Saudi Cultural Missions Theses & Dissertations

Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10

Browse

Subject: search.filters.subject.Cybersecurity

Search Results

Now showing 1 - 10 of 58
  • No Thumbnail Available
    ItemRestricted
    Resilience of Saudi Financial Institutions Against AI-Driven Cyber Threats
    (Saudi Digital Library, 2025) ALshammar, Rushud; Adamos, Vasileios
    Artificial intelligence (AI) is increasingly exploited by cybercriminals, creating advanced threats that challenge the security of financial institutions. Saudi banks, central to Vision 2030’s digital transformation, face heightened risks from AI-driven attacks such as phishing, fraud detection evasion, and adversarial machine learning. The aim of this research was to evaluate the resilience of six major Saudi banks (NCB, Al Rajhi, SABB, Riyad Bank, BSF, and ANB)against AI-enabled cyber threats, with a focus on identifying gaps in current frameworks, assessing employee awareness, and recommending improvements. A quantitative, cross-sectional survey was employed, gathering data from banking professionals across cybersecurity, compliance, and risk management roles. The findings show that while AI-driven threats are widely recognised, frameworks are inconsistently applied, AI-powered defences are rare, and employee training lacks AI-specific content. These shortcomings reduce institutional agility and leave human awareness as the weakest layer of defence. The study is limited by its reliance on survey data, which restricts depth of institution-specific insights. It recommends mandatory AI-focused training, adoption of automated defence systems, and contextualised national frameworks. Future research should include longitudinal studies, case-specific analyses, and simulation-based testing to strengthen resilience in evolving threat environments.
    10 0
  • No Thumbnail Available
    ItemRestricted
    An NLP-Driven Framework for Business Email Compromise Detection and Authorship Verifcation
    (Saudi Digital Library, 2025) Almutairi, Amirah; AlHashimy, Nawfal; Kang, BooJoong
    Business Email Compromise (BEC) presents a critical cybersecurity threat, leveraging linguistic impersonation and social engineering rather than traditional malicious payloads. These attacks routinely evade conventional flters by mimicking legitimate communication styles and exploiting trusted identities. This thesis explores content-based detection strategies for BEC using a sequence of natural language processing (NLP) models. First, it proposes a transformer-based classifer to detect semantic indicators of deception in email body text. Second, it develops a Siamese authorship verifcation (AV) model that captures stylistic consistency, even under adversarial mimicry. These components are unifed within a multi-task learning (MTL) framework that simultaneously optimizes for BEC detection and AV by sharing underlying representations while preserving task-specifc objectives. To support empirical evaluation, a structured taxonomy of BEC fraud is introduced, and a synthetic email dataset is generated through prompt-guided language model fne-tuning and human validation. Experiments on combined real and synthetic corpora demonstrate that the MTL model achieves up to 97% F1-score in BEC detection and 93% in AV, outperforming transfer learning baseline while reducing false positives and computational overhead. This work contributes a principled, modular, and extensible framework for enhancing email security through joint semantic and stylistic analysis, addressing gaps in current defenses against sophisticated impersonation attacks.
    8 0
  • No Thumbnail Available
    ItemRestricted
    CYBERSECURITY PROFESSIONALS’ BEHAVIORAL PREDISPOSITIONS AFFECTING CYBERSECURITY COMMITMENT AND CONSISTENCY: SAUDI ARABIAN CONTEXT
    (Saudi Digital Library, 2025) Kabli, Rana; MICHELLE, LIU
    The intensity of cybersecurity incidents has been on the rise and is attributed to factors related to end-users and security professionals. Human subjects such as employees make the greatest loop to cybersecurity incidents currently reported across the globe. This is due to a lack of awareness and other behavioral aspects that contribute to online risky behaviors. The study aimed to determine the influence of cybersecurity professionals’ behavioral predispositions on cybersecurity commitment and consistency in Saudi Arabia. The study focused on the professional behavioral attributes that have been associated with cybersecurity behavior: subjective norms, attitudes, self-efficacy to comply, perceived behavioral control, and perceived benefit of compliance. A survey instrument was developed from previous literature, and the instrument was converted into an online survey that was utilized in data collection. The analysis of the collected data, established that whereas the respondents understand the importance of commitment and consistency, a significant number of the cybersecurity professionals felt that commitment and consistency had a minor effect on security of information systems. The analysis established that cybersecurity attitudes and subjective norms was the greatest predictor of commitment and consistency in compliance with cybersecurity policies. The significant influence of cybersecurity attitude indicates that cybersecurity professionals' personal beliefs substantially influence their compliance behaviors. Crucially, the significant influence of subjective norms points indicates that organizational culture and leadership is crucial in promoting commitment and consistency in compliance with cybersecurity policies.
    31 0
  • No Thumbnail Available
    ItemRestricted
    Analysing Cybersecurity Risk Assessment Model for Healthcare Systems in Saudi Arabia
    (Saudi Digital Library, 2025-05) Alghamdi, Abdulmonem; Vasileios, Adamos
    This study analyses the Saudi Arabian's cybersecurity issues in healthcare systems and assesses the usefulness of international risk assessment models in some frameworks such as ISO/IEC 27001 and NIST. It identifies major threats like ransomware, phishing, data breaches, and insider risks based on survey responses from medical professionals like medical staff, cybersecurity specialists and administrative managers. Variety of medical institutions members with difference in beds capability, number of branches and financial situation that guarantees the national-wide needs study. Findings point to critical weaknesses in the current models, especially their incompatibility with local regulations and organisational cultures and special needs. Consequently, the study emphasises the necessity of a tailored cybersecurity risk assessment model that is particular to the Saudi healthcare environment. The research highlights key elements and offers suggestions to improve cybersecurity resilience in accordance with national policies and Vision 2030 objectives, even though it does not fully implement a model.
    44 0
  • No Thumbnail Available
    ItemRestricted
    Scalable Distributed Ledger Paradigms for Secure IoT-Driven Data Management in Smart Cities
    (Saudi Digital Library, 2025) Alruwaill, Musharraf; Mohanty, Saraju P; Kougianos, Elias
    Blockchain has become a cornerstone of trustworthy, decentralised information governance. Consensus protocols and cryptographic linkages guarantee data integrity, immutability, and verifiable provenance, eliminating reliance on a single trusted authority and mitigating data fragmentation. Within smart‑healthcare ecosystems, these capabilities enable the shift from siloed, centralised repositories to distributed, patient‑centric infrastructures. Because clinical data are highly sensitive and strictly regulated, robust assurances of integrity, confidentiality, and fine‑grained authorisation are essential. Integrating blockchain and smart contracts with technologies such as distributed off‑chain storage and the Internet of Medical Things (IoMT) creates a resilient, scalable, and interoperable foundation for next‑generation healthcare data management. This research introduces hChain, a four‑generation family of distributed‑ledger frameworks that progressively strengthen security, intelligence, and scalability in smart‑healthcare environments. hChain 1.0 lays the groundwork with a blockchain architecture that safeguards patient data, supports real‑time clinical telemetry, and enables seamless inter‑institutional exchange. Building on this foundation, hChain 2.0 integrates InterPlanetary File System (IPFS) storage and smart‑contract enforcement to deliver tamper‑proof, fine‑grained access control. hChain 3.0 embeds on‑chain deep‑learning analytics, providing proactive, automated decision support across the care continuum while preserving data integrity. Finally, hChain 4.0 introduces a highly scalable, permissioned ledger augmented by an Attribute‑Based Access Control (ABAC) layer, ensuring dynamic, context‑aware authorisation in complex organisational settings. The results demonstrate practical solutions for transforming data infrastructures from centralised to decentralised architectures, providing techniques that facilitate seamless integration with existing systems while enhancing blockchain scalability and privacy.
    53 0
  • No Thumbnail Available
    ItemRestricted
    Usage of Cyber Security to Protect Women and Children
    (Saudi Digital Library, 2025) Alotibi, Bander; Al-Doghman, Firas
    Digital safety especially for women and children is crucial, and cybersecurity is a big part of that. Using feminist and intersectional perspectives, this research explores how Protection Motivation Theory (PMT) and Social Learning Theory (SLT) explain cybersecurity behaviors. Empirical findings suggest that women and children are disproportionately affected by harassment, doxing, and identity theft. The research further reveals knowledge holes in cybersecurity awareness, showing that younger people quickly adopt security measures but engage in high-risk behaviors, whereas older people emphasize safety but lag in technical implementation. Gender differences are also important, with women more concerned about cybersecurity but less confident in dealing with threats, and men more confident but more willing to take risks. The research emphasizes education, legal reforms, technological advancements, and community awareness programs to address these challenges. Future research should investigate AI-driven cybersecurity tools, inclusive security policies, and bridging the digital divide. To create a safer digital environment for women and children, collaboration between governments, tech companies, and advocacy groups is essential.
    33 0
  • No Thumbnail Available
    ItemRestricted
    The Role of Artificial Intelligence in Strengthening Cyber Defense Mechanisms: Opportunities and Challenges
    (University of Bedfordshire, 2024) Alanazi, Mohammed; Garner, Lee
    This study explores the role of Artificial Intelligence (AI) in strengthening cyber defense mechanisms, focusing on the opportunities and challenges it presents. In recent years, AI has shown potential in enhancing threat detection, response efficiency, and proactive cybersecurity measures. The study examines various AI applications in cyber defense, including machine learning for real-time threat identification and natural language processing for analyzing large-scale data patterns. While AI provides significant advantages in mitigating cyber threats, challenges such as model interpretability, ethical concerns, and vulnerability to adversarial attacks persist. The findings contribute to cybersecurity by highlighting both the promising capabilities and limitations of AI in this domain, suggesting future research directions to address these challenges.
    46 0
  • No Thumbnail Available
    ItemRestricted
    Detecting Supply Chain Threats
    (Saudi Digital Library, 2025) Akash Aravindan Paul Rajan; Nor Iman Binti Abdul Rashid; Ayham Al-Kilani; Alexandru-Aurel Constantin; Ashley Doel; Dr Erisa Karafili; Marwan Mousa Altamimi; Dr Erisa Karafili
    This study investigates the detection of supply chain threats in open-source software by developing an innovative system that integrates scraping techniques and artificial intelligence (AI) for intent analysis. The project aims to address critical vulnerabilities by analysing git commit messages and corresponding code changes, ensuring enhanced transparency and security in the software supply chain. The proposed system comprises a GitHub scraper that retrieves structured data using GraphQL and REST APIs, over- coming API rate limitations for efficient data collection. The collected data is processed by an AI model, ”Baymax,” which employs large language models (LLMs) to evaluate the alignment between commit messages and code changes. The system is designed with scalability and modularity to accommodate repositories of varying sizes and com- plexities. The project was implemented using Agile Scrum methodologies, employing iterative development practices with tasks prioritised through the MoSCoW framework. Collaboration within the development team was structured through specialised roles, and progress was monitored via sprints, stand-ups, and retrospectives. The results indicate that the system effectively enhances the integrity of open-source software by identi- fying discrepancies indicative of potentially malicious changes. Future work includes expanding platform compatibility, improving system performance, and incorporating user feedback to improve accuracy. This research contributes to the growing field of software supply chain security, with implications for broader applications in software development and beyond.
    13 0
  • No Thumbnail Available
    ItemRestricted
    PREDICTORS OF CYBERSECURITY KNOWLEDGE, ATTITUDE, AND BEHAVIOURS AMONG NURSES IN SAUDI ARABIA
    (Saudi Digital Library, 2025-05-21) Alanazi, Abdulhamid Khalifah; KHALIFAH, ANAS
    Abstract Background: Cybersecurity is becoming increasingly critical in healthcare, as nurses frequently access sensitive patient data through electronic health records (EHRs) and other digital platforms. Despite this, gaps in nurses' knowledge, attitudes, and behaviors (KAB) regarding cybersecurity pose risks to data security, especially in Saudi Arabia, where healthcare digitization is expanding rapidly. Research in this area remains limited. Aim: The aim of this study is to explore the predictors of cybersecurity knowledge, attitudes, and behaviors among nurses in Saudi Arabia. Methodology: This cross-sectional, descriptive correlational study was conducted in three hospitals in northern Saudi Arabia: King Khalid Hospital, Prince Abdulaziz Bin Musaed Hospital, and Qurayyat General Hospital. A total of 190 nurses were selected using a convenient sampling method, and then they were surveyed using the Human Aspects of Information Security Questionnaire (HAIS-Q) to assess their cybersecurity knowledge, attitude, and behavior (KAB). Sociodemographic, work-related, and organizational variables were analyzed using multiple regression to identify significant predictors of cybersecurity KAB
    17 0
  • No Thumbnail Available
    ItemRestricted
    Project Handover Document: AppAttack and PT-GUI – Trimester 3, 2024
    (Saudi Digital Library, 2025-04-16) Alzahrani, Abdulmajeed Hussain; Archbold, Benjamin; Turner, Ryan
    This document outlines the comprehensive handover for the AppAttack and PT-GUI projects completed during Trimester 3, 2024, at Deakin University under units SIT374/764 and SIT378/782. AppAttack focused on providing real-world penetration testing and secure code review services through structured sub-projects targeting multiple clients, including DataBytes AMS, Gopher Guardian, and the Hardhat Company Website. PT-GUI enhanced educational penetration testing by offering a graphical toolkit with 72 tools, 12 walkthroughs, and integrated ChatGPT support. Both projects included automation, tool development, vulnerability assessments, and integration with cybersecurity frameworks such as NIST CSF and Essential Eight. The document details team contributions, development methodologies, upskilling resources, architecture, deliverables, and a roadmap for future improvements
    23 0

Copyright owned by the Saudi Digital Library (SDL) © 2025