Global ETD Search

1	Vulnerability in a cyberattack : How DoS affects Swedish government authorities Burgos, Peter, Storsten, Julia January 2014 (has links) With a growing development of technologies and the fact that many companies implements online services, an interruption in such service could cause problems for any kind of user by exploiting the vulnerabilities in these systems. The Swedish Armed Forces (SwAF) indicates that the development of the defensive ability must continue, since the vulnerability of the cyberenvironment becomes a greater interest for adversaries. A denial of service can create panic by e.g. force resources to look into the ongoing attack minimizing the awareness of the protection of other systems. Known attacking tools and statistics are presented in this thesis, but the scope is to generate a framework. The main aim is to look into the Swedish government authorities and give an insight of how a possible path for an increased resilience against a modern distributed denial of service attack could be and at the same time expand the knowledge and give a base for developing more secure systems. This thesis consists of a survey and simulations of network traffic behaviors in order to categorize and give a framework for a small, middle and large sized authority. The result shows that a small sized authority has a risk of 47% in not being able to survive an attack, while a middle sized authority only would have 17% as dangerous risk, since that is the risk of having attacks exceeding 60 Gbit/s. A large sized authority is defined by having a capacity of 100 Gbit/s. Therefore, an increased resilience is by exceeding 60 Gbit/s showing that 60% of the authorities within this thesis are prepared against a modern distributed denial of service attack. If an attack succeeds, the authorities are at greater risk to not be able to communicate externally and reach out to the society as impact. / Med en snabb teknikutveckling och det faktum att många företag genomför online-tjänster, kan ett avbrott i en sådan tjänst orsaka problem för alla typer av användare genom att utnyttja sårbarheter i dessa system. Försvarsmakten antyder att utvecklingen av den defensiva förmågan måste fortsätta, eftersom sårbarheten i cybermiljön blir ett större intresse för motståndare. En överbelastningsattack kan skapa panik genom att t.ex. tvinga resurser att undersöka en pågående attack vilket minimerar medvetenheten för skydd av andra system. Kända attackverktyg och statistik presenteras i denna studie men avgränsningen är att skapa ett ramverk. Det främsta syftet är att undersöka svenska myndigheter och ge en mall för en ökad motståndskraft mot överbelastningsattacker och att även öka kunskapen och ge en bas för att utveckla säkrare system. Studien består av en enkätundersökning och simuleringar om beteendet av nätverkstrafik för att kategorisera och ge en ram för en liten, medel och stor myndighet. Resultatet av denna studie visar att en liten myndighet har en risk på 47% att inte överleva en attack, medan en medelstor myndighet endast skulle ha en risk på 17% att inte överleva, eftersom det är risken för attacker som överstiger 60 Gbit/s. En stor myndighet definieras genom att ha en kapacitet på 100 Gbit/s. Ett ökat motstånd är därmed en kapacitet på över 60 Gbit/s som visar att 60% av myndigheterna inom denna studie är förberedda inför en överbelastningsattack. Om en attack lyckas, löper myndigheterna större risk att inte kunna kommunicera externt och nå ut till samhället som påverkan. DoS DDoS resilience cyberattacks cyberdefence attacking tools
2	Successful Operational Cyber Security Strategies for Small Businesses Barosy, Wileen 01 January 2019 (has links) Cybercriminals threaten strategic and efficient use of the Internet within the business environment. Each year, cybercrimes in the United States cost business leaders approximately $6 billion, and globally, $445 billion. The purpose of this multiple case study was to explore the operational strategies chief information security officers of high-technology companies used to protect their businesses from cyberattacks. Organizational learning theory was the conceptual framework for the study. The population of the study was 3 high-technology business owners operating in Florida who have Internet expertise and successfully protected their businesses from cyberattacks. Member checking and methodological triangulation were used to valid the data gathered through semistructured interviews, a review of company websites, and social media pages. Data were analyzed using thematic analysis, which supported the identification of 4 themes: effective leadership, cybersecurity awareness, reliance on third-party vendors, and cybersecurity training. The implications of this study for positive social change include a safe and secure environment for conducting electronic transactions, which may result in increased business and consumer confidence strengthened by the protection of personal and confidential information. The creation and sustainability of a safe Internet environment may lead to increased usage and trust in online business activities, leading to greater online business through consumer confidence and communication. Chief Information Security Officers Cyberattacks Small Businesses Business
3	Informační a kybernetické hrozby v roce 2019 / Information and Cyber Threats in 2019 Bača, Jonatán January 2020 (has links) Diploma thesis focuses on information and cyber threats in 2019. It comprises theoretical basis for better understanding of the issue. Afterward the thesis describes the analysis of the current situation which combined several analyses primarily aimed on Czech companies. In the last part draft measures is created which contain predictions and preventive actions and recommendations for companies.
4	"More dangerous than guns and tanks" : How cybersecurity is framed by the EU and Sweden Lindvall, Erik January 2020 (has links) The purpose of this thesis is to study the way the European Union and Sweden respectively frame the subject of cybersecurity, to see whether their framing differs and what consequences that may have. In order to study this, the thesis will study the cybersecurity strategies of the European Union and Sweden through a discourse analysis according to the Copenhagen school’s theory of securitization. The purpose is to see what the two actors define as the object that needs to be secured, what threatens said object and what measures should be taken to secure it. To study the cybersecurity strategies, data will be gathered from the European Union’s Cybersecurity Act of 2019 and Sweden’s six cybersecurity priorities, alongside other policy papers deemed relevant. The two points will then be compared in order to see how the framing align or contrast, to see what consequences that may bring. Cybersecurity cyberattacks cyberthreats cyberspace European Union Sweden securitization discourse analysis Political Science Statsvetenskap
5	Lightweight Cyberattack Intrusion Detection System for Unmanned Aerial Vehicles using Recurrent Neural Networks Wei-Cheng Hsu (10929852) 30 July 2021 (has links) <div>Unmanned aerial vehicles (UAVs) have gained more attention in recent years because of their ability to execute various missions. However, recent works have identified vulnerabilities in UAV systems that make them more readily prone to cyberattacks. In this work, the vulnerabilities in the communication channel between the UAV and ground control station are exploited to implement cyberattacks, specifically, the denial of service and false data injection attacks. Unlike other related studies that implemented attacks in simulations, we demonstrate the actual implementation of these attacks on a Holybro S500 quadrotor with PX4 autopilot firmware and MAVLink communication protocol.</div><div><br></div><div>The goal was to create a lightweight intrusion detection system (IDS) that leverages recurrent neural networks (RNNs) to accurately detect cyberattacks, even when implemented on a resource-constrained platform. Different types of RNNs, including simple RNNs, long short-term memory, gated recurrent units, and simple recurrent units, were trained and tested on actual experimental data. A recursive feature elimination approach was carried out on selected features to remove redundant features and to create a lighter RNN IDS model. We also studied the resource consumption of these RNNs on an Arduino Uno board, the lowest-cost companion computer that can be implemented with PX4 autopilot firmware and Pixhawk autopilot boards. The results show that a simple RNN has the best accuracy while also satisfying the constraints of the selected computer.<br></div> Aerospace Engineering Autonomous Vehicles Autopilot Cyberattacks intrusion detection systems Recurrent Neural Networks unmanned aerial vehicles
6	Exploring the Implementation of Cloud Security to Minimize Electronic Health Records Cyberattacks Tyler, Lamonte Bryant 01 January 2018 (has links) Health care leaders lack the strategies to implement cloud security for electronic medical records to prevent a breach of patient data. The purpose of this qualitative case study was to explore strategies senior information technology leaders in the healthcare industry use to implement cloud security to minimize electronic health record cyberattacks. The theory supporting this study was routine activities theory. Routine activities theory is a theory of criminal events that can be applied to technology. The study's population consisted of senior information technology leaders from a medical facility in a large northeastern city. Data collection included semistructured interviews, phone interviews, and analysis of organizational documents. The use of member checking and methodological triangulation increased the validity of this study's findings among all participants. There were 5 major themes that emerged from the study (a) requirement of coordination with the electronic health record vendor and the private cloud vendor, (b) protection of the organization, (c) requirements based on government and organizational regulations, (d) access management, (e) a focus on continuous improvement. The results of this study may create awareness of the necessity to secure electronic health records in the cloud to minimize cyberattacks. Cloud security is essential because of its social impact on the ability to protect confidential data and information. The results of this study will further serve as a foundation for positive social change by increasing awareness in support of the implementation of electronic health record cloud security. Cyberattacks Electronic Health Records (EHR) Lifestyle Exposure Theory (LET) Private Cloud Routine Activies Theory Victimology Databases and Information Systems
7	Robustness, Resilience, and Scalability of State Estimation Algorithms Shiraz Khan (8782250) 30 November 2023 (has links) <p dir="ltr">State estimation is a type of an <i>inverse problem</i> in which some amount of observed data needs to be processed using computer algorithms (which are designed using analytical techniques) to infer or reconstruct the underlying model that produced the data. Due to the ubiquity of data and interconnected control systems in the present day, many engineering domains have become replete with inverse problems that can be formulated as state estimation problems. The interconnectedness of these control systems imparts the associated state estimation problems with distinctive structural properties that must be taken into consideration. For instance, the observed data could be high-dimensional and have a dependency structure that is best described by a graph. Furthermore, the control systems of today interface with each other and with the internet, bringing in new possibilities for large-scale collaborative sensor fusion, while also (potentially) introducing new sources of disturbances, faults, and cyberattacks. </p><p dir="ltr">The main thesis of this document is to investigate the unique challenges related to the issues of robustness, resilience (to faults and cyberattacks), and scalability of state estimation algorithms. These correspond to research questions such as, <i>"Does the state estimation algorithm retain its performance when the measurements are perturbed by unknown disturbances or adversarial inputs?"</i> and <i>"Does the algorithm have any bottlenecks that restrict the size/dimension of the problems that it could be applied to?".</i> Most of these research questions are motivated by a singular domain of application: autonomous navigation of unmanned aerial vehicles (UAVs). Nevertheless, the mathematical methods and research philosophy employed herein are quite general, making the results of this document applicable to a variety of engineering tasks, including anomaly detection in time-series data, autonomous remote sensing, traffic monitoring, coordinated motion of dynamical systems, and fault-diagnosis of wireless sensor networks (WSNs), among others.</p> Signal processing Autonomous vehicle systems sensor networks state estimation compressive sensing cyberattacks multi-agent systems consensus rigidity
8	Analysing Perceptions of Six Cyberattacks / Analys av uppfattningar om sex olika cyber attacker Lundén, Viktor January 2022 (has links) The main topic of this degree project is the analysis of the general public’s perceptions on six different types of cyberattacks and their security measures taken against these cyberattacks. One of the goals of this degree project was to investigate if the perceptions of the cyberattacks were accurate and if lower educated people have different perceptions from higher educated people. While there may be plenty of research about cybersecurity and cyberattacks in general, there is little research in regards to the general public’s perceptions on different types of cyberattacks, especially regarding an international demographic. This degree project can help strengthen cybersecurity on different computer systems by analysing how people from an international demographic perceive these six different cyberattacks and how they counteract these cyberattacks. In order to collect data from international respondents, online surveys were used. Multiple websites were used to send the survey, with the main website being SurveySwap. The analysis contains comparisons between facts found in literature and perceptions of respondents and more. Two-sample t-tests and chi-squared tests were used to compare perceptions between lower educated people and higher educated people. According to the results, respondents in general seemed to have good understanding of some cyberattacks. However there were also some cyberattacks that the respondents in general did not have good understanding of. The results also indicated that there was probably no difference between perceptions from the lower educated respondents and higher educated respondents. The results of this degree project can be used in similar research to further investigate the perceptions among the general public of different cyberattacks. / Ämnet för denna examensarbete är analysen av allmänhetens uppfattningar omsex olika typer av cyberattacker och allmänhetens säkerhetsåtgärder vidtagnamot dessa cyberattacker. Ett av målen med denna examensarbete var attundersöka om uppfattningarna om cyberattackerna var korrekta och om lågutbildademänniskor har andra uppfattningar om cyberattackerna än högutbildade människor.Även om det kan finnas mycket forskning om cybersäkerhet och cyberattackeri allmänhet, finns det liten forskning om allmänhetens uppfattningar om olikatyper av cyberattacker, särskilt när det gäller en internationell demografi.Denna examensarbete kan hjälpa till att förstärka cybersäkerheten genom attanalysera hur demografisk internationella människor uppfattar dessa sex olikacyberattacker och hur de motverkar dessa cyberattacker.För att samla in data från internationella respondenter användes enkäter iInternet. Flera webbplatser användes för att skicka enkäten, huvudwebbplatsenvar SurveySwap. Analysen innehåller jämförelser mellan fakta som finns ilitteratur och uppfattningar från respondenter med mera. T-tester och chitvå-tester användes för att jämföra uppfattningar mellan lågutbildade ochhögutbildade människor.Enligt resultaten verkade respondenterna i allmänhet ha god förståelse förvissa typer av cyberattacker. Däremot hade respondenterna i allmänhet svagareförståelse för vissa andra typer av cyberattacker. Resultaten tydde också på attdet sannolikt inte fanns någon skillnad mellan uppfattningar om cyberattackermellan lågutbildade respondenter och högutbildade respondenter. Resultatenav denna examensarbete kan användas i liknande forskning för att ytterligareundersöka hur allmänheten uppfattar olika cyberattacker Cybersecurity Cyberattacks General perception Surveys Target groups Subgroups Cybersäkerhet Cyberattacker Allmänuppfattning Enkäter Målgrupper Undergrupper Computer and Information Sciences Data- och informationsvetenskap
9	Cyberattacks in international relations Edelman, Ross David January 2013 (has links) New methods of conflict and coercion can prompt tectonic shifts in the international system, reconfiguring power, institutions, and norms of state behavior. Cyberattacks, coercive acts that disrupt or destroy the digital infrastructure on which states increasingly rely, have the potential to be such a tool — but only if put into practice. This study examines which forces in the international system might restrain state use of cyberattacks, even when they are militarily advantageous. To do so I place this novel technology in the context of existing international regimes, employing an analogical approach that identifies the salient aspects of cyberattacks, and compares them to prior weapons and tactics that share those attributes. Specifically, this study considers three possible restraints on state behavior: rationalist deterrence, the jus ad bellum regime governing the resort to force, and incompatibility with the jus in bello canon of law defining just conduct in war. First, I demonstrate that cyberattacks frustrate conventional deterrence models, and invite, instead, a novel form of proto-competition I call ‘structural deterrence.’ Recognizing that states have not yet grounded their sweeping claims about the acceptability of cyberattacks in any formal analysis, I consider evidence from other prohibited uses of force or types of weaponry to defining whether cyberattacks are ‘legal’ in peacetime or ‘usable’ in wartime. Whereas previous studies of cyberattacks have focused primarily on policy guidance for a single state or limited analysis of the letter of international law, this study explicitly relates international law to state decision-making and precedent. It draws together previously disparate literature across strategic studies, international law, and diplomatic history to offer conclusions applicable beyond any single technology, and of increasing importance as states’ dependence on technology grows. 363.325
10	Managerial Strategies Small Businesses Use to Prevent Cybercrime Maahs, Doreen Lynn 01 January 2018 (has links) Estimated worldwide losses due to cybercrime are approximately $375-575 billion annually, affecting governments, business organizations, economies, and society. With globalization on the rise, even small businesses conduct transactions worldwide through the use of information technology (IT), leaving these small businesses vulnerable to the intrusion of their networks. The purpose of this multiple case study was to explore the managerial strategies of small manufacturing business owners to protect their financial assets, data, and intellectual property from cybercrime. The conceptual framework was systems thinking and action theory. Participants included 4 small manufacturing business owners in the midwestern region of the United States. Data were collected via face-to-face interviews with owners, company documentation, and observations. Member checking was used to help ensure data reliability and validity. Four themes emerged from the data analysis: organizational policies, IT structure, managerial strategies, and assessment and action. Through effective IT security and protocols, proactive managerial strategies, and continuous evaluation of the organization's system, the small business owner can sustain the business and protect it against potential cyberattacks on the organization's network. The findings of the study have implications for positive social change by informing managers regarding (a) the elimination or reduction of cybercrimes, (b) the protection of customers' information, and (c) the prevention of future breaches by implementing effective managerial strategies to protect individuals in society. Assessment and Action Cyberattacks Cybercrime IT Structure Managerial Stategies Organizational Policies Business Other Communication

Search results