Bedrägeribrott mot Sveriges äldre invånare : - Tillvägagångssätt & säkerhetsåtgärder / Fraud against Elderly Citizens in Sweden : - Methods, Techniques & Safety measures

Kyrö, Filippa, Loodin, David

January 2022

Kyrö, F. & Loodin, D. Bedrägeribrott mot Sveriges äldre invånare. Tillvägagångssätt & säkerhetsåtgärder. Examensarbete i Kriminologi, 15 högskolepoäng. Malmö universitet: Fakulteten för hälsa och samhälle, institutionen för Kriminologi, 2022.   Bedrägeribrott mot äldre fortsätter att utgöra ett högst relevant problem i samband med den fortsatta digitaliseringen av vårt samhälle. I takt med att allt fler tjänster blir digitala är det viktigt att vi värnar för att dessa personer inkluderas i utvecklingen. Genom semistrukturerade intervjuer undersöktes vilka tillvägagångssätt som används vid bedrägeribrott mot äldre samt vilka säkerhetsåtgärder som används i dagsläget för att minska deras utsatthet för denna typ av brott. Ur resultatet framkom att befogenhetsbedrägeri tillhör den vanligaste typen av bedrägeribrott mot äldre och att flera olika metoder används. Tekniker som stress och social manipulation samt utnyttjande av social isolering, tillit till samhället och myndigheter samt teknikovana är återkommande i majoriteten av de metoder som används. Vidare framkom det från respondenterna att insatser och åtgärder vars syfte är informationsspridning och beteendeförändring ansågs utgöra de viktigaste proaktiva säkerhetsåtgärderna för att minska risken för fortsatt viktimisering av denna grupp. De främsta reaktiva säkerhetsåtgärderna som lyftes av respondenterna var bankernas säkerhetssystem som larmar om avvikande transaktioner upptäcks samt att anmäla bedrägeriförsök och fullbordade bedrägeribrott till Polisen. Under arbetets gång identifierades även ett omfattande mörkertal gällande antalet äldre som blivit utsatta för bedrägeribrott. Två eventuellt bidragande faktorer till det stora mörkertalet var enligt respondenterna låg anmälningsbenägenheten bland äldre till följd av en skam kopplat till deras utsatthet samt att majoriteten av misslyckade bedrägeriförsöken inte anmäls till Polisen. / Kyrö, F. & Loodin, D. Fraud Against Elderly Citizens in Sweden. Methods, Techniques & Safety measures. Bachelor's thesis in Criminology 15 credits. Malmö University: Faculty of Health and Society, Department of Criminology, 2022.   Fraud against elders remains a pertinent problem as the digitalization of our society continue. As more services become digital it is of outmost importance that we ensure that these people are being included in the progress. By conducting semi structured interviews information were gathered regarding methods and techniques commonly used by culprits of fraud against elderly citizens in Sweden as well as the kind of security measures that are currently in place to prevent further victimization among the population. The results shows that the most common type of fraud perpetrated against elderly citizens in Sweden is courier fraud where the culprit pretends to represent for example a police officer or bank officials. Several different methods are being used but techniques such as the use of stress, social manipulation and exploitation of the victim’s social isolation, trust in society and authorities, and lesser digital skill is reoccurring in most of the methods being used. Measures that aimed to contribute to the spread of information and behavioural change were thought of as the most important proactive security measures. Among the most important reactive security measures were the banks security systems that alert the banks when it detects any abnormal transactions and reporting the crime to the Police authority. During the study a substantial issue regarding the high number of unreported cases. Two potential factors contributing to this was according to the respondent’s low inclination to report due to feelings of shame and that failed attempts of fraud rarely are being reported to the authorities.

Digital crimes

elderly

fraud

methods

security measures

social manipulation

Bedrägeri

digitala brott

social manipulation

säkerhetsåtgärder

tillvägagångsätt

äldre

Social Sciences

Samhällsvetenskap

The Chief Security Officer Problem

Tanga, Vikas Reddy

12 1900

The Chief Security Officer Problem (CSO) consists of a CSO, a group of agents trying to communicate with the CSO and a group of eavesdroppers trying to listen to the conversations between the CSO and its agents. Through Lemmas and Theorems, several Information Theoretic questions are answered.

Secrecy

CSO model

Pairing strategies

Secrecy efficiency

Optimality

Power allocation

Computer security.

Using Spammers' Computing Resources for Volunteer Computing

Bui, Thai Le Quy

13 March 2014

Spammers are continually looking to circumvent counter-measures seeking to slow them down. An immense amount of time and money is currently devoted to hiding spam, but not enough is devoted to effectively preventing it. One approach for preventing spam is to force the spammer's machine to solve a computational problem of varying difficulty before granting access. The idea is that suspicious or problematic requests are given difficult problems to solve while legitimate requests are allowed through with minimal computation. Unfortunately, most systems that employ this model waste the computing resources being used, as they are directed towards solving cryptographic problems that provide no societal benefit. While systems such as reCAPTCHA and FoldIt have allowed users to contribute solutions to useful problems interactively, an analogous solution for non-interactive proof-of-work does not exist. Towards this end, this paper describes MetaCAPTCHA and reBOINC, an infrastructure for supporting useful proof-of-work that is integrated into a web spam throttling service. The infrastructure dynamically issues CAPTCHAs and proof-of-work puzzles while ensuring that malicious users solve challenging puzzles. Additionally, it provides a framework that enables the computational resources of spammers to be redirected towards meaningful research. To validate the efficacy of our approach, prototype implementations based on OpenCV and BOINC are described that demonstrate the ability to harvest spammer's resources for beneficial purposes.

Computers -- Energy conservation

Computer Sciences

Information Security

Secure data aggregation protocol for sensor networks

Shah, Kavit

20 February 2015

Indiana University-Purdue University Indianapolis (IUPUI) / We propose a secure in-network data aggregation protocol with internal verification, to gain increase in the lifespan of the network by preserving bandwidth. For doing secure internal distributed operations, we show an algorithm for securely computing the sum of sensor readings in the network. Our algorithm can be generalized to any random tree topology and can be applied to any combination of mathematical functions. In addition, we represent an efficient way of doing statistical analysis for the protocol. Furthermore, we propose a novel, distributed and interactive algorithm to trace down the adversary and remove it from the network. Finally, we do bandwidth analysis of the protocol and give the proof for the efficiency of the protocol.

Sensor networks

Security

Data aggregation

Database management

Computer networks -- Security measures

Statistics

Broadband communication systems

Algorithms

ICAO's aviation security programme post 911 : a legal analysis

Jallow-Sey, Aisatou

January 2003

No description available.

September 11 Terrorist Attacks, 2001

Analyzing and Securing Software via Robust and Generalizable Learning

Pei, Kexin

January 2023

Software permeates every facet of our lives, improving their convenience and efficiency, and its sphere of influence continues to expand, leading to novel applications and services. However, as software grows in complexity, it increasingly exposes vulnerabilities within the intricate landscape of security threats. Program analysis emerges as a pivotal technique for constructing software that is secure, reliable, and efficient. Despite this, existing methodologies predominantly rely on rules and heuristics, which necessitate substantial manual tuning to accommodate the diverse components of software. In this dissertation, I introduce our advancements in data-driven program analysis, a novel approach in which we employ machine learning techniques to comprehend both the structures and behaviors of programs, thereby enhancing the analysis and security of software applications. Besides focusing on traditional software, I also elaborate on our work in the systematic testing and formal verification of learned software components, including neural networks. I commence by detailing a succession of studies centered on the ambitious goal of learning execution-aware program representations. This is achieved by training large language models to understand program execution semantics. I illustrate that the models equipped with execution-aware pre-training attain state-of-the-art results in a range of program analysis tasks, such as detecting semantically similar code, type inference, memory dependence analysis, debugging symbol recovery, and generating invariants. Subsequently, I outline our approach to learning program structures and dependencies for disassembly and function boundary recovery, which are building blocks for downstream reverse engineering and binary analysis tasks. In the final part of this dissertation, I delve into DeepXplore, the inaugural white-box testing framework designed for deep learning systems, and VeriVis, a pioneering verification framework capable of proving the robustness guarantee of neural networks with only black-box access, extending beyond norm-bounded input transformations.

Computer science

Computer software--Security measures

Computer security--Computer programs

Deep learning (Machine learning)

Neural networks (Computer science)

犯罪不安の生起過程の検討 / ハンザイ フアン ノ セイキ カテイ ノ ケントウ

柴田 侑秀, Yukihide Shibata

22 March 2022

先行研究は高いリスク認知が犯罪不安の原因になるとしてきたが、因果関係は確かめられてこなかった。本研究はそうした問題を解決するため、実験的手法を用いて犯罪不安の生起過程を検討した。研究1では、階層的クラスター分析によって犯罪を分類し、測定に使用する罪種を決定する基準とした。研究2では被害に遭う確率の推定が、研究3では被害に遭った際のダメージの大きさの推定が犯罪不安の原因となるか検討した。研究4では防犯対策の告知が犯罪不安を高めるか検討した。 / 博士(心理学) / Doctor of Philosophy in Psychology / 同志社大学 / Doshisha University

犯罪不安

リスク認知

防犯対策

fear of crime

risk perception

security measures

Fear of Crime- Among Business Representatives and how it is Affected Through the Security Measures of the Business

Hartman, Hampus

January 2015

This study examines how fear of crime is altered in regards to crime-preventive strategies and programs among individuals within businesses. The study also investigates whether perceived risk, previous victimization, and demographics influence the individuals within the businesses fear of crime against their businesses. Based on a theoretical discussion derived from the Vulnerability Perspective, Indirect and Direct Experience with Crime, Ecological Perspective, and the Situational Crime Prevention perspective, this study assesses how individuals within businesses fear of crime affects the business crime-preventive strategies and programs, and vice versa. Qualitative semi-structured interviews were conducted with high level participants and business owners from different industries. It is concluded that the general fear of crime among the interviewees businesses are considered as none, or very low. Most security measures in regards to these types of crimes are used because of standards, rather than influenced by fear. However, some security measured have had been established and altered because of previous victimization. The most fear inducing crimes among the interviewees were those types of crimes which involved intoxicated offenders, where violent outcomes with regards to the employees were considered to be high. Only the high risk businesses representatives had this type of fear, because of prior direct victimization. In some regards, the security measures used by the businesses provide the business representatives with the feeling of being in control, which causes the levels of fear of crime to be low. Another reason for the low level of fears among the business representatives is that the crimes committed towards their organizations are not seen as a personal victimization; instead it is regarded to be frustrating, as it causes economic damages and more work. It also appears that the more vulnerable the business is to become victimized by crime, the more security measures are applied.

Crime against businesses

Fear of Crime

High and low risks businesses

Security Measures

Situational Crime prevention

Social Sciences

Samhällsvetenskap

The Next Generation Botnet Attacks And Defenses

Wang, Ping

01 January 2010

A "botnet" is a network of compromised computers (bots) that are controlled by an attacker (botmasters). Botnets are one of the most serious threats to today’s Internet; they are the root cause of many current Internet attacks, such as email spam, distributed denial of service (DDoS) attacks , click fraud, etc. There have been many researches on how to detect, monitor, and defend against botnets that have appeared and their attack techniques. However, it is equally important for us to investigate possible attack techniques that could be used by the next generation botnets, and develop effective defense techniques accordingly in order to be well prepared for future botnet attacks. In this dissertation, we focus on two areas of the next generation botnet attacks and defenses: the peer-to-peer (P2P) structured botnets and the possible honeypot detection techniques used by future botnets. Currently, most botnets have centralized command and control (C&C) architecture. However, P2P structured botnets have gradually emerged as a new advanced form of botnets. Without C&C servers, P2P botnets are more resilient to defense countermeasures than traditional centralized botnets. Therefore, we first systematically study P2P botnets along multiple dimensions: bot candidate selection, network construction and C&C mechanisms and communication protocols. As a further illustration of P2P botnets, we then present the design of an advanced hybrid P2P botnet, which could be developed by botmasters in the near future. Compared with current botnets, the proposed botnet is harder to be shut down, monitored, and hijacked. It provides robust network connectivity, individualized encryption and control traffic dispersion, limited botnet exposure by each bot, and easy monitoring and recovery by its botmaster. We suggest and analyze several possible defenses against this advanced botnet. Upon our understanding of P2P botnets, we turn our focus to P2P botnet countermeasures. We provide mathematical analysis of two P2P botnet mitigation approaches — index iii poisoning defense and Sybil defense, and one monitoring technique - passive monitoring. We are able to give analytical results to evaluate their performance. And simulation-based experiments show that our analysis is accurate. Besides P2P botnets, we investigate honeypot-aware botnets as well. This is because honeypot techniques have been widely used in botnet defense systems, botmasters will have to find ways to detect honeypots in order to protect and secure their botnets. We point out a general honeypot-aware principle, that is security professionals deploying honeypots have liability constraint such that they cannot allow their honeypots to participate in real attacks that could cause damage to others, while attackers do not need to follow this constraint. Based on this principle, a hardware- and software- independent honeypot detection methodology is proposed. We present possible honeypot detection techniques that can be used in both centralized botnets and P2P botnets. Our experiments show that current standard honeypot and honeynet programs are vulnerable to the proposed honeypot detection techniques. In the meantime, we discuss some guidelines for defending against general honeypot-aware botnet attacks.

Computer networks -- Security measures

Computer security

Electrical and Computer Engineering

Electrical and Electronics

Engineering

Hur säkerhetsmedvetna är dagens pensionärer? : En kvalitativ studie om äldres säkerhetsmedvetande i en alltmer digitaliserad värld

Le, Thanh Quang

January 2024

Syftet med denna kvalitativa studie är att hitta förbättringspunkter i den äldre generationens onlinebeteende och säkerhetsmedvetande. Samt att kunna ge förslag och rekommendationer på säkerhetsåtgärder som kan bidra positivt till att motverka dagslägets vanligaste informationssäkerhetsrisker och hot.  Metoden som användes för att uppnå detta var en kombination av litteratursökning och intervjustudie för datainsamling.  Resultatet påvisade att respondenterna hade medvetenhet angående huvudsakligen olika sorters bedrägerier med inslag av social manipulation, såsom phishing, vishing, och smishing. Dock inte lika mycket medvetenhet angående mer tekniska säkerhetshot relaterade till exempelvis skadlig kod eller programvara. Det ansågs därmed existera förbättringspunkter gällande pensionärers säkerhetsmedvetande i form av behov av mer information och nyttjande av grundläggande säkerhetsåtgärder i högre grad, främst tekniska verktyg och åtgärder. / The purpose of this qualitative study is to find points of improvement in the older generation’s online behaviour and security awareness. Also to be able to give recommendations and suggestions on security measures that can contribute positively to the preventative work and counteraction against some of the most common information security risks and threats the elderly could face in today’s day and age as well.  The method used to achieve this was a combination of a literature overview and an interview study for data collection.  The results showed that the respondents had awareness regarding mainly different types of fraud including certain elements of social manipulation, such as phishing, vishing, and smishing. However, they showed less awareness regarding more technical security threats related to, for example, malicious code or software. It was therefore concluded that points of improvement exist regarding the pensioners’ security awareness. This is in the form of a need for more information and greater use of basic security measures, particularly technical tools and measures.

Pensioners

elderly

security awareness

security risks

security threats

security measures.

Pensionärer

säkerhetsmedvetande

säkerhetsrisker

säkerhetshot

säkerhetsåtgärder.

Computer and Information Sciences

Data- och informationsvetenskap