Global ETD Search

81	Hacka dig själv och upptäck attacker Fransén, Johan, Sorlija, Adnan January 2019 (has links) Denna uppsats bygger på idén om att hacka det egna systemet före en utomstående hackare gör det för att upptäcka systemets läckor. Detta görs med ett automatiserat hackingverktyg som utför penetrationstester mot en utvecklad hemsida. Lagringstekniken som används är en eventdatabas med namnet Event Store som lagrar varje händelse som skedde mot hemsidan. Syftet med Event Store är att upptäcka de olika penetrationstesterna och lagra dess händelser för att sedan ge indikationer till administratören att hemsidan var under attack. Uppsatsen riktar sig främst på ifall Event Store är lämpligt att implementera tillsammans med en hemsida som blir attackerad med penetrationstester och vilka för- och nackdelar det finns med att använda Event Store. Resultatet visar att Event Store kan användas för att identifiera anomalier mot en hemsida vid hackingattacker. Med stor sannolikhet kan intrång mot hemsidan bevisas med hjälp utav det utvecklade systemet med Event Store. / This thesis is based on the idea of hacking your own system before an outside hacker does it to find the system vulnerabilities. This is done with an automated hacking tool that performs penetration tests against the created website. The database technology that is used is the event database Event Store that stores every event that take place against the website. The task of Event Store in this case is to discover the different penetration tests and to store the events and to give indications to the administrator that the website was under attack. The study is primarily aimed at finding out whether Event Store is advisable to implement with a website where different penetration testing shall be made, and what the advantages and disadvantages are to using Event Store. Results show that Event Store can be used to identify anomalies against a website during attacks. Intrusions against the website can with great probability be proven with the help of the developed system with Event Store. Hacking Event Store Event database OWASP Zed Attack Proxy ZAP Engineering and Technology Teknik och teknologier
82	Growth hacking as a methodologyfor user retention in the entrepreneurial venture: A case study / Growth hacking som metod för användarretention i entreprenörskapet: en fallstudie Vilda, Siurblyté January 2018 (has links) Even though growth hacking is a new concept, it has become a buzz-word among entrepreneurs and start-ups. Various startups that have achieved extensive growth, such as Dropbox, Uber, Airbnb, have been sharing their success stories. However, to date, the focus of this concept was more on the practicalities instead of the theoretical research. With so many start-ups that fail to grow, it is important to research growth methodologies, that can help young entrepreneurs to successfully establish themselves. This paper studies growth hacking concept, by trying to understand how the growth hacking strategy works and how it could be used to retain a user-base in a start-up. With the help of an extensive literature review, interviews with the entrepreneurs and a case study analysis, this research provides (1) insights into the theory of growth hacking and retention marketing,(2) examples of its practices, and (3) an implementation of suggestions made based on the findings. The results of this study indicate that growth hacking is a broad concept and has numerous interpretations. Growth hacking framework has been applied at the early stages of start-ups, however, the growth hacking concept has not been defined as well as it has not been determined whether it is a relevant method to improve user retention. In this study, it was discovered that growth hacking practices can improve to set up theuser retention strategy. However, growth hacking strategies must be tailored and adapted to the entrepreneurial venture’s business model. / Även om growth hacking är ett nytt koncept, har det blivit ett buzz-word bland företagare och nystartade företag. Olika nystartade företag som använt growth hacking och uppnått omfattande tillväxt t.ex Dropbox, Uber och Airbnb har alla förmedlat sina framgångshistorier. Men hittills har fokus legat mer på det praktiska i stället för den teoretiska forskningen. Med så många nystartade företag som inte lyckas växa, är det viktigt att undersöka tillväxtmetodik, som kan hjälpa unga företagare att framgångsrikt etablera sig. Denna uppsats studerar growth hacking konceptet, genom att försöka förstå hur denna strategi fungerar och hur det kunde användas för att behålla en användarbas. Med hjälp av en omfattande litteraturgenomgång, intervjuer med företagare och en fallstudie, ger denna forskning (1) insikter i teorin om growth hacking och retention marknadsföring, (2) exempel på dess praxis, och (3) en implementering av förslag har gjorts baserat på resultaten. Resultaten av denna studie visar att growth hacking är ett brett begrepp och har många tolkningar. Growth hacking ramverk har tillämpats i tidiga stadier på nystartade företag, dock har growth hacking koncept inte definierats, liksom har det inte fastställts huruvida det är en relevant metod för att förbättra användarbevarande. I denna studie upptäcktes det att growth hacking metoder kan förbättra utvecklingen av strategier för bibehållning av användare. Dock måste growth hacking strategier vara skräddarsydda och anpassade till det entreprenöriella företagets affärsmodell. Growth hacking user retention growth growth strategy start-up development entrepreneurship Media and Communication Technology Medieteknik
83	User acquisition growth hacks for startups : A case study / Användare av förvärvande growth hacks för startups Naarden, Lydia January 2018 (has links) Den här studien diskuterar metoder som startups kan använda sig av vid förvärvande av nya användare för sina produkter eller tjänster. Studien utgörs av en fallstudie baserat på en startups perspektiv och jämför denna med andra verksamheter. Då många startups är under framväxt söker de kostnadseffektivametoder för att få sin verksamhet att växa. Företag som Airbnb och Facebook använde "growth-hacking" under sina inledande faser då de saknade resurser. Många bloggar har skrivit om fenomenet, men det saknas ännu vetenskaplig forskning kring vad som är nödvändigt att utföra och ta hänsyn till. Den här studien ämnar bidra med insikter som saknas rörande förvärvande av användare. Under sex veckor testades flera olika strategier på Locallife. Dessa strategier har sedan tidigare varit beprövade av andra företag. Insamlad data blev analyserad och använd för optimering. Growth-hacking-strategier blev utförda på Facebook för att identifiera vilka metoder som åstadkom tillväxt av användare. Resultaten visade att kalendrar på sociala medier knappt ledde till några konverteringar: efter tre veckor av utförande och observation var antalet nya användare inte tillfredsställande. Däremot var lokalt anpassat marknadsföringsinnehåll effektivt och gav tillfredsställande resultat. Innehåll som användare kan relatera till är mer sannolikt att attrahera användarens uppmärksamhet än generell information om produkten eller tjänsten. Dessutom är den inte enbart kampanjens ton som påverkar åhörare: sättet att uttrycka sig på för att uppmana personer till handling påverkar individers beslut om att ansluta sig till produkten eller tjänsten. Dessa resultat är betydelsefulla då de erbjuder nybörjare och företag ett perspektiv på vilka frågor och problem som måste tas hänsyn till när de avser att utöka antalet användare. Dessutom, trots att många metoder är diskuterade i bloggar är det ytterst få som förklarar vilka justeringar som genomfördes för att nå ett specifikt resultat. Detta har fått det att framstå som att höga resultat har åstadkommits omedelbart. Den här studien ämnar utforska konceptet growth-hacking och framhäva ansträngningarna som krävs för att en startup ska nå hållbar tillväxt. / This study discusses several methods that startups can use to acquire new users for their product or service, from the perspective of a startup that forms the case study of this research and in comparison to other companies. As many startups are currently emerging, they seek cost-efficient ways for their company to grow. Companies such as Airbnb and Facebook used growth hacking when they started and lacked sufficient resources. Many blogs have been written about this phenomenon, but there is a lack of scientific research examining what needs to be done or considered. This research aims to contribute to filling that gap in relation to user acquisition. For six weeks, several strategies adopted by companies were tested at Locallife to determine which ones worked. The collected data were analysed and used for optimisations. Growth-hacking practices were performed on Facebook to identify which hacks lead to growth. The results show that the social media content calendar barely led to any conversions: after three weeks of execution and observation, the number of people that onboarded was unsatisfactory. However, local targeting content yielded satisfying results. Content with which the user can associate is more likely to attract the user's attention than general information about the product or service. Further, not only the tone of the campaign makes a difference for the audience; also the call to action influences people’s decision to onboard and the performance of the product or service. These findings are significant because they offer beginners and companies a perspective on which issues to consider when they decide to growth hack. Also, while many methods are discussed in blogs, only a few explain which adjustments were made before reaching a particular result, making it seem as if everything happened in one go. This research aims to explore the concept and show the efforts that need to be made for a startup to reach sustainable growth. Growth Hacking Data analysis Growth Social media Marketing Startups Media and Communication Technology Medieteknik
84	Ethical hacking of IoT devices: OBD-II dongles Christensen, Ludvig, Dannberg, Daniel January 2019 (has links) The subject area of this project is IT security related to cars, specifically the security of devices connected through a cars OBD-II connector. The aim of the project is to see the security level of the AutoPi OBD-II unit and to analyse where potential vulnerabilities are likely to occur when in use. The device was investigated using threat modeling consisting of analysing the architecture, using the STRIDE model to see the potential attacks that could be implemented and risk assessments of the attacks using the DREAD model. After modelling the system, attempts of implementing attacks, with the basis in the threat modelling, were carried out. No major vulnerabilities were found in the AutoPi device but a MITM attack on the user was shown to be possible for an attacker to succeed with. Even though no major vulnerability was found IoT devices connected to cars might bring security concerns that needs to be looked into by companies and researchers. / Ämnesområdet för detta projekt är ITsäkerhet relaterad till bilar, mer specifikt säkerheten gällande enheter som kopplas in i en bils OBD-II-kontakt. Syftet med uppsatsen är att bedöma säkerhetsnivån på en OBD-II-enhet av modell AutoPi och att analysera var potentiella sårbarheter kan finnas i systemet. Enheten kommer att undersökas med hjälp av hotmodellering som består av att analysera arkitekturen, använda STRIDE-modellen för att upptäcka potentiella attackmetoder samt bedöma riskerna för attackerna med hjälp av DREAD-modellen. Efter det steget görs attackförsök utifrån resultaten från hotmodelleringen. Inga större sårbarheter hittades i AutoPi-enheten men en MITM-attack på användaren visades vara möjlig för en angripare att lyckas med. Ä ven fast inga större sårbarheter hittades kan IoT-enheter kopplade till bilar medföra säkerhetsbrister som företag och forskare måste se över. Computer and Information Sciences Data- och informationsvetenskap
85	What Makes Them Click? Applying The Rational Choice Perspective To The Hacking Underground Bachmann, Michael 01 January 2008 (has links) The increasing dependence of modern societies, industries, and individuals on information technology and computer networks renders them ever more vulnerable to attacks on critical IT infrastructures. While the societal threat posed by hackers and other types of cyber-criminals has been growing significantly in the last decade, main-stream criminology has only recently begun to realize the significance of this threat. Cyber-criminology is slowly emerging as a subfield of criminological study and has yet to overcome many of the problems other areas of criminological research have already mastered. Aside from substantial methodological and theoretical problems, cyber-criminology currently also suffers from the scarcity of available data. As a result, scientific answers to crucial questions, such as who exactly the attackers are and why they engage in hacking activities, remain largely fragmentary. The present study begins to fill this remaining gap in the literature. It examines survey data about hackers, their involvement in hacking, their motivations to hack, and their hacking careers. The data for this study was collected during a large hacking convention in Washington D.C. in February 2008. The theoretical framework guiding the analyses is the rational choice perspective (Clarke & Cornish, 1985). Several hypotheses about hackers are derived from the theory and some of its models are transposed into the context of hackers. Results suggest that the rational choice perspective is a viable theory when applied to cyber-criminals. Findings also demonstrate that the creation of more effective countermeasures requires adjustments to our understanding of who hackers really are and why they hack. Cybercrime Cyber-criminology Hackers Hacking Rational Choice Rational Choice Perspective Sociology
86	Unauthorized Access Crimes Steh, Stephen R. 10 October 2009 (has links) No description available. Computer Science Criminology Law Technology computer crime hacking unauthorized access legislation and case law
87	A Study on Ethical Hacking in Cybersecurity Education Within the United States Chew, Jordan 01 March 2024 (has links) (PDF) As the field of computer security continues to grow, it becomes increasingly important to educate the next generation of security professionals. However, much of the current education landscape primarily focuses on teaching defensive skills. Teaching offensive security, otherwise known as ethical hacking, is an important component in the education of all students who hope to contribute to the field of cybersecurity. Doing so requires a careful consideration of what ethical, legal, and practical issues arise from teaching students skills that can be used to cause harm. In this thesis, we first examine the current state of cybersecurity education in the United States through a holistic view of funding, certifications, and course offerings. We then offer a framework to navigate the ethical and legal issues of teaching offensive security, as well as serve as a technical reference of useful tools for configuring and conducting a course in ethical hacking. Together, these contributions can be a baseline for educators looking to create courses on ethical hacking topics. Ethical Hacking Penetration Testing Security Tools Computing Education Curriculum and Instruction Educational Technology Information Security
88	La performance dans les arts plastiques aujourd'hui : tatouages et piercings / Performance in visual arts today : Tattoos and piercings Souladié, Catherine 26 June 2012 (has links) Cette recherche propose une réflexion sur la pertinence d’un « art –action » actuel, à partir d’une analyse d’actes pour l’art, caractérisés comme « hors limites », à travers une utilisation de la présence physique comme essence et support de l’art plastique, entreprise dès les années 1920 par Marcel Duchamp, et déclinée durant tout le vingtième siècle avec des mouvements artistiques tels Dada, le Happening, l’Actionnisme Viennois, ou l’Art Corporel.Nous étudions ici, aidés d’artistes performers choisis autour de quelques pratiques singulières de Albrecht Becker, Ron Athey et Lukas Zpira, les possibles limites d’actes artistiques, mettant en scène de façon extrême, à travers des performances jugées choquantes, agressives, incluant piercings, tatouages, osant parfois un art du malaise, se jouant des conventions, des tabous et des codes sociaux et culturels en place. Ainsi nous voyons s’il y a lieu, aujourd’hui, de parler encore d’actes artistiques politiques, militants, après l’âge d’or des années soixante-dix, parmi des nouvelles esthétiques du corps humain, celui-ci successivement « héros, sujet, matériau, objet, victime, écran » de cet art-action transgressif. Notre volonté est de saisir l’ambiguïté contenue dans la représentation, et toute la symbolique donnée à voir, par rapport à une première intention qui est une certaine déstructuration à la fois thématique et formelle dans les arts plastiques. La discussion est donc engagée sur l’authenticité et la pérennité de ces pratiques artistiques extrémistes, transgressives, manipulant le concept d’identité ou même la génétique, discussion aussi sur leur statut avant-gardiste dans l’histoire de « l’art pour l’art », concept porté par la modernité.Ce « hacking » du corps nous amène-t-il-alors vers un devenir post-humain virtuel, une seule existence dans les univers numériques ? Le corps est-il en perdition ou, paradoxalement l’ultime recours, sauvé par ces modifications douloureuses et radicales ? / This research proposes a reflection on the relevance of a "art -action" current, based on an analysis of the acts for the art, characterized as "off limits", through a use of the physical presence, such as origin and support of the visual art, begun in the 1920s by Marcel Duchamp, and declined throughout the twentieth century with artistic groups as Dada, the Happening, the Viennese Actionnism, or the Body Art.We study here, through artists performers selected around the singular practices of Albrecht Becker, Ron Athey and Lukas Zpira, the possible limits of artistic acts, staging in extreme way, through performances considered shocking, aggressive, including piercings, tattoos, daring an art of faintness sometimes, being played of conventions, the taboos and the social-cultural codes in place. Thus we see whether it is necessary, today, to still speak about artistic acts political, militant, after the golden age of the Seventies, through a choice among many new esthetics of the human body, successively “hero, subject, material, object, victim, screen” of this transgressive acting-art. Our will is to understand the ambiguity contained in the representation, and all the shown symbolic system, compared to a first intention which is disintegration both thematic and formal in the plastic arts. The discussion is thus about the authenticity and the survival of these artistic extremists and transgressive practices, treating the concept of identity or even the genetics, the discussion being also about their avant-gardist position in the history of “the art for art” brought by the modernity, position to be reconsidered in a society called post-modern.Do this “body- hacking” bring us then towards a future virtual human being, a single existence in the digital universes? Is the body lost or, paradoxically the ultimate recourse, saved by these painful and radical modifications? Performance Art action Art corporel Actionnisme Arts hors-limites Tatouage Piercing Trans-genre Modifications corporelles Body-hacking Post-human Performance Art action Body art Actionnism No-limits arts Tattoo Piercing Trans-genre Physical modifications Body-hacking Comment-human being
89	Au code, citoyens : mise en technologies des problèmes publics / Armed with code : from public problems to technologies of participation Ermoshina, Kseniia 28 November 2016 (has links) La thèse étudie les applications dites citoyennes pour mobiles et web qui sont développées en réponse aux problèmes publics variés et basées sur le principe de crowdsourcing. Elle s’intéresse à la fois à la conception de ces dispositifs, à leurs usages et aux façons dont ces outils transforment la communication des citoyens entre eux, et avec les pouvoirs publics. Elle explore les nouveaux formats d’innovation, comme les hackathons civiques, et interroge l’usage du code informatique en tant que nouvel instrument d’action collective.La thèse mobilise une méthodologie qui puise dans les répertoires des STS, de la sociologie des problèmes publics, de la science politique, des sciences de l’information et communication. Appuyée sur l’étude d'applications citoyennes en France et en Russie, elle pose différentes questions : comment traduit-on les problèmes publics en code informatique ; qu’est-ce que ces applications font et font faire ?; comment transforment-elles la participation citoyenne ?La recherche montre que les interfaces des applications façonnent et standardisent la participation en se basant sur les documents de référence : les lois, les réglementations normatives et techniques. Cependant, la standardisation a ses limites : se focalisant sur les moments de faille et des épreuves, telles que les tests, les mises à jour, le débogage des applications, l’enquête rend visibles les détournements et les bricolages mis en place par les usagers qui dépassent le cadrage par les interfaces et participent à la fois à la réécriture des applications et à la redéfinition des problèmes publics.La comparaison entre applications développées par les administrations publiques et projets portés par la société civile permet de distinguer deux façons de communiquer : les chaînes courtes et les chaînes longues. Sans les opposer, la thèse se place dans « l’entre-deux » et analyser les articulations, les agencements de ces réseaux socio-techniques. / The PhD dissertation studies new digital participative technologies called "civic apps", applications for mobile and web developed in response to a large scope of public problems and based on the principle of crowdsourcing. The research focuses on the conception of these tools, their usages and the way these tools transform the communication among citizens and between citizens and public administrations. It also explores new formats of civic tech innovation, such as civic hackathons, and question the usage of programming code as a new tool of collective action.The thesis calls upon the methodologies of sociology of science and technology, sociology of public problems, political science and science of information and communication. Based on a case-study of several civic apps in France and Russia, the inquiry adresses the following question: how does the translation of public problems into programming code occur ? And how do these applications transform civic participation?The research shows that the interfaces standardize and format the practices of participation, using documents such as laws, technical norms and standards. However, this standardization has its limits. Focusing on the moments of failure and trial, such as tests, updates or debug of applications, the inquiry highlights the practices of bricolage and detournement, deployed by users in order to overcome the framing by design and participate in the rewriting of the applications.The thesis compares civic applications with the applications developed by public administrations and distinguishes two models of communication called the "long chains" and the "short chains". However, instead of opposing administrative and civic initiatives, the thesis proposes to think from "in-between", analyzing the articulations and arrangements of these socio-technical networks. TIC Démocratie électronique ANT STS Problèmes publiques Crowdsourcing Participation Applications citoyennes Interfaces Hackathons Hacking citoyen ICT Electronic democracy ANT STS Public problems Crowdsourcing Participation Civic apps Interfaces Hackatons Digital citizenship Civic hacking 303.483 3
90	Threat Modeling and Penetration Testing of a Yanzi IoT-system : A Survey on the Security of the system’s RF communication Isabar, Diyala January 2021 (has links) Internet of Thing (IoT) products have in recent years become increasingly popular with both industries and private consumers, and it has been forecasted that the number of connected devices around the world will be roughly 14 billion in the year 2022. One particular field that the booming of IoT solutions continues to create endless possibilities for is smart offices. Several different devices are connected in an office environment to create a better workplace and enable a better, faster and smarter working approach. However, while there are several advantages with IoTs, they have also introduced new security threats that can not be overlooked. In this thesis, the security of a smart office system designed by Yanzi is examined. The system consists of a gateway, 34 sensors and a cloud service embedded as a SaaS. The security analysis was performed in three steps: planning, penetration testing and reporting. Radio frequency (RF) hacking against the systems RF communication was the main focus of the work. Due to some technical issues, not all selected attacks were possible to perform. Out of three that were possible to perform, one of them revealed a security flaw. Different countermeasures for the found flaw were proposed. / ”Internet av saker” produkter har under de senaste åren blivit alltmer populära bland både industrier och privata konsumenter, och man har prognostiserat att antalet anslutna enheter runt om i världen kommer att vara ungefär 14 miljarder år 2022. Ett särskilt område som ökandet av IoT-lösningar fortsätter att skapa oändliga möjligheter för är smarta kontor. Flera olika enheter är anslutna i en kontorsmiljö för att skapa en bättre arbetsplats och möjliggöra ett bättre, snabbare och smartare arbetssätt. Även om det finns flera fördelar med IoT, har de också infört nya säkerhetshot som inte kan förbises. I denna avhandling undersöks säkerheten för ett smart kontorssystem som designats av Yanzi. Systemet består av en gateway, 34 sensorer och en molntjänst inbäddad som en SaaS. Säkerhetsanalysen utfördes i tre steg: planering, penetrationstestning och rapportering. Radiofrekvenshackning mot systemets radiokommunikation var huvudfokus för arbetet. På grund av vissa tekniska problem var det inte möjligt att utföra alla föreslagna attacker. Av de tre som var möjliga att utföra avslöjade en av dem ett säkerhetsfel. Olika motåtgärder för den funna sårbarheten föreslås. Security Internet of Things penetration testing threat assessment threat modeling ethical hacking vulnerabilities RF communication smart office Säkerhet ”Internet av saker” penetrationstestning hotbedömning hotmodelering etisk hacking sårbarheter radiokommunikation smarta kontorN Computer Sciences Datavetenskap (datalogi)

Search results