Advancing cyber security with a semantic path merger packet classification algorithm

Thames, John Lane

30 October 2012

This dissertation investigates and introduces novel algorithms, theories, and supporting frameworks to significantly improve the growing problem of Internet security. A distributed firewall and active response architecture is introduced that enables any device within a cyber environment to participate in the active discovery and response of cyber attacks. A theory of semantic association systems is developed for the general problem of knowledge discovery in data. The theory of semantic association systems forms the basis of a novel semantic path merger packet classification algorithm. The theoretical aspects of the semantic path merger packet classification algorithm are investigated, and the algorithm's hardware-based implementation is evaluated along with comparative analysis versus content addressable memory. Experimental results show that the hardware implementation of the semantic path merger algorithm significantly outperforms content addressable memory in terms of energy consumption and operational timing.

Computational semantics

Graph theory

Hardware algorithms

Attack detection

Distributed internet security

Packet classification

Intrusion detection

Semantic association

Semantic networks

Content addressable memory

SRAM-based trie pipelines

Hardware-based trie pipelines

Computational intelligence

Neural networks

Parametric optimization

Genetic algorithms

Self-organizing maps

Ensemble intelligence

Firewalls

Routing

Packet filters

Cyber intelligence (Computer security)

Algorithms

Cyberterrorism

Denial of service attacks

Anomaly detection (Computer security)

Internet-based electronic payment systems

Kortekaas, Birgit Friederike

01 January 2002

As today, the traditional payment systems of cash, cheques and credit cards are being supplemented by electronic cheques, electronic credit card-based systems, and token-based systems, online security is of utmost importance and one of the biggest criteria used for evaluating electronic payment systems. Electronic payment systems must guarantee the essential security requirements: confidentiality, privacy, integrity, availability. authentication, non-repudiation as well as anonymity and trust. This paper compares the various payment systems (both traditional and electronic) available today mainly according to their security aspects. Secure processing can be accomplished including access controls and detection techniques, such as, encrypted communication channels, user and/or message authentication, symmetric and asymmetric encryption, digital certificates and firewalls. These effective security measures, which are outlined in detail in this paper, will protect the information and payment systems against security risks that currently threaten the Internet / Computing / M.Sc. (Information Systems)

Internet

Electronic commerce

Electronic payment systems

Authentication

Confidentiality

Identification

Integrity

Privacy

Security

Cryptography

Certificates

Encryption

Digital signatures

Anonymity

Threats

Electronic cash

Electronic cheque

Smart cards

Electronic credit cards

658.478

Internet -- Economic aspects

Internet -- Security measures

Payment

Electronic commerce -- Security measures

Computer networks -- Security measures

Data encryption (Computer science)

Smart cards

The law of data (privacy) protection: a comparative and theoretical study

Roos, Anneliese

31 October 2003

In present-day society more and more personal information is being collected. The nature of the collection has also changed: more sensitive and potentially prejudicial information is collected. The advent of computers and the development of new telecommunications technology, linking computers in networks (principally the Internet) and enabling the transfer of information between computer systems, have made information increasingly important, and boosted the collection and use of personal information. The risks inherent in the processing of personal information are that the data may be inaccurate, incomplete or irrelevant, accessed or disclosed without authorisation, used for a purpose other than that for which they were collected, or destroyed. The processing of personal information poses a threat to a person's right to privacy. The right to identity is also infringed when incorrect or misleading information relating to a person is processed. In response to the problem of the invasion of the right to privacy by the processing of personal information, many countries have adopted "data protection" laws. Since the common law in South Africa does not provide adequate protection for personal data, data protection legislation is also required. This study is undertaken from a private law perspective. However, since privacy is also protected as a fundamental right, the influence of constitutional law on data protection is also considered. After analysing different foreign data protection laws and legal instruments, a set of core data protection principles is identified. In addition, certain general legal principles that should form the basis of any statutory data protection legislation in South Africa are proposed. Following an analysis of the theoretical basis for data protection in South African private law, the current position as regards data protection in South-Africa is analysed and measured against the principles identified. The conclusion arrived at is that the current South African acts can all be considered to be steps in the right direction, but not complete solutions. Further legislation incorporating internationally accepted data protection principles is therefore necessary. The elements that should be incorporated in a data protection regime are discussed. / Jurisprudence / LL. D. (Jurisprudence)

South African private law

OECD Guidelines on data protection

Right to identity

Computers and privacy

Right to privacy

Data protection

342.858068

Privacy, Right of -- South Africa

Internet -- Security measures

Análise dos riscos e efeitos nocivos do uso da internet: contribuições para uma política pública de proteção da criança e do adolescente na era digital / Analysis of the risks and harmful effects of internet use: contributions to public policy child protection and adolescents in the digital age

Tono, Cineiva Campoli Paulino

10 April 2015

O uso da internet e jogos eletrônicos online, em desarmonia com as demais atividades humanas, independentemente do dispositivo tecnológico para acesso, pode se tornar um vício e produzir efeitos nocivos em vários aspectos da vida dos usuários, potencializados quando os usuários são crianças e adolescentes, pessoas em fase especial de desenvolvimento biopsicossocial. O foco da investigação em pauta foi a análise dos riscos e danos do vício em internet, pressupondo a proteção integral das crianças e dos adolescentes nos aspectos de educação, saúde e segurança. Para tanto, buscou-se referências teóricas em artigos científicos no âmbito mundial, evidências empíricas em pesquisas de campo com adolescentes e no Programa de Pais de Dependentes de Internet do Ambulatório de Transtorno de Impulso do Instituto de Psiquiatria da Universidade de São Paulo. Como as crianças e os adolescentes são sujeitos de direito, com prioridade absoluta de proteção, sentiu-se a necessidade de haver uma intervenção e, para isso, foram propostos conteúdos e metodologias de planejamento de políticas de prevenção a esses riscos e danos, elaborados de forma interinstitucional e interdisciplinar. O método científico utilizado foi o de pesquisa-ação política, socialmente crítica e intervencionista. Para fundamentação teórica, buscaram-se subsídios na análise crítica do determinismo tecnológico e dos riscos envolvidos com a concepção e uso das tecnologias de Feenberg (1991), Giddens (1991), Marcuse (1999), Lima Filho (2005), Setzer (2002), Armstrong e Casement (2001), Smith (2009), entre outros. O trabalho de pesquisa utilizou documentos de base legal, com amparo na Declaração Universal dos Direitos Humanos (1948), na Constituição da República Federativa do Brasil (1988) e no Estatuto da Criança e do Adolescente (1990), os quais priorizam, em termos absolutos, as crianças e os adolescentes na formulação e na gestão de políticas públicas para todas as esferas de execução. Nas fases de observação, diagnose e primeiros registros, a pesquisa partiu da preocupação sobre a fala dos adolescentes de duas escolas públicas de Curitiba, em 2009, quando o problema dessa tese foi delineado riscos e efeitos nocivos da adição à internet e em jogos eletrônicos online. Para a fase de intervenção da pesquisa foi elaborado um plano de ação com foco no eixo de “Tecnologia e Dignidade Humana”, desenvolvido durante as onze audiências públicas no Estado do Paraná, coordenadas pela autora, articuladas ao Projeto UFPR Unindo Talentos com apoio da CAPES, contemplando conteúdos estruturantes para elaboração de uma política pública de prevenção ao vício na internet e, sobretudo, da internet gaming disorder, distúrbio mental previsto pela Associação Americana de Psiquiatria na quinta edição do Diagnostical and Statistical Manual of Disorder (DSM V), de maio de 2013. Desse trabalho resultaram contribuições à elaboração do eixo “Tecnologia e Dignidade Humana” da primeira edição do Plano Estadual de Educação em Direitos Humanos do Paraná (PEEDH/PR). / The use of internet and on-line video games, in harmony with other human activities, irrespective of the technological device to access, can be addictive and cause adverse effects in various aspects of life of users, potentiated when the users are children and adolescents people in particular phase of biopsychosocial development. The focus of research on the agenda was the analysis of the risks and vice damage, assuming the full protection of children and adolescents in the aspects of education, health and security. Therefore, we sought theoretical references in scientific papers at the global level, empirical evidence on field research with adolescents, and internet Dependent Parent Program Dependence Center for the Impulse Disorder Clinic at the Institute of Psychiatry, University of São Paulo. As children and adolescents are subjects of rights, with priority protection, felt the need for an intervention, and for this have been proposed content and planning methodologies prevention policies to such risks and damage, prepared in inter-institutional and interdisciplinary way. The scientific method used was the policy action research, socially critical and interventionist. For theoretical foundation sought to subsidies in the critical analysis of technological determinism and the risks involved with the design and use of technologies Feenberg (1991), Giddens (1991), Marcuse (1999), Lima Filho (2004, 2005), Andrade (2004) Setzer (2002, 2009), Armstrong and Casement (2001), Smith (2009), among others. The research used a legal basis documents, with support in the Universal Declaration of Human Rights (1948), the Constitution of the Federative Republic of Brazil (1988) and the Statute of Children and Adolescents (1990), who prioritize in terms absolute, children and adolescents in the design and management of public policies for all enforcement spheres. In phases of observation, diagnosis and first records research came from concern about the speech of adolescents from two public schools in Curitiba, in 2009, when the problem of this thesis was designed, the risks and harmful effects of adding internet and electronic games on-line. For the research intervention phase was prepared an action plan in inter-institutional focused on the “Technology and Human Dignity” axis developed in the eleven public hearings in the State of Paraná, coordinated by the author, contemplating structuring content for development of policy public prevention addiction on the Internet, and especially the internet gaming disorder, mental disorder provided by the American Psychiatric Association in the fifth edition of Diagnostical and Statistical Manual of Disorder (DSM V), May 2013. This work resulted in important contributions to the development axis “Technology and Human Dignity” of the first edition of the State Plan for Education in Human Rights of Paraná (PEEDH / PR).

CNPQ::CIENCIAS SOCIAIS APLICADAS

Jogos eletrônicos

Avaliação de riscos

Vício em internet

Internet e crianças

Internet e adolescentes

Internet - Medidas de segurança

Política pública

Pesquisa-ação

Tecnologia

Electronic games

Risk assessment

Internet addiction

Internet and children

Internet and teenagers

Internet - Security measures

Public policy

Action research

Technology

Analysis, evaluation, measurements and implementation of network security systems and their critical points of failure during COVID-19 / Analys, utvärdering, mätningar och implementering av nätverkssäkerhetssystem och deras kritiska felpunkter under COVID-19

Olmedilla Belinchón, Adrián

January 2023

This study analyses the evolution of the COVID-19 pandemic from a cybersecurity perspective, highlighting the different types of cyber-attacks experienced that happened around the world. In addition, this thesis shows the different types of cyber-attacks produced due to the lack of security employed during the pandemic crisis and how were the reactions of the different organizations to solving the problem. Furthermore, there are different statistics and graphical tables that show the evolution and how it covered the main types of cyber-attacks by the majority of organizations. The analysis reveals a view of those different attacks that can show in various forms. How the cybercriminals leverage the different vulnerabilities of corporate networks in a never-explored perspective makes this review different from other present papers on the COVID-19 pandemic. In addition, the study manifests the different recommendations proposed by the different experts to avoid a similar situation in times of crisis, making that study a guide to avoid similar situations in the future. In fact, the information extracted from different specialized sources will be used to carry out an objective study. / Den här studien analyserar utvecklingen av covid-19-pandemin ur ett cybersäkerhetsperspektiv, och lyfter fram de olika typer av cyberattacker som upplevts runt om i världen. Dessutom visar denna avhandling de olika typerna av cyberattacker som skapats på grund av bristen på säkerhet som användes under pandemikrisen och hur de olika organisationerna reagerade på att lösa problemet. Dessutom finns det olika statistik och grafiska tabeller som visar utvecklingen och hur den täckte huvudtyperna av cyberattacker från majoriteten av organisationer. Analysen visar en syn på de olika attackerna som kan visa sig i olika former. Hur cyberbrottslingarna utnyttjar de olika sårbarheterna i företagsnätverk i ett aldrig utforskat perspektiv gör att denna recension skiljer sig från andra nuvarande artiklar om covid-19-pandemin. Dessutom visar studien de olika rekommendationerna som föreslagits av de olika experterna för att undvika en liknande situation i kristider, vilket gör den studien till en guide för att undvika liknande situationer i framtiden. Faktum är att informationen från olika specialiserade källor kommer att användas för att genomföra en objektiv studie. / Este estudio analiza la evolución de la pandemia de COVID-19 desde una perspectiva de ciberseguridad, destacando los diferentes tipos de ciberataques experimentados en todo el mundo. Además, esta tesis muestra los diferentes tipos de ciberataques producidos por la falta de seguridad empleada durante la crisis de la pandemia y cómo fueron las reacciones de las diferentes organizaciones ante la solución del problema. Además, existen diferentes estadísticas y tablas gráficas que muestran la evolución y cómo se cubrieron los principales tipos de ciberataques por parte de la mayoría de las organizaciones. El análisis revela una visión de esos diferentes ataques que pueden manifestarse de diversas formas. La forma en que los ciberdelincuentes aprovechan las diferentes vulnerabilidades de las redes corporativas en una perspectiva nunca explorada hace que esta revisión sea diferente de otros documentos actuales sobre la pandemia de COVID-19. Además, el estudio pone de manifiesto las diferentes recomendaciones propuestas por los diferentes expertos para evitar una situación similar en tiempos de crisis, convirtiendo dicho estudio en una guía para evitar situaciones similares en el futuro. De hecho, se utilizará la información extraída de diferentes fuentes especializadas para realizar un estudio objetivo.

COVID-19

Cyber-attack

Internet security

Cybersecurity threats

Remote Work

Cybersecurity Awareness

COVID-19

cyber-attack

Internetsäkerhet

Cybersäkerhetshot

Fjärrarbete

Cybersäkerhetsmedvetenhet

COVID-19

Ataque cibernético

Seguridad en Internet

Amenazas a la seguridad cibernética

Trabajo remoto

Computer Sciences

Datavetenskap (datalogi)

Computer Engineering

Datorteknik

Computer and Information Sciences

Data- och informationsvetenskap

Adoption of e-banking amongst small, micro and medium enterprises in the City of Tshwane Metropolitan Municipality

Manala, Maseribe Maureen

01 1900

The purpose of this study was to examine the level of adoption, usage and factors that influence the adoption of electronic banking (e-banking) by small, micro and medium enterprises (SMMEs) listed in the City of Tshwane Metropolitan Municipality (CTMM). Despite efforts by commercial banks to promote e-banking (internet and cell phone banking) to its customers, the adoption rate for internet and cell phone banking appears to be low. Based on the literature reviewed, the SMME sector has been widely excluded from the formal banking services. It is also observed that e-banking can enable SMMEs to grow and enter international markets. Technology acceptance model (TAM) integrated with perceived risk theory (PRT) was used to investigate factors that influence adoption and usage of e-banking. The study followed a quantitative research approach. Respondents were selected using simple random sampling technique. A structured survey questionnaire was used to collect the data. The survey was conducted on 160 SMMEs in the CTMM with the assistance of fieldworkers. Data were analysed using descriptive statistics, exploratory factor analysis (EFA), Pearson’s bivariate correlation, and multiple regression. The results revealed that perceived ease of use had a significant positive influence on the attitude towards e-banking. Perceived usefulness had a positive but insignificant influence on the attitude towards e-banking. Security risk was the only perceived risk dimension that had a significant negative influence on attitude towards e-banking. However, financial risk, privacy risk, performance risk and social risk had a positive and insignificant influence on attitude towards e-banking. It was envisaged that this study will enable banks to develop strategies that are aimed at increasing their SMME market share. / Finance, Risk management and Banking / M. Com. (Finance)

Adoption

Attitude

Cell phone banking

E-banking

Internet banking

Intention behaviour

Perceived Risk Theory

Technology Acceptance Model

Usage

332.1780968227