyber security is about processes used to protect personal information and important data in organizations. Cyber security also includes knowledge of cyberattacks, where actors attack an organization's data most often for financial reasons. Cyber attacks have affected the public sector in several countries. The study focuses on known cyber attacks around the world that are related to public actors in healthcare, transport and electricity supply,among others. The study's analysis compares implemented measures after the incidents based on a cyber risk assessment framework. The survey shows that increased investments, new and clear work routines, training for employees and continuous testing of computer systems are important measures for the prevention of cyber attacks. The mentioned main actions that are common between the studied actors are supported by the theoretical frame of reference. This is because frameworks linked to cyber attacks also point out that investments, clear work routines and monitoring of systems contribute to protection against cyber attacks. / Digitalisering har varit ett växande fenomen i dagens samhälle där organisationer, individer och samhället i stort påverkas av det. Med takt av den framväxande användningen av digitalisering, har en realisering av cybersäkerhetens relevans inom den offentliga sektorn ökat, men inte i tillräcklig stor omfattning. Cybersäkerhet handlar om processer som används för att skydda personlig information och viktiga data i organisationer. Cybersäkerhet omfattar också kunskap om cyberattacker, där aktörer angriper en organisations data oftast för ekonomiska skäl. Cyberattacker har påverkat den offentliga sektorn i flera länder. Studien fokuserar på kända cyberangrepp runt om i världen som är relaterade till offentliga aktörer inom bland annat sjukvård, transport och elförsörjning. Studiens analys jämför genomförda åtgärder efter incidenterna utifrån ett ramverk om cyberriskbedömning. Undersökningen visar att ökade investeringar, nya och tydliga arbetsrutiner, utbildning till medarbetare ochkontinuerliga testningar av datasystem är viktiga åtgärder för förebyggande av cyberattacker.De nämnda huvudsakliga åtgärderna som är gemensamma mellan de studerade aktörerna stödjas av den teoretiska referensramen. Detta eftersom ramverk kopplade till cyberattacker påpekar också att investeringar, tydliga arbetsrutiner och övervakning av system, bidrar till skydd mot cyberattacker. Cyber attacks Cyber security Cyber risk management framework Public sector Nyckelord: Cyberattacker Cybersäkerhet Cyber risk management framework Offentlig sektor. Computer Systems Datorsystem Communication Systems Kommunikationssystem
40	A Robust Dynamic State and Parameter Estimation Framework for Smart Grid Monitoring and Control Zhao, Junbo 30 May 2018 (has links) The enhancement of the reliability, security, and resiliency of electric power systems depends on the availability of fast, accurate, and robust dynamic state estimators. These estimators should be robust to gross errors on the measurements and the model parameter values while providing good state estimates even in the presence of large dynamical system model uncertainties and non-Gaussian thick-tailed process and observation noises. It turns out that the current Kalman filter-based dynamic state estimators given in the literature suffer from several important shortcomings, precluding them from being adopted by power utilities for practical applications. To be specific, they cannot handle (i) dynamic model uncertainty and parameter errors; (ii) non-Gaussian process and observation noise of the system nonlinear dynamic models; (iii) three types of outliers; and (iv) all types of cyber attacks. The three types of outliers, including observation, innovation, and structural outliers are caused by either an unreliable dynamical model or real-time synchrophasor measurements with data quality issues, which are commonly seen in the power system. To address these challenges, we have pioneered a general theoretical framework that advances both robust statistics and robust control theory for robust dynamic state and parameter estimation of a cyber-physical system. Specifically, the generalized maximum-likelihood-type (GM)-estimator, the unscented Kalman filter (UKF), and the H-infinity filter are integrated into a unified framework to yield various centralized and decentralized robust dynamic state estimators. These new estimators include the GM-iterated extended Kalman filter (GM-IEKF), the GM-UKF, the H-infinity UKF and the robust H-infinity UKF. The GM-IEKF is able to handle observation and innovation outliers but its statistical efficiency is low in the presence of non-Gaussian system process and measurement noise. The GM-UKF addresses this issue and achieves a high statistical efficiency under a broad range of non-Gaussian process and observation noise while maintaining the robustness to observation and innovation outliers. A reformulation of the GM-UKF with multiple hypothesis testing further enables it to handle structural outliers. However, the GM-UKF may yield biased state estimates in presence of large system uncertainties. To this end, the H-infinity UKF that relies on robust control theory is proposed. It is shown that H-infinity is able to bound the system uncertainties but lacks of robustness to outliers and non-Gaussian noise. Finally, the robust H-infinity filter framework is proposed that leverages the H-infinity criterion to bound system uncertainties while relying on the robustness of GM-estimator to filter out non-Gaussian noise and suppress outliers. Furthermore, these new robust estimators are applied for system bus frequency monitoring and control and synchronous generator model parameter calibration. Case studies of several different IEEE standard systems show the efficiency and robustness of the proposed estimators. / Ph. D. Kalman filter Robust statistics Power system state estimation Dynamic state estimation Unscented transformation Robust control theory Estimation theory Power system dynamics and control Outliers Cyber attacks Phasor measurement units

Search results