To see the other types of publications on this topic, follow the link: Hacking.
Dissertations / Theses on the topic 'Hacking'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Hacking.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Peacock, Donna. "From underground hacking to ethical hacking." Thesis, Northumbria University, 2013. http://nrl.northumbria.ac.uk/32285/.
Full textAbstract:
This Thesis explores the nature and practice of ‘Ethical Hacking’. Ethical Hackers are individuals who use hacking skills, knowledge and techniques within legitimate authorised practice; they are employed to Hack. A Critical Realist methodological approach is employed in order to gain a qualitative understanding of a real phenomenon through a range of key informants who provide personal narratives within semi-structured interviews, commenting upon their own realities, and their perceptions of the field in which they work. A Bounded Rational Model of decision making reveals that decisions relating to involvement in criminality and individual Hacking events are made through a process of reasoning, of approximating the net gains and losses of a particular course of action, and that these decisions are ‘bounded’ by social norms, ethical approaches and the personal motivations and social circumstances within which the decisions and behaviour are framed.
2
Oswald, Kathleen Frazer. "Hacking subject, subjecting hacking crisis in technoculture /." Click here for download, 2006. http://wwwlib.umi.com/cr/villanova/fullcit?p1432838.
Full text
3
Villegas, Manuela. "Business Hacking." Universidad Peruana de Ciencias Aplicadas (UPC), 2021. http://hdl.handle.net/10757/657608.
Full textAbstract:
El business hacking como marco en la transformación empresarial tangible, medible y sontenible.
La digitalización y las altas expectativas de los consumidores están cambiando radicalmente la forma en que interactuamos, y las organizaciones que saben cómo gestionarlo tendrán éxito. El marco de business hacking tiene como objetivo hacer que la transformación sea tangible y medible, haciendo que el cambio sea sostenible y encontrando nuevas formas de optimizar la cultura y el impacto empresarial.
pasando por todo un modelo accionable de adquisiciòn y retenciòn basado en medios digitales
4
Kelly, Liam Patrick. "Hacking Systems, Hacking Values: Interactive Theories For An Interactive World." Thesis, Virginia Tech, 2003. http://hdl.handle.net/10919/36477.
Full textAbstract:
<p> Langdon Winner's article "Do Artifacts Have Politics?" (1986) has become a classic piece within Science and Technology Studies. While Winner was certainly not the first to consider the inherently political qualities of technology, his article has assumed the role of a touchstone for both supporters and critics of the idea that artifacts embody political and social relationships. In the chapters that follow, I shall try to answer Winner and his critics, by studying a particular technology that I believe to be capable of shedding some much-needed light on the issue. My aim is provide a restatement of Winner's question in the pages that follow, with the hope of getting past such problematic terms as "embodiment" and "encapsulation." My hope is to make the issue itself clearer, so that we can get to the heart of how technology, values, and human beings systematically interact.
</p><p>
I shall utilize in my discussion computer network scanning software. I shall first discuss the background to the question "Do Artifacts Have Politics?" and then describe some of the ethical and political forces alive in the computer security world. Next I shall closely examine two particular pieces of network scanning software and describe their interactions in terms of political and ethical motivations. Finally, I shall use this case study as a basis for a broader discussion of how values may be better conceived in terms of complex interactive systems of human beings and technologies.</p><br>Master of Science
5
Zapico, Lamela Jorge Luis. "Hacking for Sustainability." Doctoral thesis, KTH, Medieteknik och interaktionsdesign, MID, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-137215.
Full textAbstract:
ICT for Sustainability is a growing research area looking at the potential of information and communication technologies for contributing to sustainability. The existing work in this area can be grouped in four main categories: The optimization of existing systems using ICT, the dematerialization of cultural assets and presence, the use of technology for behavioral change, and the support of sustainability practice and research. Within this research area, this thesis focuses on exploring how new technologies and approaches of working with data, such as APIs, mashups, crowdsourcing, open data, and dynamic visualizations, can be applied to sustainability and sustainability practice. This thesis follows a research through design method, where applications, prototypes, and events were created and released following an iterative design process. Five different design artifacts or “hacks” are presented and analyzed together as a portfolio. This collection of artifacts is a practical exploration of the research questions and it embodies the results. Based on the created artifacts, this text argues that the new technologies and paradigms coming from ICT can transform how sustainability work is performed, by changing the way that sustainability data is created, shared and visualized. This new “data-driven” approach is characterized by a bottom-up way of data gathering, automatic data collection and crowdsourcing, a real time orientation, a focus on transparency and openness, dynamic and interactive visualizations, and new approaches to innovation. These characteristics create new opportunities for making sustainability practice more effective and broaden its impact, but they also create new problems and increase existing risks. Finally it is argued that while information and communication technologies are usually treated as tools, these innovations in ICT for Sustainability are not only technological, but also cultural. The hacker ethic values connected with computer technologies, such as an open way of sharing knowledge, the focus on creativity as a driving force, and a hands-on approach, are key for understanding this research area and an important part of the contribution from ICT to sustainability.<br><p>QC 20131213</p>
6
Flores, Solís Fernando Rolyn. "Ethical hacking - RC19 201801." Universidad Peruana de Ciencias Aplicadas (UPC), 2018. http://hdl.handle.net/10757/623917.
Full textAbstract:
El presente es un curso de especialidad de la carrera Ingeniería de Redes y Comunicaciones EPE, de carácter
teórico, dirigido a los estudiantes del nivel 12 de la carrera, que busca desarrollar la competencia general de
pensamiento critico nivel 3 y la competencia específica B - Capacidad para diseñar y realizar experimentos y
analizar e interpretar los datos en Ingeniería de Redes y Comunicaciones - nivel 3.
Este curso permitirá al alumno conocer los principales vectores de ataque que se despliegan sobre los sistemas a
nivel mundial, permitiéndole reconocer las vulnerabilidades, como se explotan las debilidades en los sistemas y
ayudarle a proteger los activos de las amenazas.
7
Gabrielsson, Jonas. "Hacking your drone data." Thesis, Malmö universitet, Malmö högskola, Institutionen för datavetenskap och medieteknik (DVMT), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-41403.
Full textAbstract:
The last couple of years has seen a rapid growth in smart devices. The smart devices are exponentially gaining more popularity both as a complement to our daily lives in the form of IoT products aiding in our everyday tasks and as a way we communicate and work. An estimation of 75.44 billion devices will be connected to the internet by 2025. With the rapid development and normalization of IoT devices, questions regarding privacy has never been more important. This thesis focuses on privacy in relation to one of the most emerging technologies, drones. Drones have been discussed frequently in both governmental and commercial sectors for its inevitable normalization in the airspace. Previously privacy and drones has been researched and discussed from the point of view of which drones are used to infringe on people’s privacy. This thesis explores privacy from another point of view, the view of the drone owner. By exploring privacy from the drone users’ point of view, this thesis shows the importance of better privacy measurements by proposing a conceptual model to existing popular privacy definitions. To investigate privacy in this context, a case has been conducted which proved and validated what kind of data is at risk of being hijacked. The thesis provides a conceptual model that aims to help commercial drone owners to analyze how privacy infringements can occur, why they could occur and how to account for them in the future. Furthermore, the thesis highlights the vulnerability that WIFI dependent devices poses with DDoS attacks. The findings of this thesis show that an infringement of privacy regarding commercial drones requires more clear privacy regulations and definitions, as well as highlighting privacy vulnerabilities in commercial drones.
8
Höglund, Gran Tommie, and Erik Mickols. "Hacking a Commercial Drone." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-284573.
Full textAbstract:
Obemannade luftfarkoster, även kallade drönare, är del av IoT-revolutionen och har uppmärksammats de senaste åren på grund av integritetsfrågor såväl som flygplats- och militär säkerhet. Då de kan flyga samt har implementerat en ökande mängd teknologi, särskilt kamera och annan övervakning, är de attraktiva måltavlor för hackers och penetrationstestare. Ett antal attacker har genomförts i närtid. I detta examensarbete utforskas och attackeras drönaren Parrot ANAFI genom att använda hotmodellering ur ett black box-perspektiv. Hotmodelleringen inkluderar hotidentifiering med STRIDE samt riskvärdering med DREAD. Inga stora svagheter i systemet hittades. Rapporten visar att tillverkaren har en stor säkerhetsmedvetenhet. Exempel på denna medvetenhet är att tidigare rapporterade svagheter har åtgärdats och programkoden har förvrängts. Metoderna och de funna resultaten kan användas för att vidare utforska svagheter i drönare och liknande IoT-enheter.<br>Unmanned aerial vehicles, commonly known as drones, are part of the IoT revolution and have gotten some attention in recent years due to privacy violation issues as well as airport and military security. Since they can fly and have an increasing amount of technology implemented, especially camera and other surveillance, they are attractive targets for hackers and penetration testers. A number of attacks have been carried out over the years. In this thesis the Parrot ANAFI drone is explored and attacked using threat modeling from a black box perspective. The threat modeling includes identifying threats with STRIDE and assessing risks with DREAD. Major vulnerabilities in the system were not found. This report shows that the manufacturer has a high security awareness. Examples of this awareness are that previously reported vulnerabilities have been mitigated and firmware code has been obfuscated. The methods used and results found could be used to further explore vulnerabilities in drones and similar IoT devices.
9
Carlsson, Simon, and Max Näf. "Internet of Things Hacking." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-239366.
Full textAbstract:
As the Internet of Things is gaining more traction in the market, people are becoming more comfortable with having their daily equipment connected to the internet, fewer are taking the security aspect seriously. By attempting an attack on the Telia Sense, an IoT device connected to a car, it is shown how an attacker could try to compromise this type of system and how developers and engineers in the field can test their devices. Information from the device was obtained, including debug information and program code. Telia Sense was found to be a well secured device with a lot of thought and consideration given towards cyber security, therefore a successful attack was not able to be performed. However, the methods and procedures described in this paper are still valid and does aid in securing a device.
10
Lindeberg, Axel. "Hacking Into Someone’s Home using Radio Waves : Ethical Hacking of Securitas’ Alarm System." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-302999.
Full textAbstract:
The number of IoT systems in our homes has exploded in recent years. By 2025 it is expected that the number of IoT devices will reach 38 billion. Home alarm systems are an IoT product that has increased dramatically in number and complexity in recent years. Besides triggering an alarm when an intruder tries to break in, a modern system can now control your light bulbs, lock and unlock your front door remotely, and interact with your smart speaker. They are undeniably effective in deterring physical intrusion. However, given the recent rise in complexity how well do they hold up against cyber attacks? In this thesis, a smart home alarm system from SecuritasHome is examined. A comprehensive security analysis was performed using penetration testing techniques and threat modeling. The work focused mainly on radio frequency (RF) hacking against the systems RF communication. Among other things, a critical vulnerability was found in the proprietary RF protocol, allowing an attacker to disarm an armed system and thus completely bypass the system’s functionality. The security of the system was deemed to be lacking.<br>Antalet IoT system i våra hem har exploderat de senaste åren. Vid år 2025 förväntas antalet IoT enheter nå 38 miljarder. Hemlarmsystem är en typ av IoT-produkt som ökat dramatiskt i komplexitet på senare tid. Förutom att framkalla ett larm vid ett intrång kan ett modernt hemlamsystem numera kontrollera dina glödlampor, låsa och låsa upp din ytterdörr, samt kontrollera dina övervakningskameror. De är utan tvekan effektiva på att förhindra fysiska intrång, men hur väl står de emot cyberattacker? I denna uppsats undersöks ett hemlarmsystem från SecuritasHome. En utförlig säkerhetsanalys gjordes av systemet med penetrationstestnings-metodiker och hotmodellering. Arbetet fokuserade mestadels på radiovågshackning (RF) mot systemets RF-kommunikation. Bland annat hittades en kritiskt sårbarhet i systemets RF-protokoll som gör det möjligt för en angripare att avlarma ett larmat system, och därmed kringå hela systemets funktionalitet. Säkerheten av systemet bedömdes vara bristfällig.
11
Chatterjee, Pascal. "Hacking Education with Virtual Microworlds." Thesis, KTH, Skolan för datavetenskap och kommunikation (CSC), 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-156386.
Full textAbstract:
Contrary to popular belief, scientists working in their laboratories are not the members of society who learn the most in their daily lives. The members of society who do by far the most learning in their daily lives are children.Children tend to walk by the age of 12 months; they can express themselvesin the extremely complex system known as natural language by the age of two years; and they have developed a theory of mind after spending a mere four years in the world. And they manage all of this before entering formal education.The progress of even the hardest working university student pales in comparison.This is not just due to the difference in age between adults and children. It also has to do with the environment in which we learn.Microworlds are environments in which adult minds can construct knowledge in a similar way to children. This paper explains the ideas behind microworlds and describes two implementations of them.One microworld created for this paper, Narrative Roulette, is both an engaging and effective learning environment for teenage students at Kungsholmens Gymnasium.However, it does not seem to provide enough direct value for teachers for it to become a regular part of Kungsholmens Gymnasium’s curriculum.<br>Barn börjar att gå vid 12 månaders ålder. De kan uttrycka sig i det extremt komplexa systemet som kallas naturligt språk vid två års ålder. Vidare har de utvecklat inlevelseförmåga efter att ha tillbringat endast fyra år i världen. Allt detta har de klarat av innan de påbörjat någon formell utbildning.Detta ställer även den flitigaste studentens universitetsstudier i skuggan. Det handlar inte bara om åldersskillnaden mellan vuxna och barn, utan även inlärningsmiljön.Mikrovärldar är miljöer där vuxna kan konstruera kunskap såsom barn gör.Denna uppsats förklarar idéerna bakom mikrovärldar, beskriver två tillämpningar som skapats från grunden och diskuterar framgången och huruvida konceptet någonsin kommer att ingå i den allmänna läroplanen.Mikrovärlden som skapats för denna rapport heter Narrative Roulette, ocherbjuder en engagerande och effektiv inlärningsmiljö för tonårselever.
12
Utkina, M. S. "Computer hacking - high-tech crime." Thesis, Сумський державний університет, 2012. http://essuir.sumdu.edu.ua/handle/123456789/28618.
Full text
13
Уткіна, Марина Сергіївна, Марина Сергеевна Уткина, and Maryna Serhiivna Utkina. "Computer hacking - high-tech crime." Thesis, Сумський державний університет, 2012. http://essuir.sumdu.edu.ua/handle/123456789/42835.
Full textAbstract:
В роботі проаналізовано злочини із використанням комп’ютерів зважаючи на технічний прогрес. Також визначено поняття "хакер" та наведені шляхи, як захистити себе від хакерів.<br>В работе проанализированы преступления с использованием компьютеров несмотря на технический прогресс. Также определено понятие "хакер" и приведены пути, как защитить себя от хакеров.<br>The work analyzed crimes using computers in view of technical progress. Also the term "hacker" was given and there were defined ways to protect yourself from hackers.
14
Paučo, Daniel. "Bezpečnostní cvičení pro etický hacking." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2020. http://www.nusl.cz/ntk/nusl-413068.
Full textAbstract:
This master thesis deals with penetration testing and ethical hacking. Regarding to the layout of the thesis there was prepared appropiate enviroment to realize Red/Blue team exercise, where Red team is in a role of the attacker and Blue team is in a role of defender of the network infrastructure. Whole infrastructure is implemented in a cloud virtual enviroment of VMware vSphere. Second part of the thesis consists of preparation and creation of the exercise to test web application security. Third part of the thesis is dedicating to the automatization of redteaming. Main focus of this master thesis is to demonstrate different attack vectors how to attack the network infrastructure and web applications and use of the defense mechanisms to avoid this kinds of attacks.
15
Välja, Margus. "Determinants of the Ease of Hacking." Thesis, KTH, Industrial Information and Control Systems, 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-98489.
Full textAbstract:
Software security is a problem. Software development mistakes end up as vulnerabilities that can be exploited. The easier a software exploit makes attacking a target, the less skilled people are able to do it. Various prioritisation systems exist to address software security issues. The author of this paper finds that they are either too complex and hard to access, or product specific. This thesis takes a whole new approach to the prioritisation by studying exploit completeness and the factors that relate to it. First an exploit completeness scale is constructed, then the author conducts a study to analyse vulnerability and exploit data with statistical methods. The results show that seven factors influence exploit completeness. Five factors are used to build a linear regression model for completeness prediction. The time needed to collect the data for the factors is measured.
16
Garrett, Bradley Lannes. "Place hacking : tales of urban exploration." Thesis, Royal Holloway, University of London, 2012. http://digirep.rhul.ac.uk/items/0f81cf04-4d98-1e6e-5b02-1a6205d70ce6/1/.
Full textAbstract:
Urban exploration is a practice of researching, discovering and physically exploring temporary, obsolete, abandoned, derelict and infrastructural areas within built environments. Through charting the rise to prominence of a London urban exploration crew between 2008 and 2011, of which I became an active member, I posit that urban explorers are one of many groups reacting to increased surveillance and control over urban space by undertaking embodied urban interventions in the city that undermine clean spatio/temporal narratives. The primary research questions stem from my attempts to interrogate the practice from the inside out: Who are urban explorers? What does it involve? Why do they do it? What do they think they will accomplish? While the thesis focuses primarily on 220 explorations undertaken with my primary ethnographic group in London between 2008 and 2011, it also speaks to the urban exploration "scene" that has developed over the past twenty years in cities all over the world. The results that emerge from the research both compliment and complicate recent work within geography around issues of surveillance, resistance, hacking and urban community building and lays out a new account, never before outline in such detail, of the tales of urban exploration taking place in temporary cities across the globe. This visual ethnography is comprised of text (75,000 words), photographs (200) and video (10 shorts). the ethnographic video components can be found on the Place Hacking video channel located at http://vimeo.com/channels/placehacking . I suggest watching all 10 short videos before reading this thesis.
17
Shukla, Siddharth. "Embedded Security for Vehicles : ECU Hacking." Thesis, Uppsala universitet, Institutionen för informationsteknologi, 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-300740.
Full textAbstract:
A modern automotive vehicle is a complex technical system, containing many electronic, mechanical, and software parts. Typically, a vehicle contain 70 or more ECU's (Electronic Control Units) on an average controlling a large number of distributed functions, of which many are safety-critical like ABS control, Transmission Control, Engine Control and Body Control etc. So if there are possible attacks on the ECU then this could be even more dangerous than the web attacks as these involve the risk of life. The project involves vulnerability analysis of ECU with Tricore microcontroller to understand any security weaknesses and attacks are created to exploit those weaknesses. A service with potential vulnerabilities is implemented on the ECU and attacks to exploit such vulnerabilities are demonstrated. The Tricore architecture is analyzed to find what types of attacks are possible, what the desired targets are and how attacks could be performed over the CAN network. The result of the project is a working example of an exploitable application running on an ECU and microcontroller.
18
Achkoudir, Rami, and Zainab Alsaadi. "Ethical Hacking of a Smart Plug." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-291355.
Full textAbstract:
The number of Internet of Things (IoT) devices is growing rapidly which introduces plenty of new challenges concerning the security of these devices. This thesis aims to contribute to a more sustainable IoT environment by evaluating the security of a smart plug. The DREAD and STRIDE methods were used to assess the potential threats and the threats with the highest potential impact were penetration tested in order to test if there were any security preventions in place. The results from the penetration tests presented no major vulnerabilities which bring us to the conclusion that the Nedis Smart Plug has implemented enough security measures.<br>Antalet Internet of Things (IoT) -enheter växer snabbt vilket medför många nya utmaningar när det gäller säkerheten för dessa enheter. Denna avhandling syftar till att bidra till en mer hållbar IoT-miljö genom att utvärdera säkerheten för en smart plug. Metoderna DREAD och STRIDE användes för att bedöma de potentiella hoten och hoten med störst potentiell påverkan penetrerades för att testa om det fanns några säkerhetsförebyggande åtgärder. Resultaten från penetrationstesterna presenterade inga större sårbarheter som ledde oss till slutsatsen att Nedis Smart Plug har genomfört tillräckliga säkerhetsåtgärder.
19
Rubbestad, Gustav, and William Söderqvist. "Hacking a Wi-Fi based drone." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-299887.
Full textAbstract:
Unmanned Aerial Vehicles, often called drones or abbreviated as UAVs, have been popularised and used by civilians for recreational use since the early 2000s. A majority of the entry- level commercial drones on the market are based on a WiFi connection with a controller, usually a smart phone. This makes them vulnerable to various WiFi attacks, which are evaluated and tested in this thesis, specifically on the Ryze Tello drone. Several threats were identified through threat modelling, in which a set of them was selected for penetration testing. This is done in order to answer the research question: How vulnerable is the Ryze Tello drone against WiFi based attacks? The answer to the research question is that the Ryze Tello drone is relatively safe, with the exception of it not having a default password for the network. A password was set for the network, however it was still exploited through a dictionary attack. This enabled attacks such as injecting flight instructions as well as the ability to gain access to the video feed of the drone while simultaneously controlling it through commands in terminal.<br>Drönare, eller UAV från engelskans Unmanned Aerial Vehicle, har ökat i popularitet bland privatpersoner sedan tidigt 2000tal. En majoritet av drönare för nybörjare är baserade på WiFi och styrs med en kontroll som vanligtvis är en smart phone. Detta innebär att dessa drönare kan vara sårbara för olika typer av attacker på nätverket, vilket utvärderas och testas i denna rapport på drönaren Ryze Tello. Flera hot identifierades med hotmodellering och ett flertal valdes ut för penetrationtest. Detta genomförs med syftet att svara på forskningsfrågan: Hur sårbar är Ryze Tello mot WiFi baserade attacker? Svaret på forskningsfrågan är att drönaren Ryze Tello är relativt säker, med undantaget att den inte har ett standardlösenord. Ett lösenord sattes på nätverket, men lösenordet knäcktes ändå med en ordboksattack. Detta möjliggjorde attacker så som instruktionsinjicering och förmågan att se videoströmmen från drönaren samtidigt som den kan kontrolleras via kommandon i terminalen.
20
Omar, Hadeer. "Egyptianization: Culture hacking as a method." VCU Scholars Compass, 2016. http://scholarscompass.vcu.edu/etd/4114.
Full textAbstract:
In a broad sense, cultures undergo a metamorphoses due to the external influences and systems impacting the evolution of internal identities. Conversely, Individuals within cultures react to those external influences and systems.The act of hacking a culture is an opportunity to challenge an existing or imported system in order to bring about change and improvement. An aspect of culture hacking is to create messages of satire or irony in order to criticize, or completely reject established systems within cultures.
Post Arab spring, Egyptians practiced culture hacking by applying their cultural tools to external systems and influences, producing a process of ‘Egyptianization’. This investigation examines the MFA program’s culture at Virginia Commonwealth University in Qatar as a case study, and adapts those Egyptianized tools to hack the culture. The program has its own values, rituals, traditions, imported systems, influences and dominant symbols. The aim of this thesis is to generate customized hacking methodologies that identify cracks within this culture and develop an innovative framework to critically analyze them through visual representation.
21
Körlinge, Max. "Haxonomy : A Taxonomy for Web Hacking." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254639.
Full textAbstract:
This study aims to show that the information present in public vulnerability reports from bug bounty programs can be utilized to provide aid for individual security researchers when performing their research. This is done here by creating a taxonomy based on the attack surfaces on a website that were used by the author of a report when discovering a vulnerability. Reports are then indexed according to this taxonomy together with the discovered vulnerability, to provide statistics on which vulnerabilities are most commonly found on what attack surfaces. The taxonomy and the indexed reports, referred to as the Haxonomy, are then also used as the basis for a machine learning algorithm which is trained to provide guidance to bug bounty hunters. It is concluded that this proof-of-concept, if developed fully, can be used to improve the success rate of individual security researchers operating on bug bounty platforms.<br>Syftet med denna studie är att visa att informationen som finns i offentliga sårbarhetsrapporter från så kallade bug-bounty program kan användas för att hjälpa individer att genomföra bättre sårbarhetstester. Detta görs här genom att skapa en taxonomi baserad på vilka attackytor på en hemsida som en författare av en sådan rapport har använt för att upptäcka sårbarheten. Sårbarhetsrapporter indexeras sedan enligt denna taxonomi, för att tillsammans med vilka sårbarheter som upptäckts ta fram statistik på vilka sårbarheter som man mest troligen kan hitta via vilka attackytor. Taxonomin och de indexerade rapporterna, tillsammans referrerade till som Haxonomin, används sedan också som material för att träna en algoritm med hjälp av maskininlärning, som kan vara till hjälp vid sårbarhetstester. Slutsatsen dras att detta konceptbevis kan utvecklas och användas för att hjälpa sårbarhetstestare att hitta fler sårbarheter i framtiden.
22
Florez, Cardenas Mateo, and Gabriel Acar. "Ethical Hacking of a Smart Fridge : Evaluating the cybersecurity of an IoT device through gray box hacking." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-302373.
Full textAbstract:
With the increasing popularity of Internet of Things (IoT) devices, a complete smart home is becoming more of a reality. Thus the security of said devices is becoming increasingly more important. Unsecured IoT devices could lead to potential consequences of societal proportion. Therefore there is an entire industry dedicated to mitigating such security threats and contributing to a sustainable society. The security of a Samsung Smart Refrigerator was evaluated in this thesis. The methodology implemented followed a gray box approach and consisted of initially creating a threat model, indicating potential vulnerabilities, and then using the said model to design penetration tests to assess the findings. It was concluded that the fridge was secure in the scope of this thesis. However, grounds for further research were discovered.<br>Med den ökande populariteten för IoT-enheter (Internet of Things) blir ett komplett smart hem alltmer verklighet. Säkerheten för dessa enheter blir därför allt viktigare. Osäkrade IoT-enheter kan leda till potentiella konsekvenser av samhällelig omfattning. Därför finns det en hel industri som ägnar sig åt att mildra sådana säkerhetshot och bidra till ett hållbart samhälle. Säkerheten hos ett smart kylskåp från Samsung utvärderades i denna avhandling. Den metod som tillämpades följde en grå box-strategi och bestod av att först skapa en hot modell, ange potentiella sårbarheter och sedan använda nämnda modell för att utforma penetrationstester för att bedöma resultaten. Slutsatsen blev att kylskåpet var säkert inom ramen för denna avhandling. Det upptäcktes dock skäl för ytterligare forskning.
23
Lederman, Oren. "Hacking innovation - group dynamics in innovation teams." Thesis, Massachusetts Institute of Technology, 2015. http://hdl.handle.net/1721.1/101790.
Full textAbstract:
Thesis: S.M., Massachusetts Institute of Technology, School of Architecture and Planning, Program in Media Arts and Sciences, 2015.<br>This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.<br>Cataloged from student-submitted PDF version of thesis.<br>Includes bibliographical references (pages 95-101).<br>Innovative work is gradually shifting towards collaborative efforts by larger, multidisciplinary teams, making team efficacy an increasingly important field of study. Researchers in this field have mainly focused on laboratory experiments, which may not fully capture the complex situations that teams encounter in real life. The alternative, field studies, are difficult to maintain and often require significant time to produce results. In this thesis we propose a methodology that bridges the gap between these two settings -- the laboratory and the field. By combining a new, affordable electronic badge that captures vocalization data with an innovative setting -- the Hackathon -- we create a new environment for studying team performance. This methodology reduces the duration and maintenance burden of such studies, and offers new opportunities for examining the effects of interventions on teamwork. The preliminary results from our studies show a variety of individual and team behaviors that can be captured in Hackathons using badges, such as participation, the parity of contribution to group discussions, the level of turn taking, and the frequency and duration of meetings. In a Hackathon, we measure these behaviors throughout the entire life cycle of each team, observe how they change in response to different shocks, and study how well the team members collaborate and perform as a team.<br>by Oren Lederman.<br>S.M.
24
Torgilsman, Christoffer, and Eric Bröndum. "Ethical Hacking of a Robot Vacuum Cleaner." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-277918.
Full textAbstract:
This study revolves around the safety of IoT devices, more specifically how safe the robot vacuum cleaner Ironpie m6 is. The method is based on threat modeling the device, using the DREAD and STRIDE models. The threats with the highest estimated severity were then penetration tested to see which security measures are implemented to protect against them. Using client side manipulation one vulnerability was found in Trifo’s mobile application ”Trifo home” which could be used to harm customers property.<br>Den här studien kretsar kring IoT enheters säkerhet, mer specifikt hur säker robotdammsugaren Ironpie m6 är. Metoden är baserad på att hotmodellera enheten med hjälp av DREAD och STRIDE modellerna. Dem allvarligaste hoten blev penetrationstestade för att se vilka säkerhetsåtgärder som har blivit implementerade for att skydda produkten från dem. En sårbarhet upptäcktes i Trifos mobilapplikation ”Trifo Home” som kunde exploiteras via manipulation av klient sidan. Denna sårbarhet kunde användas för att skada kunders ägodelar.
25
Conde, Ortiz Daniel. "Ethical Hacking Of An Industrial Control System." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-285573.
Full textAbstract:
Almost no software is exempt of vulnerabilities. Penetration testing or ethicalhacking can be used to identify them. This thesis conducts a series of testsfollowing the penetration testing method on a large scale industrial controlsystem. The goal is to discover which kind of vulnerabilities exist in thesesystems, focusing on attacks from inside of their network. Several approacheswere taken in relation on how to attack the servers and services that form thenetwork, both from outside and inside the machines. Critical vulnerabilitieswere found in relation to using services unauthenticated and disruptingcommunication between servers, which should be mitigated correctly in orderto prevent further potential attacks.<br>De flesta av programvaror har sårbarheter. Penetrationstest eller etiskhacking kan användas för att identifiera dem. Denna avhandling utför testerenligt penetrationstestmetoden i ett industriellt kontrollsystem i stor skala.Målet är att upptäcka vilka sårbarheter som finns i dessa system, med fokuspå attacker från deras nätverk. Flera tillvägagångssätt användes för attattackera servrar och tjänster på nätverket, både från in- och utsidan avmaskinera. Kritiska sårbarheter hittades i samband med autentisering ochstörande kommunikation mellan servrar, som bör åtgärdas för att förhindraytterligare potentiella attacker.
26
Cameron, Booth Louis, and Matay Mayrany. "IoT Penetration Testing: Hacking an Electric Scooter." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254613.
Full textAbstract:
The industry of the Internet of Things (IoT) is a burgeoning market. A wide variety of devices now come equipped with the ability to digitally communicate to a wider network and modern electric scooters are one such example of this trend towards a more connected society. With scooter ride-share companies continually expanding in urban areas worldwide these devices are posing a greater attack surface for hackers to take advantage of. In this report we utilize threat modelling to analyse the potential vulnerabilities in a popular electric scooter. Through penetration testing we demonstrate the existence of major security flaws in the device and propose ways in which manufacturers may guard against these exploits in the future.<br>Internet-of-Things (IoT) växer globalt. Många produkter kommer utrustade med förmågan att digitalt kommunicera med olika nätverk och moderna elektroniska sparkcyklar är ett exempel på denna trend som går mot ett mer uppkopplat och sammankopplat samhälle. I och med att antalet företag som tillhandahåller elsparkcykeltjänster i urbana miljöer över världen växer, så blir dessa produkter ett större mål för hackare att utnyttja. I denna rapport använder vi hotmodellering för att analysera potentiella sårbarheter i en populär elsparkcykelmodell. Genom att penetrationstesta produkten demonstrerar vi allvarliga säkerhetsfel och föreslår förhållningssätt som tillverkare kan ta hänsyn till för att undvika framtida attacker.
27
Thomas, Matthew A. "Life hacking: a critical history, 2004-2014." Diss., University of Iowa, 2015. https://ir.uiowa.edu/etd/5658.
Full textAbstract:
This dissertation intervenes in the larger academic and popular discussion of hacking by looking at life hacking. In essence, life hacking presumes that your life is amenable to hacks the same way a computer system might be. As both a metaphor and a practice, life hacking occupies a popular but under-analyzed position in contemporary American culture. The recent broadening of the computer term “hacking” to encompass all of life’s activities suggests the degree to which people are increasingly thinking about everything in computational terms. Life hacking is important to attend to precisely because it reveals how the rhetoric of hacking and the subjectivity of the hacker have become normalized. This rhetoric and subject position carry particular valences, valences that are deeply rooted in Western culture, including especially a way of thinking about the world that David Golumbia calls “computationalism.” In a computerized world, hacking becomes the preferred “way of seeing.” But, significantly, it is a way of seeing that is in line with long traditions in U.S. culture of self-making and technofetishism. In order to show this, I trace life hacking’s metamorphoses through three critically important and interlinked realms—life hacking, digital minimalism, and prof hacking—before concluding by looking briefly at a fourth—pickup artists. This dissertation seeks to identify how these different instances of life hacking relate to each other, to trace how life hacking has changed over time, and to explain how life hacking broadly speaking is best viewed as an episode not only in the larger history of hacking but in the larger history of American culture.
28
Atılım, Şahin. "Hacking the Gestures of Past for Future Interactions." Thesis, Malmö högskola, Fakulteten för kultur och samhälle (KS), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-23141.
Full textAbstract:
This study proposes a new “vocabulary” of gestural commands for mobile devices, based on established bodily practices and daily rituals. The research approach is grounded in a theoretical framework of phenomenology, and entails collaborative improv workshops akin to bodystorming. The combination of these methods is named as “hacking the physical actions” and the significance of this approach is highlighted, especially as a constituting source for the similar researches in this field. The resulting ideas for gestural commands are then synthesized and applied to fundamental tasks of handling mobile phones and explained with a supplementary video.
29
Christensen, Ludvig, and Daniel Dannberg. "Ethical hacking of IoT devices: OBD-II dongles." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254571.
Full textAbstract:
The subject area of this project is IT security related to cars, specifically the security of devices connected through a cars OBD-II connector. The aim of the project is to see the security level of the AutoPi OBD-II unit and to analyse where potential vulnerabilities are likely to occur when in use. The device was investigated using threat modeling consisting of analysing the architecture, using the STRIDE model to see the potential attacks that could be implemented and risk assessments of the attacks using the DREAD model. After modelling the system, attempts of implementing attacks, with the basis in the threat modelling, were carried out. No major vulnerabilities were found in the AutoPi device but a MITM attack on the user was shown to be possible for an attacker to succeed with. Even though no major vulnerability was found IoT devices connected to cars might bring security concerns that needs to be looked into by companies and researchers.<br>Ämnesområdet för detta projekt är ITsäkerhet relaterad till bilar, mer specifikt säkerheten gällande enheter som kopplas in i en bils OBD-II-kontakt. Syftet med uppsatsen är att bedöma säkerhetsnivån på en OBD-II-enhet av modell AutoPi och att analysera var potentiella sårbarheter kan finnas i systemet. Enheten kommer att undersökas med hjälp av hotmodellering som består av att analysera arkitekturen, använda STRIDE-modellen för att upptäcka potentiella attackmetoder samt bedöma riskerna för attackerna med hjälp av DREAD-modellen. Efter det steget görs attackförsök utifrån resultaten från hotmodelleringen. Inga större sårbarheter hittades i AutoPi-enheten men en MITM-attack på användaren visades vara möjlig för en angripare att lyckas med. Ä ven fast inga större sårbarheter hittades kan IoT-enheter kopplade till bilar medföra säkerhetsbrister som företag och forskare måste se över.
30
Elsenaar, J. A. "Facial hacking : the twisted logic of electro-facial choreography." Thesis, Nottingham Trent University, 2010. http://irep.ntu.ac.uk/id/eprint/205/.
Full textAbstract:
This research addresses the development of a computational facial language that enables systematic exploration of the external controlled human face with the aim to identify fundamental electro-facial choreographic patterns. Rewiring the human face to an external digital control system, has sparked a radical new way of thinking about the human facial display. Radical, as facial movement is now rooted in digital instead of neural computation. The human face has become an extension of a digital control system inheriting its characteristics: i.e. temporal accuracy, consistency of execution and high programmability. How do we conceptualize the thinking about the human face as a digital computational display device? What are the implications of the “regime change” from neural to digital? The research addresses these issues within the contextual framework where it also originated, in the practice of hacking. It uses the results oriented methods and strategies of hacking to analyze, explore and contextualize the human facial display as a site for digital computational expression. The contributions of this work include the following. 1) External facial control transgresses the neural performance limitations and enables us to think about facial movement from a digital computational choreographic paradigm. 2) A facial language, the Language of Facial E-motion, that allows systematic computational exploration of possible facial movement patterns. Choreologic probing of dynamic face space has brought about unseen facial movement patterns and has uncovered a latent expressive potential of the facial hardware. 3) An Electro-Facial Choreographic Nomenclature that describes the typical e-facial movement patterns in a binomial scheme that form the fundamental building blocks of electro-facial choreography. 4) External facial control has emancipated the human face from subjugation by the neural brain. Because the human face can be programmed at will, it can move freely, consistently and unencumbered; it metaphorically has attained Freedom of Facial Expression. 5) External facial control allows any external computational process to have unrestricted access to a possibly remote facial display. Consequently, the human facial display is made communist and has attained a Democratization of Facial Access on the hardware level. 6) On the meta level, the human face has found new uses, alienated from its original purpose of displaying the emotions, which is expressed by the German word “Zweckentfremdung.” 7) Facial hacking, as presented in this thesis, can be of value to the discussion about cross- or interdisciplinary artistic research as being clearly positioned in-between disciplines. 8) A facial control system that allows safe and concurrent facial muscle control by means of a multiplexed mono-polar muscle stimulus scheme.
31
Morales, Murguía Hugo. "Hacking traditional instruments : approaches to sound-oriented instrumental composition." Thesis, Brunel University, 2011. http://bura.brunel.ac.uk/handle/2438/14561.
Full textAbstract:
Technology plays a vital role in the creation of any form of art. In music this has been dominated by a stationary condition in which contemporary ‘academic music’ (new music created in institutions and descending from traditional European models) is in its majority still generated exclusively by a technology of more than a century ago. Additionally, the totality of sound as musical material is now commonly acknowledged, posing problems about the nature and efficiency of the already existing musical instruments and the development of new ones. The current situation in the creation of contemporary music offers a myriad of possibilities in which tools, controllers and instruments have an impact on the creation and conceptualization of music, giving rise to different aesthetic positions and creating new dilemmas in which present, past and future are in constant assessment. This thesis seeks to examine some of the concepts and ideas behind a number of my works in which instrumental sound exploration is essential for the development of the compositional process. As a result, a series of questions, systems and techniques are analyzed, investigating the relation between tools, technique, notation, composition and musical result. This text is intended as an illustration of my own choices and methods, hoping to offer an insight into my own compositional practice as a product of an exercise of self-analysis and rationalization of my current musical output.
32
Berner, Madeleine. "Where’s My Car? Ethical Hacking of a Smart Garage." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-280298.
Full textAbstract:
IoT products are breaking new ground into widespread industries and introducing potential attack vectors to unprepared environments. Even the new generation of garage openers, called smart garages, have entered into the world of IoT. They are connected to the Internet, and are delivered with the goal of providing more security by merging features from the home surveillance boom. But do they keep what they promise? This thesis has evaluated the security of one particular smart garage that is being sold worldwide – iSmartgate PRO. Penetration testing was conducted with focus on the web application. A total of eleven vulnerabilities were reported, including a one-click-root attack that combined three of them into providing an unauthenticated remote attacker with a root shell. It was concluded that the product lacked security measures in certain areas.<br>IoT-produkter bryter ny mark inom spridda branscher, och introducerar potentiella attackvektorer i oförberedda miljöer. Det är inte förvånande att till och med den nya generationen garageöppnare har tagit ett kliv in i världen av IoT. Vilket innebär att garageöppnarna är uppkopplade till Internet, kallas för smarta garage och levereras med målet att bidra till ökad säkerhet med sina nya funktioner tagna från trenden av hemmaövervakning. Men kan de hålla vad de lovar? Det här examensarbetet har utvärderat säkerheten av ett utvalt smart garage som säljs världen över – iSmartgate PRO. Penetrationstestning genomfördes med fokus på webbapplikationen. Totalt sett rapporterades elva sårbarheter, varav en inkluderade en one-click-root-attack som kombinerade tre sårbarheter till att ge en icke autentisierad fjärrangripare ett root-skal. Den dragna slutsatsen var att produkten hade utrymme för att förbättra säkerheten.
33
Radholm, Fredrik, and Niklas Abefelt. "Ethical Hacking of an IoT-device:Threat Assessment andPenetration Testing." Thesis, KTH, Datavetenskap, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-282916.
Full textAbstract:
Abstract Internet of things (IoT) devices are becoming more prevalent.Due to a rapidly growing market of these appliances, impropersecurity measures lead to an expanding range of attacks. There isa devoir of testing and securing these devices to contribute to amore sustainable society. This thesis has evaluated the securityof an IoT-refrigerator by using ethical hacking, where a threatmodel was produced to identify vulnerabilities. Penetration testswere performed based on the threat model. The results from thepenetration tests did not find any exploitable vulnerabilities. Theconclusion from evaluating the security of this Samsungrefrigerator can say the product is secure and contributes to aconnected, secure, and sustainable society. Keywords Internet of things (IoT), device, security, penetration testing,threat assessment, vulnerabilities<br>SammanfattningInternet of Things (IoT) enheter blir mer allmäntförekommande. På grund av en snabbt expanderande marknadav dessa apparater, har bristfälliga säkerhetsåtgärder resulterattill en mängd olika attacker. Det finns ett behov att testa dessaenheter for att bidra till ett mer säkert och hållbart samhälle.Denna avhandling har utvärderat säkerheten av ett IoT-kylskåpgenom att producera en hot modell för att identifierasårbarheter. Penetrationstester har utförts på enheten, baseradepå hot modellen. Resultatet av penetrationstesterna hittade ingautnyttjningsbara sårbarheter. Slutsatsen från utvärderingen avsäkerheten på Samsung-kylskåpet är att produkten är säker ochbidrar till ett uppkopplat, säkert, och hållbart samhälle.KeywordsInternet of things (IoT), enhet, säkerhet, penetrationstester,hotbedömning, sårbarheter
34
Howlett, William IV. "The Rise of China's Hacking Culture: Defining Chinese Hackers." CSUSB ScholarWorks, 2016. https://scholarworks.lib.csusb.edu/etd/383.
Full textAbstract:
China has been home to some of the most prominent hackers and hacker groups of the global community throughout the last decade. In the last ten years, countless attacks globally have been linked to the People’s Republic of China (PRC) or those operating within the PRC. This exploration attempts to investigate the story, ideology, institutions, actions, and motivations of the Chinese hackers collectively, as sub-groups, and as individuals. I will do this using sources ranging from basic news coverage, interviews with experts and industry veterans, secondary reportage, leaked documents from government and private sources, government white papers, legal codes, blogs and microblogs, a wide array of materials from the darker corners of the online world, and many other materials. The work will begin to sketch for the reader some of the general and specific aspects of the shadowy world of cybercrime and hacker culture in China in recent years. One of the most prevalent beliefs is that the Chinese government is in fact the one responsible, whether directly or by sponsor, for cyber-attacks on foreign systems. My careful analysis has revealed is not always the case, or at least more complex than simply labeling the group as a state actor. At the root of these attacks is a social movement of "hacktivists," a patriotic sub-culture of Chinese hackers. It is incorrect to allege that all attacks are performed by state-sponsored individuals or groups, because there are many individuals and groups that are motivated by other factors.
35
Abu-Shaqra, Baha. "Technoethics and Organizing: Exploring Ethical Hacking within a Canadian University." Thesis, Université d'Ottawa / University of Ottawa, 2015. http://hdl.handle.net/10393/32266.
Full textAbstract:
Ethical hacking is one important information security risk management strategy business and academic organizations use to protect their information assets from the growing threat of hackers. Most published books on ethical hacking have focused on its technical applications in risk assessment practices. This thesis addressed a gap within the organizational communication literature on ethical hacking. Taking a qualitative exploratory case study approach, the thesis paired technoethical inquiry theory with Karl Weick’s sensemaking model to explore ethical hacking in a Canadian university. In-depth interviews with key stakeholder groups and a document review were conducted. Guided by the Technoethical Inquiry Decision-making Grid (TEI-DMG), a qualitative framework for use in technological assessment, findings pointed to the need to expand the communicative and social considerations involved in decision making about ethical hacking practices. Guided by Weick’s theory, findings pointed to security awareness training for increasing sensemaking opportunities and reducing equivocality in the information environment.
36
Levy, Brandon A. "The Angelman Approach : hacking DNA to treat a rare disease." Thesis, Massachusetts Institute of Technology, 2017. http://hdl.handle.net/1721.1/112886.
Full textAbstract:
Thesis: S.M. in Science Writing, Massachusetts Institute of Technology, Department of Comparative Media Studies/Writing, 2017.<br>Cataloged from PDF version of thesis.<br>Includes bibliographical references (pages 18-20).<br>One of every hundred children is born with a disease caused by a single abnormal gene. In the case of Angelman Syndrome, the genetic defect leaves patients mentally disabled, largely or completely unable to speak, and prone to seizures and sleep difficulties. Many Angelman researchers are trying to figure out precisely how those symptoms develop, but why study all the individual effects when you could go right to the root of the problem? Recent advances in medicine and technology are increasingly allowing clinicians to treat genetic illnesses by directly manipulating patients' DNA, and a number of scientists are now investigating ways to leverage those discoveries for individuals with Angelman Syndrome. Their work could lead to potent therapies for the disease, and - maybe - even a cure.<br>by Brandon A. Levy.<br>S.M. in Science Writing
37
Nilsson, Sjöström Dennis. "A Mathematical Model of Hacking the 2016 US Presidential Election." Thesis, Umeå universitet, Institutionen för fysik, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:umu:diva-155575.
Full textAbstract:
After the 2016 US presidential election, allegations were published that the electronic voting machines used throughout the US could have been manipulated.These claims arose due to the reported attacks by Department of Homeland Security toward voter registration databases. The US is more vulnerable against these types of attacks since electronic voting machines is the most prevalent method for voting. To reduce election costs, other countries are also considering replacing paper ballots with electronic voting machines. This, however, imposes a risk. By attacking the electronic voting machines, an attacker could change the outcome of an election. A well-executed attack would be designed to be highly successful, but at the same time the risk for detection would be low. The question evaluated in this paper is whether such an attack would be possible and if so, how much it would cost to execute. This paper presents a mathematical model of the 2016 US presidential election.The model is based on voting machine equipment data and pollingdata. The model is used to simulate how rational attackers would maximize their effect on the election and minimize their effort by hacking voting machines. By using polls, it was possible to determine the effort needed to change the outcome of the 2016 US presidential election and thus estimate the costs. Based on the model, the estimated cost to hack the 2016US presidential election would amount to at least ten million dollars. The results show that these attacks are possible by attacking only one manufacturer of electronic voting machines. Hence, the use of electronic voting machines poses too much of a risk for democracy, and paper ballots should still be considered for elections. This kind of model can be implemented on the elections of other countries that use electronic voting machines.
38
Martins, Nuno Miguel Marques Vitória Cabrita. "HACking centrochromatin : on the relationship between centromeres and repressive chromatin." Thesis, University of Edinburgh, 2015. http://hdl.handle.net/1842/17599.
Full textAbstract:
The centromere is a chromosomal locus required for accurate segregation of sister chromatids during cell division. They are maintained epigenetically in most eukaryotes, by incorporating the H3 variant CENP-A, and can, in rare instances, change location on the chromosome throughout generations. Centromeres are transcribed, and an active transcription chromatin signature is required for centromere maintenance. For this reason, insight into the nature of this so-called “centrochromatin” is essential for understanding a centromere’s place in the chromosome. The body of work contained in this thesis shows my efforts to understand the centromere in the context of chromatin, revealing interactions and new evidence for repressive chromatin domains with centromere activity, in two different vertebrate models: chicken DT40 cells and human HeLa cells. Centromeres are generally embedded within large domains of heterochromatic repetitive sequences in most eukaryotes, and mapping “centrochromatin” to high-resolution has proven difficult. However, chromosomes 5, 27 and Z of Gallus gallus are not located within repeat arrays, and are fully sequenced. CENP-A distribution on these centromeres has been mapped by ChIP-seq, and I have performed ChIP against selected histone modifications as part of a collaboration. While levels of heterochromatin are naturally quite low in these centromeres, I have shown that repressive polycomb chromatin instead is enriched in these non-repetitive centromeres, suggesting a replacement of one silenced chromatin state with another. Additional mapping of these centromeres showed a pattern of active chromatin marks distinct from that reported for human cells, which exhibited dynamic distribution throughout the cell cycle. Furthermore, conditionally generated neocentromeres in DT40 cells revealed that centrochromatin formation lowers, but does not eliminate, active transcription. To directly study the interaction of polycomb and heterochromatin with centrochromatin, I used a synthetic Human Artificial Chromosome (HAC), which allows for specific conditional targeting of chromatin modification enzymes, allowing manipulation of the underlying chromatin. Enrichment of the polycomb chromatin state on the HAC centromere, by EZH2 tethering, reduced its active transcriptional chromatin signature, but did not impair its actual transcription or mitotic activity. However, direct tethering of polycomb secondary silencing effector PRC1 caused centromere loss, and this effect was mimicked with homologous heterochromatin factors, indicating that centromeres can subsist within repressive chromatin domains, but are lost when direct repression is applied. To understand the contribution of the local repressive heterochromatin to centromere stability, I erased heterochromatin marks from the HAC centromere by tethering JMJD2D (an H3K9me3 demethylase): long-term (but not short-term) heterochromatin loss impaired CENP-A assembly, perturbed mitotic behaviour, and resulted in significant HAC mis-segregation. These results strongly suggest that local heterochromatin is essential to maintain normal CENP-A dynamics and centromere function. Together with previous observations, these data suggest that a repressive chromatin environment contributes to centromere stability, and that centromeres likely have natural mechanisms to maintain their transcriptional activity within such domains.
39
Rogers, Christina. "Dataveillance in Societies of Control: Of Migration, Hacking and Humus." Universität Leipzig, 2020. https://ul.qucosa.de/id/qucosa%3A71588.
Full text
40
Robberts, Christopher, and Joachim Toft. "Finding Vulnerabilities in IoT Devices : Ethical Hacking of Electronic Locks." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254667.
Full textAbstract:
Internet of Things (IoT) devices are becoming more ubiquitous than ever before, and while security is not that important for every type of device, it is crucial for some. In this thesis, a widely available Bluetooth smart lock is examined through the lens of security. By using well-known attack methods, an attempt is made to exploit potential vulnerabilities in the system.The researched lock was found to have design flaws that could be considered low-impact vulnerabilities, but using the system without these flaws in mind could lead to harmful outcomes for the lock owner.Except for the design flaws, no real security problems were discovered, but the methods used in this thesis should be applicable for further IoT security research.<br>IoT-apparater blir allt mer vanliga i samhället. Det är inte ett krav för alla typer av apparater att ha stark säkerhet, men för vissa är det helt avgörande. I denna avhandling undersöks ett allmänt tillgängligt Bluetooth-smartlås utifrån ett säkerhetsperspektiv. Genom att använda välkända angreppsmetoder görs det ett försök att utnyttja potentiella sårbarheter i systemet.Låset visade sig ha designfel som skulle kunna betraktas som sårbarheter med låg hotnivå, men att använda systemet utan dessa designfel i åtanke skulle kunna leda till farliga påföljder för låsägaren.Förutom designfelen upptäcktes inga riktiga säkerhetsproblem, men metoderna som används i denna avhandling bör vara tillämpliga för ytterligare säkerhetsforskning inom IoT.
41
Peruch, Dario <1989>. "Hacking and Frugal Innovation in the North East of Italy." Master's Degree Thesis, Università Ca' Foscari Venezia, 2014. http://hdl.handle.net/10579/4972.
Full textAbstract:
The dissertation focuses on the current trend of hacking manufacturing machines and the frugal approach to innovation in comparison with the traditional sequential approach performed by R&D departments. The dissertation then moves to real case studies of Italian successful SMEs adopting this approach in order to demonstrates the validity of the concepts described in the dcument.
42
Vyhnálek, Aleš. "Počítačová kriminalita." Master's thesis, Vysoká škola ekonomická v Praze, 2007. http://www.nusl.cz/ntk/nusl-3976.
Full textAbstract:
Diploma thesis characterises the most important kinds of computer crime, economically evaluates incurred harms, presents factual examples and a prognosis of the possible way of developement of this kind of crime in the future. Thesis includes legislation regarding the computer crime and possible ways of defending against it. In the end, in the form of a questionary, the thesis monitors the knowledge of students of the Faculty of management in Jindřichův Hradec about the field of computer crime and interprets these results using graphs.
43
Tanczer, Leonie Maria. "Hacking (in)security : discourses and practices of politics, technology and activism." Thesis, Queen's University Belfast, 2017. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.728673.
Full textAbstract:
Hacking and politically motivated hacking, so-called hacktivism, are two phenomena that have received increased attention in the last years. Both are mentioned in news headlines, political speeches and academic publications; however, ambiguity remains concerning what the concepts actually encompass. Hacking and hacktivism are frequently entangled with debates on technological security and insecurity and portrayed as the epitome of cybersecurity threats. Due to this perception, and building upon the notion that such (in)securities are consequence of an (in)security construction, this thesis analyses the emerging (in)securitisation of hacking and hacktivism. The focus is on the European Union. To achieve this, the thesis makes use of a Bourdieusian framework and the International Political Sociology of the Paris School approach. Based on this analytical foundation, the ‘meta-field of cybersecurity’ is analysed. The thesis considers this meta-field to be set together through three distinct fields, including the field of (a) politics and bureaucracy within the EU; (b) the commercial cybersecurity sector; and (c) hackers and hacktivists. Using document analyses and interviews, the thesis investigates each social space individually and answers the following question: What characterises the (in)securitised discourses and practices of hacking and hacktivism in the meta-field of cybersecurity and how are they resisted and/or instrumentalised? The thesis uncovers each field’s perception of hacking and hacktivism and their discursive and non-discursive (in)security practices, comparing and contrasting the results. The findings confirm the ambiguity of the concepts. Yet, contrary my anticipation, more diverse and fragmented discourses and practices were identified. Hackers and hacktivists feel excluded and need to counter their (in) securitisation in some realms, but there is evidence of a more reflective engagement. This manifests itself in the repurposing of the term hacker in the field of politics and bureaucracy or the (am)bivalence of hackers and hacktivists identity in the commercial sector. Nonetheless, according to the interviewed hackers and hacktivists their (in)securitisation remains prevalent and is a major factor that justifies their discourses and practices. The diversity in perceptions and (in)security routines highlights the Importance of revealing these tensions, shifts, and (dis) continuities and enables a more informed engagement with these phenomena.
44
Acosta, Patroni Alejandro. "Hacking, cracking y otras conductas ilícitas cometidas a través de internet." Tesis, Universidad de Chile, 2003. http://www.repositorio.uchile.cl/handle/2250/114475.
Full textAbstract:
Memoria (licenciado en ciencias jurídicas y sociales)<br>En las páginas que siguen, intentaremos adentrarnos en este
misterioso y desconocido mundo de los hackers y los crackers. En primer
lugar realizaremos una aproximación a la caracterización de lo que en
doctrina son los delitos informáticos, para luego, una vez despejados los
conceptos básicos sobre la materia, entrar de lleno al estudio del fenómeno
del hacking y el cracking, exponiendo algo de su historia, sus principales
características y en particular el pensamiento que se encuentra detrás de
estos comportamientos. Por su parte, en el último apartado de esta memoria
expondremos cuál es el tratamiento que jurídicamente se ha dado a esta
materia en nuestro país, y el intento por crear una normativa internacional
que armonice las diferentes legislaciones en la lucha en contra de estos
ilícitos, lo que se ha materializado a través de la llamada Convención del
Cibercrimen, de reciente data aunque aún no entra plenamente en vigencia.
Debemos advertir al lector de estas líneas, que tal vez en muchos
puntos no encontrará planteamientos realmente novedosos sobre la materia,
puesto que hemos preferido guiarnos, fundamentalmente en el tratamiento
jurídico de los temas, por la literatura existente, la que es escasa en nuestro
país y que muchas veces recurre a lugares comunes en los que los autores
no profundizan mayormente.
Sin embargo, un aspecto que estimamos novedoso de esta memoria
se encuentra en el hecho de que en ella intentamos profundizar en el
conocimiento de lo que realmente significan los fenómenos hacker y
cracker, recurriendo para ello, más que a la bibliografía jurídica, a lo que los
mismos hackers, crackers y especialistas sobre la materia han escrito sobre
el tema. Ello, porque un hecho que en cierta medida lamentamos es que la
mayoría de los trabajos que hemos conocido provenientes desde la órbita
del derecho sólo se limita a describir conductas o a señalar lo que las leyes
dicen al respecto, sin ahondar mayormente en lo que existe detrás de estas
conductas.
45
Hamra, Sam. "Ethical hacking : Threat modeling and penetration testing a remote terminal unit." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-288887.
Full textAbstract:
Remote terminal units are microprocessor controlled electronic devices that acts as an interface between control systems and objects in the real world. They are used in a range of highly critical infrastructures, and thus their security is of high priority. This thesis will present a security analysis and testing of a remote terminal unit. A threat model was created to identify threats to the system and a few key threats were selected for further penetration testing. The testing lead to the identification of a denial of service vulnerability as well as code injection vulnerability in the SD card storage of the remote terminal unit. The conclusions is that the system is rather robust from a remote attackers perspective although more vulnerabilities arise as an attacker gains physical access to the device.<br>Fjärrkontrollsterminaler är elektroniska enheter som agerar som ett gränssnitt mellan kontrollsystem och objekt i den riktiga världen. De används i många kritiska infrastrukturer och därför är deras säkerhet högt prioriterad. I denna rapport presenteras säkerhetsanalys och testning av en fjärrkontrollsterminal. En hotmodell skapades för att identifiera hot mot systemet och ett antal hot valdes för vidare penetrationstestning. Testandet visade på svagheter mot denial of service attacker mot TCP/Ethernet gränssnittet samt kodinjicering mot SD-kortet som sitter i fjärrkontrollsterminalen. Slutsatsen är att systemet är relativt säkert mot fjärrattacker medan svagheterna mot attacker som kräver en fysisk tillgång till fjärrkontrollsterminalen är fler.
46
Mausch, Anna Marleen. "Friluftsliv för Alla? : exploring and hacking our accessibility to the outdoors." Thesis, Linnéuniversitetet, Institutionen för design (DE), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-105278.
Full textAbstract:
When we are outdoors we rely on the things we bring. By questioning, if the outdoors are freely accessible and detached from our capitalistic world, I identified that to- day’s outdoor equipment industry is not only enjoying great popularity, but is also having the tendency to stay in its comfort zone, mainly engaging in ecological spheres of sustainability. With my bachelor’s thesis project, Friluftsliv för Alla?, I had the aim to initiate a shift, to broaden one’s mind, and to put a focus beyond the sustainability indicator of a product. Together with my collaborator ‘Friluftsfrämjandet’, a Swedish outdoor association, I shared concerns about social-cultural sustainability in the area of outdoor recreation, and started to look at the people who are in need of gear. An item that sparked a lot of my interest was the indispensable shelter, that is needed when we want to spend a good amount of time outside in nature. With the help of my sponsors and other stakeholders I was able to craft a fully functioning tent, that is supposed to be used and shared unconditionally.
47
Palm, Alexander, and Benjamin Gafvelin. "Ethical Hacking of Android Auto in the Context of Road Safety." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-299647.
Full textAbstract:
With a more than ever increasing demand to interconnect smartphones with infotainment systems, Android Auto has risen in popularity with its services used in modern vehicles worldwide. However, as users progressively connect their smartphones to in-vehicle infotainment systems, the opportunity for malicious actors to endanger and access private data of Android Auto users advances as well. The goal with this thesis is to determine how secure Android Auto is for road use. The main research question is to figure out if Android Auto is susceptible to attacks that exploit certain vulnerabilities in the Android operating system. The research question was answered by creating several proof-of-concept attacks on Android Auto using an emulated infotainment system with mobile devices. An investigation was also conducted regarding the application’s communication channel between the mobile device and infotainment display. Results of this thesis demonstrate that several attacks are substantially severe to endanger drivers on the road. There is a great risk of successful exploits when running Android Auto locally on the phone without a connection to the infotainment system, and a lesser risk when connected to the infotainment system. Intercepting communication in the USB channel revealed an encryption algorithm whose version has published exploits and can be cracked to potentially exploit Android Auto.<br>I takt med en evigt ökande efterfrågan på att sammankoppla smarttelefoner med infotainmentsystem, har allt fler börjat använda Android Auto i sina fordon världen över. En bieffekt av att allt fler sammankopplar sina mobiler till infotainmentsystem, är att det leder till fler möjligheter för illvilliga parter att stjäla privat data och sätta Android Autoanvändares liv i fara. Målet med denna avhandling är att fastställa hur säkert Android Auto är i avseende till vägsäkerhet. Den huvudsakliga forskningsfrågan är att lista ut om Android Auto kan attackeras av attacker som utnyttjar sårbarheter i Android operativsystemet. Forskningsfrågan besvarades genom att skapa flertal konceptattacker mot Android Auto användandes av ett emulerat infotainmentsystem och mobiltelefoner. En utredning utfördes även gällande applikationens kommunikationskanal mellan telefonen och infotainmentskärmen. Resultatet från denna avhandling demonstrerade att många attacker är tillräckligt allvarliga för att äventyra trafikanternas säkerhet. Det finns en avsevärd risk för framgångsrika attacker när Android Auto körs lokalt på telefonen utan en USB koppling till infotainmentsystemet, och en liten risk när telefonen är kopplad till infotainmentsystemet. Avlyssning och uppfångning av kommunikationen i USB kanalen visade att en krypteringsalgoritm vars version har existerande sårbarheter kan avkrypteras och utnyttjas för att potentiellt attackera Android Auto.
48
Larsson, Forsberg Albin, and Theodor Olsson. "IoT Offensive Security Penetration Testing : Hacking a Smart Robot Vacuum Cleaner." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254233.
Full textAbstract:
IoT devices can be found in almost any type of situation as the availability and viability of them has surged in the last decade with technological advancements. The purpose of this project is to investigate how secure these types of devices, in particular a robot vacuum cleaner, actually are if an ill intended actor tries to interfere with the device. Different methods used in the sphere of threat modeling and penetration testing were applied and tested with the result coming back positive. The robot vacuum cleaner was successfully compromised and the privacy of the owner could be violated applying the attacks used. The current way of thinking about privacy and security of IoT devices could therefore need to be reviewed.
49
Bergmann, Jan H. "Hacking the centromere chromatin code : dissecting the epigenetic regulation of centromere identity." Thesis, University of Edinburgh, 2010. http://hdl.handle.net/1842/4670.
Full textAbstract:
The centromere is a specialized chromatin domain that serves as the assembly site for the mitotic kinetochore structure, thereby playing a fundamental role in facilitating the maintenance of the genetic information. A histone H3 variant termed CENP-A is specifically found at all active centromeres. Beyond this, however, little is known about how and to which extent the chromatin environment of centromeres modulates and contributes towards centromere identity and function. Here, I have employed a novel Human Artificial Chromosome (HAC), the centromere of which can be targeted by fusions to the tet repressor, to characterize the chromatin environment underlying active kinetochores, as well as to specifically probe the role of this environment in the maintenance of kinetochore structure and function. My data demonstrate that centromeric chromatin resembles the downstream regions of actively transcribed genes. This includes the previously unrecognized presence of histone H3 nucleosomes methylated at lysine 36 within the chromatin underlying functional kinetochores. Targeted manipulation of this chromatin through tethering of a heterochromatin-seeding transcriptional repressor results in the inactivation of HAC kinetochore function concomitant with a hierarchical disassembly of the structure. Through an even more selective engineering of the HAC centromere chromatin, I have provided evidence supporting a critical role for nucleosomes dimethylated at lysine 4 on histone H3 in facilitating local transcription of the underlying DNA. Tethering of different chromatin-modifying activities into the HAC kinetochore collectively reveals a critical role for both, histone H3 dimethylated on lysine 4 and low-level, non-coding transcription in the maintenance of the CENP-A chromatin domain. On one hand, repression of centromeric transcription negatively correlates with the maintenance of CENP-A and ultimately results in the loss of kinetochore function. On the other hand, increasing kinetochore-associated RNA polymerase activity to within physiological levels for euchromatin is associated with rapid loss of CENP-A from the HAC centromere. Together, my data point towards the requirement for a delicate balance of transcriptional activity that is required to shape and maintain the chromatin environment of active centromeres.
50
Stenberg, Jan-Ola, Erko Mujanovic, and Frank Stehn. "Samhällskonsekvenser av bristande IT-säkerhet." Thesis, Högskolan i Halmstad, Sektionen för Informationsvetenskap, Data– och Elektroteknik (IDE), 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-19434.
Full textAbstract:
Antalet företag, organisationer och instanser vars IT-system utsätts för attacker ökar. Något som märks trots att det försöker mörkläggas inom många organisationer. Myndigheter som Polis och Myndigheten för samhällsskydd och beredskap samt IT-personal inom de flesta företag är alla överens om att detta är ett växande problem som måste ses över. Konsekvenser av läckage av känsliga uppgifter kan vara förödande för ett företag, myndighet eller ett helt samhälle. En hel nations demokrati kan hotas av bristande IT-säkerhet och misstro till staten. Görs det tillräckligt för att upprätthålla en säker hantering av känsliga uppgifter och säker kommunikation från alla parter i dagens IT-samhälle? Tar alla sitt ansvar för att bibehålla demokratin vi lever i? Avsätter företagsledningarna på våra svenska företag de resurser som krävs för att IT-säkerheten ska kunna hålla jämn takt med den snabba utveckling i branschen? Tar våra mindre företag sitt ansvar genom att arbeta med IT och informationssäkerhet, trots oförmågan att se sig själva som mål för en attack, eller tillhandahåller de bakdörrar som kan användas av kriminella för att komma åt större företag?<br>The number of companies, organizations and agencies whose IT systems are under attack increases. This is evident even though many organizations tries to hide it. Authorities like the Police, MSP and IT staff in most companies all agree that this is a growing problem that must be reviewed. The consequences of leakage of sensitive data can be devastating to a company, government agency or an entire community. An entire nation's democracy can be threatened by lack of IT security and mistrust of the state government. Is there enough to sustain the safe handling of sensitive data and secure communication of all parties in today's IT community? Does everybody take responsibility to maintain the democracy we live in? Do the managements of our Swedish companies allocate the resources needed for IT security to be able to keep pace with the rapid developments in the industry? Do our smaller businesses take responsibilities by working with IT and information security, despite the inability to see themselves as the target of an attack, or do they provide a backdoor that can be used by criminals to gain access to larger companies?