81 |
A Behavioral Economics Perspective on Cognitive Biases in CybersecurityAlecse, Cristian 01 January 2022 (has links) (PDF)
As the complexity of technology and information systems constantly increases, the human component becomes ever more prone to cybersecurity errors. Nevertheless, the existing information security policies created to prevent cybersecurity incidents show very little account of human behavior. This corresponds with the view of the neoclassical economics model that regards humans as rational agents who have perfect self-control and who make only rational choices when provided with adequate information. Behavioral economics introduced quantifiable irrationalities in the model, allowing for an explanation of why humans are often taking decisions that are not in their best interest. This dissertation comprises three studies that explore the influence of cognitive biases and heuristics in cybersecurity. Findings from Study 1 confirm that when presented with a large assortment of choices individuals are more likely to defer their decision than when presented with a small assortment of choices. Also, time constraints are acting as a moderator in the relationship between the number of choices and decision deferral caused by choice overload. Study 2 revealed that the level of fear of missing out is positively correlated with the level of social engineering vulnerability and a negative correlation of information security awareness with social engineering vulnerability was confirmed. Also, an analysis of the influence of information security awareness on the relationship between the level of fear of missing out and the level of social engineering vulnerability indicated a moderation effect. Study 3 emphasized the importance of integrating the habit concept into research on information systems security by revealing a positive correlation between the level of habits in daily life and the level of ISS compliance habits. Also, the study confirmed that ISS training participation is positively correlated with the level of ISS compliance habits strength.
|
82 |
Interdisciplinary Cybersecurity for Resilient CyberdefenseAit Maalem Lahcen, Rachid 01 January 2020 (has links)
Cybersecurity's role is to protect confidentiality, integrity, and availability of enterprise assets. Confidentiality secures data from theft, integrity mitigates modification of data in a malicious way, and availability assures continuation of systems' access and services. However, achieving these goals is difficult due to the mushrooming of various cyber attackers that come from individuals or state actors with motives ranging from ideological, financial, state-sponsored espionage, revenge, or simple curiosity and boredom. The difficulty also lies in the complexity of the cyber layers that are not well studied. Layers that interconnect and require effective communication and collaboration. This effectiveness is still lacking in cyber programs. To understand this complexity, one must seek an interdisciplinary approach to cybersecurity. Interdisciplinary study requires understanding of technology, mathematics, engineering, psychology, economics, human factors, and political science. Hence, this dissertation is proposing an Interdisciplinary Cybersecurity for Resilient Cyberdefense or ICRC model that includes (1) building behavioral aspects of cybersecurity with insider threat insights, (2) mastering encryption standards and requirements through developing a novel encryption method, (3) understanding different cyberdefense strategies' costs and payoffs by using game theory, (4) assessing vulnerabilities in the networks and plan ethical hacking in an audit, (5) studying machine learning challenges in cybersecurity to improve tools and set new ontologies for different threats, including the insider threat risk, and (6) address trustworthiness by aligning overall requirements of cybersecurity. ICRC is more than the sum of the above parts; it is a new approach for cybersecurity professionals to consider expanding their expertise to be interdisciplinary. Since cybersecurity is a complex task it requires a team that can handle its complexity. However, a given team's structure, team's hierarchy, and team members' characteristics could affect negatively that team's performance. With executing ICRC, both the team and the individuals seek interdisciplinary approaches to contribute to enterprise's resilience.
|
83 |
Human-out-of-the-Loop Swarm-based IoT Network Penetration Testing By IoT DevicesSchiller, Thomas 15 August 2023 (has links) (PDF)
Networks of IoT devices are becoming increasingly important, but these networks are prone to cybersecurity issues. This work provides a novel approach for safer IoT networks: swarm-based IoT cybersecurity penetration testing by other IoT devices in the same network. To test this scenario, a simulation environment including three different penetration testing algorithms was developed. A linear penetration testing algorithm mimics human penetration testing activities and is used with a single agent and with multiple agents. A swarm-based algorithm utilizing queues adds communication between agents. The third algorithm is a swarm algorithm that uses Particle Swarm Optimization (PSO), thus adding a nature-based approach. All three algorithms are used to find vulnerabilities in simulated IoT networks of two different sizes. The networks are a smart home with 30 IoT devices and a smart building with 250 IoT devices. This study's results show the superiority of multi-agent approaches over linear, single-agent approaches to detecting unique vulnerabilities in a network. The swarm algorithms, which used communication between agents, outperformed the multi-agent approach with no communication. Additionally, the swarm algorithm utilizing queues demonstrated faster detection of vulnerabilities than the PSO algorithm. However, over time, the PSO outperformed the queue-based algorithm on the smart home scale. The smart building scale also provided faster detection for the queue-based algorithm than for the PSO. However, the PSO approach again provides better results over time and uses less computation time and memory resources.
|
84 |
Detection of Jamming Attacks in VANETsJustice, Thomas 01 May 2024 (has links) (PDF)
A vehicular network is a type of communication network that enables vehicles to communicate with each other and the roadside infrastructure. The roadside infrastructure consists of fixed nodes such as roadside units (RSUs), traffic lights, road signs, toll booths, and so on. RSUs are devices equipped with communication capabilities that allow vehicles to obtain and share real-time information about traffic conditions, weather, road hazards, and other relevant information. These infrastructures assist in traffic management, emergency response, smart parking, autonomous driving, and public transportation to improve roadside safety, reduce traffic congestion, and enhance the overall driving experience. However, communication between the vehicles and the infrastructure devices could be deliberately disrupted by cyber attackers to cause fatal traffic accidents or congestion. One of the common methods used by such attackers is the wireless jamming attack, where the attacker uses a jamming device to transmit high-power radio signals on the same frequency that the vehicular network is using. This causes interference, delays, or prevents legitimate communications to the vehicles, disabling them from responding to obstacles, emergency services, and warning messages, resulting in serious consequences and posing a significant threat to the safety and efficiency of transportation systems. These safety concerns could be mitigated or avoided by implementing appropriate security measures to protect against jamming. This thesis will provide an overview of the vehicular network system and discuss security measures and methods needed to ensure the safe and reliable operation of the vehicular communication system.
|
85 |
The Effects of Inhibitory Control and Perceptual Attention on Cyber SecurityPearson, Ed 03 May 2019 (has links)
This dissertation recommends research to investigate the effects inhibitory control and perceptual attention have on the cyber security decision-making process. Understanding the effects that inhibitory control and perceptual attention have on the security decision- making process will allow for better defenses to be developed against social engineering and phishing. A survey and review of previous research in the area of Human Computer- Interaction and Security is presented. An experiment is performed to evaluate inhibitory control, which is composed of prepotent response inhibition, resistance to distractor interference, and resistance to proactive interference (PI). Additionally, the experiment evaluates perceptual attention and the security decision-making process.
|
86 |
Deep Reinforcement Learning for Automated Cybersecurity Threat DetectionMüller, Daniel 01 January 2023 (has links) (PDF)
Cybersecurity is a technological focus of individuals, businesses, and governments due to increasing threats, the sophistication of attacks, and the growing number of smart devices. Planning, assessment, and training in cybersecurity operations have also grown to combat these threats, resulting in a boom in cyber defense software and services, workforce development and career opportunities, and research in automated cyber technologies. However, building and maintaining a new workforce and developing innovative cyber-threat solutions are expensive and time-consuming. This thesis introduces a configurable machine-learning environment tailored for training agents that uses different reinforcement learning algorithms within the cybersecurity domain. The environment allows agents to learn simulated cyber-attacks, which act as opposition forces in a realistic, controlled setting that reduces the risk to real computer networks. The thesis also investigates relevant research on machine learning agents for cybersecurity, discusses the simulation architecture, and describes experiments utilizing the Proximal Policy Optimization and Advantage Actor-Critic algorithms. The objective of the thesis is to determine the superior algorithm for automatically identifying exploitable vulnerabilities by evaluating the performance based on accuracy, detected vulnerabilities, and time efficiency.
|
87 |
Enhancing usability using automated security interface adaptation (ASIA)Zaaba, Zarul Fitri January 2014 (has links)
Many users are now significantly dependent upon computer application. Whilst many aspects are now used very successfully, an area in which usability difficulties continue to be encountered is in relation to security. Thus can become particularly acute in situations where users are required to interact and make decisions, and a key context here is typically when they need to respond to security warnings. The current implementation of security warnings can often be considered as an attempt to offer a one size fits all solution. However, it can be argued that many implementations are still lacking the ability to provide meaningful and effective warnings. As such, this research focuses upon achieving a better understanding of the elements that aid end-users in comprehending the warnings, the difficulties with the current approaches, and the resulting requirements in order to improve the design and implementation of such security dialogues. In the early stage of research, a survey was undertaken to investigate perceptions of security dialogues in practice, with a specific focus upon security warnings issued within web browsers. This provided empirical evidence of end-users’ experiences, and revealed notable difficulties in terms of their understanding and interpretation of the security interactions. Building upon this, the follow-up research investigated understanding of application level security warnings in wider contexts, looking firstly at users’ interpretation of what constitutes a security warning and then at their level of comprehension when related warnings occurred. These results confirmed the need to improve the dialogues so that the end-users are able to act appropriately, and consequently promoted the design and prototype implementation of a novel architecture to improve security warnings, which has been titled Automated Security Interface Adaptation (ASIA). The ASIA approach aims to improve security warnings by tailoring the interaction more closely to individual user needs. By automatically adapting the presentation to match each user’s understanding and preferences, security warnings can be modified in ways that enable users to better comprehend them, and thus make more informed security decisions and choices. A comparison of the ASIA-adapted interfaces compared to standard versions of warnings revealed that the modified versions were better understood. As such, the ASIA approach has significant potential to assist (and thereby protect) the end-user community in their future interactions with security.
|
88 |
A distributed global-wide security systemCoffey, Thomas January 1994 (has links)
No description available.
|
89 |
Orthogonal Security Defect Classification for Secure Software DevelopmentHunny, UMME 31 October 2012 (has links)
Security defects or vulnerabilities are inescapable in software development. Thus, it is always better to address security issues during the software development phases, rather than developing patches after the security threats are already in place. In line with this, a number of secure software development approaches have been proposed so far to address the security issues during the development processes. However, most of these approaches lack specific process improvement activities. The practice of taking adequate corrective measures at the earliest possible time by learning from the past mistakes is absent in case of such security-aware iterative software development processes. As one might imagine, software security defect data provide an invaluable source of information for a software development team. This thesis aims at investigating existing security defect classification schemes and providing a structured security-specific defect classification and analysis methodology.
Our methodology which we build on top of the Orthogonal Defect Classification (ODC) scheme, is customized to generate in-process feedback by analyzing security defect data. More specifically, we perform a detailed analysis on the classified security defect data and obtain in-process feedback using which the next version of software can be more secure and reliable. We experiment our methodology on the Mozilla Firefox and Chrome security defect repositories using six consecutive versions and milestones, respectively. We find that the in-process feedback generated by applying this methodology can help take corrective actions as early as possible in iterative secure software development processes. Finally, we study the correlations between software security defect types and the phases of software development life-cycle to understand development improvement by complementing the previous ODC scheme. / Thesis (Master, Computing) -- Queen's University, 2012-10-30 15:47:34.47
|
90 |
Vulnerabililty Analysis of Multi-Factor Authentication ProtocolsGarrett, Keith 01 January 2016 (has links)
In this thesis, the author hypothesizes that the use of computationally intensive mathematical operations in password authentication protocols can lead to security vulnerabilities in those protocols. In order to test this hypothesis: 1. A generalized algorithm for cryptanalysis was formulated to perform a clogging attack (a formof denial of service) on protocols that use computationally intensive modular exponentiation to guarantee security. 2. This technique was then applied to cryptanalyze four recent password authentication protocols, to determine their susceptibility to the clogging attack. The protocols analyzed in this thesis differ in their usage of factors (smart cards, memory drives, etc.) or their method of communication (encryption, nonces, timestamps, etc.). Their similarity lies in their use of computationally intensivemodular exponentiation as amediumof authentication. It is concluded that the strengths of all the protocols studied in this thesis can be combined tomake each of the protocols secure from the clogging attack. The conclusion is supported by designing countermeasures for each protocol against the clogging attack.
|
Page generated in 0.0494 seconds