Progress towards the development and implementation of an unambiguous copper wire fingerprinting system

Poole, Martin

January 2003

The Telecommunications industry in Southern Africa is faced with the problem of theft of the signal carrying copper wire, both from the ground and from telephone poles. In many cases, if the offenders are caught, the prosecuting party has no way of proving that the wire is the property of any one Telecommunication company, as any inked markings on the insulating sheaths have been burned off along with the insulation and protective coatings themselves. Through this work we * describe the problem, * specify the necessary and preferred technical properties of a viable solution, * report the preliminary investigations into the devising of an unambiguous "fingerprinting" of the 0.5 mm wires, including some of those solutions that, upon investigation, appear non-viable, * describe the development and implementation of an electrochemical marker with detection mechanism which has shown in proof-of-principle to work, * outline the road-map of necessary future work.

Electroplating

Copper

Telecommunication

Theft -- Prevention

Towards a framework for securing a business against electronic identity theft

Bechan, Upasna

30 November 2008

The continuing financial losses incurred by individuals and companies due to identity information being phished are necessitating more innovative approaches to solving the problem of phishing attacks at the company level. Security standards are developed by respected experts in the profession and are widely accepted in the industry. The purpose of this study was to investigate whether a standard can be adapted to develop a framework that may guide companies in determining how to protect themselves against phishing attacks. A qualitative approach using design research as the methodology was used during the research. The data collection took place by means of a literature survey and semi-structured interviews. The artefact developed was a phishing-prevention framework based on the ISO/IEC 17799 standard, and the evaluation thereof took place through test cases. The findings communicated to the managerial audience was a set of recommendations as a further investment in their security protection against phishing attacks; the findings communicated to the technical audience was the successful adaptation of an existing security standard to produce a usable framework. Further research initiatives should extend the types of test cases that the phishing-prevention framework was evaluated against, and explore the use of tools for determining compliance with the framework. / Theoretical Computing / M. Sc. (Information Systems)

Phishing

Identity theft

Standards

Qualitative

Design science

ISO/IEC 17799

Interviews

Framework

Security

005.8

Phishing

Identity theft

Identity theft -- Prevention

Identity theft -- Prevention

Computer -- Access control

Towards a framework for securing a business against electronic identity theft

Bechan, Upasna

30 November 2008

The continuing financial losses incurred by individuals and companies due to identity information being phished are necessitating more innovative approaches to solving the problem of phishing attacks at the company level. Security standards are developed by respected experts in the profession and are widely accepted in the industry. The purpose of this study was to investigate whether a standard can be adapted to develop a framework that may guide companies in determining how to protect themselves against phishing attacks. A qualitative approach using design research as the methodology was used during the research. The data collection took place by means of a literature survey and semi-structured interviews. The artefact developed was a phishing-prevention framework based on the ISO/IEC 17799 standard, and the evaluation thereof took place through test cases. The findings communicated to the managerial audience was a set of recommendations as a further investment in their security protection against phishing attacks; the findings communicated to the technical audience was the successful adaptation of an existing security standard to produce a usable framework. Further research initiatives should extend the types of test cases that the phishing-prevention framework was evaluated against, and explore the use of tools for determining compliance with the framework. / Theoretical Computing / M. Sc. (Information Systems)

Phishing

Identity theft

Standards

Qualitative

Design science

ISO/IEC 17799

Interviews

Framework

Security

005.8

Phishing

Identity theft

Identity theft -- Prevention

Identity theft -- Prevention

Computer -- Access control

Phishing within e-commerce: reducing the risk, increasing the trust

Megaw, Gregory M

January 2010

E-Commerce has been plagued with problems since its inception and this study examines one of these problems: The lack of user trust in E-Commerce created by the risk of phishing. Phishing has grown exponentially together with the expansion of the Internet. This growth and the advancement of technology has not only benefited honest Internet users, but has enabled criminals to increase their effectiveness which has caused considerable damage to this budding area of commerce. Moreover, it has negatively impacted both the user and online business in breaking down the trust relationship between them. In an attempt to explore this problem, the following was considered: First, E-Commerce’s vulnerability to phishing attacks. By referring to the Common Criteria Security Model, various critical security areas within E-Commerce are identified, as well as the areas of vulnerability and weakness. Second, the methods and techniques used in phishing, such as phishing e-mails, websites and addresses, distributed attacks and redirected attacks, as well as the data that phishers seek to obtain, are examined. Furthermore, the way to reduce the risk of phishing and in turn increase the trust between users and websites is identified. Here the importance of Trust and the Uncertainty Reduction Theory plus the fine balance between trust and control is explored. Finally, the study presents Critical Success Factors that aid in phishing prevention and control, these being: User Authentication, Website Authentication, E-mail Authentication, Data Cryptography, Communication, and Active Risk Mitigation.

Phishing

Identity theft -- Prevention

Electronic commerce

Computer security

Internet -- Safety measures

Utveckling av skyltsystem : Framtagning av ett stöldförebyggande tillfälligt trafikskyltsystem / Development of sign system : A solution for preventing theft of temporary traffic sign systems

Jonsson, Seth, Danielsson, Ellen

January 2022

I detta arbete utvecklas ett nytt stöldförebyggande skyltsystem för tillfälliga trafikskyltar. Fästet hos det utvecklade skyltsystemet bidrar till att stöld och vandalisering av skyltarna försvåras genom att vara låsande. Viktig trafikinformation kan därför bevaras i trafiken. Det nya skyltsystemet möjliggör montering av flera skyltar på båda sidor av stolpen med steglös höjdjustering.  Skyltsystemet som utvecklats har många av det befintliga systemets fördelar. Det har även fördelar som det befintliga systemet saknar och stor utvecklingspotential. I arbetet utförs även simulationer, beräkningar, hållfasthetstester och användartester för att säkerställa att systemet är säkert att använda i trafiken. / In this project, a new anti-theft sign system is being developed for temporary traffic signs. The connection between the sign and pole of the developed sign system contributes to the theft and vandalism of the signs being made more difficult by being self-locking. Important traffic information can therefore remain in traffic. The new sign system enables mounting of several signs on both sides of the post with stepless height adjustment. The sign system that has been developed has many of the existing systems advantages. It also has advantages that the existing system lacks and great development potential. The project also contains simulations, calculations, strength tests and user tests to ensure that the system is safe to use in traffic.

Traffic sign

theft prevention

traffic

security

road

product development

Trafikskylt

stöldskydd

trafik

säkerhet

väg

produktutveckling

Applied Mechanics

Teknisk mekanik

New method for learning decision trees from rules and its illustration for online identity application fraud detection

Abdelhalim, Amany

10 November 2010

A decision tree is a graph or model for representing all the alternatives in a decision making process. Most of the methods that generate decision trees for a specific problem use examples of data instances in the decision tree generation process. We propose a new method called "RBDT-1"- rule based decision tree -for learning a decision tree from a set of decision rules that cover the data instances. RBDT-l method uses a set of declarative rules as an input for generating a decision tree. The method's goal is to create on-demand a short and accurate decision tree from a stable or dynamically changing set of rules. The rules used by RBDT-1 could be generated either by an expert or induced directly from a rule induction method or indirectly by extracting them from a decision tree. We conduct a comparative study of RBDT-1 with four existing decision tree methods based on different problems. The outcome of the study shows that in terms of tree complexity (number of nodes and leaves in the decision tree) RBDT-1 compares favorably to AQDT-1 and AQDT-2 which are methods that create decision trees from rules. RBDT-1 compares favorably also to ID3 while is as effective as C4.5 where both (ID3 and C4.5) are famous methods that generate decision trees from data examples. Experiments show that the classification accuracies of the different decision trees produced by the different methods under comparison are equal. To illustrate how RBDT-1 can successfully be applied to an existing real life problem that could benefit from the method, we choose identity application fraud detection. We designed a new unsupervised framework to detect fraudulent applications for identity certificates by extracting identity patterns from the web, and crossing these patterns with information contained in the application forms in order to detect inconsistencies or anomalies. The outcome of this process is submitted to a decision tree classifier generated using RBDT-1 on the fly from a rule base which is derived from heuristics and expert knowledge, and updated as more information are obtained on fraudulent behavior. We evaluate the proposed framework by collecting real identity information online and generating synthetic fraud cases, achieving encouraging performance results.

identity theft prevention

computer crimes prevention

machine learning

A pro-active approach to curb asset theft at a South African mine

Horn, Riana Elizabeth

06 1900

The South African mining industry has not been shielded from the criminal threat the country faces. In this case study, the nature and extent of asset theft at one of the largest mining companies in South Africa is analysed. The crime prevention strategy adopted by the mine to curb asset theft was studied over a period of five years. This involved a survey of the views of the security managers on the effectiveness of the strategy implemented by the mine. Against the background of the South African Government’s broad description of the crime prevention approach adopted by the country, the researcher explored whether it would be practicable to implement an integrated crime prevention strategy – encompassing situational, social and law enforcement crime prevention approaches on primary, secondary and tertiary level – at the participating mine in order to curb asset theft. / Police Practice / M. Tech. (Policing)

South African mine

Situational crime prevention

Community policing

Crime displacement

Crime diffusion

364.4

Employee theft -- Prevention

Criminal law -- South Africa

Community policing -- South Africa