• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 252
  • 34
  • 11
  • 10
  • 8
  • 6
  • 4
  • 2
  • 2
  • 1
  • Tagged with
  • 450
  • 167
  • 151
  • 149
  • 126
  • 89
  • 73
  • 67
  • 65
  • 59
  • 57
  • 56
  • 52
  • 51
  • 51
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
121

AUTOSARLang: Threat Modeling and Attack Simulation for Vehicle Cybersecurity

Girmay Mesele, Asmelash January 2018 (has links)
The rapid growth and development of the Information and Communications Technology attract many industries including the automotive industry. Since the last four decades, the automotive engineering has been impacted by the Information Technology. Nowadays, modern vehicles are being designed with up to hundreds of electronic control units (ECUs) and be able to communicate with other vehicles, infrastructure, and other things via wireless networks and sensors. For such in-vehicle networks, serial bus systems like CAN bus, LIN bus, FlexRay, and MOST are standardized. Parallel to this, the automotive industry vendors designed and standardized automotive open systems architecture (AUTOSAR) software platform. AUTOSAR has two main standards - the classical platform and adaptive platform. The classical platform (CP) is designed for the current embedded ECUs, whereas the adaptive platform (AP) is being designed for the future intelligent ECUs. The intelligent AP ECU constitute many multi-processing processors and Ethernet to realize the future autonomous vehicles.On the other hand, automotive industries shall ensure “safety first” in their design and regard it as part of their market feature. Directly or indirectly, the safety of the modern connected vehicles is related to their cybersecurity. Today, cybersecurity professionals are conducting researches to bring remarkable solutions to the sophisticated cyberattacks. One approach of cybersecurity solution is to make a cyber threat modeling and attack simulations. Example, meta-attack-language (MAL) is a threat modeling and attack simulation language, which is designed to make domain-specific threat analysis.In this study, potential assets of an automotive vehicle with AP ECUs are identified. Then, threats of each identified asset are collected from different literature. With both inputs, a cyber threat model is written using MAL. Finally, validation of the model is made with a simulation language. Consequently, modern vehicle with AP ECUs is modeled and simulated.This study contributes four important things - list of potential assets that AP running vehicle constitutes, collected list of threats of the identified assets, validated cyber threat model, and simulation test cases for each potential attack paths in the model. / Den snabba tillväxten och utvecklingen av informations- och kommunikationstekniken lockar många‌ branscher, däribland bilindustrin. Sedan de senaste fyra decennierna har automotive engineering påverkats av informationstekniken. Numera är moderna fordon utformade med upp till hundratals elektroniska styrenheter (ECU) och kan kommunicera med andra fordon, infrastruktur och andra saker via trådlösa nätverk och sensorer. För sådana inbyggda nätverk är seriella bussystem som CAN-buss, LIN-buss, FlexRay och MOST standardiserade. Parallellt med detta har automotive-leverantörerna utformat och standardiserat automatsystem för öppna systemarkitekturer (AUTOSAR). AUTOSAR har två huvudstandarder - den klassiska plattformen och den adaptiva plattformen. Den klassiska plattformen (CP) är utformad för nuvarande inbyggda ECU, medan den adaptiva plattformen (AP) är utformad för framtida intelligenta ECU. Den intelligenta AP-enheten utgör många processorer och Ethernet för att förverkliga de framtida autonoma fordonen. Bilindustrin ska å andra sidan säkerställa "säkerhet först" i sin design och betrakta den som en del av deras marknadsfunktion. Direkt eller indirekt är säkerheten hos moderna anslutna fordon relaterad till sin cybersäkerhet. Idag genomför cybersecurity-proffs för att få anmärkningsvärda lösningar på de sofistikerade cyberattackarna. Ett tillvägagångssätt för cybersecurity-lösningen är att göra en modellering av cyberhot och attack simuleringar. Exempel, meta-attack-language (MAL) är ett hot modellerings-och attack simuleringsspråk, som är utformat för att göra domänspecifik hotanalys. I denna studie identifieras potentiella tillgångar i ett fordonsbil med AP-ECU. Därefter samlas hot av varje identifierad tillgång från olika litteratur. Med båda ingångarna skrivs en cyber-hotmodell med MAL. Slutligen görs validering av modellen med ett simuleringsspråk. Följaktligen modelleras och simuleras moderna fordon med AP-ECU. Denna studie bidrar till fyra viktiga saker - en lista över potentiella tillgångar som AP-körfordon utgör, samlad lista över hot av identifierade tillgångar, validerad cyberhot-modell och simuleringsprovfall för varje potentiell attackvägar i modellen.
122

Cybersecurity Education in Utah High Schools: An Analysis and Strategy for Teacher Adoption

Cornel, Cariana June 01 August 2019 (has links)
The IT Education Specialist for the USBE, Brandon Jacobson, stated:I feel there is a deficiency of and therefore a need to teach Cybersecurity.Cybersecurity is the “activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and/or defended against damage, unauthorized use or modification, or exploitation” (NICE, 2018). Practicing cybersecurity can increase awareness of cybersecurity issues, such as theft of sensitive information. Current efforts, including but not limited to, cybersecurity camps, competitions, college courses, and conferences, have been created to better prepare cyber citizens nationwide for such cybersecurity occurrences. In 2017, a meeting was proposed to discuss cybersecurity training methods for Utah high school teachers. Meeting attendees included the researcher, Brigham Young University Cybersecurity Professor, Dale Rowe, the Alpine IT Career and Technology Engineering (CTE) Program Area Specialist, Karsten Walker, and the IT Education specialist for the Utah State Board of Education (USBE), Brandon Jacobson. However, due to limited budget, resources, and time, few results were achieved since the meeting, including a cybersecurity class certification and offering of advanced cybersecurity related courses on UEN’s WebEx Platform (Alpine District only).However, due to limited budget, resources, and time, few results were achieved since the meeting, including a cybersecurity class certification and offering of advanced cybersecurity related courses on UEN’s WebEx Platform (Alpine District only).The research shows that of the 9 school districts reviewed, only 2 of the public high schools taught cybersecurity-focused courses as outlined by the Utah State Board of Education. This is a scarcity that cannot be ignored. There are insufficient offerings of cybersecurity courses in Utah high schools. As a result, Utah is one of the many states unable to fill the shortage of cybersecurity professionals. Thus, this research was conducted to better understand what is inhibiting potential teachers from offering a cybersecurity-focused course. In the hopes of answering the mentioned query, the research involved surveying high school computer teachers about their experience, as well as their perspective on teaching cybersecurity.
123

Human Factors in Cybersecurity: A Cross-Cultural Study on Trust

Isslam Yousef Alhasan (15999524) 01 June 2023 (has links)
<p>  </p> <p>Human error is one of the most prominent challenges facing cybersecurity today. Attackers manipulate people's natural inclination to make mistakes using social engineering tactics to exploit psychological vulnerabilities, gain trust, and access sensitive information. Trust plays a critical role in human interaction, both in the physical and digital realms, making it an attractive target for attackers. However, cultural backgrounds, which reflect individual and societal beliefs and values, are often overlooked in cybersecurity risk assessments, despite significantly influencing human behavior. This study was conducted to investigate the relationship between trust and cybersecurity risks across diverse cultural groups. The study's findings could provide valuable insights into addressing and preventing human-related vulnerabilities by enhancing overall cybersecurity measures and examining cross-cultural differences in human behavior and their impact on cybersecurity risks. As human factors in cybersecurity become increasingly crucial, this study was performed to understand the differences in risky cybersecurity behaviors among various cultural groups and investigate the impact of different perceptions of trust on engaging in risky behaviors. The outcome of this research provides insights into the critical role cultural backgrounds play in shaping human behavior in the context of cybersecurity. The results of this study may have significant implications for enhancing overall cybersecurity measures by identifying and addressing human-related vulnerabilities that may be unique to specific cultural groups.</p>
124

<strong>Investigating Factors that Increase Vulnerability to Cyber-Attacks During the First Year College Transition</strong>

Stacia Rae Smith (15992141) 31 May 2023 (has links)
<p>  </p> <p>Moving from high school to college is a major life transition leading to significant changes across many aspects of daily life. This time frame is often seen as the transition from a youth to a young adult, yet its impact on technology use and cybersecurity vulnerabilities remains relatively unstudied. This study investigated which factors associated with the first-year college transition are likely to increase vulnerability to cyberattacks in a sample of first-year college students attending a public university in the northeast United States, all of whom graduated from high school within the last 12 months. This study used a concurrent triangulation mixed methods design. A quantitative survey and qualitative semi-structured interviews were conducted concurrently, the methods were prioritized equally, and the results were interpreted together. Thematic analysis was used to analyze survey short answer responses and semi-structured interviews. A more descriptive analysis was completed to analyze survey responses from 38 respondents. The research found that an increase in the amount of time spent online, changing main internet activities, and lack of cybersecurity awareness training are factors which are likely to increase vulnerability to cyber threats during the transition from high school to college. </p>
125

<strong>Deep Learning-Based Anomaly  Detection in TLS Encrypted Traffic</strong>

Kehinde Ayano (16650471) 03 August 2023 (has links)
<p> The growing trend of encrypted network traffic is changing the cybersecurity threat scene. Most critical infrastructures and organizations enhance service delivery by embracing digital platforms and applications that use encryption to ensure that data and Information are moved across networks in an encrypted form to improve security. While this protects data confidentiality, hackers are also taking advantage of encrypted network traffic to hide malicious software known as malware that will easily bypass the conventional detection mechanisms on the system because the traffic is not transparent for the monitoring mechanism on the system to analyze. Cybercriminals leverage encryption using cryptographic protocols such as SSL/TLS to launch malicious attacks. This hidden threat exists because of the SSL encryption of benign traffic. Hence, there is a need for visibility in encrypted traffic. This research was conducted to detect malware in encrypted network traffic without decryption. The existing solution involves bulk decryption, analysis, and re-encryption. However, this method is prone to privacy issues, is not cost-efficient, and is time-consuming, creating huge overhead on the network. In addition, limited research exists on detecting malware in encrypted traffic without decryption. There is a need to strike a balance between security and privacy by building an intelligent framework that can detect malicious activity in encrypted network traffic without decrypting the traffic prior to inspection. With the payload still encrypted, the study focuses on extracting metadata from flow features to train the machine-learning model. It further deployed this set of features as input to an autoencoder, leveraging the construction error of the autoencoder for anomaly detection. </p>
126

Val av hårdvara för cybersäker kommunikation på järnvägen / Hardware Selection for Cybersecure Communication on Railways

Hakkarainen, Mikko, Holmström, Linus January 2024 (has links)
På grund av den ökande digitaliseringen inom järnvägen ökar även antalet digitala anslutningar. Detta gör att fientliga aktörer kan påverka den operativa driften och personsäkerheten på distans av järnvägen via oskyddade anslutningar. Syftet med arbetet är därför att identifiera hårdvarulösningar för att öka cybersäkerheten av kommunikation mellan datorställverk och banobjekt via utdelar i datorställverken. Undersökningen fokuserar på att hitta den mest lämpliga processorenheten (CPU) eller Trusted Platform Module (TPM) för Alstoms utdel (OC950), med hänsyn till specifika cybersäkerhetskriterier enligt standarden IEC—63442. Genom att använda en Pugh-matris jämfördes fem CPU-lösningar och fyra TPM-lösningar. Resultatet visade att de två bästa alternativen var CPU-lösningar, där ”AM64x” från Texas Instruments utmärkte sig som det bästa valet tack vare dess goda cybersäkerhetsfunktioner, processorkapacitet och energieffektivitet. Denna funktionalitet tillät lösningen att ge ett tillfredställande cyberskydd samt gav driftfördelar och framtidsäkran. Sammanfattningsvis konstateras att processorenheter är att föredra för att förbättra prestanda och framtidssäkra hårdvaran på OCS950. TPM-lösningar kan vara ett lämpligt alternativ för att hantera cybersäkerhetsfunktioner men riskerar att bli en flaskhals för kommunikation. Därför är CPU-lösning att föredra, då det kan öka prestandan på utdelen samtidigt som det tillåter implantering av ett tillfredställande cyberskydd. Arbetet bidrar till att förbättra cybersäkerheten mellan utdel och en central ställverksdator och föreslår samtidigt en metod för att jämföra olika hårdvarulösningar genom Pugh-matriser. / Due to the increasing digitalization within the railway sector, the number of digital connections is also rising. This allows hostile actors to remotely impact the operational functioning and personal safety of the railway through unprotected connections. Therefore, the purpose of this work is to identify hardware solutions to enhance the cybersecurity of communication between interlocking computers and trackside objects via object controllers in the interlocking systems. The study focuses on finding the most suitable processor unit (CPU) or Trusted Platform Module (TPM) for Alstom's object controller (OC950), with considering for specific cybersecurity criteria according to the IEC-63442 standard. Using a Pugh matrix, five CPU solutions and four TPM solutions were considered. The results showed that the two best options were CPU solutions, with the "AM64x" from Texas Instruments standing out as the best choice due to its strong cybersecurity features, processing capacity, and energy efficiency. This functionality allowed the solution to provide satisfactory cyber protection as well as operational advantages and futureproofing. In summary, it is noted that processor units are preferred to improve performance and future-proof the hardware on OCS950. TPM solutions may be a suitable alternative for managing cybersecurity functions but risk becoming a communication bottleneck. Therefore, a CPU solution is preferred, as it can enhance the performance of the object controller while allowing the implementation of satisfactory cyber protection. The work contributes to improving cybersecurity between object controllers and central interlocking computers and simultaneously proposes a method for comparing different hardware solutions using Pugh matrices. / Digitalisaation lisääntyessä rautateillä myös digitaalisten yhteyksien määrä kasvaa. Tämä mahdollistaa vihamielisten toimijoiden vaikuttamisen rautateiden operatiiviseen toimintaan ja henkilöturvallisuuteen etäyhteyksien kautta suojaamattomien yhteyksien avulla. Työn tarkoituksena on siksi tunnistaa laitteistoratkaisuja kyberturvallisuuden parantamiseksi viestinnässä tietokonekeskusten ja ratakohteiden välillä jakelijoiden kautta tietokonekeskuksissa.  Tutkimus keskittyy sopivimman prosessoriyksikön (CPU) tai Trusted Platform Module (TPM) löytämiseen Alstomin jakelijalle (OC950), ottaen huomioon tietyt kyberturvallisuuskriteerit standardin IEC—63442 mukaisesti. Pugh-matriisin avulla verrattiin viittä CPU-ratkaisua ja neljää TPM-ratkaisua. Tulokset osoittivat, että kaksi parasta vaihtoehtoa olivat CPU-ratkaisuja, joista Texas Instrumentsin “AM64x” erottui parhaana vaihtoehtona sen hyvien kyberturvallisuusominaisuuksien, prosessorikapasiteetin ja energiatehokkuuden ansiosta. Tämä toiminnallisuus mahdollisti ratkaisun tarjoavan tyydyttävän kybersuojan sekä toi operatiivisia etuja ja tulevaisuuden varmuutta.  Yhteenvetona todetaan, että prosessoriyksiköt ovat suositeltavia suorituskyvyn parantamiseksi ja laitteiston tulevaisuuden varmistamiseksi OCS950:ssa. TPM-ratkaisut voivat olla sopiva vaihtoehto kyberturvallisuustoimintojen hallintaan, mutta ne voivat muodostaa pullonkaulan viestinnässä. Siksi CPU-ratkaisu on suositeltava, koska se voi parantaa suorituskykyä jakelussa samalla kun se mahdollistaa tyydyttävän kybersuojan toteuttamisen. Työ edistää kyberturvallisuuden parantamista jakelun ja keskus tietokonekeskuksen välillä ja ehdottaa samalla menetelmää eri laitteistoratkaisujen vertailemiseen Pugh-matriisien avulla.
127

Examining the efficacy of cybersecurity education at Swedish universities : A qualitative inquiry through interviews

Behzadi, Bahareh January 2024 (has links)
In today's digital landscape, information technologies (IT) serve as strategic assets for organizations, underscoring the critical role of cybersecurity in safeguarding valuable assets and preserving organizational competitiveness. Cybersecurity practices aim to protect information systems from unauthorized access, data breaches, and cyber threats. Yet, cybersecurity experts face significant challenges in addressing evolving threats, necessitating continuous investment in IT systems and software. Moreover, the complexity of technology ecosystems exacerbates cybersecurity risks. To address these challenges, organizations hire individuals for specific cybersecurity roles, emphasizing the importance of cybersecurity education and training. By aligning with established frameworks like the European Cybersecurity Skills Framework (ECSF), educational programs can prepare students for diverse cybersecurity roles. This research investigates how Swedish universities align their cybersecurity program content with ECSF roles, aiming to enhance cybersecurity education and workforce development. The study utilized two data collection methods to address the research question. Firstly, information on course content was gathered from the websites of universities offering cybersecurity programs. A qualitative framework-based analysis was then conducted to map each course to the defined roles in the ECSF framework. A total of 91 compulsory course contents from 11 cybersecurity programs across various uni-versities were analyzed, excluding optional courses due to student choice variability. Additionally, seven semi-structured interviews were conducted with course coordinators from these programs. These interviews aimed to gather insights from individuals who play a significant role in shaping the educational curriculum at universities. The examination of cybersecurity courses in Swedish universities, aligned with the European Cybersecurity Education and Professional Training Minimum Reference Curriculum framework, provides insights into the educational environment. Despite variations, every role specified in the ECSF framework is addressed by at least one course in Swedish universities, ensuring students receive education. However, specialized courses such as 'Cybersecurity for Artificial Intelligence (AI)' and 'Machine Learning Security' are limited to only one university, indicating the necessity for wider implementation across institutions. Results of interviews revealed the lack of standardized frameworks guiding the design and evaluation of cybersecurity programs at Swedish universities, alongside limited awareness among stakeholders. This highlights the challenges hindering program adaptability in today’s evolving landscape, including faculty recruitment issues and a lack of industry collaboration. Moreover, the absence of systematic assessment methods for program effectiveness underscores a critical area for future exploration.
128

Critical competencies required by cybersecurity leaders in small fintech companies

Hassan, Syed Muhammad Waqar Ul January 2024 (has links)
Small fintech companies face significant cybersecurity challenges that require specialized leadership competencies. This study identifies the critical competencies needed by cybersecurity leaders in small Fintech companies, guided by the ISO 27021:2017 standard. Utilizing a mixed-methods approach, the research includes semi-structured interviews and surveys with participants from eleven Fintech companies in Pakistan. Key findings highlight the importance of strategic leadership, particularly in aligning cybersecurity strategies with business objectives, ensuring regulatory compliance, and managing resources effectively. Incident response management is also crucial, emphasizing the need for developing and implementing response playbooks, leading teams effectively, and conducting thorough root cause analyses. Technological proficiency, including familiarity with emerging cybersecurity technologies and strong encryption standards, is essential for maintaining robust defenses. The study concludes with recommendations for training and development programs aimed at enhancing the competencies of cybersecurity leaders in the fintech sector, thereby improving the overall security posture and resilience of small fintech companies.
129

What are the gaps in teaching the cybersecurity threats landscape, and what teachers need to include the subject in their curriculum?

Abdirizak, Mohamed, Abobaker, Ivan January 2024 (has links)
This thesis examines the current gaps in cybersecurity education in junior high and high schools in Sweden, with a focus on the challenges of integration and the resources required for teachers to effectively instruct on cybersecurity topics. Despite the critical importance of cybersecurity in protecting digital interactions and personal data, existing curricula often lack deep and systematic integration of this essential subject. Based on qualitative interviews with 12 teachers from junior high and high schools, the researchers’ findings underscore a significant need for structured cybersecurity curricula and enhanced teacher training. The research reveals that while students are extensively engaged with digital technologies, their vulnerability to various cybersecurity threats remains due to inadequate educational frameworks. The study highlights the urgent need for curricular improvements to include comprehensive cybersecurity courses, aligned with current technological threats and the digital behaviors of students.
130

An Electroencephalogram (EEG) Based Biometrics Investigation for Authentication: A Human-Computer Interaction (HCI) Approach

Rodriguez, Ricardo J. 01 January 2015 (has links)
Encephalogram (EEG) devices are one of the active research areas in human-computer interaction (HCI). They provide a unique brain-machine interface (BMI) for interacting with a growing number of applications. EEG devices interface with computational systems, including traditional desktop computers and more recently mobile devices. These computational systems can be targeted by malicious users. There is clearly an opportunity to leverage EEG capabilities for increasing the efficiency of access control mechanisms, which are the first line of defense in any computational system. Access control mechanisms rely on a number of authenticators, including “what you know”, “what you have”, and “what you are”. The “what you are” authenticator, formally known as a biometrics authenticator, is increasingly gaining acceptance. It uses an individual’s unique features such as fingerprints and facial images to properly authenticate users. An emerging approach in physiological biometrics is cognitive biometrics, which measures brain’s response to stimuli. These stimuli can be measured by a number of devices, including EEG systems. This work shows an approach to authenticate users interacting with their computational devices through the use of EEG devices. The results demonstrate the feasibility of using a unique hard-to-forge trait as an absolute biometrics authenticator by exploiting the signals generated by different areas of the brain when exposed to visual stimuli. The outcome of this research highlights the importance of the prefrontal cortex and temporal lobes to capture unique responses to images that trigger emotional responses. Additionally, the utilization of logarithmic band power processing combined with LDA as the machine learning algorithm provides higher accuracy when compared against common spatial patterns or windowed means processing in combination with GMM and SVM machine learning algorithms. These results continue to validate the value of logarithmic band power processing and LDA when applied to oscillatory processes.

Page generated in 0.1128 seconds