IOT-ENHETER I B2B-FÖRETAG : Nya teknologiska framsteg eller potentiella säkerhetsrisker? / IOT-DEVICES IN B2B-COMPANIES : New Technological Advances or Potential Security Risks?

Bahman, Andreas, Lyvall, Eleonora

January 2023

I takt med den ökande digitaliseringen ökar även antalet uppkopplade IoT-enheter. Inom B2B-företag används  IoT-enheter i allt större utsträckning för att effektivisera verksamheten och skapa konkurrensfördelar. Den digitala utvecklingen och det ökade antalet IoT-enheter har emellertid medfört säkerhetsrisker och att företag har svårt att skydda sig mot cyberangrepp via IoT-enheterna. Denna studie undersöker hur B2B-företag påverkas av säkerhetsriskerna med IoT-enheter och hur de kan arbeta för att hindra dem. Insamlingen av empiriskt material skedde genom sju semistrukturerade intervjuer och teorin består av vetenskapliga artiklar. Resultatet är att om IoT-enheter skulle bli angripna hade det lett till samhälleliga och ekonomiska konsekvenser och det finns en del åtgärder B2B-företag behöver vidta för att skydda sina enheter. De vanligaste säkerhetsriskerna hos IoT-enheterna var olika fysiska risker samt okrypterad datatrafik. Slutsatsen är att det är avgörande för B2B-företag att skapa en helhetsstrategi för cybersäkerhet hos sina IoT-enheter för att skydda sig mot de befintliga säkerhetsriskerna hos IoT-enheterna. Denna uppsats bidrar till informatik ämnets utveckling genom att ge insikter i hur B2B-företag påverkas av digitaliseringen och de säkerhetsrisker för IoT-enheter medför. / As digitalization increases, the number of connected IoT devices also grows. Within B2B companies, IoT devices are increasingly used to streamline operations and gain competitive advantages. However, the digital development and the increased number of IoT devices have also brought about security risks, making it challenging for companies to protect themselves against cyber attacks through these devices. This study examines how B2B companies are affected by the security risks associated with IoT devices and explores ways in which they can work to prevent them. Empirical data for this study was collected through seven semi-structured interviews, and the theoretical framework draws from scientific articles. The findings indicate that if IoT devices were to be compromised, it would have societal and economic consequences, necessitating certain measures that B2B companies need to take to safeguard their devices. The most common security risks with the IoT devices were various physical risks and unencrypted data traffic. The conclusion is that it is crucial for B2B companies to develop a comprehensive cybersecurity strategy for their IoT devices in order to protect themselves against the existing security risks posed by IoT devices. This paper contributes to the advancement of the field of informatics by providing insights into how B2B companies are affected by digitalization and the security risks associated with IoT devices.

IoT

Cybersecurity

Security Risks

B2B

IoT

Cybersäkerhet

Säkerhetsrisker

B2B

Information Systems

AI for Cybersecurity : A Study on Machine Learning and DoS Attacks AI Robustness and Bypassing Detection Methods

Matti, Molin, Fredrik, Böhme

January 2023

Cybercrime has increased for several years; both in volume andsophistication. When the capabilities of threat actors increase, techniques andtactics within cybersecurity also need to evolve. AI and machine learninghave potential to prevent and mitigate attacks. This report explores thepossible usage of machine learning for detection of DoS attacks, and furtherinvestigates the potential consequences of adversarial machine Learning. Weuse decision tree model that we train on publicly available DoS attack data.Then we use five computers to perform DoS attacks against a web server andcreate a machine learning model that attempts to detect the attacks based onthe attack's characteristics. In addition, we analyse the consequences ofadversarial machine learning with data poisoning. Our results show thepotential of using machine learning to detect DoS attacks and the dangers ofpoisoning attacks in this context. / Cyberbrottslighet har ökat i både mängd och komplexitet de senaste åren. Närkunskapen och förmågorna hos hotaktörer ökar behöver även teknikerna ochtaktikerna som används inom cybersäkerhet hänga med. AI ochmaskininlärning är verktyg som kan användas för att förebygga attacker. Idetta projekt undersöker vi användning av maskininlärning för att upptäckaDoS attacker. Dessutom undersöker vi de konsekvenserna av angrepp motsjälva maskininlärningsmetoden. Vi börjar med att utföra DoS attacker emotett system och sedan skapar vi en maskininlärningsmodell som försökerupptäcka attackerna utifrån attackernas egenskaper. Sedan undersöker vi vadkonsekvenserna kan bli vid attacker mot maskininlärning via poisoning. Våraresultat visar dels potentialen för maskininlärning vid DoS attacker, och delsfarorna med poisoning.

AI

Cybersecurity

Machine learning

DoS

Poisoning

AI

Cybersäkerhet

Maskininlärning

DoS

Poisoning

Communication Systems

Kommunikationssystem

MODERN PRIVACY REGULATION, INTERNAL INFORMATION QUALITY, AND OPERATING EFFICIENCY: EVIDENCE FROM THE GENERAL DATA PROTECTION REGULATION

Maex, Steven, 0000-0002-9221-8706

January 2022

In May 2018, the European Union enacted the General Data Protection Regulation (GDPR). I examine its impact on firms’ internal information quality (IIQ) and operating efficiency in the United States. Although privacy regulations, such as GDPR, target one subset of firms’ information assets (i.e., personal data), academics and practitioners have emphasized the ability of these regulations to drive broad improvements in firms’ information management practices resulting in higher quality information available for decision making and, by extension, more efficient operations. At the same time, GDPR’s regulatory mandates are likely to burden operations. Using multiple modeling approaches to identify the effect of GDPR on US firms and a variety of IIQ proxies from financial reports and disclosures, I find that (a) GDPR leads to improvements in IIQ for impacted firms and (b) that these improvements in IIQ are beneficial to firm operations. However, the regulatory burden of GDPR has overwhelmed these benefits resulting in a negative net effect on firms’ operating efficiency. / Business Administration/Accounting

Accounting

Cybersecurity

Information governance

Management guidance

Restatements

The DNS Bake Sale: Advertising DNS Cookie Support for DDoS Protection

Davis, Jacob

02 April 2021

The Domain Name System (DNS) has been frequently abused for Distributed Denial of Service (DDoS) attacks and cache poisoning because it relies on the User Datagram Protocol (UDP). Since UDP is connection-less, it is trivial for an attacker to spoof the source of a DNS query or response. DNS Cookies, a protocol standardized in 2016, add pseudo-random values to DNS packets to provide identity management and prevent spoofing attacks. This work finds that 30% of popular authoritative servers and open recursive resolvers fully support cookies and that 10% of recursive clients send cookies. Despite this, DNS cookie use is rarely enforced as it is non-trivial to ascertain whether a given client intends to fully support cookies. We also show that 80% of clients and 99% of servers do not change their behavior when encountering a missing or illegitimate cookie. This paper presents a new protocol to allow cookie enforcement: DNS Protocol Advertisement Records (DPAR). Advertisement records allow DNS clients intending to use cookies to post a public record in the reverse DNS zone stating their intent. DNS servers may then lookup this record and require a client to use cookies as directed, in turn preventing an attacker from sending spoofed messages without a cookie. In this paper, we define the specification for DNS Protocol Advertisement Records, considerations that were made, and comparisons to alternative approaches. We additionally estimate the effectiveness of advertisements in preventing DDoS attacks and the expected burden to DNS servers. Advertisement records are designed as the next step to strengthen the existing support of DNS Cookies by enabling strict enforcement of client cookies.

Domain Name System

DNS Cookies

Internet Measurement

Cybersecurity

Internet Protocols

Physical Sciences and Mathematics

INTRUSION DETECTION SYSTEM FOR CONTROLLER AREA NETWORK

Vinayak Jayant Tanksale (13118805)

19 July 2022

<p>The rapid expansion of intra-vehicle networks has increased the number of threats to such networks. Most modern vehicles implement various physical and data-link layer technologies. Vehicles are becoming increasingly autonomous and connected. Controller Area Network (CAN) is a serial bus system that is used to connect sensors and controllers (Electronic Control Units – ECUs) within a vehicle. ECUs vary widely in processing power, storage, memory, and connectivity. The goal of this research is to design, implement, and test an efficient and effective intrusion detection system for intra-vehicle CANs. Such a system must be capable of detecting intrusions in almost real-time with minimal resources. The research proposes a specific type of recursive neural network called Long Short-Term Memory (LSTM) to detect anomalies. It also proposes a decision engine that will use LSTM-classified anomalies to detect intrusions by using multiple contextual parameters. We have conducted multiple experiments on the optimal choice of various LSTM hyperparameters. We have tested our classification algorithm and our decision engine using data from real automobiles. We will present the results of our experiments and analyze our findings. After detailed evaluation of our intrusion detection system, we believe that we have designed a vehicle security solution that meets all the outlined requirements and goals.</p>

System and network security

Controller Area Network

Intrusion detection

LSTM networks

RNN

Deep Learning Applications

Cybersecurity

Risk Analysis and Cybersecurity Implementation for UTM : Implemented in UTM50 / Riskanalys och implementering av cybersäkerhet för UTM : Implementerat i UTM50

Hannson, Inge, Nääs, Fredrik

January 2023

With the increasing usage of Unmanned Aerial Vehicle (UAV)s and the prediction of becoming applicable to more industries within the next decade there is a need for a controlling authority in the lower airspace. An Unmanned Aircraft System Traffic Man- agement (UTM) provides multiple solutions to how such a system should operate and what services it should provide. This makes a UTM a key infrastructure that will need to withstand potential cyberattacks and ensure safe communication channels with sensitive information. This thesis will provide an analysis of what key areas need protection and show an example of how to implement it in UTM50.  Possible vulnerabilities were identified by performing a risk analysis based on the Con- trolled Object-Oriented Risk Assessment (CORAS) model, and a comparison was made between similar communication systems to compare what challenges they face. To handle the vulnerabilities, countermeasures were implemented in UTM50 using coding libraries such as ZeroMQ and CurveZMQ. The implementation was tested to ensure its effective- ness against possible cyber attacks, and the traffic was monitored using Wireshark.  Finally, this thesis presents a few areas that require further research to ensure full safety and security across all communication channels.

UTM

U-space

UTM50

Drone

Drones

Cybersecurity

ZeroMQ

CurveZMQ

Computer and Information Sciences

Data- och informationsvetenskap

Dopad COVID-19 na bezpečnostní politiku států v oblasti kybernetické bezpečnosti / Impact of COVID-19 on Security Policies of States in the Area of Cyber Security

Rieger, Anastasiya

January 2022

CHARLES UNIVERSITY FACULTY OF SOCIAL SCIENCES Master of International Security Systems Anastasiya Neskoromna/Rieger Impact of COVID 19 on Security Policies of States in the Area of Cyber Security Abstract Prague 2022 Author: Ms. Anastasiya Neskoromna/Rieger Supervisor: prof. David Erkomashvile, Ph.D. Academic Year: 2021/2022 Abstract The SARS-Cov-19 or in different wording the global Covid pandemic outburst have created an unprecedented scenario for various organizations, agencies and structures. The COVID-19 pandemic in 2020 has become an extraordinary and shocking event for the world community and the global economy. On the part of the authorities, the COVID-19 pandemic is accompanied by sometimes harsh and ambiguous decisions, the consequences of which are felt by people in many countries of the world: movement between countries was stopped, businesses and enterprises were closed, the restriction was created, those who were sick or at risk of infection were isolated. There was also no possible assumption regarding how long such a mode of life will last. Many factors as a consequential chain of reactions from the pandemic in the aggregate have created a pleasant environment for altering and modifying the cybercrime landscape. This work aims to analyze the factorial presence of modification in the sphere...

Whose Responsibility is Cybersecurity? : A Comparative Qualitative Content Analysis of Discourses in the EU’s Cybersecurity Strategies 2013-2020

Siltanen, Ella

January 2021

Cybersecurity is an increasingly important topic to all actors from the private individuals to international institutions. The borderless nature of the internet has however made it more difficult for nation states to take care of their own security and institutions like the EU are also coping with the difficulties of defending themselves from attacks that can affect practically any part of the system and cause wide-spread damage. The EU has tried to address these issues by publishing strategies to improve the cybersecurity of the Union and its Member States. This thesis studies the discourse that is used by the Union in its strategies from 2013 and 2020. This is done to determine how the EU portrays each level, the national, institutional, or private and how responsible they are for the cybersecurity in the Union and to see how this discourse has changed in the previous few years. The theoretical framework of the thesis consists of neofunctionalism and historical institutionalism which are used to explain the direction of the development of the EU’s discourse. The study is conducted using critical discourse analysis and qualitative content analysis. The findings of the analysis suggest that there is noticeable shift to the EU taking more responsibility and actions to ensure its cybersecurity. Similarly it seems remarkable how the importance of the private sector seems to have diminished in the newer discourse.

European Union

EU

cybersecurity

institutionalism

neofunctionalism

critical discourse analysis

qualitative content analysis

Political Science

Statsvetenskap

Understanding the behaviour of  IOCs during their lifecycle

Godavarti, Navya sree, Modali, Sivani

January 2022

An indicator of compromise is a digital artefact that detects data compromise. They sense the compromise happening, trace the intrusion and collect data. This data includes breached data and the address. All indicators have a limited period of a lifetime, in which these work the best time in their peak. Once the indicator starts decaying, then its performance of it deteriorates. Meaning there is an increase in false alarms of compromise. The most influential parameters in the performance of an IOC are related pulse, alerts, file score and IDS. These parameters influence both the working and decay of an indicator. But the relation between these is unknown; therefore, this thesis investigates the nature of the correlation between these parameters. Evaluating an IOC and its performance or decay is essential as these determine the quality of an indicator known as confidence in cybersecurity. In cybersecurity management, confidence (quality) is crucial in preventing or detecting threats. By understanding IOC's performance and decay, we can determine its confidence level. There has been a model generated to find confidence levels, and this thesis aims to improve those models. Here, the thesis proposes a case study to find the relation between parameters and use the findings in making an improved model finding confidence level.

Indicator of compromise (IOC)

Cybersecurity

Confidence level of IOC.

Elektroteknik och elektronik

Innovative Simulation and Tree Models and Reinforcement Learning Methods with Applications in Cybersecurity

Liu, Enhao

January 2021

No description available.

Industrial Engineering

Optimal Trees

Discrete Event Simulation

Cybersecurity