Global ETD Search

361	Nulägesanalys om gymnasieelevers kunskap och förhållningssätt kring IT-säkerhet och hur lärare undervisar inom ämnet / Analysis of the current situation regarding high school students' knowledge and attitudes towards IT security, as well as how teachers are teaching the subject Karlsson, Andreas, Brifelt, Linus January 2023 (has links) Ungdomar börjar använda internet vid allt yngre åldrar: 99 % av ungdomar i åldersspannet 8 till 19 år använder internet på en daglig basis. Samtidigt som informationsflödet ökar så medför detta även bieffekter där ungdomar numera i allt större utsträckning sparar och laddar upp information om sig själva mer frekvent på internet. Samtidigt som användandet ökat privat har även många skolor i Sverige valt att nästan helt övergå från penna och papper till en mer digitaliserad utbildningsmetod. Detta har dock fört med sig vissa risker när det kommer till IT-säkerhet. Exempel på sådana risker kan vara obehörig åtkomst till data, dataintrång eller förlust av information på grund av tekniska fel eller bristfälliga säkerhetsåtgärder. Detta blev extra tydligt under covid-19-pandemin då utbildning övergick till distansundervisning samtidigt som cyberbrotten ökade i allmänhet, och mot utbildningssektorn i synnerhet. Denna studie har till syfte att undersöka kunskapsnivån och förhållningssätt hos tredjeårselever på gymnasieskolor runt om i Skaraborg inom området IT-säkerhet och samtidigt kartlägga behovet och intresset för utbildning inom ämnet. Studien har med hjälp av enkätundersökningar mot elever och semistrukturerade intervjuer med lärare kommit fram till att det finns ett tydligt behov av utbildning inom IT-säkerhet bland ungdomar på gymnasieskolorna i Skaraborg, samtidigt som lärarna menar på att ämnet ofta faller undan i klassrummet. Resultatet visar att både elever och lärare ser positivt på att inkludera ämnet i ordinarie gymnasieutbildning för att stärka kunskaper och medvetenhet om IT-säkerhetens betydelse. / Young people are starting to use the internet at increasingly younger ages, with 99 % of individuals aged 8 to 19 using the internet on a daily basis. As the flow of information increases, this also brings about side effects where young people are now more frequently saving and uploading personal information about themselves on the internet. Moreover, as schools in Sweden have chosen to almost completely transition from pen and paper to a more digitized form of education, the need for IT security skills among young people has become increasingly important. This became particularly evident during the covid-19 pandemic when education shifted to remote learning and cybercrimes saw a general increase, particularly attacks against the education sector. The purpose of this study was to examine the level of knowledge and attitudes among third[1]year students in high schools across Skaraborg regarding IT security and simultaneously assess the need and interest for education around this subject. Through surveys conducted among students and semi-structured interviews with teachers, the study concludes that there is a clear need for education in IT security among young people in high schools in Skaraborg, while teachers argue that the subject often takes a back seat in the classroom. The results show that both students and teachers view the inclusion of this subject in regular high school education positively to strengthen knowledge and awareness of the importance of IT security. IT security cybersecurity school students teachers education IT-säkerhet cybersäkerhet skola elever lärare utbildning Information Systems, Social aspects
362	Authentication challenges for people with neurodevelopmental disorders Chrzan, Patryk January 2023 (has links) We live in a world where we increasingly depend on information technology, as much of our work and education occurs online, often from home. An average user has an increasing amount of accounts for all kinds of online services, making authentication more and more important. As people authenticate several times a day, it is important that everyone is able to use online services and authenticate themselves, including minorities such as individuals with neurodevelopmental disorders. This thesis explores the challenges people with neurodevelopmental disorders have with authentication as well as authentication methods that can help them. This was achieved by doing a systematic literature review on collected bibliography with the help of thematic analysis. 18 studies were analyzed and helped us answer the research questions and give us an overview of the research field. The analysis showed that text-based authentication was a big issue for individuals with neurodevelopmental disorders, where passwords were often highlighted as the culprit. Alternative authentication methods were identified but showed us that there was no easy fix to the issue at hand, and that more had to be done to make authentication more accessible. / Vi lever i en värld där vi är alltmer beroende av informationsteknologi, eftersom mycket av vårt arbete och utbildning nu istället sker online, ofta även hemifrån. En genomsnittlig användare har ett ökande antal konton för alla sorters onlinetjänster, vilket gör autentisering allt viktigare. Då människor autentiserar flera gånger om dagen är det viktigt att alla kan använda onlinetjänster och auntentisera sig, inklusive minoriteter som individer med neuropsykiatriska funktionsnedsättningar. Detta examensarbete utforskar de utmaningar som personer medneuropsykiatriska funktionsnedsättningar har med autentisering samt autentiseringsmetoder som kan hjälpa dem. Detta uppnåddes genom att göra en systematisk litteraturöversikt med insamlad bibliografi med hjälp av tematisk analys. 18 studier analyserades och hjälpte oss att svara på forskningsfrågorna samt ge oss en överblick över forskningsfältet. Analysen visade att textbaserad autentisering var ett stort problem för individer med neuropsykiatriska funktionsnedsättningar, där lösenord ofta lyfts fram som boven. Alternativa autentiseringsmetoder som identifierades visade oss att det inte fanns någon enkel lösning på problemet och att mer behöver göras för att göra autentisering tillgänglig för alla. Authentication passwords neurodevelopmental disorders cybersecurity disabilities Autentisering lösenord datasäkerhet funktionshinder Information Systems, Social aspects
363	Leveraging Personal Internet-of-Things Technology To Facilitate User Identification in Digital Forensics Investigations Shinelle Hutchinson (16642559) 07 August 2023 (has links) <p>Despite the many security and privacy concerns associated with Internet-of-Things (IoT) devices, we continue to be barraged by new IoT devices every day. These devices have infiltrated almost every aspect of our lives, from government and corporations to our homes, and now, on and within our person, in the form of smartphones and wearables. These personal IoT devices can collect some of the most intimate pieces of data about their user. For instance, a smartwatch can record its wearer's heart rate, skin temperature, physical activity, and even GPS location data. At the same time, a smartphone has access to almost every piece of information related to its user, including text messages, social media activity, web browser history, and application-specific data. Due to the quantity and quality of data these personal IoT devices record, these devices have become critical sources of evidence during forensic investigations. However, there are instances in which digital forensic investigators need to make doubly sure that the data obtained from these smart devices, in fact, belong to the alleged owner of the smart device and not someone else. To that end, this dissertation provides the first look at using personal IoT device handling as a user identification technique with machine learning models to aid forensic investigations. The results indicated that this technique is capable of significantly differentiating device owners with performance metrics of .9621, .9618, and .9753, for accuracy, F1, and AUC, respectively, when using a smartwatch with statistical time-domain features. When considering the smartphone performance, the performance was only marginally acceptable with accuracy, F1, and AUC values of .8577, .8560, and .8891, respectively. The results also indicate that female users handled their devices notably differently from male users. This study thus lays the foundation for performing user identification during a forensic investigation to determine whether the smart device owner did, in fact, use the device at the time of the incident.</p> Digital forensics Digital Forensics User Identification Machine learning Android Attribution Internet-of-Things (IoT) Wearables Smartphone
364	Cybersecurity Evaluation of an IP Camera Stroeven, Tova, Söderman, Felix January 2022 (has links) The prevalence of affordable internet-connected cameras has provided many with new possibilities, including keeping a watchful eye on property and family members from afar. In order to avoid serious breaches of privacy, it is necessary to consider whether these devices are secure. This project aims to evaluate the cybersecurity of one such device, an IP camera from Biltema. This was done by performing an extensive analysis of the camera, determining possible vulnerabilities, and performing penetration tests based on identified vulnerabilities. The tests included capturing and analyzing network traffic, attempting to crack the camera credentials, and attempting to disable the camera completely. The conclusions were that the camera should not be used for any security applications and is unsuitable to use in situations where one's privacy is important. / Det breda utbudet av prisvärda och kameror med internet uppkopling har medfört helt nya möjligheter. Idag är det till exempel möjligt att hålla koll på sina barn utan att vara i rummet, eller hålla ett öga på hemmet via mobilen. Det är dock nödvändigt att reflektera över om dessa enheter är säkra, för att undvika allvarliga integritetsintrång. Projekets syfte är att utvärdera cybersäkerheten hos en sådan enhet, en IP-kamera från Biltema. Utvärderingen bestod av en omfattande analys av kameran, identifikation av möjliga sårbarheter och utförande av ett antal penetrationstester baserat på de upptäckta sårbarheterna. Testerna omfattade en analys av nätverkstrafik, att försöka knäcka kamerans inloggningssuppgifter samt att försöka inaktivera kameran. Slutsatsen var att kameran inte bör användas inom säkerhetstillämpningar och att den är olämplig i situationer där integritet är viktigt. / Kandidatexjobb i elektroteknik 2022, KTH, Stockholm cybersecurity IP camera baby camera security camera penetration testing IoT Biltema privacy ethical hacking Elektroteknik och elektronik
365	Enhancing Cybersecurity of Unmanned Aircraft Systems in Urban Environments Kartik Anand Pant (16547862) 17 July 2023 (has links) <p>The use of lower airspace for air taxi and cargo applications opens up exciting prospects for futuristic Unmanned Aircraft Systems (UAS). However, ensuring the safety and security of these UAS within densely populated urban areas presents significant challenges. Most modern aircraft systems, whether unmanned or otherwise, rely on the Global Navigation Satellite System (GNSS) as a primary sensor for navigation. From satellite navigations point of view, the dense urban environment compromises positioning accuracy due to signal interference, multipath effects, etc. Furthermore, civilian GNSS receivers are susceptible to spoofing attacks since they lack encryption capabilities. Therefore, in this thesis, we focus on examining the safety and cybersecurity assurance of UAS in dense urban environments, from both theoretical and experimental perspectives. </p> <p>To facilitate the verification and validation of the UAS, the first part of the thesis focuses on the development of a realistic GNSS sensor emulation using a Gazebo plugin. This plugin is designed to replicate the complex behavior of the GNSS sensor in urban settings, such as multipath reflections, signal blockages, etc. By leveraging the 3D models of the urban environments and the ray-tracing algorithm, the plugin predicts the spatial and temporal patterns of GNSS signals in densely populated urban environments. The efficacy of the plugin is demonstrated for various scenarios including routing, path planning, and UAS cybersecurity. </p> <p>Subsequently, a robust state estimation algorithm for dynamical systems whose states can be represented by Lie Groups (e.g., rigid body motion) is presented. Lie groups provide powerful tools to analyze the complex behavior of non-linear dynamical systems by leveraging their geometrical properties. The algorithm is designed for time-varying uncertainties in both the state dynamics and the measurements using the log-linear property of the Lie groups. When unknown disturbances are present (such as GNSS spoofing, and multipath effects), the log-linearization of the non-linear estimation error dynamics results in a non-linear evolution of the linear error dynamics. The sufficient conditions under which this non-linear evolution of estimation error is bounded are derived, and Lyapunov stability theory is employed to design a robust filter in the presence of an unknown-but-bounded disturbance. </p> Avionics Flight dynamics Cybersecurity Mixed-reality. Lie Groups Robust State Estimation GNSS modeling Virtual Sensor Emulation 3D Modeling
366	IT security expert’s perceptions of cybersecurity when working remotely compared to working in the office : A quality study on Swedish insurance companies / IT-säkerhetsexperters uppfattningar om cybersäkerhet vid distansarbete jämfört med arbete på kontoret : En kvalitativ studie på svenska försäkringsbolag Kullander, Kristoffer, Cselenyi, Mathilda January 2024 (has links) Teleworking has become a significant aspect of working life, especially after the outbreak of the COVID-19 pandemic, which accelerated the trend of teleworking. However, this shift has increased the risk of cyber threats and security risks. Despite organizations' efforts to strengthen cybersecurity, a significant risk remains, with employees posing one of the main security risks in the form of human error and mistakes. Previous research highlights that employees tend to exhibit lower levels of cybersecurity awareness and are more likely to perform riskful actions when working remotely compared to working in the office. However, recent research has shown the opposite, where employees are more conscious of cybersecurity awareness and more likely to apply security-based precaution measures during remote work compared to office work. In light of these research findings, this study focuses on examining how IT-security experts perceive cybersecurity when working remotely compared to working in the office. To explore this, the study has, through qualitative mapping, conducted semi-structured interviews with a theoretical basis in Protection Motivation Theory (PMT). Overall, the study showed that IT- security experts perceive cybersecurity as more manageable when working in the office compared to remote work, with an increased awareness of the importance of the human factor. / Distansarbete har blivit en betydande aspekt av arbetslivet, särskilt efter utbrottet av Covid-19- pandemin, vilket accelererade trenden med distansarbete. Denna omställning har emellertid ökat risken för cyberhot och säkerhetsrisker. Trots organisationers insatser för att stärka cybersäkerheten kvarstår en betydande risk, då anställda utgör en av de främsta säkerhetsriskerna i form av mänskliga fel och misstag. Tidigare forskning framhäver att anställda ofta är mindre säkerhetsmedvetna och mer benägna att utföra riskfyllda handlingar när de arbetar på distans jämfört med arbete på kontoret. Däremot har senare forskning visat motsatsen, där anställda är mer säkerhetsmedvetna och mer benägna att vidta säkerhetsåtgärder under distansarbete jämfört med arbete på kontoret. Mot bakgrund till dessa forskningsresultat, fokuserar denna studie på att undersöka hur IT-säkerhetsexperter uppfattar cybersäkerhet vid distansarbete jämfört med arbete på kontoret. För att utforska detta har studien, genom kvalitativ kartläggning, genomfört semistrukturerade intervjuer med teoretisk grund i Protection Motivation Theory (PMT). Sammantaget visade studien på att IT-säkerhetsexperter uppfattar cybersäkerhet som mer hanterbar vid arbete på kontoret jämfört med distansarbete, med en ökad medvetenhet om den mänskliga faktorns betydelse. Cyber security cyber threats cybersecurity awareness remote work Protection Motivation Theory Cybersäkerhet cyberhot säkerhetsmedvetenhet distansarbete Protection Motivation Theory Information Systems
367	The Impact of AI on Banks' Risk Management Approach : A qualitative study on the effects of AI in the banking sector from a holistic perspective / Effekten av AI på Bankers Riskhantering : En kvalitativ studie om inverkan av AI på banksektorn från ett helhetsperspektiv Khailtash, Dariush, Lindqvist, Pontus January 2022 (has links) The banking sector is experiencing the rise of several new types of innovations and trends. For instance, increased use of Artificial Intelligence (AI) to streamline day-to-day activities. These trends are, e.g., influenced by an increased frequency of cyber attacks, the emergence of newly proposed regulations such as DORA and the AI Act, and the improving computational capabilities of AI-driven systems. The full impact these trends will have on the sector is yet to be realized. The sector is diverse and deeply integrated within society, meaning that it is critical to understand how actors mitigate the risks associated with the implementation of AI. This study analyzes how organizations can mitigate the risks involved with this implementation and how it affects the risk management process. To examine the implementation of AI in the banking sector, the study conducted semi-structured interviews with twelve respondents with expertise in AI, security, or the banking sector. The study used two theoretical frameworks to analyze the data. The first framework, the Dynamic Risk Management Framework, was used to analyze changes in the risk management process based on its unique position within society. The second framework, the Multi-Level Perspective, gave the study a holistic understanding of the impact of AI as a driver of a socio-technical shift. The results show that the implementation of AI leads to a set of new risks. These risks are primarily organizational and regulatory and will lead to a revision in how actors classify risks. The constant evolution of AI also means that products must be reviewed periodically, changing how actors view the risk management process. Additionally, the results identify a lack of knowledge regarding both AI and security within the sector. Consequently, the organization will have to change its structure to accommodate interactions between different competencies. To succeed in implementing AI, meet the regulatory demands and mitigate unintended bias when developing AI, the study concludes that these competencies must create a shared terminology to communicate efficiently. In conclusion, the study contributes to a growing field regarding business applications of AI by creating a holistic understanding of aspects impacting the risk management process in banking. The findings result in a series of recommended actions for organizations that aim to implement AI in their businesses. Further research is recommended to understand the long-term effects of these actions. Future in depth analyses could validate the results of this study and further investigate the development of AI as a business tool. / Banksektorn upplever en uppåtgående trend när det kommer till användandet av innovation. Ett exempel på detta är användningen av artificiell intelligens (AI) för att effektivisera bankens dagliga aktiviteter. Denna trend beror på flertalet olika faktorer, bland annat den ökade frekvensen av cyberattacker mot bankaktörer, de nya föreslagna förordningarna DORA och AI Act, och att AI-drivna systems kapacitet förbättras. Däremot har inte effekten av AI på sektorn ännu realiserats till fullo. Banksektorn har en unik position i samhället och dess aktörer har många olika utmaningar, vilket innebär att det är avgörande att förstå hur aktörerna hanterar de risker som uppstår i samband med implementeringen av AI. Denna studie analyserar hur organisationer kan minska riskerna med denna implementering och hur AI påverkar riskhanteringsprocessen. För att undersöka implementeringen har studien genomfört semistrukturerade intervjuer med tolv intervjuobjekt med expertis inom AI, säkerhet eller banksektorn. För att analysera den framtagna datan har studien använt två teoretiska ramverk. Det första ramverket, som kallas Dynamic Risk Management Framework, användes för att analysera förändringar i riskhanteringsprocessen med tanke på banksektorns unika position i samhället. Det andra ramverket, som kallas Multi-Level Perspective, undersökte AI som en drivkraft mot ett sociotekniskt skifte och gav därmed studien en helhetsbildav effekten av AI. Resultaten visar att implementeringen av AI leder till en rad nya risker. Dessa risker är i första hand organisatoriska och regulatoriska. Då dessa är relativt nya, måste organisationer se över hur de klassificerar risker. AI utvecklas kontinuerligt, vilket innebär att produkterna och deras effekt måste ses över regelbundet. Dessutom identifierar resultaten en brist på kunskap om både AI och säkerhet inom banksektorn. För att tillgodose nya kompetenser och underlätta interaktionerna mot existerande kompetenser kommer organisationer behöva struktureras om. Studien drar slutsatsen att en lyckad AI implementering, där de regulatoriska kraven möts och utveckling av AI är fri från oavsiktliga fördomar och diskriminering, kräver en rad förändringar. Organisationen måste kunna kommunicera effektivt, vilket kräver att alla pratar samma språk och använder samma terminologi. Sammanfattningsvis bidrar studien till ett växande akademiskt område gällande affärstillämpningar av AI genom att skapa en helhetsbild över vilka aspekter som påverkar riskhanteringsprocessen inom bankverksamhet. Denna summering har resulterat i en rad åtgärder verksamheter som strävar efter att implementera AI rekommenderas att ta. Framtida studier rekommenderas däremot att undersöka de långsiktiga effekterna av dessa åtgärder. Genom att utföra djupgående analyser kanframtida studier inte bara validera denna studies resultat, de kan också förbättra förståelsen för hur AI som ett affärsverktyg kan komma att utvecklas. AI The Bank Sector Multi-Level Perspective Risk Management Cybersecurity AI Banksektorn Multi-Level Perspective Riskhantering Cybersäkerhet Other Engineering and Technologies Annan teknik Economics and Business Ekonomi och näringsliv
368	HOW HACKERS THINK: A MIXED METHOD STUDY OF MENTAL MODELSAND COGNITIVE PATTERNS OF HIGH-TECH WIZARDS Summers, Timothy Corneal 03 June 2015 (has links) No description available. Cognitive Psychology Information Systems Organization Theory Organizational Behavior Sociology hackers cybersecurity expertise mental models cognitive framework cognition psychology sociology problem solving decision making patterning learning forward thinking
369	How Information and Communication Security Technologies Affect State Power Campbell, Joshua Michael 12 May 2016 (has links) No description available. Computer Science Information Technology Information Systems International Relations Political Science Cybersecurity ICT State Power Computer Security Computers and Politics
370	Navigating the Risks of Dark Data : An Investigation into Personal Safety Gautam, Anshu January 2023 (has links) With the exponential proliferation of data, there has been a surge in data generation fromdiverse sources, including social media platforms, websites, mobile devices, and sensors.However, not all data is readily visible or accessible to the public, leading to the emergence ofthe concept known as "dark data." This type of data can exist in structured or unstructuredformats and can be stored in various repositories, such as databases, log files, and backups.The reasons behind data being classified as "dark" can vary, encompassing factors such as limited awareness, insufficient resources or tools for data analysis, or a perception ofirrelevance to current business operations. This research employs a qualitative research methodology incorporating audio/videorecordings and personal interviews to gather data, aiming to gain insights into individuals'understanding of the risks associated with dark data and their behaviors concerning thesharing of personal information online. Through the thematic analysis of the collected data,patterns and trends in individuals' risk perceptions regarding dark data become evident. The findings of this study illuminate the multiple dimensions of individuals' risk perceptions andt heir influence on attitudes towards sharing personal information in online contexts. Theseinsights provide valuable understanding of the factors that shape individuals' decisionsconcerning data privacy and security in the digital era. By contributing to the existing body ofknowledge, this research offers a deeper comprehension of the interplay between dark datarisks, individuals' perceptions, and their behaviors pertaining to online information sharing.The implications of this study can inform the development of strategies and interventionsaimed at fostering informed decision-making and ensuring personal safety in an increasinglydata-centric world Dark data Hidden data Big data Unstructured data Missing data Privacy Cybersecurity Personal data Data storage Consumer protection Information Systems, Social aspects

Search results