- About
-
The Global ETD Search service is a free service for researchers
to find electronic theses and dissertations. This service is
provided by the
Networked Digital Library of Theses and Dissertations.
Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
Search results
Showing 41 to 50 of 94 (0.107 seconds)Spelling suggestions: "subject:"anda social engineering"" "subject:"ando social engineering""
| 41 |
The Community Defense Approach: A Human Approach to Cybersecurity for Industrial and Manufacturing SystemsStewart, Alexander 21 October 2019 (has links)
No description available.
|
| 42 |
Phishing : A qualitative study of users' e-mail classification process, and how it is influenced by the subjective knowledgePuke Andersson, Hanna, Stenberg, Sofie January 2022 (has links)
Background. E-mail phishing is a type of social engineering where the threat actor sends e-mails with the intention to, for example, gain sensitive information or gain access to sensitive assets. Anyone can be a target of a phishing attempt, and any user that uses a digital environment should be aware of which factors to be attentive to in an e-mail. Objectives. This thesis intends to study the practical ability to identify phishing e-mails among users and what factors they are looking for when performing the classification. The intention is also to investigate if subjective knowledge impacts practical ability. Methods. A user study was conducted where the participants were to classify e-mails from an inbox as either phishing or legitimate. During the observation, the participants thought-out-loud for the authors of this thesis to hear their approach and which factors they noticed. A questionnaire also was conducted to capture the participants' knowledge, previous experience, and confidence in their classifications. Results. The results show that the majority of the participants did not know what factors to look after, nor how to inspect them, to make a justified classification of an e-mail. Most participants made the classifications based on their gut feelings. Those participants who had any theoretical knowledge showed more confidence and identified more phishing attempts. Conclusions. This thesis concluded that the participants lacked the required knowledge to identify phishing attempts. Further, it concludes that subjective knowledge leads to high confidence, which helps users make the correct classification. Therefore, this topic needs to be further enlightened to bring more awareness, and education needs to be conducted.
|
| 43 |
Nätfiske – Ett säkerhetshot mot äldre i SverigeBodair, Karim, Fagerström, Felicia January 2021 (has links)
Nätfiske har blivit ett allt vanligare tillvägagångssätt för bedragare som vill komma åt individers känsliga information. Särskilt nätfiske riktat mot äldre individer har ökat på senare tid och klassificeras som ett av de vanligaste brotten. Problemet i denna studie belyses utifrån ett användarperspektiv, där äldres medvetenhet gällande nätfiske kommer att centreras. För att uppfylla detta har följande frågeställning konstruerats, ”Vilken medvetenhet har personer som är 60 år och äldre i Sverige gällande nätfiske?”. För att samla in empiri till denna studie valdes surveyundersökning som forskningsstrategi. Datainsamlingsmetoden består av en enkät som skickades ut till äldre individer via olika internetforum. Den insamlade datan har analyserats med hjälp av chi-2 fördelning och Pearsons korrelationskoefficient. Resultatet påvisade att majoriteten av respondenterna inte ansåg sig vara medvetna om nätfiske. Det påvisades inga skillnader mellan kön men det framkom ett statistiskt samband mellan respondenternas noggrannhet att undersöka webbsidor och deras förmåga att identifiera ett förfalskat e-postmeddelande. / Phishing has become an increasingly common approach for fraudsters who want to access individual's sensitive information. Especially phishing aimed at older people has increased in recent times and is classified as one of the most common crimes. The problem in this study illustrates from a user perspective, where the elderly's awareness of phishing will be centered. To fulfill this study the following framing of question have been constructed, “which awareness do people who are 60 years and older have in Sweden regarding phishing?”. To gather empirical data for this study, survey research was chosen as the research strategy. The data collection method consists of a survey that was sent out to older individuals through various internet forums. The collected data were analyzed using chi-2 distribution and Pearson's correlation coefficient. The results showed that the majority of the respondents did not consider themselves aware of phishing. No gender differences were detected, but a statistical relationship was found between respondents' accuracy in examining web pages and their ability to identify a forged e-mail message.
|
| 44 |
A preliminary radicalisation framework based on social engineering techniquesSabouni, S., Cullen, Andrea J., Armitage, Lorna 20 June 2017 (has links)
Yes / The use of online forums and social media sites by extremists for recruiting and radicalising individuals has been covered extensively by researchers. Meanwhile, the social engineering techniques utilised by these extremists to lure marginalised individuals into radicalisation has been neglected. In this article, the social engineering aspects of online radicalisation will be explored.
Specifically, the five Principles of Persuasion in Social Engineering (PPSE) will be mapped onto the online radicalisation methods employed by extremists online. Analysing these tactics will aid in gaining a deeper understanding of the process of indoctrination and of the psychology of both the attacker and the target of such attacks. This understanding has enabled the development of a preliminary radicalisation framework based on the social traits of a target that may be exploited during an attack.
|
| 45 |
The contradictions of empowerment promotion through social engineering. Mozambique’s Peace and the ‘7 million’ InitiativeMaschietto, Roberta Holanda January 2015 (has links)
The concept of ‘empowerment’ has been widely used among development practitioners since the early 1990s. This thesis aims to contribute to the literature on empowerment by developing an analytical framework that incorporates: (a) the dialectical nature of power, (b) multiple levels of analysis, and (c) the subjectivities of power that different actors have and that affect the way they respond to policies. The model is applied to the analysis of Mozambique’s transition to peace and the study of a national initiative called District Development Fund, known as the ‘7 Million’, which aims to promote empowerment by reducing poverty and promoting local participation in the rural districts.
The analysis focuses, on the one hand, on the ‘7 million’ policy formulation, stressing the power struggles that shaped its final outcome and, on the other hand, the policy implementation in the district of Angoche, where I conducted extensive fieldwork. I argue that, even though the ‘7 million’ had some positive aspects – including providing a discourse that underlines the relevance of the districts and the local community in matters of governance – its effects in promoting local empowerment have been far below its potential. One of the reasons for this is to be found in the dynamics of power-to and power-over that take place at the local level and that partly reflect structural aspects linked to the Mozambique state formation and peacebuilding process. More generally, the case illustrates the limitations and contradictions of policies that aim promoting ‘bottom-up’ empowerment from the ‘top-down’.
|
| 46 |
An Integrated Intelligent Approach to Enhance the Security Control of IT Systems. A Proactive Approach to Security Control Using Artificial Fuzzy Logic to Strengthen the Authentication Process and Reduce the Risk of PhishingSalem, Omran S.A. January 2012 (has links)
Hacking information systems is continuously on the increase. Social engineering
attacks is performed by manipulating the weakest link in the security chain; people.
Consequently, this type of attack has gained a higher rate of success than a technical
attack.
Based in Expert Systems, this study proposes a proactive and integrated
Intelligent Social Engineering Security Model to mitigate the human risk and reduce the
impact of social engineering attacks.
Many computer users do not have enough security knowledge to be able to
select a strong password for their authentication. The author has attempted to implement
a novel quantitative approach to achieve strong passwords. A new fuzzy logic tool is
being developed to evaluate password strength and measures the password strength
based on dictionary attack, time crack and shoulder surfing attack (social engineering).
A comparative study of existing tools used by major companies such as Microsoft,
Google, CertainKey, Yahoo and Facebook are used to validate the proposed model and
tool.
A comprehensive literature survey and analytical study performed on phishing
emails representing social engineering attacks that are directly related to financial fraud
are presented and compared with other security threats. This research proposes a novel
approach that successfully addresses social engineering attacks. Another intelligent tool
is developed to discover phishing messages and provide educational feedback to the user focusing on the visible part of the incoming emails, considering the email’s source
code and providing an in-line awareness security feedback.
|
| 47 |
Improving Email Security in Organizations : Solutions and GuidelinesAndrén, Axel, Kashlan, Ghaith, Nantarat, Atichoke January 2023 (has links)
Data breaches from email attacks have been an issue since email was first implemented. Common attack methods like phishing are still a threat to organizations to this very day. That is because it never seems to stop evolving and keeps becoming more and more convincing. Email compromises have caused billions of dollars in damage worldwide, and it shows no sign of stopping. The purpose and research questions of this thesis are formulated to find guidelines or solutions that organizations can follow to improve their overall email security and awareness. In this thesis, both a systematic literature review and interviews are methods used to conduct the research. That way, both the technical portion of the subject, as well as the human perspective are covered. We found that the most common and significant email threats to organizations are phishing, BEC, and APT attacks. This thesis provides methods to mitigate these threats. What has also become clear is that human mistakes are a large portion of the problem concerning email attacks.
|
| 48 |
Ranking Social Engineering Attack Vectors in The Healthcare and Public Health SectorGaurav Sachdev (14563787) 06 February 2023 (has links)
<p>The National Institute of Standards and Technology defines social engineering as an attack vector that deceives an individual into divulging confidential information or performing unwanted actions. Different methods of social engineering include phishing, pretexting, tailgating, baiting, vishing, SMSishing, and quid pro quo. These attacks can have devastating effects, especially in the healthcare sector, where there are budgetary and time constraints. To address these issues, this study aimed to use cybersecurity experts to identify the most important social engineering attacks to the healthcare sector and rank the underlying factors in terms of cost, success rate, and data breach. By creating a ranking that can be updated constantly, organizations can provide more effective training to users and reduce the overall risk of a successful attack. This study identified phishing attacks via email, voice and SMS to be the most important to defend against primarily due to the number of attacks. Baiting and quid pro quo consistently ranked as lower in priority and ranking.</p>
|
| 49 |
TASK, KNOWLEDGE, SKILL, AND ABILITY: EQUIPPING THE SMALL-MEDIUM BUSINESSES CYBERSECURITY WORKFORCEVijaya Raghavan, Aadithyan 11 July 2023 (has links)
No description available.
|
| 50 |
The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasuresConnolly, Lena Y., Wall, D.S. 16 June 2020 (has links)
Yes / Year in and year out the increasing adaptivity of offenders has maintained ransomware's position as a major cybersecurity threat. The cybersecurity industry has responded with a similar degree of adaptiveness, but has focussed more upon technical (science) than ‘non-technical’ (social science) factors. This article explores empirically how organisations and investigators have reacted to the shift in the ransomware landscape from scareware and locker attacks to the almost exclusive use of crypto-ransomware. We outline how, for various reasons, victims and investigators struggle to respond effectively to this form of threat. By drawing upon in-depth interviews with victims and law enforcement officers involved in twenty-six crypto-ransomware attacks between 2014 and 2018 and using an inductive content analysis method, we develop a data-driven taxonomy of crypto-ransomware countermeasures. The findings of the research indicate that responses to crypto-ransomware are made more complex by the nuanced relationship between the technical (malware which encrypts) and the human (social engineering which still instigates most infections) aspects of an attack. As a consequence, there is no simple technological ‘silver bullet’ that will wipe out the crypto-ransomware threat. Rather, a multi-layered approach is needed which consists of socio-technical measures, zealous front-line managers and active support from senior management. / This work was supported by the Engineering and Physical Sciences Research Council and is part of the EMPHASIS (EconoMical, PsycHologicAl and Societal Impact of RanSomware) project [EP/P011721/1].
|
Page generated in 0.1157 seconds