Global ETD Search

81	Hacking a Commercial Drone Höglund Gran, Tommie, Mickols, Erik January 2020 (has links) Obemannade luftfarkoster, även kallade drönare, är del av IoT-revolutionen och har uppmärksammats de senaste åren på grund av integritetsfrågor såväl som flygplats- och militär säkerhet. Då de kan flyga samt har implementerat en ökande mängd teknologi, särskilt kamera och annan övervakning, är de attraktiva måltavlor för hackers och penetrationstestare. Ett antal attacker har genomförts i närtid. I detta examensarbete utforskas och attackeras drönaren Parrot ANAFI genom att använda hotmodellering ur ett black box-perspektiv. Hotmodelleringen inkluderar hotidentifiering med STRIDE samt riskvärdering med DREAD. Inga stora svagheter i systemet hittades. Rapporten visar att tillverkaren har en stor säkerhetsmedvetenhet. Exempel på denna medvetenhet är att tidigare rapporterade svagheter har åtgärdats och programkoden har förvrängts. Metoderna och de funna resultaten kan användas för att vidare utforska svagheter i drönare och liknande IoT-enheter. / Unmanned aerial vehicles, commonly known as drones, are part of the IoT revolution and have gotten some attention in recent years due to privacy violation issues as well as airport and military security. Since they can fly and have an increasing amount of technology implemented, especially camera and other surveillance, they are attractive targets for hackers and penetration testers. A number of attacks have been carried out over the years. In this thesis the Parrot ANAFI drone is explored and attacked using threat modeling from a black box perspective. The threat modeling includes identifying threats with STRIDE and assessing risks with DREAD. Major vulnerabilities in the system were not found. This report shows that the manufacturer has a high security awareness. Examples of this awareness are that previously reported vulnerabilities have been mitigated and firmware code has been obfuscated. The methods used and results found could be used to further explore vulnerabilities in drones and similar IoT devices. Computer and Information Sciences Data- och informationsvetenskap
82	Penetration testing of Android applications Nilsson, Robin January 2020 (has links) The market of Android applications is huge, and in 2019, Google Play users worldwide downloaded 84.3 billion mobile applications. With such a big user base, any security issues could have big negative impacts. That is why penetration testing of Android applications is important and it is also why Google has a bug bounty program where people can submit vulnerability reports on their most downloaded applications. The aim of the project was to assess the security of Android applications from the Google Play Security Reward Program by performing penetration tests on the applications. A threat model of Android applications was made where potential threats were identified. A choice was made to focus on the Spotify Application for Android where threats were given ratings based on risks associated with them in the context of the Spotify Application. Penetration tests were made where testing depth was determined by the ratings associated with the attacks.The results of the tests showed that the Spotify Application is secure, and no test showed any real possibility of exploiting the application. The perhaps biggest potential exploit found is a Denial of Service attack that can be made through a malicious application interacting with the Spotify application. The result doesn’t guarantee that the application isn’t penetrable and further testing is needed to give the result more reliability. The methods used in the project can however act as a template for further research into both Spotify and other Android applications. / Marknaden för Android applikationer är enorm och 2019 laddade Google Play användare ner 84.3 miljarder mobil-applikationer. Med en så stor användarbas kan potentiella säkerhetsproblem få stora negativa konsekvenser. Det är därför penetrationstest är viktiga och varför Google har ett bug bounty program där folk kan skicka in sårbarhetsrapporter för deras mest nedladdade applikationer. Målet med projektet är att bedöma säkerheten hos Android applikationer från Google Play Security Reward Program genom utförande av penetrationstester på applikationerna. En hotmodell över Android applikationer skapades, där potentiella hot identifierades. Ett val att fokusera på Spotify för Android gjordes, där hot gavs rankingar baserat på riskerna associerade med dem i kontexten av Spotify applikationen. Penetrationstest gjordes med testdjup avgjort av rankingarna associerade med attackerna.Resultatet av testen visade att Spotify applikationen var säker, och inga test visade på några riktiga utnyttjningsmöjligheter av applikationen. Den kanske största utnyttjningsmöjligheten som hittades var en Denial of Service-attack som kunde göras genom en illvillig applikation som interagerar med Spotify applikationen. Resultaten garanterar inte att applikationen inte är penetrerbar och fortsatt testande behövs för att ge resultatet mer trovärdighet. Metoderna som användes i projektet kan i alla fall agera som en mall för fortsatt undersökning av både Spotify såväl som andra Android applikationer. Computer and Information Sciences Data- och informationsvetenskap
83	Ethical Hacking of an IoT-device: Threat Assessment and Penetration Testing : A Survey on Security of a Smart Refrigerator Radholm, Fredrik, Abefelt, Niklas January 2020 (has links) Internet of things (IoT) devices are becoming more prevalent. Due to a rapidly growing market of these appliances, improper security measures lead to an expanding range of attacks. There is a devoir of testing and securing these devices to contribute to a more sustainable society. This thesis has evaluated the security of an IoT-refrigerator by using ethical hacking, where a threat model was produced to identify vulnerabilities. Penetration tests were performed based on the threat model. The results from the penetration tests did not find any exploitable vulnerabilities. The conclusion from evaluating the security of this Samsung refrigerator can say the product is secure and contributes to a connected, secure, and sustainable society. / Internet of Things (IoT) enheter blir mer allmänt förekommande. På grund av en snabbt expanderande marknad av dessa apparater, har bristfälliga säkerhetsåtgärder resulterat till en mängd olika attacker. Det finns ett behov att testa dessa enheter for att bidra till ett mer säkert och hållbart samhälle. Denna avhandling har utvärderat säkerheten av ett IoT-kylskåp genom att producera en hot modell för att identifiera sårbarheter. Penetrationstester har utförts på enheten, baserade på hot modellen. Resultatet av penetrationstesterna hittade inga utnyttjningsbara sårbarheter. Slutsatsen från utvärderingen av säkerheten på Samsung-kylskåpet är att produkten är säker och bidrar till ett uppkopplat, säkert, och hållbart samhälle. Internet of things (IoT) device security penetration testing threat assessment vulnerabilities Internet of things (IoT) enhet säkerhet penetrationstester hotbedömning sårbarheter Computer and Information Sciences Data- och informationsvetenskap
84	Is Microsoft a Threat to National Security? Policy, Products, Penetrations, and Honeypots Watkins, Trevor U. 11 June 2009 (has links) No description available. Computer Science Information Systems Systems Design Honeypots penetration testing national security network security Microsoft threat to national security hackers Microsoft Windows
85	Evaluating APS Ecosystem Security : Novel IoT Enabled Medical Platform for Diabetes Patients Ceylan, Batuhan January 2020 (has links) Computing technology has been getting more reliable and cheaper every year for the past several decades. Consequently, IoT devices have now become a part of medical technology. One example of this is a new open-source technology that has emerged for type-1 diabetes patients, which regulates the patients’ blood glucose levels. One component of this open-source system is AndroidAPS, a mobile application that manages and controls the system by communicating with the two other components: a blood glucose sensor and an insulin pump. Another component is Nightscout, a web application for monitoring T1D patients. Together they form the APS ecosystem that automatically i) reads blood glucose values, ii) syncs the data with Nightscout, iii) stores patient information into Nightscout database, iv) calculates optimal treatment plan, and v) regulates pump for the ideal insulin intake. The whole system bears several critical assets to guarantee patient health. In this thesis, the security of a representative APS ecosystem is studied. We found 5 critical vulnerabilities in the ecosystem: 1) an XSS vulnerability in the web application due to ineffective input sanitization which lead to stealing administrator password from browser cache, 2) highly sensitive patient data is open to public by default, 3) the web application login mechanism, where all system data is managed, is weak against password guessing attacks together with 4) insecure GET requests used for authentication, and lastly 5) any type of database hijack does not trigger any alarms for Nightscout. Successful attacks result in malicious values synchronized from Nightscout to tamper correct insulin delivery calculations. Possible attack scenarios, devised from existing vulnerabilities in this work, show how an attacker can physically harm their victims through their internet-connected insulin pump. / Datorteknik har blivit mer pålitlig och billigare varje år under de senaste decennierna. Följaktligen har IoT-enheter nu blivit en del av medicinsk teknik. Ett exempel på detta är en ny öppen källkodsteknik som har utvecklats för typ 1- diabetespatienter, som reglerar patienternas blodsockernivåer. En komponent i detta öppen källkodssystem är AndroidAPS, en mobilapplikation som hanterar och kontrollerar systemet genom att kommunicera med de två andra komponenterna: en blodsockersensor och en insulinpump. En annan komponent är Nightscout, en webbapplikation för övervakning av T1D-patienter. Tillsammans bildar de APSekosystemet som automatiskt i) läser blodsockervärden, ii) synkroniserar data med Nightscout, iii) lagrar patientinformation i Nightscout-databasen, iv) beräknar optimal behandlingsplan och v) reglerar pumpen för perfekt insulinintag. Hela systemet har flera kritiska tillgångar för att garantera patientens hälsa. I denna avhandling studeras säkerheten för ett representativt APS-ekosystem. Vi hittade 5 kritiska sårbarheter i ekosystemet: 1) en XSS-sårbarhet i webbapplikationen på grund av ineffektiv sanering av ingångar som leder till att stjäla administratörslösenord från webbläsarens cache, 2) mycket känsliga patientdata är öppna för allmänheten som standard, 3) webben applikationsinloggningsmekanism, där all systemdata hanteras, är svag mot gissningar av lösenord tillsammans med 4) osäkra GET-förfrågningar som används för autentisering, och slutligen 5) någon typ av databaskapning utlöser inga larm för Nightscout. Framgångsrika attacker resulterar i skadliga värden som synkroniseras från Nightscout för att manipulera korrekta insulinleveransberäkningar. Möjliga attackscenarier, utformade utifrån befintliga sårbarheter i detta arbete, visar hur en angripare fysiskt kan skada sina offer genom sin internetanslutna insulinpump. security medical device penetration testing web application IoT säkerhet medicinsk IoT penetrationstest webbapplikation Elektroteknik och elektronik
86	Security Analysis of a Siemens SICAM CMIC Remote Terminal Unit Good, Emma January 2020 (has links) In the power industry, electrical grids are undergoing a modernization intosmart grids. The new smart grids integrate the electrical grid and informationand communication technologies, such as software, automation, and informationprocessing. While enabling remote communication with devices on thegrid, putting the grid online also introduces some major problems, such as therisk of being the target of cyber attacks.In this thesis, a security analysis of the Siemens SICAM CMIC CP-8000 remoteterminal unit, used for remote monitoring and automation of electricalgrids is done. Threat modeling was done to identify vulnerabilities in the system,followed by a penetration test of the web interface, used to configure thedevice, as well as a couple of network attacks. During the penetration test, twocross-site scripting vulnerabilities were discovered, one of which could allowan unauthorized attacker to execute Javascript code in the victim’s browser. Itwas also discovered that a user’s login credentials are leaked in the browserconsole in cleartext when logging in. / I kraftindustrin genomgår elnät en modernisering till smarta elnät. De nyasmarta elnäten integrerar elnät och informations- och kommunkationsteknologi,såsom mjukvara, automatisering, och informationsbehandling. Även omdet möjliggör fjärrkommunikation så introduceras även stora problem när elnätenblir uppkopplade, till exempel risken att bli utsatt för cyberattacker.I detta examensarbete utfördes en säkerhetsanalys av en SICAM CMIC CP-8000 fjärrterminal, tillverkad av Siemens, som används för fjärrstyrning ochautomatisering av elnät. En hotmodell för att identifiera sårbarheter i systemetgjordes, följt av penetrationstesting av hemsidan som används för att konfigureraenheten, samt några nätverksattacker. Under penetrationstestningen hittadestvå cross-site scripting-sårbarheter, där den ena kunde tillåta en oautentiseradangripare att exekvera Javascript-kod i offrets webbläsare. Det upptäcktesäven att en användares inloggningsuppgifter läcktes i webbläsarens konsol iklartext när användaren loggar in. Elektroteknik och elektronik
87	Strengthening Cyber Defense : A Comparative Study of Smart Home Infrastructure for Penetration Testing and National Cyber Ranges / Stärkning av cyberförsvar : En jämförande studie av smarta heminfrastrukturer för penetrationstestning och nationella cyberanläggningar Shamaya, Nina, Tarcheh, Gergo January 2024 (has links) This thesis addresses the critical issue of security vulnerabilities within the Internet of Things (IoT) ecosystem, with a particular emphasis on everyday devices such as refrigerators, vacuum cleaners, and cameras. The widespread adoption of IoT devices across various sectors has raised significant concerns regarding their security, underscoring the need for more effective penetration testing methods to mitigate potential cyberattacks. In response to this need, the first part of this thesis presents an approach to creating a penetration testing environment specifically tailored for IoT devices. Unlike existing studies that primarily focus on isolated or specific device testing, this work integrates various common household IoT appliances into a single testbed, enabling the testing of a complex system. This setup not only reflects a more realistic usage scenario but also allows for a comprehensive analysis of network traffic and interactions between different devices, thereby potentially identifying new, complex security vulnerabilities. The second part of the thesis undertakes a comparative study of cyber range infrastructures and architectures, an area relatively unexplored in existing literature. This study aims to provide nuanced insights and practical recommendations for developing robust, scalable cyber range infrastructures at a national level. By examining different frameworks, this research contributes to the foundational knowledge necessary for advancing national cybersecurity defenses. Overall, the findings from this research aim to contribute to improving IoT security and guiding the development of robust national cyber range frameworks. / Denna avhandling tar upp de säkerhetsbrister som finns inom det ekosystem som omfattar Internet of Things (IoT) enheter, med särskilt fokus på vardagliga apparater som kylskåp, dammsugare och kameror. Den stora spridningen av IoT-enheter inom olika sektorer har väckt många säkerhetsfrågor, vilka betonar behovet av effektivare metoder för penetrationstestning för att förhindra möjliga cyberattacker. För att möta detta behov presenterar den första delen av avhandlingen en metod för att skapa en penetrationstestningsmiljö särskilt anpassad för IoT-enheter. Till skillnad från tidigare studier, vilka främst fokuserar på enskilda eller specifika enhetstestningar, kombinerar detta arbete olika hushållsapparater i en enda testbädd, vilket möjliggör testningen av ett komplext system. Detta upplägg speglar inte bara en mer realistisk användningssituation, utan tillåter också en mer omfattande analys av nätverkstrafik och interaktioner mellan olika enheter, vilket potentiellt kan identifiera nya, komplexa säkerhetsbrister. Den andra delen av avhandlingen genomför en jämförande studie av cyberanläggningars infrastrukturer och arkitekturer, ett område som är relativt outforskat i befintlig litteratur. Denna studie syftar till att ge insikter och praktiska rekommendationer för att utveckla robusta, skalbara infrastrukturer för cyberanläggningar på nationell nivå. Genom att undersöka olika ramverk bidrar denna forskning till den grundläggande kunskap som behövs för att förbättra nationella cybersäkerhetsförsvar. Sammanfattningsvis syftar resultaten från denna forskning till att förbättra IoT-säkerheten och vägleda utvecklingen av robusta nationella ramverk för cyberanläggningar. IoT Devices Penetration Testing Network Traffic Analysis Cyber Range Infrastructure Architecture National Development Security Vulnerabilities IoT-enheter Penetrationstestning Nätverkstrafikanalys Cyberanläggning Infrastruktur Arkitektur Nationell utveckling Säkerhetssårbarheter Computer Engineering Datorteknik
88	Safeguarding the functionality of Internet Of Medical Things-based Electronic Devices through a Security Algorithm Shaban, Ryustem, Husein, Ahmad January 2024 (has links) As the IoMT rapidly expands, severe security risks shadow its profound benefits inpatient monitoring and data management. These devices, integral to critical care like pace-maker shocks and insulin dosing, often sacrifice robust security for functionality due totheir limited capabilities. This critical vulnerability exposes them to exploits that couldhave fatal consequences. This thesis addresses these urgent security gaps by exploring in-novative protection strategies through systematic reviews and simulated penetration testingon a mimicked IoMT environment. Our findings expose pronounced deficiencies withinexisting security frameworks, focusing on Bluetooth LE and Wi-Fi threats, especially theinadequate mechanisms to secure Bluetooth LE connections, commonly used in IoMTdevices and DOS attacks targeted directly to the IoMT devices. In response, two novelsecurity algorithms were designed to enhance the resilience of IoMT systems against cy-ber threats. This algorithm integrates dynamic whitelisting and blacklisting, MAC addressverification, UDID verification, and NFC-based device authentication to curtail unautho-rized access and uphold data integrity. The adopted strategy not only addresses specificsecurity loopholes identified during penetration testing but also establishes a frameworkcapable of adapting to evolving threats. Through this research, we aim to contribute to theongoing discourse on IoMT security, underscoring the critical need for continuous adapta-tion of security measures to protect against emerging vulnerabilities in the rapidly evolvinglandscape of IoT devices. This work aspires to lay the groundwork for future research anddevelopment in IoMT security strategies, fostering a deeper understanding and implemen-tation of adequate security measures within medical technology. Internet of Things Internet of Medical Things IoMT Security framework Network layer attacks Penetration testing Vulnerability Algorithms Threat vectors Simulation mimicking Computer Sciences Datavetenskap (datalogi)
89	A Privacy-Preserving, Context-Aware, Insider Threat prevention and prediction model (PPCAITPP) Tekle, Solomon Mekonnen 07 1900 (has links) The insider threat problem is extremely challenging to address, as it is committed by insiders who are trusted and authorized to access the information resources of the organization. The problem is further complicated by the multifaceted nature of insiders, as human beings have various motivations and fluctuating behaviours. Additionally, typical monitoring systems may violate the privacy of insiders. Consequently, there is a need to consider a comprehensive approach to mitigate insider threats. This research presents a novel insider threat prevention and prediction model, combining several approaches, techniques and tools from the fields of computer science and criminology. The model is a Privacy- Preserving, Context-Aware, Insider Threat Prevention and Prediction model (PPCAITPP). The model is predicated on the Fraud Diamond (a theory from Criminology) which assumes there must be four elements present in order for a criminal to commit maleficence. The basic elements are pressure (i.e. motive), opportunity, ability (i.e. capability) and rationalization. According to the Fraud Diamond, malicious employees need to have a motive, opportunity and the capability to commit fraud. Additionally, criminals tend to rationalize their malicious actions in order for them to ease their cognitive dissonance towards maleficence. In order to mitigate the insider threat comprehensively, there is a need to consider all the elements of the Fraud Diamond because insider threat crime is also related to elements of the Fraud Diamond similar to crimes committed within the physical landscape. The model intends to act within context, which implies that when the model offers predictions about threats, it also reacts to prevent the threat from becoming a future threat instantaneously. To collect information about insiders for the purposes of prediction, there is a need to collect current information, as the motives and behaviours of humans are transient. Context-aware systems are used in the model to collect current information about insiders related to motive and ability as well as to determine whether insiders exploit any opportunity to commit a crime (i.e. entrapment). Furthermore, they are used to neutralize any rationalizations the insider may have via neutralization mitigation, thus preventing the insider from committing a future crime. However, the model collects private information and involves entrapment that will be deemed unethical. A model that does not preserve the privacy of insiders may cause them to feel they are not trusted, which in turn may affect their productivity in the workplace negatively. Hence, this thesis argues that an insider prediction model must be privacy-preserving in order to prevent further cybercrime. The model is not intended to be punitive but rather a strategy to prevent current insiders from being tempted to commit a crime in future. The model involves four major components: context awareness, opportunity facilitation, neutralization mitigation and privacy preservation. The model implements a context analyser to collect information related to an insider who may be motivated to commit a crime and his or her ability to implement an attack plan. The context analyser only collects meta-data such as search behaviour, file access, logins, use of keystrokes and linguistic features, excluding the content to preserve the privacy of insiders. The model also employs keystroke and linguistic features based on typing patterns to collect information about any change in an insider’s emotional and stress levels. This is indirectly related to the motivation to commit a cybercrime. Research demonstrates that most of the insiders who have committed a crime have experienced a negative emotion/pressure resulting from dissatisfaction with employment measures such as terminations, transfers without their consent or denial of a wage increase. However, there may also be personal problems such as a divorce. The typing pattern analyser and other resource usage behaviours aid in identifying an insider who may be motivated to commit a cybercrime based on his or her stress levels and emotions as well as the change in resource usage behaviour. The model does not identify the motive itself, but rather identifies those individuals who may be motivated to commit a crime by reviewing their computer-based actions. The model also assesses the capability of insiders to commit a planned attack based on their usage of computer applications and measuring their sophistication in terms of the range of knowledge, depth of knowledge and skill as well as assessing the number of systems errors and warnings generated while using the applications. The model will facilitate an opportunity to commit a crime by using honeypots to determine whether a motivated and capable insider will exploit any opportunity in the organization involving a criminal act. Based on the insider’s reaction to the opportunity presented via a honeypot, the model will deploy an implementation strategy based on neutralization mitigation. Neutralization mitigation is the process of nullifying the rationalizations that the insider may have had for committing the crime. All information about insiders will be anonymized to remove any identifiers for the purpose of preserving the privacy of insiders. The model also intends to identify any new behaviour that may result during the course of implementation. This research contributes to existing scientific knowledge in the insider threat domain and can be used as a point of departure for future researchers in the area. Organizations could use the model as a framework to design and develop a comprehensive security solution for insider threat problems. The model concept can also be integrated into existing information security systems that address the insider threat problem / Information Science / D. Phil. (Information Systems) Insider threat Fraud diamond Context-aware system Information security Privacy preservation 005.8 Computer networks -- Security measures Computer networks -- Access control Data protection Penetration testing (Computer security) Computer crimes Hackers Computer security
90	Deception strategies for web application security: application-layer approaches and a testing platform Izagirre, Mikel January 2017 (has links) The popularity of the internet has made the use of web applications ubiquitous and essential to the daily lives of people, businesses and governments. Web servers and web applications are commonly used to handle tasks and data that can be critical and highly valuable, making them a very attractive target for attackers and a vector for successful attacks that are aimed at the application layer. Existing misuse and anomaly-based detection and prevention techniques fail to cope with the volume and sophistication of new attacks that are continuously appearing, which suggests that there is a need to provide new additional layers of protection. This work aims to design a new layer of defense based on deception that is employed in the context of web application-layer traffic with the purpose of detecting and preventing attacks. The proposed design is composed of five deception strategies: Deceptive Comments, Deceptive Request Parameters, Deceptive Session Cookies, Deceptive Status Codes and Deceptive JavaScript. The strategies were implemented as a software artifact and their performance evaluated in a testing environment using a custom test script, the OWASP ZAP penetration testing tool and two vulnerable web applications. Deceptive Parameter strategy obtained the best security performance results, followed by Deceptive Comments and Deceptive Status Codes. Deceptive Cookies and Deceptive JavaScript got the poorest security performance results since OWASP ZAP was unable to detect and use deceptive elements generated by these strategies. Operational performance results showed that the deception artifact could successfully be implemented and integrated with existing web applications without changing their source code and adding a low operational overhead. deception computer deception cyberdeception intrusion detection intrusion deception security cybersecurity web web applications HTTP penetration testing security testing honeypots honeytokens decoy active defense attacks web vulnerability scanners OWASP ZAP BodgeIt WAVSEP Computer Systems Datorsystem

Search results