• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 2
  • 1
  • Tagged with
  • 4
  • 4
  • 4
  • 3
  • 3
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

An integrated intelligent approach to enhance the security control of it systems : a proactive approach to security control using artificial fuzzy logic to strengthen the authentication process and reduce the risk of phishing

Salem, Omran S. A. January 2012 (has links)
Hacking information systems is continuously on the increase. Social engineering attacks is performed by manipulating the weakest link in the security chain; people. Consequently, this type of attack has gained a higher rate of success than a technical attack. Based in Expert Systems, this study proposes a proactive and integrated Intelligent Social Engineering Security Model to mitigate the human risk and reduce the impact of social engineering attacks. Many computer users do not have enough security knowledge to be able to select a strong password for their authentication. The author has attempted to implement a novel quantitative approach to achieve strong passwords. A new fuzzy logic tool is being developed to evaluate password strength and measures the password strength based on dictionary attack, time crack and shoulder surfing attack (social engineering). A comparative study of existing tools used by major companies such as Microsoft, Google, CertainKey, Yahoo and Facebook are used to validate the proposed model and tool. A comprehensive literature survey and analytical study performed on phishing emails representing social engineering attacks that are directly related to financial fraud are presented and compared with other security threats. This research proposes a novel approach that successfully addresses social engineering attacks. Another intelligent tool is developed to discover phishing messages and provide educational feedback to the user focusing on the visible part of the incoming emails, considering the email’s source code and providing an in-line awareness security feedback.
2

An Integrated Intelligent Approach to Enhance the Security Control of IT Systems. A Proactive Approach to Security Control Using Artificial Fuzzy Logic to Strengthen the Authentication Process and Reduce the Risk of Phishing

Salem, Omran S.A. January 2012 (has links)
Hacking information systems is continuously on the increase. Social engineering attacks is performed by manipulating the weakest link in the security chain; people. Consequently, this type of attack has gained a higher rate of success than a technical attack. Based in Expert Systems, this study proposes a proactive and integrated Intelligent Social Engineering Security Model to mitigate the human risk and reduce the impact of social engineering attacks. Many computer users do not have enough security knowledge to be able to select a strong password for their authentication. The author has attempted to implement a novel quantitative approach to achieve strong passwords. A new fuzzy logic tool is being developed to evaluate password strength and measures the password strength based on dictionary attack, time crack and shoulder surfing attack (social engineering). A comparative study of existing tools used by major companies such as Microsoft, Google, CertainKey, Yahoo and Facebook are used to validate the proposed model and tool. A comprehensive literature survey and analytical study performed on phishing emails representing social engineering attacks that are directly related to financial fraud are presented and compared with other security threats. This research proposes a novel approach that successfully addresses social engineering attacks. Another intelligent tool is developed to discover phishing messages and provide educational feedback to the user focusing on the visible part of the incoming emails, considering the email’s source code and providing an in-line awareness security feedback.
3

The effectiveness of gamification teaching method in raising awareness on Email Phishing : Controlled Experiment

Khairallah, Obay, Abu-Naseer, Ma'moun January 2024 (has links)
This study evaluates the effectiveness of gamification in cybersecurity education, focusing on enhancing email phishing awareness among university students. It compares gamified learning methods with traditional video-based education to determine which approach better improves phishing detection skills. A controlled experiment involved two groups of 30 participants each: one received traditional video-based education on phishing awareness, and the other used a gamified platform, "EmailAware." Pre- and post-tests with the Jigsaw Online Phishing Quiz measured awareness and detection abilities, and a qualitative survey gathered participant feedback on the gamified approach. Results showed significant improvement in phishing detection skills in both groups, with the gamified group demonstrating a higher improvement rate (59%) compared to the traditional group (41%). Participants in the gamified group reported higher engagement and motivation due to the interactive nature of the approach. Limitations include a small sample size and the focus on university students, potentially limiting generalizability. Future research should include a more diverse participant pool and explore the long-term effects of gamified learning on cybersecurity awareness. The findings suggest integrating gamified elements into cybersecurity education can significantly enhance learning outcomes, offering practical recommendations for designing more effective and engaging training programs, ultimately improving overall digital security.
4

Phishing : En innehållsanalys av phishing på webben

Ghani, Hajra January 2016 (has links)
The goal with this research has been to answer questions related to social engineeringbased phishing attacks: email phishing and website phishing. This study answers questions like why these attacks occur, which type of internet users easily get tricked by phishers, Moreover this study consist of different defense mechanisms that exist against the attacks, weaknesses in them, examples to improve them and other technical solutions against them. Often the attacks consist of a combination of both email phishing and website phishing. A link can be sent to a user via email that leads to a phishing site where the user get tricked into submitting personal information.These attacks aims to steal personal information and money from users. There are anti-phishing tools in web browsers and mailsystems to protect the user. There are special phishingfilters and features that can protect users from phishing mails and detect them. Users who get attacked by phishers are those who lack knowledge about them. But since high educated people and security experts also fall for phishing beacuse phishers develop new techniques and strategies to attack users, more advanced techniques in web browsers and mail systems are needed. This study was done through a systematic litterture review where 10 articles where chosen. These articles where studied and summarised through a content analysis. / Målet med denna undersökning har varit att besvara frågor relaterat till social engineeringbaserade phishngattacker: email phishing och website phishing. Den här studien tar upp varför dessa attacker utförs, vilka användare som mest blir drabbade av de. Vidare handlar studien om olika skyddsmekanismer som existerar mot attackerna, vilka bristerna det finns i de, eventuella förbättringsförslag och förslag på andra tekniska lösningar. Oftast sker attackerna genom en kombination av email phishing och website phishing. En skadlig länk kan skickas till en användare via mail som leder till en phishingsida där användaren blir lurad till att fylla i privata uppgifter om sig själv. Dessa attacker sker främst för att stjäla personuppgifter och leder oftast till att en användare blir drabbad finansiellt. Det finns olika anti-phishing verktyg i webbläsare och mailsystem för att skydda användare. Mot email phishing finns speciella phishingfilter och olika kännetecken som hjälper till att skydda mot skadliga mail och upptäcka de. De flesta som blir drabbade av phishing är just användare som ej är medvetna om vad phishing är. Men eftersom det visat sig att även högutbildade människor och säkerhetsexperter faller för phishing då phisher utvecklar nya tekniker och strategier att utföra attacker, krävs det mer avancerade tekniska lösningar i webbläsare och mailsystem. Studien har genomförts med hjälp av en systematisk litteraturstudie, där 10 artiklar valdes ut. Dessa artiklar bearbetades och sammanfattades genom en innehållsanalys.

Page generated in 0.0457 seconds