81 |
Detecting Insider and Masquerade Attacks by Identifying Malicious User Behavior and Evaluating Trust in Cloud Computing and IoT DevicesKambhampaty, Krishna Kanth January 2019 (has links)
There are a variety of communication mediums or devices for interaction. Users hop from one medium to another frequently. Though the increase in the number of devices brings convenience, it also raises security concerns. Provision of platform to users is as much important as its security.
In this dissertation we propose a security approach that captures user behavior for identifying malicious activities. System users exhibit certain behavioral patterns while utilizing the resources. User behaviors such as device location, accessing certain files in a server, using a designated or specific user account etc. If this behavior is captured and compared with normal users’ behavior, anomalies can be detected.
In our model, we have identified malicious users and have assigned trust value to each user accessing the system. When a user accesses new files on the servers that have not been previously accessed, accessing multiple accounts from the same device etc., these users are considered suspicious. If this behavior continues, they are categorized as ingenuine. A trust value is assigned to users. This value determines the trustworthiness of a user. Genuine users get higher trust value and ingenuine users get a lower trust value. The range of trust value varies from zero to one, with one being the highest trustworthiness and zero being the lowest.
In our model, we have sixteen different features to track user behavior. These features evaluate users’ activities. From the time users’ log in to the system till they log out, users are monitored based on these sixteen features. These features determine whether the user is malicious. For instance, features such as accessing too many accounts, using proxy servers, too many incorrect logins attribute to suspicious activity. Higher the number of these features, more suspicious is the user. More such additional features contribute to lower trust value.
Identifying malicious users could prevent and/or mitigate the attacks. This will enable in taking timely action against these users from performing any unauthorized or illegal actions. This could prevent insider and masquerade attacks. This application could be utilized in mobile, cloud and pervasive computing platforms.
|
82 |
Posouzení a návrh informační bezpečnosti v organizaci / Assessment and a Proposal for Information Security in the OrganizationRybáková, Alena January 2015 (has links)
This diploma thesis deals with the issue of information security in the organization. Author's effort is to gain a broad overview of connections, which will then be evaluated in the final section, providing concrete recommendations. In this thesis it is discussed information security management system, service management system and cyber security, both in theory and in terms of real application in a particular organization. The aim is to provide own recommendations for improvement.
|
83 |
Who Watches The Privileged UsersPersson, Sebastian January 2020 (has links)
Today, companies are spending millions of dollars on cybersecurity, but compromised systems and stealing sensitive information are still huge problems. Protecting sensitive information has always been of vital importance. However, the struggle today is that digital information can be distributed to an endless amount of users, everywhere in the world. Security solutions today focus on role-based access control and "the principle of the least privilege". They can affect the productivity of employees, which is also a key aspect to be considered when it comes to security. Privilege users are the ones that possess the most permissions within a system and are, therefore, a significant risk. This thesis project is focusing on developing a solution that protects against security risks connected to the users with the most privilege. The developed solution resulted in a modular role-based access methodology, also adding the "four-eye principle" (4EP). By introducing an extra shield outside the standard API, sensitive commands sent unwittingly or wittingly by a privileged user can be discovered before compromising a system or leaking sensitive information. Introducing the "four-eye principle" in a secure proxy solution, a "third-party" user approves sensitive commands before reaching the intended system. The solution is developed in JAVA and is adaptable to different organisations by letting the system administrators choose an intended system, which policies of sensitive commands to apply and whom that needs to approve them. The concepts implemented in this prototype can be used in future industrial developments.
|
84 |
Experience of immersion in serious games : A quantitative study of educational games in the field of cyber securityGustafsson, Erik January 2022 (has links)
It is not always easy to immersive oneself in a new field, maybe even harder so if it is obligatory. This study focused on how serious games can immerse players and potential students in educational games for a learning purpose. More specifically, the study compared two similar educational games in cyber security. One of them was pretty lengthy and explained the topics in-depth, while the other was short and simpler. By allowing participants to play at least one of the two games and then answer a questionnaire about their experience with immersion, this study attempted to conclude which approach was the most immersive of the two. With the replies collected, the data on the whole suggest longer games that are more in-depth are generally more immersive, with the possible exception of participants that had no prior knowledge of the topic tend to prefer the simpler ones. / <p>Det finns övrigt digitalt material (t.ex. film-, bild- eller ljudfiler) eller modeller/artefakter tillhörande examensarbetet som ska skickas till arkivet.</p>
|
85 |
Kategorisera föreställningar om digitala hot / Categorize conceptions about digital threatsPettersson, Fredrik January 2022 (has links)
Användandet av internet ökar ständigt och allt fler företag digitaliserar sin verksamhet. Dock har detta lett till att kriminaliteten ökar på de digitala plattformarna. Detta sätter hög press på företag att satsa på sin datasäkerhet för att hänga med i utvecklingen. Målsättningen med denna rapport är att kategorisera allmänhetens uppfattning om digitala hot och ställa dessa i jämförelse med den forskning som finns. Detta för att se vilka hot som allmänheten behöver eller inte behöver oroa sig för. Rapporten lägger även ett stort fokus på de ekonomiska konsekvenser som cyberattackerna har på samhället. Resultatet visar att allmänheten rent generellt har dålig uppfattning om de digitala hoten även fast de överlag uppskattar hoten som allvarliga. Detta visar på en kunskapslucka hos befolkningen vilket kan vara naturlig då utvecklingen har gått mycket fort inom området. De hot som denna rapport lyfter upp är några av de mest relevanta digitala hot som finns på marknaden idag. Detta kompletteras med en genomgång av de ekonomiska konsekvenser och prognoser för framtida konsekvenser av cyberattacker. / The use of the internet is constantly increasing and more and more companies are digitizing their work. However, this has led to an increase in crime on the digital platforms. This puts a lot of pressure on companies to invest in their data security to keep up with the progress of cyber crime. The aim of this report is to categorize the public's perception of digital threats and compare them with existing research. This is to see what threats the public needs or does not need to worry about. The report also places great emphasis on the economic consequences that cyber attacks have on society. The result shows that the general public has a poor perception of the digital threats, even though they generally regard the threats as serious. This shows a knowledge gap among the population, which may be natural as the development has been very fast in the scientific area. The threats that this report highlights are some of the most relevant digital threats on the market today. This is supplemented by a review of the economic consequences and forecasts for future consequences of cyber attacks.
|
86 |
En analys kring det civila försvaret på lokal nivå. : En jämförande studie mellan Värmland och Örebros resurser och samarbetsförmågor / An analysis of civil local defense. : A comparative study between Värmland and Örebros, resources and their ability to work together.Kullander, Nathalia January 2021 (has links)
The purpose of this essay is to study the civil defense work in Värmland and Örebro, connected to their resources whithin the respective county. To get a clear picture of how the counties are equipped when it comes to a crisis I have been focusing on the necessary principle connected to civil defense. The study also includes their work with the confederation of enterprise, warehousing and cyber security. To be able to see if they have the potential to collaborating with their resources. I use Emerson's theory of collaborative governance to see if Värmland and Örebro have the potential to work together during a conceivable crisis. Which is about cross-border governance where public and non-public actors prepare overall decisions. When I read about previous research regarding civil defense, I saw Lunde Saxis report Nordic Defense cooperation after the Cold war. And then I got the idea of studying the cooperation between Värmland and Örebro County. Like his theory, it is most optimal if two smaller actors merge during a crisis instead of managing it individually. The counties cannot challenge each other, but they can complement each other during a crisis. The thesis has a larger issue that is linked to the purpose of looking at the potential for collaboration within the theory Collaborative governance:- Can Emerson's theory of Collaborative Governance be established in today's civil defense at the local level?In order to be able to answer that question, the essay will have three sub-questions based on answering whether Örebro and Värmland have opportunities to find possible collaboration with each other.- Are there co-operation capabilities between the two counties according to Collaborative governance?- What assets do the two counties have at their disposal in civil defense?- Do the counties have physical proximity to the various assets required for a stable civil defense?The thesis concludes that the two counties have good conditions for coping with a crisis with their resources available, and that there is great potential for developing new methods and establishing more working methods linked to business, warehousing and cyber security. Collaboration can take place within Emerson's theory, the counties have good chances of collaborating within collaborative governance.Keywords- Civil Defense, The Confederation Of Enterprise, Warehousing, Cyber Security, Cooperation, Collaborative Governance.
|
87 |
Cyberöverföring : En studie om problemrepresentation och policyöverföring inom informations- och cybersäkerhetsområdet / Cyber Transfer : A study on problem representation and policy transfer in the information and cyber-security areaEriksson, Niclas January 2021 (has links)
During recent years, cyber-threats has become an increasing problem in society. Incidents during the previous decade has shown that cyber-attacks can cause severe consequences for states, businesses, and organisations all over the world. There has also been an increase in cyber-crimes like phishing and other types of scams and extortion, which threatens the general public. As a result, information and cyber-security has become a hot topic among technology developers as well as in policy discussions. This paper studies an EU-common policy and a Swedish national policy on cyber-security to find out how cyber-threats are represented as a problem within the EU and in Sweden. The study then applies a theoretical framework of policy transfer to explain how the represented problem has changed in the transfer from European to Swedish context. The study finds that in the transference the scope of the represented problem has widened, both in terms of what is considered a threat as well as in who the policy aims to protect. This study aims to increase the understanding on how governance based on discursive visions, affects the solution a problem receives.
|
88 |
Implementation of GNSS/GPS Navigation and its Attacks in UAVSim TestbedJahan, Farha January 2015 (has links)
No description available.
|
89 |
Exploring SME Vulnerabilities to Cyber-criminal Activities Through Employee Behavior and Internet AccessTwisdale, Jerry Allen 01 January 2018 (has links)
Cybercriminal activity may be a relatively new concern to small and medium enterprises (SMEs), but it has the potential to create financial and liability issues for SME organizations. The problem is that SMEs are a future growth target for cybercrime activity as larger corporations begin to address security issues to reduce cybercriminal risks and vulnerabilities. The purpose of this study was to explore a small business owner's knowledge about to the principal elements of decision making for SME investment into cybersecurity education for employees with respect to internet access and employee vulnerabilities. The theoretical framework consisted of the psychological studies by Bandura and Jaishankar that might affect individual decision making in terms of employee risks created through internet use. This qualitative case study involved a participant interview and workplace observations to solicit a small rural business owner's knowledge of cybercriminal exploitation of employees through internet activities such as social media and the potential exploitation of workers by social engineers. Word frequency analysis of the collected data concluded that SME owners are ill equipped to combat employee exploitation of their business through social engineering. Qualitative research is consistent with understanding the decision factors for cost, technical support, and security threat prevention SME organizational leadership use and is the focus of this study as emergent themes. The expectation is that this study will aid in the prevention of social engineering tactics against SME employees and provide a platform for future research for SMEs and cybercriminal activity prevention.
|
90 |
Secure Control and Operation of Energy Cyber-Physical Systems Through Intelligent AgentsEl Hariri, Mohamad 05 November 2018 (has links)
The operation of the smart grid is expected to be heavily reliant on microprocessor-based control. Thus, there is a strong need for interoperability standards to address the heterogeneous nature of the data in the smart grid. In this research, we analyzed in detail the security threats of the Generic Object Oriented Substation Events (GOOSE) and Sampled Measured Values (SMV) protocol mappings of the IEC 61850 data modeling standard, which is the most widely industry-accepted standard for power system automation and control. We found that there is a strong need for security solutions that are capable of defending the grid against cyber-attacks, minimizing the damage in case a cyber-incident occurs, and restoring services within minimal time.
To address these risks, we focused on correlating cyber security algorithms with physical characteristics of the power system by developing intelligent agents that use this knowledge as an important second line of defense in detecting malicious activity. This will complement the cyber security methods, including encryption and authentication. Firstly, we developed a physical-model-checking algorithm, which uses artificial neural networks to identify switching-related attacks on power systems based on load flow characteristics.
Secondly, the feasibility of using neural network forecasters to detect spoofed sampled values was investigated. We showed that although such forecasters have high spoofed-data-detection accuracy, they are prone to the accumulation of forecasting error. In this research, we proposed an algorithm to detect the accumulation of the forecasting error based on lightweight statistical indicators. The effectiveness of the proposed algorithms was experimentally verified on the Smart Grid testbed at FIU. The test results showed that the proposed techniques have a minimal detection latency, in the range of microseconds.
Also, in this research we developed a network-in-the-loop co-simulation platform that seamlessly integrates the components of the smart grid together, especially since they are governed by different regulations and owned by different entities. Power system simulation software, microcontrollers, and a real communication infrastructure were combined together to provide a cohesive smart grid platform. A data-centric communication scheme was selected to provide an interoperability layer between multi-vendor devices, software packages, and to bridge different protocols together.
|
Page generated in 0.8495 seconds