Global ETD Search

91	Är gymnasieskolans digitala säkerhet tillräcklig? : Risk- och sårbarhetsanalys, ur ett informationssäkert perspektiv / Is the Swedish highschooldigital security adequate? : Risk and Vulnerability assesment Rahimi, Farhad, Isufi, Mevlyde January 2020 (has links) This work presents a study of how information security has been implemented in the municipal high school. The study covers applications' resistance to intrusion, hardware security, students & the IT department's overall competence, also requirements for confidentiality in relation to municipal and state guidelines. The study includes field visits that have been carried out at two municipal high schools with technical vulnerabilities in focus. Based on this study, a risk and vulnerability analysis and an action plan for identified risks are presented. Cybersecurity Highschool Phishing Pentesting Vulnerability Cloud Informationssäkerhet Gymnasieskola Sårbarhet Molnet Engineering and Technology Teknik och teknologier
92	VD-bedrägeri : Hur arbetar svenska kommuner för att minska risken för VD- bedrägeri? / CEO-fraud : How do swedish municipalities work to reduce the risk of CEO-fraud? Osman Ali, Abdiasis January 2020 (has links) The use of digital equipment and services is increasing both in organizations and private individuals. This means that more and more people are connecting to the Internet to communicate and share data that may include sensitive information. Due to security developments, unauthorized access to data has become increasingly sophisticated and therefore it has become difficult for cybercriminals to access it. Therefore, cybercriminals have begun to exploit human psychology. There are several different ways cybercriminals use to exploit the social aspect of people. One of these is CEO-fraud which targets specific individuals, often high-profile individuals such as executives and financial controllers. This study has investigated how Swedish municipalities work to reduce the risk of CEO-frauds. Also, the study has mapped out the methods and guidelines used by municipalities to ensure that their employees are not exposed to that type of attack. The study was conducted using a qualitative and quantitative survey that was sent to all 290 municipalities, which resulted in 71 responses. The results show that these municipalities use various technical defences and educate employees. Also, the study shows that these municipalities have policies and guidelines on how phishing and CEO fraud e-mails should be handled. / Användningen av digital utrustning och tjänster ökar både hos organisationer och privatpersoner. Detta innebär att det blir alltfler som kopplar upp sig mot Internet för att kommunicera och dela data som kan innehålla känslig information. Obehörigas åtkomst av data har på grund av säkerhetsutvecklingen blivit allt mer sofistikerad och därför har det blivit svårare för cyberbrottslingar att komma åt den. Därför började cyberbrottslingar utnyttja den mänskliga psykologin. Det finns ett antal olika sätt som cyberbrottslingar använder för att utnyttja den sociala aspekten hos människor. En av dessa är VD-bedrägerier som riktar sig mot bestämda individer, ofta högprofilerade individer såsom chefer och ekonomiansvariga. Denna studie har undersökt hur svenska kommuner arbetar för att minska risken för VD- bedrägeri. Dessutom har studien kartlagt vilka metoder och riktlinjer som kommunerna använder för att säkerställa att deras anställda inte utsätts för den typen av attack. Studien har utförts med hjälp av en kvalitativ och kvantitativ enkätundersökning som skickades ut till samtliga 290 kommuner vilket resulterade i 71 svar. Resultaten visar att de 71 kommuner använder ett antal tekniska skydd samt utbildar anställda. Dessutom visar studien att kommunerna har policy och riktlinjer om hur nätfiske och VD-bedrägerimail skall hanteras. CEO-fraud phishing cybercriminals E-mail VD-bedrägeri nätfiske cyberbrottslingar E-post Information Systems
93	Vers une détection des attaques de phishing et pharming côté client / Defeating phishing and pharming attacks at the client-side Gastellier-Prevost, Sophie 24 November 2011 (has links) Le développement de l’Internet à haut débit et l’expansion du commerce électronique ont entraîné dans leur sillage de nouvelles attaques qui connaissent un vif succès. L’une d’entre elles est particulièrement sensible dans l’esprit collectif : celle qui s’en prend directement aux portefeuilles des Internautes. Sa version la plus répandue/connue est désignée sous le terme phishing. Majoritairement véhiculée par des campagnes de spam, cette attaque vise à voler des informations confidentielles (p.ex. identifiant, mot de passe, numéro de carte bancaire) aux utilisateurs en usurpant l’identité de sites marchands et/ou bancaires. Au fur et à mesure des années, ces attaques se sont perfectionnées jusqu’à proposer des sites webs contrefaits qui visuellement - hormis l’URL visitée - imitent à la perfection les sites originaux. Par manque de vigilance, bon nombre d’utilisateurs communiquent alors - en toute confiance - des données confidentielles. Dans une première partie de cette thèse, parmi les moyens de protection/détection existants face à ces attaques, nous nous intéressons à un mécanisme facile d’accès pour l’Internaute : les barres d’outils anti-phishing, à intégrer dans le navigateur web. La détection réalisée par ces barres d’outils s’appuie sur l’utilisation de listes noires et tests heuristiques. Parmi l’ensemble des tests heuristiques utilisés (qu’ils portent sur l’URL ou le contenu de la page web), nous cherchons à évaluer leur utilité et/ou efficacité à identifier/différencier les sites légitimes des sites de phishing. Ce travail permet notamment de distinguer les heuristiques décisifs, tout en discutant de leur pérennité. Une deuxième variante moins connue de cette attaque - le pharming - peut être considérée comme une version sophistiquée du phishing. L’objectif de l’attaque reste identique, le site web visité est tout aussi ressemblant à l’original mais - a contrario du phishing - l’URL visitée est cette fois-ci elle aussi totalement identique à l’originale. Réalisées grâce à une corruption DNS amont, ces attaques ont l’avantage de ne nécessiter aucune action de communication de la part de l’attaquant : celui-ci n’a en effet qu’à attendre la visite de l’Internaute sur son site habituel. L’absence de signes "visibles" rend donc l’attaque perpétrée particulièrement efficace et redoutable, même pour un Internaute vigilant. Certes les efforts déployés côté réseau sont considérables pour répondre à cette problématique. Néanmoins, le côté client y reste encore trop exposé et vulnérable. Dans une deuxième partie de cette thèse, par le développement de deux propositions visant à s’intégrer dans le navigateur client, nous introduisons une technique de détection de ces attaques qui couple une analyse de réponses DNS à une comparaison de pages webs. Ces deux propositions s’appuient sur l’utilisation d’éléments de référence obtenus via un serveur DNS alternatif, leur principale différence résidant dans la technique de récupération de la page web de référence. Grâce à deux phases d’expérimentation, nous démontrons la viabilité du concept proposé. / The development of online transactions and "always-connected" broadband Internet access is a great improvement for Internet users, who can now benefit from easy access to many services, regardless of the time or their location. The main drawback of this new market place is to attract attackers looking for easy and rapid profits. One major threat is known as a phishing attack. By using website forgery to spoof the identity of a company that proposes financial services, phishing attacks trick Internet users into revealing confidential information (e.g. login, password, credit card number). Because most of the end-users check the legitimacy of a login website by looking at the visual aspect of the webpage displayed by the web browser - with no consideration for the visited URL or the presence and positioning of security components -, attackers capitalize on this weakness and design near-perfect copies of legitimate websites, displayed through a fraudulent URL. To attract as many victims as possible, most of the time phishing attacks are carried out through spam campaigns. One popular method for detecting phishing attacks is to integrate an anti-phishing protection into the web browser of the user (i.e. anti-phishing toolbar), which makes use of two kinds of classification methods : blacklists and heuristic tests. The first part of this thesis consists of a study of the effectiveness and the value of heuristics tests in differentiating legitimate from fraudulent websites. We conclude by identifying the decisive heuristics as well as discussing about their life span. In more sophisticated versions of phishing attacks - i.e. pharming attacks -, the threat is imperceptible to the user : the visited URL is the legitimate one and the visual aspect of the fake website is very similar to the original one. As a result, pharming attacks are particularly effective and difficult to detect. They are carried out by exploiting DNS vulnerabilities at the client-side, in the ISP (Internet Service Provider) network or at the server-side. While many efforts aim to address this problem in the ISP network and at the server-side, the client-side remains excessively exposed. In the second part of this thesis, we introduce two approaches - intended to be integrated into the client’s web browser - to detect pharming attacks at the client-side. These approaches combine both an IP address check and a webpage content analysis, performed using the information provided by multiple DNS servers. Their main difference lies in the method of retrieving the webpage which is used for the comparison. By performing two sets of experimentations, we validate our concept. Phishing Pharming Heuristique Navigateur web DNS Code source html Web browser Heuristic
94	Designing a Security Education Curriculum Using Gamification Principles Selinger, David Emanuel 25 November 2019 (has links) No description available. Computer Science Cybersecurity Social Media Identity Theft Gamification Simulation Social Network Phishing,
95	Model of detection of phishing URLsbased on machine learning Burbela, Kateryna January 2023 (has links) Background: Phishing attacks continue to pose a significant threat to internetsecurity. One of the most common forms of phishing is through URLs, whereattackers disguise malicious URLs as legitimate ones to trick users into clickingon them. Machine learning techniques have shown promise in detecting phishingURLs, but their effectiveness can vary depending on the approach used.Objectives: The objective of this research is to propose an ensemble of twomachine learning techniques, Convolutional Neural Networks (CNN) and MultiHead Self-Attention (MHSA), for detecting phishing URLs. The goal is toevaluate and compare the effectiveness of this approach against other methodsand models.Methods: a dataset of URLs was collected and labeled as either phishing orlegitimate. The performance of several models using different machine learningtechniques, including CNN and MHSA, to classify these URLs was evaluatedusing various metrics, such as accuracy, precision, recall, and F1-score.Results: The results show that the ensemble of CNN and MHSA outperformsother individual models and achieves an accuracy of 98.3%. Which comparing tothe existing state-of-the-art techniques provides significant improvements indetecting phishing URLs.Conclusions: In conclusion, the ensemble of CNN and MHSA is an effectiveapproach for detecting phishing URLs. The method outperforms existing state-ofthe-art techniques, providing a more accurate and reliable method for detectingphishing URLs. The results of this study demonstrate the potential of ensemblemethods in improving the accuracy and reliability of machine learning-basedphishing URL detection. Phishing URL address Deep learning Convolutional layer Multi-head self-attention. Computer Sciences Datavetenskap (datalogi)
96	Phishing : A qualitative study of users' e-mail classification process, and how it is influenced by the subjective knowledge Puke Andersson, Hanna, Stenberg, Sofie January 2022 (has links) Background. E-mail phishing is a type of social engineering where the threat actor sends e-mails with the intention to, for example, gain sensitive information or gain access to sensitive assets. Anyone can be a target of a phishing attempt, and any user that uses a digital environment should be aware of which factors to be attentive to in an e-mail. Objectives. This thesis intends to study the practical ability to identify phishing e-mails among users and what factors they are looking for when performing the classification. The intention is also to investigate if subjective knowledge impacts practical ability. Methods. A user study was conducted where the participants were to classify e-mails from an inbox as either phishing or legitimate. During the observation, the participants thought-out-loud for the authors of this thesis to hear their approach and which factors they noticed. A questionnaire also was conducted to capture the participants' knowledge, previous experience, and confidence in their classifications. Results. The results show that the majority of the participants did not know what factors to look after, nor how to inspect them, to make a justified classification of an e-mail. Most participants made the classifications based on their gut feelings. Those participants who had any theoretical knowledge showed more confidence and identified more phishing attempts. Conclusions. This thesis concluded that the participants lacked the required knowledge to identify phishing attempts. Further, it concludes that subjective knowledge leads to high confidence, which helps users make the correct classification. Therefore, this topic needs to be further enlightened to bring more awareness, and education needs to be conducted. phishing social engineering security awareness user study data security Computer Sciences Datavetenskap (datalogi)
97	Feeding Phishers Lynch, Nicholas J 01 July 2009 (has links) (PDF) Phishing campaigns continue to deceive users into revealing their credentials, despite advancing spam filters, browser and toolbar warnings, and educational efforts. Recently, researchers have begun investigating how fake credentials --- or honeytokens --- can be used to detect phishing sites and protect users. BogusBiter, one such work, creates sets of honeytokens based on users' real credentials and sends them alongside real user submissions to phishing sites. In this paper, we present Phish Feeder, an anti-phishing tool which extends the BogusBiter honeytoken generation algorithm in order to create more realistic and authentic-looking credentials. Phish Feeder also employs a ``honeytoken repository'' which stores generated credentials and provides a lookup service for legitimate sites that encounter invalid credentials. The Phish Feeder client is implemented as a Firefox extension and the repository is implemented as a Java web application. We compare the effectiveness of the Phish Feeder generation algorithm to that of the previous work and find that it is up to four times as effective at hiding real users' credentials within a set. Furthermore, we find that Phish Feeder introduces only negligible overhead during normal browsing, and a low overhead during credential creation and submission. phishing identity theft honeytokens fake credentials browser extension Other Computer Sciences
98	Detection, Triage, and Attribution of PII Phishing Sites Roellke, Dennis January 2022 (has links) Stolen personally identifiable information (PII) can be abused to perform a multitude of crimes in the victim’s name. For instance, credit card information can be used in drug business, Social Security Numbers and health ID’s can be used in insurance fraud, and passport data can be used for human trafficking or in terrorism. Even Information typically considered publicly available (e.g. name, birthday, phone number, etc.) can be used for unauthorized registration of services and generation of new accounts using the victim’s identity (unauthorized account creation). Accordingly, modern phishing campaigns have outlived the goal of account takeover and are trending towards more sophisticated goals. While criminal investigations in the real world evolved over centuries, digital forensics is only a few decades into the art. In digital forensics, threat analysts have pioneered the field of enhanced attribution - a study of threat intelligence that aims to find a link between attacks and attackers. Their findings provide valuable information for investigators, ultimately bolster takedown efforts and help determine the proper course of legal action. Despite an overwhelming offer of security solutions today suggesting great threat analysis capabilities, vendors only share attack signatures and additional intelligence remains locked into the vendor’s ecosystem. Victims often hesitate to disclose attacks, fearing reputation damage and the accidental revealing of intellectual property. This phenomenon limits the availability of postmortem analysis from real-world attacks and often forces third-party investigators, like government agencies, to mine their own data. In the absence of industry data, it can be promising to actively infiltrate fraudsters in an independent sting operation. Intuitively, undercover agents can be used to monitor online markets for illegal offerings and another common industry practice is to trap attackers in monitored sandboxes called honeypots. Using honeypots, investigators lure and deceive an attacker into believing an attack was successful while simultaneously studying the attacker’s behavior. Insights gathered from this process allow investigators to examine the latest attack vectors, methodology, and overall trends. For either approach, investigators crave additional information about the attacker, such that they can know what to look for. In the context of phishing attacks, it has been repeatedly proposed to "shoot tracers into the cloud", by stuffing phishing sites with fake information that can later be recognized in one way or another. However, to the best of our knowledge, no existing solution can keep up with modern phishing campaigns, because they focus on credential stuffing only, while modern campaigns steal more than just user credentials — they increasingly target PII instead.We observe that the use of HTML form input fields is a commonality among both credential stealing and identity stealing phishing sites and we propose to thoroughly evaluate this feature for the detection, triage and attribution of phishing attacks. This process includes extracting the phishing site’s target PII from its HTML <label> tags, investigating how JavaScript code stylometry can be used to fingerprint a phishing site for its detection, and determining commonalities between the threat actor’s personal styles. Our evaluation shows that <input> tag identifiers, and <label> tags are the most important features for this machine learning classification task, lifting the accuracy from 68% without these features to up to 92% when including them. We show that <input> tag identifiers and code stylometry can also be used to decide if a phishing site uses cloaking. Then we propose to build the first denial-of-phishing engine (DOPE) that handles all phishing; both Credential Stealing and PII theft. DOPE analyzes HTML <label> tags to learn which information to provide, and we craft this information in a believable manner, meaning that it can be expected to pass credibility tests by the phisher. Computer science Identity theft Machine learning Phishing Internet--Security measures JavaScript (Computer program language)
99	Phishing website detection using intelligent data mining techniques. Design and development of an intelligent association classification mining fuzzy based scheme for phishing website detection with an emphasis on E-banking. Abur-rous, Maher Ragheb Mohammed January 2010 (has links) Phishing techniques have not only grown in number, but also in sophistication. Phishers might have a lot of approaches and tactics to conduct a well-designed phishing attack. The targets of the phishing attacks, which are mainly on-line banking consumers and payment service providers, are facing substantial financial loss and lack of trust in Internet-based services. In order to overcome these, there is an urgent need to find solutions to combat phishing attacks. Detecting phishing website is a complex task which requires significant expert knowledge and experience. So far, various solutions have been proposed and developed to address these problems. Most of these approaches are not able to make a decision dynamically on whether the site is in fact phished, giving rise to a large number of false positives. This is mainly due to limitation of the previously proposed approaches, for example depending only on fixed black and white listing database, missing of human intelligence and experts, poor scalability and their timeliness. In this research we investigated and developed the application of an intelligent fuzzy-based classification system for e-banking phishing website detection. The main aim of the proposed system is to provide protection to users from phishers deception tricks, giving them the ability to detect the legitimacy of the websites. The proposed intelligent phishing detection system employed Fuzzy Logic (FL) model with association classification mining algorithms. The approach combined the capabilities of fuzzy reasoning in measuring imprecise and dynamic phishing features, with the capability to classify the phishing fuzzy rules. Different phishing experiments which cover all phishing attacks, motivations and deception behaviour techniques have been conducted to cover all phishing concerns. A layered fuzzy structure has been constructed for all gathered and extracted phishing website features and patterns. These have been divided into 6 criteria and distributed to 3 layers, based on their attack type. To reduce human knowledge intervention, Different classification and association algorithms have been implemented to generate fuzzy phishing rules automatically, to be integrated inside the fuzzy inference engine for the final phishing detection. Experimental results demonstrated that the ability of the learning approach to identify all relevant fuzzy rules from the training data set. A comparative study and analysis showed that the proposed learning approach has a higher degree of predictive and detective capability than existing models. Experiments also showed significance of some important phishing criteria like URL & Domain Identity, Security & Encryption to the final phishing detection rate. Finally, our proposed intelligent phishing website detection system was developed, tested and validated by incorporating the scheme as a web based plug-ins phishing toolbar. The results obtained are promising and showed that our intelligent fuzzy based classification detection system can provide an effective help for real-time phishing website detection. The toolbar successfully recognized and detected approximately 92% of the phishing websites selected from our test data set, avoiding many miss-classified websites and false phishing alarms. Phishing e-banking Fuzzy logic Association Classification Machine learning Data mining Website detection
100	An Integrated Intelligent Approach to Enhance the Security Control of IT Systems. A Proactive Approach to Security Control Using Artificial Fuzzy Logic to Strengthen the Authentication Process and Reduce the Risk of Phishing Salem, Omran S.A. January 2012 (has links) Hacking information systems is continuously on the increase. Social engineering attacks is performed by manipulating the weakest link in the security chain; people. Consequently, this type of attack has gained a higher rate of success than a technical attack. Based in Expert Systems, this study proposes a proactive and integrated Intelligent Social Engineering Security Model to mitigate the human risk and reduce the impact of social engineering attacks. Many computer users do not have enough security knowledge to be able to select a strong password for their authentication. The author has attempted to implement a novel quantitative approach to achieve strong passwords. A new fuzzy logic tool is being developed to evaluate password strength and measures the password strength based on dictionary attack, time crack and shoulder surfing attack (social engineering). A comparative study of existing tools used by major companies such as Microsoft, Google, CertainKey, Yahoo and Facebook are used to validate the proposed model and tool. A comprehensive literature survey and analytical study performed on phishing emails representing social engineering attacks that are directly related to financial fraud are presented and compared with other security threats. This research proposes a novel approach that successfully addresses social engineering attacks. Another intelligent tool is developed to discover phishing messages and provide educational feedback to the user focusing on the visible part of the incoming emails, considering the email’s source code and providing an in-line awareness security feedback.

Search results