To see the other types of publications on this topic, follow the link: Cybersecurity frameworks.
Dissertations / Theses on the topic 'Cybersecurity frameworks'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 27 dissertations / theses for your research on the topic 'Cybersecurity frameworks.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Smith, Willarvis. "A Comprehensive Cybersecurity Defense Framework for Large Organizations." Diss., NSUWorks, 2019. https://nsuworks.nova.edu/gscis_etd/1083.
Full textAbstract:
There is a growing need to understand and identify overarching organizational requirements for cybersecurity defense in large organizations. Applying proper cybersecurity defense will ensure that the right capabilities are fielded at the right locations to safeguard critical assets while minimizing duplication of effort and taking advantage of efficiencies. Exercising cybersecurity defense without an understanding of comprehensive foundational requirements instills an ad hoc and in many cases conservative approach to network security. Organizations must be synchronized across federal and civil agencies to achieve adequate cybersecurity defense. Understanding what constitutes comprehensive cybersecurity defense will ensure organizations are better protected and more efficient.
This work, represented through design science research, developed a model to understand comprehensive cybersecurity defense, addressing the lack of standard requirements in large organizations. A systemic literature review and content analysis were conducted to form seven criteria statements for understanding comprehensive cybersecurity defense. The seven criteria statements were then validated by a panel of expert cyber defenders utilizing the Delphi consensus process. Based on the approved criteria, the team of cyber defenders facilitated the development of a Comprehensive Cybersecurity Defense Framework prototype for understanding cybersecurity defense. Through the Delphi process, the team of cyber defense experts ensured the framework matched the seven criteria statements. An additional and separate panel of stakeholders conducted the Delphi consensus process to ensure a non-biased evaluation of the framework.
The comprehensive cybersecurity defense framework is developed through the data collected from two distinct and separate Delphi panels. The framework maps risk management, behavioral, and defense in depth frameworks with cyber defense roles to offer a comprehensive approach to cyber defense in large companies, agencies, or organizations. By defining the cyber defense tasks, what those tasks are trying to achieve and where best to accomplish those tasks on the network, a comprehensive approach is reached.
2
Raina, Ravi. "A systems perspective on cybersecurity in the cloud : frameworks, metrics and migration strategy." Thesis, Massachusetts Institute of Technology, 2016. http://hdl.handle.net/1721.1/107602.
Full textAbstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, School of Engineering, System Design and Management Program, Engineering and Management Program, 2016.Cataloged from PDF version of thesis.
Includes bibliographical references (pages 119-124).
Cloud computing represents the next generation of disruptive technologies in computing. However, there are several barriers to massive adoption of cloud and among them security remains one of the principal concerns. Traditional failure analysis and prevention frameworks fall exceedingly short to address cybersecurity as is evident by every increasing cybersecurity breaches. New frameworks for cybersecurity are required which take a holistic view of the problem and a systems perspective. Migrating to cloud also represents a key decision point for CEO/CTO's today, especially from security perspective. The objective of this thesis is to illustrate the effectiveness of taking a Systems Approach to cybersecurity and provide a framework for migration to cloud with specific emphasis on critical cybersecurity issues pertaining to various cloud deployment models and delivery services. The thesis is divided into three phases. Firstly, it will aim to explore the major security threats and critical areas of focus for security in cloud. It will explore the major security frameworks, metrics and controls, especially the major ones from NIST, CIS and CSA. SLA's for different cloud service models will then be presented. A high level cloud migration framework strategy and framework, with special emphasis on cybersecurity will also be discussed. In the second phase, System- Theoretic Accident Model and Processes (STAMP) which is based on Systems Theory will be applied to Target security breach and key recommendations as well as new insights will be presented. The analysis will highlight the need for holistic approach and Systems Thinking to cybersecurity and new insights that are not produced by traditional methods will be presented. Finally, in the third phase, the cloud migration framework discussed in phase one will be applied to Target. A case will be made that in certain scenarios, moving the less critical applications to cloud and utilizing the security benefits of cloud can actually reduce the threat vectors and security exposures and bring IT systems from a higher risk state to lower risk state. The thesis integrates cybersecurity methods and frameworks as well as security metrics with the cloud migration strategy. Additionally, it also presents STAMP/CAST failure model for cybersecurity breaches and highlights the need for integrated view of safety and security and Systems Thinking in cybersecurity both in traditional systems and cloud.
by Ravi Raina.
S.M. in Engineering and Management
3
Yu, Xiaodong. "Algorithms and Frameworks for Accelerating Security Applications on HPC Platforms." Diss., Virginia Tech, 2019. http://hdl.handle.net/10919/93510.
Full textAbstract:
Typical cybersecurity solutions emphasize on achieving defense functionalities. However, execution efficiency and scalability are equally important, especially for real-world deployment. Straightforward mappings of cybersecurity applications onto HPC platforms may significantly underutilize the HPC devices' capacities. On the other hand, the sophisticated implementations are quite difficult: they require both in-depth understandings of cybersecurity domain-specific characteristics and HPC architecture and system model.
In our work, we investigate three sub-areas in cybersecurity, including mobile software security, network security, and system security. They have the following performance issues, respectively: 1) The flow- and context-sensitive static analysis for the large and complex Android APKs are incredibly time-consuming. Existing CPU-only frameworks/tools have to set a timeout threshold to cease the program analysis to trade the precision for performance. 2) Network intrusion detection systems (NIDS) use automata processing as its searching core and requires line-speed processing. However, achieving high-speed automata processing is exceptionally difficult in both algorithm and implementation aspects. 3) It is unclear how the cache configurations impact time-driven cache side-channel attacks' performance. This question remains open because it is difficult to conduct comparative measurement to study the impacts.
In this dissertation, we demonstrate how application-specific characteristics can be leveraged to optimize implementations on various types of HPC for faster and more scalable cybersecurity executions. For example, we present a new GPU-assisted framework and a collection of optimization strategies for fast Android static data-flow analysis that achieve up to 128X speedups against the plain GPU implementation. For network intrusion detection systems (IDS), we design and implement an algorithm capable of eliminating the state explosion in out-of-order packet situations, which reduces up to 400X of the memory overhead. We also present tools for improving the usability of Micron's Automata Processor. To study the cache configurations' impact on time-driven cache side-channel attacks' performance, we design an approach to conducting comparative measurement. We propose a quantifiable success rate metric to measure the performance of time-driven cache attacks and utilize the GEM5 platform to emulate the configurable cache.Doctor of Philosophy
Typical cybersecurity solutions emphasize on achieving defense functionalities. However, execution efficiency and scalability are equally important, especially for the real-world deployment. Straightforward mappings of applications onto High-Performance Computing (HPC) platforms may significantly underutilize the HPC devices’ capacities. In this dissertation, we demonstrate how application-specific characteristics can be leveraged to optimize various types of HPC executions for cybersecurity. We investigate several sub-areas, including mobile software security, network security, and system security. For example, we present a new GPU-assisted framework and a collection of optimization strategies for fast Android static data-flow analysis that achieve up to 128X speedups against the unoptimized GPU implementation. For network intrusion detection systems (IDS), we design and implement an algorithm capable of eliminating the state explosion in out-of-order packet situations, which reduces up to 400X of the memory overhead. We also present tools for improving the usability of HPC programming. To study the cache configurations’ impact on time-driven cache side-channel attacks’ performance, we design an approach to conducting comparative measurement. We propose a quantifiable success rate metric to measure the performance of time-driven cache attacks and utilize the GEM5 platform to emulate the configurable cache.
4
Hedåker, Johanna. "Ramverk för cybersäkerhet: Möjligheter och begränsningar." Thesis, Malmö universitet, Fakulteten för teknik och samhälle (TS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-20211.
Full textAbstract:
I takt med samhällets snabba tekniska utveckling finns också ett behov av exponentiell utveckling av cybersäkerhet. Trender pekar dock på att så inte har skettoch antalet säkerhetsincidenter och intrång har på senare år ökat avsevärt. Tidigarestudier föreslår att dessa incidenter skulle kunna förhindras, eller åtminstone begränsas, genom tillämpningen av moderna säkerhetsramverk, där CIS Critical SecurityControls är ett av de mer kända.Syftet med denna studie är att genom en enkätundersökning granska existerandeåsikter bland yrkesverksamma inom säkerhetsbranschen om vikten och effekterna avatt tillämpa sådana säkerhetsramverk.Resultatet av vår initiala undersökande studie pekar på att säkerhetsramverken kanbidra till att skapa en både grundläggande och substantiell säkerhetsnivå som är enkel att reproducera. Viss aktsamhet bör dock tas eftersom dessa är beroende av bådeerfarenhet och verksamhetsanpassning. Vidare bör grundläggande kursmoment i cybersäkerhet introduceras på utbildningar och kurser, inklusive de discipliner somtraditionellt sett ligger utanför säkerhetsdomänen, eftersom det digitala landskapethar förändrats.As the technological advancements of our society continue to thrive, there is a need foran exponential growth in the field of cybersecurity. Trends suggest this has not beenthe case and the amount of data- and security breaches has drastically increased overthe past few years. Earlier studies suggest that these incidents could be prevented, orat least limited, by implementing modern cyber security frameworks, such as CISCritical Security Controls.The main aim of this study is to, by conducting an initial investigative survey, examine the existing opinions of professionals from the cybersecurity industry regardingthe significance and effects of implementing such cyber security frameworks.The results of our initial study suggest that cyber security frameworks could contribute to a both sufficient and substantial level of security. However, some caution shouldbe taken into consideration as the frameworks require both experience and adaptation. Furthermore, our results also show that there is a need to introduce basic cybersecurity competence in education, including education traditionally considered to beoutside the field of cybersecurity, as a result of the transformed digital environment.
5
Kuznietsova, Tetiania, and Andrii Chyrkov. "State and perspectives of aircraft cybersecurity." Thesis, National aviation university, 2021. https://er.nau.edu.ua/handle/NAU/50678.
Full textAbstract:
During the latest events in the aviation world, where experts in the
field of cybersecurity (example) opened the possibility of gaining access
to the aircraft's on-board systems, industry experts (and not only)
thought about it. And we are doing quite a lot. There are many existing
guides that contain recommendations and practices, for example:
«Software Considerations in Airborne Systems and Equipment
Certification» contains recommendations for evaluating security and
assuring software quality. There is a separation of access, because all
systems are somehow connected to each other through the on-board
network (take at least maintenance to determine failures):
The FAA continues to consider the aircraft guidelines acceptable for
software certification, although they acknowledge that the guidelines do
not fully cover all areas of software development and life cycle
processes, and can sometimes be misinterpreted.
6
Camporesi, Mirko. "Securopoly: un gioco per l'insegnamento della Cybersecurity." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2017. http://amslaurea.unibo.it/13274/.
Full textAbstract:
All'interno della tesi sono presentati vari argomenti legati al mondo della sicurezza informatica e del suo insegnamento. Lo scopo di questo lavoro è presentare la tecnica della gamification e la sua applicazione nel panorama della cybersecurity moderna. Inoltre, viene proposto un gioco di società chiamato Securopoly che implementa le nozioni descritte e che è basato fortemente sul Framework Nazionale per la cybersecurity, un documento che pone gli standard che ogni organizzazione e ogni azienda dovrebbero soddisfare per essere all'avanguardia nel tentativo di difendersi da attacchi informatici.
7
Leon, Ryan James. "An Event Management Framework to Aid Solution Providers in Cybersecurity." Thesis, The George Washington University, 2018. http://pqdtopen.proquest.com/#viewpdf?dispub=10745141.
Full textAbstract:
Cybersecurity event management is critical to the successful accomplishment of an organization’s mission. To put it in perspective, in 2016 Symantec tracked over 700 global adversaries and recorded events from 98 million sensors (Aimoto et al., 2017). Studies show that in 2015, more than 55% of the cyberattacks on government operation centers were due to negligence and the lack of skilled personnel to perform network security duties including the failure to properly identify events (Ponemon, 2015a). Practitioners are charged to perform as first responders to any event that affects the network. Inconsistencies and errors that occur at this level can determine the outcome of an event.
In a time when 91% of Americans believe they have lost control over how information is collected and secured, there is nothing more dangerous than thinking new technology is not vulnerable to attacks (Rainie, 2016). Assailants target those with weak security postures who are unprepared, distracted or lack fundamental elements to identify significant events and secure the environment.
Under executive order, to address these concerns organizations such as the National Institute of Standards and Technology (NIST) and International Organization of Standards (ISO) developed cybersecurity frameworks, which have been widely accepted as industry standards. These standards focus on business drivers to guide cybersecurity activities and risks within critical infrastructure. It outlines a set of cybersecurity activities, references, and outcomes that can be used to align its cyber activities with business requirements at a high-level.
This praxis explores the solution provider’s role in and method of securing environments through their event management practices. Solution providers are a critical piece of proper event management. They are often contracted to provide solutions that adhere to a NIST type framework with little to no guidance. There are supportive documents and guides for event management but nothing substantive like the Cybersecurity Framework and ISO 27001 has been adopted. Using existing processes and protocols an event management framework is proposed that can be utilized to properly manage events and aid solution providers in their cybersecurity mission.
Knowledge of event management was captured through subject matter expertise and supported through literature review and investigation. Statistical methods were used to identify deficiencies in cyber operations that would be worth addressing in an event management framework.
8
Snyder, Justin Charles. "A Framework and Exploration of a Cybersecurity Education Escape Room." BYU ScholarsArchive, 2018. https://scholarsarchive.byu.edu/etd/6958.
Full textAbstract:
This thesis presents a review of educational-escape-room literature followed by a design-oriented framework (the Snyder Escape Room Framework or SERF) and demonstrates the potential efficacy of escape-rooms in cybersecurity education. Several authors have proposed frameworks and guidelines for game and educational design regarding escape rooms. This work coalesces some of those ideas into a more substantial and comprehensive framework (SERF) that designers can use when developing educational escape rooms. The Snyder Escape Room Framework provides heuristics for goals and objectives, players, activities, context, trajectory design, and evaluation. Additionally, this work describes and analyzes the novel prototyped BYU GCC escape room experience and delves into some of what was successful and what could be improved. The first sessions of the experience were observed and documented, and an expert review was performed. Participants did not gain much confidence in learning new technology; however, they did increase their confidence in using new technology through the experience. Participants did indeed learn from the experience, however, participants focused more on team-related concepts gained from the experience rather than the cybersecurity concepts introduced through the escape-room activities. Based on overwhelming positive responses, participants seemed to enjoy performing the experience. The BYU experience is evaluated against the Snyder Framework as an example of how to use the framework while designing or as a tool for evaluating. Using this framework systemizes and catalogues design choices and implications on the room and provides an informed approach for refinement. Applying the Snyder Escape Room Framework to the BYU experience provides further insight beyond just an expert review, and the BYU experience is a novel example to use with SERF. SERF gives a vocabulary and set of heuristics that help designers zero in on important design decisions. Using the framework provides a well-defined set of attributes for discussing the BYU experience and helps clarify what went well with the room and what could be improved upon. This is especially helpful when iterating on room design. The nature of Snyder Framework and this work is that it is multidisciplinary and touches a wide array of related fields and topics. Of note, are the implications of this work on educational games. The SERF can be used as a resource when designing similar experiences while the analysis of the BYU experience based on the SERF provides an example of how the framework can be used for evaluation and iteration.
9
Newby, Chandler Ryan. "Designing Cybersecurity Competitions in the Cloud: A Framework and Feasibility Study." BYU ScholarsArchive, 2018. https://scholarsarchive.byu.edu/etd/7417.
Full textAbstract:
Cybersecurity is an ever-expanding field. In order to stay current, training, development, and constant learning are necessary. One of these training methods has historically been competitions. Cybersecurity competitions provide a method for competitors to experience firsthand cybersecurity concepts and situations. These experiences can help build interest in, and improve skills in, cybersecurity. While there are diverse types of cybersecurity competitions, most are run with on-premise hardware, often centralized at a specific location, and are usually limited in scope by available hardware. This research focuses on the possibility of running cybersecurity competitions, specifically CCDC style competitions, in a public cloud environment. A framework for running cybersecurity competitions in general was developed and is presented in this research. The framework exists to assist those who are considering moving their competition to the cloud. After the framework was completed, a CCDC style competition was developed and run entirely in a public cloud environment. This allowed for a test of the framework, as well as a comparison against traditional, on-premise hosting of a CCDC. The cloud-based CCDC created was significantly less expensive than running a comparable size competition in on-premise hardware. Performance problems—typically endemic in traditionally-hosted CCDCs—were virtually non-existent. Other benefits, as well as potential contraindications, are also discussed. Another CCDC style competition, this one originally built for on-premise hardware, was then ported to the same public cloud provider. This porting process helped to further evaluate and enrich the framework. The porting process was successful, and data was added to the framework.
10
Cornel, Caralea May. "A Methodology to Measure the Impact of Diversity on Cybersecurity Team Effectiveness." BYU ScholarsArchive, 2019. https://scholarsarchive.byu.edu/etd/8594.
Full textAbstract:
In recent years, the definition of cybersecurity professional has been diluted to include more individuals, particularly women, to be included. Depending on the definition used, women currently comprise between 11% and 25% of the cybersecurity workforce. While multiple studies have indicated the benefits to diverse teams, research in the cybersecurity area is lacking.This research proposes a framework that uses a modified escape-the-room gamified scenario to measure the effectiveness of cybersecurity teams in technical problem-solving. The framework presents two routes, incident response and penetration testing, the participants can choose. In a preliminary study, this framework is used to show the combination of gender diversity and prior cybersecurity experience and/or cybersecurity knowledge, particularly in women, are found to be significant in reducing the time taken to solve cybersecurity tasks in the incident response, and penetration testing domains.In conclusion, opportunities for extending this research into a large-scale study are discussed, along with other applications of cybersecurity escape-rooms.
11
Tisdale, Susan M. "Architecting a Cybersecurity Management Framework| Navigating and Traversing Complexity, Ambiguity, and Agility." Thesis, Robert Morris University, 2018. http://pqdtopen.proquest.com/#viewpdf?dispub=10825513.
Full textAbstract:
Despite advancements in technology, countermeasure, and situational awareness, cybersecurity (CS) breaches continue to increase in number, complexity, and severity. This qualitative study is one of a few to comprehensively explore CS management. The study used a systems’ approach to identify business, socioeconomic, and information technology (IT) factors, and their interrelationships. The study examined IT management frameworks and CS standards and literature. Interviews and a focus group of subject matter experts followed. The research found CS is a leadership, not a technical issue. CS is an ecosystem; its components are interrelated and inseparable, requiring qualitative, subjective, risk and knowledge management interventions. CS, IT, and threats are too complex and volatile for organizations to manage all risks and vulnerabilities in a timely, agile manner. CS lexicons lack uniformity and consistency. An IT management framework is better suited for CS. Companies must segregate and encrypt the most sensitive information and curb their appetites for new, unsecured technology. CS and IT is multilayered, requiring subspecialists, who often serve conflicting business needs and security objectives. Organizations need to minimize mid-level CS management, raise CS to a business level function (not subordinate to IT), and involve cyber specialists at all levels in the business lifecycle. Cross-pollinating people from all business areas, especially from finance, CS, and IT, increases awareness of the others’ responsibilities and obligations and facilitates more rapid portfolio, lifecycle CS activities, from investments to detection and response activities. Future studies should focus on these issues as critical success factors. Finally, the study of CS requires agile, qualitative, multidisciplinary methodology to produce thick, quick, actionable information.
12
Bakare, Adeyinka A. "A Methodology for Cyberthreat ranking: Incorporating the NIST Cybersecurity Framework into FAIR Model." University of Cincinnati / OhioLINK, 2020. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1583247043269043.
Full text
13
Cho, Yiseul. "Strategic philanthropy for cyber security : an extended cost-benefit analysis framework to study cybersecurity." Thesis, Massachusetts Institute of Technology, 2012. http://hdl.handle.net/1721.1/72880.
Full textAbstract:
Thesis (S.M. in Technology and Policy)-- Massachusetts Institute of Technology, Engineering Systems Division, Technology and Policy Program, 2012.Cataloged from PDF version of thesis.
Includes bibliographical references (p. 74-79).
The international climate of cyber security is dramatically changing and thus unpredictable. As such, agile yet sustainable solutions are needed, along with an effective and a pragmatic evaluation framework to assess and demonstrate the value and efficacy of international development collaboration. Currently, no mature frameworks are available for evaluating such non-conventional, new, and complex international activities as they exist today, and thus this study aims to provide an innovative and pragmatic approach to study cybersecurity. This study recognizes the lack of institutionalized solutions, and aims to provide a novel framework with which to evaluate emerging solutions. In particular, this study evaluates the effectiveness of international development activities and public-private partnerships as a way to improve cyber security. Guided by literature on strategic philanthropy and international development, this study develops an extended cost-benefit analysis framework and applies it to an in-depth case study of a Korean security agency, its Computer Emergency Response Team (CERT.) This newly extended framework can be used for assessing international programs and activities aimed at improving cyber security, where the costs and benefits are not restricted by traditional boundaries. Unlike conventional approaches, this study explicitly includes three additional critical aspects, which are neglected in the conventional cost benefit analysis framework: 1) synergic effect (such as public-private partnership), 2) indirect impact, and 3) shared value. An in-depth case study with field interviews and technology reviews was conducted to test the applicability of this extended framework. Based on the application to the case of the international development activities of the Korean CERT, this study presents two findings. First, private companies can benefit from participating in government-led international development programs. Second, international development activities are effective solutions to improving global and local cyber security. Repeated applications of this framework to other cases will further assess the generalizability of the framework. Cumulated evidence from evaluating the effectiveness of international development activities will also inform the development of future activities for establishing partnerships of strategic philanthropy to improve cyber security.
by Yiseul Cho.
S.M.in Technology and Policy
14
Ziska, Matthew Ryan. "Does Cybersecurity Law and Emergency Management Provide a Framework for National Electric Grid Protection?" ScholarWorks, 2018. https://scholarworks.waldenu.edu/dissertations/4766.
Full textAbstract:
The U.S. government is responsible for protecting the country's energy and technology infrastructure. Critics argue the United States has failed to prepare, protect and respond to incidents involving the national electric grid leaving communities vulnerable to prolonged power outages. Protection of investor owned utilities' critical infrastructure is vulnerable to cyber and physical harm from the absence of criminalizing the intrusion of private sector computer networks, the lack of cybersecurity threats in emergency management, and the absence of cyber-intelligent leadership supports this argument. The purpose of this study was to introduce an electric grid protection theoretical concept, while identifying whether cybersecurity law and emergency management, amongst the investor-owned utility community, has an optimized relationship for protecting the national electric grid from harm. Easton's political system input/output model, Sommestad's cybersecurity theory, and Mitroff's crisis management theory provided the theoretical foundations for this study. The study utilized a mixed method research design that incorporated a Likert collection survey and combined quantitative chi-square and qualitative analysis. The key findings identified that cybersecurity law and the use of emergency management in the electric grid protection theory were not optimized to protect the national electric grid from harm. The recommendations of this study included the optimization of the theory elements through educational outreach and amending administrative cybersecurity law to improve the protection of the national electric grid and positively impacting social change by safeguarding the delivery of reliable electric energy to the millions of Americans who depend upon it.
15
Pacheco, Ramirez Jesus Horacio, and Ramirez Jesus Horacio Pacheco. "An Anomaly Behavior Analysis Methodology for the Internet of Things: Design, Analysis, and Evaluation." Diss., The University of Arizona, 2017. http://hdl.handle.net/10150/625581.
Full textAbstract:
Advances in mobile and pervasive computing, social network technologies and the exponential growth in Internet applications and services will lead to the development of the Internet of Things (IoT). The IoT services will be a key enabling technology to the development of smart infrastructures that will revolutionize the way we do business, manage critical services, and how we secure, protect, and entertain ourselves. Large-scale IoT applications, such as critical infrastructures (e.g., smart grid, smart transportation, smart buildings, etc.) are distributed systems, characterized by interdependence, cooperation, competition, and adaptation. The integration of IoT premises with sensors, actuators, and control devices allows smart infrastructures to achieve reliable and efficient operations, and to significantly reduce operational costs. However, with the use of IoT, we are experiencing grand challenges to secure and protect such advanced information services due to the significant increase in the attack surface. The interconnections between a growing number of devices expose the vulnerability of IoT applications to attackers. Even devices which are intended to operate in isolation are sometimes connected to the Internet due to careless configuration or to satisfy special needs (e.g., they need to be remotely managed). The security challenge consists of identifying accurately IoT devices, promptly detect vulnerabilities and exploitations of IoT devices, and stop or mitigate the impact of cyberattacks.
An Intrusion Detection System (IDS) is in charge of monitoring the behavior of protected systems and is looking for malicious activities or policy violations in order to produce reports to a management station or even perform proactive countermeasures against the detected threat. Anomaly behavior detection is a technique that aims at creating models for the normal behavior of the network and detects any significant deviation from normal operations. With the ability to detect new and novel attacks, the anomaly detection is a promising IDS technique that is actively pursued by researchers. Since each IoT application has its own specification, it is hard to develop a single IDS which works properly for all IoT layers. A better approach is to design customized intrusion detection engines for different layers and then aggregate the analysis results from these engines. On the other hand, it would be cumbersome and takes a lot of effort and knowledge to manually extract the specification of each system. So it will be appropriate to formulate our methodology based on machine learning techniques which can be applied to produce efficient detection engines for different IoT applications.
In this dissertation we aim at formalizing a general methodology to perform anomaly behavior analysis for IoT. We first introduce our IoT architecture for smart infrastructures that consists of four layers: end nodes (devices), communications, services, and application. Then we show our multilayer IoT security framework and IoT architecture that consists of five planes: function specification or model plane, attack surface plane, impact plane, mitigation plane, and priority plane. We then present a methodology to develop a general threat model in order to recognize the vulnerabilities in each layer and the possible countermeasures that can be deployed to mitigate their exploitation. In this scope, we show how to develop and deploy an anomaly behavior analysis based intrusion detection system (ABA-IDS) to detect anomalies that might be triggered by attacks against devices, protocols, information or services in our IoT framework. We have evaluated our approach by launching several cyberattacks (e.g. Sensor Impersonation, Replay, and Flooding attacks) against our testbeds developed at the University of Arizona Center for Cloud and Autonomic Computing. The results show that our approach can be used to deploy effective security mechanisms to protect the normal operations of smart infrastructures integrated to the IoT. Moreover, our approach can detect known and unknown attacks against IoT with high detection rate and low false alarms.
16
Habeeb, Richard. "Improving the Security of Building Automation Systems Through an seL4-based Communication Framework." Scholar Commons, 2018. http://scholarcommons.usf.edu/etd/7161.
Full textAbstract:
Existing Building Automation Systems (BASs) and Building Automation Networks (BANs) have been shown to have serious cybersecurity problems. Due to the safety-critical and interconnected nature of building subsystems, local and network access control needs to be finer grained, taking into consideration the varying criticality of applications running on heterogeneous devices. In this paper, we present a secure communication framework for BASs that 1) enforces rich access control policy for operating system services and objects, leveraging a microkernel-based architecture; 2) supports fine-grained network access control on a per-process basis; 3) unifies the security control of inter-device and intra-device communication using proxy processes; 4) tunnels legacy insecure communication protocols (e.g., BACnet) through a secure channel, such as SSL, in a manner transparent to legacy applications. We implemented the framework on seL4, a formally verified microkernel. We conducted extensive experiments and analysis to compare the performance and effectiveness of our communication systems against a traditional Linux-based implementation of the same control scenario. Our experiments show that the communication performance of our system is faster or comparable to the Linux-based architecture in embedded systems.
17
Uddin, Md Ashraf. "A patient agent controlled customized blockchain based framework for internet of things." Thesis, Federation University Australia, 2021. http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/177119.
Full textAbstract:
Although Blockchain implementations have emerged as revolutionary technologies for various industrial applications including cryptocurrencies, they have not been widely deployed to store data streaming from sensors to remote servers in architectures known as Internet of Things. New Blockchain for the Internet of Things models promise secure solutions for eHealth, smart cities, and other applications. These models pave the way for continuous monitoring of patient’s physiological signs with wearable sensors to augment traditional medical practice without recourse to storing data with a trusted authority. However, existing Blockchain algorithms cannot accommodate the huge volumes, security, and privacy requirements of health data. In this thesis, our first contribution is an End-to-End secure eHealth architecture that introduces an intelligent Patient Centric Agent. The Patient Centric Agent executing on dedicated hardware manages the storage and access of streams of sensors generated health data, into a customized Blockchain and other less secure repositories. As IoT devices cannot host Blockchain technology due to their limited memory, power, and computational resources, the Patient Centric Agent coordinates and communicates with a private customized Blockchain on behalf of the wearable devices. While the adoption of a Patient Centric Agent offers solutions for addressing continuous monitoring of patients’ health, dealing with storage, data privacy and network security issues, the architecture is vulnerable to Denial of Services(DoS) and single point of failure attacks. To address this issue, we advance a second contribution; a decentralised eHealth system in which the Patient Centric Agent is replicated at three levels: Sensing Layer, NEAR Processing Layer and FAR Processing Layer. The functionalities of the Patient Centric Agent are customized to manage the tasks of the three levels. Simulations confirm protection of the architecture against DoS attacks. Few patients require all their health data to be stored in Blockchain repositories but instead need to select an appropriate storage medium for each chunk of data by matching their personal needs and preferences with features of candidate storage mediums. Motivated by this context, we advance third contribution; a recommendation model for health data storage that can accommodate patient preferences and make storage decisions rapidly, in real-time, even with streamed data. The mapping between health data features and characteristics of each repository is learned using machine learning. The Blockchain’s capacity to make transactions and store records without central oversight enables its application for IoT networks outside health such as underwater IoT networks where the unattended nature of the nodes threatens their security and privacy. However, underwater IoT differs from ground IoT as acoustics signals are the communication media leading to high propagation delays, high error rates exacerbated by turbulent water currents. Our fourth contribution is a customized Blockchain leveraged framework with the model of Patient-Centric Agent renamed as Smart Agent for securely monitoring underwater IoT. Finally, the smart Agent has been investigated in developing an IoT smart home or cities monitoring framework. The key algorithms underpinning to each contribution have been implemented and analysed using simulators.Doctor of Philosophy
18
Tiscornia, Matteo. "Cyber Risk: Un Nuovo Approccio alla Valutazione." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2016. http://amslaurea.unibo.it/12319/.
Full textAbstract:
Negli ultimi anni il crescente interesse sviluppato nell'ambito del cyber risk ha posto l'attenzione sulle possibili gravi conseguenze di un evento informatico per le imprese e le società.
La continua espansione delle tecnologie come strumenti di lavoro e nella realtà di tutti i giorni attraverso la diffusione dei social network, dei dispositivi mobili e dei servizi cloud ha portato ad una maggiore vulnerabilità dell’intero spazio cibernetico.
Molte aziende stanno iniziando a considerare la cybersecurity come un rischio d’impresa sempre più importante e di conseguenza si sono messe alla ricerca di metodi per assicurare la continuità del proprio business in caso di attacchi informatici.
In questo elaborato si è cercato di toccare tutti i punti fondamentali che riguardano l’intera gestione del cyber-rischio.
Quindi, tratta della corretta formulazione del concetto di rischio contestualizzato nello spazio cibernetico, partendo da un’analisi delle due componenti principali della formula (probabilità e impatto) evidenziandone i limiti dell’applicabilità in questo contesto.
L’obiettivo consiste nel riformulare il rischio prendendo in considerazione altri aspetti come la sicurezza e l’esposizione al rischio.
19
Lartey, Jerry. "Effective Vulnerability Management for Small Scale Organisations in Ghana." Thesis, Luleå tekniska universitet, Institutionen för system- och rymdteknik, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-75809.
Full textAbstract:
Most Small and Medium scale Enterprises (SMEs) in Ghana are notparticularly anxious about the consequences of inadequacy or lack of anyform of vulnerability management operation in their normal businesspractices. This case study research explores how a local Internet ServiceProvider (ISP) in Ghana and its local client-base can manage vulnerabilitieswith a targeted patch management practise integrated into their operations.To answer the research question “How can a SME local Internet ServiceProvider (ISP) in Accra, Ghana, assist their local customer base to integrateeffective cybersecurity vulnerability management into their operations?“,This case study comprised the Subject Matter Expert of one local ISP as well as4 other technical Subject Matter Experts of the ISP’s clients about their patchmanagement operations. This case study research revealed that most SMEs donot consider vulnerability management as a key concern in the operation oftheir organisation and therefore, proposes a way to highlight the importanceof vulnerability management whiles doing so at a cost-effective manner. Theimplications of targeted cybersecurity patch management for the local ISP andtheir client-base is also addressed by this thesis research.
20
Summers, Timothy Corneal. "HOW HACKERS THINK: A MIXED METHOD STUDY OF MENTAL MODELSAND COGNITIVE PATTERNS OF HIGH-TECH WIZARDS." Case Western Reserve University School of Graduate Studies / OhioLINK, 2015. http://rave.ohiolink.edu/etdc/view?acc_num=case1427809862.
Full text
21
Mazzini, Pietro. "Analisi di integrazione su sistemi di Intrusion Detection e Incident Handling in ambito enterprise." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2020. http://amslaurea.unibo.it/21851/.
Full textAbstract:
Questa tesi ha l'obiettivo di presentare un sistema di Intrusion Detection, Incident Handling e Response nei suoi processi produttivi, organizzativi e manageriali e in quelli puramente pratici ed implementativi.
Il nome di questo progetto è OSSIHR (Open Source System for Incident Handling and Response).
La tesi è composta da quattro capitoli.
Il capitolo 1 contiene un'introduzione ai concetti, alle sigle ed ai processi che caratterizzano le discipline di Intrusion Detection, Incident Handling e Incident Management.
Nel capitolo 2 è analizzato lo stato dell'arte sulla materia e vengono definiti i meccanismi di un sistema di Incident Handling che possa essere adottato in ambito enterprise.
Le integrazioni dei software che sono stati utilizzati e l'architettura di OSSIHR sono documentati ed approfonditi nel capitolo 3.
I margini di miglioramento e le criticità del sistema in oggetto sono evidenziate nel capitolo 4 che include anche uno studio di paragone fra il sistema open source proposto ed altri sistemi closed source.
22
Lin, Chien-Ting, and 林建廷. "Cybersecurity-Framework (CSF) -based Conformance Checking Techniques and Tools." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/04491641738524082914.
Full textAbstract:
碩士元智大學
資訊工程學系
105
Cybersecurity is critical for governments, sectors, and enterprises. Thus, US NIST published “Cybersecurity Framework, CSF” as a baseline to help improve the cybersecurity risk management for these organizations. Moreover, President Trump signed cybersecurity executive order on May 11, 2017 to require all federal agencies to adopt CSF. Thus, how to comply with CSF is becoming an important issue. However, CSF activities are detailed and not easy to follow. Furthermore, there are no clear relations between CSF tiers and core activities. Although it is not necessary to have 1-to-1 relation between tiers and core activities, a certain degree of relation makes it easier to adopt CSF. Thus, this thesis studies the methods to relate CSF tiers and core activities, as well as develops a computer-aided CSF conformance checking tool set. In relating CSF core activities with CSF tiers, we use the mapping results of C2M2 in connecting CSF tiers with C2M2, a cybersecurity maturity model of US energy department. Besides, we add extra core activities from mapping results of DHS’s CRR Q&A set with CSF. In the computer-aided tool, we first design a CSF ontology and present it in a tree view; the tool set provides such functions as CSF query, document markup, review, Q&A review, quantitative adjustment, self-assessment, and visual presentation of the resulting profile. The proposed techniques and conformance checking tools developed by our research enhance the effectiveness, objectiveness, transparency, and repeatability in the process of adopting CSF.
23
Gwala, Sizwe. "Barriers to implementation of the (SA) National Cybersecurity Policy Framework." Thesis, 2016. https://hdl.handle.net/10539/23802.
Full textAbstract:
Thesis (M.M. (Security))--University of the Witwatersrand, Faculty of Commerce, Law and Management, Graduate School of Public and Development Management, 2016Technological advancement have seen South African government departments, state owned entities and private companies using cyberspace as a platform of interaction and the storage of information. Technological advancements have a positive impact due to the compression of space, time and thereby ensuring fastpaced interaction across borders. These technological advancements have, however resulted in most organisations, both private and public, becoming prone to cybercrimes and related incidents. In an initiative aimed at countering these threats, the South African government has passed various laws. The National Cybersecurity Policy Framework (NCPF) is a South African Policy framework aimed at countering an increase in the occurrence of cybercrimes and related incidents. This research analyses the status in the implementation of the NCPF objectives allocated to the Department of Telecommunications and Postal Services (DTPS). Then the barriers in the Implementation are unpacked guided by the literature reviewed and finally recommendations on how to counter the identified barriers are provided post the data collection. The report firstly provides an outline of the global perspectives on cybersecurity which is followed by the regional cybersecurity measures, and then the national cybersecurity measures proposed by the South African Government department are outlined. The latter parts of the report focuses on the NCPF in terms of its scope, goals, objectives and stakeholders. Finally, focus is shifted to the DTPS as a chosen area of research wherein data was collected in a form of one-on-one, semi-structured interviews with relevant parties. The results of this research are presented as a narrative description that is synthesised to develop the theoretical conjecture and empirical generalisation of the entire research. This research uncovered that there are numerous barriers in the implementation of the NCPF both within the DTPS as well as between the DTPS and various stakeholders entrusted with the implementation responsibility. The last chapter consists of general conclusions made by the researcher based on the research conducted which is then followed by recommended countermeasures which will be communicated to the DTPS as well as all stakeholders who will be affected by the proposed recommendations.
GR2018
24
Patala, Najiyabanu Noormohmed. "Cybersecurity framework for cloud computing adoption in rural based tertiary institutions." Diss., 2018. http://hdl.handle.net/11602/1362.
Full textAbstract:
MCom (Business Information Systems)Department of Business Information Systems
Although technology is being progressively used in supporting student learning and enhancing business processes within tertiary institutions, certain aspects are hindering the decisions of cloud usage. Among many challenges of utilizing cloud computing, cybersecurity has become a primary concern for the adoption. The main aim of the study was to investigate the effect of cloud cyber-security usage at rural based tertiary institutions in order to compare the usage with an urban-based institution and propose a cybersecurity framework for adoption of cloud computing cybersecurity. The research questions focused on determining the drivers for cloud cybersecurity usage; the current adoption issues; how cybersecurity challenges, benefits, and quality affects cloud usage; the adoption perceptions and awareness of key stakeholders and identifying a cloud cybersecurity adoption framework. A quantitative approach was applied with data collected from a simple random sample of students, lecturers, admin and IT staff within the tertiary institutions through structured questionnaires. The results suggested compliance with legal law as a critical driver for cloud cybersecurity adoption. The study also found a lack of physical control of data and harmful activities executed on the internet as challenges hampering the adoption. Prevention of identity fraud and cheaper security costs were identified as benefits of adoption. Respondents found cloud cybersecurity to be accurate and effective, although most of the students and employees have not used it. However, respondents were aware of the value of cybersecurity adoption and perceive for it to be useful and convenient, hence have shown the intention of adopting it. There were no significant elements identified to differentiate the perceptions of usage at rural and urban-based tertiary institutions. The results of the study are to be used for clarifying the cybersecurity aspects of cloud computing and forecasting the suitability cloud cybersecurity within the tertiary institutions. Recommendations were made on how tertiary institutions and management can promote cloud cybersecurity adoption and how students, lecturers, and staff can effectively use cloud cybersecurity.
NRF
25
Hasan, Mahmudul. "Cybersecurity Planning Insight: CSCD (Cyber Security and Cyber Defense) Control: Framework For Strategic Direction and Governance." Master's thesis, 2021. http://hdl.handle.net/10362/126392.
Full textAbstract:
Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Information Systems and Technologies ManagementIn this recent time, the importance of cybersecurity and cyber defense is sky-high. Everyone uses different devices, IT infrastructures, and applications for various purposes at school, office, home, hospitals everywhere. With the enlightenment of technology, the nature of cyber-attack has been changed dramatically, and that is why the number of cyber-attacks have been increased. Enterprises face billions of Euros loss from such incidents; even the data loss and operational hazard may have a devastating impact not only on the service, security, privacy, brand image but also upon overall business. A constrictive and realistic CSCD (cyber security and cyber defense) strategy along with the proper implementation of it, can safeguard the enterprises and strongly from cyber attacks. In this paper, we prepare an improved CSCD control framework based on several hundreds of scientific papers and frameworks. Moreover, we identify different aspects and strategic elements by holistic CSCD control risk assessment and data analysis for preparing CSCD strategy and planning of different levels of organizations to maintain effective CSCD governance and cyber resilience.
26
Mozzaquatro, Bruno Augusti. "Security Management Framework for the Internet of Things." Doctoral thesis, 2020. http://hdl.handle.net/10362/116181.
Full textAbstract:
The increase in the design and development of wireless communication technologies
offers multiple opportunities for the management and control of cyber-physical systems
with connections between smart and autonomous devices, which provide the delivery
of simplified data through the use of cloud computing. Given this relationship with the
Internet of Things (IoT), it established the concept of pervasive computing that allows
any object to communicate with services, sensors, people, and objects without human
intervention. However, the rapid growth of connectivity with smart applications through
autonomous systems connected to the internet has allowed the exposure of numerous
vulnerabilities in IoT systems by malicious users.
This dissertation developed a novel ontology-based cybersecurity framework to
improve security in IoT systems using an ontological analysis to adapt appropriate
security services addressed to threats. The composition of this proposal explores
two approaches: (1) design time, which offers a dynamic method to build security
services through the application of a methodology directed to models considering
existing business processes; and (2) execution time, which involves monitoring the IoT
environment, classifying vulnerabilities and threats, and acting in the environment,
ensuring the correct adaptation of existing services.
The validation approach was used to demonstrate the feasibility of implementing the
proposed cybersecurity framework. It implies the evaluation of the ontology to offer
a qualitative evaluation based on the analysis of several criteria and also a proof of
concept implemented and tested using specific industrial scenarios. This dissertation
has been verified by adopting a methodology that follows the acceptance in the research
community through technical validation in the application of the concept in an industrial
setting.O aumento no projeto e desenvolvimento de tecnologias de comunicação sem fio oferece múltiplas oportunidades para a gestão e controle de sistemas ciber-físicos com conexões entre dispositivos inteligentes e autônomos, os quais proporcionam a entrega de dados simplificados através do uso da computação em nuvem. Diante dessa relação com a Internet das Coisas (IoT) estabeleceu-se o conceito de computação pervasiva que permite que qualquer objeto possa comunicar com os serviços, sensores, pessoas e objetos sem intervenção humana. Entretanto, o rápido crescimento da conectividade com as aplicações inteligentes através de sistemas autônomos conectados com a internet permitiu a exposição de inúmeras vulnerabilidades dos sistemas IoT para usuários maliciosos. Esta dissertação desenvolveu um novo framework de cibersegurança baseada em ontologia para melhorar a segurança em sistemas IoT usando uma análise ontológica para a adaptação de serviços de segurança apropriados endereçados para as ameaças. A composição dessa proposta explora duas abordagens: (1) tempo de projeto, o qual oferece um método dinâmico para construir serviços de segurança através da aplicação de uma metodologia dirigida a modelos, considerando processos empresariais existentes; e (2) tempo de execução, o qual envolve o monitoramento do ambiente IoT, a classificação de vulnerabilidades e ameaças, e a atuação no ambiente garantindo a correta adaptação dos serviços existentes. Duas abordagens de validação foram utilizadas para demonstrar a viabilidade da implementação do framework de cibersegurança proposto. Isto implica na avaliação da ontologia para oferecer uma avaliação qualitativa baseada na análise de diversos critérios e também uma prova de conceito implementada e testada usando cenários específicos. Esta dissertação foi validada adotando uma metodologia que segue a validação na comunidade científica através da validação técnica na aplicação do nosso conceito em um cenário industrial.
27
Perrichon, Lisa. "Kybernetická bezpečnost ve vesmírném prostoru: Rámec zvládání rizik spojených s kybernetickými útoky a model vylepšení evropských politik." Master's thesis, 2018. http://www.nusl.cz/ntk/nusl-389505.
Full textAbstract:
Cyber attacks can target any nodes of the space infrastructure, and while these attacks are called non-violent, there is a credible capability to use cyber attacks to cause direct or indirect physical damage, injury or death. However, the vulnerability of satellites and other space assets to cyber attack is often overlooked, which is a significant failing given society's substantial and ever increasing reliance on satellite technologies. Through a policy analysis, this dissertation assess the set of political provisions provided by the European Union to address the cyber security issue of the space infrastructure. Such study aims at exploring the geopolitical consequences linked to space cyber security risks, and at assessing the political preparedness of the European Union to address these challenges. The perspective of transatlantic cooperation to further support both American and European effort to tackle this security risk is also addressed. The overarching value of the study is to contribute to future European cyber security for space and transatlantic debates by providing useful perspectives and key takeaways on these two domains. Ultimately, he existing set of policies are not sufficient to address the cyber security issue in Outer Space, a unified approach by the European Union and the United...