NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 43
  • 21
  • 6
  • 4
  • 3
  • 3
  • 1
  • 1
  • Tagged with
  • 95
  • 95
  • 42
  • 35
  • 33
  • 31
  • 19
  • 18
  • 14
  • 12
  • 10
  • 10
  • 9
  • 8
  • 8
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 11 to 20 of 95 (0.083 seconds)

Spelling suggestions: "subject:"anda social engineering"" "subject:"ando social engineering""

11

Malicious URL Detection in Social Network

Su, Qun-kai 15 August 2011 (has links)
Social network web sites become very popular nowadays. Users can establish connections with other users forming a social network, and quickly share information, photographs, and videos with friends. Malwares called social network worms can send text messages with malicious URLs by employing social engineering techniques. They are trying let users click malicious URL and infect users. Also, it can quickly attack others by infected user accounts in social network. By curiosity, most users click it without validation. This thesis proposes a malicious URL detection method used in Facebook wall, which used heuristic features with high classification property and machine learning algorithm, to predict the safety of URL messages. Experiments show that, the proposed approach can achieve about 96.3% of True Positive Rate, 95.4% of True Negative Rate, and 95.7% of Accuracy.
Malware
Machine learning
Malicious URL
Social network
Social Engineering
12

Social Engineering der Mensch als Sicherheitsrisiko in der IT

Lipski, Marcus January 2009 (has links)
Zugl.: Darmstadt, Private FernFachhochsch., Diplomarbeit, 2009
13

Engineering Ireland : the material constitution of the technoscientific state /

Carroll, Patrick Eamonn, January 1999 (has links)
Thesis (Ph. D.)--University of California, San Diego, 1998. / Vita. Includes bibliographical references (leaves 423-463).
14

Effizienter Schutz der IT-Sicherheit auf der Feldebene von Automatisierungssystemen

Gutbrodt, Felix January 2010 (has links)
Zugl.: Stuttgart, Univ., Diss., 2010
15

Phishing attacks targeting hospitals : A study over phishing knowledge at Blekingesjukhuset

Nordgren, Daniella January 2018 (has links)
Context. Phishing emails is a type of computer attack targeting users and tries to trick them into giving out personal information, follow shady links or download malicious attachments. Phishing is often closely linked to ransomware, which is a type of attack that locks a users computer and asks for a ransom in order to give access back. Ransomware viruses often contaminate a computer through a phishing email. Hospitals are a growing target for these types of attacks because of their need of being able to access their system at all times. Objectives. This study intends to research the phishing knowledge among employees at Blekingesjukhuset and whether Blekingesjukhuset is at a risk of falling victim to a ransomware attack through a phishing email opened by an employee. Methods. This is researched by reading relevant literature and a survey sent out to employees at Blekingesjukhuset regarding their phishing knowledge. Results. The results show that the participants of the survey where overall unsure on how to detect phishing emails and thought that knowledge about the subject is necessary. Conclusions. The conclusion was made that the employees did not know what to look for in order to determine whether an email is a phishing email or not. Based on this information the conclusion can be made that it does exist a risk of Blekingesjukhuset falling victim to a ransomware attack through a phishing email unintentionally opened by an employee.
Phishing
Ransomware
Social engineering
Hospital
Computer Sciences
Datavetenskap (datalogi)
16

ENVIRONMENTAL FACTORS AFFECT SOCIAL ENGINEERING ATTACKS

Minglu Li (10994988) 23 July 2021 (has links)
<div> <div> <div> <div> <p>Social engineering attacks can have serious consequences when it comes to information security. A social engineering attack aims at sensitive personal information by using personality weaknesses and using manipulation techniques. Because the user is often seen as the weakest link, techniques like phishing, baiting, and vishing, and deception are used to glean important personal information successfully. This article will analyze the relationship between the environment and social engineering attacks. This data consists of 516 people taking a survey. When it comes to discovering the relationship, there are two parts of the analysis. One is a high-dimensional analysis using multiple algorithms to find a connection between the environment and people’s behavior. The other uses a text analysis algorithm to study the pattern of survey questions, which can help discover why certain people have the same tendency in the same scenario. After combining these two, we might show how people have different reactions when dealing with social engineering attacks due to environmental factors. </p> </div> </div> </div> </div>
social engineering
17

COMPARING SOCIAL ENGINEERING TRAINING IN THE CONTEXT OF HEALTHCARE

Giovanni Ordonez (12481197) 03 May 2022 (has links)
<p>Social Engineering attacks have been a rising issue in recent years, affecting a multitude of industries. One industry that has been of great interest to hackers is the Healthcare industry due to the high value of patient information. Social Engineering attacks are mainly common because of the ease of execution and the high probability of victimization. A popular way of combatting Social  Engineering attacks is by increasing the user’s ability to detect indicators of attack, which requires a level of cybersecurity education. While the number of cybersecurity training programs is increasing, Social Engineering attacks are still very successful. Therefore, education programs  need to be improved to effectively increase the ability of users to notice indicators of attack. This research aimed to answer the question - what teaching method results in the greatest learning gains  for understanding Social Engineering concepts? This was done by investigating text-based,  gamification, and adversarial thinking teaching methods. These three teaching methods were used  to deliver lessons on an online platform to a sample of Purdue students. After conducting analysis,  both text-based and adversarial thinking showed significant improvement in the understanding of  Social Engineering concepts within the student sample. After conducting a follow-up test, a single  teaching method was not found to be better among the three teaching methods. However, this study  did find two teaching methods that can be used to develop training programs to help decrease the  total number of successful Social Engineering attacks across industries. </p>
Computer System Security
Social Engineering
Teaching Methods
Healthcare Security
18

Hack the Human : A qualitative research study exploring the human factor and social engineering awareness in cybersecurity and risk management among Swedish organizations.

Andersson, Isak, Bjursell, Liza, Palm, Isak January 2023 (has links)
Background: With the rapid advancements in technology, cybersecurity has become a topic of great importance. However, the weakest link in cybersecurity programs is mainly due to human error. Proper cyber-behavior training and up-to-date information are crucial for employees to defend against cybercrimes, as criminals continue to exploit human vulnerabilities. Cybersecurity has become a critical aspect of today's digital world, necessitating comprehensive policies and practices that align with an organization's overall risk management strategy. Social engineering, a tactic employed by cybercriminals, exploits human weaknesses and biases, making prevention and detection more challenging. There are limited understanding of how human behavior affects leaders in engaging with social engineering practices, as well as a lack of consensus on implementing policies related to social engineering. Purpose: Considering the limited understanding of human behavior in cybersecurity, the purpose of this thesis is to investigate and analyze how different Swedish organizations perceive, enact, and are influenced by the awareness of social engineering in cybersecurity and risk management. Method: This is a qualitative thesis that has followed a case study research design and a positivism research philosophy, the approach has been inductive, and data has been collected through semi-structured interviews. Conclusion: Cybersecurity is an ongoing arms race with no foreseeable end in sight, as strategies and methods of attack are constantly evolving. With the data gathered, we discovered that there is a lack of awareness of how the threats can be approached and how to manage them, as well as different strategies that different organizations had employed to tighten the margin of error. The findings suggest a need for increased awareness and education to improve cybersecurity in Swedish organizations. We became aware that organizations exhibit a greater level of naivety than previously assumed, accompanied by the presence of optimism bias. Considering these findings, we strongly advise raising awareness through comprehensive employee education and adopting the Principle of Least Privilege (POLP) to enhance security measures and the awareness that is necessary. To adopt a more holistic perspective, we have derived a modified version of the risk appetite framework that can effectively facilitate the implementation of these recommendations.
Cybersecurity
risk management
social engineering
risk appetite
Business Administration
Företagsekonomi
19

„Das perfekte Opfer“ – eine Analyse sicherheitsbezogener Einstellungen und Verhaltensweisen im Internet in Abhängigkeit der Nutzerpersönlichkeit

Staar, Henning, Wilms, Rafael, Hinrichs, Judith 30 April 2019 (has links)
Jüngere theoretische Beiträge und empirische Studien zur Informations- und Datensicherheit widmen sich diesem Themenbereich des Social Engineering verstärkt interdisziplinär und rücken dabei neben täterbezogenen Analysen (z.B. Watson, Holz & Mueller, 2008) vor allem gruppen- bzw. kulturbezogenen Aspekte (Flores, Holm, Nohlberg & Ekstedt, 2014; Tembe et al., 2014) als auch individuelle Charakteristika wie Persönlichkeitsmerkmale der (potentiellen) Opfer in den Fokus (z.B. Uebelacker & Quiel, 2014; Pattinson, Jerram, Parsons, McCormac & Butavicius, 2012;Vishwanath, Herath, Chen, Wang & Raghav Rao, 2011). Trotz der gegenwärtigen intensiven Beschäftigung mit dem Thema fehlen jedoch weiterhin eindeutige bedingungs- und personenbezogene Handlungsimplikationen zum Umgang mit den genannten Formen des Datendiebstahls (Gupta, Tewari, Jain & Agrawal, 2017). Ein möglicher Grund mag in der vergleichsweise häufigen Reduktion individueller Charakteristika auf die zentralen Persönlichkeitsmerkmale („Big 5“; Rammstedt, Kemper, Klein, Beierlein & Kovalena, 2012) liegen. Zugrundeliegende Motive oder Werte von Personen werden hingegen bislang unzureichend betrachtet (Fazio, Blascovich & Driscoll, 1992). Darüber hinaus beziehen bislang nur wenige Studien sowohl umfassende psychologische Befragungsinventare zu sicherheitsbezogenen Einstellungen, Verhaltensweisen und individuellen Personenmerkmalen als auch die Beurteilung von E-Mails oder Websites hinsichtlich der Vertrauenswürdigkeit und Handlungsbereitschaft in ihre Analysen ein. Der vorliegende Beitrag verfolgt mit einem entsprechenden Studiendesign das Ziel, diese Lücke weiter zu schließen und Erkenntnisse zu personenbezogenen Einflüssen auf die Informations- und Datensicherheit zu generieren. [Aus der Einleitung.]
info:eu-repo/classification/ddc/330
ddc:330
20

Vishing: ett ökande hot : Hur Sveriges regioner bemöter vishing inom hälso- och sjukvården / Vishing: an increasing threat : Swedish regions response to vishing in the health care system

Andersson, Tim, Nilsson, Emil January 2022 (has links)
Vishing är en phishing-variation som inte är dokumenterad och studerat som den mer traditionella mejl-phishing. Variationen har växt de senaste åren, speciellt under pandemin. Samtidigt har ökade attacker mot hälso- och sjukvården observerats i och med en belastning mot sektorn. I detta grundas studiens syfte att bidra till området genom att karaktärisera vishing-hotet i hälso- och sjukvårds sektorn samt identifiera åtgärder som kan implementeras för att bemöta hotet.Sju av Sveriges 21 regioner deltog i studien och dem semistrukturerade intervjuerna som var datainsamlingsmetoden. Empirin analyserades med ”grounded theory” för att induktivt kategorisera data för att sedan identifiera teman.Resultatet visade mejl-phishing i dagsläget är ett vanligare problem i dem regioner som deltog, däremot var det två regioner som hade utsatts för vishing-attacker. Åtgärder som regioner tagit var utbildningar och andra administrativa åtgärder för att öka medvetenheten. Tekniska åtgärder användes men inget för att specifikt skydda personal mot vishing-attacker.Studiens slutsats landar i att hotet i dagsläget bäst bemöts med medvetehetshöjande åtgärder och tekniska skydd för att proaktivt öka säkerheten mot lyckade anfall. Karaktären av vishing inom hälso- och sjukvården var försök att få tag i narkotikaklassade preparat.Studien har begränsats till Sveriges regioners arbete för att bemöta vishing inom hälso- och sjukvården. / Vishing is a phishing variation that is not as well documented and studied as the more traditional email phishing. Vishing attacks have increased in recent years, especially with the COVID-19 pandemic. At the same time, increased attacks on healthcare have been observed as it has been strained. This is the basis of the study's purpose to contribute to the area by characterizing the vishing threat in the healthcare sector and identifying measures that can be implemented to respond to the threat.7 of Sweden's 21 regions participated in the study and the semi-structured interviews that were the data collection method. The empirics were analyzed with "grounded theory" to inductively categorize data and then to identify themes.The results showed that e-mail phishing is currently a more common problem in the regions that participated, however, there were two regions that had been exposed to vishing attacks. Measures taken by regions were education and other administrative measures to raise awareness. Technical measures were used but nothing to specifically protect personnel from vishing attacks.The study concludes that the threat is currently best addressed with awareness-raising measures and technical protection to proactively increase security against successful attacks. The nature of vishing in healthcare was attempts to obtain drugs.The study has been limited to Sweden’s regions’ efforts to address vishing in the healthcare sector.
Information security
phishing
vishing
social engineering
healthcare
Informationssäkerhet
phishing
vishing
social engineering
hälso- och sjukvården
Information Systems

Page generated in 0.0915 seconds