Global ETD Search

341	Ontology Based Security Threat Assessment and Mitigation for Cloud Systems Kamongi, Patrick 12 1900 (has links) A malicious actor often relies on security vulnerabilities of IT systems to launch a cyber attack. Most cloud services are supported by an orchestration of large and complex systems which are prone to vulnerabilities, making threat assessment very challenging. In this research, I developed formal and practical ontology-based techniques that enable automated evaluation of a cloud system's security threats. I use an architecture for threat assessment of cloud systems that leverages a dynamically generated ontology knowledge base. I created an ontology model and represented the components of a cloud system. These ontologies are designed for a set of domains that covers some cloud's aspects and information technology products' cyber threat data. The inputs to our architecture are the configurations of cloud assets and components specification (which encompass the desired assessment procedures) and the outputs are actionable threat assessment results. The focus of this work is on ways of enumerating, assessing, and mitigating emerging cyber security threats. A research toolkit system has been developed to evaluate our architecture. We expect our techniques to be leveraged by any cloud provider or consumer in closing the gap of identifying and remediating known or impending security threats facing their cloud's assets. Ontology Cybersecurity Cloud Computing Vulnerability Ranking Threat Risk Prediction Assessment Mitigation Systems Computer networks -- Security measures. Computer security. Cloud computing -- Security measures. Ontologies (Information retrieval)
342	Distributed Denial of Service : Svenska bankers uppfattning om hotbilden av DDoS-attacker Macchiavello, Sabrina, Wulkan, Linnea January 2023 (has links) As the financial sector has become increasingly digitized, its vulnerability to cyberattacks has increased. Distributed Denial of Service attacks are one of the biggest threats on the internet today and has been growing steadily for the last few years. The increase applies to both the size and frequency of the attacks. DDoS-attacks have been a threat especially towards banks and therefore it is important to have a well functional cyber security strategy to withstand the attacks. This thesis investigates Swedish banks perception regarding the threat picture of DDoS-attacks against banks. As a result of a qualitative case study, Swedish banks opinion has been investigated through interviews with IT security managers at Swedish banks. The banks are considered to have effective strategies to prevent and manage DDoS-attacks but the threat of cyber attacks continues to increase. The participants mention various factors that show an increase in DDoS-attacks and the media can be an influence. The empirical material is analyzed using the National Cybersecurity Strategy (NCSS) framework developed by the European Union Agency for Cybersecurity (ENISA). Distributed Denial of Service attack Denial of Service attack överbelastningsattack finansiell sektor bank cybersäkerhet cyberhot cyberattack National Cybersecurity Strategy NCSS Information Systems
343	The effect of human memory on password behavior : An investigation Tarczal, Márton January 2023 (has links) Passwords are widely used as a primary method of authentication and access control, making them a critical component in safeguarding digital assets. However, individuals’ password-related behaviors, such as password selection, memorization, and management, significantly impact the security of their accounts. Cognitive abilities, one of which is memory capacity, have also been shown in past research to affect cybersecurity awareness and therefore password behavior, as an extension of this. This thesis aimed to explore how individuals’ short-term memory capacity influenced their password behavior and its implications for cybersecurity. The research methodology used a questionnaire as a quantitative approach towards this issue. The study examined participants’ password creation strategies and their ability to remember different aspects using cued recall. Furthermore, the relationship between password behavior and short-term memory capacity was also explored in terms of four different demographic subgroups, namely gender, age, level of education, and IT competence. The evaluation has been performed using statistical analysis on 315 complete questionnaire responses. The results of this thesis work corroborate most of the previous research on the aforementioned topics, such that females and older age were the strongest predictors of correlation between password behavior and short-term memory capacity. This thesis work can be used as guidance when conducting further research on the effects of various cognitive abilities on cybersecurity awareness. Cybersecurity awareness cognitive ability password behavior memory cued recall demographics questionnaire Information Systems, Social aspects
344	Cybersecurity: Digital Twins in Automotive Industry : The Road Ahead – An Exploratory Study Upara, Rossarin January 2023 (has links) The digital twin is a concept that has attracted the attention of both industry and academia in the last decade with the advent of Industry 4.0 and the adoption of future technologies. Previous research has shown that the automotive industry is facing significant challenges as demand for advanced, connected systems increases, and with it, cybersecurity risks. As the automotive industry has evolved, this concept has become prevalent in many areas and is now applied to products and systems throughout their lifecycle, which also means that the digital twin plays a key role in many development processes. Therefore, it is important to investigate what the cybersecurity stands in terms of cybersecurity. This study takes an exploratory approach that primarily aims to investigate and gain a broader perspective on a relatively unexplored topic, namely cybersecurity for digital twins in the automotive industry. The application of digital twins in the automotive industry was explored to determine what security challenges exist and whether these challenges can be solved using existing security paradigms. Industrial use cases were developed to illustrate the digital twins that exist in the automotive industry. In addition, at an overall level, a threat analysis and risk assessment (TARA) is conducted, again using STRIDE, one of the most commonly used threat models, to identify potential risks and attacks that exist and how they might be addressed in each case. Semi-structured interviews were also conducted with four experts working with digital twins and future innovations in the automotive industry to gain insight into how the experts view the digital twin in the context of cybersecurity, risks and threats of digital information. The results of the TARA analysis and the interviews showed that there are many different risks for digital twins that may vary between digital twins, and that there is a common denominator for all of them that can be defined as the biggest challenge for the digital twin, which is data and its related risks. Thus, it can be said that the security paradigms for solving the digital twin are based on the threats and risks of the individual digital twin. / Digital tvilling är ett koncept som har uppmärksammats av både industrin och akademin under det senaste decenniet i och med uppkomsten av Industri 4.0 och introduktionen på framtidens tekniker. Tidigare forskning visar på att bilindustrin står inför stora utmaningar där efterfrågan på avancerade uppkopplade system efterfrågas, i samband med detta har även cybersäkerhetsriskerna ökat. Detta koncept har även med bilindustrins utveckling adopterats brett inom många områden och tillämpas idag på produkter och system under hela dess livscykel, vilket även innebär att den digitala tvillingen har en nyckelroll i många utvecklingsprocesser. Därmed är det relevant att undersöka hur den digitala tvillingen står sig gällande cybersäkerhet. Denna studie har en explorativ ansats som primärt syftar till att undersöka ett relativt outforskat ämne och få ett bredare perspektiv, nämligen cybersäkerhet för digitala tvillingar inom bilindustrin. Tillämpningen av den digitala tvillingen inom bilindustrin undersöks för att ta reda på vilka säkerhetsutmaningar som finns samt identifiera om dessa utmaningar kan lösas med befintliga säkerhetsparadigm. Industriella användningsfall tas fram för att exemplifiera på digitala tvillingar som finns inom bilindustrin, vidare utförs hotanalys och riskbedömning (TARA) på en övergripande nivå där även STRIDE, ett av de mest tillämpade hotmodeller, används för att kartlägga möjliga risker och attacker som finns hur de möjligtvis kan åtgärdas för det enskilda fallet. Semi-strukturerade intervjuer utfördes med fyra experter som arbetar med digital tvilling och framtida innovationer inom bilindustrin för att få insikt på hur dessa experter ser på den digitala tvillingen i kontexten cybersäkerhet, risker och hot av digital information. Med resultaten från TARA analysen samt intervjuerna gick det att få fram att det finns många olika risker för digitala tvillingar som kan variera mellan de enskilda digitala tvillingarna samt att det finns en gemensam nämnare för samtliga som går att definiera som den största utmaningen för den digitala tvillingen vilket är data och dess relaterade risker. Med detta kan man säga att säkerhetsparadigmerna för att lösa den digitala tvillingen baseras på den enskilda digitala tvillingens hot och risker. Digital Twin Cybersecurity Automotive Industry Digitization Threat Analysis Risk Assessment TARA Digital Tvilling Cybersäkerhet Bilindustrin Digitalisering Hotanalys Riskbedömning TARA Information Systems
345	Russia’s war against Ukraine : The effect on IT security in Sweden’s municipalities / Rysslands krig mot Ukraina : Effekten på IT-säkerheten i Sveriges kommuner Götlind, Hampus, Olsson, Rickard January 2023 (has links) This report aims to look at how Russia’s war in Ukraine has affected the work with IT security at Swedish municipalities, what actions have been taken, if any, and see if there has been an increase in attacks towards the municipalities’ networks. This was done by sending out a questionnaire to all of Sweden’s 290 municipalities via email with four questions regarding their IT security. 103 of Sweden’s municipalities responded to the email. Ten municipalities declined to participate in the report, which means that 32% (93) of Sweden’s municipalities participated in this survey. We chose to evaluate the Swedish municipalities and their preparedness in case of war for several reasons. They are a uniform group which we believed adhere to the same guidelines and regulations regarding cybersecurity, and the fact that they store and engage with critical and sensitive data about Sweden and its population, making them prime targets for attacks by foreign powers. The results were presented anonymously and based on the voluntary responses of the municipalities. Answers were then compiled and sorted into the five main categories from the NIST framework for cybersecurity. The report concludes that Swedish municipalities have taken significant actions to protect their networks in response to Russia’s war and aggressions towards Ukraine. For example, 18 municipalities reported that they had trained their staff in some way, which was the most common measure, and 11 municipalities had implemented two-factor authentication. However, more can be done in terms of responding to threats and enhancing recovery plans and systems. In summary, there seemed to be a lack of consensus on how municipalities should handle their own IT-security, as there was a high variation in the responses. The follow-up questions revealed a significant increase in attacks towards the municipalities’ networks, with many considering their networks potential targets for future attacks from foreign powers. cybersecurity security controls survey performance evaluation Russia Ukraine war municipalities information security management risk assessment cybersäkerhet säkerhetskontroller undersökning prestationsutvärdering Ryssland Ukraina krig kommuner informationssäkerhetshantering riskbedömning. Computer Systems Datorsystem
346	Cyberkrig under förstoringsglaset : En kvalitativ studie som utreder begreppet cyberkrig utifrån olika aspekter samt delger privata och statliga aktörers perspektiv på området. Ahlandsberg, Natalie, Berntsson, Lisa January 2023 (has links) I en alltmer digitaliserad värld blir den virtuella verkligheten lika viktig som den fysiska. Sverige ligger i framkant när det kommer till digitalisering, men samtidigt halkar landet efter i cybersäkerhet. Sammantaget kan det innebära att krig även kan förekomma i den virtuella verkligheten. I svensk media har begreppet cyberkrig fått en ökad uppmärksamhet men det har visat sig att begreppet inte har en gemensam definition i Sverige. Vilka anledningar ligger bakom det, hur kan cyberkrig alternativt definieras och hur förhåller sig begreppet cyberkrig till statliga myndigheter ur ett informations-och cybersäkerhetsperspektiv i en alltmer digitaliserad värld? Denna kvalitativa studie syftar till att utreda dessa frågetecken genom att delge privata och statliga aktörers perspektiv för att bidra med en fördjupad förståelse för begreppet cyberkrig. Studiens litteratur- och artikelstudie, samt semistrukturerade intervjuer ger en möjlighet att undersöka individuella perspektiv, doktriner och rapporter från olika myndigheter i både Sverige och internationellt. Utifrån resultatet i detta arbete dras slutsatsen att begreppet cyberkrig används i det offentliga rummet men att det inte nödvändigtvis brukas bland statliga aktörer och i formella sammanhang. Statliga aktörer såsom Försvarsmakten, MSB och FOI föredrar i stället att använda sig av begreppet cyberoperationer.Ett annat begrepp som visat sig vara fundamental för att kunna skapa en förståelse för begreppet cyberkrig är cyberdomänen. Författarna till detta arbete har tillsammans framställt en alternativ definition av cyberkrig enligt följande ”Cyberkrig innebär att en nation eller organisation inom cyberdomänen angriper eller försöker skada en annan nations digitala infrastruktur. Konsekvenserna ska kunna likställas med ett väpnat angrepp i enlighet med artikel 2(4) i FN-stadgan”. / In an increasingly digitalized world, the virtual reality is becoming as significant as the physical one. Sweden is at the forefront of digitalization, but at the same time, it is slipping behind in cybersecurity. Together, this may mean that warfare also can occur in virtual reality. The concept of cyberwarfare has received increased attention in Swedish media; however, it has become clear that the concept does not have a definition in Sweden. What are the reasons behind this, how can cyberwarfare be alternatively defined, and how does the concept of cyberwarfare relate to Swedish authorities’ defense work in an increasingly digitalized world? This qualitative study aims to investigate these questions by sharing the perspectives of private and state actors to contribute to a deeper understanding of the concept of cyberwarfare. This study’s literature and article study, as well as semi-structured interviews, provide an opportunity to examine individuals’ perspectives and other material such as doctrines and reports from various authorities in Sweden and internationally. Based on the results of this work, it is concluded that the concept of cyberwarfare is used in the public sphere, but not in a formal context and among state actors. State actors such as the Swedish Armed Forces, MSB, and FOI prefer to use the concept of cyberoperations. Another concept that has proved to be fundamental to creating an understanding of the concept of cyber war is the cyber domain. The authors of this study have defined cyberwarfare as when “a nation or organization in the cyber domain attacks or attempts to damage the digital infrastructure of another nation. The consequences must be equivalent to an armed attack following Article 2(4) of the UN Charter”. Cyberwarfare warfare cyberdomain cyberoperation cybersecurity information security Cyberkrig krigföring cyberdomän cyberoperation cybersäkerhet informationssäkerhet Information Systems, Social aspects
347	KONSTEN ATT BALANSERA SÄKERHET OCH ÖPPENHET : En kvalitativ studie av offentliga organisationers hantering av säkerhetshot / THE ART OF BALANCING SECURITY AND OPENNESS : A qualitative study of public organizations' management of security threats Johansson, Matthias, Påander, Erik January 2023 (has links) Offentliga organisationer har flera krafter som trycker och påverkar deras säkerhetspraktik, dessa är både externa men även interna. För att förstå hur den offentliga organisationen hanterar dessa krafter som kräver öppenhet respektive IT-säkerhet har studien använt sig av kvalitativ datainsamling i form av intervjuer med medarbetare med olika roller inom den offentliga sektorn. Studien har inspirerats av induktion som ansats och utvecklat sitt teoretiska ramverk efter det att empirin färdigställts. Teoretiska begrepp som används i analysen är bland annat det politiska systemet, skugg-IT och Information Security Awareness. Empirin består av intervjuer med personer som är anställda hos en offentlig organisation. Utmaningar för IT-säkerhetspraktiken uppstår i form av syn på utbildning och svårigheten att nå ut till personal som följd av den komplexitet som är inneboende i den offentliga organisationen. Studien ger insyn och förslag på hur detta skulle kunna hanteras för att göra arbetet att upprätthålla säkerheten mer effektiv. Arbetet utmynnar i framtagandet av ett ramverk som visualiserar det förlopp som aktualiseras i studien, där knyts sambandet mellan olika krafter och synpunkter som påverkar varandra. / Public organizations face various forces that exert pressure and influence their security practices, both externally and internally. To understand how public organizations manage these forces, which require both transparency and IT security, this study employed qualitative data collection in the form of interviews with employees in different roles within the public sector. The study was inspired by an inductive approach and developed its theoretical framework after the completion of empirical data gathering. The theoretical concepts used in the analysis include the political system, shadow IT, and Information Security Awareness. The empirical data consists of interviews with individuals employed by a public organization. Challenges for IT security practices arise in the form of differing views on education and the difficulty of reaching personnel due to the inherent complexity of the public organization. The study provides insight and suggestions on how to address these challenges in order to make the task of maintaining security more effective. The work culminates in the development of a framework that visualizes the progression highlighted in the study, establishing connections between the various forces and perspectives that influence one another. Public organization Shadow IT ISA SETA Cybersecurity Information and IT security Offentlig organisation Skugg-IT ISA SETA Cybersäkerhet Information- och IT-säkerhet Information Systems
348	Ethical Hacking of a Smart IoT Camera : A Penetration Test on D-Link DCS 8515-LH Smart Camera / Etisk hackning av en smart IoT-Kamera : Ett Penetrationstest på D-Link DCS 8515-LH Smart Kamera Zhuang, Chunyu January 2023 (has links) The trending usage of IoT devices raises serious security concerns. IoT devices have complete access to users’ network environments. In the eyes of hackers, the value of IoT devices is exceptionally high. From minor disturbances to major crimes, all could happen in no time with compromised IoT devices. As the IoT devices collects sensitive data, properly protect users’ privacy is also a crucial aspect for IoT devices. Thus, IoT devices need to be secure enough against modern cyber-attacks. In this work, a smart camera DCS-8515LH from D-Link is under penetration tests. Threat modeling is first performed as an analysis of the IoT system following by a dozen cyber attacks targeting this smart camera. The penetration tests provide valuable information that can reveal the smart camera’s vulnerability and weakness, such as security misconfiguration, vulnerability to DoS attacks. The smart camera is discovered to be vulnerable to DoS attacks and exploits on the zero-configuration protocol. Several weaknesses which violate the users’ privacy exist in the mobile application and Android storage system. This work evaluated all the vulnerabilities and weaknesses discovered from a security aspect. This report exposes attacks that are effective on the smart camera and also serves as a fundamental basis for future penetration tests on this smart camera. / I detta arbete är en smart kamera DCS-8515LH från D-Link under penetrationstester. Hotmodellering utförs först som en analys av IoT-systemet följt av ett dussin cyberattacker riktade mot denna smarta kamera. Penetrationstesterna ger värdefull information som kan avslöja den smarta kamerans sårbarhet och svaghet, såsom säkerhetsfelkonfiguration, sårbarhet för Dos-attacker. Den smarta kameran har upptäckts vara sårbar för DoS-attacker och utnyttjande av nollkonfigurationsprotokollet. Flera svagheter som kränker användarnas integritet finns i mobilapplikationen och Android-lagringssystemet. Detta arbete utvärderade alla sårbarheter och svagheter som upptäckts ur en säkerhetsaspekt. Den här rapporten avslöjar attacker som är effektiva på den smarta kameran och fungerar också som en grundläggande bas för framtida penetrationstester på denna smarta kamera. Cybersecurity IoT security IoT camera IoT devices Penetration testing Ethical hacking Threat modeling Cybersäkerhet IoT säkerhet IoT Kamera Penetrationstestning Etisk hacking Hotmodellering Computer and Information Sciences Data- och informationsvetenskap
349	ENHANCING SECURITY IN DOCKER WEB SERVERS USING APPARMOR AND BPFTRACE Avigyan Mukherjee (15306883) 19 April 2023 (has links) <p>Dockerizing web servers has gained significant popularity due to its lightweight containerization approach, enabling rapid and efficient deployment of web services. However, the security of web server containers remains a critical concern. This study proposes a novel approach to enhance the security of Docker-based web servers using bpftrace to trace Nginx and Apache containers under attack, identifying abnormal syscalls, connections, shared library calls, and file accesses from normal ones. The gathered metrics are used to generate tailored AppArmor profiles for improved mandatory access control policies and enhanced container security. BPFtrace is a high-level tracing language allowing for real-time analysis of system events. This research introduces an innovative method for generating AppArmor profiles by utilizing BPFtrace to monitor system alerts, creating customized security policies tailored to the specific needs of Docker-based web servers. Once the profiles are generated, the web server container is redeployed with enhanced security measures in place. This approach increases security by providing granular control and adaptability to address potential threats. The evaluation of the proposed method is conducted using CVE’s found in the open source literature affecting nginx and apache web servers that correspond to the classification system that was created. The Apache and Nginx containers was attacked with Metasploit, and benchmark tests including ltrace evaluation in accordance with existing literature were conducted. The results demonstrate the effectiveness of the proposed approach in mitigating security risks and strengthening the overall security posture of Docker-based web servers. This is achieved by limiting memcpy and memset shared library calls identified using bpftrace and applying rlimits in 9 AppArmor to limit their rate to normal levels (as gauged during testing) and deny other harmful file accesses and syscalls. The study’s findings contribute to the growing body of knowledge on container security and offer valuable insights for practitioners aiming to develop more secure web server deployments using Docker. </p> Data security and protection System and network security Networking and communications Docker security Webserver Containerization
350	Att definiera “Cyber-Pearl Harbor” Validering av DSLP-ramverket i “Offensive Cyberspace Operations Targeting Ukraine: a Cyber Pearl-Harbor Eishayea, Eleshwa, Lilja, Jonathan January 2023 (has links) Användningen av cyberattacker mot organisationer, sjukvård och individer har ökat parallellt med digitaliseringen. Nationer har också blivit offer för dessa typer av attacker, som ofta kombineras med andra medel för krigföring såsom markanfall och missilattacker. En Cyber-Pearl Harbor (härefter förkortad CPH) är en term uppmärksammad av Leon Panetta som enligt honom består av kombinerade attacker som resulterar i mänsklig död, fysisk förstörelse och som lamslår en hel nation. Gazmend Huskaj använder sig av Panettas definition för utformande av ett ramverk (“DSLP-ramverket”) som är tänkt användas för att kunna klassificera en händelse som en CPH. Syftet med denna studie är att utforska om DSLP-ramverket kan valideras då termen har brukats de senaste 25 åren utan att en global definition tagit fäste, det är därför inte säkert att de kriterier som presenteras i ramverket överensstämmer med vad cybersäkerhetsexperter anser att en CPH är. Forskningsfrågan som utvecklades från denna studie blev följande: “Hur kan ramverket "DSLP-ramverk" från "Offensive Cyberspace Operations Targeting Ukraine: a Cyber Pearl-Harbor" (2023) valideras för klassificering av cyberattacker som Cyber Pearl-Harbor?”. En kvalitativ fallstudie genomfördes med en litteraturöversikt över termen CPH samt en semistrukturerad intervju där 3 experter utfrågades, vilket sedan analyserades via en tematisk analys. Som ett första steg för att besvara denna studies frågeställning applicerades ramverket på tre verkliga fall, detta för att avgöra huruvida dessa fall kan klassificeras som en CPH eller inte. Dessa tre verkliga fall var en attack mot en publik sjukvårdssektor i Costa Rica, ett TV-torn i Kiev, Ukraina samt dagligvarukedjan Coop i Sverige. Resultatet av valideringen av DSLP-ramverket var att endast fallet med TV-kornet i Kiev, Ukraina kunde klassificeras som en CPH. Den kognitiva effekten av eventet var dock inte förlamande nog att paralysera hela Ukraina, vilket gör klassificeringen diskutabel. Det andra steget bestod av en tematisk analys som gjordes på de tre experterna, vilket resulterade i skapandet av fyra huvudteman: Begreppets betydelse, Försvar mot Cyber-Pearl Harbor, Probabilitet och Kombinerade anfall. Följande slutsatser kom att dras i denna studie: Avsaknaden av en internationell/global standard gör det svårare att 1) göra upp om en gemensam definition av termen samt 2) klassificera en CPH i verklig kontext. Kombinationer av flera attacker och verktyg är en annan aspekt som understryks vid definiering av en CPH. Huruvida en CPH har skett eller inte varierar från expert till expert, och detsamma gäller probabiliteten för att en CPH kan ske i dagens kontext. Baserat på dessa slutsatser blir det svårt att validera DSLP-ramverket. Ytterligare forskning och data, intervjuer med experter och förtydligande behövs för att skapa en universell definition och därmed en gemensam grund att utgå ifrån. / The use of cyberattacks against organizations, health care and individuals have increased along with the constant digitalisation. Nations have also fallen victim to cyberattacks, often combined with other means of war like boots on the ground or missiles. A Cyber-Pearl Harbor (further shortened as CPH) is a term mentioned by Leon Panetta described in his words as “combined attacks that result in human death and physical destruction and that paralyzes an entire nation”. Gazmend Huskaj used Panettas definition in order to create a framework (“DSLP-framework”) for classifying an event as a CPH. This study strives to see if the DSLP-framework can be validated since the term has been widely used for the last 25 years, however a universal definition of the term seems to be missing, therefore it is not certain that the criterias presented in the framework is accurate to what cybersecurity experts consider a CPH to be. The research question developed from this study's problem became the following: “How can the framework “DSLP-Framework” from “Offensive Cyberspace Operations Targeting Ukraine: a Cyber Pearl-Harbor” (2023) be validated for classification of cyberattacks as Cyber Pearl-Harbor?”. A qualitative case study was conducted through a literature overview regarding the term CPH and a semistructured interview with three experts, which were later analyzed through a thematic analysis. As a first step to answering the research question, the framework was applied to three real life cases in order to determine whether or not they can be classified as a CPH. The following cases were an attack on a public health sector in Costa Rica, a TV-tower in Kyiv, Ukraine and the grocery company Coop in Sweden. The result from applying each case to the DSLP-framework was that only the case of the TV-tower in Kyiv could be classified as a CPH. However, the cognitive effects of the event were not crippling enough to paralyze the entirety of Ukraine, making the classification debatable. The second step was done through the use of thematic analysis on the interviews with the experts, in which four main themes were created: The meaning of the concept, Defense against Cyber-Pearl Harbor, Probability and Combined attacks. The following conclusions were drawn in this study: The absence of an international standard makes it harder to 1) conclude a common definition of the term and 2) classify a CPH in real context. The combinations of attacks and tools is another important aspect to highlight when defining a CPH. Whether a CPH has happened or not varies from expert to expert, and the same goes for the probability of a CPH occurring in today's context. Based on these conclusions, it is hard to validate the DSLP-framework. Further research and data, interviews with experts and clarification is needed in order to create a universal definition and therefore a common ground to start from. Cyber-Pearl Harbor cyberattacks cybersecurity hybrid operations Russia-Ukraine war Cyber-Pearl Harbor cyberattacker cybersäkerhet hybridoperationer Ryssland-Ukraina kriget Computer Sciences Datavetenskap (datalogi)

Search results