To see the other types of publications on this topic, follow the link: Cyber defensive.
Dissertations / Theses on the topic 'Cyber defensive'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 44 dissertations / theses for your research on the topic 'Cyber defensive.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Markwood, Ian. "Offensive and Defensive Security for Everyday Computer Systems." Scholar Commons, 2018. https://scholarcommons.usf.edu/etd/7336.
Full textAbstract:
This dissertation treats a variety of topics in the computer security domain which have direct impact on everyday life. The first extends false data injection attacks against state estimation in electric power grids and then provides a novel power flow model camouflage method to hamper these attacks. The second deals with automotive theft response, detailing a method for a car to intelligently identify when it has been stolen, based on collected behavioral traits of its driver. The third demonstrates a new attack against the content integrity of the PDF file format, caus- ing humans and computers to see different information within the same PDF documents. This dissertation lastly describes some future work efforts, identifying some potential vulnerabilities in the automated enforcement of copyright protection for audio (particularly music) in online systems such as YouTube.
2
Wong, Tiong Pern. "Active cyber defense: enhancing national cyber defense." Monterey, California. Naval Postgraduate School, 2011. http://hdl.handle.net/10945/10713.
Full textAbstract:
With increased dependency on the Internet, cyber attacks are fast becoming an attractive option for state adversaries, in part because of the ease of hiding one's identity. In response, governments around the world are taking measures to improve their national cyber defenses. However, these defenses, which are generally passive in nature, have been insufficient to address the threat. This thesis explores the possibility of employing active cyber defenses to improve cyber defenses at the national level. Active cyber defense refers to the use of offensive actions, such as counter hacking, pre-emptive hacking, etc., to defend against cyber attacks. This thesis studies the typologies of active cyber defense and examines how this approach can enhance a state's cyber defense posture.
3
Stensboel, Karl Birger. "Norwegian cyber defense." Thesis, Monterey, California: Naval Postgraduate School, 2013. http://hdl.handle.net/10945/39016.
Full textAbstract:
Approved for public release; distribution is unlimited.This thesis postulates the need for a more proactive approach to cyber defense in Norway and offers recommendations about how Norway can be better prepared to counter cyber threats. It finds that Norways strategic infrastructure is vulnerable to cyber attacks and that Norway has no coherent strategy for meeting this challenge. The thesis argues that an effective cyber defense requires a wide range of offensive and defensive measures as well as a central authority for command and control. Norway must increasingly be perceived as a serious and tough player in cyberspace; this requires proactive thinking and offensive capabilities. An important first step would be to make the Ministry of Defense responsible for the nations cyber defense.
4
Cloud, Donald W. "Integrated cyber defenses towards cyber defense doctrine." Thesis, Monterey, Calif. : Naval Postgraduate School, 2007. http://bosun.nps.edu/uhtbin/hyperion-image.exe/07Dec%5FCloud.pdf.
Full textAbstract:
Thesis (M.A. in Security Studies (Homeland Security and Defense))--Naval Postgraduate School, December 2007.Thesis Advisor(s): Moran, Daniel ; Denning, Dorothy. "December 2007." Description based on title screen as viewed on January 18, 2008. Includes bibliographical references (p. 93-102). Also available in print.
5
Odhner, Caroline. "Cyber Deterrence Based Upon Conventional Premises : A Discourse Analysis of the US Cyber Deterrence Policy." Thesis, Försvarshögskolan, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:fhs:diva-10143.
Full textAbstract:
Deterrence as a military strategy aims to discourage an aggressor from initiating unwanted courses of actions by convincing the aggressor that cost exceeds the profit. In cyberspace, where the costs are lower, deterrence is disputed because of the natural interconnectedness and constant actions. The aim of this study is to investigate how the US understands cyber deterrence. This study is motivated by the current ambiguity regarding whether deterrence works in cyberspace or not. Using both theories of conventional and cyber deterrence together with theories of offense and defense, the study focuses on the US since they remain at the center of development regarding cyber deterrence. Through a discourse analysis using Bacchis What´s the problem represented to be approach, the investigation of US policy from 2018 shows that the US has adopted theories of cyber deterrence in their policy. However, the presumptions of the problem presentation have rather descended from theories of conventional deterrence. The solutions implemented indicate that the US has an advantage in cyber offense capabilities, but the study also shows that they are moving towards more defense-oriented capabilities in the future. In the stress of taking action, the US end up interfusing premises and actions which may affect the principle of intervention and thus the security of the American population.
6
Sushereba, Christen Elizabeth Lopez. "Comparison of Cyber Network Defense Visual Displays." Wright State University / OhioLINK, 2018. http://rave.ohiolink.edu/etdc/view?acc_num=wright15272019221867.
Full text
7
Medvedev, Sergei A. "Offense-defense theory analysis of Russian cyber capability." Thesis, Monterey, California: Naval Postgraduate School, 2015. http://hdl.handle.net/10945/45225.
Full textAbstract:
Approved for public release; distribution is unlimitedThe Russian Federation is a key state actor in cyberspace; cyber events associated with Russian state and non-state actors have threatened Russia’s neighbors, shaped international cyber norms, as well as influenced strategists’ understanding of cyber power. This thesis seeks to understand Russian cyber capability through the lens of Robert Jervis’s offense-defense theory in order to answer the thesis’s central question: Do Russian cyber capabilities reflect an investment in offensive or defensive cyber weapons, and do Russia’s cyber technology, doctrine, and policy differentiate its posture as offensive or defensive? To evaluate Russian cyber capability, this thesis considers two factors—technology and geography—concluding that, although the Russian government is modifying its cyber terrain to improve defensiveness, Russia’s brandished cyber weapons suggest that it pursues offensive capability. To evaluate Russia’s posture differentiation, the thesis examines Russians’ understanding of cyber power, Russian information warfare and hybrid warfare doctrines, and the country’s international engagements, concluding that, although Russia has historically presented its posture as defensive, it is increasingly difficult to make that distinction. Finally, the thesis evaluates this state-level analysis in the broader context of the international system; Russia’s historical aggression and current behavior in cyberspace likely reflects Stephen van Evera’s explanATOry hypothesis for the causes of war—defensive expansion.
8
Zhang, Ruide. "Hardware-Aided Privacy Protection and Cyber Defense for IoT." Diss., Virginia Tech, 2020. http://hdl.handle.net/10919/98791.
Full textAbstract:
With recent advances in electronics and communication technologies, our daily lives are immersed in an environment of Internet-connected smart things. Despite the great convenience brought by the development of these technologies, privacy concerns and security issues are two topics that deserve more attention. On one hand, as smart things continue to grow in their abilities to sense the physical world and capabilities to send information out through the Internet, they have the potential to be used for surveillance of any individuals secretly. Nevertheless, people tend to adopt wearable devices without fully understanding what private information can be inferred and leaked through sensor data. On the other hand, security issues become even more serious and lethal with the world embracing the Internet of Things (IoT). Failures in computing systems are common, however, a failure now in IoT may harm people's lives. As demonstrated in both academic research and industrial practice, a software vulnerability hidden in a smart vehicle may lead to a remote attack that subverts a driver's control of the vehicle.
Our approach to the aforementioned challenges starts by understanding privacy leakage in the IoT era and follows with adding defense layers to the IoT system with attackers gaining increasing capabilities. The first question we ask ourselves is "what new privacy concerns do IoT bring". We focus on discovering information leakage beyond people's common sense from even seemingly benign signals. We explore how much private information we can extract by designing information extraction systems. Through our research, we argue for stricter access control on newly coming sensors. After noticing the importance of data collected by IoT, we trace where sensitive data goes. In the IoT era, edge nodes are used to process sensitive data. However, a capable attacker may compromise edge nodes. Our second research focuses on applying trusted hardware to build trust in large-scale networks under this circumstance. The application of trusted hardware protects sensitive data from compromised edge nodes. Nonetheless, if an attacker becomes more powerful and embeds malicious logic into code for trusted hardware during the development phase, he still can secretly steal private data. In our third research, we design a static analyzer for detecting malicious logic hidden inside code for trusted hardware. Other than the privacy concern of data collected, another important aspect of IoT is that it affects the physical world. Our last piece of research work enables a user to verify the continuous execution state of an unmanned vehicle. This way, people can trust the integrity of the past and present state of the unmanned vehicle.Doctor of Philosophy
The past few years have witnessed a rising in computing and networking technologies. Such advances enable the new paradigm, IoT, which brings great convenience to people's life. Large technology companies like Google, Apple, Amazon are creating smart devices such as smartwatch, smart home, drones, etc. Compared to the traditional internet, IoT can provide services beyond digital information by interacting with the physical world by its sensors and actuators. While the deployment of IoT brings value in various aspects of our society, the lucrative reward from cyber-crimes also increases in the upcoming IoT era. Two unique privacy and security concerns are emerging for IoT. On one hand, IoT brings a large volume of new sensors that are deployed ubiquitously and collect data 24/7. User's privacy is a big concern in this circumstance because collected sensor data may be used to infer a user's private activities. On the other hand, cyber-attacks now harm not only cyberspace but also the physical world. A failure in IoT devices could result in loss of human life. For example, a remotely hacked vehicle could shut down its engine on the highway regardless of the driver's operation. Our approach to emerging privacy and security concerns consists of two directions. The first direction targets at privacy protection. We first look at the privacy impact of upcoming ubiquitous sensing and argue for stricter access control on smart devices. Then, we follow the data flow of private data and propose solutions to protect private data from the networking and cloud computing infrastructure. The other direction aims at protecting the physical world. We propose an innovative method to verify the cyber state of IoT devices.
9
Azab, Mohamed Mahmoud Mahmoud. "Cooperative Autonomous Resilient Defense Platform for Cyber-Physical Systems." Diss., Virginia Tech, 2013. http://hdl.handle.net/10919/19273.
Full textAbstract:
Cyber-Physical Systems (CPS) entail the tight integration of and coordination between computational and physical resources. These systems are increasingly becoming vital to modernizing the national critical infrastructure systems ranging from healthcare, to transportation and energy, to homeland security and national defense. Advances in CPS technology are needed to help improve their current capabilities as well as their adaptability, autonomicity, efficiency, reliability, safety and usability. Due to the proliferation of increasingly sophisticated cyber threats with exponentially destructive effects, CPS defense systems must systematically evolve their detection, understanding, attribution, and mitigation capabilities. Unfortunately most of the current CPS defense systems fall short to adequately provision defense services while maintaining operational continuity and stability of the targeted CPS applications in presence of advanced persistent attacks. Most of these defense systems use un-coordinated combinations of disparate tools to provision defense services for the cyber and physical components. Such isolation and lack of awareness of and cooperation between defense tools may lead to massive resource waste due to unnecessary redundancy, and potential conflicts that can be utilized by a resourceful attacker to penetrate the system. Recent research argued against the suitability of the current security solutions to CPS environments. We assert the need for new defense platforms that effectively and efficiently manage dynamic defense missions and toolsets in real-time with the following goals:
1) Achieve asymmetric advantage to CPS defenders, prohibitively increasing the cost for attackers;
2) Ensure resilient operations in presence of persistent and evolving attacks and failures; and
3) Facilitate defense alliances, effectively and efficiently diffusing defense intelligence and operations transcending organizational boundaries.
Our proposed solution comprehensively addresses the aforementioned goals offering an evolutionary CPS defense system. The presented CPS defense platform, termed CyPhyCARD (Cooperative Autonomous Resilient Defenses for Cyber-Physical systems) presents a unified defense platform to monitor, manage, and control the heterogeneous composition of CPS components. CyPhyCARD relies on three interrelated pillars to construct its defense platform. CyPhyCARD comprehensively integrates these pillars, therefore building a large scale, intrinsically resilient, self- and situation- aware, cooperative, and autonomous defense cloud-like platform that provisions adequate, prompt, and pervasive defense services for large-scale, heterogeneously-composed CPS. The CyPhyCARD pillars are:
1) Autonomous management platform (CyberX) for CyPhyCARD\'s foundation. CyberX enables application elasticity and autonomic adaptation to changes by runtime diversity employment, enhances the application resilience against attacks and failures by multimodal recovery mechanism, and enables unified application execution on heterogeneously composed platforms by a smart employment of a fine-grained environment-virtualization technology.
2) Diversity management system (ChameleonSoft) built on CyberX. ChameleonSoft encrypts software execution behavior by smart employment of runtime diversity across multiple dimensions to include time, space, and platform heterogeneity inducing a trace-resistant moving-target defense that works on securing CyPhyCARD platform against software attacks.
3) Evolutionary Sensory system (EvoSense) built on CyberX. EvoSense realizes pervasive, intrinsically-resilient, situation-aware sense and response system to seamlessly effect biological-immune-system like defense. EvoSense acts as a middle layer between the defense service provider(s) and the Target of Defense (ToD) creating a uniform defense interface that hides ToD\'s scale and heterogeneity concerns from defense-provisioning management.
CyPhyCARD is evaluated both qualitatively and quantitatively. The efficacy of the presented approach is assessed qualitatively, through a complex synthetic CPS attack scenario. In addition to the presented scenario, we devised multiple prototype packages for the presented pillars to assess their applicability in real execution environment and applications. Further, the efficacy and the efficiency of the presented approach is comprehensively assessed quantitatively by a set of custom-made simulation packages simulating each CyPhyCARD pillar for performance and security evaluation. The evaluation illustrated the success of CyPhyCARD and its constructing pillars to efficiently and effectively achieve its design objective with reasonable overhead.
Ph. D.
10
Nsambu, Emmanuel, and Danish Aziz. "The Defense Against the latest Cyber Espionage both insider and outsider attacks." Thesis, Mittuniversitetet, Institutionen för informationsteknologi och medier, 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-16477.
Full textAbstract:
This study was carried out with the intention of examining the defensive mechanism employed against the latest cyber espionage methods including both insider and outsider attacks. The main focus of this study was on web servers as the targets of the cyber attacks. Information in connection to the study was obtained from researchers’ online articles. A survey was also conducted at MidSweden University in order to obtain information about the latest cyber attacks on web servers and about the existing defensive mechanism against such attacks. The existing defensive mechanism was surveyed and a simple design was created to assist in the investigation of the efficiency of the system. Some simple implementations of the existing defensive mechanism were made in order to provide some practical results that were used for the study. The existing defensive mechanism was surveyed and improved upon where possible. The improved defensive mechanism was designed and implemented and its results were compared with the results from the existing defensive mechanism. Due to the fact that the majority of the attackers use defensive mechanisms’ vulnerability in order to find their way into devices such as web servers, it was felt that, even with the most sophisticated improved defensive mechanism in place, it would not be entirely correct to claim that it is possible to fully protect web servers against such attacks.
11
Flamholz, David B. "Baiting for defense against stealthy attacks on cyber-physical systems." Thesis, Massachusetts Institute of Technology, 2019. https://hdl.handle.net/1721.1/121858.
Full textAbstract:
Thesis: S.M., Massachusetts Institute of Technology, Department of Mechanical Engineering, 2019Cataloged from PDF version of thesis.
Includes bibliographical references (pages 63-64).
The goal of this thesis is to develop a defense methodology for a cyber-physical system (CPS) by which an attempted stealthy cyber-attack is detected in near real time. Improvements in networked communication have enabled vast and complex dynamic control systems to exploit networked control schemes to seamlessly integrate parts and processes. These cyber-physical systems exhibit a level of flexibility that was previously unavailable but also introduce communication channels that are vulnerable to outside interference and malicious intervention. This thesis considers the effects of a type of stealthy attack on a class of CPS that can be modeled as linear time-invariant systems. The effects of this attack are studied from both the perspective of the attacker as well as the defender. A previously developed method for conducting stealthy attacks is introduced and analyzed.
This method consists of injecting malicious actuation signals into the control input of a CPS and then designing a sensor attack to conceal the effect of the actuator attack. The result is an attack that cannot be detected upon inspection of the Kalman filter residual. Successful implementation of this attack is shown to require the attacker to attain perfect model knowledge in order for the attack to be stealthy. Based on the execution of past attacks on CPS, this thesis proposes an attacker who starts their attack by "fishing" for critical and confidential system information such as the model parameters. A method is then proposed in which the defender attempts to feed the attacker a slightly falsified model, baiting the fishing attacker with data that will make an attack detectable. Because the attacker's model is no longer correct, their attack design will induce a mean-shift in the Kalman filter residual, breaking the stealthiness of the original attack formula.
It is then shown that the defender can not only detect this faulty attack, but use observations of the Kalman filter residual to regain more accurate state estimates, mitigating the effect of the attack.
by David B. Flamholz.
S.M.
S.M. Massachusetts Institute of Technology, Department of Mechanical Engineering
12
Dayanikli, Gokcen Yilmaz. "Electromagnetic Interference Attacks on Cyber-Physical Systems: Theory, Demonstration, and Defense." Diss., Virginia Tech, 2021. http://hdl.handle.net/10919/104862.
Full textAbstract:
A cyber-physical system (CPS) is a complex integration of hardware and software components
to perform well-defined tasks. Up to this point, many software-based attacks targeting
the network and computation layers have been reported by the researchers. However, the
physical layer attacks that utilize natural phenomena (e.g., electromagnetic waves) to manipulate
safety-critic signals such as analog sensor outputs, digital data, and actuation signals
have recently taken the attention. The purpose of this dissertation is to detect the weaknesses
of cyber-physical systems against low-power Intentional Electromagnetic Interference
(IEMI) attacks and provide hardware-level countermeasures.
Actuators are irreplaceable components of electronic systems that control the physically
moving sections, e.g., servo motors that control robot arms. In Chapter 2, the potential
effects of IEMI attacks on actuation control are presented. Pulse Width Modulation (PWM)
signal, which is the industry–standard for actuation control, is observed to be vulnerable to
IEMI with specific frequency and modulated–waveforms. Additionally, an advanced attacker
with limited information about the victim can prevent the actuation, e.g., stop the rotation
of a DC or servo motor. For some specific actuator models, the attacker can even take the
control of the actuators and consequently the motion of the CPS, e.g., the flight trajectory
of a UAV. The attacks are demonstrated on a fixed-wing unmanned aerial vehicle (UAV)
during varying flight scenarios, and it is observed that the attacker can block or take control
of the flight surfaces (e.g., aileron) which results in a crash of the UAV or a controllable
change in its trajectory, respectively.
Serial communication protocols such as UART or SPI are widely employed in electronic
systems to establish communication between peripherals (e.g., sensors) and controllers. It is
observed that an adversary with the reported three-phase attack mechanism can replace the
original victim data with the 'desired' false data. In the detection phase, the attacker listens
to the EM leakage of the victim system. In the signal processing phase, the exact timing of
the victim data is determined from the victim EM leakage, and in the transmission phase,
the radiated attack waveform replaces the original data with the 'desired' false data. The
attack waveform is a narrowband signal at the victim baud rate, and in a proof–of–concept
demonstration, the attacks are observed to be over 98% effective at inducing a desired bit
sequence into pseudorandom UART frames. Countermeasures such as twisted cables are
discussed and experimentally validated in high-IEMI scenarios.
In Chapter 4, a state-of-art electrical vehicle (EV) charger is assessed in IEMI attack scenarios,
and it is observed that an attacker can use low–cost RF components to inject false
current or voltage sensor readings into the system. The manipulated sensor data results in a
drastic increase in the current supplied to the EV which can easily result in physical damage
due to thermal runaway of the batteries. The current switches, which control the output
current of the EV charger, can be controlled (i.e., turned on) by relatively high–power IEMI,
which gives the attacker direct control of the current supplied to the EV.
The attacks on UAVs, communication systems, and EV chargers show that additional hardware
countermeasures should be added to the state-of-art system design to alleviate the effect
of IEMI attacks. The fiber-optic transmission and low-frequency magnetic field shielding can
be used to transmit 'significant signals' or PCB-level countermeasures can be utilized which
are reported in Chapter 5.Doctor of Philosophy
The secure operation of an electronic system depends on the integrity of the signals transmitted from/to components like sensors, actuators, and controllers. Adversaries frequently aim to block or manipulate the information carried in sensor and actuation signals to disrupt the operation of the victim system with physical phenomena, e.g., infrared light or acoustic waves. In this dissertation, it is shown that low-power electromagnetic (EM) waves, with specific frequency and form devised for the victim system, can be utilized as an attack tool to disrupt, and, in some scenarios, control the operation of the system; moreover, it is shown that these attacks can be mitigated with hardware-level countermeasures. In Chapter 2, the attacks are applied to electric motors on an unmanned aerial vehicle (UAV), and it is observed that an attacker can block (i.e., crash of the UAV) or control the UAV motion with EM waves. In Chapter 3, it is shown that digital communication systems are not resilient against intentional electromagnetic interference (IEMI), either. Low–power EM waves can be utilized by attackers to replace the data in serial communication systems with a success rate %98 or more. In Chapter 4, the attacks are applied to the sensors and actuators of electric vehicle chargers with low–cost over–the–shelf amplifiers and antennas, and it is shown that EM interference attacks can manipulate the sensor data and boosts the current supplied to the EV, which can result in overheating and fire. To ensure secure electronic system operation, hardware–level defense mechanisms are discussed and validated with analytical solutions, simulations, and experiments.
13
Kazinec, Darius. "Issues of cyber warfare in international law." Master's thesis, Lithuanian Academic Libraries Network (LABT), 2011. http://vddb.laba.lt/obj/LT-eLABa-0001:E.02~2011~D_20110705_132153-12860.
Full textAbstract:
Cyber has been around for over a decade and yet we are still faces with a situation of a
very weak or rather no regulation. This is being heavily influenced by our weak technological
development and due to the nature of cyberspace and the Internet. Cyber warfare poses
interesting questions for us. It is one of a kind type of warfare, the one we cannot see or feel, but
it‘s impacts are instantaneous and potentially devastating. States and scholars agree on that.
This thesis attempts to explore possibilities of application of existing international laws
to amend this situation and answer the questions if it is adequate or at all possible. While
scholars are still arguing about the basics of what cyber warfare and cyberspace actually is, it
keeps on evolving. States on the other hand have recognized the potential threat of cyber warfare
a long time ago and are attempting to mend the existing legal void, however not successfully.
The effects of their efforts are limited only to a small number of States. States who are not
willing to give up their cyber capability would also stay clear from such international legislation.
International treaties and State practice were analyzed in search of a way to
accommodate cyber warfare under the current regime. The findings show that application of
existing legal basis to cyber warfare is at best difficult and strained. The reality is that cyber
warfare does not fit adequately under any of the legal umbrellas at the moment. Application of... [to full text]Kibernetinis karas jau egzistuoja daugiau nei dešimtmeti tačiau mes vis dar turime labai silpną šio reiškinio reguliavimą. Tokia situacija yra stipriai įtakota mūsų silpnu techniniu galimybių bei interneto struktūros. Kibernetinis karas yra labai keblus. Tai yra naujoviškas kariavimo būdas kurio mes nematome, bet jo pasekmes gali būti žaibiškos ir niokojančios. Mokslininkai ir pasaulio valstybės tai jau seniai pripažino. Šis darbas bando atskleisti galimybes tarptautines teises reguliavimui kibernetinio karo atžvilgiu, jeigu tai iš viso yra įmanoma. Tačiau mokslininkai vis dar ginčijasi dėl kibernetinio karo ir kibernetines erdvės terminologijos, tuo tarpu kibernetinio karo grėsme tik didėja. Pasaulio valstybes tai suprasdamos bando ištaisyti teisės trukumus, tačiau nesėkmingai. Bet kokie pasiūlymai ir susitarimai galioja tik nedideliam valstybių ratui. O didžiosios valstybės tuo tarpu nenoriai atsisakytu savo kibernetinio pajėgumo. Darbe buvo išanalizuotos tarptautinės sutartys bei valstybių praktika bandant pritaikyti esamus režimus kibernetinio karo reguliacijai. Darytinos išvados, kad esamos tarptautinės teisinės bazės taikymas geriausiu atveju yra sudėtingas ir nenatūralus. Realybė yra tai, kad kibernetiniam karui netinka nei vienas režimas. O toks jo taikymas, deja sukelia daugiau problemų nei buvo prieš tai. Tačiau dar nėra išsemtos visos galimybės ir ateitis gali parodyti teisingą sprendimą. Tuo tarpu valstybes yra pasiruošusios vesti derybas dėl tarptautinės... [toliau žr. visą tekstą]
14
Smith, Willarvis. "A Comprehensive Cybersecurity Defense Framework for Large Organizations." Diss., NSUWorks, 2019. https://nsuworks.nova.edu/gscis_etd/1083.
Full textAbstract:
There is a growing need to understand and identify overarching organizational requirements for cybersecurity defense in large organizations. Applying proper cybersecurity defense will ensure that the right capabilities are fielded at the right locations to safeguard critical assets while minimizing duplication of effort and taking advantage of efficiencies. Exercising cybersecurity defense without an understanding of comprehensive foundational requirements instills an ad hoc and in many cases conservative approach to network security. Organizations must be synchronized across federal and civil agencies to achieve adequate cybersecurity defense. Understanding what constitutes comprehensive cybersecurity defense will ensure organizations are better protected and more efficient.
This work, represented through design science research, developed a model to understand comprehensive cybersecurity defense, addressing the lack of standard requirements in large organizations. A systemic literature review and content analysis were conducted to form seven criteria statements for understanding comprehensive cybersecurity defense. The seven criteria statements were then validated by a panel of expert cyber defenders utilizing the Delphi consensus process. Based on the approved criteria, the team of cyber defenders facilitated the development of a Comprehensive Cybersecurity Defense Framework prototype for understanding cybersecurity defense. Through the Delphi process, the team of cyber defense experts ensured the framework matched the seven criteria statements. An additional and separate panel of stakeholders conducted the Delphi consensus process to ensure a non-biased evaluation of the framework.
The comprehensive cybersecurity defense framework is developed through the data collected from two distinct and separate Delphi panels. The framework maps risk management, behavioral, and defense in depth frameworks with cyber defense roles to offer a comprehensive approach to cyber defense in large companies, agencies, or organizations. By defining the cyber defense tasks, what those tasks are trying to achieve and where best to accomplish those tasks on the network, a comprehensive approach is reached.
15
Rubin, Willa. "Waging Wars in Cyberspace: How International Law On Aggression And Self-Defense Falls Short Of Addressing Cyber Warfare.Could Iran Legally Retaliate For The Stuxnet Attack?" Oberlin College Honors Theses / OhioLINK, 2016. http://rave.ohiolink.edu/etdc/view?acc_num=oberlin1462921585.
Full text
16
Прокопець, Я. Ю., Михайло Олександрович Думчиков, Михаил Александрович Думчиков, and Mykhailo Oleksandrovych Dumchykov. "Реалізація кібербезпеки та шляхи її вдосконалення в Україні." Thesis, Сумський державний університет, 2020. https://essuir.sumdu.edu.ua/handle/123456789/78670.
Full textAbstract:
Сучасні глобалізаційні процеси не стоять на місці.Цифрові технології проходять шлях удосконалення, зважаючи на постійні покращення в усіх інформаційних сферах суспільного життя. Зважаючи на все більший вплив електронних технологій усе більш актуальною стає проблема захисту від загроз кібернетичного характеру. Більшість країн світу практикують надійні засоби кібербезпеки, що основані на загальнодержавній системі захисту з можливістю швидкого та ефективного виявлення кіберзагрози, а також надання спеціальним органам повноважень та технологій для попередження, припинення та запобігання кібернападам.
17
Lipke, Alexa. "U.S. and NATO Cyber Defense| Bridging the Resource Gap with a Centralized Market Structure." Thesis, The George Washington University, 2017. http://pqdtopen.proquest.com/#viewpdf?dispub=10189713.
Full textAbstract:
This paper will examine how the organizational structures of the U.S. military and the North Atlantic Treaty Organization (NATO) evolved to address the proliferating array of cyber threats. One of the gaps in military cybersecurity is the growing demand for qualified cyber security personnel. Estonia and other countries have employed all-volunteer cyber militias to help protect national security during emergencies. However, the U.S. and NATO are not in the political or legal position to rely upon an all-civilian group. Utilizing Thomas Malone's framework for business, the U.S. military and NATO could abandon their traditional hierarchies and embrace a centralized market model in order to delegate some of their cybersecurity tasks. One way to decentralize their structures is to modify the Estonian Cyber Defense League model by further implementing their reserves systems. They could hire skilled civilian technology professionals through their reserves, eventually creating Cyber Defense Leagues that are primarily comprised of non-commissioned officers.
18
Eldosouky, Mahmoud Salama Abdelrahman A. "Security of Critical Cyber-Physical Systems: Fundamentals and Optimization." Diss., Virginia Tech, 2019. http://hdl.handle.net/10919/90281.
Full textAbstract:
Cyber-physical systems (CPSs) are systems that integrate physical elements with a cyber layer that enables sensing, monitoring, and processing the data from the physical components. Examples of CPSs include autonomous vehicles, unmanned aerial vehicles (UAVs), smart grids, and the Internet of Things (IoT). In particular, many critical infrastructure (CI) that are vital to our modern day cities and communities, are CPSs. This wide range of CPSs domains represents a cornerstone of smart cities in which various CPSs are connected to provide efficient services. However, this level of connectivity has brought forward new security challenges and has left CPSs vulnerable to many cyber-physical attacks and disruptive events that can utilize the cyber layer to cause damage to both cyber and physical components. Addressing these security and operation challenges requires developing new security solutions to prevent and mitigate the effects of cyber and physical attacks as well as improving the CPSs response in face of disruptive events, which is known as the CPS resilience.
To this end, the primary goal of this dissertation is to develop novel analytical tools that can be used to study, analyze, and optimize the resilience and security of critical CPSs. In particular, this dissertation presents a number of key contributions that pertain to the security and the resilience of multiple CPSs that include power systems, the Internet of Things (IoT), UAVs, and transportation networks. First, a mathematical framework is proposed to analyze and mitigate the effects of GPS spoofing attacks against UAVs. The proposed framework uses system dynamics to model the optimal routes which UAVs can follow in normal operations and under GPS spoofing attacks. A countermeasure mechanism, built on the premise of cooperative localization, is then developed to mitigate the effects of these GPS spoofing attacks. To practically deploy the proposed defense mechanism, a dynamic Stackelberg game is formulated to model the interactions between a GPS spoofer and a drone operator. The equilibrium strategies of the game are analytically characterized and studied through a novel, computationally efficient algorithm. Simulation results show that, when combined with the Stackelberg strategies, the proposed defense mechanism will outperform baseline strategy selection techniques in terms of reducing the possibility of UAV capture. Next, a game-theoretic framework is developed to model a novel moving target defense (MTD) mechanism that enables CPSs to randomize their configurations to proactive deter impending attacks. By adopting an MTD approach, a CPS can enhance its security against potential attacks by increasing the uncertainty on the attacker. The equilibrium of the developed single-controller, stochastic MTD game is then analyzed. Simulation results show that the proposed framework can significantly improve the overall utility of the defender. Third, the concept of MTD is coupled with new cryptographic algorithms for enhancing the security of an mHealth Internet of Things (IoT) system. In particular, using a combination of theory and implementation, a framework is introduced to enable the IoT devices to update their cryptographic keys locally to eliminate the risk of being revealed while they are shared.
Considering the resilience of CPSs, a novel framework for analyzing the component- and system-level resilience of CIs is proposed. This framework brings together new ideas from Bayesian networks and contract theory – a Nobel prize winning theory – to define a concrete system-level resilience index for CIs and to optimize the allocation of resources, such as redundant components, monitoring devices, or UAVs to help those CIs improve their resilience. In particular, the developed resilience index is able to account for the effect of CI components on the its probability of failure. Meanwhile, using contract theory, a comprehensive resource allocation framework is proposed enabling the system operator to optimally allocate resources to each individual CI based on its economic contribution to the entire system. Simulation results show that the system operator can economically benefit from allocating the resources while dams can have a significant improvement in their resilience indices. Subsequently, the developed contract-theoretic framework is extended to account for cases of asymmetric information in which the system operator has only partial information
about the CIs being in some vulnerability and criticality levels. Under such asymmetry, it is shown that the proposed approach maximizes the system operator's utility while ensuring that no CI has an incentive to ask for another contract. Next, a proof-of-concept framework is introduced to analyze and improve the resilience of transportation networks against flooding. The effect of flooding on road capacities and on the free-flow travel time, is considered for different rain intensities and roads preparedness. Meanwhile, the total system's travel time before and after flooding is evaluated using the concept of a Wardrop equilibrium. To this end, a proactive mechanism is developed to reduce the system's travel time, after flooding, by shifting capacities (available lanes) between same road sides. In a nutshell, this dissertation provides a suite of analytical techniques that allow the optimization of security and resilience across multiple CPSs.Doctor of Philosophy
Cyber-physical systems (CPSs) have recently been used in many application domains because of their ability to integrate physical elements with a cyber layer allowing for sensing, monitoring, and remote controlling. This pervasive use of CPSs in different applications has brought forward new security challenges and threats. Malicious attacks can now leverage the connectivity of the cyber layer to launch remote attacks and cause damage to the physical components. Taking these threats into consideration, it became imperative to ensure the security of CPSs. Given that many CPSs provide critical services, for instance many critical infrastructure (CI) are CPSs such as smart girds and nuclear reactors; it is then inevitable to ensure that these critical CPSs can maintain proper operation. One key measure of the CPS’s functionality, is resilience which evaluates the ability of a CPS to deliver its designated service under potentially disruptive situations. In general, resilience measures a CPS’s ability to adapt or rapidly recover from disruptive events. Therefore, it is crucial for CPSs to be resilient in face of potential failures. To this end, the central goal of this dissertation is to develop novel analytical frameworks that can evaluate and improve security and resilience of CPSs. In these frameworks, cross-disciplinary tools are used from game theory, contract theory, and optimization to develop robust analytical solutions for security and resilience problems. In particular, these frameworks led to the following key contributions in cyber security: developing an analytical framework to mitigate the effects of GPS spoofing attacks against UAVs, introducing a game-theoretic moving target defense (MTD) framework to improve the cyber security, and securing data privacy in m-health Internet of Things (IoT) networks using a MTD cryptographic framework. In addition, the dissertation led to the following contributions in CI resilience: developing a general framework using Bayesian Networks to evaluate and improve the resilience of CIs against their components failure, introducing a contracttheoretic model to allocate resources to multiple connected CIs under complete and asymmetric information scenarios, providing a proactive plan to improve the resilience of transportation networks against flooding, and, finally, developing an environment-aware framework to deploy UAVs in disaster-areas
19
Branlat, Matthieu. "Challenges to Adversarial Interplay Under High Uncertainty: Staged-World Study of a Cyber Security Event." The Ohio State University, 2011. http://rave.ohiolink.edu/etdc/view?acc_num=osu1316462733.
Full text
20
Pombo, Rodrigo. "Política europeia de segurança no ciberespaço." Master's thesis, Academia da Força Aérea, 2019. http://hdl.handle.net/10400.26/39771.
Full textAbstract:
Atualmente a Europa e o mundo estão cada vez mais dependentes da tecnologia, e o aumento do uso da internet por parte da população fez com que fossem criadas imensas oportunidades mas ao mesmo tempo apareceram as ciberameaças e ciberataques que vieram afetar não só a privacidade e segurança dos utilizadores mas também das infraestruturas dos próprios Estados. Devido ao aumento da frequência das ciberameaças e ciberataques, a UE teve que atuar e tomar medidas para assegurar a segurança dos seus cidadãos e desenvolver medidas e políticas de cibersegurança.
A emergência de ciberataques como o dos Balcãs em 1999 ou mais recentemente o da Estónia ou da Geórgia em 2007 e 2008 respetivamente, vieram demonstrar que a Europa não estava preparada a nível estratégico nem político no domínio do ciberespaço. Em consequência disso, primeiro a NATO e depois a UE vieram desenvolver políticas e estratégias de cibersegurança para conseguirem responder às ciberameaças. Em particular a UE veio realçar a importância dos Estados-Membros cooperarem com o setor privado para que seja possível superar o desafio do ciberespaço.
De facto, as Parcerias Público Privadas têm vindo a tornar-se cruciais para a evolução do ciberespaço quer seja na ajuda à proteção de infraestruturas críticas, quer no acesso por parte do setor público aos recursos do setor privado bem como na possibilidade de criar sinergias entre as diversas iniciativas do setor privado com o objetivo de desenvolver o mundo do ciberespaço.
Neste sentido de melhorar a segurança do ciberespaço, torna-se fundamental a criação de parcerias por parte dos Estados-Membros promovendo as medidas necessárias para a sua cibersegurança bem como das principais Organizações Internacionais, conseguindo assim superar as adversidades que o Homem criou ao desenvolver esta dependência tecnológica.Nowadays, Europe and the world are increasingly dependent on technology, and the increasing use of the internet by the population has created huge opportunities. At the same time cyber-threats and cyber-attacks have come to affect not only the privacy and security of the users but also the infrastructures of the states themselves. Due to the increased frequency of cyber-threats and cyber-attacks, the EU had to act and take steps to ensure the safety of its citizens and to develop cyber-security policies and measures. The emergence of cyber-attacks such as the Balkans in 1999 or more recently, the attacks against Estonia and Georgia in 2007 and 2008 respectively showed that Europe wasn´t strategically prepared in the cyberspace area. As a result, first NATO and then the EU have developed cyber-security policies and strategies to respond to cyber threats. In particular the EU has emphasized the importance of Member States cooperating with the private sector in order to overcome the challenge of cyberspace. In fact, Public and Private Partnerships have become crucial to the evolution of cyberspace, both in helping to protect critical infrastructures and the access by the public sector to private sector resources as well as the possibility of creating synergies between the various private sector initiatives with the aim of developing the world of cyberspace. In this sense to improve the security of cyberspace, it is essential to create cooperations between Member States in order to promote the necessary measures for their cyber security, as well as the main international organizations. Thus, they will overcome the difficulties that Man has created in this technological dependency.
N/A
21
Stewart, Alexander. "The Community Defense Approach: A Human Approach to Cybersecurity for Industrial and Manufacturing Systems." University of Cincinnati / OhioLINK, 2019. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1562059795078067.
Full text
22
Яровенко, Ганна Миколаївна, Анна Николаевна Яровенко, Hanna Mykolaivna Yarovenko, and І. Д. Нечепоренко. "Сучасні технології кіберзахисту щодо виявлення шахрайств, що здійснюються персоналом банку." Thesis, Сумський державний університет, 2019. https://essuir.sumdu.edu.ua/handle/123456789/77725.
Full textAbstract:
Шахрайство з грошовими засобами є розповсюдженим способом
незаконного збагачення, незалежно від того, яким чином воно здійснювалося.
Особливо актуальною ця проблема є для фінансово-кредитних установ, які
безпосередньо мають справу з фінансовими операціями. Але шахрайські дії в
банківській сфері за часту важко виявити на тлі величезної кількості
автентичних транзакцій, що проводяться щодня. З іншого боку, не виявлення
зловживань, фінансових махінацій, відмивання кримінальних доходів,
незаконне отримання коштів з клієнтських рахунків, тощо може завдати шкоди
репутації банку. Найтривожніша статистика з банківського шахрайства
пов'язана саме із зловживаннями інсайдерів: у 70% випадків злочин було
скоєно банківськими службовцями, а саме тими, хто має найвищий рівень
доступу до банківської інформаційної системи [1]. Системні адміністратори та
адміністратори баз даних мають усі можливості для здійснення або сприяння
шахрайству, оскільки володіють повним доступом до банківської інформації,
ключів шифрування, паролів та знищення наслідків протиправних дій. Також
давні співробітники і топ-менеджери невеликих банків та філій використовують
свій доступ до багатьох операцій в системі банку та можуть зловживати своїми
довірчими позиціями.
23
Kullander, Nathalia. "En analys kring det civila försvaret på lokal nivå. : En jämförande studie mellan Värmland och Örebros resurser och samarbetsförmågor." Thesis, Karlstads universitet, Fakulteten för humaniora och samhällsvetenskap (from 2013), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-85130.
Full textAbstract:
The purpose of this essay is to study the civil defense work in Värmland and Örebro, connected to their resources whithin the respective county. To get a clear picture of how the counties are equipped when it comes to a crisis I have been focusing on the necessary principle connected to civil defense. The study also includes their work with the confederation of enterprise, warehousing and cyber security. To be able to see if they have the potential to collaborating with their resources. I use Emerson's theory of collaborative governance to see if Värmland and Örebro have the potential to work together during a conceivable crisis. Which is about cross-border governance where public and non-public actors prepare overall decisions. When I read about previous research regarding civil defense, I saw Lunde Saxis report Nordic Defense cooperation after the Cold war. And then I got the idea of studying the cooperation between Värmland and Örebro County. Like his theory, it is most optimal if two smaller actors merge during a crisis instead of managing it individually. The counties cannot challenge each other, but they can complement each other during a crisis. The thesis has a larger issue that is linked to the purpose of looking at the potential for collaboration within the theory Collaborative governance:- Can Emerson's theory of Collaborative Governance be established in today's civil defense at the local level?In order to be able to answer that question, the essay will have three sub-questions based on answering whether Örebro and Värmland have opportunities to find possible collaboration with each other.- Are there co-operation capabilities between the two counties according to Collaborative governance?- What assets do the two counties have at their disposal in civil defense?- Do the counties have physical proximity to the various assets required for a stable civil defense?The thesis concludes that the two counties have good conditions for coping with a crisis with their resources available, and that there is great potential for developing new methods and establishing more working methods linked to business, warehousing and cyber security. Collaboration can take place within Emerson's theory, the counties have good chances of collaborating within collaborative governance.Keywords- Civil Defense, The Confederation Of Enterprise, Warehousing, Cyber Security, Cooperation, Collaborative Governance.
24
Kanerva, Anton, and Fredrik Helgesson. "On the Use of Model-Agnostic Interpretation Methods as Defense Against Adversarial Input Attacks on Tabular Data." Thesis, Blekinge Tekniska Högskola, Institutionen för datavetenskap, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-20085.
Full textAbstract:
Context. Machine learning is a constantly developing subfield within the artificial intelligence field. The number of domains in which we deploy machine learning models is constantly growing and the systems using these models spread almost unnoticeably in our daily lives through different devices. In previous years, lots of time and effort has been put into increasing the performance of these models, overshadowing the significant risks of attacks targeting the very core of the systems, the trained machine learning models themselves. A specific attack with the aim of fooling the decision-making of a model, called the adversarial input attack, has almost exclusively been researched for models processing image data. However, the threat of adversarial input attacks stretches beyond systems using image data, to e.g the tabular domain which is the most common data domain used in the industry. Methods used for interpreting complex machine learning models can help humans understand the behavior and predictions of these complex machine learning systems. Understanding the behavior of a model is an important component in detecting, understanding and mitigating vulnerabilities of the model. Objectives. This study aims to reduce the research gap of adversarial input attacks and defenses targeting machine learning models in the tabular data domain. The goal of this study is to analyze how model-agnostic interpretation methods can be used in order to mitigate and detect adversarial input attacks on tabular data. Methods. The goal is reached by conducting three consecutive experiments where model interpretation methods are analyzed and adversarial input attacks are evaluated as well as visualized in terms of perceptibility. Additionally, a novel method for adversarial input attack detection based on model interpretation is proposed together with a novel way of defensively using feature selection to reduce the attack vector size. Results. The adversarial input attack detection showed state-of-the-art results with an accuracy over 86%. The proposed feature selection-based mitigation technique was successful in hardening the model from adversarial input attacks by reducing their scores by 33% without decreasing the performance of the model. Conclusions. This study contributes with satisfactory and useful methods for adversarial input attack detection and mitigation as well as methods for evaluating and visualizing the imperceptibility of attacks on tabular data.Kontext. Maskininlärning är ett område inom artificiell intelligens som är under konstant utveckling. Mängden domäner som vi sprider maskininlärningsmodeller i växer sig allt större och systemen sprider sig obemärkt nära inpå våra dagliga liv genom olika elektroniska enheter. Genom åren har mycket tid och arbete lagts på att öka dessa modellers prestanda vilket har överskuggat risken för sårbarheter i systemens kärna, den tränade modellen. En relativt ny attack, kallad "adversarial input attack", med målet att lura modellen till felaktiga beslutstaganden har nästan uteslutande forskats på inom bildigenkänning. Men, hotet som adversarial input-attacker utgör sträcker sig utom ramarna för bilddata till andra datadomäner som den tabulära domänen vilken är den vanligaste datadomänen inom industrin. Metoder för att tolka komplexa maskininlärningsmodeller kan hjälpa människor att förstå beteendet hos dessa komplexa maskininlärningssystem samt de beslut som de tar. Att förstå en modells beteende är en viktig komponent för att upptäcka, förstå och mitigera sårbarheter hos modellen. Syfte. Den här studien försöker reducera det forskningsgap som adversarial input-attacker och motsvarande försvarsmetoder i den tabulära domänen utgör. Målet med denna studie är att analysera hur modelloberoende tolkningsmetoder kan användas för att mitigera och detektera adversarial input-attacker mot tabulär data. Metod. Det uppsatta målet nås genom tre på varandra följande experiment där modelltolkningsmetoder analyseras, adversarial input-attacker utvärderas och visualiseras samt där en ny metod baserad på modelltolkning föreslås för detektion av adversarial input-attacker tillsammans med en ny mitigeringsteknik där feature selection används defensivt för att minska attackvektorns storlek. Resultat. Den föreslagna metoden för detektering av adversarial input-attacker visar state-of-the-art-resultat med över 86% träffsäkerhet. Den föreslagna mitigeringstekniken visades framgångsrik i att härda modellen mot adversarial input attacker genom att minska deras attackstyrka med 33% utan att degradera modellens klassifieringsprestanda. Slutsats. Denna studie bidrar med användbara metoder för detektering och mitigering av adversarial input-attacker såväl som metoder för att utvärdera och visualisera svårt förnimbara attacker mot tabulär data.
25
Petras, Christopher M. "The convergence of U.S. military and commercial space activities : self-defense and cyber-attack, "peaceful use" and the space station, and the need for legal reform." Thesis, McGill University, 2001. http://digitool.Library.McGill.CA:80/R/?func=dbin-jump-full&object_id=33058.
Full textAbstract:
The ever-increasing convergence of U.S. military and commercial space activities poses new challenges to the viability of the legal concepts that have traditionally governed the use of outer space, and particularly the military use of space, from the beginning of the space age. This paper will look at two examples of where the melding of U.S. military and commercial space activities necessitates a reexamination of the applicable legal theories. Part I will examine the concept of self-defense in outer space, by considering the legality of the use of conventional military force to defend against "cyber-attack" on its commercial space assets. Part II will examine the concept of the use of outer space for "peaceful purposes" under international law, by focusing on the permissibility of military use of the International Space Station. As private commercial entities increasingly take their place aside State actors in outer space, understanding the impact of space commercialization on the law governing military-related activities in outer space becomes more-and-more important to policymakers, military planners, legal scholars and space law practitioners alike.
26
Robin, Jean-Nicolas. "La matière pénale à l'épreuve du numérique." Thesis, Rennes 1, 2017. http://www.theses.fr/2017REN1G035/document.
Full textAbstract:
Il semble aujourd'hui possible de considérer que le numérique et le cyberespace ont complètement changé les rapports de force dans notre société moderne. En se numérisant, la société permet à ses membres un accès quasi illimité et instantané à des millions de ressources et données. Par ailleurs, il facilite largement les relations personnelles et professionnelles entre les individus. Si le numérique peut être présenté comme une véritable révolution, celui-ci expose son utilisateur à de nouvelles vulnérabilités, à de nouveaux risques. Le droit pénal, en ce qu'il régit la société et choisit les valeurs sociales à protéger, s'est donc intéressé au développement du numérique et à ses conséquences. La présente étude constate un arsenal législatif étendu pour lutter le plus efficacement possible contre la délinquance numérique. Néanmoins, l'analyse observe qu'il existe de nombreux obstacles à l'application du droit pénal au cyberespace en raison des particularités liées aux réseaux. La délinquance numérique n'est, en outre, pas la seule menace générée par le numérique, puisque désormais, il est possible de parler du cyberespace comme d'un nouvel espace de confrontation. Ainsi, à la délinquance numérique s'ajoute la menace militaire puisque les États investissent les réseaux par la mise en place d'armes numériques. Il s'agit alors de s'interroger sur la pertinence de ces choix étatiques et sur les solutions permettant d'accentuer la lutte contre la délinquance numériqueToday, it seems possible to consider that digital technology and cyberspace have completely changed the balance of power in our modern society. By digitizing, the society gives its members almost unlimited access to millions of resources and data. Digital technology also facilitates personal and professional relationships between individuals. If digital technology can be presented as a real revolution, it exposes its user to new vulnerabilities and risks. The criminal law, insofar as it governs society and chooses the social values to be protected, has therefore been concerned with the development of digital technology. The present study notes the extensive legislative arsenal for fighting in the most effective manner against digital delinquency. Nevertheless, the analysis observes that many obstacles are against the application of criminal law into the cyberspace because of networks particularities. Moreover, digital crime is not the only threat generated by digital technology, since it is now possible to consider the cyberspace as a new space for confrontation. Thus, military threat is added to digital delinquency as the States set up electronics weapons into networks. Then, the arised question is about the relevance of these state choices and the solutions to intensify the fight against digital delinquency
27
Калетнік, В. В. "Сучасний стан адміністративно-правового забезпечення інформаційної безпеки в Україні: теоретико-правовий аналіз." Thesis, Національний авіаційний університет, 2021. https://er.nau.edu.ua/handle/NAU/53718.
Full textAbstract:
Мета: аналіз сучасного стану адміністративно-правового забезпечення інформаційної безпеки в
Україні, напрацювання науково обґрунтованих пропозицій та рекомендацій з цього питання. Методи
дослідження: у дослідженні автор використовував методи теоретичного аналізу та аналізу змісту,
монографічний метод, метод систематизації для виявлення та конкретизації авторської позиції в
рамках досліджуваних питань. При підготовці висновків та рекомендацій за результатами
дослідження був використаний метод узагальнення. Результати дослідження: визначено напрями
підвищення ефективності адміністративно-правового забезпечення інформаційної безпеки в Україні
на основі реалізації комплексу організаційно-правових заходів. Обговорення: динамічний розвиток
інформаційного суспільства зумовлює потребу постійної трансформації адміністративно-правового забезпечення інформаційної безпеки держави
28
Tsai, Chung-Weng, and 蔡仲威. "Increasing information security skills by using cyber offensive and defensive competitions." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/07725885062425976779.
Full textAbstract:
碩士元智大學
資訊管理學系
105
Information security has become a critical issue in recent years due to the increasing amount of internet hacking, To effectively prevent the endless stream of Internet hacking events, many countries in the world have devoted tremendous effort to cultivate information technology (IT) professionals. The IT staff’s skill in computer security cannot be improve solely by asking their certificates obtained through standard examination procedures without providing proper training. Many organizations urgently to find good ways effectively enhance IT security personnel’s skill. Recently, the games of cyber offensive and defensive have become popular. As these competitions are highly similar to realistic situations in the current environment, this study aims to examine if the competition games can be used as an effective approach for training information security personnel. We also explore which type of computer security skills can be improver by using the games. For the objective, we implemented a game of cyber offensive and defensive as a training system, and recruit IT personnel in a military unit to experimental test the training system. The comparison of the experimental group and control group shows that the training system can effectively improve IT personnel’s computer security skill in 〝system weaknesses and vulnerabilitiesc〞, 〝password deciphering〞 and 〝reverse engineering〞.
29
"A Hacker-Centric Perspective to Empower Cyber Defense." Doctoral diss., 2020. http://hdl.handle.net/2286/R.I.57382.
Full textAbstract:
abstract: Malicious hackers utilize the World Wide Web to share knowledge. Previous work has demonstrated that information mined from online hacking communities can be used as precursors to cyber-attacks. In a threatening scenario, where security alert systems are facing high false positive rates, understanding the people behind cyber incidents can help reduce the risk of attacks. However, the rapidly evolving nature of those communities leads to limitations still largely unexplored, such as: who are the skilled and influential individuals forming those groups, how they self-organize along the lines of technical expertise, how ideas propagate within them, and which internal patterns can signal imminent cyber offensives? In this dissertation, I have studied four key parts of this complex problem set. Initially, I leverage content, social network, and seniority analysis to mine key-hackers on darkweb forums, identifying skilled and influential individuals who are likely to succeed in their cybercriminal goals. Next, as hackers often use Web platforms to advertise and recruit collaborators, I analyze how social influence contributes to user engagement online. On social media, two time constraints are proposed to extend standard influence measures, which increases their correlation with adoption probability and consequently improves hashtag adoption prediction. On darkweb forums, the prediction of where and when hackers will post a message in the near future is accomplished by analyzing their recurrent interactions with other hackers. After that, I demonstrate how vendors of malware and malicious exploits organically form hidden organizations on darkweb marketplaces, obtaining significant consistency across the vendors’ communities extracted using the similarity of their products in different networks. Finally, I predict imminent cyber-attacks correlating malicious hacking activity on darkweb forums with real-world cyber incidents, evidencing how social indicators are crucial for the performance of the proposed model. This research is a hybrid of social network analysis (SNA), machine learning (ML), evolutionary computation (EC), and temporal logic (TL), presenting expressive contributions to empower cyber defense.Dissertation/Thesis
Doctoral Dissertation Computer Science 2020
30
Hasan, Mahmudul. "Cybersecurity Planning Insight: CSCD (Cyber Security and Cyber Defense) Control: Framework For Strategic Direction and Governance." Master's thesis, 2021. http://hdl.handle.net/10362/126392.
Full textAbstract:
Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Information Systems and Technologies ManagementIn this recent time, the importance of cybersecurity and cyber defense is sky-high. Everyone uses different devices, IT infrastructures, and applications for various purposes at school, office, home, hospitals everywhere. With the enlightenment of technology, the nature of cyber-attack has been changed dramatically, and that is why the number of cyber-attacks have been increased. Enterprises face billions of Euros loss from such incidents; even the data loss and operational hazard may have a devastating impact not only on the service, security, privacy, brand image but also upon overall business. A constrictive and realistic CSCD (cyber security and cyber defense) strategy along with the proper implementation of it, can safeguard the enterprises and strongly from cyber attacks. In this paper, we prepare an improved CSCD control framework based on several hundreds of scientific papers and frameworks. Moreover, we identify different aspects and strategic elements by holistic CSCD control risk assessment and data analysis for preparing CSCD strategy and planning of different levels of organizations to maintain effective CSCD governance and cyber resilience.
31
柯柏宇. "A Study of Virtual-Machine-Based Cyber Defense Exercises." Thesis, 2018. http://ndltd.ncl.edu.tw/handle/7gghfu.
Full textAbstract:
碩士國防大學理工學院
資訊工程碩士班
106
Now Capture The Flag (CTF) is one of the most popular type of information security competitions around the world. The attendee needs to solve a series of challenges, or patch some vulnerabilities for defending owning system to earn points. The CTF can be categorized into three types: Jeopardy, Attack-Defense and King of the Hill.. CTF is a very matured method for evaluating information security technical skills. CTFtimes.org is a CTF portal for collecting all the competitions in the world. Hacker can track their performance and write-ups in the portal. Many new CTF games are showing up now. In order to train cyber security experts with the complicated and difficult security problems which similar to the issues in real world, in this research, we brought out a Jeopardy-type CTF based on virtual machine technology and practical scenario guidance. We used it for Cyber Defense Exercises in the past two years and obtained good training results. Jeopardy-type CTF is a good way for training skills, however, the virtual Infrastructure of it is becoming more and more complex and huge as the scenario grows. It is not an easy task for preserve and deploy. In this research, we propose a lightweight method with scripting language to generate a new virtual Infrastructure with fast speed and store it with only necessary spaces.
32
Rullo, Antonino, Andrea Pugliese, Domenico Saccà, and Sergio Greco. "Cyber defense of enterprise information systems: advanced isues and techniques." Thesis, 2014. http://hdl.handle.net/10955/1242.
Full text
33
(10907916), Kelly Anne Cole. "Investigating Cyber Performance: An Individual Differences Study." Thesis, 2021.
Find full textAbstract:
The persistent issues that have been identified in the cyber defense domain, such as information-overload, burn-out and high turn-over rates among cyber analysts leads us to question what the cognitive ability contribution is to a more successful cyber performance. Cyber defense researchers theorize that individual differences are determinants of cyber performance success but have yet to establish empirically the role of individual differences. Therefore, the study uses an individual differences approach under a work performance framework to study the contributions of cognitive ability (i.e., attention control) on cyber performance success in a specific cyber work-role (i.e., the Incident Reponder), and through its well-defined primary task (i.e., incident detection system performance). The sample included actual network analysts with a wide range of incident detection expertise, age, and education levels for more reliable and valid scores. The results of the correlational analysis showed that individual differences in attention control (i.e., flexibility and spatial attention) contribute most to the differences in Incident Responder work-performance. A linear regression model then demonstrated that spatial attention and flexibility predict 53 to 60 percent of the variance in cyber performance scores. It is suggested that the KSA's from the NICE framework be updated with the cognitive abilities that contribute to and/or predict cyber performance success, for superior recruitment efforts towards a more efficient cyber defense work-force.
34
WU, KUAN-SHENG, and 吳冠陞. "Implementation of cyber attack and defense strategy in software defined network." Thesis, 2019. http://ndltd.ncl.edu.tw/handle/m44bqg.
Full textAbstract:
碩士國立臺灣科技大學
資訊工程系
107
Due to the maturity of virtualization technology in recent years, the traditional network hardware architecture cannot flexibly manage the network of virtual machines. The emergence of the Software Define Network (SDN) will be divided into the Network Control Plane and Data Plane, can effectively manage the Network, and the number of virtual machines need to expand, the Software Define Network can also be flexible to increase the number of Software switches, and manage the switches. The Controller controls how packets are forwarded and whether they are processed. In SDN architecture, Controller is like a human brain dominate everything, and Data Plane is like human limbs, in the loss of Controller command, Data Plane does not know how to transfer packets. This we try to attack the Controller in the the SDN network by making the modules which has the traditional network attack module and the soft define network only in the SDN network architecture. This paper discusses the software define network attack techniques, and the impact of the attack on the SDN network architecture. Finally, in this paper we try to establish a defense structure and implement a defence strategy Defender against attack. The experiment shows that Defender can correctly defend against the cyber attack.
35
Civins, Braden Eph. "In search of a cyber Manhattan Project : assorted thoughts on U.S. cyberattack by." Thesis, 2011. http://hdl.handle.net/2152/ETD-UT-2011-08-4199.
Full textAbstract:
National discourse on cyberconflict has largely focused on defensive concerns, or protecting “critical infrastructure” from cyber threats. By contrast, the U.S. government’s employment of cyberattack is shrouded in secrecy and receives scant public attention. The seminal study on U.S. cyberattack, published by the National Academy of Sciences in 2009, noted that the clandestine nature of U.S. cyber operations hinders “widespread understanding and debate about the nature and implications of U.S. cyberattack.” This secrecy has contributed to a policy and legal framework for cyberattack that the NRC-NAS Report called “ill-formed, underdeveloped and highly uncertain.”
Since the NRC-NAS Report was published, the U.S. government has signaled an unprecedented seriousness of purpose in addressing cyberconflict. It has marshaled its cyber resources under the leadership of a single “Cyber Command” and attempted to articulate formal “cyberstrategy.” Media reports from 2010-11 provide rare insight into cyberattack decision-making, and describe gradual development of policy and process for a specific type of cyberattack. The topic of U.S. cyberattack merits revisiting.
This Report surveys the current international environment regarding cyberconflict, traces the development of “cyberstrategy” by the Executive Office of the President (EoP) and the Department of Defense (DoD) to make general points about the U.S. approach to cyberattack, and examines the statutory framework applicable to U.S. cyberattack in a narrow set of cases. This Report draws on news media reports about a series of cyberattack incidents to examine the dynamics of the cyberattack policy-making process, discusses recent attempts to address these issues, and summarizes lessons learned.text
36
Ching-HuangLin and 林敬皇. "Framework Design for Cyber Attack and Defense Exercises with Empirical Cloud Data." Thesis, 2013. http://ndltd.ncl.edu.tw/handle/58312539008444263933.
Full textAbstract:
博士國立成功大學
電腦與通信工程研究所
101
Cyber Security Exercise training is gaining more attention in the information security field. Actual hands-on practice will strengthen the capabilities of attack and defense. Hence, we propose The Cyber Attack and Defense Exercises Framework in the dissertation to assist academic researchers or military cyber-units in designing, planning and performing security exercises. A competition of network attacks and defense was held on the Taiwan Network Security Testing Platform (Testbed@TWISC) to collect empirical data, verify suitability and find the direction for improving the proposed framework. Besides providing real world services, the cloud environment can be used to provide a variety of network attack and defense exercises. Cyber security competitions will become increasingly difficult to hold in a real network environments with physical host implementations. The use of cloud computing environments (especially IaaS architecture with VM) to perform cyber attack and defense games will become a trend. Another part of this study proposes a “VM Performance Model” to determine the optimal VM allocation based on Service Level Agreement. We collect data from virtual machines within the production cloud service platform of the Computer and Network Center in National Cheng Kung University. By defining the VM Allocation Problem and validating the model against the gathered data using Beta distribution, we detail a method to solve the VM Allocation Problem and find the optimal VM allocation on based on specific availability requirements SLA parameters are matched with reservations to find the best VM configuration and most efficient allocation of resources. Simulations prove the proposed VM Performance Model is valid for use in IaaS managers this portion of the work is focused on identifying effective use of cloud computing environments (especially IaaS architecture using VMs) for cyber attack and defense exercises or other cloud applications and services.
37
Lopes, Carvalho Viana André. "NATO and Offensive Cybersecurity: A Strategic Analysis." Master's thesis, 2018. http://www.nusl.cz/ntk/nusl-387165.
Full textAbstract:
This thesis presents a strategic analysis on the possibility of use of offensive cyber capabilities by NATO in its defensive efforts. There is a vast array of academic literature regarding the strategic value of the use of offensive capabilities in cybersecurity, and NATO's cyber posture, however, there is little available regarding the relationship between both. Through the use of tools borrowed from Strategic Studies, this thesis attempts to determine whether it is possible to formulate valid cybersecurity strategies for the use of offensive cyber capabilities from the combination of known academic concepts with current NATO capabilities. The thesis also analyzes the possible implications of using such strategies as well as the underlying causes of their potential success or failure. Viana, André Lopes C. NATO and Offensive Cybersecurity: A Strategic Analysis, [number of pages]p. Master Thesis. Charles University, Faculty of Social Sciences, Institute of Political Studies. Supervisor PhDr. Vít Střítecký, M.Phil., Ph.D.
38
Tzy-ShiahWang and 王子夏. "Cyber-Attack Detection and Defense Based on Spectral Analysis and Community Structure Recognition." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/whhzsj.
Full textAbstract:
博士國立成功大學
電腦與通信工程研究所
105
With the ever-growing number of online services nowadays, and the proliferation of wireless access services, more and more users are connecting to the Internet. However, the increasing reliance on the Internet and associated network services exposes users to the risk of malicious attacks by third parties intent on causing short-term disruption or more serious long-term damage. Among the various network security concerns, botnets are regarded as one of the leading threats to network security, and are used to conduct a wide range of malicious activities, including information theft, phishing, spam mail distribution, and Distributed Denial of Service (DDoS) attacks. Of the various forms of botnet, DGA-based botnets, which utilize a Domain Generation Algorithm (DGA) to avoid detection, are one of the most disruptive and difficult to detect. In addition to botnets, attacks on social network sites have also emerged as a major concern in recent years. One of the most common and harmful types of attack is the Sybil attack, in which the attacker creates multiple identities and uses these identities to breech a running system with fake information. Although botnets and Sybil attacks are both difficult to detect, they leave behind several important clues which can be used to identify their presence. For example, when mapping the communication patterns of a botnet, or the relationships among the sybil nodes and the honest nodes, on to a graph, the graph shows a unique characteristic in terms of the community structure. Accordingly, this dissertation proposes a clustering algorithm for detecting the community structure of cyber-attacks. More specifically, to address the problem of DGA-based botnets, a scheme is proposed for detecting botnet activity by analyzing the query behavior of the DNS traffic. The proposed scheme exploits the fact that hosts compromised by the same DGA-based malware query the same sets of domains in the domain list and most of these queries fail since only a very small number of the domains are actually associated with an active C&C. The evaluation results show that the proposed scheme provides an accurate and effective means of detecting both existing and new DGA-based botnet patterns in real-world networks. To counter the problem of Sybil attacks, the dissertation additionally proposes a defense mechanism based on the characteristic structural properties of honest and sybil groups. Notably, in contrast to most existing Sybil defense schemes, which require a knowledge of at least one honest node in advance, the scheme proposed in this dissertation has the ability to detect sybil groups in a network without the need for any prior knowledge regarding the honest nodes. The performance of the proposed defense scheme is evaluated using data obtained from a real-world social network (Facebook). The results show that the proposed scheme has the ability to detect Sybil attacks in real social networks with a low false positive ratio.
39
Molina, Valdiviezo Lorena Paulina, Felice Crupi, and Angelo Furfaro. "Simulation models for the evaluation of detection and defense protocols against cyber attacks." Thesis, 2016. http://hdl.handle.net/10955/1361.
Full text
40
(8072417), Braiden M. Frantz. "CISTAR Cybersecurity Scorecard." Thesis, 2019.
Find full textAbstract:
Highly intelligent and technically savvy people are employed to hack data systems throughout the world for prominence or monetary gain. Organizations must combat these criminals with people of equal or greater ability. There have been reports of heightened threats from cyber criminals focusing upon the energy sector, with recent attacks upon natural gas pipelines and payment centers. The Center for Innovative and Strategic Transformation of Alkane Resources (CISTAR) working collaboratively with the Purdue Process Safety and Assurance Center (P2SAC) reached out to the Computer and Information Technology Department to assist with analysis of the current cybersecurity posture of the companies involved with the CISTAR initiative. This cybersecurity research project identifies the overall defensive cyber posture of CISTAR companies and provides recommendations on how to bolster internal cyberspace defenses through the identification of gaps and shortfalls, which aided the compilation of suggestions for improvement. Key findings include the correlation of reduced cybersecurity readiness to companies founded less than 10 years ago, cybersecurity professionals employed by all CISTAR companies and all CISTAR companies implementing basic NIST cybersecurity procedures.
41
CHENG, YI-WEN, and 程詒文. "The Normative Framework of the State’s Right of Self-Defense as a Response to Cyber Attack." Thesis, 2019. http://ndltd.ncl.edu.tw/handle/836597.
Full textAbstract:
碩士國防大學
法律學系
107
Awareness has been growing in recent years that modern societies, increasingly Internet-dependent, are highly vulnerable to malicious intrusion into their computers and Internet. The reality of cyber attacks have already proven remarkably threatened, which can cause physical damage and human casualties. As a result, the issues of whether cyber attacks meet the threshold of UN Charter Article 2(4) needs to be taken into consideration. This article addresses the jus ad bellum examining cyber attacks as prohibited acts under the laws governing the resort to force and qualifying the specific characteristics which can be considered as a use of force contrary to Article 2(4) of the UN Charter. Nine factors are to be taken into account when determining whether an attack will constitute a use of force: severity, immediacy, directness, invasiveness, measurability of effects, military character, state involvement, presumptive legality and target. As the criteria has been reached, such attack constitutes a use of force which breaches the prohibition against force in international law. The article also examines the attribution of attacks and the right of states to take countermeasures against non-state actor, including compensation and self-defense regulated in the UN Charter Article 51. Therefore, when the scale and effects of an attack rises to the level of an armed attack, a state may exercise its inherent right of self-defense. As a cyber attack occurs and accompanies with the requirement of imminence and immediacy, a state has the right to use force as anticipatory self-defense.
42
Hsu, Chin-Ping, and 許錦萍. "The Ideal and Reality of Cross-region Joint Defense Cyber Security Policy – A Case Study of A and B-level Government Agencies." Thesis, 2019. http://ndltd.ncl.edu.tw/handle/pb32mv.
Full text
43
Yang, Shih-Feng, and 楊世豐. "Research on Application of Cyber Security in Taiwan''s Defense Industry- CSC v6 of SANS Organization as the Inspection Standard." Thesis, 2019. http://ndltd.ncl.edu.tw/handle/455bq4.
Full textAbstract:
碩士國立中山大學
管理學院高階經營碩士學程在職專班
107
In 2016, Taiwan Government selected "Aerospace Industry", "Shipbuilding Industry" and "Cybersecurity Industry" as the targets of nurturing and developing for major Defense Industries. How to assess the impact of "Cybersecurity Management" on the competitiveness of each individual Company in the Taiwan Defense Industry Supply Chains is one of the key priorities. The so-called ISMS (Information Security Management System) is a system that manages the cybersecurity inside a Company and is an impartant part of the overarching management systems. In addition to effectively manage the resources, a Company must formulate a management system IAW risk management methodology to well manage the risks, and the key purpose of ISMS is to effectively control the risks to the Company, and utilize it to establish and implement how the Company operate and monitor their cybersecurity, and it further serves as the basis for the Company to review and maintain their cybersecurity in order to achieve the umtimate goal of improving the organization''s cybersecurity to ensure that the Company''s operational risks can be effectively controlled and reduced, and to be in the hopes that this study could provide the Company with a basic concept to look inward to review their “Level of Cybersecurity” at the same time, therefore, this study mainly focuses on making sure whether a Company in the “Taiwan Defense Industry Supply Chains” possesses the required awareness of "Cybersecurity management" and can assess the Company’s Level and Procedures of Cybersecurity Capability on their own. This study mainly refers to the 6th edition of the Critical Security Controls (CSC) issued by the SANS (System Administration Networking and Security) as the guiding basis. The design of the study is to discuss with the managing department or decision maker(s) and information-related departments of the Companies in the supply chains to see whether the mechanism of the ISMS is actually followed through, and utilize the findings to assist the Company in the spirit of planning-executing- checking–improving to fully implement Cybersecurity Management to further their core competitiveness. When reviewing a Company’s ISMA, this study uses six levels of 20 key indicators in the expectation that these key indicators will enhance their protection of Cybersecurity and increase their core competitiveness to achieve: 1. The assessment of the impact of the cybersecurity management on the Company’s business. 2. The managing the known internal vulnerabilities to ensure and formulate their security policies to mitigate the risks. 3. The reviewing of the threats faced by the Company and the assessing of the lacuna(s) in their protective measures. 4. The verifying of their authority control criterion and follow-through of their cybersecurity. Keywords: cybersecurity, Taiwan Defense Industry, ISMS, SANS, CSC
44
"The What, When, and How of Strategic Movement in Adversarial Settings: A Syncretic View of AI and Security." Doctoral diss., 2020. http://hdl.handle.net/2286/R.I.62910.
Full textAbstract:
abstract: The field of cyber-defenses has played catch-up in the cat-and-mouse game of finding vulnerabilities followed by the invention of patches to defend against them. With the complexity and scale of modern-day software, it is difficult to ensure that all known vulnerabilities are patched; moreover, the attacker, with reconnaissance on their side, will eventually discover and leverage them. To take away the attacker's inherent advantage of reconnaissance, researchers have proposed the notion of proactive defenses such as Moving Target Defense (MTD) in cyber-security. In this thesis, I make three key contributions that help to improve the effectiveness of MTD.
First, I argue that naive movement strategies for MTD systems, designed based on intuition, are detrimental to both security and performance. To answer the question of how to move, I (1) model MTD as a leader-follower game and formally characterize the notion of optimal movement strategies, (2) leverage expert-curated public data and formal representation methods used in cyber-security to obtain parameters of the game, and (3) propose optimization methods to infer strategies at Strong Stackelberg Equilibrium, addressing issues pertaining to scalability and switching costs. Second, when one cannot readily obtain the parameters of the game-theoretic model but can interact with a system, I propose a novel multi-agent reinforcement learning approach that finds the optimal movement strategy. Third, I investigate the novel use of MTD in three domains-- cyber-deception, machine learning, and critical infrastructure networks. I show that the question of what to move poses non-trivial challenges in these domains. To address them, I propose methods for patch-set selection in the deployment of honey-patches, characterize the notion of differential immunity in deep neural networks, and develop optimization problems that guarantee differential immunity for dynamic sensor placement in power-networks.Dissertation/Thesis
Doctoral Dissertation Computer Science 2020