Saudi Cultural Missions Theses & Dissertations

Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10

Browse

Search Results

Now showing 1 - 10 of 38
  • ItemRestricted
    A Peer-to-Peer Federated Learning Framework for Intrusion Detection in Autonomous Vehicles
    (Lancaster University, 2024-09) Alotaibi, Bassam; Bradbury, Matthew
    As autonomous vehicles (AVs) increasingly rely on interconnected systems for enhanced functionality, they also face heightened cyberattack vulnerability. This study introduces a decentralized peer-to-peer federated learning framework to improve intrusion detection in AV environments while preserving data privacy. A novel soft-reordering one-dimensional Convolutional Neural Network (SR-1CNN) is proposed as the detection engine, capable of identifying known and unknown threats with high accuracy. The framework allows vehicles to communicate directly in a mesh topology, sharing model parameters asynchronously, thus eliminating dependency on centralized servers and mitigating single points of failure. The SR-1CNN model was tested on two datasets: NSL-KDD and Car Hacking, under both independent and non-independent data distribution scenarios. The results demonstrate the model’s robustness, achieving detection accuracies of 94.39% on the NSL-KDD dataset and 99.97% on the Car Hacking dataset in independent settings while maintaining strong performance in non-independent configurations. These findings underline the framework’s potential to enhance cybersecurity in AV networks by addressing data heterogeneity and preserving user privacy. This research contributes to the field of AV security by offering a scalable, privacy-conscious intrusion detection solution. Future work will focus on optimizing the SR-1CNN architecture, exploring vertical federated learning approaches, and validating the framework in real-world autonomous vehicle environments to ensure its practical applicability and scalability.
    19 0
  • ItemRestricted
    Utilizing Data Analytics for Fraud Detection and Prevention in Online Banking Systems of Saudi Arabia
    (University of Portsmouth, 2024-09) Almotairy, Yazeed; Jiacheng, Tan
    This thesis addresses the critical issues of online banking and online banking fraud in Saudi Arabia. The thesis focusses on the older methodologies of the online banking systems in Saudi Arabia. The frauds are discussed in detail that are occurring in the online banking systems and are causing inconvenience to the users and account holders of the online banks and applications. In this thesis, online banking frauds are discussed thoroughly, and the traditional fraud detection methods are elaborated as well. The vulnerabilities in the current systems are explored. It discusses how the older systems are not performing well and why the new system encompasses the power of data analytics and machine learning. The methods proposed use a set of data analytics and machine learning algorithms and techniques to detect fraud or any fraudulent activity that a scammer or fraudster may perform. The results of this study explain how the proposed system can outperform the traditional methodologies being used in Saudi Arabian online banking systems. The proposed system can also enhance the user experience. The possible privacy and ethical concerns are also discussed. In the end, it is also discussed what the future prospects are for the researchers who are looking to enhance this research or want to work in the field of data analytics and machine learning to improve the security of the security of online banking applications. In conclusion, this thesis not only contributes to the body of knowledge on online banking frauds in Saudi Arabia and their detection but also features future research topics for new researchers.
    7 0
  • ItemRestricted
    A Critical Analysis of Cyber Threats and Vulnerabilities in Satellite Ground Systems
    (University of the West of England, 2024) Almutairi, Faisal; Mills, Alan
    The growing dependence on satellite ground systems for critical applications such as telecommunications, navigation, and weather forecasting has underscored the importance of cybersecurity in these systems. This paper critically analyses the current state of cybersecurity threats and vulnerabilities in satellite ground systems. Utilising a comprehensive literature review and critical analysis of existing scholarly works, technical papers, and industry reports, this study identifies key cyber threats, including unauthorised access, jamming, spoofing, Advanced Persistent Threats (APTs), man-in-the-middle attacks, eavesdropping, and hijacking. The analysis reveals vulnerabilities in encryption protocols and communication channels. The study evaluates existing security measures and highlights gaps in empirical validation and practical implementation. It emphasises the need for robust encryption methods, advanced cryptographic techniques, and adaptive security strategies. We also discuss the crucial step of enhancing the resilience of satellite ground systems by incorporating developing technologies like Artificial Intelligence (AI) and quantum cryptography. This paper concludes with practical recommendations, emphasising empirical validation of security measures and comprehensive risk management frameworks. The research aims to improve the security and reliability of satellite ground systems, ensuring their protection against evolving cyber threats and contributing to the overall enhancement of cybersecurity in this infrastructure
    15 0
  • ItemRestricted
    Technostress among Cybersecurity Professionals; Current Knowledge and Future Directions: A Systematic Literature Review
    (University of Strathclyde, 2024-08) Alghamdi, Ohud; Farooq, Ali
    Abstract: This systematic literature review (SLR) was carried out with the objective of comprehensively examining the current knowledge on technostress experienced by cybersecurity professionals and determining the gaps in literature and future research directions. Cybersecurity professionals are at an elevated risk of experiencing technostress because of the demanding nature of their work. These individuals experience several stress-inducing obstacles as they need to respond to security threats and incidents. The study examined the key technostress experienced by these professionals and how technostress affects the health and performance of these individuals. A search strategy including primary keywords “technostress” and “cybersecurity professionals” was used across different databases. After identifying studies relevant to these terms, the inclusion and exclusion criteria were applied to shortlist the studies that were appropriate for our research objectives. Five key drivers of technostress among cybersecurity professionals were identified. These included role ambiguity, high workload, job insecurity, lack of social support, and sleep quality. These stresses create high turnover rates among cybersecurity professionals, who quit their jobs because they are unable to cope with the role ambiguity, high workload, job insecurity, and evolving requirements of the field. Many employees also decide to change their fields and shift to another career. Technostress leads to burnout and strain, which adversely affects the job performance of employees as they are unable to remain productive in their work. The impact of technostress on cybersecurity professionals highlights the need for urgent interventions. By addressing the stressors and how they impact the cybersecurity workers, the health and well-being of these employees can increase, which would eventually lead to improvements in their performance and productivity. The study further discusses the theoretical and practical implications of the research and presents the direction for future research in this field.
    31 0
  • ItemRestricted
    Visualising of cyber crime data by Communication Structured Acyclic Nets
    (Newcastle University, 2024-09-02) Alahmadi, Mohammed Saud; Koutny, Maciej
    Communication Structured Acyclic Nets (CSA-nets) are a Petri net-based formalism used to represent the behaviour of Complex Evolving Systems (CES). CSA-nets, comprising sets of acyclic nets, are suitable tools for modelling and visualising the behaviour of event-based systems. Each subsystem is represented using a separate acyclic net, linked to others through a set of buffer places depicting their interactions. However, CSA-nets suffer from challenges especially in analysing and visualising CESs that have a large number of subsystems resulting from alternative and concurrent execution scenarios. Moreover, CSA-nets currently lack the capability to represent multiple or coloured tokens, thereby limiting their ability to represent several similar processes simultaneously. This thesis introduces extensions for CSA-nets to capture compactly the relationships between interacting systems’ components represented by sets of acyclic nets. Specifically, it introduces a way of folding buffer places to address the issue of a large number of buffer places. Then it introduces a new class of CSA-nets, called Parameterised Communication Structured Acyclic Nets (PCSA-nets), using multi-coloured tokens and allowing places to accept multiple tokens distinguished by parameters. The thesis also aims at improving the visualisation of csa-nets by rearranging their component acyclic nets to minimise the number of crossing arcs by taking inspiration from the main ideas behind three well-known sorting algorithms (bubble sort, insertion sort, and selection sort). Furthermore, this thesis presents a novel approach that combines TCP protocol anomaly detection with visual analysis through CSA-nets. The strategy provides a clear visualisation of cyber attack behaviours, leading a deeper understanding of Distributed Denial of Service (DDoS) patterns and their underlying causes. A new concept of Timed-Coloured Communication Structured Acyclic Nets (TCCSA-nets) is introduced, which allows elaboration of the system’s performance and emphasising the system’s operations in real-time. This approach allows for the classification of messages as abnormal if their duration exceeds a predetermined time limit.
    35 0
  • Thumbnail Image
    ItemRestricted
    An AI-Driven, Secure, and Trustworthy Ranking System for Blockchain-Based Wallets
    (University of Technology Sydney, 2024-07-08) Almadani, Mwaheb; Farookh Hussain
    The significance of blockchain security has gained considerable interest as blockchain technologies grow in popularity. The spectacular rise in cryptocurrency values has also increased the adoption of blockchain-based wallets(BW/BWs). This tendency emphasizes the need for comprehensive security measures to protect digital assets, maintain transaction integrity and preserve trust in the blockchain networks. The most critical concern surrounding blockchain-based wallets is managing users' private keys, which are essential for authorizing transactions and accessing the digital cryptocurrencies stored in the blockchain network. In recent years, malicious actors have increased efforts to compromise these private keys and take control of the BW's digital assets. Therefore, ensuring the security of private keys through rigorous security protocols is paramount to defend against unauthorized access and potential financial losses. This thesis aims to investigate the integration of hard security, such as authentication techniques and access controls, and soft security measures, such as trust models and ranking systems, in the context of BWs. By incorporating tangible physical defenses (hard security) with intangible procedural strategies (soft security), we present a comprehensive framework for enhancing BW solution security and trustworthiness. This is essential for the widespread adoption and use of blockchain technology in financial transactions and digital asset management. This thesis proposes a secure, intelligent, and trustworthy approach for BW solutions that incorporates 2FA and MFA as hard security measures and an AI-driven ranking system as soft security measures. We have developed a BW website (BWW) with four authentication mechanisms, including different factors such as TOTP and biometrics through facial recognition, allowing BW users to choose their preferred level of security. The BWW remarkably improves the security of BW solutions by defending them against various threats, including sophisticated cyber-attacks, unauthorized access and human-caused weaknesses. Moreover, We introduce a trust-based ranking system (TBW-RAnk) for BW solutions that transparently ranks the BW solutions according to several objective and trusted criteria. TBW-RAnk is built using three AI models, namely the random forest classifier (RFC), the support vector classifier (SVC) and deep neural network (DNN). It has two modes: general and customized for a comprehensive and accurate assessment and recommendation for BW users. Consequently, BW users can make informed decisions and increase their security within the blockchain ecosystem. The proposed approach enhances the security and trustworthiness of BWs and increases their acceptance in the market.
    26 0
  • Thumbnail Image
    ItemRestricted
    An information security model for an Internet of Things-enabled smart grid in the Saudi Energy Sector
    (University of Southampton, 2024-07-22) Akkad, Abeer; Rezazadeh, Reza; Wills, Gary; Hoang, Son
    The evolution of an Internet of Things-enabled Smart grid affords better automation, communication, monitoring, and control of electricity consumption. It is now essential to supply and transmit the data required, to achieve better sensing, more accurate control, wider information communication and sharing, and more rational decision-making. However, the rapid growth in connected entities, accompanied by an increased demand for electricity, has resulted in several challenges to be addressed. One of these is protecting energy information exchange proactively before an incident occurs. It is argued that Smart Grid systems were designed without any regard for security, which is considered a serious omission, especially for data security, energy information exchange, and the privacy of both consumers and utility companies. This research is motivated by the gap identified in the requirements and controls for maintaining cybersecurity in the bi-directional data flow within the IoT-enabled Smart Grid. Through literature and industry standards, the initial stages of the research explore and identify the challenges and security requirements. Threat modelling analysis identified nine internet-based threats, proposing an initial information security model. This initial model is validated using expert reviews, resulting in a reference model that includes seven security requirements and 45 relevant security controls. To demonstrate the usefulness of this reference model as a foundation for further research, a segment of the reference model is elaborated using Event-B formal modelling. This approach assists in incorporating additional details during refinements and confirming the consistency of those details. The formal modelling process begins by formulating the functional requirements in a consistent model and then augmenting it with security controls. The effectiveness of these security controls is validated and verified using formal modelling tools. The contribution of this research, therefore, is the unique approach to developing a framework for an IoT-enabled Smart Grid (SG) by utilising threat analysis and expert reviews in combination with formal methods. As the field of security continues to evolve, this generic framework and formal template can be reused as a foundation for further analysis of other components or access points, and to implement new security controls. The resulting model enables field experts, security practitioners, and engineers to verify any changes made, ensuring they do not compromise the security of information flow within the IoT-enabled Smart Grid during the initial design stages of the system life cycle.
    34 0
  • Thumbnail Image
    ItemRestricted
    Comparative Analysis of User Responses to Phishing: Emails vs Mobile Instant Messaging Apps
    (University of the West of England, 2024-06-20) Alqahtani, Mohammed; Gorine, Adam
    As phishing gets more sophisticated and multiple tactics are employed across various communication mediums, analysing users’ responses becomes increasingly essential. The extensive literature review indicates that most studies focus on a single medium across different communication platforms, necessitating additional effort. This research paper compares users’ responses to phishing attacks via two major communication platforms: Email and Mobile Instant Messaging (MIM) Apps. Understanding how users recognise and respond to phishing incidents is crucial for improving cybersecurity measures. A structured survey was conducted to investigate multiple dimensions of user interaction with phishing, such as self-reported confidence in phishing identification, frequency of phishing experiences, reliance on specific features for identification, and actions taken in response to suspected phishing attempts. The results reveal several key insights: 1) the study identifies the demographics of users most vulnerable to phishing attacks; 2) it highlights the similarities and differences in what prevents phishing messages from targeting the inbox and app interception; The study also offers recommendations to enhance users’ willingness and capability to withstand phishing attacks, including targeted educational campaigns, more convenient reporting options, and changes in the design of digital communication platforms.
    20 0
  • Thumbnail Image
    ItemRestricted
    Cybersecurity-Aware Distributed Optimization for Optimal Power Flow
    (Georgia Institute of Technology, 2024-07-17) Alkhraijah, Mohannad; Molzahn, Daniel
    Distributed optimization algorithms have many attractive features for coordinating systems with multiple agents, as they allow multiple agents to collaborate in solving large-scale optimization problems while maintaining their autonomy. However, distributed algorithms may be vulnerable to cyberattacks due to their dependency on communication. This dissertation proposes a general cybersecurity-aware distributed optimization implementation framework for solving optimal power flow problems. The proposed framework increases the resiliency of distributed optimization against cyberattacks and data manipulation. The main contributions of the dissertation are (1) development of an open-source framework to expedite the process of testing and experimenting with distributed optimization algorithms, (2) benchmarking multiple distributed algorithms with various optimal power flow models in the presence of nonideal communication via an extensive empirical analysis, (3) investigation of cyberattack threats on distributed optimization and proposition of cyberattack detection models, (4) development of a mitigation strategy for cyberattacks and communication failures via formulating and solving a robust optimization problem, and (5) development of a fault-tolerant distributed termination method that prevents faulty termination caused by cyberattacks or communication errors.
    26 0
  • Thumbnail Image
    ItemRestricted
    INTO THE DIGITAL ABYSS: EXPLORING THE DEPTHS OF DATA COLLECTED BY IOT DEVICES
    (Johns Hopkins University, 2024-02-22) Almogbil, Atheer; Rubin, Aviel
    The proliferation of interconnected smart devices, once ordinary household appliances, has led to an exponential increase in sensitive data collection and transmission. The security and privacy of IoT devices, however, have lagged behind their rapid deployment, creating vulnerabilities that can be exploited by malicious actors. While security attacks on IoT devices have garnered attention, privacy implications often go unnoticed, exposing users to potential risks without their awareness. Our research contributes to a deeper understanding of user privacy concerns and implications caused by data collection within the vast landscape of the Internet of Things (IoT). We uncover the true extent of data accessible to adversarial individuals and propose a solution to ensure data privacy in precarious situations. We provide valuable insights, paving the way for a more informed and comprehensive approach to studying, addressing, and raising awareness about privacy issues within the evolving landscape of smart home environments.
    13 0

Copyright owned by the Saudi Digital Library (SDL) © 2024