Global ETD Search

291	Designing an Artificial Immune inspired Intrusion Detection System Anderson, William Hosier 08 December 2023 (has links) (PDF) The domain of Intrusion Detection Systems (IDS) has witnessed growing interest in recent years due to the escalating threats posed by cyberattacks. As Internet of Things (IoT) becomes increasingly integrated into our every day lives, we widen our attack surface and expose more of our personal lives to risk. In the same way the Human Immune System (HIS) safeguards our physical self, a similar solution is needed to safeguard our digital self. This thesis presents the Artificial Immune inspired Intrusion Detection System (AIS-IDS), an IDS modeled after the HIS. This thesis proposes an architecture for AIS-IDS, instantiates an AIS-IDS model for evaluation, conducts a robust set of experiments to ascertain the efficacy of the AIS-IDS, and answers key research questions aimed at evaluating the validity of the AIS-IDS. Finally, two expansions to the AIS-IDS are proposed with the goal of further infusing the HIS into AIS-IDS design. Cybersecurity Bio-inspired Computing Intrusion Detection Human Immune System Artificial Immune System Artificial Intelligence and Robotics Information Security
292	DEFEATING CYBER AND PHYSICAL ATTACKS IN ROBOTIC VEHICLES Hyungsub Kim (17540454) 05 December 2023 (has links) <p dir="ltr">The world is increasingly dependent on cyber-physical systems (CPSs), e.g., robotic vehicles (RVs) and industrial control systems (ICSs). CPSs operate autonomously by processing data coming from both “cyberspace”—such as user commands—and “physical space”—such as sensors that measure the physical environment in which they operate. However, even after decades of research, CPSs remain susceptible to threats from attackers, primarily due to the increased complexity created by interaction with cyber and physical space (e.g., the cascading effects that changes in one space can impact on the other). In particular, the complexity causes two primary threats that increase the risk of causing physical damage to RVs: (1) logic bugs causing undesired physical behavior from the developers expectations; and (2) physical sensor attacks—such as GPS or acoustic noise spoofing—that disturb an RV’s sensor readings. Dealing with these threats requires addressing the interplay between cyber and physical space. In this dissertation, we systematically analyze the interplay between cyber and physical space, thereby tackling security problems created by such complexity. We present novel algorithms to detect logic bugs (PGFuzz in Chapter 2), help developers fix them (PGPatch in Chapter 3), and test the correctness of the patches attempting to address them (PatchVerif in Chapter 4). Further, we explain algorithms to discover the root causes and formulate countermeasures against physical sensor attacks that target RVs in Chapter 5.</p> Hardware security Software and application security System and network security Cybersecurity Robotic vehicle Cyber–physical system Logic bug Physical sensor attack
293	Benevolent and Malevolent Adversaries: A Study of GANs and Face Verification Systems Nazari, Ehsan 22 November 2023 (has links) Cybersecurity is rapidly evolving, necessitating inventive solutions for emerging challenges. Deep Learning (DL), having demonstrated remarkable capabilities across various domains, has found a significant role within Cybersecurity. This thesis focuses on benevolent and malevolent adversaries. For the benevolent adversaries, we analyze specific applications of DL in Cybersecurity contributing to the enhancement of DL for downstream tasks. Regarding the malevolent adversaries, we explore the question of how resistant to (Cyber) attacks is DL and show vulnerabilities of specific DL-based systems. We begin by focusing on the benevolent adversaries by studying the use of a generative model called Generative Adversarial Networks (GAN) to improve the abilities of DL. In particular, we look at the use of Conditional Generative Adversarial Networks (CGAN) to generate synthetic data and address issues with imbalanced datasets in cybersecurity applications. Imbalanced classes can be a significant issue in this field and can lead to serious problems. We find that CGANs can effectively address this issue, especially in more difficult scenarios. Then, we turn our attention to using CGAN with tabular cybersecurity problems. However, visually assessing the results of a CGAN is not possible when we are dealing with tabular cybersecurity data. To address this issue, we introduce AutoGAN, a method that can train a GAN on both image-based and tabular data, reducing the need for human inspection during GAN training. This opens up new opportunities for using GANs with tabular datasets, including those in cybersecurity that are not image-based. Our experiments show that AutoGAN can achieve comparable or even better results than other methods. Finally, we shift our focus to the malevolent adversaries by looking at the robustness of DL models in the context of automatic face recognition. We know from previous research that DL models can be tricked into making incorrect classifications by adding small, almost unnoticeable changes to an image. These deceptive manipulations are known as adversarial attacks. We aim to expose new vulnerabilities in DL-based Face Verification (FV) systems. We introduce a novel attack method on FV systems, called the DodgePersonation Attack, and a system for categorizing these attacks based on their specific targets. We also propose a new algorithm that significantly improves upon a previous method for making such attacks, increasing the success rate by more than 13%. Cybersecurity Machine Learning Computer Vision and Pattern Recognition Generative Adversarial Networks Face Verification systems Class Imbalance Problem Adversarial Attacks
294	REHOSTING EMBEDDED APPLICATIONS AS LINUX APPLICATIONS FOR DYNAMIC ANALYSIS Jayashree Srinivasan (17683698) 20 December 2023 (has links) <p dir="ltr">Dynamic analysis of embedded firmware is a necessary capability for many security tasks, e.g., vulnerability detection. Rehosting is a technique that enables dynamic analysis by facilitating the execution of firmware in a host environment decoupled from the actual hardware. Current rehosting techniques focus on high-fidelity execution of the entire firmware. Consequently, these techniques try to execute firmware in an emulated environment, with precise models of hardware (i.e., peripheral) interactions. However, these techniques are hard to scale and have various drawbacks. </p><p dir="ltr">Therefore, a novel take on rehosting is proposed by focusing on the application components and their interactions with the firmware without the need to model hardware dependencies. This is achieved by rehosting the embedded application as a Linux application. In addition to avoiding precise peripheral modeling, such a rehosting technique enables the use of existing dynamic analysis techniques on these embedded applications. The feasibility of this approach is demonstrated first by manually performing the rehosting on real-world embedded applications. The challenges in each of the phases – retargeting to x86-64, peripheral handling, and fuzzing the rehosted applications are elaborated. Furthermore, automated steps for retargeting to the x86-64 and peripheral handling are developed. The peripheral handling achieves 89% accuracy if reserved regions are also considered. The testing of these rehosted applications found 2 previously unknown defects in driver components.</p> Software and application security System and network security Cybersecurity Firmware Rehosting Real-Time Systems RTOS Dynamic Analysis Embedded Systems Embedded Systems Security
295	Proaktiv Riskhantering: : En kvalitativ studie om dess betydelse för informations- och cybersäkerhetsföretag i sviterna av Covid-19 / Proactive Risk Management: : A qualitative study of its importance for information and cyber security companies in the wake of Covid-19 Ahlén, Fanny, Bauhn, Ludwig January 2023 (has links) Digitaliseringen sker i en rasande fart världen över, vilket resulterar i en ofantlig ökning av data som cirkulerar. Detta i sin tur både bringar nya möjligheter men också stora utmaningar för företag då man ständigt måste vara redo på det oväntade vilket inte minst märktes då Covid-19 pandemin slog till. Organisationer tvingas stänga ner sina kontor och istället arbeta hemifrån, vilket innebär ännu större risker gällande hot och säkerhet om man inte var väl förberedd. Syftet i denna studie är att studera företag inom informations- och cybersäkerhetsbranschen och hur deras interna, proaktiva riskhanteringsarbete ser ut. Med grund i Covid-19 vill vi dessutom studera de lärdomar dessa företag tog med sig från pandemin. För att uppnå detta har vi genomfört en kvalitativ studie baserad på 9 intervjuer med individer inom branschen som fått berätta om deras tankar och åsikter kring proaktiv cybersäkerhet och Covid-19. Studien har resulterat i en sammanställning av de strategier och metoder som anses centrala för att bedriva en så framgångsrik riskhantering som möjligt med stort fokus på individen och dess medvetenhet och kunskap vilket anses vara en central del. Exempelvis kan företag arbeta efter Zero trust-principen för att verifiera och kontrollera vilka tillgångar en individ har, samt arbeta efter de fyra vanligaste arbetssätten; personalutbildning, etiska hackare, jaga hot och proaktiv övervakning av nätverk och slutpunkt, för att proaktivt reducera sannolikheten att exponeras för oönskade risker. / The digitalization develops at a blistering pace all around the world which results in an immense increase of circeling data. This in turn brings new possibilities but at the same time a lot of challenges for companies. They constantly have to be ready and expect the unexpected which was not least noticed when the Covid-19 pandemic hit. Organizations were forced to shut down their offices and work from home instead, which in turn implies even greater risks when it comes to threat and security if you are not prepared. The purpose of this study is to study companies in the information- and cybersecurity industry and how their internal, proactive risk management looks like. With Covid-19 as the foundation we also aim to study the lessons learned by companies as they emerged from the pandemic. To achieve this we have carried out a qualitative study based on 9 interviews with individuals in the industry which have had the opportunity to tell us their thoughts and opinions about proactive cybersecurity and Covid-19. The study has resulted in a compilation of the strategies and methods that are considered central to conducting as successful risk management as possible with a strong focus on the individual and their awareness and knowledge, which is considered to be a central part. For example, companies can work according to the Zero Trust principle to verify and control the assets an individual has, as well as work according to the four most common approaches: employee training, ethical hackers, threat hunting, and proactive monitoring of networks and endpoints, in order to proactively reduce the likelihood of being exposed to unwanted risks. Covid-19 Proactive Cybersecurity Information security Risk management Covid-19 Proaktivt Cybersäkerhet Informationssäkerhet Riskhantering Engineering and Technology Teknik och teknologier
296	Virtual Reality over the Internet : An experimental study of common countermeasures when using VR applications over the Internet / Virtual Reality över Internet : En experimentell studie över vanliga motåtgärder vid användandet av VR applikationer över Internet Wetterström, Max, Rönn, Patric January 2023 (has links) Currently, there is a lack of research behind the security of Virtual Reality against fingerprinting attacks and how these affect the Quality of Experience (QoE) and Quality of Service (QoS) for a user. With practical testing in a game which implements traffic shaping methods as security defences, this thesis aims to take the first step towards changing this. Here, tests were made testing QoS and QoE of countermeasures in a VR game using the game-engine Unity. The countermeasures utilized were random padding, random delays and VPNs. The conclusion reached was that using a delay had a significant impact on QoE, creating a high Round-Trip Time, while changing the packet size had minimal impact to both QoE and QoS. Additionally, utilizing a VPN yielded a minimal impact to both the QoE and QoS. Virtual Reality VR Padding Delay VPN QoS QoE Countermeasures Cybersecurity Fingerprinting Traffic Analysis Computer and Information Sciences Data- och informationsvetenskap
297	Modeling and Characterization of Internet Censorship Technologies Alexander Master (16531995) 29 June 2023 (has links) <p>The proliferation of Internet access has enabled the rapid and widespread exchange of information globally. The world wide web has become the primary communications platform for many people and has surpassed other traditional media outlets in terms of reach and influence. However, many nation-states impose various levels of censorship on their citizens' Internet communications. There is little consensus about what constitutes “objectionable” online content deserving of censorship. Some people consider the censor activities occurring in many nations to be violations of international human rights (e.g., the rights to freedom of expression and assembly). This multi-study dissertation explores Internet censorship methods and systems. By using combinations of quantitative, qualitative, and systematic literature review methods, this thesis provides an interdisciplinary view of the domain of Internet censorship. The author presents a reference model for Internet censorship technologies: an abstraction to facilitate a conceptual understanding of the ways in which Internet censorship occurs from a system design perspective. The author then characterizes the technical threats to Internet communications, producing a comprehensive taxonomy of Internet censorship methods as a result. Finally, this work provides a novel research framework for revealing how nation-state censors operate based on a globally representative sample. Of the 70 nations analyzed, 62 used at least one Internet censorship method against their citizens. The results reveal worldwide trends in Internet censorship based on historical evidence and Internet measurement data. </p> Internet censorship computer networks nation-state censorship filtering managed attribution modeling censorship circumvention
298	Enhancing an Existing Attack Projection System with Deep Learning Kolanowski, Mikael January 2023 (has links) As organizations and critical infrastructure increasingly rely on computer networks for their function, cyber defense becomes more and more important. A recent trend is to employ predictive methods in cybersecurity. Attack projection attempts to predict the next step in an ongoing attack. Previous research has attempted to solve attack projection using deep learning relying solely on LSTM networks. In this work, by contrast, we solved the attack projection problem using three different neural network architectures: an LSTM, a Transformer, and a hybrid LSTMTransformer model. We then proposed a way to integrate our neural models into an existing software framework that relies on sequential rule mining to predict future security alerts. The models were trained and evaluated on a publicly available dataset of network security alerts and evaluated with respect to precision and recall of alert predictions. We found that the Transformer architecture had the best overall performance in all but one experiment and that the LSTM architecture performed the worst across all experiments. / Då organisationer och kritisk infrastruktur blir alltmer beroende av datornätvärk för sin verksamhet, blir cyberförsvar alltmer viktigt. En pågående trend är att använda prediktiva metoder inom cybersäkerhet. Attackprojicering innebär att försöka förutspå nästa steg i en pågående cyberattack. Tidigare forskning som försökte tillämpa djupinlärning på attackprojicering använde sig enbart av LSTMnätverk. I detta arbete använde vi däremot tre olika neurala arkitekturer: en LSTM, en Transformer och en LSTMTransformerhybrid. Vi föreslog sedan ett sätt att integrera våra modeller med ett befintligt mjukvaruramverk som använder sig av sekventiella regler för att förutspå kommande larm. Modellerna tränades och utvärderades på en publik datamängd och utvärderades med hänsyn till precision och återkallelse. Vi fann att Transformermodellen hade bäst prestation i alla utom ett experiment och att LSTMmodellen presterade sämst i alla våra experiment. Cybersecurity Attack projection Deep learning LSTM Transformer Cybersäkerhet Attackprojicering Djupinlärning LSTM Transformer Computer and Information Sciences Data- och informationsvetenskap
299	Information Security Risk Assessment : An Analysis of a Medical Aid Service Hedlund, Filip, Loots, Emma January 2020 (has links) Security in the healthcare sector has historically been insufficient, seeing several high-profile cyber-attacks crippling availability of equipment and vital services with demands of ransom sums, and intrusions collecting sensitive patient data en masse. For this reason, digital services intended for medical use need to be convincingly secure in order to be adopted. This report investigates how to implement sufficient information security for a system involving a digital pill organiser with mobile application connectivity intended for professional medical use. Each component of the currently-indevelopment Dosis Pro system is systematically evaluated in order to assess which security measures need to be taken for the service to be considered adequately secure. The analysis is structured around the ISO IEC 27001:2013 guidelines, and potential solutions are suggested on a per-component basis based on a broad literature study in related research. The result is practical solutions for 19 highlighted problem areas, which should achieve a reasonable level of security overall in combination with the careful data flow of the service. Further, to achieve an exceptionally secure system it is advisable to test the solutions on a complete system, and continuously carry out similar evaluations and improve its design throughout several years of operation. / Hälsovårdssektorn har genom tiderna utstått många angrepp mot sina digitala verktyg och tjänster. Det har rådit allt från storskaliga dataintrång till förhindrande av kritiska offentliga tjänster med krav på lösensummor. På grund av det här måste digitala produkter avsedda för medicinskt bruk visas vara säkra för att bli accepterade. I detta examensarbete undersöks det hur man kan implementera fullgod datasäkerhet för ett system kring en digital pillerdosa med appanslutning avsedd för bruk inom vården. I rapporten undersöks systematiskt varje komponent av Dosis Pro-tjänsten för att avgöra vilka säkerhetsrisker som existerar och vilka åtgärder som behöver vidtas för att tjänsten ska kunna konstateras vara säker. Analysen struktureras enligt riktlinjerna från ISO IEC 27001:2013, lösningar föreslås komponentvis utifrån en bred litteraturstudie inom relaterad forskning. Resultatet är praktiska lösningar för 19 identifierade problemområden, vilka tillsammans bör uppnå en godkänd säkerhetsnivå medräknat tjänstens försiktiga data-flöde. Vidare, för att uppnå ett exceptionellt säkert system, rekommenderas det att testa lösningarna i ett färdigt system, och kontinuerligt utföra liknande utvärderingar för att göra förbättringar under flera år av drift. Computer and Information Sciences Data- och informationsvetenskap
300	Strategic Protection of Vital U.S. Assets Abroad: Intellectual Property Protection in the Trans-Pacific Partnership Dahlquist, Kyla N. 10 October 2014 (has links) No description available. International Relations Intellectual Property Rights International Political Economy Trans Pacific Partnership Cybersecurity Asia Pacific Regionalization US Trade Interests

Search results