Security perception within and beyond the traditional approach

Malec, Mieczyslaw

06 1900

Approved for public release, distribution is unlimited / The term "security" has always been vague in terms of its definition. After the end of the Cold War, however, this vagueness increased as new paradigms emerged. Those studying security need a better understanding of the term "security" to deal with complex issues within the broadly understood discipline of security studies. This thesis describes the uncertain nature of security by analyzing: (1) various definitions of security and some of the terms directly related to it in different contexts; and (2) the empirical meaning of security by examining threats as indicators of "insecurity," based on the different characters of threats, and levels of analysis from the field of international relations. The thesis argues that regardless of the vague meaning of the term "security," empirically its parameters are quite certain and definable by the specification of threats as indicators of insecurity. This clarification of the meaning of security studies, in turn, makes it easier for scholars and policy-makers to deal with this increasingly important sphere of human life. / Captain, Polish Army

Security, International

Threats

Security

Threats

Definition

Content

Dimensions

Levels and sectors of security studies

Asymmetry

Covenants and swords : coercion in law

Miotto Lopes, Lucas

January 2018

This thesis is a study of the coerciveness of legal systems. I defend two main claims: that typical legal systems are much less coercive than most legal and political philosophers think, and that legal systems are not necessarily coercive. My defence is developed in three parts. The first is dedicated to building the necessary theoretical framework to defend the main claims of this thesis. This is where I offer a rigorous formulation of the questions that this thesis addresses and contextualise them within broader debates about the relationship between law and coercion. A substantial portion of the first part of the thesis is devoted to the development of two accounts: an account of coercion and an account of the conditions legal systems must satisfy in order to be coercive. The second part is where I advance two arguments for the claim that typical legal systems are much less coercive than it is usually thought. The first is an argument that establishes that our legal systems rarely issue conditional threats. Given that issuing conditional threats is a necessary condition for any legal system to be coercive - or so I claim in the first part of the thesis - the fact that our legal systems rarely do so undermines the view that our legal systems are pervasively coercive. The second argument is based on the reasons why citizens comply with legal mandates. I analyse the relevant empirical data and show that compliance is not frequently owed to the threat of unwelcome consequences. This should not have been the case had our legal systems been as coercive as philosophers generally think. The third part deals with the claim that legal systems are necessarily coercive. There I address some methodological concerns that this claim gives rise to and propose two arguments for viewing coerciveness as a contingent feature of our legal systems.

A multiple-perspective approach for insider-threat risk prediction in cyber-security

Elmrabit, Nebrase

January 2018

Currently governments and research communities are concentrating on insider threat matters more than ever, the main reason for this is that the effect of a malicious insider threat is greater than before. Moreover, leaks and the selling of the mass data have become easier, with the use of the dark web. Malicious insiders can leak confidential data while remaining anonymous. Our approach describes the information gained by looking into insider security threats from the multiple perspective concepts that is based on an integrated three-dimensional approach. The three dimensions are human issue, technology factor, and organisation aspect that forms one risk prediction solution. In the first part of this thesis, we give an overview of the various basic characteristics of insider cyber-security threats. We also consider current approaches and controls of mitigating the level of such threats by broadly classifying them in two categories: a) technical mitigation approaches, and b) non-technical mitigation approaches. We review case studies of insider crimes to understand how authorised users could harm their organisations by dividing these cases into seven groups based on insider threat categories as follows: a) insider IT sabotage, b) insider IT fraud, c) insider theft of intellectual property, d) insider social engineering, e) unintentional insider threat incident, f) insider in cloud computing, and g) insider national security. In the second part of this thesis, we present a novel approach to predict malicious insider threats before the breach takes place. A prediction model was first developed based on the outcomes of the research literature which highlighted main prediction factors with the insider indicator variables. Then Bayesian network statistical methods were used to implement and test the proposed model by using dummy data. A survey was conducted to collect real data from a single organisation. Then a risk level and prediction for each authorised user within the organisation were analysed and measured. Dynamic Bayesian network model was also proposed in this thesis to predict insider threats for a period of time, based on data collected and analysed on different time scales by adding time series factors to the previous model. Results of the verification test comparing the output of 61 cases from the education sector prediction model show a good consistence. The correlation was generally around R-squared =0.87 which indicates an acceptable fit in this area of research. From the result we expected that the approach will be a useful tool for security experts. It provides organisations with an insider threat risk assessment to each authorised user and also organisations can discover their weakness area that needs attention in dealing with insider threat. Moreover, we expect the model to be useful to the researcher's community as the basis for understanding and future research.

Cyber Attacks Detection and Mitigation in SDN Environments

January 2018

abstract: Cyber-systems and networks are the target of different types of cyber-threats and attacks, which are becoming more common, sophisticated, and damaging. Those attacks can vary in the way they are performed. However, there are similar strategies and tactics often used because they are time-proven to be effective. The motivations behind cyber-attacks play an important role in designating how attackers plan and proceed to achieve their goals. Generally, there are three categories of motivation are: political, economical, and socio-cultural motivations. These indicate that to defend against possible attacks in an enterprise environment, it is necessary to consider what makes such an enterprise environment a target. That said, we can understand what threats to consider and how to deploy the right defense system. In other words, detecting an attack depends on the defenders having a clear understanding of why they become targets and what possible attacks they should expect. For instance, attackers may preform Denial of Service (DoS), or even worse Distributed Denial of Service (DDoS), with intention to cause damage to targeted organizations and prevent legitimate users from accessing their services. However, in some cases, attackers are very skilled and try to hide in a system undetected for a long period of time with the incentive to steal and collect data rather than causing damages. Nowadays, not only the variety of attack types and the way they are launched are important. However, advancement in technology is another factor to consider. Over the last decades, we have experienced various new technologies. Obviously, in the beginning, new technologies will have their own limitations before they stand out. There are a number of related technical areas whose understanding is still less than satisfactory, and in which long-term research is needed. On the other hand, these new technologies can boost the advancement of deploying security solutions and countermeasures when they are carefully adapted. That said, Software Defined Networking i(SDN), its related security threats and solutions, and its adaption in enterprise environments bring us new chances to enhance our security solutions. To reach the optimal level of deploying SDN technology in enterprise environments, it is important to consider re-evaluating current deployed security solutions in traditional networks before deploying them to SDN-based infrastructures. Although DDoS attacks are a bit sinister, there are other types of cyber-threats that are very harmful, sophisticated, and intelligent. Thus, current security defense solutions to detect DDoS cannot detect them. These kinds of attacks are complex, persistent, and stealthy, also referred to Advanced Persistent Threats (APTs) which often leverage the bot control and remotely access valuable information. APT uses multiple stages to break into a network. APT is a sort of unseen, continuous and long-term penetrative network and attackers can bypass the existing security detection systems. It can modify and steal the sensitive data as well as specifically cause physical damage the target system. In this dissertation, two cyber-attack motivations are considered: sabotage, where the motive is the destruction; and information theft, where attackers aim to acquire invaluable information (customer info, business information, etc). I deal with two types of attacks (DDoS attacks and APT attacks) where DDoS attacks are classified under sabotage motivation category, and the APT attacks are classified under information theft motivation category. To detect and mitigate each of these attacks, I utilize the ease of programmability in SDN and its great platform for implementation, dynamic topology changes, decentralized network management, and ease of deploying security countermeasures. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2018

Computer science

Advanced Persistent Threats

Anomaly Detection

Cyber Attacks

Machine Learning

Software Defined Networking

Threats Detection

Våld och hot om våld inom socialt arbete : - en studie om fem socialarbetares upplevelser och förståelse av våld och hot om våld från brukare

Andersson, Frida Maria

January 2012

The aim of this study was to understand how social workers perceive and understand violence and threats of violence from clients, and how it effect their working environment. It seems that the respondents understand the violence and threats of violence from clients as a result of the clients background problems, vulnerability, dependency and from “the reason" that the client is currently in the contact with the organization. How respondents interpret the client´s behaviour based on the above-mentioned factors, seem to determine how the respondents perceive and define the violence and threats of violence by clients directed against them. Interestingly enough, although all respondents in the study experienced violence and threats of violence from clients, none of them perceived themselves as exposed at work. The answer to this is consensual. The respondents argue that they “knew what they got into" and thus violence and threats of violence from clients can be considered as part of the work, that the social workers must be aware of in order to work within the organization.   A further aim of this study was to examine how the social workers views the matter of who’s responsible for the threats and violent incidents and how to "best" encounter the violence and threats of violence within the organization. The respondents argue that it is when the social workers communicate in a wrong way, use their power or give "bad decisions" to the clients that most threats and violent incidents occur. The role that the respondents construct for themselves can be understood as they need to ,in their professional role "withstand a little bit" of violence and threats of violence from clients. The respondents then becomes mainly responsible for the threats and violent incidents, because they communicated in a wrong way, used the "unnecessary" exercise of power, or gave "bad decisions" to clients. The clients responsibility is then reduced due to the fact that the client merely reacts to how the respondent acted towards the client. The key element in the prevention of violence and threats of violence seems to be the way the respondents builds relations to the client. However, it also appears that the respondents expect a certain amount of violence and threats of violence from clients. Violence and threats of violence therefore run the risk of becoming something that the respondents get used to and sometimes expect, and something that they to some extent can protect themselves from, but never fully avoid or prevent.

violence

threats of violence

clients

social workers

working environment

responsibility

Impacte ambiental do desporto-estudo de caso : impacte ambiental de um evento de orientação - Portugal 'O meeting' 2001

Campos, Ana Paula da Silveira Serra

January 2001

No description available.

[Threats to the environment]

[Threats to the environment]

[The environment and its protection]

Quand les stéréotypes nous handicapent : étude de l'impact de l'intériorisation du stéréotype et de la conscience de la stigmatisation en fonction de la source de la menace / Detrimental effects of stereotypes : function of stereotype endorsement and stigma consciousness in the context of different sources of the threat

Anegmar, Souad

11 December 2015

L’objectif général de cette thèse est de contribuer à la compréhension des phénomènes de menaces du stéréotype. Ce travail de thèse tente d’analyser les rôles de l’adhésion au stéréotype, de l’intériorisation du stéréotype et de la conscience de la stigmatisation dans les situations de menaces du stéréotype en fonction de leurs sources. Nous souhaitons montrer que l’impact de ces trois variables sur les perceptions de menaces et sur les performances est fonction de la source de la menace du stéréotype. Pour ce faire, nous avons conduit une série de six études expérimentales.A partir d’une approche multi-menaces, nous proposons dans un premier temps que l’adhésion au stéréotype et l’intériorisation du stéréotype interviennent exclusivement dans les menaces provenant de l’individu. Deux études expérimentales permettent de valider cette idée. Nous examinons dans un second temps le rôle de la conscience de la stigmatisation. Nous postulons que cette variable intervient exclusivement dans les menaces provenant des autres. Quatre études expérimentales permettent de valider en partie cette hypothèse.Cette thèse contribue à la compréhension des rôles de variables modératrices de la menace du stéréotype par l’approche multi-menaces. / The main goal of this doctoral dissertation was to contribute to the understanding of the stereotype threat phenomenon. We analyzed the function of stereotype endorsement, stereotype internalization, and stigma consciousness in the context of different sources of the threat.Our aim was to test whether the impact of those three variables on the threat perception and participants’ performance is affected by the source of the threat.We run six experimental studies using multi-threat approach. First, we hypothesized that the stereotype endorsement and stereotype internalization are involved only in the context of self-as-source stereotype threats. The results of two experimental studies seem to confirm this prediction. Second, we hypothesized that stigma consciousness is involved only in the other-as-source stereotype threats context. Four experimental studies only partially confirmed this postulate.The studies reported in this doctoral dissertation enable to better understand the moderators variables involved in the stereotype threat phenomenon while using multi-threat approach.

Menaces du stéréotype

Modérateurs

Sources des menaces

Éducation

Stereotype threats

Moderators

Sources of threats

Education

Behandlingspersonalens upplevelser kring hot och våld på ett LVM-hem i Sverige / Treatment staff experiences of threats and violence at an LVM-care home in Sweden

Polansky, Mattias, Holmgren, Jenny

January 2016

Violence in the workplace is a serious and growing problem both in Sweden and internationally (Menckel & Viitasara, 2002). Especially in the caring professions where users or clients is in a dependent position, and deprived of their liberty in some way, threats and violence proved to be particularly prevalent (Hallberg, 2011). In Sweden, according to Menckel & Viitasara (2002), six in ten reports regarding threats and violence in the workplace come from people working in the care sector, but despite extensive searches in the area it seems to be difficult to find specific studies on precisely how threats and violence affect staff within the LVM- care (compulsory treatment for addicts). The purpose of this study is to increase knowledge and understanding of what the work situation might look like for people who work with people sentenced to LVM-compulsory treatment and their perceptions of how threats, harassment and violence in the workplace affect them. This by answering the following questions: How can the treatment staff experience threats and violence in the workplace, How can the treatment staff experience regulations and guidelines regarding threats and violence at the workplace and What strategies are taken at the workplace for the purpose of securing the safety and health of the staff?   The study is based on semi-structured interviews, based on 31 predefined questions, with five employees who work in a business where they care for both women and men, sentenced to compulsory care under the law of LVM.   The results show that the majority of the participants have been exposed to threats or veiled threats and some form of violence in their work place, either personally or by watching a co-worker be exposed, which the participants also experience as stressful and a cause for worry and alertness. The respondents states that they feel they have adequate control over their worksituation but that they often are understaffed or overcrowded. They handle aggressive behavior by keeping a closely knitted workteam through careful communication between colleagues and by support from co-workers and leadership.

Threats and violence

Compulsory care

Aggressive behaviour

LVM

hot och våld

Behandlingspersonal

Anstaltspersonals erfarenheter och påverkan av hot och våld på arbetet : en kvalitativ studie

Elmquist, Sofia, Åhman, Jeanette

January 2006

<p>The aim of this paper was to describe the phenomenon of threats and violence within a Swedish penal institution. The study was thematized according to the three main research questions. These were as follows; The threats and violence prison staff have experienced in their workplace (I) how these experiences affected them in their work performances (II) and in their private life (III). By a qualitative design, in-depth interviews were carried out with four persons who are, or formerly have been, gainfully employed at a penal institution. Concepts from the theory of symbolic interactionism and a theory of human action have been used in the analysing process of this paper. The study showed that all respondents had experiences of threats and/or violence as well as been witnessing the phenomenon. This also showed to be something that had been affecting them in their work e.g. by changes of departments, sick leaves and a different treatment of offenders through avoiding certain inmates and situations. The respondents exposure of threats and violence was related to understaffing and management structure. The study further showed that the respondents were affected in their private life in terms of a changed outlook on people, mood changes and also through a blunting concerning fear.</p>

Prison staff

Threats

Violence

Treatment of offenders

Social work

Socialt arbete

Bacterial community composition, TCE degradation, isotopic fractionation and toxicity of a TCE contaminated aquifer

Brown, Jillian

January 2009

This study is an investigation into the biodegradation potential of a TCE contaminated aquifer located at the Atomic Weapons Establishment in the UK, and the remediation prospects by employing biological and biotechnological processes such as bacterial community structure and diversity assessment, toxicity and isotopic fractionation.  Quarterly monitoring of boreholes from the former military site suggested that the plume is predominantly aerobic and therefore reliance cannot be placed only on natural attenuation.  In addition the contaminated plume contains a variety of volatile organic chemicals, petroleum, diesel and metals, which introduces potential co-metabolites as well as additional toxicity.  Assessment of the natural bacterial community of the site revealed sufficient bacterial counts to support intrinsic bioremediation and the presence of multiple additional contaminants.  Variable toxicity responses not solely explainable by TCE were observed with a broad functional bacterial diversity, which could be bio-stimulated (with substrates such as the terpenes carvone, pulegone and linalool as well as the aromatic compound cumene) or bio-augmented (with <i>Dehalosporillium multivorans</i>) to increase rates of TCE degradation.  Other additional agents such as iron filings were able to stimulate rapid rates of TCE degradation.  There is also evidence of potential TCE degraders within the more heavily contaminated boreholes (the finding of <i>Pseudomonas putida</i>).  Lastly isotopic fractionation suggests that degradation of TCE is occurring on site.

577.27