004 Informatik
Refine
Document Type
- Bachelor Thesis (6)
- Master's Thesis (5)
- Article (reviewed) (1)
Has Fulltext
- yes (12)
Keywords
- IT-Sicherheit (12) (remove)
Institute
Open Access
- Closed Access (6)
- Closed (5)
- Open Access (1)
Das automatisierte Erkennen von Schwachstellen wird immer wichtiger. Gerade bei der Softwareentwicklung werden immer häufiger Schwachstellenscanner eingesetzt. Das Ziel der vorliegenden Arbeit ist es einen Überblick zu erhalten, welche Schwachstellenscanner für Webanwendungen existieren und wie sinnvoll deren Einsatz ist. Um diese Frage zu beantworten, werden vier auf dem Markt verfügbare Schwachstellenscanner getestet. Aus der bisherigen Infrastruktur von M und M Software werden Anforderungen und Selektionskriterien abgeleitet. In zwei Testphasen werden verschiedene Schwachstellenscanner analysiert und bewertet wie gut sie die Kriterien erfüllen. Am Ende wird bewertet, ob der Einsatz eines Schwachstellenscanners in der Infrastruktur sinnvoll ist. Neben dieser Analyse wird außerdem untersucht welche Chancen die AI-Technologie für Schwachstellenscanner bietet.
Linux and Linux-based operating systems have been gaining more popularity among the general users and among developers. Many big enterprises and large companies are using Linux for servers that host their websites, some even require their developers to have knowledge about Linux OS. Even in embedded systems one can find many Linux-based OS that run them. With its increasing popularity, one can deduce the need to secure such a system that many personnel rely on, be it to protect the data that it stores or to protect the integrity of the system itself, or even to protect the availability of the services it offers. Many researchers and Linux enthusiasts have been coming up with various ways to secure Linux OS, however new vulnerabilities and new bugs are always found, by malicious attackers, with every update or change, which calls for the need of more ways to secure these systems.
This Thesis explores the possibility and feasibility of another way to secure Linux OS, specifically securing the terminal of such OS, by altering the commands of the terminal, getting in the way of attackers that have gained terminal access and delaying, giving more time for the response teams and for forensics to stop the attack, minimize the damage, restore operations, and to identify collect and store evidence of the cyber-attack. This research will discuss the advantages and disadvantages of various security measures and compare and contrast with the method suggested in this research.
This research is significant because it paints a better picture of what the state of the art of Linux and Linux-based operating systems security looks like, and it addresses the concerns of security enthusiasts, while exploring new uncharted area of security that have been looked at as a not so significant part of protecting the OSes out of concern of the various limitations and problems it entails. This research will address these concerns while exploring few ways to solve them, as well as addressing the ideal areas and situations in which the proposed method can be used, and when would such method be more of a burden than help if used.
Künstliche Intelligenzen, Deep Learning und Machine-Learning-Algorithmen sind im digitalen Zeitalter zu einem Punkt gekommen, in dem es schwer ist zu unterscheiden, welche Informationen und Quellen echt sind und welche nicht. Der Begriff „Deepfakes“ wurde erstmals 2017 genutzt und hat bereits 2018 mit einer App bewiesen, wie einfach es ist, diese Technologie zu verwenden um mit Videos, Bildern oder Ton Desinformationen zu verbreiten, politische Staatsoberhäupter nachzuahmen oder unschuldige Personen zu deformieren. In der Zwischenzeit haben sich Deepfakes bedeutend weiterentwickelt und stellen somit eine große Gefahr dar.
Diese Arbeit bietet eine Einführung in das Themengebiet Deepfakes. Zudem behandelt sie die Erstellung, Verwendung und Erkennung von Deepfakes, sowie mögliche Abwehrmaßnahmen und Auswirkungen, welche Deepfakes mit sich bringen.
The Internet of Things is spreading significantly in every sector, including the household, a variety of industries, healthcare, and emergency services, with the goal of assisting all of those infrastructures by providing intelligent means of service delivery. An Internet of Vulnerabilities (IoV) has emerged as a result of the pervasiveness of the Internet of Things (IoT), which has led to a rise in the use of applications and devices connected to the IoT in our day-to-day lives. The manufacture of IoT devices are growing at a rapid pace, but security and privacy concerns are not being taken into consideration. These intelligent Internet of Things devices are especially vulnerable to a variety of attacks, both on the hardware and software levels, which leaves them exposed to the possibility of use cases. This master’s thesis provides a comprehensive overview of the Internet of Things (IoT) with regard to security and privacy in the area of applications, security architecture frameworks, a taxonomy of various cyberattacks based on various architecture models, such as three-layer, four-layer, and five-layer. The fundamental purpose of this thesis is to provide recommendations for alternate mitigation strategies and corrective actions by using a holistic rather than a layer-by-layer approach. We discussed the most effective solutions to the problems of privacy and safety that are associated with the Internet of Things (IoT) and presented them in the form of research questions. In addition to that, we investigated a number of further possible directions for the development of this research.
Risk-based Cybermaturity Assessment Model - Protecting the company against ransomware attacks
(2023)
Ransomware has become one of the most catastrophic attacks in the previous decade, hurting businesses of all sorts worldwide. So, no organization is safe, and most companies are reviewing their ransomware defensive solutions to avoid business and operational hazards. IT departments are using cybersecurity maturity assessment frameworks like CMMC, C2M2, CMMI, NIST, CIS, CPP, and others to analyze organization security capabilities. In addition to maturity assessment models for the process layer and human pillar, there are much research on the analysis, identification, and defense of cyber threats in product/software layers that propose state-of-the-art approaches.
This motivates a comprehensive ransomware cyber security solution. Then, a crucial question arises: “How companies can measure the security maturity of controls in a specific danger for example for Ransomware attack?” Several studies and frameworks addressed this subject.
Complexity of understanding the ransomware attack, Lack of comprehensive ransomware defense solutions and Lack of cybermaturity assessment model for ransomware defense solutions are different aspects of problem statement in this study. By considering the most important limitations to developing a ransomware defense cybermaturity assessment method, this study developed a cybermaturity assessment methodology and implemented a Toolkit to conduct cyber security self-assessment specifically for ransomware attack to provide a clearer vision for enterprises to analyze the security maturity of controls regardless of industry or size.
As information technology continues to advance at a rapid speed around the world, new difficulties emerge. The growing number of organizational vulnerabilities is among the most important issues. Finding and mitigating vulnerabilities is critical in order to protect an organization’s environment from multiple attack vectors.
The study investigates and comprehends the complete vulnerability management process from the standpoint of the security officer job role, as well as potential improvements. Few strategies are used to achieve efficient mitigation and the de- velopment of a process for tracking and mitigating vulnerabilities. As a result, a qualitative study is conducted in which the objective is to create a proposed vulner- ability and risk management process, as well as to develop a system for analyzing and tracking vulnerabilities and presenting the vulnerabilities in a graphical dash- board format. This thesis’s data was gathered through an organized literature study as well as through the use of various web resources. We explored numerous ap- proaches to analyze the data, such as categorizing the vulnerabilities every 30, 60, and 90 days to see whether the vulnerabilities were reoccurring or new. According to our findings, tracking vulnerabilities can be advantageous for a security officer.
We come to the conclusion that if an organization has a proper vulnerability tracking system and vulnerability management process, it can aid security officers in having a better understanding of and making plans for reducing vulnerabilities. In terms of system patching and vulnerability remediation, it will also assist the security officer in identifying areas of weakness in the process. As a result, the suggested ways provide an alternate approach to managing and tracking vulnerabilities in an effective manner, although there is still a small area that needs additional analysis and research to make it even better.
In recent years, both the Internet of Things (IoT) and blockchain technologies have been highly influential and revolutionary. IoT enables companies to embrace Industry 4.0, the Fourth Industrial Revolution, which benefits from communication and connectivity to reduce cost and to increase productivity through sensor-based autonomy. These automated systems can be further refined with smart contracts that are executed within a blockchain, thereby increasing transparency through continuous and indisputable logging. Ideally, the level of security for these IoT devices shall be very high, as they are specifically designed for this autonomous and networked environment. This paper discusses a use case of a company with legacy devices that wants to benefit from the features and functionality of blockchain technology. In particular, the implications of retrofit solutions are analyzed. The use of the BISS:4.0 platform is proposed as the underlying infrastructure. BISS:4.0 is
intended to integrate the blockchain technologies into existing enterprise environments. Furthermore, a security analysis of IoT and blockchain present attacks and countermeasures are presented that are identified and applied to the mentioned use case.
In dem letzten Jahr, welches von der Corona Pandemie geprägt war, wurde das Arbeiten von zu Hause aus durch die Unternehmen stark vorangetrieben. Auch wenn dies zuerst nur als Übergangslösung gesehen wurde, scheint dieser Trend sich auch nach der Pandemie fortzusetzen. In den meisten Heimnetzwerken ist die IT-Sicherheit allerdings deutlich schwächer ausgebaut, als dies in Unternehmen ist.
Da die Umstellung in das Home-Office sehr schnell durchgeführt wurde, sehen sich viele Arbeitnehmer und Arbeitgeber mit dieser Situation überfordert, auch im Heimnetzwerk des Anwenders für eine geeignete Sicherheit zu sorgen. In dieser Ausarbeitung werden daher einzelne Angriffe auf IT-Systeme im Heimnetzwerk aufgegriffen sowie Lösungsansätze, um eine sichere Heimnetzwerkumgebung zu schaffen.
Annotated training data is essential for supervised learning methods. Human annotation is costly and laborsome especially if a dataset consists of hundreds of thousands of samples and annotators need to be hired. Crowdsourcing emerged as a solution that makes it easier to get access to large amounts of human annotators. Introducing paid external annotators however introduces malevolent annotations, both intentional and unintentional. Both forms of malevolent annotations have negative effects on further usage of the data and can be summarized as spam. This work explores different approaches to post-hoc detection of spamming users and which kinds of spam can be detected by them. A manual annotation checking process resulted in the creation of a small user spam dataset which is used in this thesis. Finally an outlook for future improvements of these approaches will be made.
Das Thema Honeypot nimmt einen immer größeren Stellenwert in der Weiterentwicklung der Informationssicherheit ein. Honeypots dienen nicht nur zur Erforschung von Angriffsmethoden und Vorgehensweisen, sondern können auch im Unternehmensumfeld aktiv zur Verbesserung der IT-Sicherheitsmaßnahmen beitragen. Diese Arbeit hat sich das Ziel gesetzt, das Themenspektrum Honeypot in Theorie und Praxis näher zu untersuchen. Im ersten Teil wird ein allgemeiner Überblick über das Thema Honeypot und Honeynet gegeben. Hier wird erklärt, welche Honeypot-Typen und Architekturen es gibt, welche Anforderungen ein Honeypot stellt und welche Risiken der Betrieb eines Honeypot-Systems verursacht. Am Ende des ersten Kapitels werden einige Beispiele eines Honeypot-Systems beschrieben. Im zweiten Teil wird konkret auf die Implementierung eines High Interaction Honeypots eingegangen, dessen Überwachungszentrale die Honeywall bildet. Dieser praktische Teil erklärt, wie ein komplettes Honeypot-System auf Basis der 'Honeywall CDROM Roo' eingerichtet wird, welche Möglichkeiten und Werkzeuge das Überwachungssystem besitzt und welche Einstellungen und Besonderheiten beim Einrichten beachtet werden müssen. Im darauffolgenden dritten Teil werden die gesammelten Daten ausgewertet. Dazu wird zuerst ein Überblick über mögliche Angreifer und deren Angriffswege gegeben. Mit diesem Hintergrundwissen werden die Daten im weiteren Verlauf konkret analysiert und zum Teil visualisiert. Nach dem praktischen Teil wird ein Ausblick gegeben, welche Ausbaumöglichkeiten die Versuchsanordnung bietet, welchen Schwerpunkt die Weiterentwickelung der Honeywall einnimmt und welche rechtlichen Fragen der Betrieb eines Honeypots aufwirft. Zu guter Letzt wird die Arbeit durch ein Fazit abgeschlossen.