Global ETD Search

291	Ethical Hacking of an Access Control System / Etisk hackning av ett passersystem Almqvist, Oscar January 2022 (has links) Cybersecurity within Internet of Things (IoT) is as relevant as ever, with the increase of digitalization and the connection of increasing numbers of intelligent devices. The devices within an electronic access control system, ranging from credential readers to management applications, are responsible for protecting various assets and users while still allowing for rich functionality. Regardless of its setting and context, the purpose of such a system is to ensure security. This thesis investigates the cybersecurity of an electronic access control system in an apartment building using penetration testing. The system was evaluated in a black-box setting, meaning no inside information about the system was known. This method consisted of an information gathering and enumeration phase, building a threat model that scored the identified threats based on their impact and consequences. Four devices and two software applications were investigated within the electronic access control system. Further, thirteen threats were identified on six attack surfaces: the physical interfaces, the firmware, the network services, web interfaces, a desktop application, and an embedded application. Twelve threats were tested to see if they are exploitable in practice. Results show that ten threats were exploitable, impacting residents and administrative users of the electronic access control system. The impact of the exploits consists of various degrees of sensitive data disclosure, authentication bypass, weak authentication, denial-of-service (DOS), and tampering, spread across the devices and software within the system. Exploits were successfully executed on every attack surface apart from the firmware. Additionally, the found exploits are reported to the affected manufacturer with suggestions to prevent the found vulnerabilities. / Med tanke på den ökande graden av digitalisering och intelligenta enheter i samhället är cybersäkerhet inom sakernas internet mer relevant än någonsin. Enheterna inom ett elektronisk passersystem har som uppgift att skydda både användare och objekt, oavsett miljö eller sammanhang. Detta, samtidigt som de ska erbjuda rik funktionalitet. Den här studien undersöker cybersäkerheten av ett passersystem installerat i ett lägenhetshus med hjälp av penetrationstestning. Systemet evaluerades genom black box testing, vilket betyder att ingen intern information om vare sig systemet eller enheterna var känd. Metoden inleddes av en informationsinsamlingsfas, som sedan ledde till en konstruktion av en hotmodell bestående av potentiella sårbarheter inom systemet. Sårbarheterna funna blev sedan betygsatta baserat på deras påverkan samt konsekvens ifall de skulle lyckas genomföras. Fyra enheter och två mjukvaruapplikationer inom passersystemet undersöktes. Tretton sårbarheter identifierades på de följande sex attackytorna: fysiska gränssnitt, firmware, nätverkstjänster, webbgränssnitt, datorprogram, samt inbäddade applikationer. Tolv sårbarheter testades för att se de kunde genomföras på systemet. Resultat visar att tio sårbarheter kunde genomföras, vilket påverkade både boende och administrativa användare i passersystemet. Detta resulterade i olika grader av utlämnande av känsliga uppgifter, förbikoppling av autentisering, denial-of-service (DOS), och manipulering, spritt över de olika enheterna och applikationerna i passersystemet. Förutom via firmware så hade samtliga attackytorna någon form av sårbarhet som gick att genomföras. De funna sårbarheterna blev rapporterade till passersystemets tillverkare med förslag på hur de kan åtgärdas. Cybersecurity Access control systems IoT Penetration testing Threat modeling Cybersäkerhet Passersystem Sakernas internet Penetrationstestning Hotmodellering Computer Sciences Datavetenskap (datalogi)
292	Реконструкция модели кибербезопасности в российских банках (на примере ПАО «Сбербанк России») : магистерская диссертация / Reconstruction of the Cybersecurity Model in Russian Banks (on the Example of Pjsc “Sberbank of Russia”) Вигриянова, Ю. С., Vigriyanova, Y. S. January 2020 (has links) The master's thesis formulated the most important trends in the development of cybercrime in the banking sector. Based on the actual problems of cybersecurity management, a model for assessing cyber-risks for Russian commercial banks was reconstructed. / В магистерской диссертации сформулированы ключевые тенденции развития киберпреступности в банковском секторе. Исходя из актуальной проблематики управления кибербезопасностью, произведена реконструкция модели оценки кибер-рисков для российских коммерческих банков. MASTER'S THESIS INFORMATION SECURITY CYBERSECURITY DAMAGE CYBER RISK MODELING КИБЕРБЕЗОПАСНОСТЬ УЩЕРБ
293	Designing an Artificial Immune inspired Intrusion Detection System Anderson, William Hosier 08 December 2023 (has links) (PDF) The domain of Intrusion Detection Systems (IDS) has witnessed growing interest in recent years due to the escalating threats posed by cyberattacks. As Internet of Things (IoT) becomes increasingly integrated into our every day lives, we widen our attack surface and expose more of our personal lives to risk. In the same way the Human Immune System (HIS) safeguards our physical self, a similar solution is needed to safeguard our digital self. This thesis presents the Artificial Immune inspired Intrusion Detection System (AIS-IDS), an IDS modeled after the HIS. This thesis proposes an architecture for AIS-IDS, instantiates an AIS-IDS model for evaluation, conducts a robust set of experiments to ascertain the efficacy of the AIS-IDS, and answers key research questions aimed at evaluating the validity of the AIS-IDS. Finally, two expansions to the AIS-IDS are proposed with the goal of further infusing the HIS into AIS-IDS design. Cybersecurity Bio-inspired Computing Intrusion Detection Human Immune System Artificial Immune System Artificial Intelligence and Robotics Information Security
294	DEFEATING CYBER AND PHYSICAL ATTACKS IN ROBOTIC VEHICLES Hyungsub Kim (17540454) 05 December 2023 (has links) <p dir="ltr">The world is increasingly dependent on cyber-physical systems (CPSs), e.g., robotic vehicles (RVs) and industrial control systems (ICSs). CPSs operate autonomously by processing data coming from both “cyberspace”—such as user commands—and “physical space”—such as sensors that measure the physical environment in which they operate. However, even after decades of research, CPSs remain susceptible to threats from attackers, primarily due to the increased complexity created by interaction with cyber and physical space (e.g., the cascading effects that changes in one space can impact on the other). In particular, the complexity causes two primary threats that increase the risk of causing physical damage to RVs: (1) logic bugs causing undesired physical behavior from the developers expectations; and (2) physical sensor attacks—such as GPS or acoustic noise spoofing—that disturb an RV’s sensor readings. Dealing with these threats requires addressing the interplay between cyber and physical space. In this dissertation, we systematically analyze the interplay between cyber and physical space, thereby tackling security problems created by such complexity. We present novel algorithms to detect logic bugs (PGFuzz in Chapter 2), help developers fix them (PGPatch in Chapter 3), and test the correctness of the patches attempting to address them (PatchVerif in Chapter 4). Further, we explain algorithms to discover the root causes and formulate countermeasures against physical sensor attacks that target RVs in Chapter 5.</p> Hardware security Software and application security System and network security Cybersecurity Robotic vehicle Cyber–physical system Logic bug Physical sensor attack
295	Benevolent and Malevolent Adversaries: A Study of GANs and Face Verification Systems Nazari, Ehsan 22 November 2023 (has links) Cybersecurity is rapidly evolving, necessitating inventive solutions for emerging challenges. Deep Learning (DL), having demonstrated remarkable capabilities across various domains, has found a significant role within Cybersecurity. This thesis focuses on benevolent and malevolent adversaries. For the benevolent adversaries, we analyze specific applications of DL in Cybersecurity contributing to the enhancement of DL for downstream tasks. Regarding the malevolent adversaries, we explore the question of how resistant to (Cyber) attacks is DL and show vulnerabilities of specific DL-based systems. We begin by focusing on the benevolent adversaries by studying the use of a generative model called Generative Adversarial Networks (GAN) to improve the abilities of DL. In particular, we look at the use of Conditional Generative Adversarial Networks (CGAN) to generate synthetic data and address issues with imbalanced datasets in cybersecurity applications. Imbalanced classes can be a significant issue in this field and can lead to serious problems. We find that CGANs can effectively address this issue, especially in more difficult scenarios. Then, we turn our attention to using CGAN with tabular cybersecurity problems. However, visually assessing the results of a CGAN is not possible when we are dealing with tabular cybersecurity data. To address this issue, we introduce AutoGAN, a method that can train a GAN on both image-based and tabular data, reducing the need for human inspection during GAN training. This opens up new opportunities for using GANs with tabular datasets, including those in cybersecurity that are not image-based. Our experiments show that AutoGAN can achieve comparable or even better results than other methods. Finally, we shift our focus to the malevolent adversaries by looking at the robustness of DL models in the context of automatic face recognition. We know from previous research that DL models can be tricked into making incorrect classifications by adding small, almost unnoticeable changes to an image. These deceptive manipulations are known as adversarial attacks. We aim to expose new vulnerabilities in DL-based Face Verification (FV) systems. We introduce a novel attack method on FV systems, called the DodgePersonation Attack, and a system for categorizing these attacks based on their specific targets. We also propose a new algorithm that significantly improves upon a previous method for making such attacks, increasing the success rate by more than 13%. Cybersecurity Machine Learning Computer Vision and Pattern Recognition Generative Adversarial Networks Face Verification systems Class Imbalance Problem Adversarial Attacks
296	REHOSTING EMBEDDED APPLICATIONS AS LINUX APPLICATIONS FOR DYNAMIC ANALYSIS Jayashree Srinivasan (17683698) 20 December 2023 (has links) <p dir="ltr">Dynamic analysis of embedded firmware is a necessary capability for many security tasks, e.g., vulnerability detection. Rehosting is a technique that enables dynamic analysis by facilitating the execution of firmware in a host environment decoupled from the actual hardware. Current rehosting techniques focus on high-fidelity execution of the entire firmware. Consequently, these techniques try to execute firmware in an emulated environment, with precise models of hardware (i.e., peripheral) interactions. However, these techniques are hard to scale and have various drawbacks. </p><p dir="ltr">Therefore, a novel take on rehosting is proposed by focusing on the application components and their interactions with the firmware without the need to model hardware dependencies. This is achieved by rehosting the embedded application as a Linux application. In addition to avoiding precise peripheral modeling, such a rehosting technique enables the use of existing dynamic analysis techniques on these embedded applications. The feasibility of this approach is demonstrated first by manually performing the rehosting on real-world embedded applications. The challenges in each of the phases – retargeting to x86-64, peripheral handling, and fuzzing the rehosted applications are elaborated. Furthermore, automated steps for retargeting to the x86-64 and peripheral handling are developed. The peripheral handling achieves 89% accuracy if reserved regions are also considered. The testing of these rehosted applications found 2 previously unknown defects in driver components.</p> Software and application security System and network security Cybersecurity Firmware Rehosting Real-Time Systems RTOS Dynamic Analysis Embedded Systems Embedded Systems Security
297	Proaktiv Riskhantering: : En kvalitativ studie om dess betydelse för informations- och cybersäkerhetsföretag i sviterna av Covid-19 / Proactive Risk Management: : A qualitative study of its importance for information and cyber security companies in the wake of Covid-19 Ahlén, Fanny, Bauhn, Ludwig January 2023 (has links) Digitaliseringen sker i en rasande fart världen över, vilket resulterar i en ofantlig ökning av data som cirkulerar. Detta i sin tur både bringar nya möjligheter men också stora utmaningar för företag då man ständigt måste vara redo på det oväntade vilket inte minst märktes då Covid-19 pandemin slog till. Organisationer tvingas stänga ner sina kontor och istället arbeta hemifrån, vilket innebär ännu större risker gällande hot och säkerhet om man inte var väl förberedd. Syftet i denna studie är att studera företag inom informations- och cybersäkerhetsbranschen och hur deras interna, proaktiva riskhanteringsarbete ser ut. Med grund i Covid-19 vill vi dessutom studera de lärdomar dessa företag tog med sig från pandemin. För att uppnå detta har vi genomfört en kvalitativ studie baserad på 9 intervjuer med individer inom branschen som fått berätta om deras tankar och åsikter kring proaktiv cybersäkerhet och Covid-19. Studien har resulterat i en sammanställning av de strategier och metoder som anses centrala för att bedriva en så framgångsrik riskhantering som möjligt med stort fokus på individen och dess medvetenhet och kunskap vilket anses vara en central del. Exempelvis kan företag arbeta efter Zero trust-principen för att verifiera och kontrollera vilka tillgångar en individ har, samt arbeta efter de fyra vanligaste arbetssätten; personalutbildning, etiska hackare, jaga hot och proaktiv övervakning av nätverk och slutpunkt, för att proaktivt reducera sannolikheten att exponeras för oönskade risker. / The digitalization develops at a blistering pace all around the world which results in an immense increase of circeling data. This in turn brings new possibilities but at the same time a lot of challenges for companies. They constantly have to be ready and expect the unexpected which was not least noticed when the Covid-19 pandemic hit. Organizations were forced to shut down their offices and work from home instead, which in turn implies even greater risks when it comes to threat and security if you are not prepared. The purpose of this study is to study companies in the information- and cybersecurity industry and how their internal, proactive risk management looks like. With Covid-19 as the foundation we also aim to study the lessons learned by companies as they emerged from the pandemic. To achieve this we have carried out a qualitative study based on 9 interviews with individuals in the industry which have had the opportunity to tell us their thoughts and opinions about proactive cybersecurity and Covid-19. The study has resulted in a compilation of the strategies and methods that are considered central to conducting as successful risk management as possible with a strong focus on the individual and their awareness and knowledge, which is considered to be a central part. For example, companies can work according to the Zero Trust principle to verify and control the assets an individual has, as well as work according to the four most common approaches: employee training, ethical hackers, threat hunting, and proactive monitoring of networks and endpoints, in order to proactively reduce the likelihood of being exposed to unwanted risks. Covid-19 Proactive Cybersecurity Information security Risk management Covid-19 Proaktivt Cybersäkerhet Informationssäkerhet Riskhantering Engineering and Technology Teknik och teknologier
298	Virtual Reality over the Internet : An experimental study of common countermeasures when using VR applications over the Internet / Virtual Reality över Internet : En experimentell studie över vanliga motåtgärder vid användandet av VR applikationer över Internet Wetterström, Max, Rönn, Patric January 2023 (has links) Currently, there is a lack of research behind the security of Virtual Reality against fingerprinting attacks and how these affect the Quality of Experience (QoE) and Quality of Service (QoS) for a user. With practical testing in a game which implements traffic shaping methods as security defences, this thesis aims to take the first step towards changing this. Here, tests were made testing QoS and QoE of countermeasures in a VR game using the game-engine Unity. The countermeasures utilized were random padding, random delays and VPNs. The conclusion reached was that using a delay had a significant impact on QoE, creating a high Round-Trip Time, while changing the packet size had minimal impact to both QoE and QoS. Additionally, utilizing a VPN yielded a minimal impact to both the QoE and QoS. Virtual Reality VR Padding Delay VPN QoS QoE Countermeasures Cybersecurity Fingerprinting Traffic Analysis Computer and Information Sciences Data- och informationsvetenskap
299	Modeling and Characterization of Internet Censorship Technologies Alexander Master (16531995) 29 June 2023 (has links) <p>The proliferation of Internet access has enabled the rapid and widespread exchange of information globally. The world wide web has become the primary communications platform for many people and has surpassed other traditional media outlets in terms of reach and influence. However, many nation-states impose various levels of censorship on their citizens' Internet communications. There is little consensus about what constitutes “objectionable” online content deserving of censorship. Some people consider the censor activities occurring in many nations to be violations of international human rights (e.g., the rights to freedom of expression and assembly). This multi-study dissertation explores Internet censorship methods and systems. By using combinations of quantitative, qualitative, and systematic literature review methods, this thesis provides an interdisciplinary view of the domain of Internet censorship. The author presents a reference model for Internet censorship technologies: an abstraction to facilitate a conceptual understanding of the ways in which Internet censorship occurs from a system design perspective. The author then characterizes the technical threats to Internet communications, producing a comprehensive taxonomy of Internet censorship methods as a result. Finally, this work provides a novel research framework for revealing how nation-state censors operate based on a globally representative sample. Of the 70 nations analyzed, 62 used at least one Internet censorship method against their citizens. The results reveal worldwide trends in Internet censorship based on historical evidence and Internet measurement data. </p> Internet censorship computer networks nation-state censorship filtering managed attribution modeling censorship circumvention
300	Enhancing an Existing Attack Projection System with Deep Learning Kolanowski, Mikael January 2023 (has links) As organizations and critical infrastructure increasingly rely on computer networks for their function, cyber defense becomes more and more important. A recent trend is to employ predictive methods in cybersecurity. Attack projection attempts to predict the next step in an ongoing attack. Previous research has attempted to solve attack projection using deep learning relying solely on LSTM networks. In this work, by contrast, we solved the attack projection problem using three different neural network architectures: an LSTM, a Transformer, and a hybrid LSTMTransformer model. We then proposed a way to integrate our neural models into an existing software framework that relies on sequential rule mining to predict future security alerts. The models were trained and evaluated on a publicly available dataset of network security alerts and evaluated with respect to precision and recall of alert predictions. We found that the Transformer architecture had the best overall performance in all but one experiment and that the LSTM architecture performed the worst across all experiments. / Då organisationer och kritisk infrastruktur blir alltmer beroende av datornätvärk för sin verksamhet, blir cyberförsvar alltmer viktigt. En pågående trend är att använda prediktiva metoder inom cybersäkerhet. Attackprojicering innebär att försöka förutspå nästa steg i en pågående cyberattack. Tidigare forskning som försökte tillämpa djupinlärning på attackprojicering använde sig enbart av LSTMnätverk. I detta arbete använde vi däremot tre olika neurala arkitekturer: en LSTM, en Transformer och en LSTMTransformerhybrid. Vi föreslog sedan ett sätt att integrera våra modeller med ett befintligt mjukvaruramverk som använder sig av sekventiella regler för att förutspå kommande larm. Modellerna tränades och utvärderades på en publik datamängd och utvärderades med hänsyn till precision och återkallelse. Vi fann att Transformermodellen hade bäst prestation i alla utom ett experiment och att LSTMmodellen presterade sämst i alla våra experiment. Cybersecurity Attack projection Deep learning LSTM Transformer Cybersäkerhet Attackprojicering Djupinlärning LSTM Transformer Computer and Information Sciences Data- och informationsvetenskap

Search results