Refine
Document Type
- Master's Thesis (27)
- Bachelor Thesis (4)
Language
- English (31) (remove)
Has Fulltext
- yes (31)
Is part of the Bibliography
- no (31) (remove)
Keywords
- IT-Sicherheit (6)
- Maschinelles Lernen (4)
- Computersicherheit (3)
- JavaScript (3)
- Deep learning (2)
- Homomorphic Encryption (2)
- Identitätsverwaltung (2)
- Internet der Dinge (2)
- Künstliche Intelligenz (2)
- Machine Learning (2)
Institute
- Fakultät Medien (M) (ab 22.04.2021) (31) (remove)
Open Access
- Closed Access (16)
- Closed (13)
- Diamond (2)
- Open Access (2)
An organized strategy to ensure the security of an organization is an information security management system. During various security crises, hazards, and breaches, this strategy aids an organization in maintaining the confidentiality, integrity, and accessibility of information. Organizations are getting ready to comply with information security management system criteria. Despite this, security concerns continue to plague ineffective controls, have poor connectivity, or cause a silo effect, which is a common cause. One of the causes is a low maturity model that is not synchronized with the organization’s business processes. For a higher level of maturity, it is best to evaluate the practices.
Different maturity models on information security and cyber security capacity, management processes, security controls, implementation level, and many more have already been developed by numerous international organizations, experts, and scholars. The present models, however, do not assess a particular organization's particular practices. The evaluation of the business process is frequently neglected because measurement requirements for models are typically more concentrated on examining specific elements. For this reason, it caused the maturity assessment to not be executed explicitly and broadly.
We developed an organizational information security maturity model, a combination of work of different maturity models currently existing. While making this model, we considered that any size or type of organization could use this model. The model considers the success elements of the information security management system when assessing the implementation's effectiveness. We employed a mixed-method strategy that included both qualitative and quantitative research. With the help of a questionnaire survey, we evaluated the previous research using a qualitative methodology. In the quantitative method, we'll figure out how mature the information security management system is now. The proposed model could be used to reduce security incidents by improving implementation gaps.
Strong security measures are required to protect sensitive data and provide ongoing service as a result of the rising reliance on online applications for a range of purposes, including e-commerce, social networking, and commercial activities. This has brought to light the necessity of strengthening security measures. There have been multiple incidents of attackers acquiring access to information, holding providers hostage with distributed denial of service attacks, or accessing the company’s network by compromising the application.
The Bundesamt für Sicherheit in der Informationstechnik (BSI) has published a comprehensive set of information security principles and standards that can be utilized as a solid basis for the development of a web application that is secure.
The purpose of this thesis is to build and construct a secure web application that adheres to the requirements established in the BSI guideline. This will be done in order to answer the growing concerns regarding the security of web applications. We will also evaluate the efficacy of the recommendations by conducting security tests on the prototype application and determining whether or not the vulnerabilities that are connected with a web application that is not secure have been mitigated.
Die Arbeit beschäftigt sich mit dem Thema der Progressive Web App, dabei wird auf die Entwicklung und das Wirtschaftliche Potential eingegangen. Die Arbeit kann als Hilfestellung bei der Entscheidung, ob eine Progressive Web App in einem Unternehmen eingesetzt werden soll, dienen.
As cyber threats continue to evolve, it is becoming increasingly important for organizations to have a Security Operations Center (SOC) in place to effectively defend against them. However, building and maintaining a SOC can be a daunting task without clear guidelines, policies, and procedures in place. Additionally, most current SOC solutions used by organizations are outdated, lack key features and integrations, and are expensive to maintain and upgrade. Moreover, proprietary solutions can lead to vendor lock-in, making it difficult to switch to a different solution in the future.
To address these challenges, this thesis proposes a comprehensive SOC framework and an open-source SOC solution that provides organizations with a flexible and cost-effective way to defend against modern cyber threats. The research methodology involved conducting a thorough literature review of existing literature and research on building and maintaining a SOC, including using SOC as a service. The data collected from the literature review was analyzed to identify common themes, challenges, and best practices for building and maintaining a SOC.
Based on the data collected, a comprehensive framework for building and maintaining a SOC was developed. The framework addresses essential areas such as the scope and purpose of the SOC, governance and leadership, staffing and skills, technologies and tools, processes and procedures, service level agreements (SLAs), and evaluation and measurement. This framework provides organizations with the necessary guidance and resources to establish and effectively operate a SOC, as well as a reference for evaluating the service provided by SOC service providers.
In addition to the SOC framework, a modern open-source SOC solution was developed, which emphasizes several key measures to help organizations defend against modern cyber threats. These measures include real-time, actionable threat intelligence, rapid and effective incident response, continuous security monitoring and alerting, automation, integration, and customization. The use of open-source technologies and a modular architecture makes the solution cost-effective, allowing organizations to scale it up or down as needed.
Overall, the proposed SOC framework and open-source SOC solution provide organizations with a comprehensive and systematic approach for building and maintaining a SOC that is aligned with the needs and objectives of the organization. The open-source SOC solution provides a flexible and cost-effective way to defend against modern cyber threats, helping organizations to effectively operate their SOC and reduce their risk of security incidents and breaches.
Risk-based Cybermaturity Assessment Model - Protecting the company against ransomware attacks
(2023)
Ransomware has become one of the most catastrophic attacks in the previous decade, hurting businesses of all sorts worldwide. So, no organization is safe, and most companies are reviewing their ransomware defensive solutions to avoid business and operational hazards. IT departments are using cybersecurity maturity assessment frameworks like CMMC, C2M2, CMMI, NIST, CIS, CPP, and others to analyze organization security capabilities. In addition to maturity assessment models for the process layer and human pillar, there are much research on the analysis, identification, and defense of cyber threats in product/software layers that propose state-of-the-art approaches.
This motivates a comprehensive ransomware cyber security solution. Then, a crucial question arises: “How companies can measure the security maturity of controls in a specific danger for example for Ransomware attack?” Several studies and frameworks addressed this subject.
Complexity of understanding the ransomware attack, Lack of comprehensive ransomware defense solutions and Lack of cybermaturity assessment model for ransomware defense solutions are different aspects of problem statement in this study. By considering the most important limitations to developing a ransomware defense cybermaturity assessment method, this study developed a cybermaturity assessment methodology and implemented a Toolkit to conduct cyber security self-assessment specifically for ransomware attack to provide a clearer vision for enterprises to analyze the security maturity of controls regardless of industry or size.
Even though the internet has only been there for a short period, it has grown tremendously. To- day, a significant portion of commerce is conducted entirely online because of increased inter- net users and technological advancements in web construction. Additionally, cyberattacks and threats have expanded significantly, leading to financial losses, privacy breaches, identity theft, a decrease in customers’ confidence in online banking and e-commerce, and a decrease in brand reputation and trust. When an attacker pretends to be a genuine and trustworthy institution, they can steal private and confidential information from a victim. Aside from that, phishing has been an ongoing issue for a long time. Billions of dollars have been shed on the global economy. In recent years, there has been significant progress in the development of phishing detection and identification systems to protect against phishing attacks. Phishing detection technologies frequently produce binary results, i.e., whether a phishing attempt was made or not, with no explanation. On the other hand, phishing identification methodologies identify phishing web- pages by visually comparing webpages with predetermined authentic references and reporting phishing together with its target brand, resulting in findings that are understandable. However, technical difficulties in the field of visual analysis limit the applicability of currently available solutions, preventing them from being both effective (with high accuracy) and efficient (with little runtime overhead). Here, we evaluate existed framework called Phishpedia. This hybrid deep learning system can recognize identity logos from webpage screenshots and match logo variants of the same brand with high precision. Phishpedia provides high accuracy with low run- time. Lastly, unlike other methods, Phishpedia does not require training on any phishing sam- ples whatsoever. Phishpedia exceeds baseline identification techniques (EMD, PhishZoo, and LogoSENSE), inaccurately detecting phishing pages in lengthy testing using accurate phishing data. The effectiveness of Phishpedia was tested and compared against other standard machine learning algorithms and some state-of-the-art algorithms. The given solutions performed better than different algorithms in the given dataset, which is impressive.
As information technology continues to advance at a rapid speed around the world, new difficulties emerge. The growing number of organizational vulnerabilities is among the most important issues. Finding and mitigating vulnerabilities is critical in order to protect an organization’s environment from multiple attack vectors.
The study investigates and comprehends the complete vulnerability management process from the standpoint of the security officer job role, as well as potential improvements. Few strategies are used to achieve efficient mitigation and the de- velopment of a process for tracking and mitigating vulnerabilities. As a result, a qualitative study is conducted in which the objective is to create a proposed vulner- ability and risk management process, as well as to develop a system for analyzing and tracking vulnerabilities and presenting the vulnerabilities in a graphical dash- board format. This thesis’s data was gathered through an organized literature study as well as through the use of various web resources. We explored numerous ap- proaches to analyze the data, such as categorizing the vulnerabilities every 30, 60, and 90 days to see whether the vulnerabilities were reoccurring or new. According to our findings, tracking vulnerabilities can be advantageous for a security officer.
We come to the conclusion that if an organization has a proper vulnerability tracking system and vulnerability management process, it can aid security officers in having a better understanding of and making plans for reducing vulnerabilities. In terms of system patching and vulnerability remediation, it will also assist the security officer in identifying areas of weakness in the process. As a result, the suggested ways provide an alternate approach to managing and tracking vulnerabilities in an effective manner, although there is still a small area that needs additional analysis and research to make it even better.
Much of the research in the field of audio-based machine learning has focused on recreating human speech via feature extraction and imitation, known as deepfakes. The current state of affairs has prompted a look into other areas, such as the recognition of recording devices, and potentially speakers, by only analysing sound files. Segregation and feature extraction are at the core of this approach.
This research focuses on determining whether a recorded sound can reveal the recording device with which it was captured. Each specific microphone manufacturer and model, among other characteristics and imperfections, can have subtle but compounding effects on the results, whether it be differences in noise, or the recording tempo and sensitivity of the microphone while recording. By studying these slight perturbations, it was found to be possible to distinguish between microphones based on the sounds they recorded.
After the recording, pre-processing, and feature extraction phases we completed, the prepared data was fed into several different machine learning algorithms, with results ranging from 70% to 100% accuracy, showing Multi-Layer Perceptron and Logistic Regression to be the most effective for this type of task.
This was further extended to be able to tell the difference between two microphones of the same make and model. Achieving the identification of identical models of a microphone suggests that the small deviations in their manufacturing process are enough of a factor to uniquely distinguish them and potentially target individuals using them. This however does not take into account any form of compression applied to the sound files, as that may alter or degrade some or most of the distinguishing features that are necessary for this experiment.
Building on top of prior research in the area, such as by Das et al. in in which different acoustic features were explored and assessed on their ability to be used to uniquely fingerprint smartphones, more concrete results along with the methodology by which they were achieved are published in this project’s publicly accessible code repository.
Linux and Linux-based operating systems have been gaining more popularity among the general users and among developers. Many big enterprises and large companies are using Linux for servers that host their websites, some even require their developers to have knowledge about Linux OS. Even in embedded systems one can find many Linux-based OS that run them. With its increasing popularity, one can deduce the need to secure such a system that many personnel rely on, be it to protect the data that it stores or to protect the integrity of the system itself, or even to protect the availability of the services it offers. Many researchers and Linux enthusiasts have been coming up with various ways to secure Linux OS, however new vulnerabilities and new bugs are always found, by malicious attackers, with every update or change, which calls for the need of more ways to secure these systems.
This Thesis explores the possibility and feasibility of another way to secure Linux OS, specifically securing the terminal of such OS, by altering the commands of the terminal, getting in the way of attackers that have gained terminal access and delaying, giving more time for the response teams and for forensics to stop the attack, minimize the damage, restore operations, and to identify collect and store evidence of the cyber-attack. This research will discuss the advantages and disadvantages of various security measures and compare and contrast with the method suggested in this research.
This research is significant because it paints a better picture of what the state of the art of Linux and Linux-based operating systems security looks like, and it addresses the concerns of security enthusiasts, while exploring new uncharted area of security that have been looked at as a not so significant part of protecting the OSes out of concern of the various limitations and problems it entails. This research will address these concerns while exploring few ways to solve them, as well as addressing the ideal areas and situations in which the proposed method can be used, and when would such method be more of a burden than help if used.
Encryption techniques allow storing and transferring of sensitive information securely by using encryption at rest and encryption in transit, respectively. However, when computation is performed on these sensitive data, the data needs to be decrypted first and encrypted again after performing the computations. During the computations, the sensitive data becomes vulnerable to attackers as it's in decrypted form. Homomorphic encryption, a special type of encryption technique that allows computation on encrypted data can be used to solve the above-mentioned problem. The best way to achieve maximum security with homomorphic encryption is to perform at least the homomorphic encryption and decryption on the client side (browser) of a web application by not trusting the server. At present time there are many libraries with different homomorphic schemes available for homomorphic encryption. However, there are very few to no JavaScript libraries available to perform homomorphic encryption on the client side of any web application. This thesis mainly focuses on the JavaScript implementation of client-side homomorphic encryption. The fully homomorphic encryption scheme BFV is selected for the implementation. After implementing the fully homomorphic encryption scheme based on the “py-fhe” library, tests are also carried out in order to determine the applicability (in terms of time consumption, security and correctness) of this implementation in a web application by comparing the performance and security for different test cases and different settings.