Skip to main content
Login | Suomeksi | På svenska | In English

Browsing by study line "Tietoverkot"

Sort by: Order: Results:

  • Leskinen, Juno (2022)
    The continuously evolving cyber threat landscape has become a major concern because sophisticated attacks against systems connected to the Internet have become frequent. The concern is on particular threats that are known as Advanced Persistent Threats (APT). The thesis aims to introduce what APTs are and illustrate other topics under the scope, such as tools and methods attackers can use. Attack models will also be explained, providing example models proposed in the literature. The thesis also introduces which kind of operational objectives attacks can have, and for each objective, one example attack is given that characterizes the objective. In addition, the thesis also uncovers various countermeasures, including most essential security solutions, complemented with more advanced methods. The last countermeasure that the thesis introduces is attribution analysis.
  • Porkka, Otto (2022)
    Blockchain technologies and cryptocurrencies have gained massive popularity in the past few years. Smart contracts extend the utility of these distributed ledgers to distributed state machines, where anyone can store and run code and then mutually agree on the next state. This opens up a whole new world of possibilities, but also many new security challenges. In this thesis we give an up-to-date survey on smart contract security issues. First we give a brief introduction to blockchains and smart contracts and explain the most common attack types and some mitigations against them. Then we sum up and analyse our findings. We find out that many of the attacks could be avoided or at least severely mitigated if the coders followed good coding practices and used design patterns that are proven to be good. Another finding is that changing the underlying blockchain technology to counter the issues is usually not the best way, as it is hard and troublesome to do and might restrict the usability of contracts too much. Lastly, we find out that many new automated tools for security are being developed and used, which indicates movement towards more conventional coding where automated tools like scanners and analysers are being used to cover a large set of security issues.
  • Colliander, Camilla (2022)
    Software development speed has significantly increased in recent years with methodologies like Agile and DevOps that use automation, among other technics, to enable continuous delivery of new features and software updates to the market. This increased speed has given rise to concerns over guaranteeing security at such a pace. To improve security in today’s fast-paced software development, DevSecOps was created as an extension of DevOps. This thesis focuses on the experiences and challenges of organizations and teams striving to implement DevSecOps. We first view our concepts through existing literature. Then, we conduct an online survey of 37 professionals from both security and development backgrounds. The results present the participants’ overall sentiments towards DevSecOps and the challenges they struggle with. We also investigate what kind of solutions have been tried to mitigate these issues and if these solutions have indeed worked.
  • Song, Xingchang (2022)
    Quantum networking is developing fast as an emerging research field. Distributing entangled qubits between any two locations in a quantum network is one of the goals of quantum networking, in which repeaters can be used to extend the length of entanglement. Although researchers focus extensively on problems inside one quantum network, further study on communication between quantum networks is necessary because the next possible evolution of quantum networking is the communication between two or more autonomous quantum networks. In this thesis, we adapted a time slotted model from the literature to study the inter quantum network routing problem. Quantum routing problem can be split into path selection and request scheduling. We focus on the latter considering the previous one received considerable interest in the literature. Five request scheduling policies are proposed to study the impact of preference for certain request types on entanglement generation rate. Experiments also demonstrate other factors should be considered in context of entanglement rate in communication between quantum networks, e.g., the number and distribution of requests and inter-network distance.
  • Kalinen, Riku (2022)
    In this thesis, we cover blockchain applications in public administration. First we cover components related to blockchain technology. We cover especially issues related to management of digital evidence, electronic voting, and health data. In the beginning we cover hash functions and the general structure of the blockchain. Then we cover the cryptocurrency Bitcoin as an example of the blockchain technology. The management of the digital evidence is covered by evaluating three published studies. Likewise, the applications related to voting are evaluated in the light of three publications. Lastly, the management of health data is covered by evaluating three publications. For each of the three areas, we present an estimation of the applicability of the blockchain technology, in the form presented in the evaluated publications. Additionally, we cover a few other potential blockchain application areas. Finally, we present the general evaluation of blockchain applicability to the public administration and the conclusion.
  • Lindholm, Krista (2022)
    Nowadays a growing number of mobile devices are in use, and the internet connections with mobile devices are increasingly important for the everyday life of the global population. As a result, applications and use cases of different requirements including high throughput, reliability and continuous connection have emerged for mobile device connections. Multipath transport located on the transport layer of the TCP/IP model has been proposed as a solution for providing better throughput, reliability and smooth handovers for mobile devices. Multiple network interfaces are present in current mobile devices, and multipath protocols can utilize them to transfer data through multiple paths inside one connection. Multipath protocols of parallel functionality have been proposed over the years, and relevant protocol versions include multipath extensions for well-known transport layer protocols. The aim of the thesis is to provide an overview of three multipath protocols, MPTCP, CMT-SCTP and MPQUIC and the advantages and limitations they have when used for mobile connectivity through a literature review. First the challenges of multipath transport and requirements specific for mobile device usage are identified, and an overview of the protocols and their features are discussed. Then the protocols are compared in the context of the identified challenges and mobile device use. MPTCP is the only transport layer multipath protocol currently deployed and in use, while CMT-SCTP faces problems with deployability. MPQUIC shows promise for having initially comparable performance and deployability with MPTCP. Transport layer multipath protocols are currently not optimal for interactive applications and have suboptimal performance in heterogeneous network conditions. Conversely, they can provide a boost for throughput with data intensive applications and can be helpful for providing smoother handovers, but at the cost of higher energy consumption.