Global ETD Search

11	Towards Algorithmic Identification of Online Scams Badawi, Emad Mohammad Hussein 13 December 2021 (has links) In “web-based scams”, scam websites provide fraudulent business or fake services to steal money and sensitive information from unsuspecting victims. Despite the researchers’ efforts to develop anti-scam detection techniques, the scams continue to evolve and cause online threats. State-of-the-art anti-scam research still faces several challenges, such as automatically acquiring a labeled scam dataset and providing early detection and prevention mechanisms to attacks that use cryptocurrency as a payment medium. In this thesis, we implement a data-driven model to detect and track web-based scams with a web presence. Given a few scam samples, our model formulates scam-related search queries and uses them on multiple search engines to collect data about the websites to which victims are directed when they search online for sites that may be related to the scam. After collecting a sufficient corpus of web pages, our model semi-automatically clusters the search results and creates a labeled training dataset with minimal human interaction. Our model proactively looks for scam pages and monitors their evolution over time rather than waiting for the scam to be reported. Whenever a new scam instance is detected, the model sends it automatically to the eCrime eXchange data warehouse in real-time. We have used the model to investigate and gain knowledge on two scams; the “Game Hack” Scam (GHS) and the “Bitcoin Generator Scam” (BGS). To the best of our knowledge, GHS and BGS have not been well studied so far, and this is the first systematic study of both scams. GHS targets game players, in which the attackers attempt to convince victims that they will be provided with free in-game advantages for their favorite game. Before claiming these advantages, the victims are supposed to complete one or more tasks, such as filling out “market research” forms and installing suspicious executable files on their machines. Over a year of crawling, we uncovered more than 5,900 unique domains. We estimate that these domains have been accessed at least 150 million times from 2014 until 2019. BGS is a simple system in which the scammers promise to “generate” new bitcoins using the ones sent to them. BGS is not a very sophisticated attack; the modus operandi is to put up some web page that contains the address to send the money and wait for the payback. Over 21 months of crawling, we found more than 3,000 addresses directly associated with the scam, hosted on over 1,200 domains. Overall, these addresses have received (at least) over 9.6 million USD. Our analysis showed that a small group of scammers controls the majority of the received funds. The top two groups have received around 6 million USD, which is more than half of the total funds received by the scam addresses. Game Scam Bitcoin Scam Scam Analysis Fraud Detection Cyberattack Cryptocurrency Blockchain analysis Data mining
12	Detekce anomálií síťového provozu / Network Anomaly Detection Lieskovan, Tomáš January 2017 (has links) This semester project presents an analysis of network traffic and detection of anomalies in network traffic by several various means. In the first part of the paper there is an explanation of the methods aiming at denial of service. Then in the second part an implementation of protection by means of selected solutions is presented. The intent is to compare these means which are supposed to detect cyber attacks aiming at denial of service. Another intent is to choose the best solutions from the categories of open-source and commercial solutions. The target of the master thesis was to work out a comparison between actual solutions for detection of DoS and DDoS attacks.
13	Cyberattacker – fredstida kris, krig eller något mittemellan?: En kritisk analys av den rättsliga gränsdragningen mellan krig och fred Pettersson, Cathrine January 2023 (has links) No description available. krig fredstida kris cyberattack gränsdragning regeringsformen statsrätt konstitutionell rätt Law Juridik
14	Examining Cooperative System Responses Against Grid Integrity Attacks Parady, Alexander D 01 January 2022 (has links) Smart grid technologies are integral to society’s transition to sustainable energy sources, but they do not come without a cost. As the energy sector shifts away from a century’s reliance on fossil fuels and centralized generation, technology that actively monitors and controls every aspect of the power infrastructure has been widely adopted, resulting in a plethora of new vulnerabilities that have already wreaked havoc on critical infrastructure. Integrity attacks that feedback false data through industrial control systems, which result in possible catastrophic overcorrections and ensuing failures, have plagued grid infrastructure over the past several years. This threat is now at an all-time high and shows little sign of cooling off. To combat this trajectory, this research explores the potential for simulated grid characteristics to examine robust security measures by use of a cyber-physical system (CPS) testbed constructed across the University of Central Florida (UCF) Resilient, Intelligent and Sustainable Energy Systems (RISES) Lab Cluster. This thesis explores hypothesized defense mechanisms and awareness algorithms to protect against unforeseen vulnerabilities brought on by grid attacks that will test the boundaries of commercial cybersecurity standards. Through an extensive probe across proposed defenses and vulnerability analysis of industrial systems, a blueprint for future research is outlined that will yield results that have the potential to ripple improvements across the power sector. The sanctity of critical infrastructure is of the highest priority for global powers. As such, this research bolsters the tools at the disposal of international entities and seeks to protect the ever-expanding lifestyle that reliable access to energy provides. Critical Infrastructure Smart Grid Cybersecurity Power Systems Cooperative System Cyberattack Computer Engineering Information Security
15	Making the Most of Limited Cybersecurity Budgets with AnyLogic Modeling George Joseph Hamilton (13149225) 26 July 2022 (has links) <p>In an increasingly interconnected world, technology is now central to the operations of most businesses. In this environment, businesses of all sizes face an ever-growing threat from cyberattacks. Successful cyberattacks can result in data breaches, which may lead to financial loss, business interruptions, regulatory fines, and reputational damage. In 2021, the losses from cyber attacks in the United States were estimated at $6.9 Billion.</p> <p>Confronting the threat of cyberattacks can be particularly challenging for small businesses, which must defend themselves using a smaller budget and less in-house talent while balancing the pursuit of growth. Risk assessments are one method for organizations to determine how to best use their cybersecurity budgets. However, for small businesses, a risk assessment may require a significant portion of the budget which could otherwise be used to implement cybersecurity controls.</p> <p>This research builds on existing research from Lerums et al. for simulating a phishing attack to present a model that very small businesses may use in place of or as a precursor to a risk assessment. The updated model includes sensible default values for the cost and effectiveness of cybersecurity controls as well as the number of cyberattacks expected per year. Default values are based on academic literature, technical reports, and vendor estimates, but they may all be changed by organizations using the model. The updated model can also be tailored by non-technical users to reflect their network, relevant threat actors, and budget. Lastly, the updated model can output an optimized control set that yields the maximum annual net return and the single control with the greatest annual return on investment based on a user's inputs.</p> <p>After construction, the updated model is tested on organizations with 5, 25, and 50 employees facing varied sets of threat actors and attacks per year. Key takeaways include the high net return of all security controls tested, benefits of defense-in-depth strategies for maximizing return across multiple attack types, and the role of threat actors in tempering high estimates of security control effectiveness.</p> <p> </p> <p>All code and releases are open source and available from: <a href="https://github.com/gjhami/AttackSimulation" target="_blank">https://github.com/gjhami/AttackSimulation</a>.</p> cyberscurity budgeting small business return on investment simulation cyberattack
16	A DYNAMIC CYBER-BASED VIEW OF THE FIRM Schwartz, Tamara January 2019 (has links) Technology, perceived by many organizations to be a tool, has evolved from a set of tools, to a location in which many companies have located their key terrain through digitization. That location is cyberspace, an inherently compromised, hostile environment, marked by rapid change and intense competition. It is analogous to a dark alley lined with dumpsters and shadowy doorways with numerous people seeking to challenge organizational objectives. Despite the prevalence of digitization, which has transformed the organization from an anthropological manifestation to a cyborg construction, there does not currently exist a strategic view of the firm which explores the integration of the organization and cyberspace. This paper conceptualizes the Cyber-Based View of the Firm, a dynamic view designed to capture the complex interactions between people, technology, and data that enable cyberattack. A meta-analysis of current theory frames the research gap into which the Cyber-Based View fits. This meta-analysis, in conjunction with an exploratory case study of the Stuxnet attack, identified the need for physical mediation of the cognitive – informational interaction. Finally, the Cyber-Based View was used as a forensic tool to conduct a qualitative multi-case study. Using a failure autopsy approach, eight events were developed into case studies by examining, coding, and recombining the narratives within the qualitative data. A pattern matching technique was used to compare the empirical patterns of the case studies with the proposed patterns of the research construct, providing strong evidence of model validity. / Business Administration/Strategic Management Business Administration Information Technology Cyberattack Cyber-based View Cybersecurity Cyberthreat Hybrid Warfare
17	Protection and Cybersecurity of Inverter-Based Resources Alexander, Brady Steven 14 May 2024 (has links) Traditionally, power system protection describes detecting, clearing, and locating faults in the power system. Traditional methods for detecting and locating faults may not be sufficient for inverter-based resources (IBR) as the fault response of an IBR differs from the response of a synchronous generator. As the composition of the power grid continues to evolve to integrate more IBRs that employ communication-based control algorithms; the power system is also exposed to cyberattacks. Undetected cyberattacks can disrupt normal system operation causing local outages. Therefore, power system protection must evolve with the changes in the grid to not only detect, locate, and clear faults with IBR generation but also detect and mitigate cyberattacks on IBR controllers. This thesis proposes methods for protecting an IBR-based transmission system from: (i) GPS spoofing cyberattacks on a power sharing controller; (ii) open-circuit faults. The GPS spoofing detection algorithm is a decision tree that enables either the proposed state observer--based mitigation technique or the proposed long short-term memory (LSTM)-based mitigation algorithm. The proposed logic for detecting open-circuit faults addresses each subcategory of open-circuit faults: breaker malfunctions, broken conductors, and series arc faults. PSCAD/EMTDC simulations are performed to test the effectiveness of the proposed methods. / Master of Science / The desire to reduce carbon emissions from electric power generation is resulting in the simultaneous retirement of fossil-fuel-burning electric power generation and increase in the number of renewable energy resources. These renewable energy resources, or inverter-based resources, respond differently to disturbances than traditional generators, and; therefore, require the development of new strategies to improve the disturbance response of an inverter-based resource. Disturbances in the power system can be divided into two types: (i) normal disturbances; (ii) abnormal disturbances. The response of an IBR to normal disturbances is improved with reliable control, further improved with communication, which ensures the stable operation of the power system. The abnormal conditions can also be split into two categories: (i) cyberattacks; (ii) faults. A cyberattack is when an adversary gains access a system with the goal of causing harm. In IBRs, cyberattacks can degrade power quality and lead to local outages. Faults are events that cause a change in the normal current flow in the power system. Undetected faults can cause local outages, lead to forest fires, and personnel injury; therefore, must be detected, located, can cleared in a timely manner. This work explores methods for detecting and mitigating cyberattacks and detecting faults in the presence of inverter-based resources. Broken conductor cyberattack GPS spoofing inverter-based resources (IBR) power sharing protection.
18	Analýza vybraných případů kyberkriminality ve finanční sféře / Analysis of specific cases of cybercrimes in the financial sector Skřivánková, Klára January 2011 (has links) The thesis deals with the issue of currently most frequent cyber attacks apperaring in the financial sector, that do not aim to fraud financial institutions, but particularly target their clients, average Internet users. The highest attention is deserved to fraud emails -- as known as phishing. The other types of internet frauds and scams, such as Nigerian email scams or the Zeus virus, are not omitted. In the document is presented textual and pictorial guide, which contents a list of warning signs, that helps common Internet user identify and reveal email fraud. The multicriterial analysis evaluates the level of education and awareness, that selected financial institutions provide to their clients using the official web sites. In the last chapter are suggested recommendations and advices leading to increase availability, clearness and quality of information regarding internet frauds and financial threats.
19	Strategisk teori i cybermiljön ur ett flygmaktsperspektiv Ängblom, Daniel January 2016 (has links) Moderna industrialiserade stater är under utveckling till post-moderna, globalt sammanflätade ekonomier och samhällen. Cybermiljöns strategiska betydelse är högaktuell då det finns en strävan att ersätta traditionella militära förmågor med långräckviddiga vapen och tekniska system. Tänkandet inom cybermiljön präglas emellertid fortfarande av teknikens möjligheter och dess taktiska tillämpningar och en historisk vetenskapsteoretisk utgångspunkt i avskräckningsstrategi som inte anses vara tillämpbar i cybermiljön. Cybermiljön militariseras men strategisk teori för hur maktmedlet skall användas saknas. Teoretiskt ramverk bör förankras i empiri, filosofi och historia. Den här studien undersöker hur flygmaktsteori kan utgöra vetenskapshistorisk utgångspunkt för att förankra cyberteori i strategin och hur luftmaktsteori kan utveckla strategisk teori i cyber? Analysen har visat att flygmaktsteori kan utgöra utgångspunkt för konceptuellt tankesätt och utveckling av teori i cybermiljön främst för att de strategiska grundelementen och effekten är teoretiskt jämförbara. Studien har utvecklat cyberteori för operativa metoder, konceptuellt tankesätt och den sammansatta effekten av cyberattacker. Studien har visat att flygmaktsteori utgår från en systemsyn på motståndarens sociala och tekniska system och målet är att genom strategiska attacker parallellt bekämpa tyngdpunkter för att nå en paralyserande effekt. Därigenom skall en psykologisk effekt påverka viljan till fortsatt kamp. Cyberattacker är mer strategiska och politiska men mindre våldsamma än flygmakt och kan på ett mer effektivt sätt uppfylla politiska mål än traditionellt militärt våld. Information, underrättelser och teknik är av permanent betydelse för strategi. Cybermiljön har en politisk och militär dimension och i likhet med de övriga militära maktmedlen är cybervapnet föremål för strategisk teori. Cybermiljön anses vara teoretiskt förankrad i den allmänna strategin med en tydlig spårbarhet till den indirekta strategin. Strategi Cyberteori Flygmaktsteori Cyberattack Övrig annan samhällsvetenskap Social Sciences Interdisciplinary
20	Kontoret flyttar hem - Vad händer medcybersäkerheten? Norling, Katarina January 2021 (has links) No description available. cybersäkerhet informationssäkerhet cyberattack CIA-triangeln distansarbete utbildning Information Systems, Social aspects

Search results