Saudi Cultural Missions Theses & Dissertations

Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10

Browse

Has files: YesSubject: search.filters.subject.security

Search Results

Now showing 1 - 10 of 12
  • No Thumbnail Available
    ItemRestricted
    OPTIMIZING INTRUSION DETECTION IN IOT NETWORK ENVIRONMENTS THROUGH DIVERSE DETECTION TECHNIQUES
    (Florida Atlantic University, 2025-03-11) Al Hanif, Abdulelah; Ilyas, Mohammad
    The rapid proliferation of Internet of Things (IoT) environments has revolutionized numerous areas by facilitating connectivity, automation, and efficient data transfer. However, the widespread adoption of these devices poses significant security risks. This is primarily due to insufficient security measures within the devices and inherent weaknesses in several communication network protocols, such as the Message Queuing Telemetry Transport (MQTT) protocol. MQTT is recognized for its lightweight and efficient machine-to-machine communication characteristics in IoT environments. However, this flexibility also makes it susceptible to significant security vulnerabilities that can be exploited. It is necessary to counter and identify these risks and protect IoT network systems by developing effective intrusion detection systems (IDS) to detect attacks with high accuracy. This dissertation addresses these challenges through several vital contributions. The first approach concentrates on improving IoT traffic detection efficiency by utilizing a balanced binary MQTT dataset. This involves effective feature engineering to select the most important features and implementing appropriate machine learning methods to enhance security and identify attacks on MQTT traffic. This includes using various evaluation metrics such as accuracy, precision, recall, F1-score, and ROC-AUC, demonstrating excellent performance in every metric. Moreover, another approach focuses on detecting specific attacks, such as DoS and brute force, through feature engineering to select the most important features. It applies supervised machine learning methods, including Random Forest, Decision Trees, k-Nearest Neighbors, and Xtreme Gradient Boosting, combined with ensemble classifiers such as stacking, voting, and bagging. This results in high detection accuracy, demonstrating its effectiveness in securing IoT networks within MQTT traffic. Additionally, the dissertation presents a real-time IDS for IoT attacks using the voting classifier ensemble technique within the spark framework, employing the real-time IoT 2022 dataset for model training and evaluation to classify network traffic as normal or abnormal. The voting classifier achieves exceptionally high accuracy in real-time, with a rapid detection time, underscoring its efficiency in detecting IoT attacks. Through the analysis of these approaches and their outcomes, the dissertation highlights the significance of employing machine learning techniques and demonstrates how advanced algorithms and metrics can enhance the security and detection efficiency of general IoT network traffic and MQTT protocol network traffic.
    29 0
  • No Thumbnail Available
    ItemRestricted
    A Study of Perspectives of Patients and Stakeholders regarding the Privacy, Security, and Confidentiality of Data collected via mHealth apps in Saudi Arabia: A Mixed Method Analysis
    (University of Warwick, 2024) Alhammad, Nasser; Epiphaniou, Gregory, Alajlani Mohannad and Arvanitis Theodoros
    Mobile health (mHealth) apps have the potential to enhance healthcare service delivery but the adoption could be shaped by users’ awareness and concerns regarding patients’ data privacy, and security. This thesis aims to achieve the following research objectives; (1) to systematically assess patients’ perspectives and awareness level of data privacy, confidentiality, and security of mHealth apps, (2) to explore patients, healthcare workers and stakeholders’ perspectives regarding these issues, (3) to develop a model for predicting the influencing factors by combining the Technology Acceptance Model (TAM) and the PSC concept, and (4) propose initiatives to enhance the adoption of mHealth apps among patients. The research objectives were executed by systematically analysing 33 relevant articles on the research problems using a mixed-method study design comprising quantitative and qualitative phases. A cross-sectional survey instrument was piloted, validated and administered online to patients and end users (n = 600) of mHealth apps from various provinces in Saudi Arabia. Data were analysed using descriptive statistics and linear regression models. With a response rate of 90% (n = 567/600), most patients were aware about mHealth apps but moderate to high level of concerns were raised regarding data privacy and security. These concerns were significantly higher among female patients, those with higher educational qualifications, and younger age groups. Qualitative exploration among 25 stakeholders of mHealth apps revealed that patients needed to be more informed regarding data privacy and security than healthcare workers. Facilitators of mHealth apps include patient education, advanced security features, user-friendly features, online consultation for emergencies, remote monitoring features, and considering patients’ needs. In conclusion, patients’ socio-demographic factors and data security and privacy concerns influence their behavioural intention to use mHealth apps. Educating users on these issues, as well as targeting the younger population, may also be considered. The present findings will contribute to policymaking by informing the development of data security standards in mHealth apps, addressing user concerns, and enhancing adoption. It offers insights into socio-demographic factors influencing behavioural intention, guiding targeted awareness campaigns and educational initiatives. Additionally, the findings support the creation of user-centric features and advanced security measures, aligning with the goals of Vision 2030. This ensures that policymakers can implement evidence-based strategies to improve patient trust and the effective integration of mHealth technologies into Saudi Arabia’s healthcare system.
    42 0
  • No Thumbnail Available
    ItemEmbargo
    ENHANCING LOCATION INFORMATION PRIVACY AND SECURITY IN IoBT USING DECEPTION-BASED TECHNIQUES
    (Florida Atlantic Uniiversity, 2024-09) Alkanjr, Basmh; Imadeldin, Mahgoub
    IoBT stands for the Internet of Battlefield Things. This concept extends the principles of the Internet of Things (IoT) for military and defense use. IoBT integrates smart devices, sensors, and technology on the battlefield to improve situational awareness, communication, and decision-making in military operations. Sensitive military data typically includes information crucial to national security, such as the location of soldiers and equipment. Unauthorized access to location data may compromise operational confidentiality and impede the element of surprise in military operations. Therefore, ensuring the security of location data is crucial for the success and efficiency of military operations. We propose two systems to address this issue. First, we propose a novel deception-based scheme to enhance the location-information security of IoBT nodes. The proposed scheme uses a novel encryption method, dummy IDs, and dummy packets technology. We develop a mathematical model to evaluate our scheme in terms of safety time (ST), probability of failure (PF), and the probability of identifying the real packet in each location information update (PIRP). Then, we develop NetLogo simulations to validate the mathematical model. The proposed scheme increases ST, reduces PF and PIRP. We develop a scheme to protect the node's identity using dummy ID, silence period, and sensitive area’s location privacy enhancement concepts. We generate a pseudonym location for each node in the IoBT environment to protect the node's real location information. We propose a new metric called the average probability of linkability per dummy ID (DID) change to assess the attacker's effectiveness in linking the source node with its new DID following the silent period. We develop Matlab simulations to evaluate our scheme in terms of average anonymity and average probability of linkability per DID change. The results showed further privacy enhancement by applying the sensitive area concept. Tampering with location information, such as falsification attacks, can lead to inaccurate battlefield assessments and personnel safety risks. Thus, we design ANFIS and ensemble methods for detecting position falsification attacks in IoBT. Using the VeReMi dataset, our method achieved high detection accuracy while reducing false negative rate and computation complexity. Cross-validation further supports the reliability of our model.
    32 0
  • No Thumbnail Available
    ItemRestricted
    Cloud Cybersecurity
    (Universidad de Al cala, 2024) Bokhari, Nabil; Herraiz, Martinez; Javier, Jose
    The rapid evolution of cloud computing has revolutionized modern business operations, from hosting applications to storing data in high-security environments. Competitive businesses are leveraging cloud computing solutions to maximize the benefits, including cost-effectiveness, flexibility, and scalability. Cloud computing enables enterprises to access on-demand and scalable computing resources, specifically computational power and vast data storage. Despite the immense benefits, the security of data transmitted and stored in a cloud computing environment is vulnerable to multiple cybersecurity attacks, including data manipulation, loss, and theft. The study aims to develop a security model for enhanced data privacy and security in the cloud by leveraging a hybrid of cryptographic algorithms and steganography image-based techniques. The security model innovatively combines Advanced Encryption Standard (AES), Rivest Shamir Adleman (RSA), and the Least Significant Bit (LSB) technique to enhance data privacy and security of data in motion in a cloud computing environment. The three-step security model was designed, developed, and evaluated using the Design Science Research (DSR) methodology. The model secures data through cryptographic algorithms, adds an extra security layer using steganography, and implements backup and data recovery. The methodology was selected because of its practicality and philosophical underpinnings on addressing contemporary challenges by developing novel and relevant artifacts using scientifically rigorous procedures. The findings show that a hybrid of cryptography and steganography provides unbeatable security for data in a cloud computing environment. Implementing the security model will enhance data privacy and security in the cloud by revolutionizing how data is encrypted and decrypted. In the future, the integration of Machine Learning and Artificial Intelligence methodologies and algorithms will quadruple the effectiveness and robustness of this data security model for the cloud.
    26 0
  • Thumbnail Image
    ItemRestricted
    INTO THE DIGITAL ABYSS: EXPLORING THE DEPTHS OF DATA COLLECTED BY IOT DEVICES
    (Johns Hopkins University, 2024-02-22) Almogbil, Atheer; Rubin, Aviel
    The proliferation of interconnected smart devices, once ordinary household appliances, has led to an exponential increase in sensitive data collection and transmission. The security and privacy of IoT devices, however, have lagged behind their rapid deployment, creating vulnerabilities that can be exploited by malicious actors. While security attacks on IoT devices have garnered attention, privacy implications often go unnoticed, exposing users to potential risks without their awareness. Our research contributes to a deeper understanding of user privacy concerns and implications caused by data collection within the vast landscape of the Internet of Things (IoT). We uncover the true extent of data accessible to adversarial individuals and propose a solution to ensure data privacy in precarious situations. We provide valuable insights, paving the way for a more informed and comprehensive approach to studying, addressing, and raising awareness about privacy issues within the evolving landscape of smart home environments.
    15 0
  • Thumbnail Image
    ItemRestricted
    Usability and security of recognition-based textual password
    (Iowa State University, 2024-07-16) Wasfi, Hassan; Stone, Richard
    Knowledge-based passwords are still the most dominant authentication technique for authentications purposes, in spite of the emergence of alternative systems such as token-based and biometric systems. This approach has remained the most popular one mostly because of its user familiarity, compatibility, usability, affordability. Nevertheless, the main challenge of knowledge-based password schemes based on creating passwords that deliver a balance between usability and security. This dissertation will be focused on the recent researches related to textual and graphical password to have an overview of their usability and security features and drawbacks. The literature review of this dissertation studied the main challenges of textual password schemes (text-based, passphrase, mnemonic, pronounceable, persuasive-text passwords). These schemes have several issues such as memorization, password complexity, password resets, input errors, password reuse and strength against guessing attack. On the other hand, graphical password schemes (recognition, recall, and hybrid passwords) improve the memorability compared to textual password because user experience with interacting with images result in better memorability rate. Graphical passwords have their own issues which are require a huge storage space(costly), complex setup and enrollment, long time to log in, limited password space, and vulnerability to shoulder surfing attack. After a deep investigation done in the literature review, this dissertation will have a thoughtful examination related the major features and drawbacks of recognition-based textual passwords because it provides the usability and security benefits of graphical passwords with the familiarity of textual passwords. Also, this dissertation studied the recognition textual password and its types to have a clear vision to build a usable and secure authentication system. This approach is categorized into two main aspects user and system generated method. Previous researches deeply studied the system-generated recognition textual password for both nouns and passphrase in term of avoiding weak users’ choices of password creation however, researchers found that users had difficulty in memorization in long term memory. On the other hand, user chosen recognition textual password provides high memorability rate compared to system generated but it’s not secure enough because users tend to select predictable words. This dissertation will be focused on user chosen recognition textual password. Third chapter showed a study compares the usability of recognition and recall textual password for nouns and passphrase to distinguish the user’s behaviors of password creation, system design, wordlist, memorability rate, and login time. The study discovered that recognition textual password of passphrase has higher memorability rate compared to recognition nouns, recall nouns and recall passphrase because some users select their password in unmeaningful structure. Also, the login time for recognition passphrase is less than others conditions. The wordlist and system design play an important role storing and retrieving performance. Overall, this result will help to establish a new method that avoiding these issues. Previous studies have not built a recognition textual password method with a high entropy space, and mitigating common attacks. Moreover, enhancing the system design by considering word types, word presentation, and phycological stimulus. These factors can influence the users’ performance in the storing and retrieving processes. Therefore, a novel authentication method called Word Pattern Recognition Textual Password (WPRTP) was proposed, which is based on drawing a pattern on a grid with a specific security requirement to balance between usability and security. This work aims to compare WPRTP with a recall textual password to explore its potential for enhancing user experience, usability, and security. The WPRTP results indicating that it is significantly more memorable in long-term memory (over a three-week period), and required less time to register compared to a recall passphrase. Thus, WPRTP is a potential alternative to traditional textual password.
    34 0
  • Thumbnail Image
    ItemRestricted
    Zero Trust with Guaranteed Accuracy Architecture Implementation for Intrusion Detection Systems (ZTA-IDS)
    (University of Technology Sydney, 2024-05-13) Alalmaie, Abeer; Nanda, Priyadarsi; Wenjing, Jia
    As security monitoring advances and cloud computing grows popular, organizations increasingly outsource intrusion detection and monitoring to third-party analysts to save on costs like installation, maintenance, labor, and computational time, thereby enhancing efficiency and focus on services and products. However, due to the data security risks of allowing cloud-based third-party analysts access to network traces, the current ”trust but verify” approach in security monitoring is insufficient. Therefore, new mechanisms such as Zero Trust models, which demand a shift in perspective to “never trust, always verify”, must be built and implemented by network providers. The main challenge, however, is that outsourcing sensitive network traces to untrusted parties is inherently in contradiction with the policy of Zero Trust models. A great deal of effort has been devoted to address such security and privacy issues. Unfortunately, the majority of these sacrifice usability to provide better privacy guarantees, while others sacrifice privacy to maintain usability. A case in point is CryptoPAn, a prefix-preserving anonymization solution that preserves the utility for Internet Protocol (IP)-based intrusion detection analyses but is vulnernable to semantic attacks. Recently, a new notion called the multi-view approach has been proposed to preserve both the privacy and accuracy of the outsourced datasets targeting intrusion detection schemes. In this thesis, we apply multi-view approach, addressing the challenges including use of appropriate partitioning algorithm and interpretation of security rules in each IDS when examining anonymized views. It assesses the model’s effectiveness against various intrusions and its resilience to different semantic attacks. Furthermore, we propose a new binary IDS, based on an autoencoder and a convolutional neural network, which outperforms other related works and achieves an accuracy of 92% using small amount of training data. Additionally, we extend binary IDS to a multiclass IDS and we take sequential dependencies into consideration using recurrent neural networks. However, experi- ments reveal a decline in accuracy on real-world data due to significant domain shift between the training and real-world data domains. This may be due to variety of training data on real-world scenarios and sensitivity to input changes. However, after fine-tuning with a limited set of samples from the real-world domain, our model’s accuracy improved significantly, aligning with unique characteristics of the collected data.
    61 0
  • Thumbnail Image
    ItemRestricted
    MulVAL attack graph tool evaluation, advantages, and disadvantages
    (Cardiff University, 2024-01-24) Alnasser, Manar; Li, Tingting
    Computer networks have become increasingly sophisticated, which has posed challenges for network security management. Attack graphs are a popular method for analysing vulnerabilities in networks. Multihost multistage vulnerability analysis (MulVAL) is a generic framework that is widely used for analysing attacks. This study evaluated the effectiveness of MulVAL by measuring the following features: detecting rate, false positives/negatives, performance speed, scalability, and reporting capability. MulVAL was compared with alternative frameworks, which showed several advantages, such as scalability and comprehensive reports. The drawbacks of MulVAL’s disadvantages include its complexity and the difficulty in using the tool effectively. Based on these findings, recommendations for future work are provided.
    48 0
  • Thumbnail Image
    ItemRestricted
    Strategic Integration of Cyber Deterrence and Cyber Defense Mechanisms: A Holistic Approach to Safeguarding National Cybersecurity
    (King's College London, 2023-09-01) Alqahtani, Abdulkarim Saad Hussain; Martin, Susan
    The objec-ves of this research included studying the effectiveness of the different cyber deterrence theories in protecting national security, understanding the mechanism of action of cyber deterrence and cyber defense strategies, and the role of technology in cyber deterrence and cyber defense. This research has been carried out as secondary research. In this case, previous literature was studied to answer the research question. It is a research that followed pragmatism research philosophy and, thus, focused on the practical approach to answering the research ques-on. This study has proved that cyber deterrence theories alone are effective only to some extent when it comes to protecting state security. The study has shown that cyber deterrence theories offer a passive approach to national security protection. They work best when the cyber defense strategies and mechanisms relying on the latest technology provide an active approach towards mitigating any cyberaSack. The mechanism of action in both these cases is different. The cyber deterrence theories act passively by deterring the aSackers, while the cyber defense strategies are aggressive, focusing on mitigating any cyberaSack whenever that happens. Also, this study has shown that there is a very significant role that technology has to play in ensuring national security.
    54 0
  • Thumbnail Image
    ItemRestricted
    APPLICATION OF AOP FOR SECURITY
    (Saudi Digital Library, 2023-11-27) Alqahtani, Abeer; Coope, Sebastian
    The current dissertation represents a comprehensive exploration of security and ethics concepts in Java software development. Aspect-oriented programming (AOP) API was developed and implemented to capitalize on the paramount importance of security in software development. This dissertation also highlights the incredible role of security of digital applications that alter the software development landscape nowadays. Further research also allowed to focus on cross-cutting security concerns like data integrity, encryption/decryption, and access control. The aspects are essential because they can be utilized to safeguard sensitive information and ensure that new software systems are trustworthy and preserve a high quality of the overall build. Each of the three security aspects was validated with the aid of AOP principles. This was necessary to address the key benefits of AOP, such as effectiveness and practicality, and address complex security concerns related to programming conundrums. The Spring Framework utilized secure application objects and integrated high-quality authentication and authorization mechanisms. The grade of practicality and real-world applicability was enhanced with the aid of the Spring Framework. The application was designed to allow authorized users only to access and perform actions aligned with their role within the system. The industry’s best practices can be in line with role-based access controls and respective security enhancements. The project also touched upon ethical considerations of AOP to ensure that data privacy, transparency, and regulatory compliance can be maintained. The data-driven nature of the modern world makes it fundamental to consider ethical aspects of programming, and the current dissertation acknowledges the significance of ethical principles in software development. The findings from this dissertation make it safe to say that AOP is an efficient instrument that can be implemented to fortify software ecosystems. The API’s potential is exceptionally high, thus in order to strengthen the project’s defence against potential threats, the AOP software is used through Java-based security APIs. Overall, this dissertation contributes to ethically responsible, secure software development principles while also looking back at the need to develop practical, secure applications.
    28 0

Copyright owned by the Saudi Digital Library (SDL) © 2025