Physical Sciences and Mathematics Commons^™

A Comprehensive Analysis Of Smart Ship Systems And Underlying Cybersecurity Issues, Dennis Bothur

Theses : Honours

The maritime domain benefits greatly from advanced technology and ubiquitous connectivity. From “smart” sensors to “augmented reality”, the opportunities to save costs and improve safety are endless. The aim of this dissertation is to study the capabilities of smart ship systems in the context of Internet-of-Things and analyse the potential cybersecurity risks and challenges that smart technologies may introduce into this accelerating digital economy.

The first part of this work investigates the architecture of a “Smart Ship System” and the primary subsystems, including the integrated bridge, navigation and communication systems, networking, operational systems, and sensor networks. The mapping of the …

Penetration Testing Frameworks And Methodologies: A Comparison And Evaluation, Aleatha Shanley

Theses : Honours

Cyber security is fast becoming a strategic priority across both governments and private organisations. With technology abundantly available, and the unbridled growth in the size and complexity of information systems, cyber criminals have a multitude of targets. Therefore, cyber security assessments are becoming common practice as concerns about information security grow. Penetration testing is one strategy used to mitigate the risk of cyber-attack. Penetration testers attempt to compromise systems using the same tools and techniques as malicious attackers thus, aim to identify vulnerabilities before an attack occurs. Penetration testing can be complex depending on the scope and domain area under …

The Corporate Security Stratum Of Work: Identifying Levels Of Work In The Domain, Codee Roy Ludbey

Theses : Honours

Corporate security is a practicing domain and developing academic discipline that provides for the protection of people, information and assets, as well as the self-protection of organisations. Fayol (1949) articulated such an activity within organisations to be a core business function of significant importance; embedding security operations within all aspects of organisational work. This embedded nature of security within organisations has led to difficulty in the literature delineating roles and responsibilities of security practitioners; consequently leading to a nebulous understanding of security as a whole. Therefore, an investigation of the corporate security stratum of work has been undertaken to address …

Case Analysis Of Information Security Risk Perceptions, Alexis Guillot

Theses : Honours

The scientific rationality used by experts towards risk evaluation is expressed as the product of its likelihood of occurrence with its consequences or impacts (ENISA, 2006a). This directly opposes the subjective nature of risk perception, often appearing as inconsistent if not completely irrational (Byrne, 2003). Risk perception theories are a pathway to explain the subjective nature of risk and a deeper insight into the human's cognitive system. Those theories may help to explain why people see, act and plan for risks in the way that they do, the weaknesses that exist in the human decision mechanisms and their impact on …

Users' Perspectives And Attitudes Towards Web Application Security, Leonard Ticualu

Theses : Honours

The Internet has become an integral part of the society in many parts of the world. However, as the Internet becoming more important and useful, the problems with Web security have also increased. More people today have experienced Web security threats such as viruses, spyware, keyloggers, and phishing; and a not insignificant number have encountered financial fraud because of the online activities they conducted. This research investigated the security concerns and level of awareness of users in regards to the use of web applications, by identifying users' concerns of web applications, examining the relationship of users' technical knowledge and users' …

The Systemic Nature Of Critical Infrastructure Protection Using A Medium Sized Company As The Case Study, Jeffery Sewell

Theses : Honours

Critical infrastructure can be defined as privately and publicly run organisations such as energy systems, water systems, transportation, telecommunications, emergency services, banking and finance. The critical infrastructure (CI) on which society relies is now dependent on the interconnected communication networks the information age has spawned. With the evolution of the information age, not only has the communications landscape changed dramatically, the security landscape has changed too. With information technology being so ubiquitous, it has created new underlying concerns about the systems now reliant on them. The reliance and complexity of these interconnected systems has increased vulnerabilities confronting critical infrastructure. This …

An Attitude And Perception Study Of Wireless Network Usage In Home Environments, Patryk Szewczyk

Theses : Honours

Research on the use of 802.11 wireless networking and wireless security has in the past focused predominantly on corporations who generally have access to resources specifically allocated to computer and network security. Research has also focused on identifying the flaws in wireless network security, and developing stronger and safer methods which may be incorporated. To date there has been a lack of research into determining what the individual at home perceives towards wireless security. As broadband Internet connections are now predominantly chosen, the amount of available bandwidth open to exploitation is significantly higher than the now becoming obsolete dialup connection. …

Computer Security: Investigating The Impact That Security Specific Education Has On Users’ Behaviour, Samuel David Jones

Theses : Honours

A lack in end-user awareness in computer security issues provides the rationale for this investigation. The research considers whether or not the provision of an educational package addressing computer security issues will improve awareness and transform behaviour of end-users in assessing and enacting appropriate responses in computer security situations. A group of twenty participants was studied in detail using a mixed methods research approach. The participants were drawn from a cross section of computer end-users, from elementary to advanced levels of computer literacy. Outcomes include a positive response to the provision of material, however human factors were found to be …

An Investigation Of Network Security Management Methods, Shamila Anuranga Ratnayake

Theses : Honours

Network Management (NM) is concerned with reducing complexity and managing cost. The traditional NM tools and techniques are based on the Open System Interconnection (OSI) NM model. However, several drawbacks have been identified when managing a network using traditional NM tools (Sarkar & Verma, 2001). Network security is a major issue when managing a network. Even though the technology assists to reduce security risks, unless properly managed, the security measures may not do the job as expected. The State Model (SM) diagram is a new method, which may assists in managing the network. This new method may provide functionality not …

Optimisation Of John The Ripper In A Clustered Linux Environment, Christian Frichot

Theses : Honours

To aid system administrators in enforcing strict password policies, the use of password cracking tools such as Cisilia (C.I.S.I.ar, 2003) and John the Ripper (Solar Designer, 2002), have been employed as software utilities to look for "weak" passwords. John the Ripper (JtR) attempts to crack the passwords by using a dictionary, brute-force or "other" mode of attack. The computational intensity of cracking passwords has led to the utilisation of parallel-processing environments to increase the speed of the password-cracking task. Parallel-processing environments can consist of either single systems with multiple processors, or a collection of separate computers working together as a …

A Deception Based Framework For The Application Of Deceptive Countermeasures In 802.11b Wireless Networks, Suen Yek

Theses : Honours

The advance of 802.11 b wireless networking has been beset by inherent and in-built security problems. Network security tools that are freely available may intercept network transmissions readily and stealthily, making organisations highly vulnerable to attack. Therefore, it is incumbent upon defending organisations to take initiative and implement proactive defences against common network attacks. Deception is an essential element of effective security that has been widely used in networks to understand attack methods and intrusions. However, little thought has been given to the type and the effectiveness of the deception. Deceptions deployed in nature, the military and in cyberspace were …

The Development And Use Of The Secure Electronic Transaction (Set) Protocol On The Internet, Damon James Whyte

Theses : Honours

While still in its infancy, Electronic Commerce is growing at an exponential rate each year (Walson, 1997. p.53). Although few doubt that such growth will only continue in years to come, many people still have serious reservations about the levels of security offered by currently available applications for conducting such trade. This thesis identifies some of the key areas of concern regarding Electronic Commerce on the lnternet, and looks at the ways in which the Secure Electronic Transaction (SET) model, proposed by Mastercard and Visa, succeeds or fails in addressing these concerns. It identifies and describes the key dements and …

Development Of A Classification System For Computer Viruses In The Ibm Pc Environment Using The Dos Operating System, Hugh R. Browne

Theses : Honours

The threat to computers worldwide from computer viruses is increasing as new viruses and variants proliferate. Availability of virus construction tools to facilitate 'customised' virus production and wider use of more sophisticated means of evading detection, such as encryption, polymorphic transformation and memory resident 'stealth' techniques increase this problem. Some viruses employ methods to guard against their own eradication from an infected computer, whilst other viruses adopt measures to prevent disassembly of the virus for examination and analysis. Growth in computer numbers and connectivity provide a growing pool of candidate hosts for infection. Standardised and flexible systems for classification and …

An Investigation Of Ibm Pc Computer Viruses Infection Rates And Types In A Western Australian Environment, Boon Guan Lee

Theses : Honours

In recent years computer viruses have become increasingly significant as a form of computer abuse. By virtue of their reproductive capability, computer viruses can have cumulative and potentially catastrophic effects to the many people who use those affected computers. There is a growing concern in the computing community about these forms of electronic vandalism. This concern arises from the possible damage to stored information on which the work depends and the ensuing disruption of the work-place. Although the vandalism or purposeful abuse by introducing computer viruses to computer systems was originally mainly an American experience, research reports published by the …