Global ETD Search

1	Cyber-Attack Modeling Analysis Techniques: An Overview Al-Mohannadi, Hamad, Mirza, Qublai K.A., Namanya, Anitta P., Awan, Irfan U., Cullen, Andrea J., Pagna Disso, Jules F. January 2016 (has links) Yes / Cyber attack is a sensitive issue in the world of Internet security. Governments and business organisations around the world are providing enormous effort to secure their data. They are using various types of tools and techniques to keep the business running, while adversaries are trying to breach security and send malicious software such as botnets, viruses, trojans etc., to access valuable data. Everyday the situation is getting worse because of new types of malware emerging to attack networks. It is important to understand those attacks both before and after they happen in order to provide better security to our systems. Understanding attack models provide more insight into network vulnerability; which in turn can be used to protect the network from future attacks. In the cyber security world, it is difficult to predict a potential attack without understanding the vulnerability of the network. So, it is important to analyse the network to identify top possible vulnerability list, which will give an intuitive idea to protect the network. Also, handling an ongoing attack poses significant risk on the network and valuable data, where prompt action is necessary. Proper utilisation of attack modelling techniques provide advance planning, which can be implemented rapidly during an ongoing attack event. This paper aims to analyse various types of existing attack modelling techniques to understand the vulnerability of the network; and the behaviour and goals of the adversary. The ultimate goal is to handle cyber attack in efficient manner using attack modelling techniques. Attack modelling Diamond model Kill chain Attack graph
2	Påverkansfaktorer i pansarduellen : människans roll i bekämpningskedjan / Influences in the armed duel : the man in the Kill Chain loop Laestadius, Nils January 2018 (has links) This paper examines the technical and human factors that affect the time a gunner detects, identifies and destroy a target. The paper submits suggestions on technical and educational measures that can be rectified to save time in a combat process. Many battles between combat vehicles take place in swiftly situations, duel fighting. The combat distance is derived from simulated battles from all over Sweden and is set to as short distance as 300 m. The gunner can, under good weather conditions, identify a 2.3 m high target at a distance of 1520 m, but under difficult conditions like in fog, it may be hard to identify at the given distance of 300 m. This, together with, the hit probability of hitting the target due to system scattering and selection of aim point at the target, makes it difficult to determine the effect of the given fire. There is a risk that the gunner will overcompensate that with firing to many rounds at the target, which in turn leads to time losses. The purpose of the paper is to study the Kill chain process to build up knowledge of the processes, in order to understand where it is possible to optimize. This optimization should then reduce the time from detection until the target is destroyed. The results of the analysis show that the proven experience contained in the Armed Forces manuals and regulations is well balanced but lacks references so that traceability is inadequate. The result also shows that if rules of firing are followed, the opponent will be destroyed with sufficient effect. However, it depends on where the target is hit. In the front, it will be difficult to observe the effect, but a hit in the side of the target the effect will be fairly easy to observe as it leads to fire in a high number of extent. The gunner may have to fire up to eight rounds to be sure to destroy a combat vehicle depending on the distance to the target and where the round hit the target. With this result, it is recommended that a further examination be carried out on which algorithms can support image enhancing electro optics. Fusion of sensors plus fire and control systems ought to be examined to find solutions that enable predictive automatically sets of fire to speed up the kill chain. / Denna uppsats undersöker tekniska och mänskliga faktorer som påverkar tiden för en skytt att upptäcka, identifiera och nedkämpa ett mål på markarenan. Uppsatsen lägger fram förslag på vilka åtgärder ur tekniskt- och utbildningshänseende som kan åtgärdas för att spara tid vid ett bekämpningsförlopp. Många strider mellan stridsfordon sker på korta håll i snabba situationer, duellstrider. Stridsavståndet är framtaget från simulerade strider från hela Sverige och är i medeltal så kort som 300 m. Skytten kan med siktets sensor under goda väderleksförhållanden identifiera ett 2,3 m högt mål på 1520 m men kan under svårare förhållanden som i dimma få problem att identifiera motsvarande mål på stridsavstånd under 300 m. Detta tillsammans med sannolikheten att träffa målet på grund av systemspridning och val av riktpunkt gör att verkan kan vara svår att utvärdera och därmed finns risk att skytten fortsätter och bekämpar med risk för överbekämpning av målet som i sin tur leder till tidsförluster och minskad förmåga hos chefer att agera. Syftet med uppsatsen är att studera bekämpningsförloppet för att bygga upp kunskap inom området, för att kunna förstå var det går att optimera. Denna optimering skall sedan leda till att minska tiden från upptäckt till att målet är nedkämpat. Resultatet av undersökningen visar att den beprövade erfarenheten som återfinns i Försvarsmaktens handböcker och reglementen är väl avvägd men saknar referenser så att spårbarheten är bristfällig. Resultatet visar också att om skjutregler följs så kommer motståndaren att kunna nedkämpas med tillräcklig verkan. Dock så är det beroende på var i målet träffen tar. I front kommer det vara svårt att observera verkan medans träffar i sida leder till brand i stor utsträckning. Skytten kan vara tvungen att skjuta upp till åtta skott för att nedkämpa ett stridsfordon beroende på skjutavstånd och riktpunkt i målet. Med detta resultat så rekommenderas att det sker en fortsatt undersökning om vilka algoritmer som kan stödja en bildförbättrande optronik. Fusion av sensorer och eldledningssystemet bör undersökas för att hitta lösningar som gör det möjligt att prediktera eldmoment automatiskt för att snabba upp bekämpningskedjan. bekämpningskedjan Kill Chain träffsannolikhet nedkämpningsmodell tidsaspekt Elektroteknik och elektronik
3	Offensiva cyberoperationer : en undersökning ur ett humanitärrättsligt perspektiv / Offensive cyber operations : a study from an international humanitarian law perspective Arell, Viktor January 2022 (has links) Militär och civil verksamhet kan nyttja samma nätverk och vara beroende av samma digitala infrastruktur, vilket innebär att det kan uppstå svårigheter med att göra åtskillnad på vad som är civilt och vad som är militärt i samband med offensiva cyberoperationer. Offensiva cyberoperationers effekter kan dessutom vara svårkontrollerade. Följaktligen uppkommer frågan hur en offensiv cyberoperation ska genomföras med hänsyn till de humanitärrättsliga kraven på att skydda civila personer och objekt. Syftet med uppsatsen är att undersöka hur befälhavare i Försvarsmakten ska förhålla sig till humanitär rätt vid offensiva cyberoperationer under internationella väpnade konflikter. Med avstamp i detta syfte utgår uppsatsen från följande frågeställningar: Var går skiljelinjen mellan militära mål och civila i samband med Försvarsmaktens offensiva cyberoperationer under internationella väpnade konflikter? Hur kan sidoskador undvikas i samband med Försvarsmaktens offensiva cyberoperationer under internationella väpnade konflikter? Frågeställningarna besvaras genom att använda rättsdogmatiskmetod med Tilläggsprotokoll I till Genèvekonventionerna som huvudsaklig rättskälla. Analysen avseende hur sidoskador kan undvikas baseras på Lockheed Martins modell, Cyber kill chain. Uppsatsens slutsats är att det är ovidkommande för var skiljelinjen går om ett objekt ursprungligen är civilt, om användaren av objektet är civil eller om objektet delvis nyttjas för civila ändamål. Så länge objektet effektivt bidrar till militära operationer och en påverkan av objektet medför en avgjord militär fördel ska det klassificeras som ett militärt mål. Vidare är uppsatsens slutsats att informationsinhämtning och kontroll under hela operationsskedet är nyckeln till att undvika sidoskador i samband med Försvarsmaktens offensiva cyberoperationer under internationella väpnade konflikter. / Military and civilian functions can use the same network and depend on the same digital infrastructure, which means that there can be difficulties when distinguishing civilian objects from military objects during cyber operations. Moreover, the effects of offensive cyber operations can be difficult to control. Consequently, the question arises how an offensive cyber operation should be carried out in the light of the humanitarian law requirement to protect civilians and civilian objects. The purpose of the thesis is to examine how commanders in the Swedish Armed Forces shall comply with international humanitarian law during offensive cyber operations during international armed conflicts. Based on this purpose, the thesis revolves around the following questions: Where is the dividing line between military objectives and civilians when the Swedish Armed Forces carry out offensive cyber operations during international armed conflicts? How can collateral damage be avoided when the Swedish Armed Forces carry out offensive cyber operations during international armed conflicts? The questions are answered by using legal dogmatic method. Additional Protocol I to the Geneva Conventions is used as the main source of law. The analysis of how collateral damage can be avoided is based on Lockheed Martin's model, Cyber kill chain. The conclusion of the thesis is that it is irrelevant whether an object is originally civilian, if the user of the object is civilian or if the object is partly used for civilian purposes. As long as the object effectively contributes to military actions and an impact on the object entails a definite military advantage, it shall be classified as a military objective. Furthermore, the thesis concludes that information gathering and control throughout the operation is the key to avoiding collateral damage when the Swedish Armed Forces carry out offensive cyber operations during international armed conflicts. Cyber Offensiva cyberoperationer Cyber kill chain Humanitär rätt Distinktion Social Sciences Interdisciplinary
4	Ransomware-attacker : En kvalitativ studie kring informationssäkerhetsarbetet inom mindre svenska kommuner Järgenstedt, Tindra, Kvernplassen, Nelly January 2023 (has links) Ransomware-attacker har blivit ett allt större hot i och med samhällets ständigt pågående digitalisering. Denna studie undersöker vilka faktorer som är viktiga för att förhindra ransomware-attacker mot mindre svenska kommuner. För att åstadkomma detta genomfördes semistrukturerade intervjuer med sex olika respondenter. De som intervjuades arbetade alla i mindre svenska kommuner och hade god insyn och kunskap kring kommunens IT- och informationssäkerhetsarbete. Materialet analyserades sedan utifrån Protection Motivation Theory (PMT). Studien diskuterar både kommunernas attityd till informationssäkerhet samt konstaterar vilka säkerhetsåtgärder som utmärker sig som viktigast. Dessa var skyddade säkerhetskopior, utbildning samt kontinuitetsplaner kopplade till just IT-attacker. / Ransomware attacks have become an increasing threat with the ongoing digitalization of society. This study investigates what factors are important to prevent ransomware attacks against smaller Swedish municipalities. To accomplish this, semi-structured interviews were conducted with six different respondents. The interviewees all worked in smaller Swedish municipalities and had good insight and knowledge of the municipality's IT and information security work. The material was then analyzed using Protection Motivation Theory (PMT). The study discusses both the municipalities' attitude to information security and notes which security measures stand out as most important. These were protected backups, education and continuity plans linked to IT attacks. The paper then concludes with suggestions for further research. Information Security Cyber security Ransomware attack Qualitative research Swedish municipalities Protection Motivation Theory Kill-chain Informationssäkerhet Cybersäkerhet Ransomware-attack Kvalitativ studie Svenska kommuner Protection Motivation Theory Kill Chain Information Systems, Social aspects
5	Training Security Professionals in Social Engineering with OSINT and Sieve Meyers, Jared James 01 June 2018 (has links) This research attempts to create a novel process, Social Engineering Vulnerability Evaluation, SiEVE, to use open source data and open source intelligence (OSINT) to perform efficient and effectiveness spear phishing attacks. It is designed for use by "œred teams" and students learning to conduct a penetration test of an organization, using the vector of their workforce. The SiEVE process includes the stages of identifying targets, profiling the targets, and creating spear phishing attacks for the targets. The contributions of this research include the following: (1) The SiEVE process itself was developed using an iterative process to identify and fix initial shortcomings; (2) Each stage of the final version of the SiEVE process was evaluated in an experiment that compared performance of students using SiEVE against performance of those not using SiEVE in order to test effectiveness of the SiEVE process in a learning environment; Specifically, the study showed that those using the SiEVE process (a) did not identify more targets, (b) did identify more information about targets, and (c) did lead to more effective spear phishing attacks. The findings, limitations, and future work are discussed in order to provide next steps in developing formalized processes for red teams and students learning penetration testing. social engineering open source intelligence ethics IEEE ACM red team cyber kill chain cyber security Science and Technology Studies
6	Information Security Training and Serious Games Agrianidis, Anastasios January 2021 (has links) The digital transformation of the 21st century has led to a series of new possibilities and challenges, where one major concern of many major organizations and enterprises is promoting Information Security Awareness and Training (ISAT) for their employees. This aspect of Information Security (IS) can promote cybersecurity in the work environment against threats related to the human factor. Apart from traditional methods as workshops and seminars, researchers study the effect of gamification on ISAT, by proposing customized digital games to train employees regardless their IT skills. This thesis is trying to propose what techniques and approaches can be considered to train people throughout a full threat progression by studying the features of previous efforts. For this purpose, a literature study based on the principles of a systematic literature review (SLR) is essential to gather the available data and review their characteristics. More specifically, the solutions of the researchers are analyzed against the seven steps of the Lockheed Martin Cyber Kill Chain (LM CKC), where each game is classified to one or more phases, according to the training they offer. Thus, some tools can provide a wide range of training, covering many aspects of the CKC, while others are targeting a specific IS topic. The results also suggest that popular attacks involving social engineering, phishing, password and anti-malware software are addressed by many games, mainly in the early stages of the CKC and are focus on trainees without professional IT background. On the other hand, in the last two phases of the CKC, the majority of categorized games involves countermeasures that IS specialists must launch to prevent the security breach. Therefore, this study offers insight on the characteristics of serious games, which can influence an ISAT program, tailored to the enterprise’s distinct IS issue(s) and the IT background of the trainees. Information Security Awareness Training Serious Games Lockheed Martin Cyber Kill Chain Computer Systems Datorsystem Information Systems
7	UAV:ernas möte med en högteknologisk motståndare : en fallstudie av konfikten i Ukraina Andersson, Liam January 2019 (has links) UAV:er används frekvent i samhället och med detta har den kommersiella marknaden växt. Därför är det rimligt att de används i större utsträckning i konflikter, vilket innebär att konflikter där båda parter har UAV:er som kan klassas som relativt högteknologiska möts blir troligare. Ukraina och Rysslands användande av UAV i Ukraina kan räknas som denna typ av konflikt. I uppsatsen är det UAV:er av den militära typen som diskuteras. Skillnaden mellan dessa och civila typer är framförallt räckvidd, flygtid och kvalitén på sensorerna.För att undersöka hur UAV:er nyttjas och taktiseras med i denna typ av konflikter har följande frågeställning använts: Hur påverkas nyttjandet av UAV:er i en konflikt mellan två högteknologiska motståndare?Genom att analysera beslutsprocessen med hjälp av OODA-loopen och bekämpningskedjan har författaren kunnat dra följande slutsatser om nyttjandet i denna typ av konflikt. Uppsatsen är genomförd som en fallstudie där metoderna kvalitativ textanalys och intervju använts Slutsatsen är att den multiplikator som UAV varit i Ukraina visar på att de kommer fortsätta användas i framtida konflikter. Trots att telekrig varit aktivt mot just UAV:erna och att de saknar motmedel mot störningen har de fortsatt att nyttjas, den multiplikatoreffekt de bidrar med kan motiveras stridsekonomiskt och väger tyngre än de problem som störningen innebär. / UAV: s are in more frequent use as a result of a growing commercial market. This increases the probability of UAV: s in conflicts. This means that conflicts where both sides have access to UAV: s that are relatively high-tech becomes more likely. Ukraine and Russia’s use of UAV: s in Ukraine can be described as this kind of conflict. In this paper it is primarily military UAV: s that are discussed. The difference between these and their civilian counterparts are range, flight time and the quality of the sensors. In order to understand how the use of UAV: s is being affected, the following question needs to be answered. How is the use of UAV: s affected in a conflict between two high-tech opponents? This was answered by analysing the decision-making process using the OODA loop and the kill chain. The paper is a case study which uses qualitative text analysis and an interview.The conclusion of this paper is that UAV: s has acted as a force multiplier in Ukraine and they will be used in future conflicts. Despite the electronic warfare against the UAV: s and the fact that they are missing systems for counteracting the disturbance both sides continue to use UAV: s. The force multiplier that is gained from using UAV: s is justified from a battle economic standpoint despite being hindered by electronic warfare. unmanned Arial Vehicle UAV OODA loop Kill chain electronic warfare Ukraine unmanned Arial Vehicle UAV OODA-loopen bekämpningskedjan telekrig Ukraina Social Sciences Interdisciplinary
8	Simulace správy informační bezpečnosti ve fakultním prostředí / Simulating information security management within a university environment Hložanka, Filip January 2020 (has links) This diploma thesis is concerned with simulating information security management within a university environment. It is divided into three parts. The theoretical part focuses on describing the assets which could be part of a faculty network, attacks that could target it, security processes which could protect it and users that are active within it. The analytical part then applies these segments on a real faculty network. Based on this analysis, a set of specific assets, attacks, security processes and other tasks is created in order to simulate a simplified version of the analyzed network using a sophisticated cybernetic polygon. The security of the network is then assessed after several iterations of the simulations. Its parameters are adjusted in the effort to increase its security and the module is tested on an academic employee in order to assess its effectiveness. The conclusion evaluates the possibilities of increasing the security of the simulated network as well as the usability of the cybernetic polygon in practice.

Search results