subject:(computer hacking)

Deakin University

1. KHORSHED, TANZIM. Combating cyber attacks in cloud computing using machine learning techniques.

Degree: School of Information Technology, 2016, Deakin University

URL: http://hdl.handle.net/10536/DRO/DU:30089157

► An extensive investigative survey on Cloud Computing with the main focus on gaps that is slowing down Cloud adoption as well as reviewing the threat… (more)

Subjects/Keywords: Cloud computing; Computer networks; Computer hacking; Internet hosting services; Computer security

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

KHORSHED, T. (2016). Combating cyber attacks in cloud computing using machine learning techniques. (Thesis). Deakin University. Retrieved from http://hdl.handle.net/10536/DRO/DU:30089157

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

KHORSHED, TANZIM. “Combating cyber attacks in cloud computing using machine learning techniques.” 2016. Thesis, Deakin University. Accessed January 15, 2021. http://hdl.handle.net/10536/DRO/DU:30089157.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

KHORSHED, TANZIM. “Combating cyber attacks in cloud computing using machine learning techniques.” 2016. Web. 15 Jan 2021.

Vancouver:

KHORSHED T. Combating cyber attacks in cloud computing using machine learning techniques. [Internet] [Thesis]. Deakin University; 2016. [cited 2021 Jan 15]. Available from: http://hdl.handle.net/10536/DRO/DU:30089157.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

KHORSHED T. Combating cyber attacks in cloud computing using machine learning techniques. [Thesis]. Deakin University; 2016. Available from: http://hdl.handle.net/10536/DRO/DU:30089157

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

NSYSU

2. Tsai, Ju-han. Examine the Synergy Effect of Motivation, Morality, Deterrence, and Social Learning Perspectives to Intention of Computer Hacking -The Moderation Role of Severity Level.

Degree: Master, Information Management, 2010, NSYSU

URL: http://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0719110-162237

► Given that computer hacking cause huge loss among firms, itâs necessary to understand how individuals engage to commit it. Most of previous research on computer… (more)

Subjects/Keywords: Severity Level of Computer Hacking; Punishment Certainty; Punishment Severity; Moral Intensity; Social Learning Theory; Intrinsic Motivation; Computer Hacking; Extrinsic Motivation

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Tsai, J. (2010). Examine the Synergy Effect of Motivation, Morality, Deterrence, and Social Learning Perspectives to Intention of Computer Hacking -The Moderation Role of Severity Level. (Thesis). NSYSU. Retrieved from http://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0719110-162237

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Tsai, Ju-han. “Examine the Synergy Effect of Motivation, Morality, Deterrence, and Social Learning Perspectives to Intention of Computer Hacking -The Moderation Role of Severity Level.” 2010. Thesis, NSYSU. Accessed January 15, 2021. http://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0719110-162237.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Tsai, Ju-han. “Examine the Synergy Effect of Motivation, Morality, Deterrence, and Social Learning Perspectives to Intention of Computer Hacking -The Moderation Role of Severity Level.” 2010. Web. 15 Jan 2021.

Vancouver:

Tsai J. Examine the Synergy Effect of Motivation, Morality, Deterrence, and Social Learning Perspectives to Intention of Computer Hacking -The Moderation Role of Severity Level. [Internet] [Thesis]. NSYSU; 2010. [cited 2021 Jan 15]. Available from: http://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0719110-162237.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Tsai J. Examine the Synergy Effect of Motivation, Morality, Deterrence, and Social Learning Perspectives to Intention of Computer Hacking -The Moderation Role of Severity Level. [Thesis]. NSYSU; 2010. Available from: http://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0719110-162237

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

KTH

3. Sjödin, Andreas. The ADS-B protocol and its'weaknesses : Exploring potential attack vectors.

Degree: Electrical Engineering and Computer Science (EECS), 2020, KTH

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-280283

►

ADS-B är ett protokoll som används över hela världen för att piloter och flygledning ska få en bättre bild över trafiksituationen i luften.Tidigare studier… (more)

▼

ADS-B är ett protokoll som används över hela världen för att piloter och flygledning ska få en bättre bild över trafiksituationen i luften.Tidigare studier har uppmärksammat att säkerheten kring protokollet är bristfällig eftersom det saknas kryptering. Det huvudsakliga sårbarheten som finns i protokollet beror på att autentisering saknas. Protokollet är alltså byggt på ett blint förtroende mellan sändare och mottagare.Vårt arbete är inspirerat av tidigare forskning som gjorts inom området som bland annat visar att det går att skapa s.k. “spökflygplan” genom att sända falsk data över protokollet. Syftet bakom denna rapport var att utföra ett penetrationstest på en populär ADS-B produkt riktad mot piloter. Våra tester bygger på OSSTMM3, en vetenskaplig metod för att testa säkerhet.Våra tester visar att mottagaren som testade, inte helt oväntat, följer protokollet utan att validera data. Vi lyckades precis som tidigare forskare injicera statiska spökflygplan men också manipulera rörelsen av ett spökflygplan på ett sätt som strider mot fysikens rörelselagar. Våra tester visar att tjänsten som levereras av mottagaren kan störas ut genom att utföra liknande attacker.

The ADS-B protocol is currently in use all around the world. The purpose behind the protocol is to give pilots and traffic control a better picture of the situation in the air. Previous research shows that there exists a vulnerability in the protocol since it lacks authentication. The protocol is solely built upon trust between sender and receiver.Our work is inspired by previous studies made in the area, where it has been demonstrated that one can inject fake aircraft by sending fake ADS-B data using the protocol. The purpose behind this report was to perform a penetration test according to the OSSTMM3, a manual on how to perform scientific penetration tests.We wanted to test a real product (ADS-B receiver) made for pilots and measure if we could manipulate the environment presented to the pilot.Our testing shows that the receiver blindly trusts the protocol without any data validation. We managed to inject fake static aircraft just like previous researchers have done, but also move them around in the environment in a way that breaks the laws of physics and flood the device with fake data, effectively denying the service provided.Since we managed to deny the service, which is to give the user a correct picture of the nearby air traffic, we feel like our tests were successful.

Subjects/Keywords: ADS-B; Air Safety; Hacking; OSSTMM3; Pentesting;

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Sjödin, A. (2020). The ADS-B protocol and its'weaknesses : Exploring potential attack vectors. (Thesis). KTH. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-280283

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Sjödin, Andreas. “The ADS-B protocol and its'weaknesses : Exploring potential attack vectors.” 2020. Thesis, KTH. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-280283.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Sjödin, Andreas. “The ADS-B protocol and its'weaknesses : Exploring potential attack vectors.” 2020. Web. 15 Jan 2021.

Vancouver:

Sjödin A. The ADS-B protocol and its'weaknesses : Exploring potential attack vectors. [Internet] [Thesis]. KTH; 2020. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-280283.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Sjödin A. The ADS-B protocol and its'weaknesses : Exploring potential attack vectors. [Thesis]. KTH; 2020. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-280283

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Brunel University

4. Shanmugam, Karthikeyan. Validating digital forensic evidence.

Degree: PhD, 2011, Brunel University

URL: http://bura.brunel.ac.uk/handle/2438/7651 ; http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.582883

► This dissertation focuses on the forensic validation of computer evidence. It is a burgeoning field, by necessity, and there have been significant advances in the… (more)

Subjects/Keywords: 363.25; Security; Hacking; Computer vulnerability; Virus attack; Trojan horse attack

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Shanmugam, K. (2011). Validating digital forensic evidence. (Doctoral Dissertation). Brunel University. Retrieved from http://bura.brunel.ac.uk/handle/2438/7651 ; http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.582883

Chicago Manual of Style (16^th Edition):

Shanmugam, Karthikeyan. “Validating digital forensic evidence.” 2011. Doctoral Dissertation, Brunel University. Accessed January 15, 2021. http://bura.brunel.ac.uk/handle/2438/7651 ; http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.582883.

MLA Handbook (7^th Edition):

Shanmugam, Karthikeyan. “Validating digital forensic evidence.” 2011. Web. 15 Jan 2021.

Vancouver:

Shanmugam K. Validating digital forensic evidence. [Internet] [Doctoral dissertation]. Brunel University; 2011. [cited 2021 Jan 15]. Available from: http://bura.brunel.ac.uk/handle/2438/7651 ; http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.582883.

Council of Science Editors:

Shanmugam K. Validating digital forensic evidence. [Doctoral Dissertation]. Brunel University; 2011. Available from: http://bura.brunel.ac.uk/handle/2438/7651 ; http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.582883

5. Franklin, Paige; Adams, Ryan. What the hack is a hacker?.

Degree: 2019, James Madison University

URL: https://commons.lib.jmu.edu/honors201019/671

► The purpose of this study is to examine the historical tendencies and characteristics of hackers to create a holistic definition of what it means to… (more)

Subjects/Keywords: hack; hacker; hacking; computer science; programming; identity; Social and Behavioral Sciences

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Franklin, Paige; Adams, R. (2019). What the hack is a hacker?. (Masters Thesis). James Madison University. Retrieved from https://commons.lib.jmu.edu/honors201019/671

Chicago Manual of Style (16^th Edition):

Franklin, Paige; Adams, Ryan. “What the hack is a hacker?.” 2019. Masters Thesis, James Madison University. Accessed January 15, 2021. https://commons.lib.jmu.edu/honors201019/671.

MLA Handbook (7^th Edition):

Franklin, Paige; Adams, Ryan. “What the hack is a hacker?.” 2019. Web. 15 Jan 2021.

Vancouver:

Franklin, Paige; Adams R. What the hack is a hacker?. [Internet] [Masters thesis]. James Madison University; 2019. [cited 2021 Jan 15]. Available from: https://commons.lib.jmu.edu/honors201019/671.

Council of Science Editors:

Franklin, Paige; Adams R. What the hack is a hacker?. [Masters Thesis]. James Madison University; 2019. Available from: https://commons.lib.jmu.edu/honors201019/671

NSYSU

6. Wang, Yu-ching. A Study of Employee Unauthorized Computer Access Intention â An Integration of Neutralization, Differential Association and Containment Theory.

Degree: Master, Information Management, 2012, NSYSU

URL: http://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0817112-194405

► Unauthorized computer access by employees is the most common hacking behavior in every company. Hence, it is necessary to first understand why an employee engages… (more)

Subjects/Keywords: Differential Association Theory; Neutralization Theory; Unauthorized Computer Access; Containment Theory; Computer Hacking

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Wang, Y. (2012). A Study of Employee Unauthorized Computer Access Intention â An Integration of Neutralization, Differential Association and Containment Theory. (Thesis). NSYSU. Retrieved from http://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0817112-194405

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Wang, Yu-ching. “A Study of Employee Unauthorized Computer Access Intention â An Integration of Neutralization, Differential Association and Containment Theory.” 2012. Thesis, NSYSU. Accessed January 15, 2021. http://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0817112-194405.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Wang, Yu-ching. “A Study of Employee Unauthorized Computer Access Intention â An Integration of Neutralization, Differential Association and Containment Theory.” 2012. Web. 15 Jan 2021.

Vancouver:

Wang Y. A Study of Employee Unauthorized Computer Access Intention â An Integration of Neutralization, Differential Association and Containment Theory. [Internet] [Thesis]. NSYSU; 2012. [cited 2021 Jan 15]. Available from: http://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0817112-194405.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Wang Y. A Study of Employee Unauthorized Computer Access Intention â An Integration of Neutralization, Differential Association and Containment Theory. [Thesis]. NSYSU; 2012. Available from: http://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0817112-194405

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Arizona State University

7. Santana Marin, Ericsson. A Hacker-Centric Perspective to Empower Cyber Defense.

Degree: Computer Science, 2020, Arizona State University

URL: http://repository.asu.edu/items/57382

► Malicious hackers utilize the World Wide Web to share knowledge. Previous work has demonstrated that information mined from online hacking communities can be used as… (more)

▼ Malicious hackers utilize the World Wide Web to share knowledge. Previous work has demonstrated that information mined from online hacking communities can be used as precursors to cyber-attacks. In a threatening scenario, where security alert systems are facing high false positive rates, understanding the people behind cyber incidents can help reduce the risk of attacks. However, the rapidly evolving nature of those communities leads to limitations still largely unexplored, such as: who are the skilled and influential individuals forming those groups, how they self-organize along the lines of technical expertise, how ideas propagate within them, and which internal patterns can signal imminent cyber offensives? In this dissertation, I have studied four key parts of this complex problem set. Initially, I leverage content, social network, and seniority analysis to mine key-hackers on darkweb forums, identifying skilled and influential individuals who are likely to succeed in their cybercriminal goals. Next, as hackers often use Web platforms to advertise and recruit collaborators, I analyze how social influence contributes to user engagement online. On social media, two time constraints are proposed to extend standard influence measures, which increases their correlation with adoption probability and consequently improves hashtag adoption prediction. On darkweb forums, the prediction of where and when hackers will post a message in the near future is accomplished by analyzing their recurrent interactions with other hackers. After that, I demonstrate how vendors of malware and malicious exploits organically form hidden organizations on darkweb marketplaces, obtaining significant consistency across the vendors’ communities extracted using the similarity of their products in different networks. Finally, I predict imminent cyber-attacks correlating malicious hacking activity on darkweb forums with real-world cyber incidents, evidencing how social indicators are crucial for the performance of the proposed model. This research is a hybrid of social network analysis (SNA), machine learning (ML), evolutionary computation (EC), and temporal logic (TL), presenting expressive contributions to empower cyber defense.

Subjects/Keywords: Computer science; Artificial Intelligence; Cybersecurity; Darkweb; Machine Learning; Online Hacking Communities; Social Network Analysis

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Santana Marin, E. (2020). A Hacker-Centric Perspective to Empower Cyber Defense. (Doctoral Dissertation). Arizona State University. Retrieved from http://repository.asu.edu/items/57382

Chicago Manual of Style (16^th Edition):

Santana Marin, Ericsson. “A Hacker-Centric Perspective to Empower Cyber Defense.” 2020. Doctoral Dissertation, Arizona State University. Accessed January 15, 2021. http://repository.asu.edu/items/57382.

MLA Handbook (7^th Edition):

Santana Marin, Ericsson. “A Hacker-Centric Perspective to Empower Cyber Defense.” 2020. Web. 15 Jan 2021.

Vancouver:

Santana Marin E. A Hacker-Centric Perspective to Empower Cyber Defense. [Internet] [Doctoral dissertation]. Arizona State University; 2020. [cited 2021 Jan 15]. Available from: http://repository.asu.edu/items/57382.

Council of Science Editors:

Santana Marin E. A Hacker-Centric Perspective to Empower Cyber Defense. [Doctoral Dissertation]. Arizona State University; 2020. Available from: http://repository.asu.edu/items/57382

Rhodes University

8. Smit, Liam. Towards understanding and mitigating attacks leveraging zero-day exploits.

Degree: Faculty of Science, Computer Science, 2020, Rhodes University

URL: http://hdl.handle.net/10962/115718

► Zero-day vulnerabilities are unknown and therefore not addressed with the result that they can be exploited by attackers to gain unauthorised system access. In order… (more)

▼ Zero-day vulnerabilities are unknown and therefore not addressed with the result that they can be exploited by attackers to gain unauthorised system access. In order to understand and mitigate against attacks leveraging zero-days or unknown techniques, it is necessary to study the vulnerabilities, exploits and attacks that make use of them. In recent years there have been a number of leaks publishing such attacks using various methods to exploit vulnerabilities. This research seeks to understand what types of vulnerabilities exist, why and how these are exploited, and how to defend against such attacks by either mitigating the vulnerabilities or the method / process of exploiting them. By moving beyond merely remedying the vulnerabilities to defences that are able to prevent or detect the actions taken by attackers, the security of the information system will be better positioned to deal with future unknown threats. An interesting finding is how attackers exploit moving beyond the observable bounds to circumvent security defences, for example, compromising syslog servers, or going down to lower system rings to gain access. However, defenders can counter this by employing defences that are external to the system preventing attackers from disabling them or removing collected evidence after gaining system access. Attackers are able to defeat air-gaps via the leakage of electromagnetic radiation as well as misdirect attribution by planting false artefacts for forensic analysis and attacking from third party information systems. They analyse the methods of other attackers to learn new techniques. An example of this is the Umbrage project whereby malware is analysed to decide whether it should be implemented as a proof of concept. Another important finding is that attackers respect defence mechanisms such as: remote syslog (e.g. firewall), core dump files, database auditing, and Tripwire (e.g. SlyHeretic). These defences all have the potential to result in the attacker being discovered. Attackers must either negate the defence mechanism or find unprotected targets. Defenders can use technologies such as encryption to defend against interception and man-in-the-middle attacks. They can also employ honeytokens and honeypots to alarm misdirect, slow down and learn from attackers. By employing various tactics defenders are able to increase their chance of detecting and time to react to attacks, even those exploiting hitherto unknown vulnerabilities. To summarize the information presented in this thesis and to show the practical importance thereof, an examination is presented of the NSA's network intrusion of the SWIFT organisation. It shows that the firewalls were exploited with remote code execution zerodays. This attack has a striking parallel in the approach used in the recent VPNFilter malware. If nothing else, the leaks provide information to other actors on how to attack and what to avoid. However, by studying state actors, we can gain insight into what other actors with fewer resources can do in the future.

Subjects/Keywords: Computer crimes – Prevention; Data protection; Hacking; Computer security; Computer networks – Security measures; Computers – Access control; Malware (Computer software)

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Smit, L. (2020). Towards understanding and mitigating attacks leveraging zero-day exploits. (Thesis). Rhodes University. Retrieved from http://hdl.handle.net/10962/115718

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Smit, Liam. “Towards understanding and mitigating attacks leveraging zero-day exploits.” 2020. Thesis, Rhodes University. Accessed January 15, 2021. http://hdl.handle.net/10962/115718.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Smit, Liam. “Towards understanding and mitigating attacks leveraging zero-day exploits.” 2020. Web. 15 Jan 2021.

Vancouver:

Smit L. Towards understanding and mitigating attacks leveraging zero-day exploits. [Internet] [Thesis]. Rhodes University; 2020. [cited 2021 Jan 15]. Available from: http://hdl.handle.net/10962/115718.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Smit L. Towards understanding and mitigating attacks leveraging zero-day exploits. [Thesis]. Rhodes University; 2020. Available from: http://hdl.handle.net/10962/115718

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

KTH

9. Nilsson, Robin. Penetration testing of Android applications.

Degree: Electrical Engineering and Computer Science (EECS), 2020, KTH

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-280290

►

The market of Android applications is huge, and in 2019, Google Play users worldwide downloaded 84.3 billion mobile applications. With such a big user… (more)

▼

The market of Android applications is huge, and in 2019, Google Play users worldwide downloaded 84.3 billion mobile applications. With such a big user base, any security issues could have big negative impacts. That is why penetration testing of Android applications is important and it is also why Google has a bug bounty program where people can submit vulnerability reports on their most downloaded applications. The aim of the project was to assess the security of Android applications from the Google Play Security Reward Program by performing penetration tests on the applications. A threat model of Android applications was made where potential threats were identified. A choice was made to focus on the Spotify Application for Android where threats were given ratings based on risks associated with them in the context of the Spotify Application. Penetration tests were made where testing depth was determined by the ratings associated with the attacks.The results of the tests showed that the Spotify Application is secure, and no test showed any real possibility of exploiting the application. The perhaps biggest potential exploit found is a Denial of Service attack that can be made through a malicious application interacting with the Spotify application. The result doesn’t guarantee that the application isn’t penetrable and further testing is needed to give the result more reliability. The methods used in the project can however act as a template for further research into both Spotify and other Android applications.

Marknaden för Android applikationer är enorm och 2019 laddade Google Play användare ner 84.3 miljarder mobil-applikationer. Med en så stor användarbas kan potentiella säkerhetsproblem få stora negativa konsekvenser. Det är därför penetrationstest är viktiga och varför Google har ett bug bounty program där folk kan skicka in sårbarhetsrapporter för deras mest nedladdade applikationer. Målet med projektet är att bedöma säkerheten hos Android applikationer från Google Play Security Reward Program genom utförande av penetrationstester på applikationerna. En hotmodell över Android applikationer skapades, där potentiella hot identifierades. Ett val att fokusera på Spotify för Android gjordes, där hot gavs rankingar baserat på riskerna associerade med dem i kontexten av Spotify applikationen. Penetrationstest gjordes med testdjup avgjort av rankingarna associerade med attackerna.Resultatet av testen visade att Spotify applikationen var säker, och inga test visade på några riktiga utnyttjningsmöjligheter av applikationen. Den kanske största utnyttjningsmöjligheten som hittades var en Denial of Service-attack som kunde göras genom en illvillig applikation som interagerar med Spotify applikationen. Resultaten garanterar inte att applikationen inte är penetrerbar och fortsatt testande behövs för att ge resultatet mer trovärdighet. Metoderna som användes i projektet kan i alla fall agera som en mall för fortsatt undersökning av både Spotify såväl som andra Android applikationer.

Subjects/Keywords: Ethical hacking; penetration testing; Android application security; reverse engineering; threat modeling; Etisk hacking; penetrationstest; Android-applikationssäkerhet; baklängeskonstruktion; hotmodellering; Computer and Information Sciences; Data- och informationsvetenskap

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Nilsson, R. (2020). Penetration testing of Android applications. (Thesis). KTH. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-280290

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Nilsson, Robin. “Penetration testing of Android applications.” 2020. Thesis, KTH. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-280290.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Nilsson, Robin. “Penetration testing of Android applications.” 2020. Web. 15 Jan 2021.

Vancouver:

Nilsson R. Penetration testing of Android applications. [Internet] [Thesis]. KTH; 2020. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-280290.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Nilsson R. Penetration testing of Android applications. [Thesis]. KTH; 2020. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-280290

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Halmstad University

10. Türk, Jakob Lingaas. Comparing the relative efficacy of phishing emails.

Degree: Information Technology, 2020, Halmstad University

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-42392

►

This study aimed to examine if there was a difference in how likely a victim is to click on a phishing email’s links based… (more)

▼

This study aimed to examine if there was a difference in how likely a victim is to click on a phishing email’s links based on the content of the email, the tone and language used and the structure of the code. This likelihood also includes the email’s ability to bypass spam filters. Method: The method used to examine this was a simulated phishing attack. Six different phishing templates were created and sent out via the Gophish framework to target groups of students (from Halmstad University), from a randomized pool of 20.000 users. The phishing emails contained a link to a landing page (hosted via a virtual machine) which tracked user status. The templates were: Covid19 Pre-Attempt, Spotify Friendly CSS, Spotify Friendly Button, Spotify Aggressive CSS, Spotify Aggressive Button, Student Union. Results: Covid19 Pre-Attempt: 72.6% initial spam filter evasion, 45.8% spam filter evasion, 4% emails opened and 100% links clicked. Spotify Friendly CSS: 50% initial spam filter evasion, 38% spam filter evasion, 26.3% emails opened and 0% links clicked. Spotify Friendly Button: 59% initial spam filter evasion, 28.8% spam filter evasion, 5.8% emails opened and 0 %links clicked. Spotify Aggressive CSS: 50% initial spam filter evasion, 38% spam filter evasion, 10.5% emails opened, and 100% links clicked. Spotify Aggressive Button: 16% initial spam filter evasion, 25% spam filter evasion, 0% emails opened and 0% emails clicked. Student Union: 40% initial spam filter evasion, 75% spam filter evasion, 33.3% emails opened and 100% links clicked. Conclusion: Differently structured emails have different capabilities for bypassing spam filters and for deceiving users. Language and tone appears to affect phishing email efficacy; the results suggest that an aggressive and authoritative tone heightens a phishing email’s ability to deceive users, but seems to not affect its ability to bypass spam filters to a similar degree. Authenticity appears to affect email efficacy; the results showed a difference in deception efficacy if an email was structured like that of a genuine sender. Appealing to emotions such as stress and fear appears to increase the phishing email’s efficacy in deceiving a user.

Syftet med denna studie var att undersöka om det fanns en skillnad i hur troligt det är att ett offer klickar på länkarna till ett phishing-e-postmeddelande, baserat på innehållet i e-postmeddelandet, tonen och språket som används och kodens struktur. Denna sannolikhet inkluderar även e-postens förmåga att kringgå skräppostfilter. Metod: Metoden som användes var en simulerad phishing-attack. Sex olika phishing-mallar skapades och skickades ut via Gophish-ramverket till målgruppen bestående av studenter (från Halmstads universitet), från en slumpmässig pool med 20 000 användare. Phishing-e-postmeddelandena innehöll en…

Subjects/Keywords: Phishing; Spam Filter; Social engineering; ethical hacking; spam filter evasion; spear phishing; Phishing; Spam Filter; Social engineering; ethical hacking; spam filter evasion; spear phishing; Computer Systems; Datorsystem

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Türk, J. L. (2020). Comparing the relative efficacy of phishing emails. (Thesis). Halmstad University. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-42392

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Türk, Jakob Lingaas. “Comparing the relative efficacy of phishing emails.” 2020. Thesis, Halmstad University. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-42392.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Türk, Jakob Lingaas. “Comparing the relative efficacy of phishing emails.” 2020. Web. 15 Jan 2021.

Vancouver:

Türk JL. Comparing the relative efficacy of phishing emails. [Internet] [Thesis]. Halmstad University; 2020. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-42392.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Türk JL. Comparing the relative efficacy of phishing emails. [Thesis]. Halmstad University; 2020. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-42392

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Rochester Institute of Technology

11. Martin, Christopher. Digital image watermarking techniques.

Degree: Computer Engineering, 2000, Rochester Institute of Technology

URL: https://scholarworks.rit.edu/theses/648

► The ability to resolve ownership disputes and copyright infringement is difficult in the worldwide digital age. There is an increasing need to develop techniques that… (more)

Subjects/Keywords: Computer science; Digital data protection; File hacking; Watermarking

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Martin, C. (2000). Digital image watermarking techniques. (Thesis). Rochester Institute of Technology. Retrieved from https://scholarworks.rit.edu/theses/648

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Martin, Christopher. “Digital image watermarking techniques.” 2000. Thesis, Rochester Institute of Technology. Accessed January 15, 2021. https://scholarworks.rit.edu/theses/648.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Martin, Christopher. “Digital image watermarking techniques.” 2000. Web. 15 Jan 2021.

Vancouver:

Martin C. Digital image watermarking techniques. [Internet] [Thesis]. Rochester Institute of Technology; 2000. [cited 2021 Jan 15]. Available from: https://scholarworks.rit.edu/theses/648.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Martin C. Digital image watermarking techniques. [Thesis]. Rochester Institute of Technology; 2000. Available from: https://scholarworks.rit.edu/theses/648

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

KTH

12. Torgilsman, Christoffer. Ethical Hacking of a Robot Vacuum Cleaner.

Degree: Electrical Engineering and Computer Science (EECS), 2020, KTH

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-277918

►

This study revolves around the safety of IoT devices, more specifically how safe the robot vacuum cleaner Ironpie m6 is. The method is based… (more)

Subjects/Keywords: IoT; Ethical Hacking; Penetration testing; Threat Model; Security; DREAD; STRIDE; Encryption; MQTT; Ironpie m6; Computer and Information Sciences; Data- och informationsvetenskap

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Torgilsman, C. (2020). Ethical Hacking of a Robot Vacuum Cleaner. (Thesis). KTH. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-277918

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Torgilsman, Christoffer. “Ethical Hacking of a Robot Vacuum Cleaner.” 2020. Thesis, KTH. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-277918.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Torgilsman, Christoffer. “Ethical Hacking of a Robot Vacuum Cleaner.” 2020. Web. 15 Jan 2021.

Vancouver:

Torgilsman C. Ethical Hacking of a Robot Vacuum Cleaner. [Internet] [Thesis]. KTH; 2020. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-277918.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Torgilsman C. Ethical Hacking of a Robot Vacuum Cleaner. [Thesis]. KTH; 2020. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-277918

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

University of Debrecen

13. Eskaif, Nedal. Computer Security .

Degree: DE – Informatikai Kar, University of Debrecen

URL: http://hdl.handle.net/2437/233023

► With the rapid development of the enormous and frightening spread of information networks which turned the distances between countries and made it less and less… (more)

Subjects/Keywords: Computer Security; Viruses; Hacking; Hackers; malwares; ACL; SSL; Cryptograpgy

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Eskaif, N. (n.d.). Computer Security . (Thesis). University of Debrecen. Retrieved from http://hdl.handle.net/2437/233023

Note: this citation may be lacking information needed for this citation format:
No year of publication.
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Eskaif, Nedal. “Computer Security .” Thesis, University of Debrecen. Accessed January 15, 2021. http://hdl.handle.net/2437/233023.

Note: this citation may be lacking information needed for this citation format:
No year of publication.
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Eskaif, Nedal. “Computer Security .” Web. 15 Jan 2021.

Note: this citation may be lacking information needed for this citation format:
No year of publication.

Vancouver:

Eskaif N. Computer Security . [Internet] [Thesis]. University of Debrecen; [cited 2021 Jan 15]. Available from: http://hdl.handle.net/2437/233023.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation
No year of publication.

Council of Science Editors:

Eskaif N. Computer Security . [Thesis]. University of Debrecen; Available from: http://hdl.handle.net/2437/233023

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation
No year of publication.

KTH

14. Pettersson, Anders. Using Markov Decision Processes and Reinforcement Learning to Guide Penetration Testers in the Search for Web Vulnerabilities.

Degree: Electrical Engineering and Computer Science (EECS), 2019, KTH

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254642

►

Bug bounties are an increasingly popular way of performing penetration tests of web applications. User statistics of bug bounty platforms show that a lot… (more)

▼

Bug bounties are an increasingly popular way of performing penetration tests of web applications. User statistics of bug bounty platforms show that a lot of hackers struggle to find bugs. This report explores a way of using Markov decision processes and reinforcement learning to help hackers find vulnerabilities in web applications by building a tool that suggests attack surfaces to examine and vulnerability reports to read to get the relevant knowledge. The attack surfaces, vulnerabilities and reports are all derived from a taxonomy of web vulnerabilities created in a collaborating project. A Markov decision process (MDP) was defined, this MDP includes the environment, different states of knowledge and actions that can take a user from one state of knowledge to another. To be able to suggest the best possible next action to perform, the MDP uses a policy that describes the value of entering each state. Each state is given a value that is called Q-value. This value indicates how close that state is to another state where a vulnerability has been found. This means that a state has a high Q-value if the knowledge gives a user a high probability of finding a vulnerability and vice versa. This policy was created using a reinforcement learning algorithm called Q-learning. The tool was implemented as a web application using Java Spring Boot and ReactJS. The resulting tool is best suited for new hackers in the learning process. The current version is trained on the indexed reports of the vulnerability taxonomy but future versions should be trained on user behaviour collected from the tool.

Bug bounties är ett alltmer populärt sätt att utföra penetrationstester av webbapplikationer. Användarstatistik från bug bounty-plattformar visar att många hackare har svårt att hitta buggar. Denna rapport undersöker ett sätt att använda Markov-beslutsprocesser och förstärkt inlärning för att hjälpa hackare att hitta sårbarheter i webbapplikationer genom att bygga ett verktyg som föreslår attackytor att undersöka och sårbarhetsrapporter att läsa för att tillgodogöra sig rätt kunskaper. Attackytor, sårbarheter och rapporter är alla hämtade från en taxonomi över webbsårbarheter skapad i ett samarbetande projekt. En Markovbeslutsprocess (MDP) definierades. Denna MDP inkluderar miljön, olika kunskapstillstånd och handlingar som kan ta användaren från ett kunskapstillstånd till ett annat. För kunna föreslå nästa handling på bästa möjliga sätt använder MDPn en policy som beskriver värdet av att träda in i alla de olika tillstånden. Alla tillstånd ges ett värde som kallas Q-värde. Detta värde indikerar hur nära ett tillstånd har till ett annat tillstånd där en sårbarhet har hittats. Detta betyder att ett tillstånd har ett högt Q-värde om kunskapen ger användaren en hög sannolikhet att hitta en sårbarhet och vice versa. Policyn skapades med hjälp av en typ av förstärkt inlärningsalgoritm kallad Q-inlärning. Verktyget implementerades som en webbapplikation med hjälp av Java Spring Boot och ReactJS. Det resulterande verktyget är bäst…

Subjects/Keywords: Markov decision process; Reinforcement learning; Machine learning; Web vulnerabilities; Attack surfaces; Hacking; Bug Bounty; Computer and Information Sciences; Data- och informationsvetenskap

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Pettersson, A. (2019). Using Markov Decision Processes and Reinforcement Learning to Guide Penetration Testers in the Search for Web Vulnerabilities. (Thesis). KTH. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254642

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Pettersson, Anders. “Using Markov Decision Processes and Reinforcement Learning to Guide Penetration Testers in the Search for Web Vulnerabilities.” 2019. Thesis, KTH. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254642.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Pettersson, Anders. “Using Markov Decision Processes and Reinforcement Learning to Guide Penetration Testers in the Search for Web Vulnerabilities.” 2019. Web. 15 Jan 2021.

Vancouver:

Pettersson A. Using Markov Decision Processes and Reinforcement Learning to Guide Penetration Testers in the Search for Web Vulnerabilities. [Internet] [Thesis]. KTH; 2019. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254642.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Pettersson A. Using Markov Decision Processes and Reinforcement Learning to Guide Penetration Testers in the Search for Web Vulnerabilities. [Thesis]. KTH; 2019. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254642

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

KTH

15. Vitek, Viktor. Implementing a Nudge to Prevent Email Phishing.

Degree: Electrical Engineering and Computer Science (EECS), 2019, KTH

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-259403

►

Phishing is a reoccurring issue, which uses social engineering as an attack strategy. The prevention of these attacks is often content-based filters. These solutions… (more)

▼

Phishing is a reoccurring issue, which uses social engineering as an attack strategy. The prevention of these attacks is often content-based filters. These solutions are however not always perfect, and phishing emails can still be able to get through the filters. We suggest a new strategy to combat phishing. The strategy is a technical platform which uses the psychology concept nudge. Nudge is a concept that can be used to change a certain behaviour, in this case to make people more cautious when reading their emails.The objective of this thesis is to suggest a nudge using a technical platform regarding possible desensitization. The nudge aims to change email related behaviours to more healthy ones. To get indications if the nudge has benefits, a qualitative survey was made. When using a psychology-based solution, one must address the possibility of desensitization. To minimize possible desensitization, a quantitative analysis was made where different ways to minimize desensitization were assessed. Data for this analysis was gathered by a simulation modeling, where the simulation aimed to replicate a user performing email related events.The conclusion of the simulation results showed that a whitelist approach was the most appropriate for our nudge. The approach minimized the chance of possible desensitization while having a low risk of not performing a nudge when needed. The conclusion of the survey results was that there was an indication of behavioural change and that there existed a risk of possible desensitization.

Nätfiske är ett återkommande problem, som använder sig av social manipulation som attackstrategi. Försvar mot dessa attacker är ofta innehållsbaserade filter. Dessa lösningar är inte alltid perfekta, då nätfiske kan ibland gå förbi filterna. Vi föreslår en ny strategi för att bekämpa nätfiske. Strategin är en teknisk plattform som använder det psykologiska konceptet nudge. Nudge är ett koncept som kan användas för att ändra ett visst beteende, i detta fall för att göra människor mer försiktiga när de läser sina emails.Syftet med detta arbete är att föreslå en nudge i en teknisk plattform där man tar hänsyn till eventuell desensibilisering. Nudgens mål är att ändra emailrelaterade beteenden så att beteendena blir säkrare. En kvalitativ undersökning gjordes för att få indikationer om nudgen har möjliga fördelar. När man använder en psykologibaserad lösning så måste man ta itu med möjligheten av desensibilisering. En kvantitativ analys gjordes där olika sätt att minimera desensibilisering bedömdes, för att sedan kunna minimera desensibiliseringen. Data för denna analys samlades in genom en simuleringsmodellering, där simuleringens syfte var att replikera en användare som utför email-relaterade händelser.Slutsatsen av simuleringsresultaten visade att en whitelist-metod var den mest lämpliga för vår nudge. Metoden minimerade risken för möjlig desensibilisering, samtidigt som den hade en låg risk att inte utföra en nudge när det behövdes. Slutsatsen av undersökningsresultatet från enkäten var…

Subjects/Keywords: Hacking; Phishing; Social Engineering; Psychology; Nudge;

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Vitek, V. (2019). Implementing a Nudge to Prevent Email Phishing. (Thesis). KTH. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-259403

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Vitek, Viktor. “Implementing a Nudge to Prevent Email Phishing.” 2019. Thesis, KTH. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-259403.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Vitek, Viktor. “Implementing a Nudge to Prevent Email Phishing.” 2019. Web. 15 Jan 2021.

Vancouver:

Vitek V. Implementing a Nudge to Prevent Email Phishing. [Internet] [Thesis]. KTH; 2019. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-259403.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Vitek V. Implementing a Nudge to Prevent Email Phishing. [Thesis]. KTH; 2019. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-259403

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Brno University of Technology

16. Dostál, Otto. Právní aspekty boje proti počítačové trestné činnosti: Legal Aspects of Fighting Cybercrime.

Degree: 2020, Brno University of Technology

URL: http://hdl.handle.net/11012/195563

► The thesis deals with the topic of computer crime. Foremost, it demonstrates on an example of the operation of a medical image information processing system… (more)

Subjects/Keywords: Počítačová kriminalita; kyberkriminalita; právo; Úmluva o počítačové kriminalitě; hacking; detekce hrozeb; datový provoz; optické sítě; MeDiMed.; Computer crime; cybercrime; law; Convention on Cybercrime; hacking; thread detection; data traffic; optical networks; MeDiMed.

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Dostál, O. (2020). Právní aspekty boje proti počítačové trestné činnosti: Legal Aspects of Fighting Cybercrime. (Thesis). Brno University of Technology. Retrieved from http://hdl.handle.net/11012/195563

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Dostál, Otto. “Právní aspekty boje proti počítačové trestné činnosti: Legal Aspects of Fighting Cybercrime.” 2020. Thesis, Brno University of Technology. Accessed January 15, 2021. http://hdl.handle.net/11012/195563.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Dostál, Otto. “Právní aspekty boje proti počítačové trestné činnosti: Legal Aspects of Fighting Cybercrime.” 2020. Web. 15 Jan 2021.

Vancouver:

Dostál O. Právní aspekty boje proti počítačové trestné činnosti: Legal Aspects of Fighting Cybercrime. [Internet] [Thesis]. Brno University of Technology; 2020. [cited 2021 Jan 15]. Available from: http://hdl.handle.net/11012/195563.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Dostál O. Právní aspekty boje proti počítačové trestné činnosti: Legal Aspects of Fighting Cybercrime. [Thesis]. Brno University of Technology; 2020. Available from: http://hdl.handle.net/11012/195563

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

KTH

17. Galal, Daria. Security Test of iZettle's Reader 2 : A card terminal for safe payments?.

Degree: Electrical Engineering and Computer Science (EECS), 2020, KTH

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-277913

►

Ethical hacking and penetration testing are two methods often used when organizations and companies want to measure their level of information security, and find… (more)

▼

Ethical hacking and penetration testing are two methods often used when organizations and companies want to measure their level of information security, and find out if there are additional steps that can be taken in order to increase the security. This report describes a security test of the card terminal iZettle Reader 2, with the intention to examine its level of security based on the device’s frequent appearance in the society. The implementation is divided into three phases: prestudy and threat modelling, penetration testing and evaluation and conclusion of the security. The threat model was created using the two established models STRIDE & DREAD, which purpose is to identify the device’s various threats and attack vectors. From the threat model, a couple of attack vectors were selected to be penetration tested. By using conventional models and obtaining knowledge of common attacks such as Man-in-the-middle, Spoofing and Replay, the device and the payment solution could be tested with a systematical and reliable approach. A selection was made of the most prominent attack vectors, of which these were later tested; Man-in-the-middle of Bluetooth and HTTPS, and Reverse Engineering of the associated mobile application "iZettle Go". The result of the penetration tests indicated that the security around the device and surrounding systems is strong, but that it can be further supplemented with a couple of actions like certificate pinning and mutual authentication when communicating with TLS, as well as a more tamperproof software regarding the mobile application.

Etisk hackning och penetrationstestning är två metoder som ofta tillämpas i sammanhang när organisationer och företag vill mäta sin nivå av informationssäkerhet, samt även ta reda på om eventuella åtgärder kan tas för att stärka säkerheten. Denna rapport beskriver ett säkerhetstest av kortterminalen iZettle Reader 2, med syftet att undersöka dess nivå av säkerhet grundat på enhetens frekventa uppträdande i samhället. Genomförandet är uppdelat i tre faser: förstudie och hotmodellering, penetrationstestning samt utvärdering och avgörande av säkerheten. Hotmodellen skapades med hjälp av de två vedertagna modellerna STRIDE & DREAD, vars syfte är att identifiera enhetens olika hot och attackvektorer. Utifrån hotmodellen valdes några attackvektorer som sedan penetrationstestades. Genom att använda etablerade modeller samt erhålla kännedom om konventionella attacker såsom Man-in-the-middle, Spoofing och Replay, kunde man testa enheten och betallösningen med ett systematiskt och pålitligt tillvägagångssätt. Ett urval gjordes av de mest lovande attackvektorerna, varav dessa senare testades; Man-in-the-middle av Bluetooth och Wi-Fi samt Reverse Engineering av den tillhörande mobilapplikationen "iZettle Go". Resultatet av testerna påvisade en stark säkerhet gällande enheten och dess omgivande system, men att säkerheten kan kompletteras ytterligare med ett par olika åtgärder som certificate pinning och mutual authentication vid kommunikation med TLS,…

Subjects/Keywords: izettle reader; ethical hacking; threat modelling; penetration testing; bluetooth; https.; izettle reader; etisk hackning; hotmodellering; penetrationstestning; bluetooth; https.; Computer and Information Sciences; Data- och informationsvetenskap

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Galal, D. (2020). Security Test of iZettle's Reader 2 : A card terminal for safe payments?. (Thesis). KTH. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-277913

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Galal, Daria. “Security Test of iZettle's Reader 2 : A card terminal for safe payments?.” 2020. Thesis, KTH. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-277913.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Galal, Daria. “Security Test of iZettle's Reader 2 : A card terminal for safe payments?.” 2020. Web. 15 Jan 2021.

Vancouver:

Galal D. Security Test of iZettle's Reader 2 : A card terminal for safe payments?. [Internet] [Thesis]. KTH; 2020. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-277913.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Galal D. Security Test of iZettle's Reader 2 : A card terminal for safe payments?. [Thesis]. KTH; 2020. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-277913

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Linnaeus University

18. Akkaya, Deniz. Honeypots in network security.

Degree: Physics and Mathematics, 2010, Linnaeus University

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-6600

► Day by day, more and more people are using internet all over the world. It is becoming apart of everyone’s life. People are checking… (more)

Subjects/Keywords: Honeypot; hacking; security; forensic analysis of honeypots; network; Computer Sciences; Datavetenskap (datalogi)

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Akkaya, D. (2010). Honeypots in network security. (Thesis). Linnaeus University. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-6600

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Akkaya, Deniz. “Honeypots in network security.” 2010. Thesis, Linnaeus University. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-6600.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Akkaya, Deniz. “Honeypots in network security.” 2010. Web. 15 Jan 2021.

Vancouver:

Akkaya D. Honeypots in network security. [Internet] [Thesis]. Linnaeus University; 2010. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-6600.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Akkaya D. Honeypots in network security. [Thesis]. Linnaeus University; 2010. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-6600

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Halmstad University

19. Axelsson, Andreas. Bluetoothsäkerhet, neglegerad eller (o)kunskap.

Degree: Information Technology, 2019, Halmstad University

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-40131

► Under 2017 hittades sårbarheten Blueborne som gjorde att en person kunde ta sig in i mobiltelefoner eller datorer helt obemärkt genom att enheten endast… (more)

Subjects/Keywords: Bluetooth; IT security; security; investigation; vulnerability; eavesdropping; hacking; Bluetooth; it-säkerhet; säkerhet; undersökning; sårbarhet; avlyssning; hack; Computer and Information Sciences; Data- och informationsvetenskap

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Axelsson, A. (2019). Bluetoothsäkerhet, neglegerad eller (o)kunskap. (Thesis). Halmstad University. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-40131

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Axelsson, Andreas. “Bluetoothsäkerhet, neglegerad eller (o)kunskap.” 2019. Thesis, Halmstad University. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-40131.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Axelsson, Andreas. “Bluetoothsäkerhet, neglegerad eller (o)kunskap.” 2019. Web. 15 Jan 2021.

Vancouver:

Axelsson A. Bluetoothsäkerhet, neglegerad eller (o)kunskap. [Internet] [Thesis]. Halmstad University; 2019. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-40131.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Axelsson A. Bluetoothsäkerhet, neglegerad eller (o)kunskap. [Thesis]. Halmstad University; 2019. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-40131

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

East Tennessee State University

20. Cui, Zhiqiang. Security Incidents in an Academic Setting: A Case Study.

Degree: MS, Computer and Information Science, 2002, East Tennessee State University

URL: https://dc.etsu.edu/etd/664

► Academic institutes' networks, like commercial networks, have confidential and valuable information that attracts hackers. From 6 October 2000 to 29 March 2001, the authors… (more)

Subjects/Keywords: Security; Attack; Hacking; Probe; Hack; Computer Sciences; Physical Sciences and Mathematics

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Cui, Z. (2002). Security Incidents in an Academic Setting: A Case Study. (Thesis). East Tennessee State University. Retrieved from https://dc.etsu.edu/etd/664

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Cui, Zhiqiang. “Security Incidents in an Academic Setting: A Case Study.” 2002. Thesis, East Tennessee State University. Accessed January 15, 2021. https://dc.etsu.edu/etd/664.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Cui, Zhiqiang. “Security Incidents in an Academic Setting: A Case Study.” 2002. Web. 15 Jan 2021.

Vancouver:

Cui Z. Security Incidents in an Academic Setting: A Case Study. [Internet] [Thesis]. East Tennessee State University; 2002. [cited 2021 Jan 15]. Available from: https://dc.etsu.edu/etd/664.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Cui Z. Security Incidents in an Academic Setting: A Case Study. [Thesis]. East Tennessee State University; 2002. Available from: https://dc.etsu.edu/etd/664

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

KTH

21. Gran, Tommie Höglund. Hacking a Commercial Drone.

Degree: Electrical Engineering and Computer Science (EECS), 2020, KTH

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-284573

►

Obemannade luftfarkoster, även kallade drönare, är del av IoT-revolutionen och har uppmärksammats de senaste åren på grund av integritetsfrågor såväl som flygplats- och militär… (more)

▼

Obemannade luftfarkoster, även kallade drönare, är del av IoT-revolutionen och har uppmärksammats de senaste åren på grund av integritetsfrågor såväl som flygplats- och militär säkerhet. Då de kan flyga samt har implementerat en ökande mängd teknologi, särskilt kamera och annan övervakning, är de attraktiva måltavlor för hackers och penetrationstestare. Ett antal attacker har genomförts i närtid. I detta examensarbete utforskas och attackeras drönaren Parrot ANAFI genom att använda hotmodellering ur ett black box-perspektiv. Hotmodelleringen inkluderar hotidentifiering med STRIDE samt riskvärdering med DREAD. Inga stora svagheter i systemet hittades. Rapporten visar att tillverkaren har en stor säkerhetsmedvetenhet. Exempel på denna medvetenhet är att tidigare rapporterade svagheter har åtgärdats och programkoden har förvrängts. Metoderna och de funna resultaten kan användas för att vidare utforska svagheter i drönare och liknande IoT-enheter.

Unmanned aerial vehicles, commonly known as drones, are part of the IoT revolution and have gotten some attention in recent years due to privacy violation issues as well as airport and military security. Since they can fly and have an increasing amount of technology implemented, especially camera and other surveillance, they are attractive targets for hackers and penetration testers. A number of attacks have been carried out over the years. In this thesis the Parrot ANAFI drone is explored and attacked using threat modeling from a black box perspective. The threat modeling includes identifying threats with STRIDE and assessing risks with DREAD. Major vulnerabilities in the system were not found. This report shows that the manufacturer has a high security awareness. Examples of this awareness are that previously reported vulnerabilities have been mitigated and firmware code has been obfuscated. The methods used and results found could be used to further explore vulnerabilities in drones and similar IoT devices.

Subjects/Keywords: ethical hacking; internet of things; penetration testing; threat modeling; unmanned aerial vehicle; etisk hackning; hotmodellering; obemannad luftfarkost; penetrationstestning; sakernas internet; Computer and Information Sciences; Data- och informationsvetenskap

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Gran, T. H. (2020). Hacking a Commercial Drone. (Thesis). KTH. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-284573

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Gran, Tommie Höglund. “Hacking a Commercial Drone.” 2020. Thesis, KTH. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-284573.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Gran, Tommie Höglund. “Hacking a Commercial Drone.” 2020. Web. 15 Jan 2021.

Vancouver:

Gran TH. Hacking a Commercial Drone. [Internet] [Thesis]. KTH; 2020. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-284573.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Gran TH. Hacking a Commercial Drone. [Thesis]. KTH; 2020. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-284573

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

University of South Africa

22. Njotini, Mzukisi Niven. E-crimes and e-authentication - a legal perspective .

Degree: 2016, University of South Africa

URL: http://hdl.handle.net/10500/21720

► E-crimes continue to generate grave challenges to the ICT regulatory agenda. Because e-crimes involve a wrongful appropriation of information online, it is enquired whether information… (more)

▼ E-crimes continue to generate grave challenges to the ICT regulatory agenda. Because e-crimes involve a wrongful appropriation of information online, it is enquired whether information is property which is capable of being stolen. This then requires an investigation to be made of the law of property. The basis for this scrutiny is to establish if information is property for purposes of the law. Following a study of the Roman-Dutch law approach to property, it is argued that the emergence of an information society makes real rights in information possible. This is the position because information is one of the indispensable assets of an information society. Given the fact that information can be the object of property, its position in the law of theft is investigated. This study is followed by an examination of the conventional risks that ICTs generate. For example, a risk exists that ICTs may be used as the object of e-crimes. Furthermore, there is a risk that ICTs may become a tool in order to appropriate information unlawfully. Accordingly, the scale and impact of e-crimes is more than those of the offline crimes, for example theft or fraud. The severe challenges that ICTs pose to an information society are likely to continue if clarity is not sought regarding: whether ICTs can be regulated or not, if ICTs can be regulated, how should an ICT regulatory framework be structured? A study of the law and regulation for regulatory purposes reveals that ICTs are spheres where regulations apply or should apply. However, better regulations are appropriate in dealing with the dynamics of these technologies. Smart-regulations, meta-regulations or reflexive regulations, self-regulations and co-regulations are concepts that support better regulations. Better regulations enjoin the regulatory industries, for example the state, businesses and computer users to be involved in establishing ICT regulations. These ICT regulations should specifically be in keeping with the existing e-authentication measures. Furthermore, the codes-based theory, the Danger or Artificial Immune Systems (the AIS) theory, the Systems theory and the Good Regulator Theorem ought to inform ICT regulations. The basis for all this should be to establish a holistic approach to e-authentication. This approach must conform to the Precautionary Approach to E-Authentication or PAEA. PAEA accepts the importance of legal rules in the ICT regulatory agenda. However, it argues that flexible regulations could provide a suitable framework within which ICTs and the ICT risks are controlled. In addition, PAEA submit that a state should not be the single role-player in ICT regulations. Social norms, the market and nature or architecture of the technology to be regulated are also fundamental to the ICT regulatory agenda. Advisors/Committee Members: Kroeze, Irma Johanna (advisor), Kritzinger, E (advisor).

Subjects/Keywords: Biometric characters; Computer hacking; Distributed denial of service (DDoS) attacks; E-authentication; Furtum,; ICT regulation; ID fraud; ID theft; Information or computer systems; Larceny; Man-in-the-middle attacks; Phishing; Precautionary principle and user characters; ICTs; PAEAN

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Njotini, M. N. (2016). E-crimes and e-authentication - a legal perspective . (Doctoral Dissertation). University of South Africa. Retrieved from http://hdl.handle.net/10500/21720

Chicago Manual of Style (16^th Edition):

Njotini, Mzukisi Niven. “E-crimes and e-authentication - a legal perspective .” 2016. Doctoral Dissertation, University of South Africa. Accessed January 15, 2021. http://hdl.handle.net/10500/21720.

MLA Handbook (7^th Edition):

Njotini, Mzukisi Niven. “E-crimes and e-authentication - a legal perspective .” 2016. Web. 15 Jan 2021.

Vancouver:

Njotini MN. E-crimes and e-authentication - a legal perspective . [Internet] [Doctoral dissertation]. University of South Africa; 2016. [cited 2021 Jan 15]. Available from: http://hdl.handle.net/10500/21720.

Council of Science Editors:

Njotini MN. E-crimes and e-authentication - a legal perspective . [Doctoral Dissertation]. University of South Africa; 2016. Available from: http://hdl.handle.net/10500/21720

Youngstown State University

23. Steh, Stephen R. Unauthorized Access Crimes.

Degree: MSin Criminal Justice, Department of Criminal Justice, 2009, Youngstown State University

URL: http://rave.ohiolink.edu/etdc/view?acc_num=ysu1254939817

► This paper examines the concept of unauthorized access crimes statutes in the fifty states and the federal system in order to determine the concept of… (more)

Subjects/Keywords: Computer Science; Criminology; Law; Technology; computer crime; hacking; unauthorized access; legislation and case law

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Steh, S. R. (2009). Unauthorized Access Crimes. (Masters Thesis). Youngstown State University. Retrieved from http://rave.ohiolink.edu/etdc/view?acc_num=ysu1254939817

Chicago Manual of Style (16^th Edition):

Steh, Stephen R. “Unauthorized Access Crimes.” 2009. Masters Thesis, Youngstown State University. Accessed January 15, 2021. http://rave.ohiolink.edu/etdc/view?acc_num=ysu1254939817.

MLA Handbook (7^th Edition):

Steh, Stephen R. “Unauthorized Access Crimes.” 2009. Web. 15 Jan 2021.

Vancouver:

Steh SR. Unauthorized Access Crimes. [Internet] [Masters thesis]. Youngstown State University; 2009. [cited 2021 Jan 15]. Available from: http://rave.ohiolink.edu/etdc/view?acc_num=ysu1254939817.

Council of Science Editors:

Steh SR. Unauthorized Access Crimes. [Masters Thesis]. Youngstown State University; 2009. Available from: http://rave.ohiolink.edu/etdc/view?acc_num=ysu1254939817

24. Rosado Murillo, Luis Felipe. Transnationality, Morality, and Politics of Computing Expertise.

Degree: Anthropology, 2015, UCLA

URL: http://www.escholarship.org/uc/item/2rd8656g

► In this dissertation I examine the alterglobalization of computer expertise with a focus on the creation of political, economic, moral, and technical ties among computer… (more)

Subjects/Keywords: Cultural anthropology; computer hacking; expertise; free software; morality; open hardware; transnationality

…hacking today? Why is this question worth asking from an anthropological perspective? Computer… …CHAPTER 4. Imagined Spaces and Convivial Places of Hacking… …expansion of information and communication infrastructures, computer expertise has become a… …practices, and moral orientations. This common rubric is that of “hacking” whose agent has been… …information and communication infrastructures brought invisible computer collectives to the…

4 more images…

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Rosado Murillo, L. F. (2015). Transnationality, Morality, and Politics of Computing Expertise. (Thesis). UCLA. Retrieved from http://www.escholarship.org/uc/item/2rd8656g

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Rosado Murillo, Luis Felipe. “Transnationality, Morality, and Politics of Computing Expertise.” 2015. Thesis, UCLA. Accessed January 15, 2021. http://www.escholarship.org/uc/item/2rd8656g.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Rosado Murillo, Luis Felipe. “Transnationality, Morality, and Politics of Computing Expertise.” 2015. Web. 15 Jan 2021.

Vancouver:

Rosado Murillo LF. Transnationality, Morality, and Politics of Computing Expertise. [Internet] [Thesis]. UCLA; 2015. [cited 2021 Jan 15]. Available from: http://www.escholarship.org/uc/item/2rd8656g.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Rosado Murillo LF. Transnationality, Morality, and Politics of Computing Expertise. [Thesis]. UCLA; 2015. Available from: http://www.escholarship.org/uc/item/2rd8656g

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

25. Bilan, Carolina. Säkerhetshot och lösningar för privatpersoner med bredband.

Degree: 2001, , Department of Software Engineering and Computer Science

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:bth-1491

► As more and more people gain access to broadband in their properties, the security threats get bigger. A lot more people also have computers… (more)

Subjects/Keywords: Bredband; Brandvägg; Säkerhet; Virus; Antivirus; Personlig Brandvägg; Hackning; Hackare; Broadband; Firewall; Security; Hacking; Hackers; Computer Sciences; Datavetenskap (datalogi)

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Bilan, C. (2001). Säkerhetshot och lösningar för privatpersoner med bredband. (Thesis). , Department of Software Engineering and Computer Science. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:bth-1491

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Bilan, Carolina. “Säkerhetshot och lösningar för privatpersoner med bredband.” 2001. Thesis, , Department of Software Engineering and Computer Science. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-1491.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Bilan, Carolina. “Säkerhetshot och lösningar för privatpersoner med bredband.” 2001. Web. 15 Jan 2021.

Vancouver:

Bilan C. Säkerhetshot och lösningar för privatpersoner med bredband. [Internet] [Thesis]. , Department of Software Engineering and Computer Science; 2001. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:bth-1491.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Bilan C. Säkerhetshot och lösningar för privatpersoner med bredband. [Thesis]. , Department of Software Engineering and Computer Science; 2001. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:bth-1491

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

26. Christensen, Ludvig. Ethical hacking of IoT devices: OBD-II dongles.

Degree: Electrical Engineering and Computer Science (EECS), 2019, KTH

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254571

►

The subject area of this project is IT security related to cars, specifically the security of devices connected through a cars OBD-II connector. The… (more)

Subjects/Keywords: Hacking; OBD-II; Threat model; IoT security; AutoPi; Computer and Information Sciences; Data- och informationsvetenskap

…hacking AutoPi’s WiFi was not found to be vulnerable to any particular known attacks against… …School of Electrical Engineering and Computer Science (EECS), 2018. [3] M… …Alamitos, CA, USA), pp. 278–283, IEEE Computer Society, sep 2016. [6] R. Khan, K…

4 more images…

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Christensen, L. (2019). Ethical hacking of IoT devices: OBD-II dongles. (Thesis). KTH. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254571

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Christensen, Ludvig. “Ethical hacking of IoT devices: OBD-II dongles.” 2019. Thesis, KTH. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254571.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Christensen, Ludvig. “Ethical hacking of IoT devices: OBD-II dongles.” 2019. Web. 15 Jan 2021.

Vancouver:

Christensen L. Ethical hacking of IoT devices: OBD-II dongles. [Internet] [Thesis]. KTH; 2019. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254571.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Christensen L. Ethical hacking of IoT devices: OBD-II dongles. [Thesis]. KTH; 2019. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254571

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

27. Ottosson, Henrik. Penetration testing for the inexperienced ethical hacker : A baseline methodology for detecting and mitigating web application vulnerabilities.

Degree: Database and information techniques, 2018, Linköping University

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-148581

►

Having a proper method of defense against attacks is crucial for web applications to ensure the safety of both the application itself and its… (more)

▼

Having a proper method of defense against attacks is crucial for web applications to ensure the safety of both the application itself and its users. Penetration testing (or ethical hacking) has long been one of the primary methods to detect vulnerabilities against such attacks, but is costly and requires considerable ability and knowledge. As this expertise remains largely individual and undocumented, the industry remains based on expertise. A lack of comprehensive methodologies at levels that are accessible to inexperienced ethical hackers is clearly observable. While attempts at automating the process have yielded some results, automated tools are often specific to certain types of flaws, and lack contextual flexibility. A clear, simple and comprehensive methodology using automatic vulnerability scanners complemented by manual methods is therefore necessary to get a basic level of security across the entirety of a web application. This master's thesis describes the construction of such a methodology. In order to define the requirements of the methodology, a literature study was performed to identify the types of vulnerabilities most critical to web applications, and the applicability of automated tools for each of them. These tools were tested against various existing applications, both intentionally vulnerable ones, and ones that were intended to be secure. The methodology was constructed as a four-step process: Manual Review, Testing, Risk Analysis, and Reporting. Further, the testing step was defined as an iterative process in three parts: Tool/Method Selection, Vulnerability Testing, and Verification. In order to verify the sufficiency of the methodology, it was subject to Peer-review and Field experiments.

Att ha en gedigen metodologi för att försvara mot attacker är avgörande för att upprätthålla säkerheten i webbapplikationer, både vad gäller applikationen själv och dess användare. Penetrationstestning (eller etisk hacking) har länge varit en av de främsta metoderna för att upptäcka sårbarheter mot sådana attacker, men det är kostsamt och kräver stor personlig förmåga och kunskap. Eftersom denna expertis förblir i stor utsträckning individuell och odokumenterad, fortsätter industrin vara baserad på expertis. En brist på omfattande metodiker på nivåer som är tillgängliga för oerfarna etiska hackare är tydligt observerbar. Även om försök att automatisera processen har givit visst resultat är automatiserade verktyg ofta specifika för vissa typer av sårbarheter och lider av bristande flexibilitet. En tydlig, enkel och övergripande metodik som använder sig av automatiska sårbarhetsverktyg och kompletterande manuella metoder är därför nödvändig för att få till en grundläggande och heltäckande säkerhetsnivå. Denna masteruppsats beskriver konstruktionen av en sådan metodik. För att definiera metodologin genomfördes en litteraturstudie för att identifiera de typer av sårbarheter som är mest kritiska för webbapplikationer, samt tillämpligheten av automatiserade verktyg för…

Subjects/Keywords: Web Applications; Vulnerabilitiy Scanning; Automation; Ethical Hacking; Penetration Testing; Information Security; Computer Sciences; Datavetenskap (datalogi)

…malicious hacking, the title of ethical hacker1 , and the title of penetration tester… …National Institute of Standards and Technology, has presented a Guide to Computer Security Log…

1 more image…

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Ottosson, H. (2018). Penetration testing for the inexperienced ethical hacker : A baseline methodology for detecting and mitigating web application vulnerabilities. (Thesis). Linköping University. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-148581

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Ottosson, Henrik. “Penetration testing for the inexperienced ethical hacker : A baseline methodology for detecting and mitigating web application vulnerabilities.” 2018. Thesis, Linköping University. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-148581.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Ottosson, Henrik. “Penetration testing for the inexperienced ethical hacker : A baseline methodology for detecting and mitigating web application vulnerabilities.” 2018. Web. 15 Jan 2021.

Vancouver:

Ottosson H. Penetration testing for the inexperienced ethical hacker : A baseline methodology for detecting and mitigating web application vulnerabilities. [Internet] [Thesis]. Linköping University; 2018. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-148581.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Ottosson H. Penetration testing for the inexperienced ethical hacker : A baseline methodology for detecting and mitigating web application vulnerabilities. [Thesis]. Linköping University; 2018. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-148581

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

28. Koelemeijer, Dorien. Auster: A service designed on the context of a surveillance society in an increasingly connected world.

Degree: 2015, , Faculty of Culture and Society (KS)

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-21852

► The privacy and surveillance issues that are consequences of the Internet of Things are the motivation and grounding for this thesis project. The Internet… (more)

Subjects/Keywords: interaction design; human computer interaction; internet of things; the internet of things; IoT; surveillance; sousveillance; hacking; do it yourself; diy; data; big data; data obfuscation; arduino; decentralisation; internet; privacy; security; data mining; data analysis; Engineering and Technology; Teknik och teknologier

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Koelemeijer, D. (2015). Auster: A service designed on the context of a surveillance society in an increasingly connected world. (Thesis). , Faculty of Culture and Society (KS). Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-21852

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Koelemeijer, Dorien. “Auster: A service designed on the context of a surveillance society in an increasingly connected world.” 2015. Thesis, , Faculty of Culture and Society (KS). Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-21852.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Koelemeijer, Dorien. “Auster: A service designed on the context of a surveillance society in an increasingly connected world.” 2015. Web. 15 Jan 2021.

Vancouver:

Koelemeijer D. Auster: A service designed on the context of a surveillance society in an increasingly connected world. [Internet] [Thesis]. , Faculty of Culture and Society (KS); 2015. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-21852.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Koelemeijer D. Auster: A service designed on the context of a surveillance society in an increasingly connected world. [Thesis]. , Faculty of Culture and Society (KS); 2015. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-21852

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

University of South Africa

29. Maat, Sandra Mariana. Cyber crime: a comparative law analysis .

Degree: 2009, University of South Africa

URL: http://hdl.handle.net/10500/2056

► The Electronic Communications and Transactions Act, 25 of 2002, eradicated various lacunae that previously existed in respect of cyber crimes. Cyber crimes such as inter… (more)

Subjects/Keywords: Digital signatures; Cryptography; Cyber inspectors; Unauthorised interception; Computer-related fraud; Theft of information; Denial of service attacks; Cyber crime; Hacking; Rogue code

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Maat, S. M. (2009). Cyber crime: a comparative law analysis . (Masters Thesis). University of South Africa. Retrieved from http://hdl.handle.net/10500/2056

Chicago Manual of Style (16^th Edition):

Maat, Sandra Mariana. “Cyber crime: a comparative law analysis .” 2009. Masters Thesis, University of South Africa. Accessed January 15, 2021. http://hdl.handle.net/10500/2056.

MLA Handbook (7^th Edition):

Maat, Sandra Mariana. “Cyber crime: a comparative law analysis .” 2009. Web. 15 Jan 2021.

Vancouver:

Maat SM. Cyber crime: a comparative law analysis . [Internet] [Masters thesis]. University of South Africa; 2009. [cited 2021 Jan 15]. Available from: http://hdl.handle.net/10500/2056.

Council of Science Editors:

Maat SM. Cyber crime: a comparative law analysis . [Masters Thesis]. University of South Africa; 2009. Available from: http://hdl.handle.net/10500/2056

30. Robberts, Christopher. Finding Vulnerabilities in IoT Devices : Ethical Hacking of Electronic Locks.

Degree: Electrical Engineering and Computer Science (EECS), 2019, KTH

URL: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254667

►

Internet of Things (IoT) devices are becoming more ubiquitous than ever before, and while security is not that important for every type of device,… (more)

Subjects/Keywords: ethical hacking; penetration testing; electronic locks; internet of things; iot; threat modeling; security; etisk hacking; penetrationstestning; elektroniska lås; sakernas internet; iot; hotmodellering; säkerhet; Computer and Information Sciences; Data- och informationsvetenskap

…to exploit the product does not lead to a vulnerability. A central part of hacking "… …5.4 Problems and constraints At the beginning of the hacking phase of the project much…

3 more images…

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Robberts, C. (2019). Finding Vulnerabilities in IoT Devices : Ethical Hacking of Electronic Locks. (Thesis). KTH. Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254667

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16^th Edition):

Robberts, Christopher. “Finding Vulnerabilities in IoT Devices : Ethical Hacking of Electronic Locks.” 2019. Thesis, KTH. Accessed January 15, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254667.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7^th Edition):

Robberts, Christopher. “Finding Vulnerabilities in IoT Devices : Ethical Hacking of Electronic Locks.” 2019. Web. 15 Jan 2021.

Vancouver:

Robberts C. Finding Vulnerabilities in IoT Devices : Ethical Hacking of Electronic Locks. [Internet] [Thesis]. KTH; 2019. [cited 2021 Jan 15]. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254667.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Robberts C. Finding Vulnerabilities in IoT Devices : Ethical Hacking of Electronic Locks. [Thesis]. KTH; 2019. Available from: http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254667

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

		in
And / Or
		in
And / Or
		in
And / Or
		in

Open Access Theses and Dissertations