Contributions to Preventive Measures in Cyber Security

Linus Karlsson

Contributions to Preventive Measures in Cyber Security

Linus Karlsson

Forskningsoutput: Avhandling › Doktorsavhandling (sammanläggning)

568 Nedladdningar (Pure)

Sammanfattning

Organizations and individuals maintain and use an ever increasing amount of computer systems, either deployed locally, or in the cloud.
These systems often store and handle vast amounts of data, some of which is sensitive and should be kept private.
Regardless of where the data is located, there is a need to prevent data from falling into the wrong hands.
To this end, this dissertation presents contributions to preventive measures in cyber security.

Trusted computing can be used to attest the integrity of code running on a remote computer, and to store data securely using secure storage, for example in a cloud setting.
This dissertation presents contributions regarding the use of the Trusted Platform Module (TPM) in high-availability systems, both for TPM 1.2 and TPM 2.0.
It also discusses migration of keys from TPM 1.2 to the backwards-incompatible TPM 2.0, while maintaining the same behaviour with regard to authorization mechanisms.
Contributions also include the use of trusted computing to attest the integrity of network elements before they are enrolled into a Software Defined Network, as well as protecting important assets of such network elements by using isolated execution environments.

In the field of cryptography, the dissertation contains contributions regarding the Maximum Degree Monomial (MDM) test, which is related to the construction of distinguishers and nonrandomness detectors.
A new generalized algorithm to find subsets for the MDM test is presented, together with evaluations of the algorithm on several different stream ciphers.

The dissertation also contains contributions in the field of vulnerability assessment using recommender systems.
First, a recommender system for user-specific vulnerability scoring is presented, which scores vulnerabilities based on implicit and explicit user preferences, together with domain-based information unique to the field of vulnerability assessment.
Finally, the dissertation also contains contributions regarding privacy of such recommender systems, by protecting the privacy of user preferences even from the provider of the recommender service.

Originalspråk	engelska
Kvalifikation	Doktor
Handledare	Hell, Martin, handledare Stankovski Wagner, Paul, Biträdande handledare Smeets, Bernard, Biträdande handledare
Tilldelningsdatum	2019 okt. 24
Förlag	Department of Electrical and Information Technology, Lund University
ISBN (tryckt)	978-91-7895-294-6
ISBN (elektroniskt)	978-91-7895-295-3
Status	Published - 2019 sep. 30

Bibliografisk information

Defence details
Date: 2019-10-24
Time: 09:15
Place: Lecture Hall E:1406, , E-Building, Ole Römers väg 3, Lund University, Faculty of Engineering LTH
External reviewer(s)
Name: Ekberg, Jan-Erik
Title: Professor
Affiliation: Aalto University, Finland
---

Ämnesklassifikation (UKÄ)

Datavetenskap (datalogi)

Tillgång till dokument

linus_dissertation_finalPublicerad version, 1,09 MB

6 Konferenspaper i proceeding

A Recommender System for User-Specific Vulnerability Scoring
Karlsson, L., Nikbakht Bideh, P. & Hell, M., 2020, CRiSIS 2019: Risks and Security of Internet and Systems. Springer, s. 355-364 ( Lecture Notes in Computer Science; vol. 12026).
Forskningsoutput: Kapitel i bok/rapport/Conference proceeding › Konferenspaper i proceeding › Peer review

Öppen tillgång
Fil
115 Nedladdningar (Pure)
Privacy-enabled Recommendations for Software Vulnerabilities
Karlsson, L. & Paladi, N., 2019, The 17th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2019). IEEE - Institute of Electrical and Electronics Engineers Inc.
Forskningsoutput: Kapitel i bok/rapport/Conference proceeding › Konferenspaper i proceeding › Peer review

Öppen tillgång
Fil
160 Nedladdningar (Pure)
Not so greedy: Enhanced subset exploration for nonrandomness detectors
Karlsson, L., Hell, M. & Stankovski, P., 2018 jan. 1, Information Systems Security and Privacy - 3rd International Conference, ICISSP 2017, Revised Selected Papers. Springer, s. 273-294 22 s. (Communications in Computer and Information Science; vol. 867).
Forskningsoutput: Kapitel i bok/rapport/Conference proceeding › Konferenspaper i proceeding › Peer review

Öppen tillgång
Fil
144 Nedladdningar (Pure)

1 Avslutade

SMARTY: Säkra mjukvaruuppdateringar för den smarta staden
Hell, M., Magnusson, B., Gehrmann, C., Paladi, N., Karlsson, L., Sönnerup, J., Johnsson, B. A., Hedin, G., Nordahl, M., Pagnin, E., Kundu, R. & Åkesson, A.
Stiftelsen för Strategisk Forskning, SSF
2018/03/01 → 2023/02/28
Projekt: Forskning

Citera det här

@phdthesis{59d91cdd61c44b29845c4efc018f44e3,

title = "Contributions to Preventive Measures in Cyber Security",

abstract = "Organizations and individuals maintain and use an ever increasing amount of computer systems, either deployed locally, or in the cloud.These systems often store and handle vast amounts of data, some of which is sensitive and should be kept private.Regardless of where the data is located, there is a need to prevent data from falling into the wrong hands.To this end, this dissertation presents contributions to preventive measures in cyber security.Trusted computing can be used to attest the integrity of code running on a remote computer, and to store data securely using secure storage, for example in a cloud setting.This dissertation presents contributions regarding the use of the Trusted Platform Module (TPM) in high-availability systems, both for TPM 1.2 and TPM 2.0.It also discusses migration of keys from TPM 1.2 to the backwards-incompatible TPM 2.0, while maintaining the same behaviour with regard to authorization mechanisms.Contributions also include the use of trusted computing to attest the integrity of network elements before they are enrolled into a Software Defined Network, as well as protecting important assets of such network elements by using isolated execution environments.In the field of cryptography, the dissertation contains contributions regarding the Maximum Degree Monomial (MDM) test, which is related to the construction of distinguishers and nonrandomness detectors.A new generalized algorithm to find subsets for the MDM test is presented, together with evaluations of the algorithm on several different stream ciphers.The dissertation also contains contributions in the field of vulnerability assessment using recommender systems.First, a recommender system for user-specific vulnerability scoring is presented, which scores vulnerabilities based on implicit and explicit user preferences, together with domain-based information unique to the field of vulnerability assessment.Finally, the dissertation also contains contributions regarding privacy of such recommender systems, by protecting the privacy of user preferences even from the provider of the recommender service.",

author = "Linus Karlsson",

note = "Defence details Date: 2019-10-24 Time: 09:15 Place: Lecture Hall E:1406, , E-Building, Ole R{\"o}mers v{\"a}g 3, Lund University, Faculty of Engineering LTH External reviewer(s) Name: Ekberg, Jan-Erik Title: Professor Affiliation: Aalto University, Finland --- ",

year = "2019",

month = sep,

day = "30",

language = "English",

isbn = "978-91-7895-294-6",

series = "Series of licentiate and doctoral theses",

publisher = "Department of Electrical and Information Technology, Lund University",

number = "126",

}

TY - THES

T1 - Contributions to Preventive Measures in Cyber Security

AU - Karlsson, Linus

N1 - Defence details Date: 2019-10-24 Time: 09:15 Place: Lecture Hall E:1406, , E-Building, Ole Römers väg 3, Lund University, Faculty of Engineering LTH External reviewer(s) Name: Ekberg, Jan-Erik Title: Professor Affiliation: Aalto University, Finland ---

PY - 2019/9/30

Y1 - 2019/9/30

N2 - Organizations and individuals maintain and use an ever increasing amount of computer systems, either deployed locally, or in the cloud.These systems often store and handle vast amounts of data, some of which is sensitive and should be kept private.Regardless of where the data is located, there is a need to prevent data from falling into the wrong hands.To this end, this dissertation presents contributions to preventive measures in cyber security.Trusted computing can be used to attest the integrity of code running on a remote computer, and to store data securely using secure storage, for example in a cloud setting.This dissertation presents contributions regarding the use of the Trusted Platform Module (TPM) in high-availability systems, both for TPM 1.2 and TPM 2.0.It also discusses migration of keys from TPM 1.2 to the backwards-incompatible TPM 2.0, while maintaining the same behaviour with regard to authorization mechanisms.Contributions also include the use of trusted computing to attest the integrity of network elements before they are enrolled into a Software Defined Network, as well as protecting important assets of such network elements by using isolated execution environments.In the field of cryptography, the dissertation contains contributions regarding the Maximum Degree Monomial (MDM) test, which is related to the construction of distinguishers and nonrandomness detectors.A new generalized algorithm to find subsets for the MDM test is presented, together with evaluations of the algorithm on several different stream ciphers.The dissertation also contains contributions in the field of vulnerability assessment using recommender systems.First, a recommender system for user-specific vulnerability scoring is presented, which scores vulnerabilities based on implicit and explicit user preferences, together with domain-based information unique to the field of vulnerability assessment.Finally, the dissertation also contains contributions regarding privacy of such recommender systems, by protecting the privacy of user preferences even from the provider of the recommender service.

AB - Organizations and individuals maintain and use an ever increasing amount of computer systems, either deployed locally, or in the cloud.These systems often store and handle vast amounts of data, some of which is sensitive and should be kept private.Regardless of where the data is located, there is a need to prevent data from falling into the wrong hands.To this end, this dissertation presents contributions to preventive measures in cyber security.Trusted computing can be used to attest the integrity of code running on a remote computer, and to store data securely using secure storage, for example in a cloud setting.This dissertation presents contributions regarding the use of the Trusted Platform Module (TPM) in high-availability systems, both for TPM 1.2 and TPM 2.0.It also discusses migration of keys from TPM 1.2 to the backwards-incompatible TPM 2.0, while maintaining the same behaviour with regard to authorization mechanisms.Contributions also include the use of trusted computing to attest the integrity of network elements before they are enrolled into a Software Defined Network, as well as protecting important assets of such network elements by using isolated execution environments.In the field of cryptography, the dissertation contains contributions regarding the Maximum Degree Monomial (MDM) test, which is related to the construction of distinguishers and nonrandomness detectors.A new generalized algorithm to find subsets for the MDM test is presented, together with evaluations of the algorithm on several different stream ciphers.The dissertation also contains contributions in the field of vulnerability assessment using recommender systems.First, a recommender system for user-specific vulnerability scoring is presented, which scores vulnerabilities based on implicit and explicit user preferences, together with domain-based information unique to the field of vulnerability assessment.Finally, the dissertation also contains contributions regarding privacy of such recommender systems, by protecting the privacy of user preferences even from the provider of the recommender service.

M3 - Doctoral Thesis (compilation)

SN - 978-91-7895-294-6

T3 - Series of licentiate and doctoral theses

PB - Department of Electrical and Information Technology, Lund University

ER -

Contributions to Preventive Measures in Cyber Security

Sammanfattning

Bibliografisk information

Ämnesklassifikation (UKÄ)

Tillgång till dokument

Fingeravtryck

Forskningsoutput

A Recommender System for User-Specific Vulnerability Scoring

Privacy-enabled Recommendations for Software Vulnerabilities

Not so greedy: Enhanced subset exploration for nonrandomness detectors

Projekt

SMARTY: Säkra mjukvaruuppdateringar för den smarta staden

Citera det här