• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 252
  • 34
  • 11
  • 10
  • 8
  • 6
  • 4
  • 2
  • 2
  • 1
  • Tagged with
  • 450
  • 167
  • 151
  • 149
  • 126
  • 89
  • 73
  • 67
  • 65
  • 59
  • 57
  • 56
  • 52
  • 51
  • 51
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
101

Säker digitalisering inom medicinteknik

Bergman, Angus January 2023 (has links)
Medicinteknik är ett fält med en hög grad av digitalisering som erbjuder många viktiga tjänster inom sjukvården. Sjukvården har på senare år visat sig sårbar för intrång och cyberattacker med goda incitament för fientliga aktörer. Mer uppkopplade system förenklar användningen och integreringen av olika medicinska apparater och system men medför även risker som en följd av att mer av systemet blir tillgängligt för externa aktörer. Nya innovationer och en mer digitaliserad bransch kan alltså medföra problem om nödvändiga säkerhetsåtgärder inte vidtas. Branschen undersöks utifrån följande frågeställning: Hur arbetar medicintekniska företag för att motverka risker och hot inom cybersäkerhet? För att belysa nutidsläget inom branschen gjordes med en kvalitativ utgångspunkt en kartläggning av de risker och hot som branschen upplever med avgränsning på små och medelstora företag inom Sverige. Data samlades in genom ett antal semistrukturerade intervjuer med viss anpassning utifrån organisationens verksamhetsbeskrivning.Totalt utfördes 15 intervjuer, 13 med företag verksamma inom medicinteknik eller medicinframställning. En intervju utfördes med en kontakt på Läkemedelsverket och en intervju utfördes med två kontakter som arbetar med informationssäkerhetsfrågor inom en svensk region. Intervjuerna analyserades sedan med hjälp av tematisk analys. Den tematiska analysen resulterade i sju teman. Bland de intervjuade verksamheterna bedömdes generellt risken för intrång i verksamheten som låg, tjänster eller anslutna produkter som brukas av slutanvändare uppfattades dock som mer utsatta. Intervjuerna utfördes under en övergångsperiod till nya förordningar som ställer strängare krav på patientsäkerhet samt cybersäkerhet för medicintekniska produkter. Kraven som dessa förordningar ställer samt eventuella krav från vården identifierades som den primära motivationen att investera i informationssäkerhet bland de intervjuade företagen. Ett flertal respondenter framförde kritik mot de nya regelverken och hävdade att arbetet som krävs för att uppnå kraven är alltför omfattande för mindre verksamheter och risken att företag eller produkter skulle lämna marknaden som en följd framhävs. Synpunkten från Läkemedelsverket och regionen skiljde sig och de betraktade kraven som ställdes som rimliga samt nödvändiga.Resultaten från intervjuerna visar ett behov av ökat stöd för små och medelstora verksamheter för att kunna uppnå de krav som ställs samt vägleda mindre verksamheter. / MedTech is a sector with a high degree of digitization and responsible for providing many of the innovations and services the health care sector makes use of. In recent years the healthcare sector has shown itself to be vulnerable to intrusions and cyberattacks. Increasingly connected devices confer benefits through increased interoperability of devices and systems, easier access and handling of medical records along with general ease of use. Connecting these devices also puts them at risk of being remotely accessed however, meaning many recent innovations may be problematic if these risks are not properly mitigated. Given how interwoven the sectors mentioned above are there is a high likelihood that insufficient security measures in Medtech will impact healthcare adversely. In hopes of illuminating some of the threats and risks the MedTech sector is currently facing, the following question is asked: How do companies within MedTech work to mitigate cybersecurity risks and threats? To answer these questions a survey was done with focus on small and medium sized entities within MedTech based in Sweden. Data was collected through interviews. A total of 15 interviews were conducted, 13 of which were interviews with companies active within the field of MedTech or medicine.One interview was performed with Läkemedelsverket, a supervisory authority within MedTech and one interview was performed with two contacts within a Swedish county council who hold advisory roles regarding information security. The transcribed interviews were analysed thematically to discern common patterns and findings throughout the interviews. The thematic analysis resulted in 7 themes. Among the interviewed companies the majority perceived the likelihood of an intrusion within their company as low and security efforts were primarily directed towards the service or product on offer where the risk and eventual consequences of an intrusion was deemed to be higher. The interviews took place during a transitional period between old directives and new regulations with more stringent requirements regarding security and cybersecurity for medical devices. Complying with the new regulations and eventual requirements from caregivers were the primary motivators behind investment in cybersecurity among the interviewed companies. A number of respondents critiqued the new regulations on the grounds that the workload complying with the regulation brings is excessive for small enterprises and might cause an exodus of products and companies from the sector. This view was not shared by the respondent from Läkemedelsverket nor the respondents from the Swedish county council who considered the new requirements reasonable and necessary. The results show a need for further support among small and medium sized enterprises in order to handle regulatory demands.
102

Context-Aware Malware Detection Using Topic Modeling

Stegner, Wayne 28 September 2021 (has links)
No description available.
103

Analyzing Global Cyber Attack Correlates Through an Open Database

Aiello, Brady Benjamin 01 June 2018 (has links) (PDF)
As humanity becomes more reliant on digital storage and communication for every aspect of life, cyber attacks pose a growing threat. However, cyber attacks are generally understood as individual incidents reported in technological circles, sometimes tied to a particular vulnerability. They are not generally understood through the macroscopic lens of statistical analysis spanning years over several countries and sectors, leaving researchers largely ignorant of the larger trends and correlates between attacks. This is large part due to the lack of a coherent and open database of prominent attacks. Most data about cyber attacks has been captured using a repository of common vulnerabilities and exposures (CVE’s), and \honey pots", unsecured internet-connected devices which record attacks as they occur against them. These approaches help in the process of identifying vulnerabilities, but they do not capture the real world impact these attacks achieve. Therefore, in this thesis I create a database of 4,000 cyber attacks using a semi-open data source, and perform analytical queries on it to gather insights into how cyber attack volume varies among countries and sectors, and the correlates of cyber attack victims. From here, it is also possible to relate socio-economic data such as GDP and World Happiness Index to cyber attack volume. The end result is an open database of cyber attacks that allows researchers to understand the larger underlying forces which propel cyber attacks.
104

A Methodology to Measure the Impact of Diversity on Cybersecurity Team Effectiveness

Cornel, Caralea May 01 August 2019 (has links)
In recent years, the definition of cybersecurity professional has been diluted to include more individuals, particularly women, to be included. Depending on the definition used, women currently comprise between 11% and 25% of the cybersecurity workforce. While multiple studies have indicated the benefits to diverse teams, research in the cybersecurity area is lacking.This research proposes a framework that uses a modified escape-the-room gamified scenario to measure the effectiveness of cybersecurity teams in technical problem-solving. The framework presents two routes, incident response and penetration testing, the participants can choose. In a preliminary study, this framework is used to show the combination of gender diversity and prior cybersecurity experience and/or cybersecurity knowledge, particularly in women, are found to be significant in reducing the time taken to solve cybersecurity tasks in the incident response, and penetration testing domains.In conclusion, opportunities for extending this research into a large-scale study are discussed, along with other applications of cybersecurity escape-rooms.
105

Building Android Malware Detection Architectures using Machine Learning

Mathur, Akshay January 2022 (has links)
No description available.
106

Guardians at the Gate: The Influence of Senior Management on Cybersecurity Culture and Awareness Training : A Qualitative Multiple Case Study

Karim, Adam, Törnqvist, Alexandra January 2023 (has links)
Background: Organisations are left vulnerable and susceptible to cyber-attacks due to the digitisation of information and dependency on information and communication technologies. As a result, the critical need for organisations to hinder, protect and preserve their cyberspace from multiple threats is emphasised. Due to human error being accountable for most electronic data breaches, a resilient cybersecurity culture is desired.  To minimise cybersecurity threats, a human-inclusive strategy must be implemented in the culture and the inclusion and engagement of strong leadership within senior management.   Purpose: The purpose of this study is to explore senior management’s role in cybersecurity culture and particularly, its influence on awareness training.   Method: The research is based on an interpretivist paradigm and adheres to abductive reasoning. Through the usage of semi-structured interviews and the utilisation of non-probability sampling, qualitative data was produced, and a multiple case study was conducted.   Conclusion: Senior management influences the practical implications in the organisation, such as training, as well as the assumptions and beliefs of its employees. Senior management influences the engagement, involvement, and responsibility of protecting and safeguarding the organisation's assets, and how this is reciprocated to the whole organisation. Furthermore, senior management addresses and manages the priority of cybersecurity in the organisation. Thus, employee behaviour and attitude are greatly impacted by senior management engagement and presence, showcasing a positive correlation between senior management influence and employee behaviour and beliefs.
107

A cybersecurity application framework for consumer IoT devices

Spaho, Jonilda January 2023 (has links)
In recent years, there is an increasing use of smart Internet of Things (IoT) devices in our everyday lives. Cyberattacks on consumer IoT devices are also increasing. IoT certification is an active topic of research with many proposed frameworks for IoT cybersecurity certification and also proposing labels that can be used to represent the security and privacy levels of consumer IoT devices. The research problem that this thesis tried to solve was first, to understand why certification for consumer IoT devices was less used than expected, and second, define robust and complete processes for security and certification on consumer IoT devices, that will be used to broadly raise their security level. From a literature review performed, we became aware that the reason why little progress towards consumer IoT cybersecurity certification is not that research and frameworks do not exist, but there are multiple other responsible factors. Such factors are the lack of a universal cybersecurity framework and the fact that the consumers are not involved in the certification process of the frameworks. The framework that was designed in this thesis project tries to address all of the above factors. Design Science Research (DSR) was used as the methodology for developing and evaluating the artifact of this work, which is a framework that describes how to properly apply and certify cybersecurity on consumer IoT devices, building on top of existing cybersecurity procedures, frameworks and tools. During the design of the framework, further literature searches were performed for identifying important steps that need to be carried out. The framework proposed in this project, does not limit itself to the vendor of such devices as the only involved actor, but consumers and cybersecurity regulating authorities are also involved in the process. The evaluation of the framework showed that, if applied, it could adequately improve the cybersecurity of existing consumer IoT products by detecting and solving all of the common vulnerabilities and security weaknesses, as it was demonstrated on one use case selected. The significance of this work is that it is the first step towards a universal cybersecurity certification for consumer IoT devices.
108

Malicious Game Client Detection Using Feature Extraction and Machine Learning

Austad, Spencer J. 20 November 2023 (has links) (PDF)
Minecraft, the world's best-selling video game, boasts a vast and vibrant community of users who actively develop third-party software for the game. However, it has also garnered notoriety as one of the most malware-infested gaming environments. This poses a unique challenge because Minecraft software has many community-specific nuances that make traditional malware analysis less effective. These differences include unique file types, differing code formats, and lack of standardization in user-generated content analysis. This research looks at Minecraft clients in the two most common formats: Portable Executable and Java Archive file formats. Feature correlation matrices showed that malware features are too complicated to analyze without advanced algorithms. The latest machine learning methods for malware analysis were employed to classify samples based on both behavioral features generated from running samples in a sandbox environment and static features through file-based analysis. A total sample set of 92 files was used and found that Portable Executable and Java Archive files have significantly different feature sets that are important for malware identification. This study was able to successfully classify 77.8% of all Portable Executable samples 84.2% of all Java Archive samples while maintaining high recall scores. This research, by shedding light on the intricacies of malware detection in Minecraft clients, provides a framework for a more nuanced and adaptable approach to game-related malware research.
109

Maritim cybersäkerhet och positionssystem : Utvärdering av rekommendationer till maritima industrin utifrån nuvarande forskning / Maritime Cybersecurity and Positioning Systems : Evaluation of Recommendations for the Maritime Industry Based on Current Research

Petersson, Wilhelm, Nilsson, Arwid January 2024 (has links)
I detta arbete utforskas cybersäkerhetsaspekter av positionssystem inom sjöfartssektorn. Syftet är att identifiera åtgärder för att hantera och förebygga säkerhetshot samt utforska implementering av övningar för att bygga kompetens i detektering och hantering av dessa hot. Genom en systematisk litteraturstudie granskades befintlig forskning. Resultaten visar på vikten av anpassade utbildningsprogram, en förändrad inställning till cybersäkerhet, behovet av starka säkerhetskulturer samt effektiva förebyggande strategier och beredskapsplaner. Studien utreder även den kollektiva ansträngningen mellan rederier, tillverkare och andra maritima aktörer för att förbättra systemens motståndskraft mot cyberhot.  Slutligen uppmanar avhandlingen till vidare forskning för att utveckla mer detaljerade implementeringsstrategier. / In this work, cybersecurity aspects are explored within positioning systems in the maritime sector. The purpose is to identify means for handling and preventing security threats and explore the implementations of drills to build competency in detecting and handling these threats through a systematic literature review that looks at existing research. The results show the need for education courses, a changed outlook on cybersecurity, a strong security culture, effective prevention strategies, and contingencies. The study also investigates the collective effort between shipping companies, manufacturers, and maritime actors to improve the systems' resilience to cyber threats. Finally, the work encourages further research to develop more detailed implementation strategies.
110

Developing a SQL Injection Exploitation Tool with Natural Language Generation

Boekweg, Kate Isabelle 22 April 2024 (has links) (PDF)
Websites are a popular tool in our modern world, used daily by many companies and individuals. However, they are also rife with vulnerabilities, including SQL injection (SQLI) vulnerabilities. SQLI attacks can lead to significant damage to the data stored within web applications and their databases. Due to the dangers posed by these attacks, many countermeasures have been researched and implemented to protect websites against this threat. Various tools have been developed to enhance the process of detecting SQLI vulnerabilities and active SQLI attacks. Many of these tools have integrated machine learning technologies, aiming to improve their efficiency and effectiveness. Penetration testing is another valid method of detecting and fixing SQLI vulnerabilities, and there are tools designed to automate this process. Some of these automated exploitation tools have also incorporated machine learning techniques. This research aims to identify design requirements of a SQLI exploitation tool that utilizes Natural Language Generation for attack data. This research also aims to compare this new SQLI exploitation to existing tools. This research integrates various components from existing research projects to develop and evaluate the effectiveness of the proposed SQLI exploitation tool. This research establishes a framework for a SQL injection exploitation tool. Additionally, the study successfully tests multiple components of this new tool and compares the accuracy and speed of the new tool to already existing tools.

Page generated in 0.0714 seconds