Bully-victims: Prevalence, psychosocial adjustment, and responsiveness to intervention

In this thesis, a unique subgroup involved in the bullying phenomenon, the bully-victims, are identified and examined. Despite the increasing attention on the bully-victims in recent years, their prevalence, psychosocial adjustment, and response to anti-bullying programs has not been clearly determined. Three empirical studies were conducted in this thesis to examine the prevalence of bully-victims. Moreover, in study I, the psychosocial adjustment of bully-victims was compared with that of pure bullies, pure victims, and non-involved students. In study II, different forms of bullying and victimization were compared among pure bullies, pure victims, bully-victims, and non-involved students. In study III, the effectiveness of anti-bullying programs, in particular, the KiVa program, on bully-victims was demonstrated. Overall, bully-victims formed the smallest group comparing with pure bullies, pure victims, and non-involved students, and in general differed from pure bullies rather than pure victims in terms of subjective experience of maladjustment. They employed more verbal, physical, and cyberbullying perpetration, but not indirect bullying; and they were more victimized by verbal, physical, cyber, and indirect bullying. The KiVa anti-bullying program in Finland is effective in reducing the prevalence of bully-victims.

Enhancing Security of Linux OS against Administrators

Inside cyber security threats by system administrators are some of the main concerns of organizations about the security of systems. Since operating systems are controlled and managed by fully trusted administrators, they can negligently or intentionally break the information security and privacy of users and threaten the system integrity. In this thesis, we propose some solutions for enhancing the security of Linux OS by restricting administrators’ access to superuser’s privileges while they can still manage the system. We designed and implemented an interface for administrators in Linux OS called Linux Admins’ User Interface (LAUI) for managing the system in secure ways. LAUI along with other security programs in Linux like sudo protect confidentiality and integrity of users’ data and provide a more secure system against administrators’ mismanagement. In our model, we limit administrators to perform managing tasks in secure manners and also make administrators accountable for their acts. In this thesis we present some scenarios for compromising users’ data and breaking system integrity by system administrators in Linux OS. Then we evaluate how our solutions and methods can secure the system against these administrators’ mismanagement.

New threats - old routines : bureaucratic adaptability in the security policy environment

Within the framework of state security policy, the focus of this dissertation are the relations between how new security threats are perceived and the policy planning and bureaucratic implementation that are designed to address them. In addition, this thesis explores and studies some of the inertias that might exist in the core of the state apparatus as it addresses new threats and how these could be better managed. The dissertation is built on five thematic and interrelated articles highlighting different aspects of when new significant national security threats are detected by different governments until the threats on the policy planning side translate into protective measures within the society. The timeline differs widely between different countries and some key aspects of this process are also studied. One focus concerns mechanisms for adaptability within the Intelligence Community, another on the policy planning process within the Cabinet Offices/National Security Councils and the third focus is on the planning process and how policy is implemented within the bureaucracy. The issue of policy transfer is also analysed, revealing that there is some imitation of innovation within governmental structures and policies, for example within the field of cyber defence. The main findings of the dissertation are that this context has built-in inertias and bureaucratic seams found in most government bureaucratic machineries. As much of the information and planning measures imply security classification of the transparency and internal debate on these issues, alternative assessments become limited. To remedy this situation, the thesis recommends ways to improve the decision-making system in order to streamline the processes involved in making these decisions. Another special focus of the thesis concerns the role of the public policy think tanks in the United States as an instrument of change in the country’s national security decision-making environment, which is viewed from the perspective as being a possible source of new ideas and innovation. The findings in this part are based on unique interviews data on how think tanks become successful and influence the policy debate in a country such as the United States. It appears clearly that in countries such as the United States think tanks smooth the decision making processes, and that this model with some adaptations also might be transferrable to other democratic countries.

Food webs in the era of molecular revolution – Like resolving the Gordian knot with a tricorder

Living nature consists of countless organisms, which are classified into millions of species. These species interact in many ways; for example predators when foraging on their prey, insect larvae consuming plants, and pathogenic bacteria drifting into humans. In addition, abiotic nature has a great initiative impact on life through many factors (including sunlight, ambient temperature, and water. In my thesis, I have studied interactions among different life forms in multifaceted ways. The webs of these interactions are commonly referred to as food webs, describing feeding relationships between species or energy transfer from one trophic level to another. These ecological interactions – whether they occur between species, between individuals, or between microorganisms within an individual – are among the greatest forces affecting natural communities. Relationships are tightly related to biological diversity, that is, species richness and abundances. A species is called a node in food web vocabulary, and its interactions to other species are called links. Generally, Artic food webs are considered to be loosely linked, simple structures. This conception roots into early modern food webs, where insects and other arthropods, for example, were clumped under one node. However, it has been shown that arthropods form the greatest part of diversity and biomass both in the tropics and in Arctic areas. Earlier challenges of revealing the role of insects and microorganisms in interactions webs have become possible with the help of recent advances in molecular techniques. In the first chapter, I studied the prey diversity of a common bat, Myotis daubentonii, in southwestern Finland. My results proved M. daubentonii being a versatile predator whose diet mainly consists of aquatic insects, such as chironomid midges. In the second chapter, I expanded the view to changes in seasonal and individual-based variation in the diet of M. daubentonii including the relationship between available and observed prey. I found out that chironomids remain the major prey group even though their abundance decreases in proportion to other insect groups. Diet varied a lot between individuals, although the differences were not statistically significant. The third chapter took the study to a large network in Greenland. I showed that Artic food webs are very complex when arthropods are taken into account. In the fourth chapter, I examined the bacterial flora of M. daubentonii and surveyed the zoonotic potential of these bacteria. I found Bartonella bacteria, of which one was described as a new species named after the locality of discovery. I have shown in my thesis that Myotis daubentonii as a predator links many insect species as well as terrestrial and aquatic environments. Moreover, I have exposed that Arctic food webs are complex structures comprising of many densely linked species. Finally, I demonstrated that the bacterial flora of bats includes several previously unknown species, some of which could possibly turn in to zoonosis. To summarize, molecular methods have untied several knots in biological research. I hope that this kind of increasing knowledge of the surrounding nature makes us further value all the life forms on earth.

Evaluation of Machine Learning Classifiers for Mobile Network Intrusion Detection Systems

Mobile malwares are increasing with the growing number of Mobile users. Mobile malwares can perform several operations which lead to cybersecurity threats such as, stealing financial or personal information, installing malicious applications, sending premium SMS, creating backdoors, keylogging and crypto-ransomware attacks. Knowing the fact that there are many illegitimate Applications available on the App stores, most of the mobile users remain careless about the security of their Mobile devices and become the potential victim of these threats. Previous studies have shown that not every antivirus is capable of detecting all the threats; due to the fact that Mobile malwares use advance techniques to avoid detection. A Network-based IDS at the operator side will bring an extra layer of security to the subscribers and can detect many advanced threats by analyzing their traffic patterns. Machine Learning(ML) will provide the ability to these systems to detect unknown threats for which signatures are not yet known. This research is focused on the evaluation of Machine Learning classifiers in Network-based Intrusion detection systems for Mobile Networks. In this study, different techniques of Network-based intrusion detection with their advantages, disadvantages and state of the art in Hybrid solutions are discussed. Finally, a ML based NIDS is proposed which will work as a subsystem, to Network-based IDS deployed by Mobile Operators, that can help in detecting unknown threats and reducing false positives. In this research, several ML classifiers were implemented and evaluated. This study is focused on Android-based malwares, as Android is the most popular OS among users, hence most targeted by cyber criminals. Supervised ML algorithms based classifiers were built using the dataset which contained the labeled instances of relevant features. These features were extracted from the traffic generated by samples of several malware families and benign applications. These classifiers were able to detect malicious traffic patterns with the TPR upto 99.6% during Cross-validation test. Also, several experiments were conducted to detect unknown malware traffic and to detect false positives. These classifiers were able to detect unknown threats with the Accuracy of 97.5%. These classifiers could be integrated with current NIDS', which use signatures, statistical or knowledge-based techniques to detect malicious traffic. Technique to integrate the output from ML classifier with traditional NIDS is discussed and proposed for future work.

Dynamics AX -toiminnanohjausjärjestelmän jatkuvuudenhallinta ja toipumissuunnitelma - Simulaatiotestausmalli: case CGI Suomi Oy

Nyky-yhteiskunta nojautuu vahvasti tietojärjestelmiin luoden laajemman arkkitehtuurisen kokonaisuuden, kybertoimintaympäristön. Liiketoimintaa tukevat tietojärjestelmät tukevat myös organisaatioiden prosesseja kokonaisvaltaisesti. Jotta näitä tärkeitä kyberympäristön tietojärjestelmä- sekä liiketoimintaympäristöresursseja pystytään käyttämään, tulee järjestelmien olla luotettavia ja sovellusten saatavilla vuorokauden ympäri tai aina tarvittaessa. Tilanteet, joissa järjestelmän käytettävyys vaarantuu, voivat eskaloitua yllättäen suuremmiksi, jos poikkeustilanteisiin ei ole varauduttu. Poikkeustilanteisiin varautumiseen tarvitaan jatkuvuudenhallintaa, joka on kiinteästi osa kattavampaa IT-strategiaa ja koko yhteiskunta-/yrityskulttuuria. Työ on toteutettu yhdistäen empiriaa ja teoriaa eli tavoitteena on teoreettisen tietämyksen ja käytännön kokemuksellisen oppimisen ja tietämyksen kautta luoda konstruktiivisella otteella toipumissuunnitelman testauksessa käytettävä simulaatiotestausmalli. Dynamics AX -toiminnanohjausjärjestelmän toipumissuunnitelman simulaatiotestausmallista rakentui selkeä ja kevyt työkalu asiakasyritysten toipumissuunnitelman simulaatiotestauksiin. Diplomityössä kuvatuilla keinotekoisilla järjestelmän häiriötilanteilla pystytään simuloimaan Dynamics AX:n toipumissuunnitelman testauksissa oikeita häiriötilanteita suhteellisen kattavalla tasolla.

Analysis of Automotive Cybersecurity - Attack surfaces and users’ privacy concerns

Modern automobiles are no longer just mechanical tools. The electronics and computing services they are shipping with are making them not less than a computer. They are massive kinetic devices with sophisticated computing power. Most of the modern vehicles are made with the added connectivity in mind which may be vulnerable to outside attack. Researchers have shown that it is possible to infiltrate into a vehicle’s internal system remotely and control the physical entities such as steering and brakes. It is quite possible to experience such attacks on a moving vehicle and unable to use the controls. These massive connected computers can be life threatening as they are related to everyday lifestyle. First part of this research studied the attack surfaces in the automotive cybersecurity domain. It also illustrated the attack methods and capabilities of the damages. Online survey has been deployed as data collection tool to learn about the consumers’ usage of such vulnerable automotive services. The second part of the research portrayed the consumers’ privacy in automotive world. It has been found that almost hundred percent of modern vehicles has the capabilities to send vehicle diagnostic data as well as user generated data to their manufacturers, and almost thirty five percent automotive companies are collecting them already. Internet privacy has been studies before in many related domain but no privacy scale were matched for automotive consumers. It created the research gap and motivation for this thesis. A study has been performed to use well established consumers privacy scale – IUIPC to match with the automotive consumers’ privacy situation. Hypotheses were developed based on the IUIPC model for internet consumers’ privacy and they were studied by the finding from the data collection methods. Based on the key findings of the research, all the hypotheses were accepted and hence it is found that automotive consumers’ privacy did follow the IUIPC model under certain conditions. It is also found that a majority of automotive consumers use the services and devices that are vulnerable and prone to cyber-attacks. It is also established that there is a market for automotive cybersecurity services and consumers are willing to pay certain fees to avail that.