Saudi Cultural Missions Theses & Dissertations

Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10

Browse

Has files: YesSubject: search.filters.subject.cybersecurity

Search Results

Now showing 1 - 10 of 22
  • No Thumbnail Available
    ItemRestricted
    ADAPTIVE INTRUSION DETECTION SYSTEM FOR THE INTERNET OF MEDICAL THINGS (IOMT): ENHANCING SECURITY THROUGH IMPROVED MUTUAL INFORMATION FEATURE SELECTION AND META-LEARNING
    (Towson University, 2024-12) Alalhareth, Mousa; Hong, Sungchul
    The Internet of Medical Things (IoMT) has revolutionized healthcare by enabling continuous patient monitoring and diagnostics but also introduces significant cybersecurity risks. IoMT devices are vulnerable to cyber-attacks that threaten patient data and safety. To address these challenges, Intrusion Detection Systems (IDS) using machine learning algorithms have been introduced. However, the high data dimensionality in IoMT environments often leads to overfitting and reduced detection accuracy. This dissertation presents several methodologies to enhance IDS performance in IoMT. First, the Logistic Redundancy Coefficient Gradual Upweighting Mutual Information Feature Selection (LRGU-MIFS) method is introduced to balance the trade-off between relevance and redundancy, while improving redundancy estimation in cases of data sparsity. This method achieves 95% accuracy, surpassing the 92% reported in related studies. Second, a fuzzy-based self-tuning Long Short-Term Memory (LSTM) IDS model is proposed, which dynamically adjusts training epochs and uses early stopping to prevent overfitting and underfitting. This model achieves 97% accuracy, a 10% false positive rate, and a 94% detection rate, outperforming prior models that reported 95% accuracy, a 12% false positive rate, and a 93% detection rate. Finally, a performance-driven meta-learning technique for ensemble learning is introduced. This technique dynamically adjusts classifier voting weights based on factors such as accuracy, loss, and prediction confidence levels. As a result, this method achieves 98% accuracy, a 97% detection rate, and a 99% F1 score, while reducing the false positive rate to 10%, surpassing previous results of 97% accuracy, a 93% detection rate, a 97% F1 score, and an 11% false positive rate. These contributions significantly enhance IDS effectiveness in IoMT, providing stronger protection for sensitive medical data and improving the security and reliability of healthcare networks.
    8 0
  • No Thumbnail Available
    ItemRestricted
    Improvements of Technical Blockchain to Combat Ransomware Attacks in Healthcare
    (Newcastle University, 2024) Albalawi, Sarah; Mace, John
    In the face of increasing cybersecurity threats, ransomware attacks have become a significant risk to critical sectors such as healthcare. As medical healthcare systems increasingly rely on electronic health records, they face heightened vulnerabilities that can compromise patient data and disrupt essential medical services. Ransomware attacks can encrypt and render critical medical records inaccessible, jeopardising patient care. This research aims to develop and evaluate a blockchain-based solution designed to secure medical healthcare records against ransomware, enhancing data integrity, availability, and security in healthcare systems. By leveraging blockchain technology, specifically by using smart contracts and decentralised applications on the Ethereum platform, the proposed solution creates a decentralised, immutable medical record management system. The system's robustness is demonstrated through a Python-based ransomware simulation, which compares locally stored medical data with data managed via blockchain. The findings show that the blockchain-based approach and smart contracts maintain data integrity and availability during ransomware attacks, preventing unauthorised access and ensuring continuous healthcare operations. These results suggest that adopting blockchain technology in healthcare can significantly mitigate the risks posed by ransomware, reduce operational disruptions, and protect patient data from evolving cyber threats, ultimately providing a scalable and secure solution for enhancing cybersecurity in the healthcare sector.
    16 0
  • No Thumbnail Available
    ItemRestricted
    Cloud Cybersecurity
    (Universidad de Al cala, 2024) Bokhari, Nabil; Herraiz, Martinez; Javier, Jose
    The rapid evolution of cloud computing has revolutionized modern business operations, from hosting applications to storing data in high-security environments. Competitive businesses are leveraging cloud computing solutions to maximize the benefits, including cost-effectiveness, flexibility, and scalability. Cloud computing enables enterprises to access on-demand and scalable computing resources, specifically computational power and vast data storage. Despite the immense benefits, the security of data transmitted and stored in a cloud computing environment is vulnerable to multiple cybersecurity attacks, including data manipulation, loss, and theft. The study aims to develop a security model for enhanced data privacy and security in the cloud by leveraging a hybrid of cryptographic algorithms and steganography image-based techniques. The security model innovatively combines Advanced Encryption Standard (AES), Rivest Shamir Adleman (RSA), and the Least Significant Bit (LSB) technique to enhance data privacy and security of data in motion in a cloud computing environment. The three-step security model was designed, developed, and evaluated using the Design Science Research (DSR) methodology. The model secures data through cryptographic algorithms, adds an extra security layer using steganography, and implements backup and data recovery. The methodology was selected because of its practicality and philosophical underpinnings on addressing contemporary challenges by developing novel and relevant artifacts using scientifically rigorous procedures. The findings show that a hybrid of cryptography and steganography provides unbeatable security for data in a cloud computing environment. Implementing the security model will enhance data privacy and security in the cloud by revolutionizing how data is encrypted and decrypted. In the future, the integration of Machine Learning and Artificial Intelligence methodologies and algorithms will quadruple the effectiveness and robustness of this data security model for the cloud.
    11 0
  • No Thumbnail Available
    ItemRestricted
    Evaluating NCA OTCC’s Effectiveness in ICS Cybersecurity: A Comparative Analysis with NIST SP800-82 Rev.3 and IEC62443
    (Newcastle University, 2024-08-13) Omran, Abdullah; Ahmed, Mujeeb
    This study evaluates the effectiveness of the newly released Saudi Arab ia Operational Technology Cyb ersecurity Controls (OTCC) in protecting and mitigating industrial control systems (ICS) infrastructures. As critical infrastructure threats and attacks increase exponentially, assessing national frameworks is crucial for enhancing cyb ersecurity posture in those critical infrastructures. This research compares OTCC with well- known international standards like NIST SP800-82 Rev.3 and IEC 62443 while analyzing the coverage against real-world cyb er threats using the MITRE ATT&CK for ICS framework. In this research, a mixed-method approach was developed which contains comparative analysis, control mapping, and simulated ICS environments. These methods helped in reviewing OTCC structure, mapped relevant controls to MITRE ATT&CK techniques, and did a side-by-side comparison with NIST SP800-82 Rev.3. Our findings showed that OTCC provided a foundation for ICS security in Saudi Arab ia while lacking some depth and comprehensiveness when compared to international standards. OTCC covers approximately 60% of NIST SP800- 82 Rev.3 control areas often with less guidance and discussion for controls. Mapping against MITRE ATT&CK showed some gaps in terms of addressing attack techniques with a coverage of only 60% compared to 86% for NIST SP800- 82 Rev.3 and 97% for IEC 62443. The study highlights OTCC limitations in mitigating and protecting against sophisticated cyb er threats in particular those employed by APT groups targeting critical infrastructure. This shows the need for enhancements to OTCC to match the effectiveness of international standards in protecting Saudi Arab ia’s ICS environments. Future research should focus more on real-world implementation studies and developing frameworks to address evolving threats used by APT groups in the ICS landscape.
    14 0
  • No Thumbnail Available
    ItemRestricted
    Assessing and Enhancing Protection Measures for Internet of Things (IoT) in Cybersecurity
    (University of Portsmouth, 2024-09) Alshehri, Abdulrahman; Bader-El-den, Mohammed
    The Internet of Things (IoT) revolution sweeps across Saudi Arabia, connecting devices, transforming industries, enhancing lives. But with great connectivity comes great vulnerability - cybersecurity threats loom large in this digital frontier. This study delves into the heart of IoT security in the Kingdom, surveying the landscape, probing the defenses, seeking solutions. Through the lens of cybersecurity professionals, we explore current practices, uncover challenges, envision improvements. Our findings paint a picture of a nation at a crossroads: frequent audits needed, authentication protocols lacking, employee training insufficient, encryption underutilized. Yet hope springs eternal in the form of correlations discovered - more vigilant monitoring begets stronger authentication desires. From this research emerges a roadmap for the future: recommendations for policymakers to craft robust regulations, guidelines for organizations to fortify their digital fortresses, advice for end-users to navigate the IoT maze safely. In the rapidly evolving technological tapestry of Saudi Arabia, this study weaves a thread of security consciousness, contributing to a safer, more reliable IoT ecosystem. As the Kingdom marches towards its Vision 2030, may it do so with cybersecurity as its steadfast companion.
    13 0
  • No Thumbnail Available
    ItemRestricted
    Identifying Characteristics Of Individuals Most Vulnerable To Mobile Phishing In Saudi Arabia
    (Newcastle University, 2024-08) Alrasheed, Abdullah Mohammed; Ibrahim, Rasha
    Mobile phishing attacks represent a significant threat in today’s digital landscape, especially in countries with high smartphone usage rates. Saudi Arabia, with its 99% internet usage and 98.9% of users primarily accessing the internet through mobile phones, face a growing and persistent risk of mobile phishing. This dissertation investigates the effect of the demographic characteristics and security awareness of Saudi mobile users on their vulnerability to mobile phishing attacks. Through an online survey utilizing a mobile phishing IQ test, data was collected from 203 participants across various age groups, genders, educational levels, and general cybersecurity knowledge levels. Multiple regression analysis showed that while age and gender were not significant predictors of phishing vulnerability, educational level and general cybersecurity knowledge were positively associated with both accuracy and precision in identifying phishing attempts. The model explained 12.1% of the variance in accuracy (adjusted R square = 0.103) and 10.3% of the variance in precision (adjusted R square = 0.085). Notably, participants performed better at identifying phishing messages (from 89.2% to 98% accuracy) compared to genuine messages (from 62.6% to 82.8% accuracy). The study highlights the need for targeted awareness efforts and training programs, particularly for individuals with lower educational levels and limited cybersecurity knowledge. These findings add to the growing body of research on mobile phishing susceptibility and provide valuable insights for developing more effective strategies to combat mobile phishing attacks in Saudi Arabia and similar cultural contexts. Future research should focus on real-world mobile phishing scenarios and longitudinal studies to assess the long-term effectiveness of awareness strategies.
    13 0
  • No Thumbnail Available
    ItemRestricted
    ANALYSIS OF CYBERSECURITY INTEGRATION AND LEGISLATIVE STRATEGIES IN JAPAN
    (Kyushu University, 2024-08-21) Aldhafeeire, Salman; Jiro, Hasumi
    This thesis analyzes Japan's national security strategy, which integrates cybersecurity and legislative strategies in response to evolving global cyber threats. The thesis emphasizes the growing importance of cybersecurity in an ever-evolving cyberspace, where state-sponsored cyber-attacks pose significant risks to national security, individual privacy, and economic stability. It explores Japan's proactive policies to cybersecurity integration, considering the interconnected nature of information warfare in the contemporary geopolitical landscape. Despite a historical aversion to militarization, the challenges posed by cyber threats necessitate a pragmatic response, resulting in the delicate balance between defending against cyber threats and upholding pacifist ideals. The research questions focus on understanding how Japan systematically integrates cybersecurity and information warfare measures, legislative frameworks, and proactive initiatives to fortify critical infrastructure and secure sensitive data. The literature review addresses the major policies and interventions by examining Japan's 2021 Cybersecurity Strategy, outlining the government's approach to addressing contemporary threats. The methodology employs a mixed research approach, incorporating document analysis and expert interviews of cybersecurity incidents. The analysis section will dissect secondary sources, resulting in a conclusion synthesizing key findings, academic contributions, and implications for policymakers, academics, and practitioners in cybersecurity and national security, aligning with the Cybersecurity Integration Framework (CIF) theoretical framework. The CIF model is used to assess the extent to which Japan's initiatives effectively reconcile pacifism and defensive cybersecurity measures and incorporates Pacifist Elements, Proactive Elements, Adaptability, and Integrated Analysis in its evaluation. The thesis contributes to a detailed understanding of Japan's cybersecurity strategies, highlighting the integration of information warfare, the impact of historical pacifism, and the effectiveness of legislative frameworks.
    26 0
  • Thumbnail Image
    ItemRestricted
    Cybersecurity of Grid-Connected PV Systems: Analysis and Impacts on the Australian Grid Stability
    (Saudi Digital Library, 2024-07-29) Al Fayi, Abdulrahman; Musleh, Ahmed
    The rapid integration of grid-connected photovoltaic (PV) systems, is transforming the energy sector, offering significant advancements towards sustainable energy solutions. By 2022, solar energy has become an important power source, with Australia's capacity reaching approximately 26 gigawatts (GW) and the global capacity extending to around 1070 GW. However, these systems are vulnerable to cybersecurity threats, particularly False Data Injection Attacks (FDIA), which can disrupt their stability and security. Given the importance of PV systems in reducing reliance on fossil fuels and lowering greenhouse gas emissions, understanding and mitigating these vulnerabilities is crucial. To address these challenges, this research focused on analyzing the impacts of FDIA, on PV grid-connected systems using the Australian 14 Generators System model which is a close estimation of the Australian National Electricity Market (NEM). We implemented various attack scenarios to assess their effects on system stability and performance. My contributions included the development and simulation of these scenarios using MATLAB, as well as the analysis of the resulting data to identify the impacts and propose mitigation strategies. Our findings revealed significant fluctuations in voltage, current, and power under different attack scenarios. Specifically, regions like Queensland and South Australia exhibited severe instability, with South Australia experiencing system failures under high attack magnitudes. Conversely, regions such as Victoria were less affected. These results underscore the critical need for robust cybersecurity measures to protect PV grid systems and ensure their reliable integration into the energy grid.
    61 0
  • Thumbnail Image
    ItemRestricted
    Identification and Reporting of Phishing Attacks in Cybersecurity
    (University of Portsmouth, 2024-07-02) Almajnouni, Ali; Sparrius, Martin
    In Saudi, there is a quick rise in cybersecurity demands coupled with an increase in phishing incidents coming out at an escalating rate, which makes it necessary to require a better comprehension of what motivates people to recognize report and eliminate these kinds of cyber-attacks. This study intends to address this gap by examining how awareness regarding cyberspace security, training, perceived security of phishing assault as well as trust over reporting channels affect reporting practices and behaviour. The research seeks to find out what motivates individuals to report phishing attacks using a combination of literature review, online survey, and data analysis. This study is important because it could help policymakers and key stakeholders to comprehend how individuals can be made aware of being more careful about cybercrime, as well as improve ways through which these crimes are reported while enabling both internet users and companies to respond quickly to phishing attacks. The exploration of inventive techniques and technologies in this research paper helps to enhance existing cybersecurity patterns and protect private information from evolving phishing attacks to ultimately benefit individuals, companies and governmental organizations in Saudi, Arabia and outside.
    14 0
  • Thumbnail Image
    ItemRestricted
    READINESS ASSESSMENT OF SAUDI NON-PROFIT ORGANIZATIONS: TOWARD CYBERSECURITY AND DATA PROTECTION
    (Marymount University, 2024) Asiry, Yasser; V Mbaziira, Alex
    The increase in cyberattacks in recent years has negatively affected the overall performance of organizations worldwide, leaving them to face significant challenges in improving and strengthening their cybersecurity mechanisms. Non-profit organizations (NPOs) relied heavily on the use of information technology (IT) in their daily operations and strategic initiatives; thus, ensuring the confidentiality, integrity, and availability of sensitive information and the robustness of their systems and policies was crucial. Unfortunately, few studies analyzed the factors that affected the cybersecurity readiness of Saudi NPOs from a holistic point of view. Therefore, this study aimed to assess the readiness of Saudi NPOs in terms of cybersecurity and data protection by examining a comprehensive set of organizational, environmental, and technological factors. The findings of this study were also expected to reveal the positive effects of cybersecurity readiness on organizational performance. This study was likely to encourage governments and decision-makers to improve the cybersecurity readiness of NPOs by introducing cybersecurity initiatives involving security policy interventions, the use of secure resources, and alignment with security regulations. This study was expected to be generalizable to all types of organizations (e.g., profit, non-profit, governmental, non-governmental, etc.) in multiple countries.
    22 0

Copyright owned by the Saudi Digital Library (SDL) © 2024