Search results for "IKT523"
showing 4 items of 4 documents
Investigating Cloud Access Security Broker In A Healthcare Service : Creating A Cloud Access Security Broker (CASB) Discussion Frame-work For Evaluat…
2021
Master's thesis in Cyber security (IKT523) Covid-19 accentuated the importance of accessible services, causing a major increase in the adoption of cloud services for enterprises. Cloud computing is a new paradigm that promises significant benefits for organizations in healthcare services. However, cloud computing also transforms enterprise architectures and introduces new problems of information security. Decision-makers in a large healthcare service provider need to justify decisions on cloud adoption, but such a task is convoluted given the different views on cloud computing and the potential impact of cyberthreats on critical infrastructures. As a consequence, cloud security controls nee…
Blockchain for Attribute-Based Access Control : A flexible access control scheme with Permission Delegations
2021
Master's thesis in Cyber security (IKT523) Access Control (AC) is a fundamental aspect of modern technology infrastructure. While most primitive versions of AC use an Access Control List (ACL) to represent access, a more versatile variant called Attribute-Based Access Control (ABAC) has quickly become a popular approach to implementing AC due to its flexibility and scalability and enabling cross-domain access. This thesis proposes a Blockchain-based ABAC scheme with delegatable permission tokens through the use of Hyperledger Fabric and Java Web Tokens (JWT). Fabric is used to store various attribute and revocation transactions necessary in an ABAC system, while JWT’s purpose is to delegate…
Detecting Packed PE Files : Executable file analysis for the Windows operating system
2021
Master's thesis in Cyber security (IKT523) Malware authors invent new methods regularly to hide and obfuscate their code. One of these methods is known as packing. An entire program is hidden inside another executable program; however, the hidden program is usually encrypted or obfuscated such that antivirus software cannot detect its real intent without unpacking it. This thesis will look into common PE packers and describe the development of an application used to detect packed PE binaries using static analysis. This thesis is useful for reverse engineers and antivirus developers; it will give some insight into the world of packing binaries, compression methods, and encryption methods. Th…
Tuning Suricata Intrusion Detection System for High Performance on a Single Non-Uniform Memory Access Node
2021
Master's thesis in Cyber security (IKT523) The rapid increase in network capacity poses a challenge in detecting cyber attacks. Suricata is a modern intrusion detection system(IDS) used to monitor network traffic to detect cyberattacks. Telenor is monitoring considerable amounts of network traffic with IDS-servers, commonly referred to as sensors. Occasionally, the traffic load reaches a point where theIDS drops some of the incoming packets, termed packet loss. This is a serious problem, asit can lead to undetected threats. With this in mind, Telenor wants to find out if a lossless detection can be achieved by tuning Suricata for high performance. This can be accomplished by pinning dedicat…