Дисертації з теми "Threat of information leakage"
Щоб переглянути інші типи публікацій з цієї теми, перейдіть за посиланням: Threat of information leakage.
Оформте джерело за APA, MLA, Chicago, Harvard та іншими стилями
Ознайомтеся з топ-50 дисертацій для дослідження на тему "Threat of information leakage".
Біля кожної праці в переліку літератури доступна кнопка «Додати до бібліографії». Скористайтеся нею – і ми автоматично оформимо бібліографічне посилання на обрану працю в потрібному вам стилі цитування: APA, MLA, «Гарвард», «Чикаго», «Ванкувер» тощо.
Також ви можете завантажити повний текст наукової публікації у форматі «.pdf» та прочитати онлайн анотацію до роботи, якщо відповідні параметри наявні в метаданих.
Переглядайте дисертації для різних дисциплін та оформлюйте правильно вашу бібліографію.
1
Dlamini, Moses Thandokuhle. "Combating Data Leakage in the Cloud." Thesis, University of Pretoria, 2020. http://hdl.handle.net/2263/73245.
Повний текст джерелаАнотація:
The increasing number of reports on data leakage incidents increasingly erodes the already low consumer confidence in cloud services. Hence, some organisations are still hesitant to fully trust the cloud with their confidential data. Therefore, this study raises a critical and challenging research question: How can we restore the damaged consumer confidence and improve the uptake and security of cloud services? This study makes a plausible attempt at unpacking and answering the research question in order to holistically address the data leakage problem from three fronts, i.e. conflict-aware virtual machine (VM) placement, strong authentication and digital forensic readiness. Consequently, this study investigates, designs and develops an innovative conceptual architecture that integrates conflict-aware VM placement, cutting-edge authentication and digital forensic readiness to strengthen cloud security and address the data leakage problem in the hope of eventually restoring consumer confidence in cloud services.
The study proposes and presents a conflict-aware VM placement model. This model uses varying degrees of conflict tolerance levels, the construct of sphere of conflict and sphere of non-conflict. These are used to provide the physical separation of VMs belonging to conflicting tenants that share the same cloud infrastructure. The model assists the cloud service provider to make informed VM placement decisions that factor in their tenants’ security profile and balance it against the relevant cost constraints and risk appetite.
The study also proposes and presents a strong risk-based multi-factor authentication mechanism that scales up and down, based on threat levels or risks posed on the system. This ensures that users are authenticated using the right combination of access credentials according to the risk they pose. This also ensures end-to-end security of authentication data, both at rest and in transit, using an innovative cryptography system and steganography.
Furthermore, the study proposes and presents a three-tier digital forensic process model that proactively collects and preserves digital evidence in anticipation of a legal lawsuit or policy breach investigation. This model aims to reduce the time it takes to conduct an investigation in the cloud. Moreover, the three-tier digital forensic readiness process model collects all user activity in a forensically sound manner and notifies investigators of potential security incidents before they occur.
The current study also evaluates the effectiveness and efficiency of the proposed solution in addressing the data leakage problem. The results of the conflict-aware VM placement model are derived from simulated and real cloud environments. In both cases, the results show that the conflict-aware VM placement model is well suited to provide the necessary physical isolation of VM instances that belong to conflicting tenants in order to prevent data leakage threats. However, this comes with a performance cost in the sense that higher conflict tolerance levels on bigger VMs take more time to be placed, compared to smaller VM instances with low conflict tolerance levels. From the risk-based multifactor authentication point of view, the results reflect that the proposed solution is effective and to a certain extent also efficient in preventing unauthorised users, armed with legitimate credentials, from gaining access to systems that they are not authorised to access. The results also demonstrate the uniqueness of the approach in that even minor deviations from the norm are correctly classified as anomalies. Lastly, the results reflect that the proposed 3-tier digital forensic readiness process model is effective in the collection and storage of potential digital evidence. This is done in a forensically sound manner and stands to significantly improve the turnaround time of a digital forensic investigation process. Although the classification of incidents may not be perfect, this can be improved with time and is considered part of the future work suggested by the researcher.Thesis (PhD)--University of Pretoria, 2020.
Computer Science
PhD
Unrestricted
2
Лобанов, Сергій Олександрович. "Удосконалені методи автентифікації в системах обміну миттєвими повідомленнями". Master's thesis, Київ, 2018. https://ela.kpi.ua/handle/123456789/27191.
Повний текст джерелаАнотація:
Обсяг роботи 104 сторінки, 2 ілюстрації, 16 джерел літератури, 25 таблиць та 2 додатки.
Об’єктом дослідження є автентифікація користувачів та їх повідомлень на основі виділених поведінкових патернах при спілкуванні в системах обміну миттєвими повідомленнями.
Предметом дослідження є методи багатофакторної автентифікації та способи покращення методів машинного навчання при автентифікації повідомлень користувача за ключовими характеристиками ведення діалогу в системах обміну повідомленнями.
Метою даної кваліфікаційної роботи є підвищення рівня захищеності систем обміну миттєвими повідомленнями за рахунок побудови механізму з більш надійними методами автентифікації користувачів та удосконаленими методами автентифікації повідомлення на основі виділених поведінкових патернів користувача, що дозволить знизити рівень загрози витоку інформації при обміні повідомленнями.
Методами дослідження дипломної роботи є аналіз та порівняння методів автентифікації користувачів та повідомлень на основі поведінкових патернів користувача шляхом аналізу діалогів користувачів у системах обміну миттєвими повідомленнями, побудова механізму перевірки автентичності користувача і повідомлення.
Результатом дипломної роботи є система з двофакторною автентифікацією користувачів та вдосконаленим механізмом автентифікації повідомлень для запобігання витоку інформації в системах обміну миттєвими повідомленнями.The work includes 104 pages, 2 images, 16 links and 25 tables. The object of research are user authentication and their messages authentication based on extracted behavioral patterns during communication at instant messaging services. The subject of this qualification is multifactor authentication methods and improvement approaches for machine learning classification methods of user messages authentication by analyzing the characteristics of dialogue in order to use the key features of dialogue in the applications of instant messaging. The aim of this qualification work is improvement of security of instant messaging systems by building of mechanism with reliable methods of user authentication and improved messages authentication methods for prevention of information leakage based on extracted behavioral patterns of users during communication at instant messaging services. Methods of research are analysis and comparison of multifactor authentication methods for users and messages based on user behavioral patterns extraction by analyzing of user dialogues during messaging, building of mechanism for user and message authentication. The result of the work is a system with the multifactor authentication and improved messages authentication information leakage prevention during instant messaging.
3
Khan, Ajmal. "School Shooting : Threat Detection and Classification in Textual Leakage." Thesis, Uppsala universitet, Institutionen för informationsteknologi, 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-207622.
Повний текст джерелаАнотація:
The continual occurrence of school shooting incidents underscores the need of taking preventive measures. Inductive measures of threat assessment have proved to be a bad strategy to solve the problem and new research is focusing on deductive approaches. Deductive threat assessment approaches are gaining ground and efforts are underway to mine text for automatic detection of threats in written text. Automatic detection and classification of threats in the digital world can help the decision makers focus energies on imminent threats of school shooting and take preventive measures in time to save precious lives and other resources. The contribution of this study is criticism of the previous work done on the problem of school shooting, collection of data of previous cases of school shootings in order to find out the factors that affect the school shooting problem and the development of an algorithm that could be used to detect threat of school shooting in written text in the English language. The algorithm proposed in this study classifies text on the basis of seriousness of the threat of school shooting in to four categories i.e., "High", "Medium", "Low", and "Not a threat". The seriousness of the threat is decided based on different indicators present in the text of the threat and presence of factors that has affected previous school shooters. A prototype is implemented to demonstrate the classification in to the categories mentioned above.
4
Smith, Adam (Adam Davidson) 1977. "Maintaining secrecy when information leakage is unavoidable." Thesis, Massachusetts Institute of Technology, 2004. http://hdl.handle.net/1721.1/28744.
Повний текст джерелаАнотація:
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2004.Includes bibliographical references (p. 109-115).
(cont.) We apply the framework to get new results, creating (a) encryption schemes with very short keys, and (b) hash functions that leak no information about their input, yet-paradoxically-allow testing if a candidate vector is close to the input. One of the technical contributions of this research is to provide new, cryptographic uses of mathematical tools from complexity theory known as randomness extractors.
Sharing and maintaining long, random keys is one of the central problems in cryptography. This thesis provides about ensuring the security of a cryptographic key when partial information about it has been, or must be, leaked to an adversary. We consider two basic approaches: 1. Extracting a new, shorter, secret key from one that has been partially compromised. Specifically, we study the use of noisy data, such as biometrics and personal information, as cryptographic keys. Such data can vary drastically from one measurement to the next. We would like to store enough information to handle these variations, without having to rely on any secure storage-in particular, without storing the key itself in the clear. We solve the problem by casting it in terms of key extraction. We give a precise definition of what "security" should mean in this setting, and design practical, general solutions with rigorous analyses. Prior to this work, no solutions were known with satisfactory provable security guarantees. 2. Ensuring that whatever is revealed is not actually useful. This is most relevant when the key itself is sensitive-for example when it is based on a person's iris scan or Social Security Number. This second approach requires the user to have some control over exactly what information is revealed, but this is often the case: for example, if the user must reveal enough information to allow another user to correct errors in a corrupted key. How can the user ensure that whatever information the adversary learns is not useful to her? We answer by developing a theoretical framework for separating leaked information from useful information. Our definition strengthens the notion of entropic security, considered before in a few different contexts.
by Adam Davison Smith.
Ph.D.
5
LUO, Huajiang. "Information leakage and sharing in decentralized systems." Digital Commons @ Lingnan University, 2018. https://commons.ln.edu.hk/otd/35.
Повний текст джерелаАнотація:
This thesis presents two essays that explore firms’ incentive to share information in a multi-period decentralized supply chain and between competing firms. In the first essay, we consider a two-period supply chain in which one manufacturer supplies to a retailer. The retailer possesses some private demand information about the uncertain demand and decides whether to share the information with manufacturer. If an information sharing agreement is achieved, the retailer will share the observed demand information truthfully to the manufacturer. Then the selling season with two periods starts. In each period, the manufacturer decides on a wholesale price, which the retailer considers when deciding on the retail price. The manufacturer can observe the retailer's period-1 decision and the realized period-1 demand, and use this information when making the period-2 wholesale price decision. Thus, without information sharing, the two firms play a two-period signaling game. We find that voluntary information sharing is not possible because it benefits the manufacturer but hurts the retailer. However, different from one-period model, in which no information sharing can be achieved even with side payment, the manufacturer can make a side payment to the retailer to induce information sharing when the demand range is small. Both firms benefit from more accurate information regardless whether the retailer shares information. We also extend the two-period model to three-period model and infinite-period model, we find that the above results are robust. The second essay studies the incentives for information sharing between two competing firms with different production timing strategies. Each firm is planning to produce a new (upgraded) product. One firm adopts routine timing, whereby her production time is fixed according to her tradition of similar or previous models of the product. The other firm uses strategic timing, whereby his production time can be strategically chosen: be it before, simultaneously with, and after the routine firm. The two firms simultaneously choose whether or not to disclose their private demand information, make their quantity decisions based on any demand information available, and then compete in the market. We find that when the demand uncertainty is not high, both firms sharing information is the unique equilibrium outcome. Exactly one firm (the routine firm) sharing information can arise in equilibrium when the demand uncertainty is intermediate. These results are in stark contrast to extant literature which has shown that, for Cournot competitors with substitutable goods, no firm is willing to share demand information. Production timing is thus identified as a key driving force for horizontal information sharing, which might have been overlooked before. Surprisingly, when the competition becomes more intense, firms are more willing to share information. It is the information asymmetry that fundamentally change the strategic firm’s timing. We highlight the impact of signaling demand information for an early-production firm on the timing strategies, under different information sharing arrangements.
6
Wampler, Christopher. "Information leakage in encrypted IP video traffic." Thesis, Georgia Institute of Technology, 2014. http://hdl.handle.net/1853/54287.
Повний текст джерелаАнотація:
We show that information leakage occurs in video over IP traffic, including for encrypted payloads. It is possible to detect events occurring in the field of view of a camera streaming live video through analysis of network traffic metadata including arrival time between packets, packets sizes, and video stream bandwidth. Event detection through metadata analysis is possible even when common encryption techniques are applied to the video stream such as SSL or AES. We have observed information leakage across multiple codes and cameras. Through timestamps added to the x264 codec, we establish a basis for detectability of events via packet timing. Laboratory experiments confirm that this event detection is possible in practice and repeatable. By collecting network traffic captures from over 100 Skype video calls we are able to see the impact of this information leakage under a variety of conditions.
7
Martinez, Antonio. "Information management and the biological warfare threat." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2002. http://sirsi.nps.navy.mil/uhtbin/hyperion-image/02Mar%5FMartinez.pdf.
Повний текст джерела
8
LUO, Huajiang. "Information leakage and Stackelberg leadership in Cournot competition." Digital Commons @ Lingnan University, 2015. https://commons.ln.edu.hk/cds_etd/12.
Повний текст джерелаАнотація:
In duopoly Cournot competition with sequential moves, it is well known that each player prefers Stackelberg leadership without demand uncertainty. We study the same game when the demand is uncertain, and firms possess some private information about the uncertain demand. There are two effects of private information in this game. First, when the Stackelberg leader moves first, its private information is leaked to, or inferred by the Stackelberg follower via the output quantity. Hence, the Stackelberg follower makes decision based on more accurate information than the leader. Second, the leader incurs a cost to signal its information to the follower, which hurts the leader. Both effects hurt the Stackelberg leader, then the follower may earn more ex ante profit than the leader. When the demand is continuous, Gal-or (1987) assumes that firms follow linear decision rules and reports that the follower always sets a higher output quantity than the leader and earns more profit than the leader. However, our study finds that it is true if and only if the demand is unboundedly distributed. Otherwise, the Stackelberg leader's Pareto-optimal output quantity is not linear in its private information unless it observes the highest signal, and the follower does not always earn more ex ante profit than the leader. When the demand is discretely distributed, we study how the number of demand states influences the effect of cost of signaling. With more demand states, the effect of cost of signaling on the leader becomes more significant, and the follower may earn more ex ante profit than the leader.
9
Woods, Richard David. "Collective responses to acoustic threat information in jackdaws." Thesis, University of Exeter, 2016. http://hdl.handle.net/10871/25978.
Повний текст джерелаАнотація:
Navigating the physical world may present only a small fraction of the challenges faced by social animals. Sociality brings with it numerous benefits, including access to important information that may have otherwise been harder to come by. However, almost every aspect of these apparent benefits may also entail additional cognitive challenges, including how to interpret signals from conspecifics, who to attend to, and how to incorporate knowledge about signallers when deciding how to respond. One approach to understanding the cognitive abilities associated with social function is to investigate social species that take part in potentially costly group behaviours, where individual decisions must be made in a social context. In this thesis I explore how jackdaws (Corvus monedula), a highly sociable corvid species, use acoustic information to coordinate collective anti-predator responses. In Chapter Two I showed using playback experiments that the magnitude of collective responses to anti-predator recruitment calls known as “scolding” calls depends on the identity of the caller, with larger responses to familiar colony members than unfamiliar individuals. In Chapter Three I then used habituation-dishabituation experiments to show that this vocal discrimination operates at the level of the individual, with jackdaws discriminating between the calls of different conspecifics, regardless of their level of familiarity. In Chapter Four, I examined whether aspects of call structure conveyed information about threat levels. Here, I found that high rates of scolding calls were associated with elevated threats, and playback experiments suggested that this information might result in larger group responses. The finding that jackdaws are capable of mediating their response to alarm calls based on the identity of the individual caller, and on structural variation in call production, raised the question of whether jackdaws employed similar forms discrimination between acoustic cues made by predators in their environment. I investigated this in Chapter Five, using playback experiments to show that jackdaws responded not only to the vocalisations of resident predators, but that this ability extended to novel predators, and that responsiveness was mediated by the phase of the breeding season in which predators were heard. Together, these findings provide insights in to how discrimination among acoustic cues can mediate group behaviour in species that respond collectively to threats.
10
Ogren, Joel G. Langevin James R. "Responding to the threat of cyberterrorism through information assurance /." Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 1999. http://handle.dtic.mil/100.2/ADA366792.
Повний текст джерелаАнотація:
Thesis (M.S. in Information Technology Management) Naval Postgraduate School, June 1999."June 1999". Thesis advisor(s): John S. Osmundson, Timothy J. Shimeall. Includes bibliographical references (p. 69-73). Also available online.
11
Ogren, Joel G., and James R. Langevin. "Responding to the threat of cyberterrorism through information assurance." Thesis, Monterey, California: Naval Postgraduate School, 1999. http://hdl.handle.net/10945/13544.
Повний текст джерелаАнотація:
Approved for public release, distribution unlimited.The number of people connecting to the Internet is growing at an astounding rate: estimates range from 100% to 400% annually over the next five years. This unprecedented level of interconnectedness has brought with it the specter of a new threat: cyberterrorism. This thesis examines the impact of this threat on the critical infrastructure of the United States, specifically focusing on Department of Defense issues and the National Information Infrastructure (NII). A working definition for cyberterrorism is derived, and a description of the Nation's critical infrastructure is provided. A number of possible measures for countering the threat of cyberterrorism are discussed, with particular attention given to the concept of information assurance. Information assurance demands that trustworthy systems be developed from untrustworthy components within power generation systems, banking, transportation, emergency services, and telecommunications. The importance of vulnerability testing (or red teaming) is emphasized as part of the concept of information assurance. To support this, a cyberterrorist red team was formed to participate in the Marine Corps' Urban Warrior Experiment. The objective of this thesis is to address the impact of these issues from a Systems Management perspective. This includes taking into account the changes that must occur in order to improve the U.S.' ability to detect, protect against, contain, neutralize, mitigate the effects of and recover from attacks on the Nation's Critical Infrastructure.
12
Kondo, Daishi. "Preventing information leakage in NDN with name and flow filters." Thesis, Université de Lorraine, 2018. http://www.theses.fr/2018LORR0233/document.
Повний текст джерелаАнотація:
Au cours des dernières années, les réseaux de type (NDN) sont devenus une des architectures réseau les plus prometteuses. Pour être adopté à l'échelle d'Internet, NDN doit résoudre les problèmes inhérents à l'Internet actuel. La fuite d’informations fait partie de ces problèmes, et il est très important d’évaluer ce risque pour les réseaux de type NDN. La thèse se propose d'évaluer ce risque. En supposant (i) qu'un ordinateur appartient au réseau d'une entreprise basée sur une architecture NDN, (ii) que l'ordinateur a déjà été compromis par un support malveillant, et (iii) que la société installe un pare-feu, la thèse évalue la situation dans laquelle l’ordinateur infecté tente de divulguer des données à un attaquant externe à l'entreprise. Les contributions de cette thèse sont au nombre de cinq. Tout d'abord, cette thèse propose une attaque par fuite d'informations via un paquet donné et un paquet intérêt propres à NDN. Deuxièmement, afin de remédier à l'attaque fuite d'informations, cette thèse propose un pare-feu basé sur l'utilisation d'une liste blanche et d'une liste noire afin de surveiller et traiter le trafic NDN provenant des consommateurs. Troisièmement, cette thèse propose un filtre de noms NDN pour classifier un nom dans un paquet d'intérêt comme étant légitime ou non. Le filtre de noms peut ainsi réduire le débit par paquet d'intérêt. Cependant, pour adapter la vitesse de l'attaque, les logiciels malveillants peuvent envoyer de nombreux intérêts en très peu de temps. De même, le logiciel malveillant peut exploiter un intérêt avec une information explicite dans le nom (comme peut le faire un message véhiculé par un POST sur HTTP). Cela dépasse alors la portée du filtre de nom proposé et rend le filtre inefficace. Pour prendre en compte le flux de trafic analysé par le pare-feu NDN, cette thèse propose comme quatrième contribution la surveillance du flux NDN à travers le pare-feu. Enfin, afin de traiter les inconvénients du filtre de noms NDN, cette thèse propose un filtre de flux NDN permettant de classer un flux comme légitime ou non. L'évaluation des performances montre que le filtre de flux complète de manière tout à fait performante le filtre de nom et réduit considérablement le débit de fuite d'informationsIn recent years, Named Data Networking (NDN) has emerged as one of the most promising future networking architectures. To be adopted at Internet scale, NDN needs to resolve the inherent issues of the current Internet. Since information leakage from an enterprise is one of the big issues even in the Internet and it is very crucial to assess the risk before replacing the Internet with NDN completely, this thesis investigates whether a new security threat causing the information leakage can happen in NDN. Assuming that (i) a computer is located in the enterprise network that is based on an NDN architecture, (ii) the computer has already been compromised by suspicious media such as a malicious email, and (iii) the company installs a firewall connected to the NDN-based future Internet, this thesis focuses on a situation that the compromised computer (i.e., malware) attempts to send leaked data to the outside attacker. The contributions of this thesis are fivefold. Firstly, this thesis proposes an information leakage attack through a Data and through an Interest in NDN. Secondly, in order to address the information leakage attack, this thesis proposes an NDN firewall which monitors and processes the NDN traffic coming from the consumers with the whitelist and blacklist. Thirdly, this thesis proposes an NDN name filter to classify a name in the Interest as legitimate or not. The name filter can, indeed, reduce the throughput per Interest, but to ameliorate the speed of this attack, malware can send numerous Interests within a short period of time. Moreover, the malware can even exploit an Interest with an explicit payload in the name (like an HTTP POST message in the Internet), which is out of scope in the proposed name filter and can increase the information leakage throughput by adopting a longer payload. To take traffic flow to the NDN firewall from the consumer into account, fourthly, this thesis proposes an NDN flow monitored at an NDN firewall. Fifthly, in order to deal with the drawbacks of the NDN name filter, this thesis proposes an NDN flow filter to classify a flow as legitimate or not. The performance evaluation shows that the flow filter complements the name filter and greatly chokes the information leakage throughput
13
Kelkar, Soham P. "Detecting Information Leakage in Android Malware Using Static Taint Analysis." Wright State University / OhioLINK, 2017. http://rave.ohiolink.edu/etdc/view?acc_num=wright1514202750763563.
Повний текст джерела
14
Novakovic, Christopher. "Computing and estimating information leakage with a quantitative point-to-point information flow model." Thesis, University of Birmingham, 2015. http://etheses.bham.ac.uk//id/eprint/5900/.
Повний текст джерелаАнотація:
Information leakage occurs when a system exposes its secret information to an unauthorised entity. Information flow analysis is concerned with tracking flows of information through systems to determine whether they process information securely or leak information. We present a novel information flow model that permits an arbitrary amount of secret and publicly-observable information to occur at any point and in any order in a system. This is an improvement over previous models, which generally assume that systems process a single piece of secret information present before execution and produce a single piece of publicly-observable information upon termination. Our model precisely quantifies the information leakage from secret to publicly-observable values at user-defined points - hence, a "point-to-point" model - using the information-theoretic measures of mutual information and min-entropy leakage; it is ideal for analysing systems of low to moderate complexity. We also present a relaxed version of our information flow model that estimates, rather than computes, the measures of mutual information and min-entropy leakage via sampling of a system. We use statistical techniques to bound the accuracy of the estimates this model provides. We demonstrate how our relaxed model is more suitable for analysing complex systems by implementing it in a quantitative information flow analysis tool for Java programs.
15
Newman, William Arthur. "Risk/threat based analysis auditing in advanced management information systems." Thesis, University of Canterbury. Accounting and Information Systems, 1986. http://hdl.handle.net/10092/3761.
Повний текст джерелаАнотація:
This dissertation discusses the growth of auditing and internal control and
evaluates the present degree of knowledge and the current and future roles of
auditors in a computer-based environment. An analysis of the current state of
computer-based auditing is presented along with current research in audit and
security methodologies is presented and critiqued. The concept of System
Metrics is formulated and defined and a computer-audit analysis system called
the Risk Evaluation Model (REM) is created, described and utilized. The Risk
Evaluation Model is an interactive set of programs written in FORTRAN which
assesses Information Systems for a variety of attributes to judge the "quality" of a
system. Currently the system assesses:
1. Portability of the System;
2. Maintainability of the System;
3. Complexity of the System;
4. Known threats to the System and known Features neutralizing
those threats;
5. The General System Security Level; and
6. The Hardware Reliability of the System.
The model is currently implemented on the Prime 750 computer.
16
Callahan, Christopher J. "Security information and event management tools and insider threat detection." Thesis, Monterey, California: Naval Postgraduate School, 2013. http://hdl.handle.net/10945/37596.
Повний текст джерелаАнотація:
Approved for public release; distribution is unlimitedMalicious insider activities on military networks can pose a threat to military operations. Early identification of malicious insiders assists in preventing significant damage and reduces the overall insider threat to military networks. Security Information and Event Management (SIEM) tools can be used to identify potential malicious insider activities. SIEM tools provide the ability to normalize and correlate log data from multiple sources on networks. Personnel background investigations and administrative action information can provide data sources for SIEM tools in order to assist in early identification of the insider threat by correlating this information with the individuals online activities. This thesis provides background information on the components and functionality of SIEM tools, summarizes historic insider threat cases to determine common motivations, provides an overview of military security investigations and administrative actions in order to determine candidate sources for SIEM correlation, and provides an overview of common methods of data exfiltration by malicious insiders. This information is then used to develop an example SIEM architecture that highlights how the military can use a SIEM to identify and prevent potential internal insider threats by correlating an individuals network activities with background investigation and administrative action information.
17
Bishop, Stephen. "A Multi-Agent Architecture for Information Leakage Detection in Distributed Systems." Available to subscribers only, 2009. http://proquest.umi.com/pqdweb?did=1967911841&sid=1&Fmt=2&clientId=1509&RQT=309&VName=PQD.
Повний текст джерела
18
Chen, Han. "Quantitative information flow, maximum leakage and its applications to anonymity protocols." Thesis, Queen Mary, University of London, 2008. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.509676.
Повний текст джерела
19
Schluderberg, Larry E. "Addressing the cybersecurity Malicious Insider threat." Thesis, Utica College, 2015. http://pqdtopen.proquest.com/#viewpdf?dispub=1571095.
Повний текст джерелаАнотація:
Malicious Insider threats consist of employees, contractors, or business partners who either have current authorized access, or have had authorized access to an organization's critical information and have intentionally misused that access in a manner that compromised the organization. Although incidents initiated by malicious insiders are fewer in number than those initiated by external threats, insider incidents are more costly on average because the threat is already trusted by the organization and often has privileged access to the organization's most sensitive information. In spite of the damage they cause there are indications that the seriousness of insider incidents are underappreciated as threats by management. The purpose of this research was to investigate who constitutes MI threats, why and how they initiate attacks, the extent to which MI activity can be modeled or predicted, and to suggest some risk mitigation strategies. The results reveal that addressing the Malicious Insider threat is much more than just a technical issue. Dealing effectively with the threat involves managing the dynamic interaction between employees, their work environment and work associates, the systems with which they interact, and organizational policies and procedures. Techniques for detecting and mitigating the threat are available and can be effectively applied. Some of the procedural and technical methods include definition of, follow through, and consistent application of corporate, and dealing with adverse events indigenous to the business environment. Other methods include conduct of a comprehensive Malicious Insider risk assessment, selective monitoring of employees in response to behavioral precursors, minimizing unknown access paths, control of the organization's production software baseline, and effective use of peer reporting.
Keywords: Cybersecurity, Professor Paul Pantani, CERT, insider, threat, IDS, SIEMS. FIM, RBAC, ABAC, behavioral, peer, precursors, access, authentication, predictive, analytics, system, dynamics, demographics.
20
Lamb, Christopher J. "Use of double-loop learning to combat advanced persistent threat| Multiple case studies." Thesis, Capella University, 2014. http://pqdtopen.proquest.com/#viewpdf?dispub=3607034.
Повний текст джерелаАнотація:
The Advanced Persistent Threat (APT) presents an ever present and more growing threat to organizations across the globe. Traditional Information Technology (IT) incident response falls short in effectively addressing this threat. This researcher investigated the use of single-loop and double-loop learning in two organizations with internal incident response processes designed to combat the APT. Two cases were examined within organizations employing an internal incident response team. The third case was examined from an organization providing incident response as a service in addressing APT compromises. The study developed four themes: the inefficacy of single-loop learning in addressing APT, the need for better visibility within corporate infrastructure, the need for continuous improvement and bi-directional knowledge flow, and the need for effective knowledge management. Based on these themes, a conceptual model was developed modifying the traditional incident response process. Three implications were derived from the research. First, perimeter defense falls short when addressing the APT. Second, the preparation phase of incident response requires modification along with the addition of a new baseline loop phase running contiguously with the entire process. Finally, opportunistic learning needs to be encouraged in addressing the APT.
21
Gylling, Andreas. "Enriching Attack Models with Cyber Threat Intelligence." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-284249.
Повний текст джерелаАнотація:
As cyber threats continue to grow and expertise resources are limited, organisationsneed to find ways to evaluate their resilience efficiently and takeproactive measures against an attack from a specific adversary before it occurs.Threat modelling is an excellent method of assessing the resilience of ICT systems,forming Attack (Defense) Graphs (ADGs) that illustrates an adversary’sattack vectors, allowing analysts to identify weaknesses in the systems.Cyber Threat Intelligence (CTI) is information that helps us understand thecurrent cyber threats we are facing, but have little integration with ADGs. Thisthesis attempts to resolve that by evaluating how CTI feeds of known ThreatActors can be used to enrich Attack (Defense) Graphs in a threat modellingtool securiCAD. The purpose of this is to allow security administrators to takeproactive measures and strengthen their ICT systems against current methodsused by any Threat Actor that is believed to pose a threat to them. This isalso a part of a larger EU project SOCCRATES, to which this thesis is a partof.This resulted in a tool that generates an Attacker Profile, which is based ona Threat Actor’s capabilities and techniques. Techniques are methods for accomplishingspecific attack steps. The Attacker Profile is then integrated withsecuriCAD to tweak the underlying parameters of securiCAD’s attack steps toasses the security of a model with respect to the specified adversary.In securiCAD, simulations run against a model of the infrastructure with asequence of attack steps, determined by probability, to form possible attackvectors by the attacker. We saw evidence that the generated Attacker Profileaccurately represented the Threat Actor’s commonly used Tactics, Techniquesand Procedures (TTPs) and adjusted the attack vectors accordingly when runningthe simulation. A proof of concept of integrating CTI feeds with threatmodelling was thereby established, helping security analysts asses weaknessesin the systems if they were to be attacked by a specific Threat Actor.När cyberhoten växer och det finns begränsade resurser att motverka dessamåste organisationer och företag finna sätt att testa säkerheten i sina systemför att ta förebyggande beslut och skydda sig mot hoten innan attackerna sker.Hotmodellering är ett sätt att göra detta då det formar attackgrafer som visualiseraren attackerares förflyttning i systemen.Cyber Threat Intelligence (CTI) är ett sätt för oss att förstå de hot vi står inför,men har liten integration med attackgrafer. Detta examensarbete försöker lösadetta genom att se hur CTI-strömmar av kända attackerare kan användas för attberika attackgrafer i hotmodelleringsverktyget securiCAD. Syftet med detta ärför att låta säkerthetsanalytiker analysera och stärka deras system mot the metodersom används av någon attackerare som tros vara ett hot mot dem. Dettaär även ett mål i ett större EU-projekt SOCCRATES som detta examensarbeteär en del av.Detta resulterade i ett verktyg som genererar attackerarprofiler, vilket användsför att justera de underliggande parametrarna i securiCADs attacksteg. Dessaattackerarprofiler baseras på en attackerares förmågor och tekniker, där teknikerär en metod för att åtstakomma specifika attacksteg. Attackerarprofilernakan i sin tur integreras med securiCAD för att utvärdera säkerheten i modellenmed avseende på en känd attackerare.I securiCAD körs simuleringar där sekvenser av attacksteg sätts upp, som medhjälp av sannolikhet formar potentiella attackvägar tagna av attackeraren. Resultatengav bevis på att den generade attackerarprofilen representerade denkända attackerarens tillvägagångssätt i simuleringarna. Detta resulterade i ettbevis på att integrera CTI med hotmodellering kan hjälpa säkerhetsanalytikeratt utvärdera sina system och ta förebyggande beslut för att stärka upp systemenfrån aktuella attacker av en attackerare som tros vara ett hot mot dem.
22
Haglind, Carl. "Evaluation and Implementation of Traceable Uncertainty for Threat Evaluation." Thesis, Uppsala universitet, Avdelningen för systemteknik, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-228106.
Повний текст джерелаАнотація:
Threat evaluation is used in various applications to find threatening objects or situations and neutralize them before they cause any damage. To make the threat evaluation as user-friendly as possible, it is important to know where the uncertainties are. The method Traceable Uncertainty can make the threat evaluation process more transparent and hopefully easier to rely on. Traceable Uncertainty is used when different sources of information are combined to find support for the decision making process. The uncertainty of the current information is measured before and after the combination. If the magnitude of uncertainty has changed more than a threshold, a new branch will be created which excludes the new information from the combination of evidence. Traceable Uncertainty has never been tested on any realistic scenario to investigate whether it is possible to implement the method on a large scale system. The hypothesis of this thesis is that Traceable Uncertainty can be used on large scale systems if its threshold parameter is tuned in the right way. Different threshold values were tested when recorded radar data were analyzed for threatening targets. Experiments combining random generated evidence were also analyzed for different threshold values. The results showed that a threshold value in the range [0.15, 0.25] generated a satisfying amount of interpretations that were not too similar to eachother. The results could also be filtered to take away unnecessary interpretations. This shows that in this aspect and for this data set, Traceable Uncertainty can be used on large scale systems.
23
Olandersson, Sandra, and Jeanette Fredsson. "Threats in Information Security : Beyond technical solutions. - Using Threat Tree Analysis." Thesis, Blekinge Tekniska Högskola, Institutionen för programvaruteknik och datavetenskap, 2001. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-3829.
Повний текст джерелаАнотація:
To be able to protect an organisation's resources, it is important to understand what there is to protect and what to protect it from. The first step is to try to analyse the security threats that exist against an organisation's resources to explore the risks. Threats have to be identified, for the organisation to protect its resources and find where the optimal placement against threats is. This thesis analysis whether it is possible to obtain a Threat Tree Analysis that is useful for developing an information security policy for the municipality in Ronneby, using the SS 62 77 99-1 standard. A co-operation between the technical solutions and the administrative security is necessary to achieve information security, together with ordinary common sense. True, each of these can help improve security, but none of them is a complete solution. Security is not a product - it is a process. Threat trees form the basis of understanding that process. In this thesis, we have been using a qualitative method. The analysis method is a case study at the Social Department, at the municipality in Ronneby. Through interviews it has come us to hand, that the organisation has not established an information security policy which should give the code of practice for how the work of information security will pursue within the organisation. The organisation does neither use a model for structuring threats nor a method for collecting threats against information today. Through the structure of possible threats, the personnel generates an understanding of the organisation and takes active part finding adequate threats within the Social Department. As users understand the importance of security, how to use it, and where to report suspected violations, they can do a great deal to reduce the risk to loose information. Important to remember is that the education is an ongoing process, new users need training and trained users need reminding, especially when new technologies or processes are introduced. Thus, Threat Tree Analysis is useful for continuing towards developing an information security policy according to SS 62 77 99-1 standard.För att kunna skydda en organisations resurser är det viktigt att förstå vad organisationen behöver skydda och vad den ska skydda det ifrån. Det första steget är att analysera hot mot organisationens resurser för att uppskatta riskerna. Hot måste identifieras för att organisationen ska kunna skydda sina resurser och hitta den optimala placeringen av åtgärder mot hot. Denna uppsatsen undersöker om det är möjligt att skapa en hotträdsanalys som är användbar för skapandet av en informationssäkerhetspolicy för Ronneby kommun, genom att använda standarden SS 62 77 99-1. Vi betonar i uppsatsen att ett samarbete mellan existerande tekniska lösningar och administrativ säkerhet är nödvändigt för att uppnå informationssäkerhet. Visst kan var och en av dessa hjälpa till att förbättra säkerheten, men ingen av dem är ensam den kompletta lösningen. Säkerhet är inte en produkt - det är en process. Hotträd formar grunden för en förståelse av den processen. I denna uppsats har vi använt en kvalitativ metod. Analysmetoden är en fallstudie på Socialförvaltningen i Ronneby kommun. Genom intervjuer har vi fått fram att organisationen inte har etablerat en informationssäkerhetspolicy, vilken ska ge riktlinjer för hur säkerhetsarbetet ska fullföljas inom organisationen. Organisationen använder varken en modell för att identifiera hot mot information eller en metod för att strukturera hoten. Genom strukturen av möjliga hot, genererar personalen en förståelse för organisationen och tar aktivt del i att identifiera hot mot Socialförvaltningen. Detta medför att alla användare förstår hur viktigt det är med säkerhet, vart de ska rapportera misstänkta händelser och de kan göra mycket för att minska risken att förlora information. Det är viktigt att komma ihåg att utbildning är en pågående process, nya användare behöver utbildning och utbildade användare behöver vidareutbildning, speciellt när nya tekniker eller processer introduceras. Därför är hotträdsanalysen en användbar modell för arbetet mot att skapa en informationssäkerhetspolicy enligt standarden SS 62 77 99-1.
Sandra Olandersson Blåbärsvägen 27 372 38 RONNEBY 0457 / 12084 Jeanette Fredsson Villa Viola 372 36 RONNEBY 0457 / 26616
24
Ho, Zuleita K. M., Eduard A. Jorswieck, and Sabrina Engelmann. "Efficient information leakage neutralization on a relay-assisted multi-carrier interference channel." Saechsische Landesbibliothek- Staats- und Universitaetsbibliothek Dresden, 2013. http://nbn-resolving.de/urn:nbn:de:bsz:14-qucosa-128447.
Повний текст джерелаАнотація:
In heterogeneous dense networks where spectrum is shared, users privacy remains one of the major challenges. When the receivers are not only interested in their own signals but also in eavesdropping other users' signals, the cross talk becomes information leakage.We propose a novel and efficient secrecy rate enhancing relay strategy EFFIN for information leakage neutralization. The relay matrix is chosen such that the effective leakage channel (spectral and spatial) is zero. Thus, it ensures secrecy regardless of receive processing employed at eavesdroppers and does not rely on wiretaps codes to ensure secrecy, unlike other physical layer security techniques such as artificial noise. EFFIN achieves a higher sum secrecy rate over several state-of-the-art baseline methods.
25
Nusinov, Michael Cooper. "Visualizing threat and impact assessment to improve situation awareness /." Online version of thesis, 2009. http://hdl.handle.net/1850/11245.
Повний текст джерела
26
Gilliam, Billy Paul. "Threat Intelligence in Support of Cyber Situation Awareness." ScholarWorks, 2017. https://scholarworks.waldenu.edu/dissertations/4493.
Повний текст джерелаАнотація:
Despite technological advances in the information security field, attacks by unauthorized individuals and groups continue to penetrate defenses. Due to the rapidly changing environment of the Internet, the appearance of newly developed malicious software or attack techniques accelerates while security professionals continue in a reactive posture with limited time for identifying new threats. The problem addressed in this study was the perceived value of threat intelligence as a proactive process for information security. The purpose of this study was to explore how situation awareness is enhanced by receiving advanced intelligence reports resulting in better decision-making for proper response to security threats. Using a qualitative case study methodology a purposeful sample of 13 information security professionals were individually interviewed and the data analyzed through Nvivo 11 analytical software. The research questions addressed threat intelligence and its impact on the security analyst's cognitive situation awareness. Analysis of the data collected indicated that threat intelligence may enhance the security analyst's situation awareness, as supported in the general literature. In addition, this study showed that the differences in sources or the lack of an intelligence program may have a negative impact on determining the proper security response in a timely manner. The implications for positive social change include providing leaders with greater awareness through threat intelligence of ways to minimize the effects of cyber attacks, which may result in increasing business and consumer confidence in the protection of personal and confidential information.
27
Jamal, Arshad. "Understanding privacy leakage concerns in Facebook : a longitudinal case study." Thesis, Brunel University, 2013. http://bura.brunel.ac.uk/handle/2438/7609.
Повний текст джерелаАнотація:
This thesis focuses on examining users’ perceptions of privacy leakage in Facebook – the world’s largest and most popular social network site (SNS). The global popularity of this SNS offers a hugely tempting resource for organisations engaged in online business. The personal data willingly shared between online friends’ networks intuitively appears to be a natural extension of current advertising strategies such as word-of-mouth and viral marketing. Therefore organisations are increasingly adopting innovative ways to exploit the detail-rich personal data of SNS users for business marketing. However, commercial use of such personal information has provoked outrage amongst Facebook users and has radically highlighted the issue of privacy leakage. To date, little is known about how SNS users perceive such leakage of privacy. So a greater understanding of the form and nature of SNS users’ concerns about privacy leakage would contribute to the current literature as well as help to formulate best practice guidelines for organisations. Given the fluid, context-dependent and temporal nature of privacy, a longitudinal case study representing the launch of Facebook’s social Ads programme was conducted to investigate the phenomenon of privacy leakage within its real-life setting. A qualitative user blogs commentary was collected between November 2007 and December 2010 during the two-stage launch of the social Ads programme. Grounded theory data analysis procedures were used to analyse users’ blog postings. The resulting taxonomy shows that business integrity, user control, transparency, data protection breaches, automatic information broadcast and information leak are the core privacy leakage concerns of Facebook users. Privacy leakage concerns suggest three limits, or levels: organisational, user and legal, which provide the basis to understanding the nature and scope of the exploitation of SNS users’ data for commercial purposes. The case study reported herein is novel, as existing empirical research has not identified and analysed privacy leakage concerns of Facebook users.
28
Gopisetty, Yugandhar. "A study of online users' cyber threat awareness and their use of threat countermeasures." Thesis, Umeå universitet, Institutionen för informatik, 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:umu:diva-115918.
Повний текст джерелаАнотація:
The internet has permeated the lives of the modern men in more respects than can be tabulated simply. The ease of access to online shopping, social networking, simplified communication, etc. make the internet a modern panacea for a number of problems. However, the internet also opens up avenues that expose the user to vulnerabilities at the hand of hackers and malicious software coders. The use of the internet to exchange personal and fiscal information makes attacks all the more inviting. This is compounded by the fact that most online users are unaware of threats that affect them on a daily basis and how to protect themselves against such threats. Despite the fact that the level of awareness of the contemporary cyber threats, has significantly increased among online users within the last few years, there is a growing need to improve the efficiency and effectiveness of the countermeasures currently being used. Fortunately, there are a number of Human Computer Interaction (HCI) principles that can effectively be used to enhance online user interaction and reduce internet security threats.
29
Borger, Sharon C. "Attentional bias for threat information and anxiety sensitivity in a nonclinical sample." Thesis, National Library of Canada = Bibliothèque nationale du Canada, 2000. http://www.collectionscanada.ca/obj/s4/f2/dsk2/ftp01/MQ56112.pdf.
Повний текст джерела
30
Chambers, Cortney M. "Sharing of Threat-Related Information Among Public Safety Agencies in Honolulu, Hawaii." ScholarWorks, 2019. https://scholarworks.waldenu.edu/dissertations/7615.
Повний текст джерелаАнотація:
There is a lack of knowledge regarding how public safety organizations communicate threat-related information at the local level. The purpose of this qualitative exploratory case study was to explore the benefits and challenges of sharing threat-related information between public safety agencies (law enforcement, fire services, emergency medical services, and public health) in Honolulu, Hawaii. The conceptual framework for the study was general systems theory. The sample for this study was a subset of 13 individuals from the larger population of approximately 50 subject matter experts who worked within four public safety agencies and had extensive experience analyzing and sharing threat-related information. Purposeful sampling was utilized for the study. Data were collected through in-depth interviews. The findings of this study clearly identified several important themes related to sharing threat-related information between local public safety organizations: information flow, collaboration, participation with the state fusion center, and the complexity of sharing confidential information. I found that Honolulu public safety agencies are currently communicating through information flow within and between organizations; however, this flow of information is intermittent. I also found that threat-related information often contains highly protected, or law enforcement sensitive information, and is difficult to share between agencies. Inadequate threat-related information sharing and poor collaboration among local public safety agencies may put the public at increased risk from violent attacks. The results of this study contribute to positive social change by identifying the benefits and challenges of sharing threat-related information between local public safety agencies.
31
Fellner, Gerlinde, Rupert Sausgruber, and Christian Traxler. "Testing Enforcement Strategies in the Field: Threat, Moral Appeal and Social Information." Wiley, 2013. http://dx.doi.org/10.1111/jeea.12013.
Повний текст джерелаАнотація:
We run a large-scale natural field experiment to evaluate alternative strategies to enforce
compliance with the law. The experiment varies the text of mailings sent to potential evaders
of TV license fees. We find a strong effect of mailings, leading to a substantial increase in
compliance. Among different mailings, a threat treatment which makes a high detection risk
salient has a significant deterrent effect. Neither appealing to morals nor imparting information about others' behavior enhances compliance on aggregate. However, the information condition has a weak positive effect in municipalities where evasion is believed to be common. (authors' abstract)
32
Preston, Jennifer Leigh. "Is attentional bias towards threat a hallmark of chronic worry?" Columbus, Ohio : Ohio State University, 2006. http://rave.ohiolink.edu/etdc/view?acc%5Fnum=osu1153692231.
Повний текст джерела
33
McMillan, Elaine S. "Processing Social Information: An Investigation of the Modification of Attentional Biases in Social Anxiety." Fogler Library, University of Maine, 2008. http://www.library.umaine.edu/theses/pdf/McMillanES2008.pdf.
Повний текст джерела
34
Adewopo, Victor A. "Exploring Open Source Intelligence for cyber threat Prediction." University of Cincinnati / OhioLINK, 2021. http://rave.ohiolink.edu/etdc/view?acc_num=ucin162491804723753.
Повний текст джерела
35
Tittle, Jacob. "Potable Water Leakage Prediction and Detection using Geospatial Analysis." Digital Commons @ East Tennessee State University, 2019. https://dc.etsu.edu/etd/3663.
Повний текст джерелаАнотація:
Due to increasing water treatment costs and conservation needs, traditional water loss analysis and acoustic leak detection methods are becoming heavily scrutinized by water utilities. This study explores water loss in Johnson City, Tennessee and how geospatial data analysis techniques improve water loss mitigation. This project uses sample water system pressure data and ordinary kriging spatial interpolation methods to identify leakage areas for further investigation. Analysis of existing geographic information system (GIS) water utility datasets with interpolated hydraulic grade values at sample water pressure points produce manageable survey areas that pinpoint areas with possible water leakage. Field detection methods, including ground-penetrating radar (GPR) and traditional acoustic methods, are employed to verify leakage predictions. Ten leakage areas are identified and verified using traditional acoustic detection methods, work order research, and GPR. The resulting data show that spatial analysis coupled with geospatial analysis of field pressure information improves water loss mitigation.
36
Naryshkin, Konstantin. "Study on the Leakage of Private User Information Via a Range of Popular Websites." Digital WPI, 2010. https://digitalcommons.wpi.edu/etd-theses/1145.
Повний текст джерелаАнотація:
"On the modern web, many sites have third party content, be it through maps, embedded objects, ads, or through other types. Users pay little attention to the source of this content since it is such a common occurrence. Unfortunately, this content can be an avenue for third parties to discover private information about the user. Previous work has found these types of leaks in social networking sites. By logging headers during the usage of 120 sites across 12 major categories, we were able to find leakage of a user’s private information occurring on many other types of popular web sites. We found leakage on 75% of the sites we looked at and at least one instance in each of the categories. Based on the leaks we found, we propose a classification of the types of leakage that can occur via the HTTP header and use this system to analyze our results."
37
Silva, Ana Teresa Maia. "Commoditization: a threat or an opportunity?: a case study on IBM." Master's thesis, NSBE - UNL, 2014. http://hdl.handle.net/10362/11810.
Повний текст джерелаАнотація:
A Work Project, presented as part of the requirements for the Award of a Masters Degree in Management from the NOVA – School of Business and EconomicsThe purpose of this work project is to analyze the concept of commoditization in the information technology industry (IT). It is based on a case study that describes how IBM, a successful company for more than seventy years, was affected by the commoditization of the personal computer segment in the early 1990s and the strategic transformation undertook by the company to overcome this problem. Furthermore, it is also emphasized IBM’s decisions to exit commoditized segments and to shift its portfolio towards services and software, due to their major contribution in bringing the company back to its leading position in the marketplace.
38
Smith, Matthew N. "Developing a reliable methodology for assessing the computer network operations threat of Iran." Thesis, Monterey, California. Naval Postgraduate School, 2005. http://hdl.handle.net/10945/2065.
Повний текст джерелаАнотація:
This thesis is part of a project at the Naval Postgraduate School to assess the Computer Network Operations (CNO) threat of foreign countries. CNO consists of Computer Network Attack (CNA), Computer Network Exploitation (CNE), and Computer Network Defense (CND). Threats to the nation's critical infrastructures come from an adversary using CNA and CNE to degrade, deny or destroy access to the information systems they depend upon. Defensive capabilities are also addressed since exploitation, attack, and defense are inherently related. The result of a successful cyber-attack upon these critical infrastructures has the potential to cripple a country's communications and other vital services, economic well-being, and defensive capabilities. The goal of this thesis is to develop a methodology for assessing the CNO threat of Iran. The methodology is based on open sources that can supplement classified information acquired by the intelligence community.
39
Jefford-Baker, Jonathan. "ALCOL : Probabilistic Threat Modelling of the Amazon Elastic Container Service Domain." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-261421.
Повний текст джерелаАнотація:
Cloud computing is becoming an increasingly popular computation model for IT-infrastructures which has changed the notion of computing resources. Another concept that has become popular is containers which provides the capability to run applications isolated from each other while sharing the host’s operating system kernel. These two concepts have been combined to run containerised environments in the cloud, a cloud service type which has become popular among customers. The increased deployment of IT-infrastructures built on cloud environments running containers results in an increased exposure to cyber attacks within this domain which requires that proper security measures are taken. Assessing the security of a system can, however, be difficult. Attack simulations can be used to provide an overview of how an adversary can attack the system to simplify this task. This thesis proposes a probabilistic threat modelling language which can be used to simulate attacks against infrastructures based on Amazon Elastic Container Service (ECS), a cloud service provided by Amazon Web Services which allow customers to run containerised applications in the cloud. The language, called ALCOL (Amazon eLastic COntainer Language), is based on the Meta Attack Language and the domain-specific language AWSLang. The language was developed using multiple literature studies to discover the different components in Amazon ECS that should be modelled in the language, as well as the different attacks possible to perform against Amazon ECS infrastructures. The language was evaluated using test cases representing different attack scenarios and also through an interview with a domain expert. The developed language is able to accurately simulate cyber attacks against Amazon ECS infrastructures, although with some limitations, which lead to propositions for future research.Molntjänster blir en alltmer populär beräkningsmodell för IT-infrastrukturer vilket har ändrat uppfattningen kring innebörden av beräkningsresurser. Ett annat koncept som blivit populärt är containers vilket möjliggör exekvering av applikationer som är isolerade från varandra trots att de båda använder värddatorns operativsystemkärna. Dessa två koncept har blivit kombinerade till att exekvera containermiljöer i molnet, en molntjänst som blivit populär bland kunder. Den ökade driftsättningen av IT-infrastrukturer baserade på molnmiljöer som exekverar containers resulterar i en ökad exponering mot cyberattacker inom denna domän vilket kräver lämpliga säkerhetsåtgärder. Att bedöma säkerheten i ett system kan däremot vara svårt. Attacksimuleringar kan användas för att förenkla denna process genom att ge en överblick av hur en attackerare kan attackera systemet. Detta examensarbete presenterar ett probabilistiskt hotmodelleringsspråk som kan användas för att simulera attacker mot infrastrukturer baserade på Amazon Elastic Container Service (ECS), en molntjänst som tillhandahålls av Amazon Web Services som möjliggör för användare att exekvera applikationer i containers i molnet. Språket, som kallas ALCOL (Amazon eLastic COntainer Language), är baserat på Meta Attack Language och det domänspecifika språket AWSLang. Språket utvecklades genom att flera litteraturstudier gjordes för att undersöka vilka komponenter i Amazon ECS som skulle modelleras i språket samt för att hitta alla attacker som kan utföras mot infrastrukturer baserade på Amazon ECS. Språket evaluerades genom testfall som representerade olika attackscenarion samt genom en intervju med en domänexpert. Det utvecklade språket kan på ett korrekt sätt simulera cyberattacker mot infrastrukturer baserade på Amazon ECS, dock med vissa begränsningar, vilket resulterade i förslag på framtida forskning.
40
Balsom, Rodney V. "Information processing of health threat stimuli in the individuals high in negative affectivity." Thesis, National Library of Canada = Bibliothèque nationale du Canada, 1999. http://www.collectionscanada.ca/obj/s4/f2/dsk1/tape10/PQDD_0004/NQ42494.pdf.
Повний текст джерела
41
Fraunholz, Daniel [Verfasser]. "The Deceptive Angle: Threat Intelligence and Resiliency for Industrial Information Assurance / Daniel Fraunholz." München : Verlag Dr. Hut, 2019. http://d-nb.info/1194288707/34.
Повний текст джерела
42
Castillo, Alfred. "Respondent Perceived Threat During the Information Systems Requirements Determination Process: Understanding and Mitigation." FIU Digital Commons, 2017. https://digitalcommons.fiu.edu/etd/3549.
Повний текст джерелаАнотація:
Requirements determination is a critical driver in a successful software development process. Despite decades of research prescribing various software development methodologies, intended to aid in achieving an eventual convergence between the user’s mental models and an informationally equivalent representation that is codified within an information system, we can still attribute many of the deficiencies in software development projects to the improper or ineffective execution of the requirements determination process. This study draws on the user resistance, software development, and psychology literature to discuss how perceived threats by potential users and key respondents can result in sub-optimization of a proposed information system via reduction in the quality of their responses during the requirements gathering phase. A laboratory experiment was carried out to explore the sources and effects of various threat perceptions and the effectiveness of techniques intended to detect and mitigate such perceptions of threat. The results confirm that perception of threat does lead to a degradation in response quality, with perceived adaptability fully mediating the relationship. The findings on whether interviewer reassurance has a moderating effect on the relationship between threat and perceived adaptability had interesting results, which are discussed.
43
Forrester, Vivienne. "User Information Security Behavior in Professional Virtual Communities: A Technology Threat Avoidance Approach." Diss., NSUWorks, 2019. https://nsuworks.nova.edu/gscis_etd/1079.
Повний текст джерелаАнотація:
The popularization of professional virtual communities (PVCs) as a platform for people to share experiences and knowledge has produced a paradox of convenience versus security. The desire to communicate results in disclosure where users experience ongoing professional and social interaction. Excessive disclosure and unsecured user security behavior in PVCs increase users’ vulnerability to technology threats. Nefarious entities frequently use PVCs such as LinkedIn to launch digital attacks. Hence, users are faced with a gamut of technology threats that may cause harm to professional and personal lives. Few studies, however, have examined users’ information security behavior and their motivation to engage in technology threat avoidance behavior in a PVC.
This study tested a professional virtual community technology threat avoidance model empirically. The model was developed from the conceptualization of different aspects of the technology threat avoidance theory, social cognitive theory, and involvement theory through an integrated approach. This quantitative study employed a random sampling methodology. Prior to collecting data for the main study an expert panel review and a pilot study were conducted. A web-based survey designed with a 5-point Likert scale was distributed to 1285 LinkedIn members to gather self-reported data on users’ technology threat avoidance behavior. Confirmatory factor analysis (CFA) and structural equation modeling (SEM) were used to analyze the data gathered from 380 respondents.
The results of the data analysis revealed that perceived susceptibility, perceived severity, and information security knowledge sharing are strong predictors of avoidance motivation. Information security knowledge sharing had the most significant predicting effect on avoidance motivation in PVCs. Also, self-efficacy, group norms, and avoidance motivation all have a significant predicting effect on users’ information security avoidance behavior in PVCs. However, information security experience and safeguarding measure cost do not have a significant predicting effect on users’ information security avoidance motivation. This study makes significant contributions to the IS body of knowledge and has implications for practitioners and academics. This study offers a comprehensive model through the integration of behavioral and cognitive theories to better understand user information security behavior in PVCs. The model also identifies essential elements to motivate users to engage in technology threat avoidance behavior.
44
Magklaras, Georgios Vasilios. "An insider misuse threat detection and prediction language." Thesis, University of Plymouth, 2012. http://hdl.handle.net/10026.1/1024.
Повний текст джерелаАнотація:
Numerous studies indicate that amongst the various types of security threats, the problem of insider misuse of IT systems can have serious consequences for the health of computing infrastructures. Although incidents of external origin are also dangerous, the insider IT misuse problem is difficult to address for a number of reasons. A fundamental reason that makes the problem mitigation difficult relates to the level of trust legitimate users possess inside the organization. The trust factor makes it difficult to detect threats originating from the actions and credentials of individual users. An equally important difficulty in the process of mitigating insider IT threats is based on the variability of the problem. The nature of Insider IT misuse varies amongst organizations. Hence, the problem of expressing what constitutes a threat, as well as the process of detecting and predicting it are non trivial tasks that add up to the multi- factorial nature of insider IT misuse. This thesis is concerned with the process of systematizing the specification of insider threats, focusing on their system-level detection and prediction. The design of suitable user audit mechanisms and semantics form a Domain Specific Language to detect and predict insider misuse incidents. As a result, the thesis proposes in detail ways to construct standardized descriptions (signatures) of insider threat incidents, as means of aiding researchers and IT system experts mitigate the problem of insider IT misuse. The produced audit engine (LUARM – Logging User Actions in Relational Mode) and the Insider Threat Prediction and Specification Language (ITPSL) are two utilities that can be added to the IT insider misuse mitigation arsenal. LUARM is a novel audit engine designed specifically to address the needs of monitoring insider actions. These needs cannot be met by traditional open source audit utilities. ITPSL is an XML based markup that can standardize the description of incidents and threats and thus make use of the LUARM audit data. Its novelty lies on the fact that it can be used to detect as well as predict instances of threats, a task that has not been achieved to this date by a domain specific language to address threats. The research project evaluated the produced language using a cyber-misuse experiment approach derived from real world misuse incident data. The results of the experiment showed that the ITPSL and its associated audit engine LUARM provide a good foundation for insider threat specification and prediction. Some language deficiencies relate to the fact that the insider threat specification process requires a good knowledge of the software applications used in a computer system. As the language is easily expandable, future developments to improve the language towards this direction are suggested.
45
Brown, Christopher. "Developing a reliable methodology for assessing the computer network operations threat of North Korea." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2004. http://library.nps.navy.mil/uhtbin/hyperion/04Sept%5FBrown.pdf.
Повний текст джерела
46
Preston, Jennifer L. "Is attentional bias towards threat a hallmark of chronic worry?" The Ohio State University, 2006. http://rave.ohiolink.edu/etdc/view?acc_num=osu1153692231.
Повний текст джерела
47
Lambe, Erik. "Information Security Culture and Threat Perception : Comprehension and awareness of latent threats in organisational settings concerned with information security." Thesis, Uppsala universitet, Statsvetenskapliga institutionen, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-352263.
Повний текст джерелаАнотація:
A new challenge for organisations in the 21st century is how they should ensure information security in a time and environment where the widespread use of Information Communication Technologies (ICTs), such as smartphones, means that information has been made vulnerable in numerous new ways. Recent research on information security has focused on information security culture and how to successfully communicate security standards within an organisation. This study aims to examine how latent threats to information security are conceptualised and examined within an organisation in which information security is important. Since threats posed by ICTs are said to be latent, this study wishes to explore in what ways an inclusion of threat conceptualisation can have in understanding what constitutes an efficacious information security culture when the intention is to ensure information security. The study focuses on the Swedish armed forces, and compare how threats to information security posed by interaction with private ICTs are communicated in information security policies and how they are conceptualised by the members of the organisation. Through interviews conducted with service members, the findings of this study indicate that it is possible to successfully communicate the contents of information security policies without mandating the members of the organisation to read the sources themselves. Furthermore, the study identified a feature of information security culture, in this paper called supererogatory vigilance to threats to information security, which might be of interest for future studies in this area, since it offers adaptive protection to new threats to information security that goes beyond what the established sources protects against.
48
Li, Xin. "Computer viruses: The threat today and the expected future." Thesis, Linköping University, Department of Electrical Engineering, 2003. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-1998.
Повний текст джерелаАнотація:
This Master’s Thesis within the area computer security concerns ”Computer viruses: The threat today and the expected future”.
Firstly, the definitions of computer virus and the related threats are presented; Secondly, current situation of computer viruses are discussed, the working and spreading mechanisms of computer viruses are reviewed in details, simplistic attitude of computer world in computer virus defence is analyzed; Thirdly, today’s influencing factors for near future computer virus epidemics are explained, then it further predicts new possible types of computer viruses in the near future; Furthermore, currently available anti-virus technologies are analyzed concerning both advantages and disadvantages; Finally, new promising trends in computer virus defence are explored in details.
49
Ho, Zuleita, Eduard Jorswieck, and Sabrina Engelmann. "Information Leakage Neutralization for the Multi-Antenna Non-Regenerative Relay-Assisted Multi-Carrier Interference Channel." Saechsische Landesbibliothek- Staats- und Universitaetsbibliothek Dresden, 2013. http://nbn-resolving.de/urn:nbn:de:bsz:14-qucosa-121245.
Повний текст джерелаАнотація:
In heterogeneous dense networks where spectrum is shared, users' privacy remains one of the major challenges. On a multi-antenna relay-assisted multi-carrier interference channel, each user shares the spectral and spatial resources with all other users. When the receivers are not only interested in their own signals but also in eavesdropping other users' signals, the cross talk on the spectral and spatial channels becomes information leakage. In this paper, we propose a novel secrecy rate enhancing relay strategy that utilizes both spectral and spatial resources, termed as information leakage neutralization. To this end, the relay matrix is chosen such that the effective channel from the transmitter to the colluding eavesdropper is equal to the negative of the effective channel over the relay to the colluding eavesdropper and thus the information leakage to zero. Interestingly, the optimal relay matrix in general is not block-diagonal which encourages users' encoding over the frequency channels. We proposed two information leakage neutralization strategies, namely efficient information leakage neutralization (EFFIN) and local-optimized information leakage neutralization (LOPTIN). EFFIN provides a simple and efficient design of relay processing matrix and precoding matrices at the transmitters in the scenario of limited power and computational resources. LOPTIN, despite its higher complexity, provides a better sum secrecy rate performance by optimizing the relay processing matrix and the precoding matrices jointly. The proposed methods are shown to improve the sum secrecy rates over several state-of-the-art baseline methods.
50
Zhang, Hui. "Corporate governance, firm performance, and information leakage : an empirical analysis of the Chinese stock market." Thesis, University of Plymouth, 2012. http://hdl.handle.net/10026.1/922.
Повний текст джерелаАнотація:
The purpose of this thesis is to analyse the effect of corporate governance on firm performance and information leakage in the Chinese securities market. As one of the major emerging markets in the world, the results of this thesis are valuable not only to the Chinese market, but also to other emerging markets. To achieve this purpose, data is collected from most of the non-financial listed companies in the two Chinese stock exchanges, which are the Shanghai Stock Exchange and the Shenzhen Stock exchange. The data sample covers the period from 2004 to 2008, since there was a series of new reforms in the Chinese stock market at that time. These reforms include new legislation and the reduction of non-tradable shares. Then this thesis employs the panel technique and the pooled OLS to estimate the effect of corporate governance on firm performance and information leakage in Chinese listed companies. Firstly the relationship between corporate governance and firm performance in Chinese companies is empirically evaluated. The empirical results of this thesis find that the ownership structure of Chinese companies will affect their firm performance. In this thesis, proxies of ownership structure include the proportion of institutional ownership, the proportion of the state ownership, the proportion of shareholdings of the largest shareholder, and the proportion of tradable shares in Chinese companies. A greater proportion of institutional ownership has positive effects on firm performance in Chinese companies. Board subcommittees also help Chinese companies to increase firm performance. The market reforms of 2006 also help Chinese companies to increase their firm performance. However, the board of directors and board of supervisors do not affect firm performance in Chinese companies. Secondly, information leakage in the Chinese Stock Market is empirically assessed. If investors receive corporate material information before the public disclosure, this phenomenon is known as information leakage. The thesis finds that information leakage in the Chinese market is widespread. Finally, the thesis empirically examines the effects of corporate governance on information leakage in Chinese companies. Board subcommittees have negative effects on information leakage in Chinese companies. Other variables of corporate governance do not affect information leakage in Chinese companies. Additionally, the thesis finds that market reform promotes more information leakage in Chinese market. On the basis of the empirical results, the thesis provides the following recommendations. First, the Chinese Stock Market needs to reform the relevant legislation. Second, Chinese companies need to reform their ownership structure. These suggestions may strengthen the internal governance of Chinese listed companies, thereby, increasing firm performance and decrease information leakage.