To see the other types of publications on this topic, follow the link: Cyber Security.
Dissertations / Theses on the topic 'Cyber Security'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Cyber Security.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Callegari, Giacomo <1995>. "Cyber Risk Analysis and Cyber Security." Master's Degree Thesis, Università Ca' Foscari Venezia, 2020. http://hdl.handle.net/10579/18083.
Full textAbstract:
The dissertation will at first analyze the major trends and technologies adopted in the business context nowadays, analysing the main advantages and disavantages with a focus on the cyber risks that emerge in adopting such technologies. In additon, will be discuss how these risks really impact a corporation, analyzing the main economìc consequences that cyber-attacks and data breaches have. Moreover, in the dissertation will be introduced some key controls to minimize the possibility of a data breach, also presenting the NIST Framework as tool to be adopted in order to increase the overall cybersecurity of an organization. To conclude, a litterature review on how the cyber risks can be evaluate in the business field will be presented, also analysing some issues that companies face in this evaluation.
2
LOBATO, LUÍSA CRUZ. "UNRAVELING THE CYBER SECURITY MARKET: THE STRUGGLES AMONG CYBER SECURITY COMPANIES AND THE PRODUCTION OF CYBER (IN)SECURITY." PONTIFÍCIA UNIVERSIDADE CATÓLICA DO RIO DE JANEIRO, 2016. http://www.maxwell.vrac.puc-rio.br/Busca_etds.php?strSecao=resultado&nrSeq=27784@1.
Full textAbstract:
PONTIFÍCIA UNIVERSIDADE CATÓLICA DO RIO DE JANEIRO<br>CONSELHO NACIONAL DE DESENVOLVIMENTO CIENTÍFICO E TECNOLÓGICO<br>A presente dissertação investiga o papel das companhias de segurança cibernética na produção da segurança cibernética contemporânea. A crescente pressão para securitizar o ciberespaço contribuiu para o crescimento de um lucrativo mercado voltado para a provisão de produtos e serviços para clientes comerciais e governamentais. Utilizando uma perspectiva inspirada em Bourdieu, o trabalho: analisa as condições históricas nas quais as tecnologias da informação ganharam terreno no debate de segurança; identifica as posições e investiga as práticas das companhias de segurança cibernética no campo da segurança cibernética e analisa as disputas em andamento pela produção da segurança cibernética. Abordagens voltadas ao risco são pilares na concepção e comercialização de produtos e serviços anunciados pelas companhias. Neste sentido, argumenta-se que ambas as abordagens voltadas ao risco e as práticas comerciais das companhias de segurança cibernética produzem formas específicas de segurança. O trabalho identifica três distintas formas de segurança produzidas no campo: segurança defensiva, segurança ofensiva e defesa ativa. Analisa-se as implicações de cada forma para a segurança, de um modo geral, e argumenta-se que, enquanto grande parte das companhias adota uma estratégia de defesa ativa em seus produtos e serviços, algumas tem se orientado para a adoção de medidas mais ofensivas para lidar com os atuais riscos. A análise é concluída com algumas reflexões a respeito das implicações das atuais dinâmicas do mercado de segurança cibernética para a segurança e governança da Internet.<br>This dissertation examines the role of cyber security companies in the production of contemporary cyber security. The increasing pressures to securitize cyberspace have contributed to the growth of a lucrative market oriented at providing cyber security products and services to commercial and government customers. Using a Bourdieu-inspired framework, the work: analyzes the historical conditions under which information technologies gained ground within security debates; identifies the positions and investigates the practices of cyber security companies within the cyber security field and analyzes the ongoing struggles for the production of cyber security. Risk-based thinking is a cornerstone of the process of conceiving and commercializing products and services advertised by companies. In this sense, it is argued that both risk-based thinking and the commercial practices of cyber security companies produce specific forms of security. The work identifies three distinct forms of security produced within the field: defensive security, offensive security and active defense. It analyzes the implications of each form to the overall security of cyberspace and argues that whilst the majority of companies adopt an active defense approach in their products and services, some of them are leaning towards more offensive solutions to deal with current risks. It concludes the analysis with some thoughts on the implications of the current dynamics of the cyber security market for security and Internet governance.
3
Petrelli, Filippo <1991>. "La cyber insurance per gestire il cyber security risk." Master's Degree Thesis, Università Ca' Foscari Venezia, 2020. http://hdl.handle.net/10579/16913.
Full textAbstract:
Viviamo in un mondo digitalizzato dove l’innovazione tecnologica porta con sé non solo grandi
opportunità, ma anche innumerevoli rischi. Nel corso degli ultimi anni infatti, il crimine
informatico è aumentato notevolmente essendo una forma di reato facilmente attuabile, gratificante
e con scarse probabilità di cattura. Tale facilità sussiste in relazione alle scarse misure di protezione
adottate dalla maggior parte degli utenti, anche quelle più elementari, inoltre numerosi prodotti
tecnologici non sono dotati di difese adeguate. Contrariamente gli hacker utilizzano una tecnologia
avanzata finalizzata a identificare gli obiettivi, creano e consegnano automaticamente software e
monetizzano ciò che è stato rubato. Essi ci hanno dimostrato che è possibile compromettere auto a
guida autonoma, accedere a sistemi avionici durante il volo e che dispositivi come i microinfusori e
pacemaker sono molto vulnerabili agli attacchi informatici.
La cyber security e in particolare la cyber insurance (il cui pricing viene svolto attraverso vari
metodi tra cui le copula function) sono due metodi di protezione efficaci per le imprese che voglio
combattere questo tipo di crimine.
4
Sridharan, Venkatraman. "Cyber security in power systems." Thesis, Georgia Institute of Technology, 2012. http://hdl.handle.net/1853/43692.
Full textAbstract:
Many automation and power control systems are integrated into the 'Smart Grid' concept for efficiently managing and delivering electric power. This integrated approach created several challenges that need to be taken into consideration such as cyber security issues, information sharing, and regulatory compliance. There are several issues that need to be addressed in the area of cyber security. Currently, there are no metrics for evaluating cyber security and methodologies to detect cyber attacks are in their infancy. There is a perceived lack of security built into the smart grid systems, but there is no mechanism for information sharing on cyber security incidents. In this thesis, we discuss the vulnerabilities in power system devices, and present ideas and a proposal towards multiple-threat system intrusion detection. We propose to test the multiple-threat methods for cyber security monitoring on a multi-laboratory test bed, and aid the development of a SCADA test bed, to be constructed on the Georgia Tech Campus.
5
Almualla, Mohammed Humaid. "Collaborative cyber security situational awareness." Thesis, Brunel University, 2017. http://bura.brunel.ac.uk/handle/2438/16206.
Full textAbstract:
Situational awareness is often understood as the perception of environmental elements and comprehension of their meaning, and the projection of future status. The advancements in cyberspace technology have fuelled new business and opportunities, but also brought an element of risk to valued assets. Today, the growing gap between different types of cyber-attacks threatens governments and organisations, from individuals to highly organized sponsored teams capable of breaching the most sophisticated systems and the inability to cope with these emerging threats. There is a strong case to be made for effective Collaborative Cyber-Security Situational Awareness (CCSA) that is designed to protect valuable assets, making them more resilient to cybersecurity threats. Cybersecurity experts today must rethink the nature of security, and shift from a conventional approach that stresses protecting vulnerable assets to a larger, more effective framework with the aim of strengthening cyber assets, making them more resilient and part of a cybersecurity process that delivers greater value against cyber threats. This study introduces a new approach to understanding situational awareness of information sharing and collaboration using knowledge from existing situational awareness models. However, current situational awareness models lack resilience in supporting information systems infrastructure, addressing various vulnerabilities, identifying high priority threats and selecting mitigation techniques for cyber threats. The use of exploratory and explanatory analysis techniques executed by Structure Equation Modelling (SEM) allowed the examination of CCSA, in this study. Data from 377 cyber security practitioners affiliated to cybersecurity expert groups including computer emergency response team (CERT) and computer security incident response team (CSIRT) was gathered in the form of an electronic survey and analysed to discover insights and understand the mental model of those cybersecurity experts. Also, a finding from the SEM was the CSSA model aligned perfectly with the second-order Cybernetics model to test the theory in practice, confirming the possibility of using the proposed model in a practical application for this research. Furthermore, the SEM informed the design of the CCSA Environment where an empirical study was employed to verify and validate the CCSA theory in practice. In addition, the SEM informed the design of a behavioural anchor rating scale to measure participant situational awareness performance. The experiment results proved that when using the CCSA model and replicating real-world cyber-attack scenarios that the outcome of situational awareness performance was 61% more than those who did not employ the use of the CCSA model and associated dashboard tool. Further, it was found that both timeliness and accuracy are important in influencing the outcome of information sharing and collaboration in enhancing cyber situational awareness and decision-making. This thesis for the first time presents a novel CCSA theory which has been confirmed in practice. Firstly, this research work improves the outcome of effectiveness in cyber SA by identifying important variables related with the CCSA model. Second, it provides a new technique to measure operators' cyber SA performance. Secondly, it provides the necessary steps to employ information sharing in order to improve cyber security incorporated in the CCSA model. Finally, cybersecurity experts should collaborate to identify and close the gap between cybersecurity threats and execution capacity. The novel CCSA model validated in this research can be considered an effective solution in fighting and preventing cyber-attacks. Attainment of cyber security is driven by how information is both secured and presented between members to encourage the use of information sharing and collaboration to resolve cyber security threats in a timely and accurate manner. This research helps researchers and practitioners alike gain an understanding of key aspects of information sharing and collaboration in CSSA which is informed by the CCSA theory and new capability that the implementation of this theory has shown to deliver in practice.
6
Konstantinos, Konstantinidis. "Automated cyber security compliance assessment." Thesis, KTH, Skolan för elektro- och systemteknik (EES), 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-200950.
Full textAbstract:
Companies and organizations seek to comply to various cybersecurity standards in order to improve their security levels, to followthe requirements of their customers or sometimes obliged by regulatorylaws.The compliance process rely on human assessors and could becomemore effective by automating a subset of the underlying tasksthat constitute it.This study is aimed at creating a software advisor that assessesan IT architecture for compliance to the NERC-CIP standard. Toachieve this a two step process was followed.At the first step specific NERC-CIP requirements were modeledand mapped using the SecuriCAD cyber security modeling tool.Then a software expert able to interpret and compare the Securi-CAD’s abstractions was created. Comparing the mapped rules withthe attributes of a modeled architecture the expert passes judgmenton the compliance status of the system. The second stage validated the advisor and measured its accuracy.That was achieved by conducting a Turing test. During the testanswers produced by the software advisor were compared to thoseof five human domain experts within cyber security for the same assessmenttask. The comparison was assigned to another domainexpert who evaluated the responses without being aware of theirorigin. The responses were graded and ranked from best to worst.The results show that the software expert was able to surpasshuman expertise for the given task and was ranked first along withanother human expert.Also the study contains a section that describes a method of extractingmetrics characterizing the NERC-CIP standard. This derivesfrom the combination of the modeled standard requirementsand the ability of the SecuriCAD tool to simulate cyber attacks andproduce probabilistic security metrics for a given architecture. Thatwas achieved by creating 50 random NERC-CIP compliant architecturesand extracting the average time that a successful adversaryneeds to compromise the system. The results show that half of the the successful attacks againstour compliant sample succeed on 23.19 days on average, while a5% of them succeed in 5.02 days on average.As indicated by the results software assessors can be as mucheffective as human assessors. They can help an organization toprepare for a scheduled assessment and assist human complianceexperts with their judgments. Finally the suggested method of extractingsecurity metrics could be a base for extending to other standardsand making comparisons among them. This would be anadded variable during the process of selecting which cyber securitystandard certification an organization should pursue.<br>Företag och organisationer strävar efter att uppfylla olika cybersäkerhetsstandardermed mål att förbättra sina säkerhetsnivåer, attuppfylla kunders önskemål, eller då det krävs enligt lag.Efterlevnadsprocessen utförs av mänskliga bedömare och kangöras effektivare genom automatisering av en del underliggandeuppgifter som utgör den.Denna studie har som mål att skapa mjukvarurådgivare som bedömeren IT-arkitektur för efterlevnad av NERC-CIP-standard. För attuppnå detta följdes en tvåstegsprocess.Som första steg modellerades och mappades specifika NERCCIP-krav med hjälp av verktyget för modellering av cybersäkerhet,SecuriCAD. Sedan skapades en expertmjukvara med förmågan atttolka och jämföra SecuriCAD:s abstraktioner. Expertmjukvaran bedömersystemets efterlevnadsstatus via jämförelse av mappade regleroch den modellerade arkitekturens attributer. Som andra stegvaliderades programvaran och dess exakthet mättes. Detta uppnåddes via genomförande av Turingtest. Under testetjämfördes programvarans svar med svar från fem mänskliga områdesexperterpå cybersäkerhet i samma bedömningsuppgift. Jämförelsenöverläts till en annan områdesexpert som utvärderade svarenutan vetskap om deras ursprung. Svaren graderades och rangordnadesfrån bäst till sämst.Resultaten visar att expertprogrammet överträffade mänsklig expertisi given uppgift och tilldelades förstaplats tillsammans med enannan mänsklig expert.Studien innehåller också en sektion som beskriver metoden förextrahering av mätvärden som karaktäriserar NERC-CIP-standarden.Denna härrör från kombinationen av modellerade standardkrav ochverktyget SecuriCAD:s förmåga att simulera cyberattacker och produceraprobabilitiska säkerhetsmätvärden för en given arkitektur.Detta uppnåddes genom att skapa 50 slumpmässiga NERC-CIPefterlevandearkitekturer och extrahering av genomsnittlig tid en framgångsrikmotståndare behöver för att äventyra systemet.Resultaten visar att hälften av de lyckade attackerna mot vårtefterlevnadsexempel lyckades på 23,19 dagar i genomsnitt, och 5% av dem lyckades på 5,02 dagar i genomsnitt. Såsom indikeras av resultaten kan bedömningsmjukvaror ansesvara lika effektiva som mänskliga bedömare. De kan hjälpa en organisationatt förbereda för en planerad bedömning och hjälpa mänskligaefterlevnadsexperter med deras bedömningar. Slutligen kanden föreslagna metoden att extrahera säkerhetsmätvärden utgöraen grund för att förlängas till andra standarder och göra jämförelsermellan dessa. Detta vore en extra variabel under beslutsprocessenom vilken standardcertifikation för cybersäkerhet en organisationbör bedriva.
7
Bedhammar, Jennifer, and Oliver Johansson. "Visualization of cyber security attacks." Thesis, Linköpings universitet, Medie- och Informationsteknik, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-167144.
Full textAbstract:
The Swedish Defence Research Agency (FOI) simulates cyber attacks for research and education purposes in their cyber range, CRATE, with a system called SVED. This thesis describes the process of creating a visualization of the log files produced by SVED, with the purpose of increasing the users’ comprehension of the log files and thereby increasing their knowledge of the simulated attacks. To create an effective visualization a user study was held to know the users’ needs, experiences and requirements. Several designs were created based on the results and one was selected and refined using feedback from workshops. A web-based implementation of the design was created using the D3.js library, which included a directed graph, icicle chart and network graph to visualize the data. Thereafter an evaluation was held to analyze if the implementation was more effective than the log files, by letting the participants solve tasks defined by the user study. The results from the evaluation indicates that the visualization has a higher success rate than the log files when solving the tasks. They also indicate that finding the solution requires less time with the visualization. However, since the evaluation tasks were based on the user study, the results only conclude that the visualization is more effective when solving similar tasks. For further development the visualization could be improved with features like real time rendering and linkage with FOI’s internal systems. Additionally, with more research and further testing, the visualization could be used as a tool for standardization of graphics in cyber space. In conclusion, a visualization of the log files has been implemented and according to the evaluation does the visualization increase the users’ comprehension of the data in SVED’s log files.
8
Tar, Nicholas L. K. "When Cyber Systems Crash: Attitudes Towards Cyber Utilization And Security." NSUWorks, 2017. http://nsuworks.nova.edu/shss_dcar_etd/69.
Full textAbstract:
This research focused on examining attitudinal differences of Internet utilization and security with the objective of understanding the relationships that cyber usability have with cybercrime and then determine best practices needed to promote the secure use of the Internet. The research was designed as a quantitative study that used judgment sampling to survey 433 cases to explain the relationship that exists between cyber utilization and security. To achieve this objective, research questions and hypothesis were designed to guide the analysis. Cross tabulation analysis was used to compare the dependent and independent variables while Chi-square, Lambda and Gamma statistical tests were used to verify the relationship and identify statistical significance of the relationship. The findings revealed that while variables like being IT savvy, amount of financial loss, education, age, gender and residence location did not have evidence of a relationship with security, research participants had concern for secure cyber use and thought that cybersecurity awareness training and type of transaction conducted on the Internet were associated to security even though the strength of each relationship was weak. The study highlighted the damaging effects of cybercrime and recommended that cyber users should embrace best practice principles as they browse the Internet and utilize cybersecurity awareness training as an important function of secure IT utilization.
9
Smeets, Max. "Going cyber : the dynamics of cyber proliferation and international security." Thesis, University of Oxford, 2017. https://ora.ox.ac.uk/objects/uuid:ab28f9fc-dd21-4b34-809e-e0d100125e84.
Full textAbstract:
For over a decade, we have heard alarming statements about the spread of cyber weapons from senior policymakers and experts. Yet, the dynamics of cyber proliferation are still under-studied and under-theorized. This study offers a theoretical and empirical account of what causes the spread and restraint of cyber weapons and argues that the world is not at the brink of mass cyber proliferation. Whilst almost forty states are exploring and pursuing the development of cyber weapons, I indicate that only few have so far acquired a meaningful capability. This is due both to supply and demand factors. On the supply-side, most states have a latent capacity to develop relatively simple offensive cyber capabilities, but are unable to develop sophisticated cyber weapons. Moreover, the incentives for knowledge transfer and thus exporting offensive cyber capabilities between states are weak. On the demand-side, I show that national security considerations do not provide the best explanation of variance. Instead, domestic politics and prestige considerations are paramount. Moreover, and unlike nuclear proliferation, I argue that it is not the possession of cyber weapons but the intention of possession signalled through visible initiatives which matters. Ultimately, I note that cyber weapons can have strategic value - but only under certain conditions.
10
Miller, William B. "Classifying and Cataloging Cyber-Security Incidents Within Cyber-Physical Systems." BYU ScholarsArchive, 2014. https://scholarsarchive.byu.edu/etd/4345.
Full textAbstract:
In the past, there were perceived delineations between the cyber world and the physical world. We are becoming increasingly aware of the overlap between these two worlds, and the overlap itself is increasing. The overlap between these two worlds is known as cyber-physical systems. There have been several incidents involving cyber-physical systems and the number of these incidents is increasing dramatically. In the past there has been no effort to identify methods for describing these incidents in the unique context of cyber-physical systems. This research provides a taxonomy for classifying these incidents that focuses on cross domain, impact oriented analysis. A repository for information about these incidents has also been created as part of this research.
11
Stomeo, Carlo. "Applying Machine Learning to Cyber Security." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2018. http://amslaurea.unibo.it/17303/.
Full textAbstract:
Intrusion Detection Systems (IDS) nowadays are a very important part of a system. In the last years many methods have been proposed to implement this kind of security measure against cyber attacks, including Machine Learning and Data Mining based. In this work we discuss in details the family of anomaly based IDSs, which are able to detect never seen attacks, paying particular attention to adherence to the FAIR principles. This principles include the Accessibility and the Reusability of software. Moreover, as the purpose of this work is the assessment of what is going on in the state of the art we have selected three approaches, according to their reproducibility and we have compared their performances with a common experimental setting. Lastly real world use case has been analyzed, resulting in the proposal of an usupervised ML model for pre-processing and analyzing web server logs. The proposed solution uses clustering and outlier detection techniques to detect attacks in an unsupervised way.
12
Jones, Malachi G. "Asymmetric information games and cyber security." Diss., Georgia Institute of Technology, 2013. http://hdl.handle.net/1853/50284.
Full textAbstract:
A cyber-security problem is a conflict-resolution scenario that typically consists of a security system and at least two decision makers (e.g. attacker and defender) that can each have competing objectives. In this thesis, we are interested in cyber-security problems where one decision maker has superior or better information. Game theory is a well-established mathematical tool that can be used to analyze such problems and will be our tool of choice. In particular, we will formulate cyber-security problems as stochastic games with asymmetric information, where game-theoretic methods can then be applied to the problems to derive optimal policies for each decision maker. A severe limitation of considering optimal policies is that these policies are computationally prohibitive. We address the complexity issues by introducing methods, based on the ideas of model predictive control, to compute suboptimal polices. Specifically, we first prove that the methods generate suboptimal policies that have tight performance bounds. We then show that the suboptimal polices can be computed by solving a linear program online, and the complexity of the linear program remains constant with respect to the game length. Finally, we demonstrate how the suboptimal policy methods can be applied to cyber-security problems to reduce the computational complexity of forecasting cyber-attacks.
13
Zepf, Arthur L. IV. "Cyber-security curricula for basic users." Thesis, Monterey, California: Naval Postgraduate School, 2013. http://hdl.handle.net/10945/37750.
Full textAbstract:
Approved for public release; distribution is unlimited<br>There have been only a small number of attempts at creating a cyber-security curriculum that can be used to teach children the concepts of cyber security and information assurance. There is a significant shortage of attempts at creating a computer-security curricula and cyber-security training for people who have only basic computer skills. Also, the integration of computer-security and information assurance principles into formal and accepted primary and secondary education is nearly non-existent. Our research has been aimed at evaluating the current computer-security curricula according to widely accepted educational standards. The objective is to (i) create a set of requirements to analyze the effectiveness of computer-security curricula, (ii) determine the best current disseminated cyber-security curriculum for children, (iii) and make recommendations for a cyber-security curriculum by utilizing the best traits of the surveyed programs. Literature includes studies on previously created computer-security curricula; and the most effective means of teaching children new concepts. Our research questions include: Is it important for a curriculum to be flexible enough to affect a variety of age groups? Is it important for a computer-security education to be interactive and motivational? Is it possible to teach difficult computer-security concepts in a way that children can understand?
14
Jackson, Jennifer T. "A biodiversity approach to cyber security." Thesis, University of Warwick, 2017. http://wrap.warwick.ac.uk/106820/.
Full textAbstract:
Cyber crime is a significant threat to modern society that will continue to grow as technology is integrated further into our lives. Cyber attackers can exploit vulnerabilities to access computing systems and propagate malware. Of growing concern is the use of multiple exploits across layers of the software stack, plus faster criminal response times to newly disclosed vulnerabilities creating surges in attacks before signature-based malware protection can take effect. The wide scale adoption of few software systems fuels the problem, allowing identical vulnerabilities to be exploited across networks to maximise infection in a single attack. This requires new perspectives to tackle the threat. Biodiversity is critical in the functioning of healthy ecosystems. Whilst the idea of diversity benefiting computer security is not new, there are still gaps in understanding its advantages. A mathematical and an agent-based model have been developed using the ecosystem as a framework. Biodiversity is generated by individualised software stacks defined as genotypes with multiple loci. The models allow the protection offered by diversity to be quantified for ad hoc networks which are expected to become prevalent in the future by specifying how much diversity is needed to tolerate or mitigate two abstract representations of malware encompassing different ways multiple exploits target software stack layers. Outputs include the key components of ecosystem stability: resistance and resilience. Results show that diversity by itself can reduce susceptibility, increase resistance, and increase the time taken for malware to spread, thereby allowing networks to tolerate malware and maintain Quality of Service. When dynamic diversity is used as part of a multi-layered defence strategy with additional mechanisms such as blacklisting, virtualisation, and recovery through patching and signature based protection, diversity becomes more effective since the power of dynamic software updating can be utilised to mitigate attacks whilst maintaining network operations.
15
Desmit, Zachary James. "Cyber-Physical Security for Advanced Manufacturing." Diss., Virginia Tech, 2018. http://hdl.handle.net/10919/91401.
Full textAbstract:
The increased growth of cyber-physical systems, controlling multiple production processes within the manufacturing industry, has led to an industry susceptible to cyber-physical attacks. Differing from traditional cyber-attacks in their ability to alter the physical world, cyber-physical attacks have been increasing in number since the early 2000's. To combat and ultimately prevent the malicious intent of such attacks, the field of cyber-physical security was launched. Cyber-physical security efforts can be seen across many industries that employ cyber-physical systems but little work has been done to secure manufacturing systems.
Through the completion of four research objectives, this work provides the foundation necessary to begin securing manufacturing systems from cyber-physical attacks. First, this work is motivated through the systematic review of literature surrounding the topic. This objective not only identifies and highlights the need for research efforts within the manufacturing industry, but also defines the research field. Second, a framework is developed to identify cyber-physical vulnerabilities within manufacturing systems. The framework is further developed into a tool allowing manufacturers to more easily identify the vulnerabilities that exist within their manufacturing systems. This tool will allow a manufacturer to utilize the developed framework and begin the steps necessary to secure the manufacturing industry. Finally, game theoretic models is applied to cyber-physical security in manufacturing to model the interactions between adversaries and defenders. The results of this work provide the manufacturing industry with the tools and motivation necessary to begin securing manufacturing facilities from malicious cyber-physical attacks and create a more resilient industry.<br>PHD
16
Oliparambil, Shanmughan Vivek. "Lightweight Environment for Cyber Security Education." ScholarWorks@UNO, 2017. http://scholarworks.uno.edu/td/2390.
Full textAbstract:
The use of physical systems and Virtual Machines has become inefficient and expensive for creating tailored, hands-on exercises for providing cyber security training. The main purpose of this project is to directly address these issues faced in cyber security education with the help of Docker containers. Using Docker, a lightweight and automated platform was developed for creating, sharing, and managing hands-on exercises. With the help of orchestration tools, this platform provides a centralized point to monitor and control the systems and exercises with a high degree of automation. In a classroom/lab environment, this infrastructure enables instructors and students not only to share exercises but also helps create and deploy exercises more easily. By streamlining the end to end delivery and deployment of the exercises, instructors can now efficiently make use of the class/lab hours in educating the students rather than performing system administration tasks.
17
Tian, Ke. "Learning-based Cyber Security Analysis and Binary Customization for Security." Diss., Virginia Tech, 2018. http://hdl.handle.net/10919/85013.
Full textAbstract:
This thesis presents machine-learning based malware detection and post-detection rewriting techniques for mobile and web security problems. In mobile malware detection, we focus on detecting repackaged mobile malware. We design and demonstrate an Android repackaged malware detection technique based on code heterogeneity analysis. In post-detection rewriting, we aim at enhancing app security with bytecode rewriting. We describe how flow- and sink-based risk prioritization improves the rewriting scalability. We build an interface prototype with natural language processing, in order to customize apps according to natural language inputs. In web malware detection for Iframe injection, we present a tag-level detection system that aims to detect the injection of malicious Iframes for both online and offline cases. Our system detects malicious iframe by combining selective multi-execution and machine learning algorithms. We design multiple contextual features, considering Iframe style, destination and context properties.<br>Ph. D.
18
Lowery, Edward W. "Closing the cyber gap: integrating cross-government cyber capabilities to support the DHS cyber security mission." Thesis, Monterey, California: Naval Postgraduate School, 2014. http://hdl.handle.net/10945/44608.
Full textAbstract:
Approved for public release; distribution is unlimited<br>Following the 9/11 terror attacks, the Department of Homeland Security (DHS) was mandated to ensure the security of the nation’s cyber-supported critical infrastructure, which is predominantly privately owned and outside of the control of the U.S. government. This thesis examines the development of the government’s cyber-security policies and primary operational entities through their lawful authorities and capabilities. The thesis also examines and contrasts the effectiveness of DHS’s technology-centric, cyber-security approach, the deterrent effect realized through law enforcement cyber operations, and the suitability and effectiveness of the utilization of military or intelligence agencies, specifically the FBI, National Security Agency or Department of Defense, to fulfill the nation’s domestic cyber-security mission. Evidence suggests that DHS has consistently chosen to devote disproportionate budgetary resources to develop defensive technologies of questionable effectiveness, initiate redundant information-sharing programs, and develop cyber incidence response teams while not fully utilizing the U.S. Secret Service’s legal authorities and capabilities in furtherance of the department’s mission. Recommendations are offered to develop a whole-of-government cyber-security policy for an effective, integrated, cyber-security operation through the utilization of agency-specific authorities and capabilities, while protecting our nation’s critical infrastructure and our citizens’ civil liberties.
19
Tang, Han. "Security analysis of a cyber-physical system." Diss., Rolla, Mo. : University of Missouri-Rolla, 2007. http://scholarsmine.umr.edu/thesis/pdf/Tang_09007dcc803cfb5c.pdf.
Full textAbstract:
Thesis (M.S.)--University of Missouri--Rolla, 2007.<br>Vita. The entire thesis text is included in file. Title from title screen of thesis/dissertation PDF file (viewed November 30, 2007) Includes bibliographical references (p. 55-57).
20
Testart, Pacheco Cecilia Andrea. "Understanding the institutional landscape of cyber security." Thesis, Massachusetts Institute of Technology, 2016. http://hdl.handle.net/1721.1/104820.
Full textAbstract:
Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2016.<br>Thesis: S.M. in Technology and Policy, Massachusetts Institute of Technology, School of Engineering, Institute for Data, Systems, and Society, Technology and Policy Program, 2016.<br>Cataloged from PDF version of thesis.<br>Includes bibliographical references (pages 145-153).<br>The decentralized architecture of the Internet, which has been key to its development and worldwide deployment, is making it challenging to secure Internet user experience. Many organizations claim to be playing a role in improving Internet security. If anything, the space of security-related institutions seems on first inspection to be over-populated, yet poor security persists. This work proposes a framework to understand the role different institutions play in cyber security. The analysis gives insights into the broad institutional ecosystem of public, private and international actors, and the varied nature of these institutions, their interests, incentives, and contributions to cyber security from hardware, software, protocols, standards and regulation. Based on natural language clustering algorithms, this framework classifies institutions along five dimensions: the aspect of cyber security the institution covers (e.g. network security, cybercrime), the industry and activity sector of the institution (e.g. telecommunications, software and service providers), whether it is part of a specific jurisdiction (e.g. US, Europe), specific institution's characteristics such as its working mode (e.g. forum, information sharing) or primary focus (e.g. economic development, consumer trust), and the governance type (for-profit, not-for-profit, government or international organization). We developed a dataset of approximately 120 institutions that claim a role with respect to cyber security, and using the framework, we identify areas of competing and overlapping institutional interest, relevant areas out of scope of current institutions and dysfunctionalities that hinder overall security improvement.<br>by Cecilia Andrea Testart Pacheco.<br>S.M.<br>S.M. in Technology and Policy
21
Liao, Weixian. "SECURITY AND PRIVACY OF CYBER-PHYSICAL SYSTEMS." Case Western Reserve University School of Graduate Studies / OhioLINK, 2018. http://rave.ohiolink.edu/etdc/view?acc_num=case1525718335240014.
Full text
22
Patterson, Joanna. "Cyber-Security Policy Decisions in Small Businesses." ScholarWorks, 2017. https://scholarworks.waldenu.edu/dissertations/4551.
Full textAbstract:
Cyber-attacks against small businesses are on the rise yet small business owners often lack effective strategies to avoid these attacks. The purpose of this qualitative multiple case study was to explore the strategies small business owners use to make cyber-security decisions. Bertalanffy's general systems theory provided the conceptual framework for this study. A purposive sample of 10 small business owners participated in the interview process and shared their decision-making methodologies and influencers. The small business owners were vetted to ensure their strategies were effective through a series of qualification questions. The intent of the research question and corresponding interview questions was to identify strategies that successful small business owners use to make cyber-security decisions. Data analysis consisted of coding keywords, phrases, and sentences from semi structured interviews as well as document analysis. The following themes emerged: government requirements, peer influence, budgetary constraints, commercial standards, and lack of employee involvement. According to the participants, budgetary constraints and peer influence were the most influential factors when making decisions regarding cyber-security strategies. Through exposing small business owners to proven strategies, the implications for social change include a reduction of their small business operating costs and assistance with compliance activities.
23
Cook, Kimberly Diane. "Effective Cyber Security Strategies for Small Businesses." ScholarWorks, 2017. https://scholarworks.waldenu.edu/dissertations/3871.
Full textAbstract:
Disruptive technologies developed in the digital age expose individuals, businesses, and government entities to potential cyber security vulnerabilities. Through the conceptual framework of general systems theory, this multiple case study was used to explore the strategies among owners of 4 retail small- and medium-size enterprises (SMEs) in Melbourne, Florida, who successfully protected their businesses against cyber attacks. The data were collected from a review of archival company documents and semistructured interviews. Yin's 5-phased cycles for analyzing case studies provided the guidelines for the data analysis process. Three themes emerged from thematic analysis across the data sets: cyber security strategy, reliance on third-party vendors for infrastructure services, and cyber security awareness. The study findings indicated that the SME owners' successful cyber security strategies might serve as a foundational guide for others to assess and mitigate cyber threat vulnerabilities. The implications for positive social change include the potential to empower other SME owners, new entrepreneurs, and academic institutions with successful cyber security strategies and resources to affect changes within the community. SME owners who survive cyber attacks may spur economic growth by employing local residents, thus stimulating the socioeconomic lifecycle. Moreover, implementation of these successful strategies may catalyze consumer confidence, resulting in greater economic prosperity.
24
Di, Fresco Giovanni <1991>. "Cyber-Security: an international and comparative perspective." Master's Degree Thesis, Università Ca' Foscari Venezia, 2019. http://hdl.handle.net/10579/14704.
Full textAbstract:
Questo lavoro tratta dell’applicazione del diritto internazionale alle attività cibernetiche ed è diviso in tre capitoli, il primo introduce alle problematiche della cybersecurity; l’evoluzione da ARPANET, gli incidenti e sabotaggi più famosi e significativi, gli attori statali, incaricati da un governo e non- statali, come Anonymous o Wikileaks. Ho poi elencato le armi più utilizzate nelle operazioni cibernetiche: dai primi virus ai moderni dinieghi di servizio, seguito da un approccio geopolitico nel trattare concetti come la sovranità territoriale, politica di potenza e politica morbida nell’era di internet, l’importanza strategica di centri dati per i cosiddetti Big Data e delle infrastrutture critiche, fondamentali per il regolare funzionamento della società. Nel secondo capitolo, il focus è sullo stato delle cose a livello di attribuzione dei cyber attacchi attraverso gli strumenti esistenti del diritto internazionale consuetudinario, dunque responsabilità per atti arrecanti danno, il vuoto legale tra attacchi ad alta e bassa intensità, le complicazioni che possono sopraggiungere nel processo di attribuzione e il risarcimento dopo eventuale danno comprovato. Le fonti prese in esame sono la Corte Internazionale di Giustizia , Corte Penale Internazionale per la Yugoslavia e Ruanda, i cui pareri sono applicati agli incidenti già menzionati. Nel terzo ed ultimo capitolo offro una panoramica degli sforzi nazionali e multilaterali nell’affrontare il problema cibernetico; i paesi analizzati sono Italia, Francia,Germania, Regno Unito, Israele e Stati Uniti , mentre le organizzazioni internazionali prese in esame sono L’UE, L’OSCE, NATO, Europol ed Interpol.
25
Griffiths, Jordan Luke. "Cyber security as an emerging challenge to South African national security." Diss., University of Pretoria, 2017. http://hdl.handle.net/2263/62639.
Full textAbstract:
As South Africa is a rapidly developing country and has become more increasingly technologically advanced through the growth in information communications technology (ICT) and the expansion of modern state infrastructure. With this growth more of the country's citizens have also become connected as access to the internet has spread. However, this advancement has also introduced a new challenge to South African national security in the form of cyber security. The spread of technology has created new vulnerabilities within the cyber domain that may directly work to undermine the country's security. Computer hackers are developing advanced software and methods designed to infiltrate and disable critical state infrastructure, capture confidential state or corporate information, engage in identity theft and fraud, rob banks and financial institutions and even undermine democratic processes such as elections. Terrorists have also embraced cyber space as a domain where they can recruit followers, spread propaganda, and provide advice and encouragement to those who wish to conduct terrorist operations. States are now not only creating cyber teams that can counter these terrorists but they are also developing cyber weapons which can be deployed to disrupt the operations of other countries should the need arise. This study analyses the challenge that cyber security poses to South African national security. This research contextualises the concept of cyber security within the theoretical understanding of national security. In highlighting the destructive capabilities of cyber attacks, the study provides detail on four examples, namely the 2007 attacks against Estonia, the impact of the Stuxnet worm on Iranian centrifuges in 2010, Chinese hackers targeting the USA and the hack on the Democratic National Committee. This then provides a foundation through which South Africa's cyber security position can be evaluated. The study also analyses several public cyber attacks that have targeted South Africa and presents a number of research reports which identify the country as one of the most targeted nations in the world. Although South Africa has acknowledged the role of ICT in its development, the country has failed to engage on the importance of cyber security. This study examines the country's policy progress with regards to cyber security which has ultimately lead to the Cyber Security and Cyber Crimes bill which was released for public comment in December 2015. However, the country's cyber position is weakened by its lack of cyber skills and capacity, as such the research also provides some recommendations on how South Africa can strengthen its overall approach to cyber security.<br>Mini Dissertation (MSS)--University of Pretoria, 2017.<br>Political Sciences<br>MSS<br>Unrestricted
26
Costantini, Kevin C. "Development of a cyber attack simulator for network modeling and cyber security analysis /." Online version of thesis, 2007. http://hdl.handle.net/1850/5440.
Full text
27
Moore, Ryan J. "Prospects for cyber deterrence." Thesis, Monterey, Calif. : Naval Postgraduate School, 2008. http://edocs.nps.edu/npspubs/scholarly/theses/2008/Dec/08Dec%5FMoore.pdf.
Full textAbstract:
Thesis (M.S. in Information Operations)--Naval Postgraduate School, December 2008.<br>Thesis Advisor(s): Arquilla, John J. ; Denning, Dorothy E. "December 2008." Description based on title screen as viewed on January 29, 2009. Includes bibliographical references (p. 77-83). Also available in print.
28
Salim, Hamid M. "Cyber safety : a systems thinking and systems theory approach to managing cyber security risks." Thesis, Massachusetts Institute of Technology, 2014. http://hdl.handle.net/1721.1/90804.
Full textAbstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, Engineering Systems Division, System Design and Management Program, 2014.<br>Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2014.<br>93<br>Cataloged from PDF version of thesis.<br>Includes bibliographical references (pages 148-156).<br>If we are to manage cyber security risks more effectively in today's complex and dynamic Web 2.0 environment, then a new way of thinking is needed to complement traditional approaches. According to Symantec's 2014 Internet Security Threat Report, in 2012 more than ten million identities that included real names, dates of birth, and social security were exposed by a single breach. In 2013 there were eight breaches that each exposed over ten million identities. These breaches were recorded despite the fact that significant resources are expended, on managing cyber security risks each year by businesses and governments. The objective of this thesis was twofold. The first objective was to understand why traditional approaches for managing cyber security risks were not yielding desired results. Second, propose a new method for managing cyber security risks more effectively. The thesis investigated widely used approaches and standards, and puts forward a method based on the premise that traditional technology centric approaches have become ineffective on their own. This lack of efficacy can be attributed primarily to the fact that, Web 2.0 is a dynamic and a complex socio-technical system that is continuously evolving. This thesis proposes a new method for managing cyber security risks based on a model for accident or incident analysis, used in Systems Safety field. The model is called System-Theoretic Accident Model and Processes (STAMP). It is rooted in Systems Thinking and Systems Theory. Based on a case study specifically written for this thesis, the largest cyber-attack reported in 2007 on a major US based retailer, is analyzed using the STAMP model. The STAMP based analysis revealed insights both at systemic and detailed level, which otherwise would not be available, if traditional approaches were used for analysis. Further, STAMP generated specific recommendations for managing cyber security risks more effectively.<br>by Hamid M. Salim.<br>S.M. in Engineering and Management<br>S.M.
29
Sjöstedt, Matildha. "Monitoring of Cyber Security Exercise Environments in Cyber Ranges : with an implementation for CRATE." Thesis, Linköpings universitet, Programvara och system, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-177647.
Full textAbstract:
In a world where much of society is dependent on digital infrastructure, various cyber threats can pose a great risk to businesses, critical infrastructure and potentially entire nations. For this reason, research and education as well as the preparation of strategies, training of personnel etc., is imperative. Cyber ranges can provide ''safe environments'' in which for example cyber security exercises and experiments can be conducted. While easier to deploy and configure than ''real'' infrastructures, monitoring of such environments during ongoing exercises/experiments poses a number of challenges. During this thesis work, the question of what types of data and information could be relevant to provide in a monitoring system for this context was investigated, with regard to aspects such as providing technical support or gaining situational awareness during exercises. Results gained from a survey with participants from relevant organizations, contributed greatly to this question. The survey and literature study also provided insights into challenges and potential problems of developing and running such monitoring. CRATE is a cyber range developed and maintained by the Swedish Defence Research Agency (FOI). In this thesis work, some of the challenges and potential problems found are tackled with a suggested design and an implemented monitoring system prototype for CRATE. Apart from providing functionality to retrieve information about accounts and privileges as well as status of services, the design of the prototype also lays the foundation for a flexible and extensible monitoring system -- fully adapted for use within a cyber range. With cyber exercises becoming both more prevalent and extensive, the need for capable monitoring of exercise environments will naturally arise. While the developed prototype may facilitate future cyber exercises/experiments in CRATE, the results of this thesis work are also ready to be used as a source of inspiration for other cyber range operators.
30
Falangi, Francesca. "La Cyber Security e il caso dell'azienda Beta." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2018.
Find full textAbstract:
L'elaborato si compone di due macro sezioni: la prima è un approfondimento sulla sicurezza informatica che comprende nozioni tecniche e storiche, un’analisi generale dei maggiori attacchi cyber avvenuti negli ultimi anni e i principali riferimenti normativi e Standard internazionali; la seconda è costituita dal progetto aziendale in cui ho avuto l’opportunità di partecipare. In particolare si illustra il piano di gestione del Cyber Risk creato dal team Kpmg, al fine di aiutare l’azienda analizzata a prevenire ed identificare i gap della sicurezza informatica, relativi a diversi contesti dell'organizzazione, nonché d’individuare delle azioni di rimedio idonee.
31
Sommestad, Teodor. "A framework and theory for cyber security assessments." Doctoral thesis, KTH, Industriella informations- och styrsystem, 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-103690.
Full textAbstract:
Information technology (IT) is critical and valuable to our society. An important type of IT system is Supervisor Control And Data Acquisition (SCADA) systems. These systems are used to control and monitor physical industrial processes like electrical power supply, water supply and railroad transport. Since our society is heavily dependent on these industrial processes we are also dependent on the behavior of our SCADA systems. SCADA systems have become (and continue to be) integrated with other IT systems they are thereby becoming increasingly vulnerable to cyber threats. Decision makers need to assess the security that a SCADA system’s architecture offers in order to make informed decisions concerning its appropriateness. However, data collection costs often restrict how much information that can be collected about the SCADA system’s architecture and it is difficult for a decision maker to know how important different variables are or what their value mean for the SCADA system’s security. The contribution of this thesis is a modeling framework and a theory to support cyber security vulnerability assessments. It has a particular focus on SCADA systems. The thesis is a composite of six papers. Paper A describes a template stating how probabilistic relational models can be used to connect architecture models with cyber security theory. Papers B through E contribute with theory on operational security. More precisely, they contribute with theory on: discovery of software vulnerabilities (paper B), remote arbitrary code exploits (paper C), intrusion detection (paper D) and denial-of-service attacks (paper E). Paper F describes how the contribution of paper A is combined with the contributions of papers B through E and other operationalized cyber security theory. The result is a decision support tool called the Cyber Security Modeling Language (CySeMoL). This tool produces a vulnerability assessment for a system based on an architecture model of it.<br>Informationsteknik (IT) är kritiskt och värdefullt för vårt samhälle. En viktig typ av IT-system är de styrsystem som ofta kallas SCADA-system (från engelskans "Supervisor Control And Data Acquisition"). Dessa system styr och övervakar fysiska industriella processer så som kraftförsörjning, vattenförsörjning och järnvägstransport. Eftersom vårt samhälle är beroende av dessa industriella processer så är vi också beroende av våra SCADA-systems beteende. SCADA-system har blivit (och fortsätter bli) integrerade med andra IT system och blir därmed mer sårbara för cyberhot. Beslutsfattare behöver utvärdera säkerheten som en systemarkitektur erbjuder för att kunna fatta informerade beslut rörande dess lämplighet. Men datainsamlingskostnader begränsar ofta hur mycket information som kan samlas in om ett SCADA-systems arkitektur och det är svårt för en beslutsfattare att veta hur viktiga olika variabler är eller vad deras värden betyder för SCADA-systemets säkerhet. Bidraget i denna avhandling är ett modelleringsramverk och en teori för att stödja cybersäkerhetsutvärderingar. Det har ett särskilt focus på SCADA-system. Avhandlingen är av sammanläggningstyp och består av sex artiklar. Artikel A beskriver en mall för hur probabilistiska relationsmodeller kan användas för att koppla samman cybersäkerhetsteori med arkitekturmodeller. Artikel B till E bidrar med teori inom operationell säkerhet. Mer exakt, de bidrar med teori angående: upptäckt av mjukvarusårbarheter (artikel B), fjärrexekvering av godtycklig kod (artikel C), intrångsdetektering (artikel D) och attacker mot tillgänglighet (artikel E). Artikel F beskriver hur bidraget i artikel A kombineras med bidragen i artikel B till E och annan operationell cybersäkerhetsteori. Resultatet är ett beslutsstödsverktyg kallat Cyber Security Modeling Language (CySeMoL). Beslutsstödsverktyget producerar sårbarhetsutvärdering för ett system baserat på en arkitekturmodell av det.<br><p>QC 20121018</p>
32
Vuković, Ognjen. "Cyber-security in Smart Grid Communication and Control." Doctoral thesis, KTH, Kommunikationsnät, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-152223.
Full textAbstract:
Society is increasingly dependent on the reliable operation of power systems. Power systems, at the same time, heavily rely on information technologies to achieve efficient and reliable operation. Recent initiatives to upgrade power systems into smart grids target an even tighter integration with information technologies to enable the integration of renewable energy sources, local and bulk generation and demand response. Thus for the reliable operation of smart grids, it is essential that its information infrastructure is secure and reliable in the face of both failures and attacks. This thesis contributes to improving the security of power systems against attacks on their information infrastructures. The contributions lie in three areas: data integrity, data condentiality, and data availability of power system applications. We analyze how characteristics of power system applications can be leveraged for detection and mitigation of data integrity attacks. We consider singleand multi-area power system state estimation. For single-area state estimation, we look at the integrity of measurement data delivered over a wide area communication network. We deffine security metrics that quantify the importance of particular components of the communication network, and that allow us to optimize the deployment of network, transport and application layer security solutions. For multi-area state estimation, we look at the integrity of data exchanged between the control centers of neighboring areas in face of a targeted trojan that compromises an endpoint of the secure communication tunnel. We deffine multiple attack strategies and show that they can signifficantly disturb the state estimation. Moreover, we propose schemes that could be used for detection, localization, and mitigation of data integrity attacks. We investigate how to provide data confidentiality for power system applications when they utilize cloud computing. We focus on contingency analysis and propose an approach to obfuscate information regarding power flows and the presence of a contingency violation while allowing the operator to analyze contingencies with the needed accuracy in the cloud. Our empirical evaluation shows that the errors introduced into power flows due to the proposed obfuscation are small, and that the RMS errors introduced grow linearly with the magnitude of obfuscation. We study how to improve data availability in face of gray hole attacks combined with traffic analysis. We consider two cases: SCADA substation to control center communication using DNP3, and inter-control center communication. In the first case, we propose a support vector machine-based traffic analysis algorithm that uses only the information on timing and direction of three consecutive messages, and show that a gray hole attack can be effectively performed even if the traffic is sent through an encrypted tunnel. We discuss possible mitigation schemes, and show that a minor modication of message timing could help mitigate the attack. In the second case, we study how anonymity networks can be used to improve availability at the price of increased communication overhead and delay. We show that surprisingly availability is not always improved with more overhead and delay. Moreover, we show that it is better to overestimate than to underestimate the attacker's capabilities when conguring anonymity networks.<br><p>QC 20140924</p>
33
Ellithorpe, James O. "The Role and Impact of Cyber Security Mentoring." Thesis, Walden University, 2016. http://pqdtopen.proquest.com/#viewpdf?dispub=10126660.
Full textAbstract:
<p> Business organizations are faced with an enormous challenge to improve cyber security, as breeches and lapses through firewalls are increasingly commonplace. The Chief Information Security Officer (CISO) and Information Technology (IT) staff are constantly challenged to identify and purge online and network structural weaknesses. The goal is to reduce overall business risk because unresolved risks are a constant concern to consumers who are uneasy about cyber security failures. The purpose of this general qualitative study was to examine the role and impact of Cyber Security Mentoring (CSM) from the perspectives of the workplace CISO, mentors, and protégés, who were randomly polled from various workplace settings across the United States. Mentoring allows IT staff members to learn from their CISOs and from workplace mentor mistakes and successes. Workplace IT staff are also closest to the various attack methodologies used by cyber hackers, and cohort and dyadic mentoring may provide insight into and responding to cyber-attacks and improving cyber defenses. Sixty-eight sets of respondent data relating to field experience, formal education, professional industry cyber security certifications, and mentoring were compared and examined between respondents. The goal was to determine where respondents agreed and disagreed on issues pertaining to cyber security and CSM. The findings suggested that CSM with a qualified mentor could improve cyber security in the workplace; in addition, more time must be devoted to continued professional education. Implications for positive social change included the use of CSM to enhance cyber security through the sharing of incidents, mindsets, procedures and expertise, and improvement of customer-consumer security confidence.</p>
34
Al, Zaidi Mazin M. "Cyber security behavioural intentions for trade secret protection." Thesis, University of Warwick, 2017. http://wrap.warwick.ac.uk/108526/.
Full textAbstract:
Trade secrets have become an important aspect of competitive advantage for new and established businesses in the new digital economy. This is particularly true in corporate venturing, where most corporates rely on new entrepreneurial ventures with creative ideas to drive innovation and fuel growth. In this manner, these corporates run corporate venturing units such as corporate accelerators to support entrepreneurs creating new ventures. During the accelerated pace of venturing, trade secrets become the core intangible asset that requires protection for any new venture. Yet, people remain the weakest link in the cyber security chain and that requires more understanding to enhance cyber security protection. A new approach was suggested in this study to explore the protection of trade secrets through the confidentiality of information, the ownership of intellectual property and the secrecy of commercial secrets. This study developed a conceptual model to explore cyber security behaviour for trade secret protection within corporate accelerators. Well-established theories were adopted to develop the research conceptual model for trade secret protection, integrating the protection motivation theory (PMT), social bond theory (SBT) and the concept of psychological ownership. This study began with a comprehensive up-to-date systematic literature review in the field of cyber security behavioural intentions over the past decade. The top 10 journals in the field of cyber security behaviour were reviewed and 46 publications that used 35 behaviour theories were identified. A concept matrix based on a concept-centric approach was applied to present the behavioural theories used in the relevant literature. By analysing the relevant literature results, the key cyber security behaviour elements were identified and illustrated via a concept map and matrix. Based on the output of the literature review analysis, valuable findings and insights were presented. This study investigates entrepreneurs’ cyber security behavioural intentions to protect trade secrets in agile dynamic corporate environments. The research design adopted a hypothetico-deductive approach using a quantitative survey for empirical data collection. To evaluate the conceptual model, a partial least squares method of structural equation modelling (PLS-SEM) analysis was used. This involved validity and reliability assessments, in addition to hypotheses testing. The research results found statistically significant relationships for severity, vulnerability, response efficacy, response cost, involvement and personal norms in relation to cyber security behavioural intentions to protect trade secrets.
35
Masonganye, James. "Analysis of cyber security in smart grid systems." Diss., University of Pretoria, 2005. http://hdl.handle.net/2263/66218.
Full textAbstract:
Cyber security is a major concern due to global incidents of intrusion. The impact of the attacks on the electricity grid can be significant, resulting in the collapsing of the national economy. Electricity network is needed by banks, government security agencies, hospitals and telecommunication operators. The purpose of this research is to investigate the various types of cyber security threats, including ICT technologies required for safe operation of the smart grid to protect and mitigate the impact of cyber security. The modelling of cyber security using the Matlab/SimPowerSystem simulates the City of Tshwane power system. Eskom components used to produce energy, interconnect to the City of Tshwane power distribution substations and simulated using Simulink SimPowerSystem.<br>Dissertation (MEng)--University of Pretoria, 2017.<br>Electrical, Electronic and Computer Engineering<br>MEng<br>Unrestricted
36
Giannini, Martina. "Improving Cyber-Security of Power System State Estimators." Thesis, KTH, Reglerteknik, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-142843.
Full textAbstract:
During the last century, technological advances have deeply renewed many critical infrastructures, such as transportation networks and power systems. In fact, the strong interconnection between physical process, communication channels, and control systems have led to the new concept of cyber-physical systems. Next to countless new advantages, these systems unfortunately have also new weaknesses. An example is cyber-attacks: malicious intrusions into the communication channel turned to manipulate data. In this thesis the considered cyber-physical system is a power network where hundreds of eld devices are connected to a control center, which collects data and controls the whole system. A cyber-attack where the adversary model is based on the attacker's knowledge of the network topology and line parameters is considered. This work is focused on one of the features of the control center: the state estimator. After a preliminary analysis of the conventional state estimators with respect to cyber attacks constructed according to this adversary model, new ideas for improving the security of the system are presented. The aim of this thesis is to propose novel state estimators that are both accurate under no cyber-attack, and at the same time able to detect attacks that are undetectable by the conventional state estimator. This mainly involves introducing additional information about the system as constraints in the state estimator, under the assumption that the new information is not available to the adversary. At the end of the analysis of the new mathematical model of the state estimators, a new denition of undetectable attack is proposed. The functionality of the novel state estimators is demonstrated in numerical experiments, which have been performed on dierent benchmark power networks.
37
Cameron, Calum Duncan. "Self-organising smart grid architectures for cyber-security." Thesis, University of Newcastle upon Tyne, 2017. http://hdl.handle.net/10443/3799.
Full textAbstract:
Current conventional power systems consist of large-scale centralised generation and unidirectional power flow from generation to demand. This vision for power system design is being challenged by the need to satisfy the energy trilemma, as the system is required to be sustainable, available and secure. Emerging technologies are restructuring the power system; the addition of distributed generation, energy storage and active participation of customers are changing the roles and requirements of the distribution network. Increased controllability and monitoring requirements combined with an increase in controllable technologies has played a pivotal role in the transition towards smart grids. The smart grid concept features a large amount of sensing and monitoring equipment sharing large volumes of information. This increased reliance on the ICT infrastructure, raises the importance of cyber-security due to the number of vulnerabilities which can be exploited by an adversary. The aim of this research was to address the issue of cyber-security within a smart grid context through the application of self-organising communication architectures. The work examined the relevance and potential for self-organisation when performing voltage control in the presence of a denial of service attack event. The devised self-organising architecture used techniques adapted from a range of research domains including underwater sensor networks, wireless communications and smart-vehicle tracking applications. These components were redesigned for a smart grid application and supported by the development of a fuzzy based decision making engine. A multi-agent system was selected as the source platform for delivering the self-organising architecture The application of self-organisation for cyber-security within a smart grid context is a novel research area and one which presents a wide range of potential benefits for a future power system. The results indicated that the developed self-organising architecture was able to avoid control deterioration during an attack event involving up to 24% of the customer population. Furthermore, the system also reduces the communication load on the agents involved in the architecture and demonstrated wider reaching benefits beyond performing voltage control.
38
Sheen, Frank Jordan. "An Extensible Technology Framework for Cyber Security Education." BYU ScholarsArchive, 2015. https://scholarsarchive.byu.edu/etd/4375.
Full textAbstract:
Cyber security education has evolved over the last decade to include new methods of teaching and technology to prepare students. Instructors in this field of study often deal with a subject matter that has rigid principles, but changing ways of applying those principles. This makes maintaining courses difficult. This case study explored the kind of teaching methods, technology, and means used to explain these concepts. This study shows that generally, cyber security courses require more time to keep up to date. It also evaluates one effort, the NxSecLab, on how it attempted to relieve the administrative issues in teaching these concepts. The proposed framework in this model looks at ways on how to ease the administrative burden in cyber security education by using a central engine to coordinate learning management with infrastructure-as-a-service resources.
39
Dahlman, Elsa, and Karin Lagrelius. "A Game of Drones : Cyber Security in UAVs." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-259295.
Full textAbstract:
As Unmanned Aerial Vehicles (UAVs) are getting more popular and their area of use is expanding rapidly, the security aspect becomes important to investigate. This thesis is a systematic literature review that examines which type of cyber attacks are most common among attacks directed at civilian use UAVs and what consequences they bring. All cyber attacks presented in the report are categorized using the STRIDE threat model, which risk they pose and what equipment is required for the adversary to follow through with the attack. The findings are that Spoofing and Denial of Service attacks are the most common cyber attack types against UAVs and that hijacking and crashing are the most common results of the attacks. No equipment that is difficult to access is required for either of the attack types in most cases, making the result an indicator that the security state for civilian use UAVs today needs improving.<br>Obemannade luftburna farkoster (OLF) blir mer vanliga allteftersom deras användningsområde utökas, vilket innebär att cybersäkerhetsaspekten behöver studeras. Detta arbete är en systematisk litteraturstudie som undersöker vilka typer av cyberattacker riktade mot drönare som är vanligast och vilka risker de medför. Attackerna i rapporten är kategoriserade med hjälp av metoden STRIDE samt efter vilka mål attackerna haft och vilken utrustning som krävs. Resultatet är att Spoofing och Denial of Service-attacker är vanligast och att de medför att attackeraren kan kapa eller krascha drönaren. Ingen svåråtkomlig utrustning krävs för någon av dessa attacktyper vilket indikerar att säkerhetsläget för civila drönare behöver förbättras.
40
Barosy, Wileen. "Successful Operational Cyber Security Strategies for Small Businesses." ScholarWorks, 2019. https://scholarworks.waldenu.edu/dissertations/6969.
Full textAbstract:
Cybercriminals threaten strategic and efficient use of the Internet within the business environment. Each year, cybercrimes in the United States cost business leaders approximately $6 billion, and globally, $445 billion. The purpose of this multiple case study was to explore the operational strategies chief information security officers of high-technology companies used to protect their businesses from cyberattacks. Organizational learning theory was the conceptual framework for the study. The population of the study was 3 high-technology business owners operating in Florida who have Internet expertise and successfully protected their businesses from cyberattacks. Member checking and methodological triangulation were used to valid the data gathered through semistructured interviews, a review of company websites, and social media pages. Data were analyzed using thematic analysis, which supported the identification of 4 themes: effective leadership, cybersecurity awareness, reliance on third-party vendors, and cybersecurity training. The implications of this study for positive social change include a safe and secure environment for conducting electronic transactions, which may result in increased business and consumer confidence strengthened by the protection of personal and confidential information. The creation and sustainability of a safe Internet environment may lead to increased usage and trust in online business activities, leading to greater online business through consumer confidence and communication.
41
Colella, Antonio. "Cyber security and ubiquity: an human-centric approach." Doctoral thesis, Universita degli studi di Salerno, 2017. http://hdl.handle.net/10556/2688.
Full textAbstract:
2015 - 2016<br>Recent security breaches showed that every attack begins with the involvement of users and continues with the exploitation of technology bugs. In almost all cases, without human collaboration, conscious and unconscious, it would be really difficult to reach the criminal goal. Our approach has mainly three characteristics:
• Centrality of the human factor;
• The ability to mold the scenario to be protected;
• Dynamic adaptation to external and internal threats.
The First step is to deal with the identification of a set of attributes to be used for the construction of a security system fitting to a given context, going beyond the strategy of the pre-established paradigms (CIA and similar). More precisely, in this thesis we focus on the idea that members of Society need to gain sufficient knowledge and experience to avoid the consequences of the limitations of technical solutions. This has lead us toward an integrated model based on a cultural approach in which the trust and co-partnership of the security system are the main focal point. This model implies that technology solutions separated from the surrounding environment are completely inadequate. Social, organizational, and psychological factors have to be considered when implementing security within an organization. The conjunctions among social factors, technological factors, trust, co-partnership, culture, motivation, and organizational models will be better harmonized in a single system. We analyzed Trust in a Security Environment setting up on a rational component, based on information built on experience and on an irrational element, a socalled leap of faith made out of pure instinct, without any logic. We found that Trust and Risk are two inseparable concepts whose bond is supported by rational and irrational character of
2
confidence. We then focus on a correct approach to risk management that, by considering the holistic character of the problem, would at same time adequately support the internal working relationships as well as the relationships between organizations. Moreover, we clarify why technology solutions alone are completely inadequate to ensure security. Social, organizational and psychological factors must be considered when implementing security within an organization. Indeed, we need to consider how people build communities and must take into account how communication patterns affect interactions. The above considerations guided us towards a model that includes the cultural approach where both trust and co- partnership of a security system have a very important role. Security behaviors fostered by information organizations must be achieved by pursuing the motivation and desire as cultural factors. The model considers the societal elements as the most important part of the security system. Trust and co-partnership help create a strong security culture that serves as a framework to the information security system. At the end of the thesis, we will apply trust and co-partnership to introduce a predictive cyber security risk assessment model based on Bayesian Networks and hybrid methodology (as defined by Francois-Xavier Aguessy). The motivations underlying this thesis are mainly based on two observations. The first observation is that trust and co-partnership imply a full involvement of the whole of management style. In order to gain co-partnership, the human factor needs to be the pivot of the security model. The second observation is that an hybrid risk assessment model can help provide a strong foundation for dynamic security modeling. The accuracy of such a model would be related to the number of available scenarios and to the use of the ability of the Bayesian networks to learn parameters from data... [edited by Author]<br>XV n.s.
42
Rassega, Valter. "Cyber security risk management nei servizi pubblici strategici." Doctoral thesis, Universita degli studi di Salerno, 2017. http://hdl.handle.net/10556/2571.
Full textAbstract:
2015 - 2016<br>The global digital network, with its ability to communicate directly and in real time between people in every part of the planet, is a formidable tool to develop relationships and realize exchange of information and knowledge.
In cyberspace they coexist people of all kinds, characterized by different interests, different cultures and different ways of relating to others. From an economic point of view, the global network has become a formidable transactional tool for the exchange of goods and services and there is the commercial and industrial sector that has not arrived in some way in cyberspace.
The cybernetic revolution, induced by new and increasingly powerful electronic and computer technologies, it is not limited to connect the network, almost all of the planet's surface but is rapidly expanding to the direct control of myriad physical devices of the most varied , from Smartphone to wearable devices, from city traffic control to the electricity production and distribution infrastructure systems. And 'the SO-CALLED "Internet of Things" and the Internet of things, the network that interconnects all electronic devices capable of communicating with the outside world.
A pervasive who did not spare the public sector which, first, is called on to provide answers on many fronts, not least regulatory, and as far as possible, ensure compliance with the rules in the real world even in cyberspace.
In particular, the public sector must take responsibility to ensure the physical and cyber security of SO-CALLED National Critical Infrastructure, including all the essential services for national security, the proper functioning of the country and its economic growth and, not least, the well-being of the population. Are Critical Infrastructures electric and energy system, communication networks in general, networks and transport infrastructure of people and goods (ship, rail, air and road), the public health system, economics and financial channels, the national networks of government , regions, those for emergency management and civil protection.
The challenge is complex and Public Administration alone seems unable to respond effectively to increasingly sophisticated cyber-attacks that day, affecting the civilian world, industrial and economic. NCI are not immune and, as a result, the Public Strategic Services are exposed to significant risks. On this issue, Western governments have long established close cooperation with the private sector, and highlighted the need to define a strategy and a shared modus operandi and quality between the various actors involved.
This work aims to address systematically the "hot" topic of cyber security, an area that involves national governments, military, intelligence services, the economy and the business world as a whole and, gradually and in various capacities and degree of interest, every single citizen of the world.
In this unprecedented scenario, strongly characterized by uncertainty and variability of the virus, the application sic et simpliciter of "traditional" evaluation techniques of the corporate risk derivation is inadequate for this purpose, despite a certain degree of adaptation to the new scenario is already underway.
The analysis focuses on the relative adaptive-evolution that is affecting the risk management in the field of cyber security and state of the art in the academic and scientific world views in the introduction of new and more advanced tools for analysis the Cyber Risk.
The work ends with a case study of a large Italian company which provides a strategic public service such as electricity. [edited by author]<br>La rete digitale globale, con la sua capacità di stabilire contatti diretti e in tempo reale tra persone in ogni parte del pianeta, rappresenta uno strumento formidabile per sviluppare relazioni e realizzare scambio di informazioni e di conoscenza.
Nel cyberspazio convivono persone di ogni tipo, caratterizzate da interessi diversi, culture differenti e diversi modi di relazionarsi con il prossimo. Dal punto di vista economico, la rete globale è oggi un formidabile strumento transazionale per lo scambio di beni e di servizi e non vi è settore commerciale e industriale che non sia approdato in qualche modo nel cyberspazio.
La rivoluzione cibernetica, indotta dalle nuove e sempre più potenti tecnologie elettroniche e informatiche, non si è limitata a connettere in rete la quasi totalità della superficie del pianeta ma si sta rapidamente espandendo verso il controllo diretto di una miriade di dispositivi fisici tra i più vari, dagli Smartphone ai dispositivi indossabili, dai sistemi di controllo del traffico cittadino alle infrastrutture di produzione e distribuzione di energia elettrica. E’ la c.d. “Internet of Things” o Internet delle cose, che interconnette in rete tutti i dispositivi elettronici in grado di comunicare con il mondo esterno.
Una pervasività che non ha risparmiato il settore pubblico che, in primo luogo, è chiamato a fornire risposte su numerosi fronti, non ultimo quello normativo, e, per quanto possibile, garantire il rispetto delle regole presenti nel mondo reale anche nello spazio cibernetico.
In particolare, il settore pubblico deve farsi carico di garantire la sicurezza fisica e informatica delle c.d. infrastrutture critiche nazionali, che includono tutti quei servizi essenziali per la sicurezza nazionale, il buon funzionamento del Paese e la sua crescita economica e, non ultimo, il benessere della popolazione. Sono Infrastrutture Critiche il sistema elettrico ed energetico, le reti di comunicazione in genere, le reti e le infrastrutture di trasporto di persone e merci (navale, ferroviario, aereo e stradale), il sistema sanitario pubblico, i circuiti economici e finanziari, le reti del Governo nazionale, delle Regioni, quelle per la gestione delle emergenze e della Protezione Civile.
La sfida è complessa e la Pubblica Amministrazione da sola non sembra in grado di poter rispondere in modo efficace agli attacchi informatici sempre più sofisticati che, quotidianamente, colpiscono il mondo civile, industriale ed economico. Le infrastrutture critiche nazionali non ne sono immuni e, di conseguenza, i Servizi Pubblici Strategici sono esposti a significativi rischi. Su questo tema, i Governi occidentali hanno da tempo avviato una stretta collaborazione con il settore privato, ed è emersa la necessità di definire una strategia e un modus operandi condiviso e di qualità tra i vari attori coinvolti.
Questo lavoro si propone di affrontare in maniera sistematica il tema “caldo” della Cyber Security, un ambito che coinvolge governi nazionali, settori militari, servizi di informazione, il sistema economico e il mondo delle imprese nel suo complesso e, via via e a vario titolo e grado di interesse, ogni singolo cittadino del mondo.
In questo scenario inedito, fortemente connotato da incertezza e variabilità delle minacce, l’applicazione sic et simpliciter delle tecniche “tradizionali” di valutazione del rischio di derivazione aziendale risulta inadeguata allo scopo, nonostante un certo grado di adattamento al nuovo scenario sia già in corso.
L’analisi si concentra sulla parte relativa all’’evoluzione adattativa’ che sta interessando il risk management nel campo della cyber security e dello stato dell’arte nel panorama accademico e scientifico mondiale nell’introduzione di nuovi e più evoluti strumenti per l’analisi del Cyber Risk.
Il lavoro si conclude con un caso di studio effettuato su di una grande azienda italiana che fornisce un servizio pubblico strategico quale l’energia elettrica. [a cura dell'autore]<br>XV n.s.
43
Uuganbayar, Ganbayar. "Relation between cyber insurance and security investments/controls." Doctoral thesis, Università degli studi di Trento, 2021. http://hdl.handle.net/11572/301551.
Full textAbstract:
Nowadays, organisations consider cyber security risk as one of the critical risks at organisations. Due to the increase of cyber-related attacks and more advanced technologies, organisations are forced to implement the proper cyber risk management and find the optimality of security expenditure distribution for treating those risks. About twenty years ago, cyber insurance has been introduced as one of the risk treatment methods backing up the security controls. The concept is further benefiting both organisations and the market, where the insurers globally expect 20$ billion in 2025 [1]. On the other hand, cyber insurance has been dealing with several hurdles on the way to maturing. One of the problematic challenges is the relation between cyber insurance and security investments (or controls). Several papers theoretically devoted the analyses on this issue where some highlighted that cyber insurance could be an incentive for security investments while others claim may lead to the fall of investments for self-protection. Since everything lies in a densely interconnected and risk-prone cyber environment, there are various factors on the relation, which effects should be thoroughly investigated. The overall goal of the thesis is to analyse the problems lying in the risk treatment phase and propose an applicable solution to deal with. In particular, we would like to take into account the following factors to address the relation between cyber insurance and security investments. We first analyse different market models to study possible ways to keep both cyber insurance and security investments in both competitive and non-competitive insurance markets. Some studies showed that security investments fall in the non-competitive insurance market. In this regard, we would like to investigate the possibility of raising the security investments by optimising the loading factor, an additional amount of fee for the premium. In practice, organisations do not face a single threat but multiple threats during a certain period. To the best of our knowledge, there is not a study considering multiple threats in the cyber insurance field to analyse how security investments can be varied. Thus, we investigate the multiple threats case in a competitive cyber insurance market and find how security expenditure can be efficiently distributed between the insurance premium and security investments/controls. The analysis allows us to map security controls and cyber insurance cost-effectively. We provide both theoretical and algorithmic solutions to deal with the problem and validate the solutions in both artificial and practical cases. For a practical scenario, we develop a questionnaire-based risk assessment tool to feed our risk treatment solution with necessary empirical data. In both insurance markets, a degree of security interdependence is a unique peculiarity that affects the behaviour of organisations to invest in their self-protection and have cyber insurance. We theoretically analyse the effect of security interdependence in both market models and show whether it affects positively or negatively.
44
Uuganbayar, Ganbayar. "Relation between cyber insurance and security investments/controls." Doctoral thesis, Università degli studi di Trento, 2021. http://hdl.handle.net/11572/301551.
Full textAbstract:
Nowadays, organisations consider cyber security risk as one of the critical risks at organisations. Due to the increase of cyber-related attacks and more advanced technologies, organisations are forced to implement the proper cyber risk management and find the optimality of security expenditure distribution for treating those risks. About twenty years ago, cyber insurance has been introduced as one of the risk treatment methods backing up the security controls. The concept is further benefiting both organisations and the market, where the insurers globally expect 20$ billion in 2025 [1]. On the other hand, cyber insurance has been dealing with several hurdles on the way to maturing. One of the problematic challenges is the relation between cyber insurance and security investments (or controls). Several papers theoretically devoted the analyses on this issue where some highlighted that cyber insurance could be an incentive for security investments while others claim may lead to the fall of investments for self-protection. Since everything lies in a densely interconnected and risk-prone cyber environment, there are various factors on the relation, which effects should be thoroughly investigated. The overall goal of the thesis is to analyse the problems lying in the risk treatment phase and propose an applicable solution to deal with. In particular, we would like to take into account the following factors to address the relation between cyber insurance and security investments. We first analyse different market models to study possible ways to keep both cyber insurance and security investments in both competitive and non-competitive insurance markets. Some studies showed that security investments fall in the non-competitive insurance market. In this regard, we would like to investigate the possibility of raising the security investments by optimising the loading factor, an additional amount of fee for the premium. In practice, organisations do not face a single threat but multiple threats during a certain period. To the best of our knowledge, there is not a study considering multiple threats in the cyber insurance field to analyse how security investments can be varied. Thus, we investigate the multiple threats case in a competitive cyber insurance market and find how security expenditure can be efficiently distributed between the insurance premium and security investments/controls. The analysis allows us to map security controls and cyber insurance cost-effectively. We provide both theoretical and algorithmic solutions to deal with the problem and validate the solutions in both artificial and practical cases. For a practical scenario, we develop a questionnaire-based risk assessment tool to feed our risk treatment solution with necessary empirical data. In both insurance markets, a degree of security interdependence is a unique peculiarity that affects the behaviour of organisations to invest in their self-protection and have cyber insurance. We theoretically analyse the effect of security interdependence in both market models and show whether it affects positively or negatively.
45
Herpig, Sven [Verfasser]. "Anti-War and the Cyber Triangle : Strategic Implications of Cyber Operations and Cyber Security for the State / Sven Herpig." Berlin : epubli GmbH, 2016. http://d-nb.info/1081304472/34.
Full text
46
Lyn, Kevin G. "Classification of and resilience to cyber-attacks on cyber-physical systems." Thesis, Georgia Institute of Technology, 2015. http://hdl.handle.net/1853/53926.
Full textAbstract:
The growing connectivity of cyber-physical systems (CPSes) has led to an increased concern over the ability of cyber-attacks to inflict physical damage. Current cybersecurity measures focus on preventing attacks from penetrating control supervisory networks. These reactive techniques, however, are often plagued with vulnerabilities and zero-day exploits. Embedded processors in CPS field devices often possess little security of their own, and are easily exploited once the network is penetrated. In response, researchers at Georgia Tech and Virginia Tech have proposed a Trustworthy Autonomic Interface Guardian Architecture (TAIGA), which monitors communication between the embedded controller and physical process. This autonomic architecture provides the physical process with a last line of defense against cyber-attacks by switching process control to a trusted backup controller if an attack causes a system specification violation.
This thesis focuses on classifying the effects of cyberattacks on embedded controllers, evaluating TAIGA’s resilience against these attacks, and determining the applicability of TAIGA to other CPSes. This thesis identifies four possible outcomes of a cyber-attack on a CPS embedded processor. We then evaluate TAIGA’s mechanisms to defend against those attack outcomes, and verify TAIGA satisfies the listed trust requirements. Next, we discuss an implementation and the experimental results of TAIGA on a hazardous cargo transportation robot. Then, by making various modifications to the setup configuration, we are able to explore TAIGA’s ability to provide security and process protection to other CPSes with varying levels of autonomy or distributed components.
47
Mezzour, Ghita. "Assessing the Global Cyber and Biological Threat." Research Showcase @ CMU, 2015. http://repository.cmu.edu/dissertations/535.
Full textAbstract:
In today’s inter-connected world, threats from anywhere in the world can have serious global repercussions. In particular, two types of threats have a global impact: 1) cyber crime and 2) cyber and biological weapons. If a country’s environment is conducive to cyber criminal activities, cyber criminals will use that country as a basis to attack end-users around the world. Cyber weapons and biological weapons can now allow a small actor to inflict major damage on a major military power. If cyber and biological weapons are used in combination, the damage can be amplified significantly. Given that the cyber and biological threat is global, it is important to identify countries that pose the greatest threat and design action plans to reduce the threat from these countries. However, prior work on cyber crime lacks empirical substantiation for reasons why some countries’ environments are conducive to cyber crime. Prior work on cyber and biological weapon capabilities mainly consists of case studies which only focus on select countries and thus are not generalizeable. To sum up, assessing the global cyber and biological threat currently lacks a systematic empirical approach. In this thesis, I take an empirical and systematic approach towards assessing the global cyber and biological threat. The first part of the thesis focuses on cyber crime. I examine international variation in cyber crime infrastructure hosting and cyber crime exposure. I also empirically test hypotheses about factors behind such variation. In that work, I use Symantec’s telemetry data, collected from 10 million Symantec customer computers worldwide and accessed through the Symantec’s Worldwide Intelligence Network Environment (WINE). I find that addressing corruption in Eastern Europe or computer piracy in Sub-Saharan Africa has the potential to reduce the global cyber crime. The second part of the thesis focuses on cyber and biological weapon capabilities. I develop two computational methodologies: one to assess countries’ biological capabilities and one to assess countries’ cyber capabilities. The methodologies examine all countries in the world and can be used by non-experts that only have access to publicly available data. I validate the biological weapon assessment methodology by comparing the methodology’s assessment to historical data. This work has the potential to proactively reduce the global cyber and biological weapon threat.
48
Humphrey, Mike. "Identifying the critical success factors to improve information security incident reporting." Thesis, Cranfield University, 2017. http://dspace.lib.cranfield.ac.uk/handle/1826/12739.
Full textAbstract:
There is a perception amongst security professionals that the true scale of information security incidents is unknown due to under reporting. This potentially leads to an absence of sufficient empirical incident report data to enable informed risk assessment and risk management judgements. As a result, there is a real possibility that decisions related to resourcing and expenditure may be focussed only on what is believed to be occurring based on those incidents that are reported. There is also an apparent shortage of research into the subject of information security incident reporting. This research examines whether this assumption is valid and the potential reasons for such under reporting. It also examines the viability of re-using research into incident reporting conducted elsewhere, for example in the healthcare sector. Following a review of what security related incident reporting research existed together with incident reporting in general a scoping study, using a group of information security professionals from a range of business sectors, was undertaken. This identified a strong belief that security incidents were significantly under-reported and that research from other sectors did have the potential to be applied across sectors. A concept framework was developed upon which a proposal that incident reporting could be improved through the identification of Critical Success Factors (CSF’s). A Delphi study was conducted across two rounds to seek consensus from information security professionals on those CSF’s. The thesis confirms the concerns that there is under reporting and identifies through a Delphi study of information security professionals a set of CSF’s required to improve security incident reporting. An Incident Reporting Maturity Model was subsequently designed as a method for assisting organisations in judging their position against these factors and tested using the same Delphi participants as well as a control group. The thesis demonstrates a contribution to research through the rigorous testing of the applicability of incident reporting research from other sectors to support the identification of solutions to improve reporting in the information security sector. It also provides a practical novel approach to make use of a combination of CSF’s and an IRMM that allows organisations to judge where their level of maturity is set against each of the four CSF’s and make changes to strategy and process accordingly.
49
Akella, Ravi Chandra. "Information flow properties for cyber-physical systems." Diss., Rolla, Mo. : Missouri University of Science and Technology, 2009. http://scholarsmine.mst.edu/thesis/pdf/Akella_09007dcc806406a3.pdf.
Full textAbstract:
Thesis (M.S.)--Missouri University of Science and Technology, 2009.<br>Vita. The entire thesis text is included in file. Title from title screen of thesis/dissertation PDF file (viewed April 15, 2009) Includes bibliographical references (p. 34-36).
50
Hasan, Md Mahmud. "Optimal Cyber Security Placement Schemes for Smart City Infrastructures." Thesis, Université d'Ottawa / University of Ottawa, 2017. http://hdl.handle.net/10393/36199.
Full textAbstract:
The conceptual evolution of smart cities is highly motivated by the advancement of information and communication technologies (ICTs). The purpose of a smart city is to facilitate the best quality of life to its inhabitants. Its implementation has to be supported by the compliant utilities and networked infrastructures. In the current world, it can only be achieved by applying ICTs in an extensive manner. The move towards the smart city's seamless connectivity widens the scope of cyber security concerns. Smart city infrastructures to face a high risk of targeted attacks due to extended cyber-physical vulnerabilities. This creates many challenging research issues relevant to the design and implementation of cyber security solutions. Networks associated with city infrastructures vary from a small indoor one to a large geographically distributed one. The context of a network is an essential consideration for security solutions. This thesis investigates a set of optimal security placement problems for enhancing monitoring in smart city infrastructures. It develops solutions to such placement problems from a resource management perspective. Economy and quality-of-security service (QoSS) are two major design goals. Such goals are translated into three basic performance metrics: (i) coverage, (ii) tolerance, and (iii) latency. This thesis studies security placement problems pertaining to three different types of networks: (i) wireless sensor network (WSN), (ii) supervisory control and data acquisition (SCADA) backbone, and (iii) advanced metering infrastructure (AMI) wide area network (WAN). In a smart city, WSNs are deployed to support real time monitoring and safety alert (RTMSA) applications. They are highly resource constrained networks. For WSNs, placement problems for an internally configured security monitor named watchdog have been studied. On the other hand, a smart grid is a key driver for smart cities. SCADA and AMI are two major components of a smart grid. They are associated with two different types of geographically distributed networks. For SCADA backbones, placement problems for a specially designed security device named trust system have been studied. For AMI-WANs, placement problems for a cloud-based managed security service have been studied. This thesis proposes a number of promising solution schemes to such placement problems. It includes evaluation results that demonstrate the enhancements of the proposed schemes.