• A Pilot Study in Cyber Security Education Using CyberAIMs: A Simulation-Based Experiment 

      Zoto, Erjon; Kowalski, Stewart James; Frantz, Christopher Konstantin; Lopez Rojas, Edgar Alonso; Katt, Basel (Journal article, 2018)
      We hardly pass any day without hearing of a new cyber attack. The recent ever-increasing occurrence of such attacks has given to researchers, practitioners and others an opportunity to raise awareness and train staff from ...
    • A SAML 2.0 Authentication Middleware for ASP.NET Core 

      Musyimi, Jessy Kyalo (Master thesis, 2018)
      The modern society is becoming more and more depended on information systems to run its critical services. Public infrastructure facilities, including the health services, commercial airlines and nuclear power plants depend ...
    • A Socio-Technical Framework to Improve cyber security training: A Work in Progress 

      Østby, Grethe; Berg, Lars; Kianpour, Mazaher; Katt, Basel; Kowalski, Stewart James (Journal article; Peer reviewed, 2019)
      In this paper we discuss a work in progress to create a socio-technical system design framework for cyber security training exercises (STSD-CSTE) to support the development of cyber security training in the Norwegian Cyber ...
    • A Survey of Automated Information Exchange Mechanisms Among CERTs 

      Yamin, Muhammad Mudassar; Katt, Basel (Journal article; Peer reviewed, 2019)
      Nowadays innovative computer related exploits are released every single day, which makes researching about those exploits a significant task. A CERT (Computer Emergency Response Team) is an expert group that is responsible ...
    • Assuring trust in .NET assemblies by instrumentation 

      Hagen, Hans Oluf (Master thesis, 2017)
      SuperOffice is a software company developing SuperOffice CRM software. The traditional hosting option is the on-site solution where the customer is responsible for hosting and maintenance. SuperOffice CRM is quite extensible ...
    • Automated Malware Analysis Platform 

      Holm, Kristian Sigtbakken; Kvalvåg, Martin; Fauskrud, Nikolai; Hoggen, Olav Henrik (Bachelor thesis, 2019)
      Alle bedrifter trenger en måte å sikre virksomheten deres, og i dagens digitale tidsalder er dette spesielt fokusert mot å beskytte digitale systemer mot skadelige og ondsinnede entiteter. Denne beskyttelsen blir i dag ...
    • Automated Triaging and Remediation of User Incident Reports with Supervised Machine Learning and Threat Intelligence 

      Amundsen, Morten K. (Master thesis, 2020)
      Ondsinnet epost er et stadig økende problem for organisasjoner, og til tross for at det eksisterer flere verktøy for å forhindre angrep, blir epostene stadig mer sofistikerte. Med alle de ondsinnede epostene som klarer å ...
    • Cyber Ranges and Security Testbeds: Scenarios, Functions, Tools and Architecture 

      Yamin, Muhammad Mudassar; Katt, Basel; Gkioulos, Vasileios (Journal article; Peer reviewed, 2019)
      The first line of defense against cyber threats and cyber crimes is to be aware and get ready, e.g., through cyber security training. Training can have two forms, the first is directed towards security professionals and ...
    • Cyber security testbed provisioning using a domain specific language 

      Dunfjeld, Mihkal (Master thesis, 2019)
      Praktiske oppgaver i ett virtualisert testmiljø er en effektiv metode for studenter å lære cybersikkerhet. For å kunne sette opp slike testmiljøer er en avhengig av kunnskap, tid og ressurser siden dette er en komplisert ...
    • Cyber Weapons Storage Mechanisms 

      Yamin, Muhammad Mudassar; Katt, Basel; Kianpour, Mazaher (Journal article; Peer reviewed, 2019)
      In this paper, the current status of the art of cyber weapon storage methods and related processes are reviewed with particular reference to the safe guards present in storage of cyber weapons and contingency planning in ...
    • CyberAIMs: A tool for teaching adversarial and systems thinking 

      Zoto, Erjon; Kowalski, Stewart James; Katt, Basel; Frantz, Christopher; Lopez Rojas, Edgar Alonso (Chapter, 2018)
      CyberAIMs stands for Cyber Agents’ Interactive Modeling and Simulation. We designed this tool in order to use it as an educational tool to teach Master students in a Cyber security course. This paper aims to describe the ...
    • Cybersecurity Preparedness Exercises in Smart Grid: Collaboration With Suppliers During Incident Response 

      Langås, Mari; Løfqvist, Sanna (Master thesis, 2021)
      Introduksjonen av informasjons- og kommunikasjonsteknologi (IKT) i det tradisjonelle strømnettet har resultert i et digitalisert strømnett, ofte referert til som smart grid. Smart grid gjør driften og hendelseshåndteringen ...
    • Cybersecurity Preparedness Exercises in Smart Grid: Collaboration With Suppliers During Incident Response 

      Løfqvist, Sanna; Langås, Mari (Master thesis, 2021)
      Introduksjonen av informasjons- og kommunikasjonsteknologi (IKT) i det tradisjonelle strømnettet har resultert i et digitalisert strømnett, ofte referert til som smart grid. Smart grid gjør driften og hendelseshåndteringen ...
    • Detecting Windows Based Exploit Chains by Means of Event Correlation and Process Monitoring 

      Yamin, Muhammad Mudassar; Katt, Basel; Gkioulos, Vasileios (Journal article; Peer reviewed, 2019)
      This article presents a novel algorithm for the detection of exploit chains in a Windows based environment. An exploit chain is a group of exploits that executes synchronously, in order to achieve the system exploitation. ...
    • Development of Ontology-Based Software Security Learning System with Contextualized Learning Approach 

      Wen, Shao-Fang; Katt, Basel (Journal article; Peer reviewed, 2019)
      Learning software security is one of the most challenging tasks in the information technology sector due to the vast amount of security knowledge and the difficulties in understanding the practical applications. The ...
    • Difficult SQLi Code Patterns for Static Code Analysis Tools 

      Schuckert, Felix; Katt, Basel; Langweg, Hanno (Peer reviewed; Journal article, 2020)
      We compared vulnerable and xed versions of the source code of 50 dierent PHP open source projects based on CVE reports for SQL injection vulnerabilities. We scanned the source code with commercial and open source tools for ...
    • Ethical Problems and Legal Issues in Development and Usage Autonomous Adversaries in Cyber Domain 

      Yamin, Muhammad Mudassar; Katt, Basel (Journal article; Peer reviewed, 2019)
      An autonomous adversaries in cyber domain are new type of adversaries present in a cyber security exercise. Traditionally, adversaries in cyber security exercises are human who perform the roles of attackers and defenders. ...
    • GDPR, personvern, IT-sikkerhet i fagsystemer med GPS-sporing 

      Aasheim, Schulze Simon; Berntzen, Erik; Berntzen, Sondre; Lindaas, Morten (Bachelor thesis, 2021)
      GDPR og personvernreglementet i Norge stille store krav til alle bedrifter som nytter seg av GPS verktøy i yrkessammenheng, være det bruker eller utvikler. Det er en rekke vurderinger som må bli gjort i henhold til hvorvidt ...
    • Implementation of Insider Threat Detection System Using Honeypot Based Sensors and Threat Analytics 

      Yamin, Muhammad Mudassar; Katt, Basel; Sattar, Kashif; Bin Ahmed, Maaz (Journal article; Peer reviewed, 2019)
      An organization is a combination of vision, technology and employees. The well being of organization is directly associated with the honesty of its workers. However, an organization is also threatened by misuse of information ...
    • Learning Software Security in Context: An Evaluation in Open Source Software Development Environment 

      Wen, Shao-Fang; Katt, Basel (Chapter, 2019)
      Learning software security has become a complex and difficult task today than it was even a decade ago. With the increased complexity of computer systems and a variety of applications, it is hard for software developers ...