• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 18
  • 10
  • 7
  • Tagged with
  • 37
  • 17
  • 16
  • 12
  • 12
  • 10
  • 8
  • 7
  • 7
  • 7
  • 6
  • 6
  • 6
  • 6
  • 6
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
31

An Investigation of People’s Perception of Digital Threats / Formalisering av inneslutningstrategier i ett ramverk för probabilistisk hotmodellering

Rabbani, Wasila January 2024 (has links)
This project examines cyber threats and their impact on individuals and organizations. The thesis focuses on a thorough literature review and uses surveys for primary data collection. The quantitative method was chosen to gather numeric data on these threats. The methodology classifies digital threats and analyzes survey results about these threats. It also gathers data on the perceived difficulty of these threats and compares general beliefs with expert opinions and statistical data from literature. Surveys targeted individuals aged 20-45 with a university degree, obtaining 86 responses. Interviews with five security professionals followed a standardized format, aiding in a comparative analysis with the survey data. The questions addressed several cyber threats, including phishing, ransomware, insecure passwords, malware, traffic sniffing, and denial of service. Notably, many respondents lacked a clear understanding of the significance of insecure passwords and traffic sniffing. By using quantitative methods and integrating survey results with expert opinions and literature findings, this study deepens the understanding of cyber threats. The results spotlight misconceptions and knowledge gaps about cyber threats, underscoring the need for better cybersecurity awareness and education. / Detta projekt undersöker cyberhot och deras påverkan på individer och organisationer. Avhandlingen fokuserar på en grundlig litteraturgranskning och använder enkäter för primär datainsamling. Den kvantitativa metoden valdes för att samla numeriska data om dessa hot. Metodiken klassificerar digitala hot och analyserar enkätresultat om dessa hot. Den samlar också in data om den upplevda svårigheten av dessa hot och jämför allmänna uppfattningar med expertåsikter och statistiska data från litteratur. Enkäter riktade sig till individer i åldern 20-45 med en universitetsexamen, och gav 86 svar. Intervjuer med fem säkerhetsprofessionella följde ett standardiserat format, vilket underlättade en jämförande analys med enkätdata. Frågorna behandlade flera cyberhot, inklusive phishing, ransomware, osäkra lösenord, skadlig programvara, trafikavlyssning och denial of service. Framför allt saknade många svarande en tydlig förståelse för betydelsen av osäkra lösenord och trafikavlyssning. Genom att använda kvantitativa metoder och integrera enkätresultat med expertutlåtanden och litteraturfynd fördjupar denna studie förståelsen för cyberhot. Resultaten belyser missuppfattningar och kunskapsluckor om cyberhot, vilket understryker behovet av bättre medvetenhet och utbildning inom cybersäkerhet.
32

Assessing cybersecurity within game companies : An interview study

Ginman, Johan January 2023 (has links)
This study examines the understanding of cybersecurity, with a distinct focus on the culture and awareness of cybersecurity within the Swedish game development industry. Utilising a qualitative research design, five semi-structured interviews were conducted with professionals in the domain, and the results are discussed and compared with relevant prior studies. The findings reveal a variance in cybersecurity cultures between larger and smaller organisations, largely dictated by resource availability; security measures are frequently implemented in a reactive rather than proactive manner. Moreover, the study identifies ransomware as the most significant threat in the studio’s threat landscapes. Companies’ perceptions and responses to this threat differ; smaller enterprises often rely on informal security policies, while larger organisations implement regular backup procedures and more sophisticated security measures.
33

Skydd och incidentrespons inom IT-säkerhet : En studie kring utvecklingen av ransomware / Protection and incident response within IT-security: A study about the development of ransomware

Ericson, Christoffer, Derek, Nick January 2023 (has links)
Cybersäkerhet är ett konstant växande hot mot organisationer, genom det ständigt ökade digitaliserade samhället, dock finns tecken på att medvetenheten hos organisationer ökar vad gäller cyberattacker och cybersäkerhet. Cyberattacker kan skapa konsekvenser som kan förhindra organisationens verksamhet. Detta lägger grunden till arbetet, att se hur försvarsförmågan har utvecklats. I värsta fall medför en cyberattack konsekvenser som kan äventyra en organisations överlevnadsförmåga. I och med det nya hotet ransomware, där hotaktören krypterar offrets filer och sedan kräver en lösensumma, har konsekvenserna kraftigt kommit att bli mer fatala. Metoderna för ransomware utvecklas av hotaktörerna vilket kan bidra till mer än bara ekonomiska konsekvenser för organisationen. Mot ransomware gäller i stort samma skyddsåtgärder som mot alla former av cyberattacker, däremot finns en del särskilt viktiga aspekter som belyses i detta arbete, till exempel implementering av backups, adekvat dataskydd samt god Patch Management (d.v.s. protokoll för att åtgärda sårbarheter i programvara). I arbetet sammanställs en branschkonsensus för hur organisationer skall arbeta gentemot cyberattacker, specifikt ransomwareattacker. Detta har gjorts genom en litteratur- och kvalitativ intervjustudie, som sedan har analyserats och diskuterats. Intervjustudien har genomförts hos organisationer som bedöms lämpliga för detta då de dagligen arbetar med cybersäkerhet. En av rekommendationerna är att ha en bra backuprutin, där man skapar, distribuerar och testar dessa. Genom arbetet belyses även hur god patch management bör implementeras. Slutligen presenteras även en ny metod, Ransomware 3.0 där hotaktörer stjäl en organisations IT-miljö för att sedan radera denna lokalt hos organisationen och sedan säljer tillbaka denna, som används av hotaktörerna, som hittills varit okänd, där vidare forskning bör vidtas. / Cybersecurity is a constantly growing threat against organisations due to the increasingly digitalisation of society, although there are signs that the consciousness at organisations has increased regarding cyberattacks and cybersecurity. Cyberattacks can create consequences that can restrain an organisations operations. This creates the foundation for this study, to see how the defence capabilities has developed. A cyberattack can, in the worst case scenario, threaten an organisations ability to survive. In regards to the new threat, ransomware, where the threat actor encrypts the victim’s files and demands a ransom, the consequences can be fatal. The new methods associated with ransomware, where the threat actor also exfiltrates the victim’s files, strongly impact the organisations ability to operate. This could lead to economic consequences, as well as damages towards stakeholder relations. Most protective measures applies towards ransomware, however there are some especially important aspects that are presented in this paper, such as implementation of backups, sufficient data protection as well as good Patch Management (protocol to patch vulnerabilities in software). In this paper, an industry consensus on how organisations should work against cyberattacks, especially ransomware, is compiled. This was performed through a litterature and a qualitative interview study. Both studies has been analysed and discussed.The interview study has been accomplished by interviewing appropriate organisations that work with cyber security daily. One of the recommendations is to have a good backup protocol, which implies creating, distributing and testing these backups. This paper also presents how a good patch management should be implemented. Finally, this paper presents a new method, Ransomware 3.0 where the threat actor steals an organisations IT environment, and then destroys the local copy at the organisation to then sell it back, that is used by the threat actors, that is still uncommon knowledge, where continued research have to be conducted.
34

Ransomware-hotet mot svenska sjukhus : – en intervju- och litteraturstudie

Ahl, Josefin, Djurklou, Julia January 2021 (has links)
Statistik visar att ransomware har ökat lavinartat de senaste åren, inte minst under den rådande Covid-19-pandemin. Cyberkriminella har kommit att utnyttja sjukhus runt om i världen som redan är överbelastade med att ta hand om patienter svårt sjuka i Covid-19. I denna uppsats undersöks det hur de svenska sjukhusen upplever och hanterar det ökade hotet av ransomware. Den utgörs av en litteraturstudie och några djupintervjuer. Litteraturstudien görs för att utforska fenomenet ransomware och ta reda på varför ransomware är en framgångsrik metod för kriminella att använda vid utpressning. Syftet är även att undersöka hur svenska sjukhus förhåller sig till att hälso- och sjukvårdssektorn har blivit attraktiva mål för cyberangrepp. I intervjustudien undersöks sjukhusens IT-säkerhet för att kartlägga om de är tillräckligt motståndskraftiga mot ransomware-angrepp. Intervjusvaren diskuteras och analyseras mot bakgrund av litteraturen. Slutsatsen av denna analys ligger till grund för åtgärdsförslag. Resultatet visar att sjukhusen/regionerna som tillfrågats har en bra IT-säkerhet. De mest centrala säkerhetsmekanismerna för verksamheterna är deras backup- och återställningsrutiner i kampen mot ransomware. Diskussionen i arbetet sammanfogar resultatet från både litteraturstudien och intervjustudien som genomförts. Utifrån diskussionen dras sedan slutsatsen att regionerna som tillfrågats har bra säkerhet och uppfyller de flesta av rekommendationer som publicerats av svenska myndigheter. Inte desto mindre resulterar studien i några uppslag till förbättringar i säkerhetsrutiner. / Statistics show an increase in ransomware activity in recent years. The increase is mainly due to the ongoing Covid-19 pandemic. Cybercriminals take advantage of the fact that hospitals worldwide are overloaded with caring for seriously ill patients in Covid-19 and perform ransomware attacks. This thesis examines how Swedish hospitals experience and handle the increased threat of ransomware. The bachelor’s thesis consists of a literature study and some in-depth interviews. The literature study is investigating ransomware as a phenomenon and finding out why it is a successful method for cybercriminals to use in digital extortion. The purpose is also to investigate how Swedish hospitals relate to the fact that the healthcare sector has become an attractive target for cyber-attacks. The interview study examines the hospitals' IT security to determine whether they are sufficiently resistant to ransomware attacks. The interview results are discussed and analyzed against the background of the literature. The conclusion of this analysis is the basis for the proposed countermeasure. The results show that the hospitals surveyed have suitable IT security. The most central security mechanisms for the hospitals are their backup and recovery routines in the fight against ransomware. The discussion in this work combines the results from the literature and interview studies carried out. Based on the discussion, the conclusion is that the hospitals surveyed have good security and meet most of the recommendations published by Swedish authorities. Still, there is room for some improvement which is indicated.
35

Practice-Oriented Cybersecurity Training Framework

Podila, Laxmi Mounika January 2020 (has links)
No description available.
36

Students’ Perception of Cyber Threat Severity : Investigating Alignment with Actual Risk Levels

Erfani Torbaghani, Ramtin January 2023 (has links)
This study aims to investigate the alignment between students’ perception of cyber threats and their actual risk levels. A mixed-method approach was used, where data was collected from Swedish university students through questionnaires, capturing their perception, familiarity, experience, and protective behaviors. Information regarding the actual risk levels of cyber attacks was obtained from interviews with cyber security professionals and other expert sources, such as cyber security reports. The results showed that students perceive malware, ransomware, phishing, and insecure passwords as the most dangerous threats to society, while denial of service (DoS) attacks and packet sniffing were considered less severe. These findings align somewhat with the suggested threat levels. However, notable proportions of students perceived these threats as moderately dangerous or less severe, suggesting room for improvement in their understanding. The results also showed that protective behaviors among students are generally low, particularly in regards to IoT security. Future work should therefore explore the public’s perception, protective behavior and knowledge of IoT security, but also attacks that are common against such devices. / Denna studie jämför universitetsstudenters uppfattning om hur farliga olika cyberhot är med de faktiska risknivåerna för dessa hot. Data på studenternas uppfattning, bekantskap, erfarenhet och beteenden samlades in genom frågeformulär, medans information om cyberhotens faktiska risknivåer inhämtades från intervjuer med cybersäkerhetsproffs och andra experskällor som cybersäkerhetsrapporter och artiklar. Resultaten visade att studenterna uppfattar malware, ransomware, phishing och osäkra lösenord som de farligaste hoten mot samhället, medan denial of service (DoS)-attacker och packet sniffing ansågs vara mindre allvarliga. Dessa fynd överensstämde något med de föreslagna risknivåerna. Dock ansåg en anmärkningsvärd andel av studenterna dessa hot som måttligt farliga eller mindre allvarliga, vilket tyder på utrymme för förbättringar i deras förståelse. Resultaten visade också att skyddande beteenden bland studenter generellt är låga, särskilt när det gäller IoT-säkerhet. Framtida studier bör därför utforska allmänhetens uppfattning, skyddsbeteende och kunskap om IoT-säkerhet, men även attacker som är vanliga mot sådana enheter.
37

The Dark Flows of Cryptocurrency : an overview of money flow behaviors in Bitcoin transactions related to online criminal activities and Bitcoin mixers

Olsson, Anton, Andersson, Daniel January 2024 (has links)
The decentralized and pseudonymous nature of cryptocurrencies like Bitcoin has made it easier for criminal entities to engage in illicit activities online compared to relying on traditional currency systems. Detecting these activities is vital to preventing and combating such abuse. We employ a data collection tool based on a Depth First Search algorithm to follow the largest receivers from 10 illicit starting addresses in each abuse type; Darknet, Blackmail, Tumbler, and Ransomware. The results from our two searches showed that money tends to be concentrated to one or two receivers and that all abuse types rely heavily on so-called Two-Transaction addresses. These addresses are only used once, likely as intermediaries to obfuscate money flow, potentially within the inner layer of Bitcoin Tumblers. The results also showed behaviors within the abuse types that were both consistent with and divergent from existing research. Furthermore, similarities and unique behaviors across the abuse types were identified. Expanding the dataset with deeper searches could yield clearer patterns in money flow behavior. Additionally, increasing the number of data collection points could enhance the analysis. Finally, the starting addresses significantly impacted the trustworthiness and reliability of our results. We hope our findings, lessons, and developed tools will aid future research and the development of strategies to combat online abuse.

Page generated in 0.0603 seconds