321 |
Visualising network security attacks with multiple 3D visualisation and false alert classificationMusa, Shahrulniza January 2008 (has links)
Increasing numbers of alerts produced by network intrusion detection systems (NIDS) have burdened the job of security analysts especially in identifying and responding to them. The tasks of exploring and analysing large quantities of communication network security data are also difficult. This thesis studied the application of visualisation in combination with alerts classifier to make the exploring and understanding of network security alerts data faster and easier. The prototype software, NSAViz, has been developed to visualise and to provide an intuitive presentation of the network security alerts data using interactive 3D visuals with an integration of a false alert classifier. The needs analysis of this prototype was based on the suggested needs of network security analyst's tasks as seen in the literatures. The prototype software incorporates various projections of the alert data in 3D displays. The overview was plotted in a 3D plot named as "time series 3D AlertGraph" which was an extension of the 2D histographs into 3D. The 3D AlertGraph was effectively summarised the alerts data and gave the overview of the network security status. Filtering, drill-down and playback of the alerts at variable speed were incorporated to strengthen the analysis. Real-time visual observation was also included. To identify true alerts from all alerts represents the main task of the network security analyst. This prototype software was integrated with a false alert classifier using a classification tree based on C4.5 classification algorithm to classify the alerts into true and false. Users can add new samples and edit the existing classifier training sample. The classifier performance was measured using k-fold cross-validation technique. The results showed the classifier was able to remove noise in the visualisation, thus making the pattern of the true alerts to emerge. It also highlighted the true alerts in the visualisation. Finally, a user evaluation was conducted to find the usability problems in the tool and to measure its effectiveness. The feed backs showed the tools had successfully helped the task of the security analyst and increased the security awareness in their supervised network. From this research, the task of exploring and analysing a large amount of network security data becomes easier and the true attacks can be identified using the prototype visualisation tools. Visualisation techniques and false alert classification are helpful in exploring and analysing network security data.
|
322 |
Effective Vulnerability Management for Small Scale Organisations in GhanaLartey, Jerry January 2019 (has links)
Most Small and Medium scale Enterprises (SMEs) in Ghana are notparticularly anxious about the consequences of inadequacy or lack of anyform of vulnerability management operation in their normal businesspractices. This case study research explores how a local Internet ServiceProvider (ISP) in Ghana and its local client-base can manage vulnerabilitieswith a targeted patch management practise integrated into their operations.To answer the research question “How can a SME local Internet ServiceProvider (ISP) in Accra, Ghana, assist their local customer base to integrateeffective cybersecurity vulnerability management into their operations?“,This case study comprised the Subject Matter Expert of one local ISP as well as4 other technical Subject Matter Experts of the ISP’s clients about their patchmanagement operations. This case study research revealed that most SMEs donot consider vulnerability management as a key concern in the operation oftheir organisation and therefore, proposes a way to highlight the importanceof vulnerability management whiles doing so at a cost-effective manner. Theimplications of targeted cybersecurity patch management for the local ISP andtheir client-base is also addressed by this thesis research.
|
323 |
Cybersäkerhet - Forskning och industri, en fallstudie : Cybersäkerhetshot och lösningsförslagLönnebo, Anton January 2018 (has links)
Hot mot organisationers cybersäkerhet innebär stora risker för dessa. När organisationer drabbas av incidenter så som dataintrång kan de kostnader som följer av detta vara mycket höga. Tidigare forskning påvisar att forskning inom cybersäkerhet ofta brister i att utforska och förstå de utmaningar verksamheter ställs inför, med detta som motivering utforskar denna studie de lösningsförslag som relaterad forskning respektive cybersäkerhetsindustrin presenterar gällande de hot som omfattas av studien. Utifrån denna kartläggning förväntades studien att kunna bidra med att minska eventuella kunskapsluckor mellan forskningen och cybersäkerhetsindustrin ifall sådana påträffas. Denna studies frågeställning är; "Gällande de i uppsatsen studerade hoten, hur skiljer sig cybersäkerhetsindustrins lösningsförslag från de lösningar som presenteras i den vetenskapliga litteraturen?" Befintlig forskning gällande respektive hot studerades och sedan utfördes semistrukturerade intervjuer med personal från ett cybersäkerhetsföretag. Studiens resultat visar på många likheter och skillnader mellan de presenterade lösningsförslagen, identifierar en grupp relaterade bifynd och bidrar med förslag gällande vilka lösningsförslag som bör utredas ytterligare.
|
324 |
Processo eletrônico frente aos princípios da celeridade processual e do princípio do acesso à justiçaJosé Maria Cavalcante da Silva 29 September 2015 (has links)
O presente estudo é bibliográfico e trata do Processo Eletrônico Frente aos Princípios da Celeridade Processual e do Acesso à Justiça visando à celeridade do processo judicial, pela utilização dos meios eletrônicos, sem que, em detrimento do acesso geral à Justiça,
num confronto entre os citados princípios. O acesso à Justiça deve ser amplo aos cidadãos. A Emenda Constitucional n 45, acrescentou dispositivo na Constituição Federal, assegurando a todos a duração razoável do processo, como também meios que garantem a celeridade na tramitação processual. A Constituição de 1988 aumentou a
quantidade de Direitos Fundamentais individuais. Com esse objetivo, analisa as possibilidades de acesso à Justiça e a celeridade processual e os desafios do desenvolvimento do novo método, que substituiu os autos de papel, por autos totalmente eletrônicos, por força da Lei 11.419/2006, Lei do Processo Eletrônico. Sendo a reforma do Judiciário uma saída pra melhorar a celeridade e o acesso à Justiça pleiteado por toda a sociedade. / This study is literature and deals with Electronic Process Faced with the principles of Celerity Procedure and. Access to Justice in order to expedite the judicial process, the use of electronic media, without, at the expense of the general access to justice in a confrontation between the cited principles Access to justice must be broad citizens. Constitutional Amendment No. 45, added device in the Constitution, ensuring all the
reasonable duration of the process, but also means that guarantee speed in the procedure. The 1988 Constitution increased the amount of individual fundamental rights. To that end, we analyze the possibilities of access to justice and speedy trial and development challenges of the new method, which replaced the case of paper, for totally electronic records, pursuant to Law 11,419 / 2006 Electronic Process Law. And judicial reform a way to improve speed and access to justice claimed by all of society.
|
325 |
Network security monitoring and anomaly detection in industrial control system networksMantere, M. (Matti) 19 May 2015 (has links)
Abstract
Industrial control system (ICS) networks used to be isolated environments, typically separated by physical air gaps from the wider area networks. This situation has been changing and the change has brought with it new cybersecurity issues. The process has also exacerbated existing problems that were previously less exposed due to the systems’ relative isolation. This process of increasing connectivity between devices, systems and persons can be seen as part of a paradigm shift called the Internet of Things (IoT). This change is progressing and the industry actors need to take it into account when working to improve the cybersecurity of ICS environments and thus their reliability. Ensuring that proper security processes and mechanisms are being implemented and enforced on the ICS network level is an important part of the general security posture of any given industrial actor.
Network security and the detection of intrusions and anomalies in the context of ICS networks are the main high-level research foci of this thesis. These issues are investigated through work on machine learning (ML) based anomaly detection (AD). Potentially suitable features, approaches and algorithms for implementing a network anomaly detection system for use in ICS environments are investigated.
After investigating the challenges, different approaches and methods, a proof-ofconcept (PoC) was implemented. The PoC implementation is built on top of the Bro network security monitoring framework (Bro) for testing the selected approach and tools. In the PoC, a Self-Organizing Map (SOM) algorithm is implemented using Bro scripting language to demonstrate the feasibility of using Bro as a base system. The implemented approach also represents a minimal case of event-driven machine learning anomaly detection (EMLAD) concept conceived during the research.
The contributions of this thesis are as follows: a set of potential features for use in machine learning anomaly detection, proof of the feasibility of the machine learning approach in ICS network setting, a concept for event-driven machine learning anomaly detection, a design and initial implementation of user configurable and extendable machine learning anomaly detection framework for ICS networks. / Tiivistelmä
Kehittyneet yhteiskunnat käyttävät teollisuuslaitoksissaan ja infrastruktuuriensa operoinnissa monimuotoisia automaatiojärjestelmiä. Näiden automaatiojärjestelmien tieto- ja kyberturvallisuuden tila on hyvin vaihtelevaa. Laitokset ja niiden hyödyntämät järjestelmät voivat edustaa usean eri aikakauden tekniikkaa ja sisältää useiden eri aikakauden heikkouksia ja haavoittuvaisuuksia.
Järjestelmät olivat aiemmin suhteellisen eristyksissä muista tietoverkoista kuin omista kommunikaatioväylistään. Tämä automaatiojärjestelmien eristyneisyyden heikkeneminen on luonut uuden joukon uhkia paljastamalla niiden kommunikaatiorajapintoja ympäröivälle maailmalle. Nämä verkkoympäristöt ovat kuitenkin edelleen verrattaen eristyneitä ja tätä ominaisuutta voidaan hyödyntää niiden valvonnassa. Tässä työssä esitetään tutkimustuloksia näiden verkkojen turvallisuuden valvomisesta erityisesti poikkeamien havainnoinnilla käyttäen hyväksi koneoppimismenetelmiä. Alkuvaiheen haasteiden ja erityispiirteiden tutkimuksen jälkeen työssä käytetään itsejärjestyvien karttojen (Self-Organizing Map, SOM) algoritmia esimerkkiratkaisun toteutuksessa uuden konseptin havainnollistamiseksi. Tämä uusi konsepti on tapahtumapohjainen koneoppiva poikkeamien havainnointi (Event-Driven Machine Learning
Anomaly Detection, EMLAD).
Työn kontribuutiot ovat seuraavat, kaikki teollisuusautomaatioverkkojen kontekstissa: ehdotus yhdeksi anomalioiden havainnoinnissa käytettävien ominaisuuksien ryhmäksi, koneoppivan poikkeamien havainnoinnin käyttökelpoisuuden toteaminen, laajennettava ja joustava esimerkkitoteutus uudesta EMLAD-konseptista toteutettuna Bro NSM työkalun ohjelmointikielellä.
|
326 |
Processo eletrônico frente aos princípios da celeridade processual e do princípio do acesso à justiçaSilva, José Maria Cavalcante da 29 September 2015 (has links)
Made available in DSpace on 2017-06-01T18:18:33Z (GMT). No. of bitstreams: 1
jose_maria_cavalcante_silva.pdf: 641028 bytes, checksum: 31d2247e5924c1a09aac9202c0878423 (MD5)
Previous issue date: 2015-09-29 / This study is literature and deals with Electronic Process Faced with the principles of Celerity Procedure and. Access to Justice in order to expedite the judicial process, the use of electronic media, without, at the expense of the general access to justice in a confrontation between the cited principles Access to justice must be broad citizens. Constitutional Amendment No. 45, added device in the Constitution, ensuring all the
reasonable duration of the process, but also means that guarantee speed in the procedure. The 1988 Constitution increased the amount of individual fundamental rights. To that end, we analyze the possibilities of access to justice and speedy trial and development challenges of the new method, which replaced the case of paper, for totally electronic records, pursuant to Law 11,419 / 2006 Electronic Process Law. And judicial reform a way to improve speed and access to justice claimed by all of society. / O presente estudo é bibliográfico e trata do Processo Eletrônico Frente aos Princípios da Celeridade Processual e do Acesso à Justiça visando à celeridade do processo judicial, pela utilização dos meios eletrônicos, sem que, em detrimento do acesso geral à Justiça,
num confronto entre os citados princípios. O acesso à Justiça deve ser amplo aos cidadãos. A Emenda Constitucional nº 45, acrescentou dispositivo na Constituição Federal, assegurando a todos a duração razoável do processo, como também meios que garantem a celeridade na tramitação processual. A Constituição de 1988 aumentou a
quantidade de Direitos Fundamentais individuais. Com esse objetivo, analisa as possibilidades de acesso à Justiça e a celeridade processual e os desafios do desenvolvimento do novo método, que substituiu os autos de papel, por autos totalmente eletrônicos, por força da Lei 11.419/2006, Lei do Processo Eletrônico. Sendo a reforma do Judiciário uma saída pra melhorar a celeridade e o acesso à Justiça pleiteado por toda a sociedade.
|
327 |
Improving the Cyber defence of an organisation based on IP Geolocation and security appliances / Förbättra en organisations cyberförsvar baserad på IP Geolocation och säkerhetssystemOpasinov, Aleksandar, Eftekhari, Sina January 2020 (has links)
As advancement and usage of data communication has increased exponentially on a global scale, with a devastating exposure to attacks and varying security threats to home offices as well as to large enterprises, there is always a need for enhanced network protection. The IT department of the company OneDefence, located in western Sweden, was chosen for the thesis and based on the stated information from the organisation, aims were set on how to improve their network defence capabilities. The aim of this thesis is to list ten countries posing the most serious IT threats, and to limit the attack surface of OneDefence’s IT network as much as possible while still providing the necessary services to users abroad. After researching the countries, a prototype was set up to mimic OneDefence’s topology of interest and test attacks were conducted as detailed in the Methodology chapter. The results of the investigations showed the countries posing most serious cyber threats included China, Russia and North Korea among others which were statistically calculated based on the total number of recognised cyberwarfare attacks. The results obtained from the different DoS attacks in the prototype showed that an IPS should be at the heart of an organisation's network defence for combating these intrusions, as well as potentially other types. With the help of a prototype built based on the organisation's topology, several attacks were somewhat successfully mitigated with the equipment used on hand, with only a low percentage of packets allowed to pass through the security unit. Lastly, to explore further enhancements of defence capabilities of OneDefence, a comparison between different products and devices were performed. This resulted in products from the Fortinet brand such as FortiGate NGFW and UTM capabilities as they are offering several advantages compared to competitors. / Då stora framsteg och användning av datakommunikation har ökat exponentiellt på en global skala, med en förödande exponering av attacker och säkerhetshot mot hemanvändare såväl som stora företag, finns detalltid ett behov av förbättrad nätverksskydd. IT-avdelningen hos företaget OneDefence, valdes för att utföra examensprojektet och baserade sig på organisationens angivna information för att förbättra deras nätverksförsvar. Syftet med denna rapport är att sammanställa en lista på tio länder som utgör de allvarligaste IT-hoten i världen, samt begränsa attackytan för organisationens nätverk så mycket som möjligt medan man behåller alla nödvändiga tjänster till användare utomlands. Efter att ha undersökt länderna, anordnades en prototyp för att efterlikna delar av OneDefences topologi av intresse och testattacker utfördes enligt metodologikapitlet. Resultaten av utredningarna visade att från de länder som utfört de allra allvarliga cyberhoten inkluderade bland annat Kina, Ryssland och Nordkorea, som har beräknats statistiskt baserat på antalet igenkända cyberwarfare attacker. Resultaten från de olika DoS-attackerna visade att en IPS bör vara kärnan i en organisations nätverksförsvar för att kunna bekämpa dessa intrång, samt potentiellt andra typer. Med hjälp av den prototyp som byggdes baserad på organisationens topologi, blockerades flera attacker rätt framgångsrikt, med en låg procentandel av paketen som gick genom säkerhetsenheten. Slutligen utforskades ytterligare förbättringar av försvarsförmågan hos organisationen genom att jämföra olika produkter och enheter. Detta resulterade i produkter från Fortinet-varumärket såsom FortiGate NGFW med UTM förmåga, då de erbjuder flera fördelar jämfört med konkurrenter.
|
328 |
Jamming Detection and Classification via Conventional Machine Learning and Deep Learning with Applications to UAVsYuchen Li (11831105) 13 December 2021 (has links)
<div>With the constant advancement of modern radio technology, the safety of radio communication has become a growing concern for us. Communication has become an essential component, particularly in the application of modern technology such as unmanned aerial vehicle (UAV). As a result, it is critical to ensure that a drone can fly safely and reliably while completing duties. Simultaneously, machine learning (ML) is rapidly developing in the twenty-first century. For example, ML is currently being used in social media and digital marking for predicting and addressing users' varies interests. This also serves as the impetus for this thesis. The goal of this thesis is to combine ML and radio communication to identify and classify UAV interference with high accuracy.</div><div>In this work, a ML approach is explored for detecting and classifying jamming attacks against orthogonal frequency division multiplexing (OFDM) receivers, with applicability to UAVs. Four types of jamming attacks, including barrage, protocol-aware, single-tone, and successive-pulse jamming, are launched and analyzed using software-defined radio (SDR). The jamming range, launch complexity, and attack severity are all considered qualitatively when evaluating each type. Then, a systematic testing procedure is established, where a SDR is placed in the vicinity of a drone to extract radiometric features before and after a jamming attack is launched. Traditional ML methods are used to create classification models with numerical features such as signal-to-noise ratio (SNR), energy threshold, and important OFDM parameters. Furthermore, deep learning method (i.e., convolutional neural networks) are used to develop classification models trained with spectrogram images filling in it. Quantitative indicators such as detection and false alarm rates are used to evaluate the performance of both methods. The spectrogram-based model correctly classifies jamming with a precision of 99.79% and a false-alarm rate of 0.03%, compared to 92.20% and 1.35% for the feature-based counterpart.</div>
|
329 |
Genus och säkerhetsbeteende : En litteraturstudie om kön och säkerhetsbeteende / Gender and security behavior : A literature study on gender and safety behaviorHadjimuradov, Abdulla January 2021 (has links)
Vi lever i en tid där informationstekniken tar större och större plats i vardagen för varje år, både på jobbet och på fritiden. Det är en spännande tid där många delar av det vardagliga livet övergått till att bli mer digitalt. Samtidigt ställer denna digitalisering i allt högre utsträckning krav på användaren när det kommer till säkerheten för den personliga integriteten online. Med tanke på den exponentiella utveckling av digitaliseringen och informationsteknologin det senaste decenniet, är det intressant att söka utröna huruvida säkerhetsbeteendet bland användare har ökat i samma takt eller om säkerhetsbeteendet har halkat efter. Den genomförda litteraturstudien hade som mål att undersöka vilka skillnader relaterat till kön som identifierats inom tidigare informationssäkerhetsforskning. Olika kombinationer av sökbegrepp användes för att söka igenom fem databaser med hjälp av urvalskriterier för att hitta relevanta artiklar. Detta resulterade i 30 accepterade artiklar som genomgick en kvalitativ dataanalys med hjälp av tematisk analys. Undersökningen visade på att tidigare forskning hade identifierat vissa skillnader som relaterade till kön, men också att fler studier gällande könsskillnader inom informationssäkerhet behövs för att kunna förstå sig på mänskliga fel och för att kunna hitta åtgärder som förbättrar säkerhetsbeteendet och säkerhetsmedvetenheten bland människor. / We live in a time where information technology is taking up more and more space in everyday life for each year, both at work and in our free time. This is an exciting time where everything is becoming more digital, at the same time as everything is becoming more digital, demands are also being raised on all users. Given the drastic development of digitalization and information technology in the last decade, it is interesting to identify whether security behavior among users has increased at the same rate or whether security behavior has lagged behind. The aim of the completed literature study was to investigate the differences related to gender that had been identified in previous information security research. Different combinations of search terms are used to search through five databases using selection criteria to find relevant articles. Resulted in 30 accepted articles that underwent a qualitative data analysis using thematic analysis. The study showed that previous research identified certain differences related to gender, but also that more studies regarding gender differences in information security are needed to be able to understand human errors and to be able to find measures that improves security behavior and security awareness among people.
|
330 |
Kybernetická bezpečnost ve vesmírném prostoru: Rámec zvládání rizik spojených s kybernetickými útoky a model vylepšení evropských politik / Cybersecurity for Outer Space - A Transatlantic StudyPerrichon, Lisa January 2018 (has links)
Cyber attacks can target any nodes of the space infrastructure, and while these attacks are called non-violent, there is a credible capability to use cyber attacks to cause direct or indirect physical damage, injury or death. However, the vulnerability of satellites and other space assets to cyber attack is often overlooked, which is a significant failing given society's substantial and ever increasing reliance on satellite technologies. Through a policy analysis, this dissertation assess the set of political provisions provided by the European Union to address the cyber security issue of the space infrastructure. Such study aims at exploring the geopolitical consequences linked to space cyber security risks, and at assessing the political preparedness of the European Union to address these challenges. The perspective of transatlantic cooperation to further support both American and European effort to tackle this security risk is also addressed. The overarching value of the study is to contribute to future European cyber security for space and transatlantic debates by providing useful perspectives and key takeaways on these two domains. Ultimately, he existing set of policies are not sufficient to address the cyber security issue in Outer Space, a unified approach by the European Union and the United...
|
Page generated in 0.0428 seconds