Cyber Security Threat Analysis and Attack Simulation for Unmanned Aerial Vehicle Network

Javaid, Ahmad Yazdan

January 2015

No description available.

Computer Engineering

Cyber-Security

Attack simulation

Simulation testbed development

Unmanned aerial network

Asserting password crackers ability to target Swedish passwords : An analysis / Lösenordsknäckares förmåga att attackera svenska lösenord

Jensen, Casper

January 2023

In today's digital world, passwords are the keys that unlock our online lives, keeping our social media, financial accounts, and streaming services secure. Unfortunately, this makes password information a prime target for hackers, who can gain access to our entire digital existence. One significant vulnerability is that an individual's language and cultural background often influence password creation. This master's thesis explores the realm of password security by examining the ability of popular password cracking and mangling tools to target passwords created by Swedish speakers. The study compares attacks on passwords created by Swedish speakers to those created by international users. The tools under scrutiny include Probabilistic Context Free Grammar (PCFG), Ordered Markov Enumerator (OMEN), Odinn, and Hashcat. The study also examines a method for measuring the quality of the tools' password guesses. The findings revealed a noteworthy trend: all the tools demonstrated better performance when attacking passwords created by Swedish speakers compared to their international counterparts. PCFG, in particular, was nearly twice as effective against Swedish passwords after just 10,000 guesses, while OMEN outperformed significantly against Swedish targets after 1-5 million guesses. The quality measurements, gauged by the percentage of cracked passwords after specific guess increments of 10,000, 1-5 million, and 1 billion were used to evaluate the effectiveness of the tools. This research highlights the nuanced dynamics of password security, emphasizing the impact of linguistic and cultural factors on the vulnerability of passwords.

cyber security

passwords

it-security

swedish passwords

Engineering and Technology

Teknik och teknologier

Approximation-based monitoring of ongoing model extraction attacks : model similarity tracking to assess the progress of an adversary / Approximationsbaserad monitorering av pågående modelextraktionsattacker : modellikhetsövervakning för att uppskatta motståndarens framsteg

Gustavsson, Christian

January 2024

Many organizations turn to the promise of artificial intelligence and machine learning (ML) as its use gains traction in many disciplines. However, developing high-performing ML models is often expensive. The design work can be complicated. Collecting large training datasets is often costly and can contain sensitive or proprietary information. For many reasons, machine learning models make for an appetizing target to an adversary interested in stealing data, model properties, or model behavior.  This work explores model extraction attacks and aims at designing an approximation-based monitor for tracking the progress of a potential adversary. When triggered, action can be taken to address the threat. The proposed monitor utilizes the interaction with a targeted model, continuously training a monitor model as a proxy for what the attacker could achieve, given the data gathered from the target.  The usefulness of the proposed monitoring approach is shown for two experimental attack scenarios. One explores the use of parametric and Bayesian models for a regression case, while the other explores commonly used neural network architectures for image classification.  The experiments expand current monitoring research to include ridge regression, Gaussian process regression, and a set of standard variants of convolutional neural networks: ResNet, VGG, and DenseNet. It also explores model and dataset similarity using metrics from statistical analysis, linear algebra, optimal transport, and a rank score. / Många organisationer vänder sig till löftet om artificiell intelligens och maskininlärning (ML) då dess användning vinner mark inom allt fler discipliner. Att utveckla högpresterande ML-modeller är dock ofta kostsamt. Designarbetet kan vara komplicerat. Att samla in stora träningsdataset är ofta dyrt och kan innehålla känslig eller proprietär information. Det finns många skäl till att maskininlärningsmodeller kan vara lockande mål för en motståndare som är ute efter att stjäla data, modellparametrar eller modellbeteende. Det här arbetet utforskar modellextraktionsattacker och syftar till att utforma en approximationsbaserad monitorering som följer framstegen för en potentiell motståndare. När en attack är konstaterad kan åtgärder vidtas för att hantera hotet. Den föreslagna monitorn utnyttjar interaktionen med målmodellen. Den tränar kontinuerligt en monitor-modell som en fungerar som en approximation för vad angriparen skulle kunna uppnå med de data som samlats in från målmodellen. Nyttan av den föreslagna övervakningsansatsen visas för två experimentella attackscenarier. Det ena utforskar användningen av parametriska och Bayesianska modeller för ett regressionsfall, medan det andra utforskar vanligt använda neurala nätverksarkitekturer för ett bildklassificeringsfall. Experimenten utvidgar aktuell forskning kring monitorer till att att inkludera Ridge regression, Gauassian process regression och en uppsättning standardvarianter av convolutional neural networks: ResNet, VGG och DenseNet. Experimenten utforskar även likhet mellan ML-modeller och dataset med hjälp av mått från statistisk analys, linjär algebra, optimal transport samt rangapproximation.

machine learning

cyber security

model extraction attack

Engineering and Technology

Teknik och teknologier

Zákon o kybernetické bezpečnosti a jeho dopady na povinné subjekty / The Cyber Security Act and its impacts on obliged entities

Draganov, Vojtěch

January 2016

The thesis looks into the act No. 181/2014 Coll. Cyber Security Act (hereinafter referred to as "CSA") and its impact on obliged entities with focus on the regional authorities of the Czech Republic. The thesis starts with introduction into the issue of the CSA and cybersecurity from the point of view of the state, subsequently it refocuses on the level of regulated organizations. The main pillar and contribution of the thesis is the CSA analysis with the aim to identify impact of the CSA in the obliged entities. Based on this analysis author designed the questionnaire survey of the CSA impact on the regional authorities. The survey relates to information security management system, kinds of burden stemmed from the CSA implementation, willingness to use funding from the European Regional Development Fund (ERDF) to implement the CSA, a possibility to outsource the cybersecurity and also opinions of the county council staff about the CSA. The survey shows that in spite of a pressure on standardization stemming from legal framework, county councils differs significantly in regard to information security management systems. On the other hand, respondents agreed on positive impact of the CSA on improvement of information and the cyber security although the CSA brings significant financial and organizational load to the organization. The survey also shows that some regional authorities only start to implement cybersecurity currently. The cybersecurity evolves in the researched organization quite dynamically and it would be beneficial to repeat the impact analyses again, after first wave of the CSA implementation will be finished.

Metodika asistovaného zhodnocení / Methodology of a security audit

Kroupová, Hana

January 2019

The master‘s thesis is focused on security audit. The aim of this thesis is to create methodology, which might help with creating security audits and research current condition of cybernetic and information security in a business establishment. Theoretical part explains basic terms and concepts about cyber and information security. Own interpretation consist description of methodological areas of security audit.

Implementace nástroje pro řízení kybernetické bezpečnosti / Implementation of a tool for cyber security management

Strachová, Zuzana

January 2021

The thesis is focused on the implementation of a software tool to increase the effectiveness of cyber security management. The tool is implemented in a company preparing to be classified as a part of critical information infrastructure. Based on the customer's requirements, a suitable cyber security management tool is selected. Subsequently, I propose a methodology for implementing the tool, which I immediately apply. The output of the work is an implemented tool, risk analysis and security documentation required by law.

Cyber Supply Chain Security and the Swedish Security Protected Procurement with Security Protective Agreement

Dios Falk, Carina

January 2023

Digitalisation and globalisation are increasing the number of integrated and interconnected information technology (IT) systems worldwide. Consequently, these relationships and dependencies develop technological relationships through their services. Identifying all these relations is for organisations a challenge and complex since it involves millions of source code lines and global connections. For this reason, cyber supply chain risk management (C-SCRM) is becoming ever more critical for organisations to manage risks associated with information technology and operational technology (OT). At the same time, during a press conference, the Swedish Minister for Defense Peter Hultquist estimated that there are approx. 100.000 cyber activities against Swedish targets every year that targets both the Private and Public sector. In response to the evolving threat landscape, Sweden is experiencing a paradigm shift in protective security processes with new legislation entering into force that aims to protect Sweden's security against espionage, sabotage, terrorist offences and other crimes against national security. These rules on protective security, the Protective Security Act (2018:585) and Protective Security Ordinance (2021:955) apply to operators that are important for Sweden's national security and affect how public procurement processes are regulated. This thesis aims to study how the Swedish Security Protected Procurement with Security Protective Agreements (SUA) process and Cyber Supply Chain Risk Management (C-SCRM) relate and to understand what practices increase and decrease the level of C-SCRM in the current SUA process. The research questions are Q1) How does the SUA process relate to C-SCRM? and Q2) How does the SUA process affect the level of C-SCRM? This research paper contributes to understanding C-SCRM in the context of the Swedish Security Protected Procurement with Security Protective Agreements (SUA). To answer the research questions a Case study strategy was used, and interviews were conducted with eight key experts as well as a document analysis. The results showed that audit, regulation and people and processes are essential to managing C-SCRM and that processes within other international models, including the CMMC and Cyber Essential Plus, should be adopted to the SUA process to better manage cyber supply chain risks.

Cyber Security

Protective Security

Public Procurement

Cyber Supply Chain Security

Swedish National Security

Risk Management

Cyber Security Risk Management

NIST 800-161

ISO/IEC 27036

NISTIR 8276

Computer Sciences

Datavetenskap (datalogi)

Evropská právní úprava kyberzločinů s porovnáním právní úpravy kyberzločinů ve Spojených státech amerických / European legal regulation of cybercrimes in a comparison with the legal regulation of cybercrimes in the USA

Nováčková, Eliška

January 2015

6 Abstract Thesis title: European legal regulation of cybercrimes in a comparison with the legal regulation of cybercrimes in the USA The diploma thesis deals with the legislation of cybercrime and cyber security of the United States of America and the European Union. The introduction defines the basic concepts and important moments of history of related legislation and discusses key policy documents adopted in the transatlantic area. It also presents the politics of these two units and their key legislation and describes the international Convention on Cybercrime. Selected documents are subsequently compared and evaluated in the context of legal terminology, technological development and application of regulations in practice. The thesis is concluded by the basic steps of transatlantic cooperation on issues of cyber security. The conclusion summarizes the lessons learned by comparing documents, particularly international emphasis on ratification of the Convention on Cybercrime and adequate levels of awareness of cyber space, and highlights some terminological inaccuracies. Keywords Cyber threats * cyber security * cybercrime * international cooperation * strategic documents

Kybernetická krimnalita / Cyber crime

Bartůněk, Jan

January 2015

Development of information technology is one of the most dynamic parts of today's global society. Along with the coming of new technologies it generates new types of crime, eventually existing types of criminal activities in this area are moving from the real world to cyberspace. This rapid development of cyber crime enforces corresponding changes in the legislation related to cyberspace. In the Czech Republic the most fundamental changes in cyber crime law have been made along with the new Criminal Code. The new code has modified some areas, that were not mentioned by previous criminal code, refined or amended previous terminology related to cyberspace and added institutes required by international commitments, especially by the Convention on Cybercrime. The purpose of this diploma thesis on "Cyber crime" is to outline the issues of cyber-crime, point out some troubling topics, which are currently present in cyberspace, and outline possible future development of criminal law in cyberspace. In the beginning of the thesis there is a short summary of cyberspace and cyber crime history, that is followed by definitions of selected basic concepts of cyberspace and cyber crime. In the following chapters, there is a summary of current Czech legislation of selected areas and there some examples of such...

Security Analysis and Access Control Enforcement through Software Defined Networks / Analyse de sécurité et renforcement de control d’accès à travers les réseaux programmables

Zerkane, Salaheddine

05 November 2018

Les réseaux programmables (SDN) sont un paradigme émergent qui promet de résoudre les limitations de l'architecture du réseau conventionnel. Dans cette thèse, nous étudions et explorons deux aspects de la relation entre la cybersécurité et les réseaux programmables. D'une part, nous étudions la sécurité pour les réseaux programmables en effectuant une analyse de leurs vulnérabilités. Une telle analyse de sécurité est un processus crucial pour identifier les failles de sécurité des réseaux programmables et pour mesurer leurs impacts. D'autre part, nous explorons l'apport des réseaux programmables à la sécurité. La thèse conçoit et implémente un pare-feu programmable qui transforme la machine à états finis des protocoles réseaux, en une machine à états équivalente pour les réseaux programmables. En outre, la thèse évalue le pare-feu implémenté avec NetFilter dans les aspects de performances et de résistance aux attaques d’inondation par paquets de synchronisation. De plus, la thèse utilise l'orchestration apportée par les réseaux programmables pour renforcer la politique de sécurité dans le Cloud. Elle propose un Framework pour exprimer, évaluer, négocier et déployer les politiques de pare-feu dans le contexte des réseaux programmables sous forme de service dans le Cloud. / Software Defined Networking (SDN) is an emerging paradigm that promises to resolve the limitations of the conventional network architecture.SDN and cyber security have a reciprocal relationship. In this thesis, we study and explore two aspects of this relationship. On the one hand, we study security for SDN by performing a vulnerability analysis of SDN. Such security analysis is a crucial process in identifying SDN security flaws and in measuring their impacts. It is necessary for improving SDN security and for understanding its weaknesses.On the other hand, we explore SDN for security. Such an aspect of the relationship between SDN and security focusses on the advantages that SDN brings into security.The thesis designs and implements an SDN stateful firewall that transforms the Finite State Machine of network protocols to an SDN Equivalent State Machine. Besides, the thesis evaluates SDN stateful firewall and NetFilter regarding their performance and their resistance to Syn Flooding attacks.Furthermore, the thesis uses SDN orchestration for policy enforcement. It proposes a firewall policy framework to express, assess, negotiate and deploy firewall policies in the context of SDN as a Service in the cloud.

Réseaux programmables

Cybersécurité

Pare-feu

Orchestration

Vulnérabilité

Contrôle d’accès

Software Defined Networks

Cyber security

Firewall

Orchestration

Vulnerability

Access Control

005.8