• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 2
  • 1
  • 1
  • 1
  • 1
  • Tagged with
  • 6
  • 6
  • 5
  • 4
  • 3
  • 3
  • 3
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Network vulnerability assessments: a proactive approach to protecting Naval medicine information assets

Reinkemeyer, Steven 06 1900 (has links)
Approved for public release, distribution is unlimited / The purpose of this study was to determine whether Naval Medicine's current Information Assurance Policy and resultant efforts properly address federal requirements or current threats confronting Naval Medicine information technology professionals. The primary research was conducted with a survey instrument detailing thirty questions with various response categories. The findings of the survey questionnaire revealed the existing numbers of previously compromised systems were directly related to the frequency of vulnerability scanning and remediation practices in the current threat environment. This study will provide insight to anyone interested in the future assessment of Naval Medicine's information security posture. These findings have important implications for command personnel charged with the responsibility and accountability of Naval Medicine's networks and data systems, as well as other communities throughout the Navy. / Lieutenant, United States Navy
2

Architectural Introspection and Applications

Litty, Lionel 30 August 2010 (has links)
Widespread adoption of virtualization has resulted in an increased interest in Virtual Machine (VM) introspection. To perform useful analysis of the introspected VMs, hypervisors must deal with the semantic gap between the low-level information available to them and the high-level OS abstractions they need. To bridge this gap, systems have proposed making assumptions derived from the operating system source code or symbol information. As a consequence, the resulting systems create a tight coupling between the hypervisor and the operating systems run by the introspected VMs. This coupling is undesirable because any change to the internals of the operating system can render the output of the introspection system meaningless. In particular, malicious software can evade detection by making modifications to the introspected OS that break these assumptions. Instead, in this thesis, we introduce Architectural Introspection, a new introspection approach that does not require information about the internals of the introspected VMs. Our approach restricts itself to leveraging constraints placed on the VM by the hardware and the external environment. To interact with both of these, the VM must use externally specified interfaces that are both stable and not linked with a specific version of an operating system. Therefore, systems that rely on architectural introspection are more versatile and more robust than previous approaches to VM introspection. To illustrate the increased versatility and robustness of architectural introspection, we describe two systems, Patagonix and P2, that can be used to detect rootkits and unpatched software, respectively. We also detail Attestation Contracts, a new approach to attestation that relies on architectural introspection to improve on existing attestation approaches. We show that because these systems do not make assumptions about the operating systems used by the introspected VMs, they can be used to monitor both Windows and Linux based VMs. We emphasize that this ability to decouple the hypervisor from the introspected VMs is particularly useful in the emerging cloud computing paradigm, where the virtualization infrastructure and the VMs are managed by different entities. Finally, we show that these approaches can be implemented with low overhead, making them practical for real world deployment.
3

Architectural Introspection and Applications

Litty, Lionel 30 August 2010 (has links)
Widespread adoption of virtualization has resulted in an increased interest in Virtual Machine (VM) introspection. To perform useful analysis of the introspected VMs, hypervisors must deal with the semantic gap between the low-level information available to them and the high-level OS abstractions they need. To bridge this gap, systems have proposed making assumptions derived from the operating system source code or symbol information. As a consequence, the resulting systems create a tight coupling between the hypervisor and the operating systems run by the introspected VMs. This coupling is undesirable because any change to the internals of the operating system can render the output of the introspection system meaningless. In particular, malicious software can evade detection by making modifications to the introspected OS that break these assumptions. Instead, in this thesis, we introduce Architectural Introspection, a new introspection approach that does not require information about the internals of the introspected VMs. Our approach restricts itself to leveraging constraints placed on the VM by the hardware and the external environment. To interact with both of these, the VM must use externally specified interfaces that are both stable and not linked with a specific version of an operating system. Therefore, systems that rely on architectural introspection are more versatile and more robust than previous approaches to VM introspection. To illustrate the increased versatility and robustness of architectural introspection, we describe two systems, Patagonix and P2, that can be used to detect rootkits and unpatched software, respectively. We also detail Attestation Contracts, a new approach to attestation that relies on architectural introspection to improve on existing attestation approaches. We show that because these systems do not make assumptions about the operating systems used by the introspected VMs, they can be used to monitor both Windows and Linux based VMs. We emphasize that this ability to decouple the hypervisor from the introspected VMs is particularly useful in the emerging cloud computing paradigm, where the virtualization infrastructure and the VMs are managed by different entities. Finally, we show that these approaches can be implemented with low overhead, making them practical for real world deployment.
4

Effective Vulnerability Management for Small Scale Organisations in Ghana

Lartey, Jerry January 2019 (has links)
Most Small and Medium scale Enterprises (SMEs) in Ghana are notparticularly anxious about the consequences of inadequacy or lack of anyform of vulnerability management operation in their normal businesspractices. This case study research explores how a local Internet ServiceProvider (ISP) in Ghana and its local client-base can manage vulnerabilitieswith a targeted patch management practise integrated into their operations.To answer the research question “How can a SME local Internet ServiceProvider (ISP) in Accra, Ghana, assist their local customer base to integrateeffective cybersecurity vulnerability management into their operations?“,This case study comprised the Subject Matter Expert of one local ISP as well as4 other technical Subject Matter Experts of the ISP’s clients about their patchmanagement operations. This case study research revealed that most SMEs donot consider vulnerability management as a key concern in the operation oftheir organisation and therefore, proposes a way to highlight the importanceof vulnerability management whiles doing so at a cost-effective manner. Theimplications of targeted cybersecurity patch management for the local ISP andtheir client-base is also addressed by this thesis research.
5

雲端運算環境下檔案更新管理之安全性研究 / A study on the security of patch management in a cloud computing environment

簡禎儀 Unknown Date (has links)
隨著雲端運算盛行,企業採用大量虛擬主機來取代實體機器,虛擬主 機有效率的模擬實體機器達到企業減少能源耗損與提高成本效率目 標。 文中提及虛擬主機映像檔目錄系統(VMIC)主要讓使用者能有效 率搜尋期望的檔案並獲得下載的實體位置,故本論文研究重點著重在 改進安全性在原 VMIC 系統,應用 Pakiti 監控系統來掌握更新檔狀況 於實體機器或虛擬機器環境,使資安人員能在短期間內獲得正確資 訊,及時升級更新檔避免攻擊災害發生。 / As cloud computing techniques advance, Virtual Machines (VM) seems to be an appropriate solution than physical machine deployment. Having multiple instances of virtual machines cause more efficient use of computing resources to achieve the aim of energy consumption and cost effectiveness. In this thesis, Virtual Machine Image Catalogue (VMIC) is designed for helping users search and acquire expected virtual machine images promptly. Nevertheless, security of VMIC is also a crucial task to keep systems up-to-date and defends against security attacks. Pakiti is adopted to monitor patch status of physical and virtual machines, and schedules the warning information to remind security staffs to update the patches.
6

Skydd och incidentrespons inom IT-säkerhet : En studie kring utvecklingen av ransomware / Protection and incident response within IT-security: A study about the development of ransomware

Ericson, Christoffer, Derek, Nick January 2023 (has links)
Cybersäkerhet är ett konstant växande hot mot organisationer, genom det ständigt ökade digitaliserade samhället, dock finns tecken på att medvetenheten hos organisationer ökar vad gäller cyberattacker och cybersäkerhet. Cyberattacker kan skapa konsekvenser som kan förhindra organisationens verksamhet. Detta lägger grunden till arbetet, att se hur försvarsförmågan har utvecklats. I värsta fall medför en cyberattack konsekvenser som kan äventyra en organisations överlevnadsförmåga. I och med det nya hotet ransomware, där hotaktören krypterar offrets filer och sedan kräver en lösensumma, har konsekvenserna kraftigt kommit att bli mer fatala. Metoderna för ransomware utvecklas av hotaktörerna vilket kan bidra till mer än bara ekonomiska konsekvenser för organisationen. Mot ransomware gäller i stort samma skyddsåtgärder som mot alla former av cyberattacker, däremot finns en del särskilt viktiga aspekter som belyses i detta arbete, till exempel implementering av backups, adekvat dataskydd samt god Patch Management (d.v.s. protokoll för att åtgärda sårbarheter i programvara). I arbetet sammanställs en branschkonsensus för hur organisationer skall arbeta gentemot cyberattacker, specifikt ransomwareattacker. Detta har gjorts genom en litteratur- och kvalitativ intervjustudie, som sedan har analyserats och diskuterats. Intervjustudien har genomförts hos organisationer som bedöms lämpliga för detta då de dagligen arbetar med cybersäkerhet. En av rekommendationerna är att ha en bra backuprutin, där man skapar, distribuerar och testar dessa. Genom arbetet belyses även hur god patch management bör implementeras. Slutligen presenteras även en ny metod, Ransomware 3.0 där hotaktörer stjäl en organisations IT-miljö för att sedan radera denna lokalt hos organisationen och sedan säljer tillbaka denna, som används av hotaktörerna, som hittills varit okänd, där vidare forskning bör vidtas. / Cybersecurity is a constantly growing threat against organisations due to the increasingly digitalisation of society, although there are signs that the consciousness at organisations has increased regarding cyberattacks and cybersecurity. Cyberattacks can create consequences that can restrain an organisations operations. This creates the foundation for this study, to see how the defence capabilities has developed. A cyberattack can, in the worst case scenario, threaten an organisations ability to survive. In regards to the new threat, ransomware, where the threat actor encrypts the victim’s files and demands a ransom, the consequences can be fatal. The new methods associated with ransomware, where the threat actor also exfiltrates the victim’s files, strongly impact the organisations ability to operate. This could lead to economic consequences, as well as damages towards stakeholder relations. Most protective measures applies towards ransomware, however there are some especially important aspects that are presented in this paper, such as implementation of backups, sufficient data protection as well as good Patch Management (protocol to patch vulnerabilities in software). In this paper, an industry consensus on how organisations should work against cyberattacks, especially ransomware, is compiled. This was performed through a litterature and a qualitative interview study. Both studies has been analysed and discussed.The interview study has been accomplished by interviewing appropriate organisations that work with cyber security daily. One of the recommendations is to have a good backup protocol, which implies creating, distributing and testing these backups. This paper also presents how a good patch management should be implemented. Finally, this paper presents a new method, Ransomware 3.0 where the threat actor steals an organisations IT environment, and then destroys the local copy at the organisation to then sell it back, that is used by the threat actors, that is still uncommon knowledge, where continued research have to be conducted.

Page generated in 0.0773 seconds