Global ETD Search

241	Algorithms and Frameworks for Accelerating Security Applications on HPC Platforms Yu, Xiaodong 09 September 2019 (has links) Typical cybersecurity solutions emphasize on achieving defense functionalities. However, execution efficiency and scalability are equally important, especially for real-world deployment. Straightforward mappings of cybersecurity applications onto HPC platforms may significantly underutilize the HPC devices' capacities. On the other hand, the sophisticated implementations are quite difficult: they require both in-depth understandings of cybersecurity domain-specific characteristics and HPC architecture and system model. In our work, we investigate three sub-areas in cybersecurity, including mobile software security, network security, and system security. They have the following performance issues, respectively: 1) The flow- and context-sensitive static analysis for the large and complex Android APKs are incredibly time-consuming. Existing CPU-only frameworks/tools have to set a timeout threshold to cease the program analysis to trade the precision for performance. 2) Network intrusion detection systems (NIDS) use automata processing as its searching core and requires line-speed processing. However, achieving high-speed automata processing is exceptionally difficult in both algorithm and implementation aspects. 3) It is unclear how the cache configurations impact time-driven cache side-channel attacks' performance. This question remains open because it is difficult to conduct comparative measurement to study the impacts. In this dissertation, we demonstrate how application-specific characteristics can be leveraged to optimize implementations on various types of HPC for faster and more scalable cybersecurity executions. For example, we present a new GPU-assisted framework and a collection of optimization strategies for fast Android static data-flow analysis that achieve up to 128X speedups against the plain GPU implementation. For network intrusion detection systems (IDS), we design and implement an algorithm capable of eliminating the state explosion in out-of-order packet situations, which reduces up to 400X of the memory overhead. We also present tools for improving the usability of Micron's Automata Processor. To study the cache configurations' impact on time-driven cache side-channel attacks' performance, we design an approach to conducting comparative measurement. We propose a quantifiable success rate metric to measure the performance of time-driven cache attacks and utilize the GEM5 platform to emulate the configurable cache. / Doctor of Philosophy / Typical cybersecurity solutions emphasize on achieving defense functionalities. However, execution efficiency and scalability are equally important, especially for the real-world deployment. Straightforward mappings of applications onto High-Performance Computing (HPC) platforms may significantly underutilize the HPC devices’ capacities. In this dissertation, we demonstrate how application-specific characteristics can be leveraged to optimize various types of HPC executions for cybersecurity. We investigate several sub-areas, including mobile software security, network security, and system security. For example, we present a new GPU-assisted framework and a collection of optimization strategies for fast Android static data-flow analysis that achieve up to 128X speedups against the unoptimized GPU implementation. For network intrusion detection systems (IDS), we design and implement an algorithm capable of eliminating the state explosion in out-of-order packet situations, which reduces up to 400X of the memory overhead. We also present tools for improving the usability of HPC programming. To study the cache configurations’ impact on time-driven cache side-channel attacks’ performance, we design an approach to conducting comparative measurement. We propose a quantifiable success rate metric to measure the performance of time-driven cache attacks and utilize the GEM5 platform to emulate the configurable cache. Cybersecurity HPC GPU Intrusion Detection Automata Processor Android Program Analysis Cache Side-Channel Attack
242	SECURING THE FUTURE : Exploring Barriers to Sustainable Cybersecurity Practices Egelrud, Andrea, Holmgren, Johanna January 2024 (has links) Organizations are embracing technological solutions to improve efficiency; however, this also opens organizations to new threats. The rapid development of new technology, such as AI, combined with a changing threat landscape, puts organizations under pressure to adapt. Simultaneously, the EU has proposed a new directive that forces organizations to adopt stricter cybersecurity measures. This raises the question of how organizations can create sustainable cybersecurity practices that will ensure safety over time despite rapid changes in the environment. This has resulted in the following research question: What are the barriers to establishing sustainable cybersecurity practices? To answer this question, ten semi-structured interviews with experts in the cybersecurity field were conducted. Five barriers were identified: (1) barriers in cybersecurity activities, (2) barriers of existing resources, (3) barriers in the human factor, (4) technical barriers, and (5) external barriers, which contribute to bridging the gap between best practices established in research and issues that practitioners are facing. Further, it contributes to an understanding of the importance of a more holistic approach to cybersecurity measures contributing to previous research within the field of IS. Cybersecurity practices Awareness Readiness Competencies Information Systems, Social aspects
243	Trustworthy Embedded Computing for Cyber-Physical Control Lerner, Lee Wilmoth 20 February 2015 (has links) A cyber-physical controller (CPC) uses computing to control a physical process. Example CPCs can be found in self-driving automobiles, unmanned aerial vehicles, and other autonomous systems. They are also used in large-scale industrial control systems (ICSs) manufacturing and utility infrastructure. CPC operations rely on embedded systems having real-time, high-assurance interactions with physical processes. However, recent attacks like Stuxnet have demonstrated that CPC malware is not restricted to networks and general-purpose computers, rather embedded components are targeted as well. General-purpose computing and network approaches to security are failing to protect embedded controllers, which can have the direct effect of process disturbance or destruction. Moreover, as embedded systems increasingly grow in capability and find application in CPCs, embedded leaf node security is gaining priority. This work develops a root-of-trust design architecture, which provides process resilience to cyber attacks on, or from, embedded controllers: the Trustworthy Autonomic Interface Guardian Architecture (TAIGA). We define five trust requirements for building a fine-grained trusted computing component. TAIGA satisfies all requirements and addresses all classes of CPC attacks using an approach distinguished by adding resilience to the embedded controller, rather than seeking to prevent attacks from ever reaching the controller. TAIGA provides an on-chip, digital, security version of classic mechanical interlocks. This last line of defense monitors all of the communications of a controller using configurable or external hardware that is inaccessible to the controller processor. The interface controller is synthesized from C code, formally analyzed, and permits run-time checked, authenticated updates to certain system parameters but not code. TAIGA overrides any controller actions that are inconsistent with system specifications, including prediction and preemption of latent malwares attempts to disrupt system stability and safety. This material is based upon work supported by the National Science Foundation under Grant Number CNS-1222656. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation. We are grateful for donations from Xilinx, Inc. and support from the Georgia Tech Research Institute. / Ph. D. Trustworthy Computing Secure Computing Autonomic Computing Cybersecurity Embedded Systems Cyber-Physical Systems Process Control Systems
244	Verification of MAKE, a security protocol for LDACS : Modeling 'Mutual Authentication and Key Exchange' protocol in Tamarin Prover / Verifiering av säkerhetsprotokollet MAKE i Tamarin Prover Styfberg, Max, Odermalm, Josefin January 2024 (has links) This report presents an approach to reinforce the security of the L-band Digital Aeronautical Communications System (LDACS) by developing and testing an enhanced protocol model. We have created a protocol model of MAKE, Mutual authentication and Key Exchange, based on the paper "Enhancing Cybersecurity for LDACS: a Secure and Lightweight Mutual Authentication and Key Agreement Protocol" by Suleman Khan, Gurjot Singh Gaba, Andrei Gurtov, in which the research paper addresses the security challenges inherent in LDACS. Using the open-source tool Tamarin Prover, we analysed and simulated the protocol to evaluate its effectiveness against posing threats. In this paper, our methodology involves an understanding of the MAKE protocol's architecture, identifying vulnerabilities and modeling in Tamarin Prover, to strengthen the security of LDACS. We developed two models of the protocol. The test consisted of four different lemmas and revealed partial verification of the two models, but with different outcomes. Some aspects of the model were proven to be true. Therefore, further research needs to be done to successfully validate these lemmas to ensure the robustness and reliability of the analyzed security protocol, MAKE. Cybersecurity LDACS Tamarin-Prover MAKE Verification FCI Aviation Other Computer and Information Science Annan data- och informationsvetenskap
245	Multi-Cloud architecture attacks through Application Programming Interfaces Lander, Theodore Edward, Jr. 10 May 2024 (has links) (PDF) Multi-cloud applications are becoming a universal way for organizations to build and deploy systems. Multi-cloud systems are deployed across several different service providers, whether this is due to company mergers, budget concerns, or services provided with each provider. With the growing concerns of potential cyber attacks, security of multi-cloud is an important subject, especially within the communications between systems through Application Programming Interfaces (APIs). This thesis presents an in depth analysis of multi-cloud, looking at APIs and security, creates a mock architecture for a multi-cloud system, and executes a cyber attack on this architecture to demonstrate the catastrophic effects that could come of these systems if left unprotected. Finally, some solutions for security are discussed as well as the potential plan for more testing of cyber attacks in this realm
246	Designing value propositions by addressing cyber security in IoT devices : A case study of V2X / Konstruera värdeerbjudanden genom att adressera cybersäkerhet i IoT-enheter : En fallstudie av V2X Bellwood, Anton, Hjärtstam, Max January 2024 (has links) Purpose: This study aims to identify how OEM can design value propositions when addressing cybersecurity challenges. Currently there are no studies found that pinpoint the value that can be created regarding cybersecurity. Therefore, the purpose of this master thesis is to bridge cybersecurity and value proposition into a roadmap OEM can use to organize the activities required for mitigating cyberthreats, and thereby create value. Method: An abductive approach has been utilized in this thesis. The analysis was based on 15 interviews with industry experts and employees at the thesis company. Secondary data was gathered through a thorough literature review. To derive findings from the data collection, a thematic analysis was conducted. Findings: The findings resulted in 3 clusters, cybersecurity challenges, mitigation strategies and value proposition. From this, the value proposition for secure IoT devices framework was developed. The framework has three elements which is derived from the thematical clustering’s. Cybersecurity challenges, Value proposition design and core value dimensions. Theoretical contributions: We believe our thesis have three theoretical contributions. Firstly, it contributes to the literature on crafting value propositions for IoT products. Secondly, the report adds to the growing literature regarding V2X. Lastly, the thesis presents the fusion of the two first contributions, where value proposition and V2X works in continuum, thereby contributing to business and commercialisation aspect of V2X. Practical contributions: The practical contribution for the thesis is the framework which can be used as a managerial guide in designing value propositions for IoT devices. The framework brings together different strategies to address cybersecurity challenges, and the importance of collaborative value creation. The practical contributions also include the placement of cybersecurity within the kano model, which is important to keep in mind when creating value. Limitations and future research: The first limitation is that the data collection was mainly conducted with industry professionals specializing in cybersecurity, though not specifically within the automotive sector. This may have introduced some bias in the findings. Another limitation is that majority of end users don’t have general knowledge regarding cybersecurity, which led to the decision to not pursue interviews directly with end users. Consequently, there are no mitigation activities based on end user’s input. However, anticipating that awareness and perceptions on cybersecurity will intensify in the future, this presents an opportunity for future research. / Syfte: Denna studie syftar till att identifiera hur OEMs kan utforma värdeerbjudanden genom att adressera diverse cybersäkerhetsutmaningar. För närvarande finns det inga studier som undersöker det värde som kan skapas gällande cybersäkerhet. Syftet med denna uppsats är därför att integrera cybersäkerhet och värdeerbjudande i en färdplan som OEMs kan använda för att organisera de aktiviteter som krävs för att motverka cyberhot och därigenom skapa värde. Metod: I denna rapport har en abduktiv ansats använts. Analysen baserades på 15 intervjuer med branschexperter och anställda på exjobb-företaget. Sekundärdata samlades in genom en noggrann litteraturöversikt. För att analysera resultat från datainsamlingen genomfördes en tematisk analys som resulterade i tre huvudteman; Cybersäkerhetsutmaningar, förebyggande strategier och värdeerbjudande. Resultat: Studien resulterade i flera viktiga aspekter att ta i beaktning vid konstruerandet av värdeerbjudanden för säkra IoT-enheter. Utifrån våra resultat konstruerades ett ramverk som ämnas användas av OEMs vid utformning av värdeerbjudanden. Ramverket består av tre element som härstammar från de tematiska klustren. Cybersäkerhetsutmaningar, Värdeerbjudande design och kärnvärden. Teoretiska bidrag: Vi anser att vår studie har tre teoretiska bidrag. För det första bidrar den till litteraturen för att utforma värdeerbjudanden för IoT-enheter. För det andra bidrar rapporten till den växande litteraturen inom V2X. Slutligen presenterar studien fusionen av de två första bidragen, där värdeförslag och V2X fungerar i kontinuitet och därigenom bidrar till affärs- och kommersialiseringssidan av V2X. Praktiska bidrag: Det praktiska bidraget för studien är ramverket som kan användas som en ledningsguide vid utformningen av värdeerbjudanden för V2X och övriga IoT-enheter. Ramverket sammanför olika strategier för att hantera cybersäkerhetsutmaningar och betydelsen av samarbete vid värdeskapande. De praktiska bidragen inkluderar också placeringen av cybersäkerhet inom Kano-modellen, vilket är viktigt att ha i åtanke när värde ska skapas för IoT produkter. Begränsningar och vidare forskning: Det finns två huvudsakliga begränsningar i vår studie. För det första så utfördes datainsamlingen huvudsakligen med branschexperter som specialiserat sig på cybersäkerhet, även om inte specifikt inom V2X säkerhet. Detta kan ha introducerat viss partiskhet i resultaten. En annan begränsning är att majoriteten av slutanvändare saknar allmän kunskap om cybersäkerhet, vilket ledde till beslutet att inte genomföra intervjuer direkt med slutanvändare. Följaktligen finns det inga förebyggande aktiviteter baserade på slutanvändares input. Däremot, med tanke på att medvetenheten och uppfattningarna om cybersäkerhet förväntas öka i framtiden, utgör detta en möjlighet för framtida forskning. Nyckelord: Innovation; Värdeerbjudande; Cybersäkerhet, Internet of Things, V2X Innovation value proposition cybersecurity Internet of things v2x Information Systems Business Administration Företagsekonomi
247	The cybersecurity threat of deepfake Brandqvist, Johan January 2024 (has links) The rapid advancement of deepfake technology, utilizing Artificial Intelligence (AI) to create convincing, but manipulated audio and video content, presents significant challenges to cybersecurity, privacy, and information integrity. This study explores the complex cybersecurity threats posed by deepfakes and evaluates effective strategies, to prepare organizations and individuals for these risks. Employing a qualitative research approach, semi-structured interviews with cybersecurity- and AI experts were conducted to gain insights into the current threat landscape, the technological evolution of deepfakes, and strategies for their detection and prevention. The findings reveal that while deepfakes offer opportunities in various sectors, they predominantly also pose threats such as misinformation, identity theft, and fraud. This study highlights the dual-use nature of deepfake technology, where improvements in creation and detection are continually evolving in a technological arms race. Ethical and societal implications are examined, emphasizing the need for enhanced public awareness and comprehensive regulatory frameworks to manage these challenges. The conclusions drawn from this research underscore the urgency of developing robust, AI-driven detection tools, advocating for a balanced approach that considers both technological advancements and the ethical dimensions of these innovations. Recommendations for policymakers and cybersecurity professionals include investing in detection technologies, promoting digital literacy, and fostering international collaboration to establish standards for ethical AI use. This thesis contributes to the broader discourse on AI ethics and cybersecurity, providing a foundation for future research and policy development in the era of digital manipulation. Deepfake cybersecurity artificial intelligence experts Information Systems, Social aspects
248	Comparative Analysis and Development of Security Tools for Vulnerability Detection : Exploring the Complexity of Developing Robust Security Solutions Wiklund, Milton January 2024 (has links) Detta examensarbete ålägger en omfattande studie riktad mot att granska de komplexiteter och utmaningar som förekommer vid utveckling av robusta och effektiva verktyg som upptäcker säkerhetsrisker i kod. Genom att bestyra en jämförande analys av redan existerande säkerhetsverktyg, och engagera sig i ett försök av att utveckla ett säkerhetsverktyg från en grundläggande nivå, strävar detta arbete efter att uppenbara de underliggande anledningarna bakom varför det, inom cybersäkerhet, ännu är en stor utmaning att ligga steget före skadliga aktörer. Inledande bidrar forskningen med en överblick av aktuella säkerhetsverktyg, och samtidigt undersöks deras effektivitet, metoder, samt de typer av sårbarheter som verktygen är designade för att upptäcka. Genom systematiska mätningar betonar studien styrkor och svagheter av säkerhetsverktygen, och samtidigt dokumenteras utvecklingsprocessen av ett nytt säkerhetsverktyg med syfte att upptäcka liknande sårbarheter som de jämförda verktygen. De bemötta utmaningarna vid utvecklande—som att behandla moderna säkerhetshot, och integrera komplexa upptäckningsalgoritmer—diskuteras för att förevisa de övertygande hinder som utvecklare påträffar. Därutöver bedöms viktigheten av att effektivt kunna upptäcka sårbarheter, och hur det kan hjälpa att bevara integritet och pålitlighet av applikationer. Examensarbetet siktar mot att bidra med viktig insyn i området cybersäkerhet, samt stödja fortsatt utveckling i mån av att mildra säkerhetshot. Sammanfattningsvis visar resultatet från denna studie att det krävs både kunskap och ambition för att utveckla ett säkerhetsverktyg från grunden, eftersom nya hot uppstår nästan varenda dag. Studien avslöjar också att skadliga aktörer är kända för att regelbundet leta efter sårbarheter i system, och är en av de ledande anledningarna till varför det är så svårt att bekämpa cyberhot. / This thesis stipulates a comprehensive study aimed at examining the complexities and challenges in developing robust and effective tools for detecting security vulnerabilities in code. By performing a comparative analysis of already existing security tools, and engaging in an attempt of developing a security tool from a foundational level, this work strives to disclose the underlying reasons as to why staying one step ahead of malicious actors remains a difficult challenge in cybersecurity. Introductory, the study provides an overview of current security tools while examining their effectiveness, methodologies, and the types of vulnerabilities they are designed to detect. Through systematic measurements, the study highlights strengths and weaknesses of the security tools while, simultaneously, documenting the process of developing a new security tool designed to detect similar vulnerabilities to the compared tools. The challenges faced during development—such as treating modern security threats, and integrating complex detection algorithms—are discussed to portray the compelling hurdles that developers encounter. Moreover, this thesis assesses the importance of effectively detecting vulnerabilities, and how it can aid in maintaining integrity and trustworthiness of applications. The thesis aims to contribute with valuable insight into the field of cybersecurity and support continued development for mitigating cyber threats. In conclusion, the outcome from this study shows that developing a security tool from a foundational level requires both knowledge and ambition, since new threats occur almost every day. The study also reveals that malicious actors are known for frequently looking for vulnerabilities in systems, making it one of the leading reasons why it is difficult to fight cyber threats. Cybersecurity security tools security threats threat mitigation. Cybersäkerhet säkerhetsverktyg säkerhetshot reducering av hot. Software Engineering Programvaruteknik
249	Getting the general public to create phishing emails : A study on the persuasiveness of AI-generated phishing emails versus human methods Ekekihl, Elias January 2024 (has links) Artificial Intelligence (AI) is ever increasingly becoming more and more widespread, and is available, for the most part freely to anyone. While AI can be used for both good and bad, the potential for misuse exists. This study focuses on the intersection of AI and cybersecurity, with a focus on AI-generated phishing emails. In this study a mixed-method approach was applied and, an experiment, interviews, and a survey were conducted. Experiments and interviews were conducted with 9 participants with various backgrounds, but novices in phishing. In the experiment, phishing emails were created in three distinct ways: Human-Crafted, Internet-aided, and AI-generated. Emails were evaluated during semi-structured interviews, and each participant reviewed six emails in total, where two of these, were real phishing emails. The results from the interviews indicate that AI-generated phishing emails are as persuasive as those created in the Human-Crafted task. On the contrary, in the survey, participants ranked the AI-generated phishing email as the most persuasive, followed by Human-Crafted. The survey was answered by 100 participants. Familiarity plays a crucial part in both persuasiveness and also willingness to go along with the requests in the phishing emails, this was highlighted during interviews and the survey. Urgency was seen as very negative by both the respondents and interviewees. The results from the study highlight the potential for misuse, specifically with the creation of AI-generated phishing emails, research into protection measures should not be overlooked. Adversaries have the potential to use AI, as it is right now, to their advantage. AI ChatGPT cybersecurity GenAI persuasiveness phishing Information Systems, Social aspects
250	An Examination of the Audit Implications of Third-Party Risk Filosa, Jessica Rose 23 May 2024 (has links) Doctor of Philosophy / This study explores whether companies that engage in outsourcing suffer negative audit-related consequences. Outsourcing exposes companies to third-party risk, which is the risk associated with outsourcing IT systems and/or business operations to external companies. Publicly traded companies in the United States are required to file a financial report with the Securities and Exchange Commission each year that includes a discussion of significant risks the company faces. I use this disclosure to identify companies that reveal third-party risk as a major threat to their organization and use machine learning to develop a measure that distinguishes companies exposed to third-party risk from those that are not. Using this measure, I examine whether companies exposed to third-party risk arrangements are more likely to suffer from low quality internal controls, to experience a cybersecurity incident, or to pay higher fees to their external auditor. The results do not show an association between my measure of third-party risk and the likelihood that a company reports a problem with internal controls. However, I do find that companies exposed to third-party risk are more likely to experience a cybersecurity incident. Lastly, I find that companies exposed to third-party risk pay higher fees to their external auditors in the initial year that this risk appears in their annual report. Overall, these results provide initial empirical evidence on the existence and consequences of third-party risk. The findings may be of interest to accounting professionals and managers who are in the early stages of learning to identify and manage their third-party risk exposure. Regulators may also benefit from this study as they contemplate updating the auditing standards related to outsourcing. third-party risk outsourcing internal control cybersecurity audit fees operational efficiency

Search results