Global ETD Search

91	Development and Validation of a Proof-of-Concept Prototype for Analytics-based Malicious Cybersecurity Insider Threat in a Real-Time Identification System Hueca, Angel L. 01 January 2018 (has links) Insider threat has continued to be one of the most difficult cybersecurity threat vectors detectable by contemporary technologies. Most organizations apply standard technology-based practices to detect unusual network activity. While there have been significant advances in intrusion detection systems (IDS) as well as security incident and event management solutions (SIEM), these technologies fail to take into consideration the human aspects of personality and emotion in computer use and network activity, since insider threats are human-initiated. External influencers impact how an end-user interacts with both colleagues and organizational resources. Taking into consideration external influencers, such as personality, changes in organizational polices and structure, along with unusual technical activity analysis, would be an improvement over contemporary detection tools used for identifying at-risk employees. This would allow upper management or other organizational units to intervene before a malicious cybersecurity insider threat event occurs, or mitigate it quickly, once initiated. The main goal of this research study was to design, develop, and validate a proof-of-concept prototype for a malicious cybersecurity insider threat alerting system that will assist in the rapid detection and prediction of human-centric precursors to malicious cybersecurity insider threat activity. Disgruntled employees or end-users wishing to cause harm to the organization may do so by abusing the trust given to them in their access to available network and organizational resources. Reports on malicious insider threat actions indicated that insider threat attacks make up roughly 23% of all cybercrime incidents, resulting in $2.9 trillion in employee fraud losses globally. The damage and negative impact that insider threats cause was reported to be higher than that of outsider or other types of cybercrime incidents. Consequently, this study utilized weighted indicators to measure and correlate simulated user activity to possible precursors to malicious cybersecurity insider threat attacks. This study consisted of a mixed method approach utilizing an expert panel, developmental research, and quantitative data analysis using the developed tool on simulated data set. To assure validity and reliability of the indicators, a panel of subject matter experts (SMEs) reviewed the indicators and indicator categorizations that were collected from prior literature following the Delphi technique. The SMEs’ responses were incorporated into the development of a proof-of-concept prototype. Once the proof-of-concept prototype was completed and fully tested, an empirical simulation research study was conducted utilizing simulated user activity within a 16-month time frame. The results of the empirical simulation study were analyzed and presented. Recommendations resulting from the study also be provided. cybersecurity indicator analysis insider threat intrusion detection Computer Sciences
92	A Novel Cooperative Intrusion Detection System for Mobile Ad Hoc Networks Solomon, Adam 01 January 2018 (has links) Mobile ad hoc networks (MANETs) have experienced rapid growth in their use for various military, medical, and commercial scenarios. This is due to their dynamic nature that enables the deployment of such networks, in any target environment, without the need for a pre-existing infrastructure. On the other hand, the unique characteristics of MANETs, such as the lack of central networking points, limited wireless range, and constrained resources, have made the quest for securing such networks a challenging task. A large number of studies have focused on intrusion detection systems (IDSs) as a solid line of defense against various attacks targeting the vulnerable nature of MANETs. Since cooperation between nodes is mandatory to detect complex attacks in real time, various solutions have been proposed to provide cooperative IDSs (CIDSs) in efforts to improve detection efficiency. However, all of these solutions suffer from high rates of false alarms, and they violate the constrained-bandwidth nature of MANETs. To overcome these two problems, this research presented a novel CIDS utilizing the concept of social communities and the Dempster-Shafer theory (DST) of evidence. The concept of social communities was intended to establish reliable cooperative detection reporting while consuming minimal bandwidth. On the other hand, DST targeted decreasing false accusations through honoring partial/lack of evidence obtained solely from reliable sources. Experimental evaluation of the proposed CIDS resulted in consistently high detection rates, low false alarms rates, and low bandwidth consumption. The results of this research demonstrated the viability of applying the social communities concept combined with DST in achieving high detection accuracy and minimized bandwidth consumption throughout the detection process. cooperative Cybersecurity intrusion detection MANET networking Computer Sciences
93	Internet of Things Security Using Proactive WPA/WPA2 Kamoona, Mustafa 05 April 2016 (has links) Indiana University-Purdue University Indianapolis (IUPUI) / The Internet of Things (IoT) is a natural evolution of the Internet and is becoming more and more ubiquitous in our everyday home, enterprise, healthcare, education, and many other aspects. The data gathered and processed by IoT networks might be sensitive and that calls for feasible and adequate security measures. The work in this thesis describes the use of the Wi-Fi technology in the IoT connectivity, then proposes a new approach, the Proactive Wireless Protected Access (PWPA), to protect the access networks. Then a new end to end (e2e) IoT security model is suggested to include the PWPA scheme. To evaluate the solutions security and performance, rstly, the cybersecurity triad: con dentiality, integrity, and availability aspects were discussed, secondly, the solutions performance was compared to a counterpart e2e security solution, the Secure Socket Layer security. A small e2e IoT network was set up to simulate a real environment that uses HTTP protocol. Packets were then collected and analyzed. Data analysis showed a bandwidth e ciency increase by 2% (Internet links) and 12% (access network), and by 344% (Internet links) and 373% (access network) when using persistent and non-persistent HTTP respectively. On the other hand, the analysis showed a reduction in the average request-response delay of 25% and 53% when using persistent and non-persistent HTTP respectively. This scheme is possibly a simple and feasible solution that improves the IoT network security performance by reducing the redundancy in the TCP/IP layers security implementation. Internet of Things WPA Wi-Fi security cybersecurity IoT confidentiality cryptography
94	Designing an Interest-to-Function Career Alignment Model for Cybersecurity Professionals Poteete, Paul Wyatt January 2020 (has links) Cybersecurity professionals are in high demand, but the definition of individual interests and the functions that comprise those roles is more complex than it may seem. In the face of a global shortage of cybersecurity professionals, and an often-difficult team dynamic around these individuals, in addition to a dramatic rise in cybercrime and security breaches, it is important to define and understand career success and career performance within an organization. This research uses a design science approach founded on a sociotechnical theoretical framework based on Information Technology (IT) turnover and Human Resources (HR) theories to analyze individual factors of job satisfaction and job performance for cybersecurity roles to design a cybersecurity interest to function career alignment model through the integration of prominent indicators of individual interest. This is accomplished using a mixed methods approach of surveys, interviews, and a focus group that are employed using various techniques of visual, descriptive, correlation, and thematic analysis. Two key findings within this research involves cybersecurity roles and functions and the ability to align an individual's personal interests to those roles. In the former case, cybersecurity roles are poorly defined and are prone to widespread ambiguity, requiring the design of a taxonomy of discrete functions for analysis. In the latter case, individual interests, as analyzed through popular individual profiling solutions are vague and largely irrelevant to cybersecurity professionals. This requires that individual interests be defined and applied to relevant industry functions to provide meaningful alignment to job satisfaction and job performance. Among the implications for IT Turnover Theory, is the refined attribution of individual interests within cybersecurity roles instead of a monolithic interpretation of cybersecurity professionals as a single factor. This is also true for the Intermediate Linkages Model as the job satisfaction-turnover relationship may be further refined to include industry-specific functions for cybersecurity functions and the specific interests of cybersecurity professionals. The implications for design science research could extend beyond the usage of standard guidelines, venturing into this study's process of using design challenges to illuminate hidden design principles. This challenge-principle relationship may provide additional insight to new or existing facets of reasoning. These new viewpoints may uncover otherwise excluded aspects that provide additional insight into this study or topics beyond. For cybersecurity and human resources practitioners, this study provides several implications beyond the foundation for career training for functional guidance. It provides an alternative viewpoint on organizational and departmental design for cybersecurity to business alignment to increase individual job satisfaction and ultimately improve organizational performance. Future research would result in deployed artifact instantiations that promotes general career direction for future and current cybersecurity personnel, while also providing additional guidance to organizations for the proper deployment of cybersecurity teams. Other research could include IT careers beyond cybersecurity to create a standardized method for the alignment of interests to career functions for the improvement of individual job satisfaction and overall organizational performance. / Thesis (PhD (Information Technology))--University of Pretoria, 2020. / Informatics / PhD (Information Technology) / Unrestricted UCTD Cybersecurity Information Technology Design Science Research Career Satisfaction
95	DYNAMICKÝ BIOMETRICKÝ PODPIS JAKO EFEKTIVNÍ NÁSTROJ PRO VNITROPODNIKOVOU KOMUNIKACI / DYNAMIC BIOMETRIC SIGNATURE AS AN EFFICIENT TOOL FOR INTERNAL CORPORATE COMMUNICATION Hortai, František January 2019 (has links) The aim of this thesis is to provide comprehensive information on the possibilities of authentication, combination of authentication factors and the integration of this issue into corporate communication. The work focuses on this issue and specifies the possibilities for obtaining authentication information, analyses the authentication methods, identification and authorization. It examines the applicability of biometric technologies, the principle of their functionality, examples of their use, their impact, the advantages and disadvantages they bring. A natural, easy-to-use, convenient tool for effective and secure communication is authentication including the dynamic biometric signature. The issues of the dynamic biometric signature technology and its implementation are examined from a comprehensive perspective involving experiments. The research proved that the dynamic biometric signature can serve as a method for supporting secure corporate communication and reduce authentication risks in companies and for individuals.
96	Cybersecurity of remote work migration: A study on the VPN security landscape post covid-19 outbreak Einler Larsson, Lukas, Qollakaj, Kushtrim January 2023 (has links) Background. The pandemic outbreak commenced a large migration of employees from all kinds of industries from previously working in an industrial or office environment to working from home. The remote migration allowed many kinds of work to continue as usual even during a pandemic. A common tool to use when working remotely is a Virtual Private Network (VPN) that allows remote workers to connect to a Local Area Network (LAN) at the company office. Which further grants the remote worker secure access to organizations resources and services. This remote work setup has increased the complexity of the company networks and therefore also magnified the attack surface for cyber threat actors. Objectives. The objective of this thesis involves studying how the VPN security landscape looks like after the pandemic outbreak. Answering questions related to how the attacks on VPNs changed in numbers, which techniques and tactics the adversaries use against VPN security systems and then, for the thesis to “bite itself in the tail”, investigate countermeasures that can further improve the VPN security. Methods. One research method is used in two different fashions to satisfy the objectives. The research method is a Systematic Literature Review (SLR). The first SLR involves research on secondary data reports, published by cyber companies, cyber experts, or cyber departments of large IT organizations. The second SLR involves qualitative research by reading research papers related to how VPN security can be improved. Results. In direct consequence of the remote work migration the number of VPN attacks have increased. The vulnerabilities found in VPN systems have been used extensively where even national cybersecurity organizations have urged companies to patch systems. Advanced Persistent Threat (APT) groups have leveraged the published vulnerabilities by exploiting unpatched systems and established persistent and defense-evasive access to networks that remote workers connect to with VPNs. To counter these threats and to harden the VPN systems and private networks, there are recommendations involving countermeasures such as enforced Multi Factor Authentication (MFA) and adding multiple defense layers in private networks. Conclusions. This thesis concludes that the covid-19 pandemic outbreak was the root cause to the huge remote work transition which in turn caught 99% of all organizations and home networks off guard when it comes to VPN security for remote workers. This caused huge opportunities for threat actors and state sponsored adversaries which is the main reason for the increased number of cyberattacks post covid-19 outbreak. Cyber adversaries exploited every vulnerability, bug, and misconfiguration they could find by conducting tactics and techniques like phishing, ransomware, exploiting VPN vulnerabilities and performing DDoS-attacks to the best of their abilities. This caused huge damage to organizations, governments, healthcare, and militaries all around the world. In order to increase VPN security for remote workers, small, medium or big organizations, we have developed a new VPN hardening framework. Cybersecurity Remote work VPN Exploit Hardening Computer Sciences Datavetenskap (datalogi)
97	THREE ESSAYS ON THE ECONOMICS OF INFORMATION SECURITY Zhang, Leting January 2022 (has links) In recent years, information security has been gaining increasing public attention and has become a high priority for organizations across various industries. Despite the substantial investment in improving security posture, cyber risks continue to escalate as digital transformations are growing rapidly, and new areas of cyber-vulnerability are exposed and exploited. Thus, a critical question for managers, stakeholders, and policymakers is: How to strategically ensure the security of digital assets? To explore the question, my dissertation explores and advances three critical themes in the economics of the information security field. These themes include: 1) unraveling antecedents of risks, 2) determining the optimal level of investment in cybersecurity, and 3) investigating how cybersecurity affects market dynamics. Essay 1 is motivated by security concerns in sharing data across organizations and empirically evaluates the impact of joining a Health Information Exchange (HIE) initiative on a hospital’s data breach risks and corresponding mechanisms. Essay 2 uses a game theoretical model to investigate how to design a cost-effective crowdsourcing solution to help organizations leverage crowds’ wisdom in vulnerability management. Essay 3 examines the role of peer cyber incidents in information asymmetry issues in the financial market and analyze how peer data breaches affect the quality of a firm’s cyber risk disclosure in its financial report. The dissertation sheds light on three crucial factors in information security management: information systems interdependency, innovated cybersecurity solutions, and cyber information asymmetry. / Business Administration/Management Information Systems Business administration Information technology Cybersecurity Data breaches Economics Firm Organization
98	Hack the Human : A qualitative research study exploring the human factor and social engineering awareness in cybersecurity and risk management among Swedish organizations. Andersson, Isak, Bjursell, Liza, Palm, Isak January 2023 (has links) Background: With the rapid advancements in technology, cybersecurity has become a topic of great importance. However, the weakest link in cybersecurity programs is mainly due to human error. Proper cyber-behavior training and up-to-date information are crucial for employees to defend against cybercrimes, as criminals continue to exploit human vulnerabilities. Cybersecurity has become a critical aspect of today's digital world, necessitating comprehensive policies and practices that align with an organization's overall risk management strategy. Social engineering, a tactic employed by cybercriminals, exploits human weaknesses and biases, making prevention and detection more challenging. There are limited understanding of how human behavior affects leaders in engaging with social engineering practices, as well as a lack of consensus on implementing policies related to social engineering. Purpose: Considering the limited understanding of human behavior in cybersecurity, the purpose of this thesis is to investigate and analyze how different Swedish organizations perceive, enact, and are influenced by the awareness of social engineering in cybersecurity and risk management. Method: This is a qualitative thesis that has followed a case study research design and a positivism research philosophy, the approach has been inductive, and data has been collected through semi-structured interviews. Conclusion: Cybersecurity is an ongoing arms race with no foreseeable end in sight, as strategies and methods of attack are constantly evolving. With the data gathered, we discovered that there is a lack of awareness of how the threats can be approached and how to manage them, as well as different strategies that different organizations had employed to tighten the margin of error. The findings suggest a need for increased awareness and education to improve cybersecurity in Swedish organizations. We became aware that organizations exhibit a greater level of naivety than previously assumed, accompanied by the presence of optimism bias. Considering these findings, we strongly advise raising awareness through comprehensive employee education and adopting the Principle of Least Privilege (POLP) to enhance security measures and the awareness that is necessary. To adopt a more holistic perspective, we have derived a modified version of the risk appetite framework that can effectively facilitate the implementation of these recommendations. Cybersecurity risk management social engineering risk appetite Business Administration Företagsekonomi
99	Cybersecurity experiences and practices in charities Lindström, Christoffer January 2022 (has links) This study investigates the security practices of nonprofit organisations in Sweden. Nonprofit organisations are organisations with a social mission. They collect sensitive and critical information, use ICT like other organisations, and face threats from cybercrime. But we know little about how nonprofit organisations protect their assets. The method used for the research was an explorative and descriptive study using a survey methodology with interviews and a questionnaire as the instruments of data collection. Interviews were conducted for five weeks beginning in March. The questionnaire was distributed at the beginning of April to 421 charity organisations. Of those, 58 charities provided valid responses after four weeks. Based on the interviews and questionnaire responses, this research describes charity experiences and practises of cybersecurity. It describes the charity's use of both organisational and technical measures. It also describes the importance that the charity places on cybersecurity, previous experiences of breaches, and challenges with trust and transparency. The results are compared to previous research on nonprofits and small business security. The findings indicate that the current cybersecurity practice in charities is weak—most of the respondents report only using standard technical measures like anti-virus and firewalls. Less frequently, other standard technical measures are used. Charities are split on their use of organisational measures. A slight majority have identified attacks in the last 12 months. Charities respond that their level, knowledge, and budget for cybersecurity are either insufficient or sufficient. Interview findings are that charities are incentivised to prioritise money towards the mission, which prevents them from making investments in cybersecurity. Further research looking to make an impact should explore how society can incentivise charities and donors to invest in cybersecurity. cybersecurity practice charity nonprofit Computer Sciences Datavetenskap (datalogi)
100	Säker digitalisering inom medicinteknik Bergman, Angus January 2023 (has links) Medicinteknik är ett fält med en hög grad av digitalisering som erbjuder många viktiga tjänster inom sjukvården. Sjukvården har på senare år visat sig sårbar för intrång och cyberattacker med goda incitament för fientliga aktörer. Mer uppkopplade system förenklar användningen och integreringen av olika medicinska apparater och system men medför även risker som en följd av att mer av systemet blir tillgängligt för externa aktörer. Nya innovationer och en mer digitaliserad bransch kan alltså medföra problem om nödvändiga säkerhetsåtgärder inte vidtas. Branschen undersöks utifrån följande frågeställning: Hur arbetar medicintekniska företag för att motverka risker och hot inom cybersäkerhet? För att belysa nutidsläget inom branschen gjordes med en kvalitativ utgångspunkt en kartläggning av de risker och hot som branschen upplever med avgränsning på små och medelstora företag inom Sverige. Data samlades in genom ett antal semistrukturerade intervjuer med viss anpassning utifrån organisationens verksamhetsbeskrivning.Totalt utfördes 15 intervjuer, 13 med företag verksamma inom medicinteknik eller medicinframställning. En intervju utfördes med en kontakt på Läkemedelsverket och en intervju utfördes med två kontakter som arbetar med informationssäkerhetsfrågor inom en svensk region. Intervjuerna analyserades sedan med hjälp av tematisk analys. Den tematiska analysen resulterade i sju teman. Bland de intervjuade verksamheterna bedömdes generellt risken för intrång i verksamheten som låg, tjänster eller anslutna produkter som brukas av slutanvändare uppfattades dock som mer utsatta. Intervjuerna utfördes under en övergångsperiod till nya förordningar som ställer strängare krav på patientsäkerhet samt cybersäkerhet för medicintekniska produkter. Kraven som dessa förordningar ställer samt eventuella krav från vården identifierades som den primära motivationen att investera i informationssäkerhet bland de intervjuade företagen. Ett flertal respondenter framförde kritik mot de nya regelverken och hävdade att arbetet som krävs för att uppnå kraven är alltför omfattande för mindre verksamheter och risken att företag eller produkter skulle lämna marknaden som en följd framhävs. Synpunkten från Läkemedelsverket och regionen skiljde sig och de betraktade kraven som ställdes som rimliga samt nödvändiga.Resultaten från intervjuerna visar ett behov av ökat stöd för små och medelstora verksamheter för att kunna uppnå de krav som ställs samt vägleda mindre verksamheter. / MedTech is a sector with a high degree of digitization and responsible for providing many of the innovations and services the health care sector makes use of. In recent years the healthcare sector has shown itself to be vulnerable to intrusions and cyberattacks. Increasingly connected devices confer benefits through increased interoperability of devices and systems, easier access and handling of medical records along with general ease of use. Connecting these devices also puts them at risk of being remotely accessed however, meaning many recent innovations may be problematic if these risks are not properly mitigated. Given how interwoven the sectors mentioned above are there is a high likelihood that insufficient security measures in Medtech will impact healthcare adversely. In hopes of illuminating some of the threats and risks the MedTech sector is currently facing, the following question is asked: How do companies within MedTech work to mitigate cybersecurity risks and threats? To answer these questions a survey was done with focus on small and medium sized entities within MedTech based in Sweden. Data was collected through interviews. A total of 15 interviews were conducted, 13 of which were interviews with companies active within the field of MedTech or medicine.One interview was performed with Läkemedelsverket, a supervisory authority within MedTech and one interview was performed with two contacts within a Swedish county council who hold advisory roles regarding information security. The transcribed interviews were analysed thematically to discern common patterns and findings throughout the interviews. The thematic analysis resulted in 7 themes. Among the interviewed companies the majority perceived the likelihood of an intrusion within their company as low and security efforts were primarily directed towards the service or product on offer where the risk and eventual consequences of an intrusion was deemed to be higher. The interviews took place during a transitional period between old directives and new regulations with more stringent requirements regarding security and cybersecurity for medical devices. Complying with the new regulations and eventual requirements from caregivers were the primary motivators behind investment in cybersecurity among the interviewed companies. A number of respondents critiqued the new regulations on the grounds that the workload complying with the regulation brings is excessive for small enterprises and might cause an exodus of products and companies from the sector. This view was not shared by the respondent from Läkemedelsverket nor the respondents from the Swedish county council who considered the new requirements reasonable and necessary. The results show a need for further support among small and medium sized enterprises in order to handle regulatory demands. MedTech cybersecurity digitisation medicinteknik cybersäkerhet digitalisering Computer Sciences Datavetenskap (datalogi)

Search results