Global ETD Search

531	Understanding Awareness of Cyber Security Threat Among IT Employees Al-Mohannadi, Hamad, Awan, Irfan U., Al Hamar, J., Al Hamar, Y., Shah, M., Musa, Ahmad S. 11 October 2018 (has links) yes / Cyber-attacks have been an increasing threat on people and organisations, which led to massive unpleasant impact. Therefore, there were many solutions to handle cyber-attacks, including Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS). These solutions will provide a huge number of alarms that produce more are false positives. Therefore, the IDS tool result should be operated by a human intelligent be filtered effectively the huge amount of alerts to identify true positive attacks and perform accordingly to the incident response rule. This requires the IT employees to have enough knowledge and competency on operating IDS, IPS and incident handling. This paper aims to examine the awareness of cyber security threat among all IT employees, focusing on three domains: Knowledge, Monitoring and Prevention. Cyber-attack Security awareness Cyber threat IT employees Knowledge Monitoring Prevention
532	Hidden Markov models and alert correlations for the prediction of advanced persistent threats Ghafir, Ibrahim, Kyriakopoulos, K.G., Lambotharan, S., Aparicio-Navarro, F.J., Assadhan, B., Binsalleeh, H., Diab, D.M. 24 January 2020 (has links) Yes / Cyber security has become a matter of a global interest, and several attacks target industrial companies and governmental organizations. The advanced persistent threats (APTs) have emerged as a new and complex version of multi-stage attacks (MSAs), targeting selected companies and organizations. Current APT detection systems focus on raising the detection alerts rather than predicting APTs. Forecasting the APT stages not only reveals the APT life cycle in its early stages but also helps to understand the attacker's strategies and aims. This paper proposes a novel intrusion detection system for APT detection and prediction. This system undergoes two main phases; the first one achieves the attack scenario reconstruction. This phase has a correlation framework to link the elementary alerts that belong to the same APT campaign. The correlation is based on matching the attributes of the elementary alerts that are generated over a configurable time window. The second phase of the proposed system is the attack decoding. This phase utilizes the hidden Markov model (HMM) to determine the most likely sequence of APT stages for a given sequence of correlated alerts. Moreover, a prediction algorithm is developed to predict the next step of the APT campaign after computing the probability of each APT stage to be the next step of the attacker. The proposed approach estimates the sequence of APT stages with a prediction accuracy of at least 91.80%. In addition, it predicts the next step of the APT campaign with an accuracy of 66.50%, 92.70%, and 100% based on two, three, and four correlated alerts, respectively. / The Gulf Science, Innovation and Knowledge Economy Programme of the U.K. Government under UK-Gulf Institutional Link Grant IL 279339985 and in part by the Engineering and Physical Sciences Research Council (EPSRC), U.K., under Grant EP/R006385/1. Advanced persistent threat Intrusion detection system Alert correlation Hidden Markov model Attack prediction
533	Detection of advanced persistent threat using machine-learning correlation analysis Ghafir, Ibrahim, Hammoudeh, M., Prenosil, V., Han, L., Hegarty, R., Rabie, K., Aparicio-Navarro, F.J. 24 January 2020 (has links) Yes / As one of the most serious types of cyber attack, Advanced Persistent Threats (APT) have caused major concerns on a global scale. APT refers to a persistent, multi-stage attack with the intention to compromise the system and gain information from the targeted system, which has the potential to cause significant damage and substantial financial loss. The accurate detection and prediction of APT is an ongoing challenge. This work proposes a novel machine learning-based system entitled MLAPT, which can accurately and rapidly detect and predict APT attacks in a systematic way. The MLAPT runs through three main phases: (1) Threat detection, in which eight methods have been developed to detect different techniques used during the various APT steps. The implementation and validation of these methods with real traffic is a significant contribution to the current body of research; (2) Alert correlation, in which a correlation framework is designed to link the outputs of the detection methods, aims to identify alerts that could be related and belong to a single APT scenario; and (3) Attack prediction, in which a machine learning-based prediction module is proposed based on the correlation framework output, to be used by the network security team to determine the probability of the early alerts to develop a complete APT attack. MLAPT is experimentally evaluated and the presented system is able to predict APT in its early steps with a prediction accuracy of 84.8%. Cyber attacks Advanced persistent threat Malware Intrusion detection system Alert correlation Machine learning
534	The United States expressed threat image from the Red Sea region : How has the United States' Annual Threat Assessment contributed to the securitization of the Red Sea region? Incesu, Münise January 2024 (has links) Since the Hamas attack, 7 of October 2023, instability in the Red Sea region has occurred. Due to this, the United States, along with other western countries has made a military intervention to targets in Yemen. But the question remains, how has it been possible for the US to carry out a military attack? This paper is aiming to study how the US has made this intervention possible by analyzing the securitization of the threat image from the Red Sea region. The study is going to analyze the ATA (Annual threat Assessment) material from the years 2006-2024, the report shows next year's US threat image. By the Securitization Theory the study is aiming to see how the threat image has been securitized. Combined with a discourse analysis as a method the study will investigate how the Red Sea region is expressed in the reports. This material, theory and method have not been studied before and therefore filled a gap in the previous research field. The purpose is to contribute to a wider picture of the Securitization theory in the international arena. The analysis shows that ATA reports contain clear signs of securitization. The results show that the reports contained loaded words, an authority that was targeting an audience and macro securitization had occurred by mentioning the conflict in the Red Sea region as a proxy war. Due to these results one could draw the conclusion that Securitization had occurred in the report and therefore made possible for the military invasion. Red Sea Yemen United States Houthis Threat image Security Securitization Theory Political Science Statsvetenskap
535	Activity-Based Target Acquisition Methods for Use in Urban Environments Myles, Kimberly 06 August 2009 (has links) Many military conflicts are fought in urban environments that subject the U.S. soldier to a number of challenges not otherwise found in traditional battle. In the urban environment, the soldier is subject to threatening attacks not only from the organized army but also from civilians who harbor hostility. U.S. enemies use the civilian crowd as an unconventional tactic to blend in and look like civilians, and in response to this growing trend, soldiers must detect and identify civilians as a threat or non-threat. To identify a civilian as a threat, soldiers must familiarize themselves with behavioral cues that implicate threatening individuals. This study elicited expert strategies regarding how to use nonverbal cues to detect a threat and evaluated the best medium for distinguishing a threat from a non-threat to develop a training guide of heuristics for training novices (i.e., soldiers) in the threat detection domain. Forty experts from the threat detection domain were interviewed to obtain strategies regarding how to use nonverbal cues to detect a threat (Phase 1). The use of nonverbal cues in context and learning from intuitive individuals in the domain stood out as strategies that would promote the efficient use of nonverbal cues in detecting a threat. A new group of 14 experts judged scenarios presented in two media (visual, written) (Phase 2). Expert detection accuracy rates of 61% for the visual medium and 56% for the written medium were not significantly different, F (1, 13) = .44, p = .52. For Phase 3 of the study, a training development guide of heuristics was developed and eight different experts in the threat detection domain subjectively rated the heuristics for their importance and relevance in training novices. Nine heuristics were included in the training guide, and overall, experts gave all heuristics consistently high ratings for importance and relevance. The results of this study can be used to improve accuracy rates in the threat detection domain and other populations: 1) the soldier, 2) the average U.S. citizen, and 3) employees of the Transportation Security Administration. / Ph. D. covert mischievous intentions threat detection urban environment MOUT judgment and decision making nonverbal behavior
536	Low Risk, High Threat, Open Access Security in a Post 9-11 World: A Study of the Smithsonian Institution's Office of Protection Services Smith, Sonny 21 July 2009 (has links) The events of 9-11 resulted in a slew of policy, procedural, and organizational changes within many government departments as the U.S. government took many steps to enhance security to prevent future terrorist attacks. The emphasis on high threat targets by the Department of Homeland Security (DHS) and other government agencies, such as the White House, the Capitol and Congressional office buildings, major infrastructure and facilities within US cities, airline travel, ports and economic supply chains has generated a great deal of debate and attention. There are however, targets that are considered low risk situated in high threat areas that also provide open access to the public for which security professionals are responsible that should not be overlooked during the War on Terror. The question is how low risk targets in high threat areas should be protected? What resource distribution makes sense? What practices should be applied to achieve security? The purpose of this research is to look at one of these targets, the Smithsonian Institution and how the Smithsonian Institution's Office of Protection Services (SI OPS) responded to the terror attacks of 9-11 and the ongoing threat. Four factors will be examined: (1) the screening process, (2) the budget, (3) the security policy formulation process, and (4) training. The study focus is based on data derived from semi-structured interviews and a review of SI documents. Examining post 9-11 security changes allows one to see how SI OPS has evolved in its attempt to meet both internal security demands and expectations against an external security concern. The findings reveal SI OPS initially underwent significant changes within the four factors in the three years following the attacks of 9-11. However, limited resources and manpower strains have played major roles in the subsequent decline in some of the factors after their initial increases. Although a return to the security levels immediately following 9-11 may not be imminent, it is recommended that OPS management make stronger efforts to communicate with non-security managers and return to more stringent visitor screening procedures. / Ph. D. security screening public institutions The Smithsonian Institution protection services terrorism open access high threat low risk
537	Identity at Work: Balancing Demographic-related Identity in the Workplace and the Impact on Extra-role Behaviors and Turnover Intentions Tuskey, Sarah Elizabeth 22 July 2021 (has links) People simultaneously hold a multitude of social identifications while at work, some of which are work-related and some of which transcend the workplace. To date, the vast majority of studies on social identities focus on these identities in isolation. Two important identities that transcend the work domain are those associated with gender and ethnicity. These attributes have been widely studied in the workplace, however, there is a lack of understanding in how the identities associated with these attributes (demographic-related identities) have implications for identification in the workplace and work-related outcomes. In this paper, I examine the relationship between perceived threats to these demographic-related identities and work-related attitudes and behavior, specifically turnover intentions, and extra-role behaviors. I also explore moderating (degree of demographic-related identity centrality) and mediating (organizational and workgroup identification) mechanisms in this relationship. Data were collected across two studies. The results demonstrate that perceived threats to demographic-related identities have severe ramifications for work-related identification. The supplemental analysis indicated a direct relationship between demographic-related identity centrality and turnover intentions. Furthermore, demographic-related identity centrality moderated the relationship between perceived threats to demographic-related identity by both the organization and the workgroup on work-related outcomes. / Doctor of Philosophy / This research examined the relationship between perceived threats to gender and ethnic identities in the workplace and the impact these threats have on work-related identification and outcomes. Results suggest that perceived threats to these identities have important implications for both extra-role behaviors and turnover intentions, regardless of how important these identities are to the individual. organizational identification workgroup identification gender identity ethnic identity identity identity threat
538	Framing Terrorism: Implications for Public Opinion, Civil Liberties, and Counterterrorism Policies Miller, Kathryn Elizabeth 11 May 2021 (has links) The competing values of national security and civil liberties have been contested as conflicting ideas during times of national emergencies and war, in which the canonical knowledge asserts that the temporary secession of civil liberties is sometimes necessary to protect national security. After the September 11, 2001 terrorist attack there has been increased pressure on the U.S. government to provide safety and security, which has required Americans to accept certain restrictions on their freedoms, leading to debates about whether liberty or security should be prioritized. The increasing popularization of securitization in post 9/11 discourse justified by a perpetual state of emergency via the War on Terror, has reinforced the racialization of reified "others," specifically Muslims or people who are perceived to be descendent from the Middle East. The conceptualization of Middle Easterners as 'terrorists' and 'threats' to be securitized has been constructed by political elites and media narratives to garner support for security measures leading to the diminished civil liberties of those stereotyped as "terrorists." Using the theoretical approach of racialized "othering" and the minority threat perception, this research seeks to analyze public opinion on counterterrorism policies when the race/ethnicity and ideological motivations of perpetrators in a hypothetical terrorist attack scenario are manipulated. To investigate this premise, an online survey experiment distributed through Amazon MTurk was conducted to gather public opinion data on counterterrorism policies. Regression analyses were conducted from the 314 respondents to evaluate support amongst various social groups for the counterterrorism policies and whether or not this support was affected by the presence of either American-born, White, men motivated by the teachings of far-right extremism or American-born, men of Middle Eastern descent motivated by the teachings of Islamic extremism. Respondents were asked to evaluate two counterterrorism policies, one that required ceding the civil liberties of the public at large, and the other required ceding the civil liberties of suspected terrorists specifically – which is also referred to as the 'punitive' policy throughout the research. Overall, respondents were more likely to support the policy requiring ceding civil liberties in general, than the punitive policy that would take away the civil liberties of suspected terrorist. When factoring in survey type, respondents in general were more likely to support the punitive policy when taking the White/Far-right extremism survey and were also the most likely to support the policy requiring the public to cede their civil liberties when taking the Middle Eastern/Islamic extremism survey. The willingness to cede civil liberties increased for Black and Asian respondents with the presence of the White/Far-right extremism survey, while willingness to cede civil liberties decreased for White respondents taking the same survey. In general, conservatives were more likely to cede their civil liberties than liberals, and liberals were more likely to view counterterrorism policies as ineffective. When accounting for the effects of survey type on ideology, the results show that conservatives were the least likely to cede their civil liberties when taking the White/Far-right extremism survey, while liberals were the most likely to cede their civil liberties when taking the Middle Eastern/Islamic extremism survey. / Master of Arts / This thesis explores the role of issue framing, and threat perception on terrorism and its effects on public perception of the liberty vs. security paradigm by way of support for counterterrorism policies. Specifically, this research aims to assess whether support for counterterrorism policies by social group (focusing on race and ideology) varies when the race/ethnicity and ideological motivations of the perpetrators are manipulated in a hypothetical terrorist attack scenario. In order to test this effect, a survey experiment was conducted to gather public opinion data on counterterrorism policies which emulated the liberty/security trade-offs within the Patriot Act. The survey was distributed through the online platform Amazon MTurk which garnered 314 responses. Regression analyses were conducted to evaluate support amongst various social groups for the counterterrorism policies and whether or not this support was affected by the presence of either American-born, White, men motivated by the teachings of far-right extremism or American-born, men of Middle Eastern descent motivated by the teachings of Islamic extremism. Using the theoretical approach of "othering" and the minority threat perception that contributes to desires for increased social controls and levels of punitiveness among the public, this research evaluates respondents' willingness to cede their own civil liberties as well as their support for punitive policies that take away the civil liberties of the perpetrators based on the survey/stimuli respondents received. Overall, respondents were more likely to support the policy requiring ceding civil liberties, than support the punitive policy that would take away the civil liberties of the perpetrators. When factoring in survey type, respondents in general were more likely to support the punitive policy when taking the White/Far-right extremism survey and were also the most likely to support the policy requiring the public to cede their civil liberties when taking the Middle Eastern/Islamic extremism survey. The willingness to cede civil liberties increased for Black and Asian respondents with the presence of the White/Far-right extremism survey, while the willingness to cede civil liberties decreased for White respondents with the presence of the White/Far-right extremism survey. In general, conservatives were more likely to cede their civil liberties than liberals, and liberals were more likely to view counterterrorism policies as ineffective. When accounting for the effects of survey type on ideology, the results show that conservatives were the least likely to cede their civil liberties when taking the White/Far-right extremism survey, while liberals were the most likely to cede their civil liberties when taking the Middle Eastern/Islamic extremism survey. Counterterrorism policies public opinion liberty/security paradigm minority threat perception civil liberties punitiveness
539	Masculinity Threat, Misogyny, and the Celebration of Violence in White Men Scaptura, Maria N. January 2019 (has links) This study aims to understand the relationship between masculinity and the endorsement of attitudes towards guns and violence and aggressive fantasies. I examine threatened masculinity and masculine gender role stress in addition to a newly developed measure, which assesses traits associated with incels, who believe that social liberalism, feminism, and more sexually active men (“Chads”) are to blame for their lack of sex with women. Incels are largely a disorganized group of men interacting online, but a few self-identifying members have been associated with a number of mass violence events in recent years. The data were constructed from an original self-report survey distributed to men aged 18 to 30 years old, the group most responsible for violence against women and mass violence. I hypothesize that men who perceive that men are losing status as a group (status threat) (1), who feel less acceptance as members of that category (acceptance threat) (2), or who exhibit incel traits (3) are more likely to (a) approve of guns, violence, and aggression, and (b) exhibit aggressive fantasies. This study’s findings support three hypotheses: status threat is positively associated with an approval of guns and violence; acceptance threat is positively associated with approval of guns, violence, and aggressive fantasies; and incel traits are positively associated with aggressive fantasies. Men who experience status or acceptance threat or share incel traits exemplify issues of toxicity present in masculinity today. Their support for gun use, violence and aggressive fantasies further show the connection between male insecurity, aggressive attitudes, and fantasizing about violence. / M.S. / This study aims to understand the relationship between masculinity and the endorsement of attitudes towards guns and violence and aggressive fantasies. I examine masculinity and feelings of threat in addition to a newly developed measure, which assesses traits associated with incels (“involuntary celibates”), who believe that social liberalism, feminism, and more sexually active men are to blame for their lack of sex with women. Incels are largely a disorganized group of men interacting online, but a few self-identifying members have been associated with a number of mass violence events in recent years. The data were constructed from a survey distributed to men aged 18 to 30 years old, the group most responsible for violence against women and mass violence. I hypothesize that men who perceive that men are losing status as a group (1), who feel less acceptance as members of that category (2), or who exhibit incel traits (3) are more likely to (a) approve of guns, violence, and aggression, and (b) exhibit aggressive fantasies. This study’s findings support three hypotheses: feelings of group status loss are positively associated with an approval of guns and violence; stress in one’s masculine gender role is positively associated with approval of guns, violence, and aggressive fantasies; and incel traits are positively associated with aggressive fantasies. Their support for gun use, violence and aggressive fantasies further show the connection between male insecurity, aggressive attitudes, and fantasizing about violence. masculinity threat toxic masculinity social identity theory group position incel movement
540	Cyber Threat Intelligence from Honeypot Data using Elasticsearch Al-Mohannadi, Hamad, Awan, Irfan U., Al Hamar, J., Cullen, Andrea J., Disso, Jules P., Armitage, Lorna 18 May 2018 (has links) yes / Cyber attacks are increasing in every aspect of daily life. There are a number of different technologies around to tackle cyber-attacks, such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), firewalls, switches, routers etc., which are active round the clock. These systems generate alerts and prevent cyber attacks. This is not a straightforward solution however, as IDSs generate a huge volume of alerts that may or may not be accurate: potentially resulting in a large number of false positives. In most cases therefore, these alerts are too many in number to handle. In addition, it is impossible to prevent cyber-attacks simply by using tools. Instead, it requires greater intelligence in order to fully understand an adversary’s motive by analysing various types of Indicator of Compromise (IoC). Also, it is important for the IT employees to have enough knowledge to identify true positive attacks and act according to the incident response process. In this paper, we have proposed a new threat intelligence technique which is evaluated by analysing honeypot log data to identify behaviour of attackers to find attack patterns. To achieve this goal, we have deployed a honeypot on an AWS cloud to collect cyber incident log data. The log data is analysed by using elasticsearch technology namely an ELK (Elasticsearch, Logstash and Kibana) stack. Cyber attacks Cyber threats Honeypot data Elasticsearch Cyber threat intelligence technique

Search results