• A Netnographic Study on the Dark Net Ecosystem for Ransomware 

      Bayoumy, Yara; Meland, Per Håkon; Sindre, Guttorm (Chapter, 2018)
      For more than a decade, businesses and private citizens alike have been tormented by an online phenomenon that has changed our stance on cyber security. Ransomware, malicious software that demands payment in exchange for ...
    • An experimental evaluation of bow-tie analysis for cybersecurity requirements 

      Meland, Per Håkon; Bernsmed, Karin; Frøystad, Christian; Li, Jingyue; Sindre, Guttorm (Journal article; Peer reviewed, 2019)
      Bow-tie analysis includes a graphical representation for depicting threats and consequences related to unwanted events, and shows how preventive and reactive barriers can provide control over such situations. This kind of ...
    • An experimental evaluation of bow-tie analysis for security 

      Meland, Per Håkon; Bernsmed, Karin; Frøystad, Christian; Li, Jingyue; Sindre, Guttorm (Journal article; Peer reviewed, 2019)
      Purpose Within critical-infrastructure industries, bow-tie analysis is an established way of eliciting requirements for safety and reliability concerns. Because of the ever-increasing digitalisation and coupling between ...
    • Assessing cyber threats for storyless systems 

      Meland, Per Håkon; Nesheim, Dag Atle; Bernsmed, Karin; Sindre, Guttorm (Peer reviewed; Journal article, 2021)
      A proper assessment of potential cyber threats is vital for security decision-making. This becomes an even more challenging task when dealing with new system designs and industry sectors where there is little or no historical ...
    • Breaking the Cyber Kill Chain by Modelling Resource Costs 

      Haga, Kristian; Meland, Per Håkon; Sindre, Guttorm (Chapter, 2020)
      To combat cybercrime, a clearer understanding of the attacks and the offenders is necessary. When there is little available data about attack incidents, which is usually the case for new technology, one can make estimations ...
    • Breaking the Cyber Kill Chain by Modelling Resource Costs 

      Haga, Kristian (Master thesis, 2020)
      Denne oppgaven presenterer Resource Cost Model (RCM) - Ressurs Kost Model - en modelleringsteknikk for å estimere kostnadene av å gjennomføre et cyberangrep. Kostnaden estimeres fra de nødvendige ressursene til angrepet. ...
    • Cyber Attacks for Sale 

      Meland, Per Håkon; Sindre, Guttorm (Chapter, 2020)
      The infamous darknet hosts an underground economy for illegal goods and services, some of which can be purchased and used for cyber attacks. By analyzing the properties and popularity of such items, we can get indications ...
    • Cybercrime Economy - A Netnographic Study on the Dark Net Ecosystem for Ransomware 

      Bayoumy, Yara (Master thesis, 2018)
      Black hat hackers are far more shrewd than the public's stereotypical perception of them. They are no longer script kiddies who are trying to impress their social circles, but skilled businessmen with the general aim to ...
    • Exploiting semantic interfaces for service discovery at design time 

      Dessoulavy, Magdalena Laura (Master thesis, 2007)
      .
    • Facing uncertainty in cyber insurance policies 

      Meland, Per Håkon; Tøndel, Inger Anne; Moe, Marie Elisabeth Gaup; Seehusen, Fredrik (Journal article; Peer reviewed, 2017)
      Cyber insurance has gained less ground in Europe than in the U.S., but with emerging laws and regulations, the prospect of considerable fines for security breaches is pushing many organisations into this market. A qualitative ...
    • Finding Security Patterns to Countermeasure Software Vulnerabilities 

      Borstad, Ole Gunnar (Master thesis, 2008)
      Software security is an increasingly important part of software development as the risk from attackers is constantly evolving through increased exposure, threats and economic impact of security breaches. Emerging security ...
    • Masteroppgave i Informatikk 

      Johansen, Bent Heier (Master thesis, 2019)
      Cryptojacking er utnyttelsen av internettbrukeres båndbredde og prosseseringskraft for å mine kryptovaluta. Seint i 2017 og gjennom 2018 dukket cryptojacking opp som en av de største truslene online og ble nesten like stort ...
    • The need for a public key infrastructure for automated and autonomous ships 

      Rødseth, Ørnulf Jan; Frøystad, Christian; Meland, Per Håkon; Bernsmed, Karin; Nesheim, Dag Atle (Peer reviewed; Journal article, 2020)
      Shipping undergoes rapid digitization, covering safety and security reporting, mandatory ship documentation, electronic port clearance as well as commercial and operational information exchanges. Increasing automation of ...
    • PKI vs. Blockchain when Securing Maritime Operations 

      Rødseth, Ørnulf Jan; Meland, Per Håkon; Frøystad, Christian; Drugan, Ovidiu Valentin (Journal article; Peer reviewed, 2019)
      The maritime sector is rapidly being digitalized as part of the introduction of Shipping 4.0. One of the most important drivers for digitalization is the possibility to automate work processes on board and on shore. However, ...
    • The Ransomware-as-a-Service economy within the darknet 

      Meland, Per Håkon; Bayoumy, Yara; Sindre, Guttorm (Peer reviewed; Journal article, 2020)
      Ransomware is an epidemic that adversely affects the lives of both individuals and large companies, where criminals demand payments to release infected digital assets. In the wake of the ransomware success, Ransomware-as-a-Service ...
    • Security Modeling with SeaMonster:: A survey of information sources used when modeling threats and attacks 

      Baadshaug, Egil Trygve (Master thesis, 2009)
      Software security is becoming increasingly important during software development. One reason for this is that attackers have evolved from being teenagers trying to improve their skills to people involved in organized crime ...
    • Security Testing of Web Based Applications 

      Erdogan, Gencer (Master thesis, 2009)
      Web applications are becoming more and more popular in means of modern information interaction, which leads to a growth of the demand of Web applications. At the same time, Web application vulnerabilities are drastically ...
    • Storyless cyber security: Modelling threats with economic incentives 

      Meland, Per Håkon (Doctoral theses at NTNU;2021:329, Doctoral thesis, 2021)
      Cyber risk management is about identifying, assessing and reducing risk to an acceptable level. With systems that have been in operation for some time, we might be able to make qualified risk estimations and treat them in ...
    • The Risks of Marine Cloud Computing 

      Eriksen, Adrian Alexander (Master thesis, 2017)
      The maritime industry has an increasing reliance on information and communication technology (ICT) systems to ensure efficient operations, moving their threat picture into the cyber domain. Meanwhile, cloud computing has ...
    • Visualizing Cyber Security Risks with Bow-Tie Diagrams 

      Bernsmed, Karin; Frøystad, Christian; Meland, Per Håkon; Nesheim, Dag Atle; Rødseth, Ørnulf Jan (Journal article; Peer reviewed, 2018)
      Safety and security risks are usually analyzed independently, by different people using different tools. Consequently, the system analyst may fail to realize cyber attacks as a contributing factor to safety impacts or, on ...