Saudi Cultural Missions Theses & Dissertations

Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10

Browse

Subject: search.filters.subject.Cybersecurity

Search Results

Now showing 1 - 10 of 62
  • No Thumbnail Available
    ItemRestricted
    Between a Chat and a Hard Place: Technical Compliance Measures and Intermediary Liability in End-to-End Encrypted Messaging Platforms under the Online Safety Act
    (Saudi Digital Library, 2025) AlEid, Haneen; Lachlan, Urqhart
    This study investigates the complex interplay between content moderation, platform liability, and end-to-end encryption (E2EE) within the legal context of the United Kingdom’s Online Safety Act 2023. It critically assesses how the Act approaches intermediary liability for E2EE-enabled platforms such as WhatsApp, Signal, and Telegram, with particular attention to the feasibility, effectiveness, and proportionality of proposed technical measures for moderating encrypted communications. The research further explores the evolving regulatory mandate of Ofcom and identifies pathways to reconcile public safety objectives with the safeguarding of user privacy. By integrating legal analysis with a technical understanding of encryption and platform architecture, the study seeks to advance a rights-respecting and technically grounded model of platform accountability. It argues that aligning regulatory frameworks with realistic technological capabilities is not only essential for effective governance but also vital for maintaining public trust in digital communication systems.
    6 0
  • No Thumbnail Available
    ItemRestricted
    Exploring the use of LLMs to analyse/summarise security logs
    (Saudi Digital Library, 2025) Algoblan, Faisal; William, Seymour
    Security and system logs are key to modern cybersecurity and IT operations. However, their scale and complexity put a lot of pressure on analysts. Large language models (LLMs) offer new ways to summarise and interpret logs, but their use raises questions about trust, risk, and governance. This project set out to explore how practitioners perceive the role of LLMs in operational security and what safeguards they believe are necessary for safe adoption. Eight semi-structured interviews were carried out with professionals who had experience in log analysis, including SOC Manager and analysts, IT administrators, and students with relevant backgrounds. The transcripts were analysed using Braun and Clarke’s thematic analysis [5], resulting in four themes: Workflow Integration and Guardrails; Trust, Verification, and Evidence; Privacy and Data Governance; and Adoption and Organisational Readiness. Findings show that practitioners see value in combining LLMs with existing tools like SIEM platforms, alert triage workflows, and ticketing systems. They stressed that human oversight is vital. Prompts must be carefully structured, and outputs need supporting evidence before they can be trusted. Privacy concerns were significant, with requests for local hosting, strict access controls, data minimization, and clear audit policies. Adoption relied on training, cultural readiness, and a clear return on investment. The study contributes by offering a practitioner-centred view of LLM use in cybersecurity, filling a gap in the literature that has mainly focused on technical benchmarks. It concludes that LLMs can support efficiency and improve understanding in log analysis, but only when integrated into workflows that enforce verification, protect privacy, and ensure clear accountability.
    8 0
  • No Thumbnail Available
    ItemRestricted
    Emerging Cybersecurity Risks and the Effectiveness of Risk Management Frameworks in Saudi Arabia
    (Saudi Digital Library, 2025) Abdulaziz, Mohammed; Adamos, Vasileios
    Cybersecurity, Risk Management, Saudi Arabia, NIST CSF, ISO 27005, SAMA, UK NCSC, Risk Frameworks, Emerging Threats, Financial Sector
    40 0
  • No Thumbnail Available
    ItemRestricted
    Optimizing Hate Text Detection using Custom NLP Techniques and an Adapted DeBERTa-based Machine Learning Model
    (Saudi Digital Library, 2025) Aljabbar, Abdullah; AlYamani, Abdulghani
    The rapid expansion of social media has transformed online communication, providing platforms for public debate and community engagement. However, this openness has also facilitated the spread of harmful content, particularly hate speech, which poses significant risks to individual well-being, social cohesion, and digital trust. Detecting such content remains a major challenge due to the subtle, context-dependent, and evolving nature of hateful expressions. Traditional machine learning models, though useful as early baselines, often fail to capture linguistic nuance and contextual depth. Recent advances in natural language processing (NLP), particularly Transformer-based architectures, have significantly improved text classification tasks by enabling context-sensitive embeddings. This research investigates the effectiveness of DeBERTa (Decoding-enhanced BERT with Disentangled Attention) for hate speech detection. The study employs a systematic methodology consisting of four stages: data preparation and preprocessing, exploratory data analysis, model development, and evaluation. A curated dataset of 2,041 social media posts, derived from a larger corpus, was pre-processed to remove noise, normalise text, and correct class imbalance. The DeBERTa-v3-large model was fine-tuned using cross-entropy loss and AdamW optimisation. Performance was assessed with accuracy, precision, recall, F1-score, ROC, and PR curves, while error analysis and confusion matrices were used to identify common misclassifications. The findings demonstrate that DeBERTa can effectively capture indirect meaning and grammar connections. Additionally, outperforming traditional approaches and offering robust classification of hate and non- hate content. The study contributes to both NLP research and the wider cybersecurity domain by supporting the development of more reliable automated moderation tools that promote safer digital environments.
    14 0
  • No Thumbnail Available
    ItemRestricted
    Resilience of Saudi Financial Institutions Against AI-Driven Cyber Threats
    (Saudi Digital Library, 2025) ALshammar, Rushud; Adamos, Vasileios
    Artificial intelligence (AI) is increasingly exploited by cybercriminals, creating advanced threats that challenge the security of financial institutions. Saudi banks, central to Vision 2030’s digital transformation, face heightened risks from AI-driven attacks such as phishing, fraud detection evasion, and adversarial machine learning. The aim of this research was to evaluate the resilience of six major Saudi banks (NCB, Al Rajhi, SABB, Riyad Bank, BSF, and ANB)against AI-enabled cyber threats, with a focus on identifying gaps in current frameworks, assessing employee awareness, and recommending improvements. A quantitative, cross-sectional survey was employed, gathering data from banking professionals across cybersecurity, compliance, and risk management roles. The findings show that while AI-driven threats are widely recognised, frameworks are inconsistently applied, AI-powered defences are rare, and employee training lacks AI-specific content. These shortcomings reduce institutional agility and leave human awareness as the weakest layer of defence. The study is limited by its reliance on survey data, which restricts depth of institution-specific insights. It recommends mandatory AI-focused training, adoption of automated defence systems, and contextualised national frameworks. Future research should include longitudinal studies, case-specific analyses, and simulation-based testing to strengthen resilience in evolving threat environments.
    31 0
  • No Thumbnail Available
    ItemRestricted
    An NLP-Driven Framework for Business Email Compromise Detection and Authorship Verifcation
    (Saudi Digital Library, 2025) Almutairi, Amirah; AlHashimy, Nawfal; Kang, BooJoong
    Business Email Compromise (BEC) presents a critical cybersecurity threat, leveraging linguistic impersonation and social engineering rather than traditional malicious payloads. These attacks routinely evade conventional flters by mimicking legitimate communication styles and exploiting trusted identities. This thesis explores content-based detection strategies for BEC using a sequence of natural language processing (NLP) models. First, it proposes a transformer-based classifer to detect semantic indicators of deception in email body text. Second, it develops a Siamese authorship verifcation (AV) model that captures stylistic consistency, even under adversarial mimicry. These components are unifed within a multi-task learning (MTL) framework that simultaneously optimizes for BEC detection and AV by sharing underlying representations while preserving task-specifc objectives. To support empirical evaluation, a structured taxonomy of BEC fraud is introduced, and a synthetic email dataset is generated through prompt-guided language model fne-tuning and human validation. Experiments on combined real and synthetic corpora demonstrate that the MTL model achieves up to 97% F1-score in BEC detection and 93% in AV, outperforming transfer learning baseline while reducing false positives and computational overhead. This work contributes a principled, modular, and extensible framework for enhancing email security through joint semantic and stylistic analysis, addressing gaps in current defenses against sophisticated impersonation attacks.
    12 0
  • No Thumbnail Available
    ItemRestricted
    CYBERSECURITY PROFESSIONALS’ BEHAVIORAL PREDISPOSITIONS AFFECTING CYBERSECURITY COMMITMENT AND CONSISTENCY: SAUDI ARABIAN CONTEXT
    (Saudi Digital Library, 2025) Kabli, Rana; MICHELLE, LIU
    The intensity of cybersecurity incidents has been on the rise and is attributed to factors related to end-users and security professionals. Human subjects such as employees make the greatest loop to cybersecurity incidents currently reported across the globe. This is due to a lack of awareness and other behavioral aspects that contribute to online risky behaviors. The study aimed to determine the influence of cybersecurity professionals’ behavioral predispositions on cybersecurity commitment and consistency in Saudi Arabia. The study focused on the professional behavioral attributes that have been associated with cybersecurity behavior: subjective norms, attitudes, self-efficacy to comply, perceived behavioral control, and perceived benefit of compliance. A survey instrument was developed from previous literature, and the instrument was converted into an online survey that was utilized in data collection. The analysis of the collected data, established that whereas the respondents understand the importance of commitment and consistency, a significant number of the cybersecurity professionals felt that commitment and consistency had a minor effect on security of information systems. The analysis established that cybersecurity attitudes and subjective norms was the greatest predictor of commitment and consistency in compliance with cybersecurity policies. The significant influence of cybersecurity attitude indicates that cybersecurity professionals' personal beliefs substantially influence their compliance behaviors. Crucially, the significant influence of subjective norms points indicates that organizational culture and leadership is crucial in promoting commitment and consistency in compliance with cybersecurity policies.
    32 0
  • No Thumbnail Available
    ItemRestricted
    Analysing Cybersecurity Risk Assessment Model for Healthcare Systems in Saudi Arabia
    (Saudi Digital Library, 2025-05) Alghamdi, Abdulmonem; Vasileios, Adamos
    This study analyses the Saudi Arabian's cybersecurity issues in healthcare systems and assesses the usefulness of international risk assessment models in some frameworks such as ISO/IEC 27001 and NIST. It identifies major threats like ransomware, phishing, data breaches, and insider risks based on survey responses from medical professionals like medical staff, cybersecurity specialists and administrative managers. Variety of medical institutions members with difference in beds capability, number of branches and financial situation that guarantees the national-wide needs study. Findings point to critical weaknesses in the current models, especially their incompatibility with local regulations and organisational cultures and special needs. Consequently, the study emphasises the necessity of a tailored cybersecurity risk assessment model that is particular to the Saudi healthcare environment. The research highlights key elements and offers suggestions to improve cybersecurity resilience in accordance with national policies and Vision 2030 objectives, even though it does not fully implement a model.
    50 0
  • No Thumbnail Available
    ItemRestricted
    Scalable Distributed Ledger Paradigms for Secure IoT-Driven Data Management in Smart Cities
    (Saudi Digital Library, 2025) Alruwaill, Musharraf; Mohanty, Saraju P; Kougianos, Elias
    Blockchain has become a cornerstone of trustworthy, decentralised information governance. Consensus protocols and cryptographic linkages guarantee data integrity, immutability, and verifiable provenance, eliminating reliance on a single trusted authority and mitigating data fragmentation. Within smart‑healthcare ecosystems, these capabilities enable the shift from siloed, centralised repositories to distributed, patient‑centric infrastructures. Because clinical data are highly sensitive and strictly regulated, robust assurances of integrity, confidentiality, and fine‑grained authorisation are essential. Integrating blockchain and smart contracts with technologies such as distributed off‑chain storage and the Internet of Medical Things (IoMT) creates a resilient, scalable, and interoperable foundation for next‑generation healthcare data management. This research introduces hChain, a four‑generation family of distributed‑ledger frameworks that progressively strengthen security, intelligence, and scalability in smart‑healthcare environments. hChain 1.0 lays the groundwork with a blockchain architecture that safeguards patient data, supports real‑time clinical telemetry, and enables seamless inter‑institutional exchange. Building on this foundation, hChain 2.0 integrates InterPlanetary File System (IPFS) storage and smart‑contract enforcement to deliver tamper‑proof, fine‑grained access control. hChain 3.0 embeds on‑chain deep‑learning analytics, providing proactive, automated decision support across the care continuum while preserving data integrity. Finally, hChain 4.0 introduces a highly scalable, permissioned ledger augmented by an Attribute‑Based Access Control (ABAC) layer, ensuring dynamic, context‑aware authorisation in complex organisational settings. The results demonstrate practical solutions for transforming data infrastructures from centralised to decentralised architectures, providing techniques that facilitate seamless integration with existing systems while enhancing blockchain scalability and privacy.
    53 0
  • No Thumbnail Available
    ItemRestricted
    Usage of Cyber Security to Protect Women and Children
    (Saudi Digital Library, 2025) Alotibi, Bander; Al-Doghman, Firas
    Digital safety especially for women and children is crucial, and cybersecurity is a big part of that. Using feminist and intersectional perspectives, this research explores how Protection Motivation Theory (PMT) and Social Learning Theory (SLT) explain cybersecurity behaviors. Empirical findings suggest that women and children are disproportionately affected by harassment, doxing, and identity theft. The research further reveals knowledge holes in cybersecurity awareness, showing that younger people quickly adopt security measures but engage in high-risk behaviors, whereas older people emphasize safety but lag in technical implementation. Gender differences are also important, with women more concerned about cybersecurity but less confident in dealing with threats, and men more confident but more willing to take risks. The research emphasizes education, legal reforms, technological advancements, and community awareness programs to address these challenges. Future research should investigate AI-driven cybersecurity tools, inclusive security policies, and bridging the digital divide. To create a safer digital environment for women and children, collaboration between governments, tech companies, and advocacy groups is essential.
    43 0

Copyright owned by the Saudi Digital Library (SDL) © 2026