Global ETD Search

151	PERCEPTIONS OF PURPLE TEAMS AMONG CYBERSECURITY PROFESSIONALS Siddharth Chowdhury (6613439) 15 May 2019 (has links) With constant technological advancements, the attacks against existing infrastructure is constantly increasing and causing more damage. The current Red and Blue team approach to cybersecurity assessments is used to test the effectiveness of security defenses and in identifying vulnerabilities before they are exploited. Due to a lack of collaboration and inherently contradicting natures of these teams, the credibility of audits is impacted. While this has led to the synergistic and collaborative Purple team, it is important to understand how cybersecurity professionals perceive this new concept and its function. Analyzing perceptions of self-reported cybersecurity professionals via an online survey showed most believed Purple teams were beneficial and should be created from and collaborate with Red and Blue teams. However, past Red team experience was negatively linked to perceived benefit. Those who had more years of experience or had been on Red teams were more likely to believe Purple teams may have ownership or learning issues. Furthermore, professionals identified active managerial involvement and project clarity as critical success factors for Purple teams. Alongside these, management could help find the right skillset, provide resources, and offer active direction in order to avoid issues and maximize outcomes. Based on assessment relevance, a collaborative agreed-upon methodology for Red, Blue, and Purple teams was provided. Computer System Security Innovation and Technology Management purple team cybersecurity red team blue team perception methodology assessment
152	The importance of risk awareness in cybersecurity among companies : A perspective on the role of top management Stefanska, Beata, Al-Dawod, Fatimah Laura January 2021 (has links) Background: Today´s world is characterized by a high level of digitalization that contributes to the development of new and effective technologies. However, this digital success requires knowledge and awareness about cybersecurity. Previous studies have shown that during 2020 the number of cyber-attacks among Swedish companies have increased. Due to digitalization, external parties find new methods to enter a company's systems and take advantage of its innovations and valuable information. That can affect the company's value negatively by ruining its reputation and making the stakeholders mistrust it. Purpose: The purpose of the study is to contribute to an increased understanding of strategic leadership´s influence on cyber risk awareness. Methodology: This study follows a qualitative research method. The data have been conducted through semi-structured interviews, based on 11 respondents consisting of experts whose professional background is anchored in cybersecurity. The research process follows an abductive approach. Conclusion: This study concludes that the current state of cyber risk awareness is not sufficient although it is increasing. Risk awareness is dependent on knowledge and organizational culture. This study concludes that the top management has a significant role in the influence of organizational culture and knowledge and thereby the risk awareness of a company, which in turn has an impact ontheir cybersecurity. It is the responsibility of the top management to delegate tasks that enhance riskawareness. Therefore, cyber risk awareness is to be treated as a top management issue. As a contribution, the study provides an insight on how humans, in this case, the top managementinfluences a company's cybersecurity through risk awareness. Risk awareness top management the tone from the top cybersecurity knowledge organizational culture Business Administration Företagsekonomi
153	Kriminologické aspekty kybernetické kriminality / Criminological aspects of cybercrime Gemeri, Peter January 2021 (has links) Criminological aspects of cybercrime Abstract (EN) This thesis is a study of specific aspects of cybercrime in regards to banking and non- banking financial institutions in Czech republic. By comparing results of third-party analytical resources and own findings obtained by strategically performed interviews with personnel in leading positions in cyber-security careers, the thesis describes causes and results of cyber-attacks and related preventive measures with emphasis on their respective place and priority in the cybersecurity policy of the organization. The main finding is that the biggest risk to the organization seems to be its own employees. That is why the entity cannot simply trust in the security of its perimeter by protecting only its border, but has to also consider its internal part. An equally important finding is the fact that mechanisms for the prevention of cybercrime take a large number of non-mutually exclusive forms, and in order to maintain the highest possible level of security, it is appropriate to layer these measures into complex units. Keywords Cybercrime, cybersecurity, criminology, financial organizations, cybercrime prevention
154	Context-Awareness for Adversarial and Defensive Machine Learning Methods in Cybersecurity Quintal, Kyle 14 August 2020 (has links) Machine Learning has shown great promise when combined with large volumes of historical data and produces great results when combined with contextual properties. In the world of the Internet of Things, the extraction of information regarding context, or contextual information, is increasingly prominent with scientific advances. Combining such advancements with artificial intelligence is one of the themes in this thesis. Particularly, there are two major areas of interest: context-aware attacker modelling and context-aware defensive methods. Both areas use authentication methods to either infiltrate or protect digital systems. After a brief introduction in chapter 1, chapter 2 discusses the current extracted contextual information within cybersecurity studies, and how machine learning accomplishes a variety of cybersecurity goals. Chapter 3 introduces an attacker injection model, championing the adversarial methods. Then, chapter 4 extracts contextual data and provides an intelligent machine learning technique to mitigate anomalous behaviours. Chapter 5 explores the feasibility of adopting a similar defensive methodology in the cyber-physical domain, and future directions are presented in chapter 6. Particularly, we begin this thesis by explaining the need for further improvements in cybersecurity using contextual information and discuss its feasibility, now that ubiquitous sensors exist in our everyday lives. These sensors often show a high correlation with user identity in surprising combinations. Our first contribution lay within the domain of Mobile CrowdSensing (MCS). Despite its benefits, MCS requires proper security solutions to prevent various attacks, notably injection attacks. Our smart-injection model, SINAM, monitors data traffic in an online-learning manner, simulating an injection model with undetection rates of 99%. SINAM leverages contextual similarities within a given sensing campaign to mimic anomalous injections. On the flip-side, we investigate how contextual features can be utilized to improve authentication methods in an enterprise context. Also motivated by the emergence of omnipresent mobile devices, we expand the Spatio-temporal features of unfolding contexts by introducing three contextual metrics: document shareability, document valuation, and user cooperation. These metrics are vetted against modern machine learning techniques and achieved an average of 87% successful authentication attempts. Our third contribution aims to further improve such results but introducing a Smart Enterprise Access Control (SEAC) technique. Combining the new contextual metrics with SEAC achieved an authenticity precision of 99% and a recall of 97%. Finally, the last contribution is an introductory study on risk analysis and mitigation using context. Here, cyber-physical coupling metrics are created to extract a precise representation of unfolding contexts in the medical field. The presented consensus algorithm achieves initial system conveniences and security ratings of 88% and 97% with these news metrics. Even as a feasibility study, physical context extraction shows good promise in improving cybersecurity decisions. In short, machine learning is a powerful tool when coupled with contextual data and is applicable across many industries. Our contributions show how the engineering of contextual features, adversarial and defensive methods can produce applicable solutions in cybersecurity, despite minor shortcomings. Continuous Authentication Machine Learning Cybersecurity Artificial Intelligence Online Learning Feature Engineering Context Awareness Adversarial Methods
155	Zvýšení bezpečnosti nasazením SIEM systému v prostředí malého poskytovatele internetu / Security Enhancement Deploying SIEM in a Small ISP Environment Bělousov, Petr January 2019 (has links) Diplomová práce se zaměřuje na zvýšení bezpečnosti v prostředí malého poskytovatele internetu nasazením SIEM systému. Dostupné systémy jsou porovnány a zhodnoceny v souladu s požadavky zadávající firmy. Projekt nasazení systému SIEM je navržen, implementován a zhodnocen v souladu s unikátním prostředím firmy.
156	Bezpečnostní cvičení pro etický hacking / Security exercises for ethical hacking Paučo, Daniel January 2020 (has links) This master thesis deals with penetration testing and ethical hacking. Regarding to the layout of the thesis there was prepared appropiate enviroment to realize Red/Blue team exercise, where Red team is in a role of the attacker and Blue team is in a role of defender of the network infrastructure. Whole infrastructure is implemented in a cloud virtual enviroment of VMware vSphere. Second part of the thesis consists of preparation and creation of the exercise to test web application security. Third part of the thesis is dedicating to the automatization of redteaming. Main focus of this master thesis is to demonstrate different attack vectors how to attack the network infrastructure and web applications and use of the defense mechanisms to avoid this kinds of attacks.
157	Zvýšení bezpečnostního povědomí ve společnosti / Increasing security awareness in the company Novák, Petr January 2021 (has links) The master’s thesis is focused on increasing security awareness in the company. The first chapter contains the theoretical background, which is necessary for creating a security education system. The second chapter deals with the analysis of the current situation, which is needed for determinating the need to increase security awareness. The third and last chapter contains the design of the education system itself.
158	A Hacker-Centric Perspective to Empower Cyber Defense January 2020 (has links) abstract: Malicious hackers utilize the World Wide Web to share knowledge. Previous work has demonstrated that information mined from online hacking communities can be used as precursors to cyber-attacks. In a threatening scenario, where security alert systems are facing high false positive rates, understanding the people behind cyber incidents can help reduce the risk of attacks. However, the rapidly evolving nature of those communities leads to limitations still largely unexplored, such as: who are the skilled and influential individuals forming those groups, how they self-organize along the lines of technical expertise, how ideas propagate within them, and which internal patterns can signal imminent cyber offensives? In this dissertation, I have studied four key parts of this complex problem set. Initially, I leverage content, social network, and seniority analysis to mine key-hackers on darkweb forums, identifying skilled and influential individuals who are likely to succeed in their cybercriminal goals. Next, as hackers often use Web platforms to advertise and recruit collaborators, I analyze how social influence contributes to user engagement online. On social media, two time constraints are proposed to extend standard influence measures, which increases their correlation with adoption probability and consequently improves hashtag adoption prediction. On darkweb forums, the prediction of where and when hackers will post a message in the near future is accomplished by analyzing their recurrent interactions with other hackers. After that, I demonstrate how vendors of malware and malicious exploits organically form hidden organizations on darkweb marketplaces, obtaining significant consistency across the vendors’ communities extracted using the similarity of their products in different networks. Finally, I predict imminent cyber-attacks correlating malicious hacking activity on darkweb forums with real-world cyber incidents, evidencing how social indicators are crucial for the performance of the proposed model. This research is a hybrid of social network analysis (SNA), machine learning (ML), evolutionary computation (EC), and temporal logic (TL), presenting expressive contributions to empower cyber defense. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2020 Computer science Artificial Intelligence Cybersecurity Darkweb Machine Learning Online Hacking Communities Social Network Analysis
159	"More dangerous than guns and tanks" : How cybersecurity is framed by the EU and Sweden Lindvall, Erik January 2020 (has links) The purpose of this thesis is to study the way the European Union and Sweden respectively frame the subject of cybersecurity, to see whether their framing differs and what consequences that may have. In order to study this, the thesis will study the cybersecurity strategies of the European Union and Sweden through a discourse analysis according to the Copenhagen school’s theory of securitization. The purpose is to see what the two actors define as the object that needs to be secured, what threatens said object and what measures should be taken to secure it. To study the cybersecurity strategies, data will be gathered from the European Union’s Cybersecurity Act of 2019 and Sweden’s six cybersecurity priorities, alongside other policy papers deemed relevant. The two points will then be compared in order to see how the framing align or contrast, to see what consequences that may bring. Cybersecurity cyberattacks cyberthreats cyberspace European Union Sweden securitization discourse analysis Political Science Statsvetenskap
160	Explainable Neural Networks based Anomaly Detection for Cyber-Physical Systems Amarasinghe, Kasun 01 January 2019 (has links) Cyber-Physical Systems (CPSs) are the core of modern critical infrastructure (e.g. power-grids) and securing them is of paramount importance. Anomaly detection in data is crucial for CPS security. While Artificial Neural Networks (ANNs) are strong candidates for the task, they are seldom deployed in safety-critical domains due to the perception that ANNs are black-boxes. Therefore, to leverage ANNs in CPSs, cracking open the black box through explanation is essential. The main objective of this dissertation is developing explainable ANN-based Anomaly Detection Systems for Cyber-Physical Systems (CP-ADS). The main objective was broken down into three sub-objectives: 1) Identifying key-requirements that an explainable CP-ADS should satisfy, 2) Developing supervised ANN-based explainable CP-ADSs, 3) Developing unsupervised ANN-based explainable CP-ADSs. In achieving those objectives, this dissertation provides the following contributions: 1) a set of key-requirements that an explainable CP-ADS should satisfy, 2) a methodology for deriving summaries of the knowledge of a trained supervised CP-ADS, 3) a methodology for validating derived summaries, 4) an unsupervised neural network methodology for learning cyber-physical (CP) behavior, 5) a methodology for visually and linguistically explaining the learned CP behavior. All the methods were implemented on real-world and benchmark datasets. The set of key-requirements presented in the first contribution was used to evaluate the performance of the presented methods. The successes and limitations of the presented methods were identified. Furthermore, steps that can be taken to overcome the limitations were proposed. Therefore, this dissertation takes several necessary steps toward developing explainable ANN-based CP-ADS and serves as a framework that can be expanded to develop trustworthy ANN-based CP-ADSs. Explainable Artificial Intelligence Machine Learning Artificial Neural Networks Safety-Critical Systems Cybersecurity Artificial Intelligence and Robotics

Search results