fullrecord |
[{"key": "dc.contributor.advisor", "value": "Siponen, Mikko", "language": "", "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "H\u00e4kkinen, Niko", "language": null, "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2017-06-15T10:03:02Z", "language": "", "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2017-06-15T10:03:02Z", "language": "", "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2017", "language": null, "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.other", "value": "oai:jykdok.linneanet.fi:1703841", "language": null, "element": "identifier", "qualifier": "other", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/54520", "language": "", "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "T\u00e4ss\u00e4 pro-gradu tutkielmassa k\u00e4sitell\u00e4\u00e4n kohdistettua huijauss\u00e4hk\u00f6pos-tia organisaation tietoturvauhkana k\u00e4ytt\u00e4jien toiminnan n\u00e4k\u00f6kulmasta. Tutkielmassa kartoitettiin, mitk\u00e4 tekij\u00e4t ovat yhteydess\u00e4 kohdistetulla huijauss\u00e4hk\u00f6postilla huijatuksi tulemiseen. Tarkastelun kohteina olivat paitsi viestin ominaisuudet my\u00f6s erilaiset yksil\u00f6n ominaisuudet, kuten k\u00e4ytt\u00e4j\u00e4n tietoisuus tietoturvariskeist\u00e4. Tutkielman aihe on t\u00e4rke\u00e4, koska organisaatiot ovat yh\u00e4 riippuvaisempia tietoj\u00e4rjestelmien toiminnasta ja niiss\u00e4 olevista tiedoista. Kohdistetuista huijauss\u00e4hk\u00f6posteista voi aiheutua merkitt\u00e4vi\u00e4 vahinkoja organisaatioille, ja mahdollisuus vahingoille on kasvanut viime vuosien aikana, kun teknologia ja hy\u00f6kk\u00e4ystekniikat ovat kehittyneet. Tutkimuksen otos koostui kolmestakymmenest\u00e4 pankki- ja vakuutusalan organisaatioissa ty\u00f6skentelev\u00e4st\u00e4 henkil\u00f6st\u00e4.\r\n\r\nOrganisaation tietoturvan n\u00e4k\u00f6kulmasta kohdistettu huijauss\u00e4hk\u00f6posti (engl. spear phishing) on yksi haastavimmista tietoturvauhista. Teknisell\u00e4 analyysill\u00e4 pystyt\u00e4\u00e4n suodattamaan yksinkertaiset huijauss\u00e4hk\u00f6postit, mutta kohdistettuihin huijauss\u00e4hk\u00f6posteihin tekniset ratkaisut toimivat heikosti. Sill\u00e4 viestin sis\u00e4lt\u00f6 on personoitu nimenomaiselle s\u00e4hk\u00f6postin vastaanottajalle, eiv\u00e4tk\u00e4 viestit erotu selke\u00e4sti normaalista s\u00e4hk\u00f6postiviestinn\u00e4st\u00e4.\r\n\r\nT\u00e4ss\u00e4 tutkielmassa muodostettiin lineaarisella regressioanalyysill\u00e4 malli, joka selitti kohdistetulla huijauss\u00e4hk\u00f6postilla huijatuksi tulemisen todenn\u00e4k\u00f6isyytt\u00e4. T\u00e4m\u00e4 tutkimus osoitti, ett\u00e4 sek\u00e4 viestiin liittyvill\u00e4 ominaisuuksilla, ett\u00e4 yksil\u00f6n ominaisuuksilla on yhteytt\u00e4 huijatuksi tulemiseen kohdistetulla huijauss\u00e4hk\u00f6postilla. Tutkimuksen mukaan, mit\u00e4 mieluisammaksi tietotekniikan k\u00e4ytt\u00f6 koettiin, sit\u00e4 ep\u00e4todenn\u00e4k\u00f6isemmin tuli huijatuksi kohdistetulla huijauss\u00e4hk\u00f6postilla. Lis\u00e4ksi korkea tietoisuus tietoturvan riskeist\u00e4 yritykselle n\u00e4ytt\u00e4isi ehk\u00e4isev\u00e4n huijatuksi tulemista. Toisaalta viestin ominaisuuksien hyv\u00e4ksi arvioitu luotettavuus ennakoi huijatuksi tulemista kohdistetulla huijauss\u00e4hk\u00f6postilla. Tietoturvan teknisten suojamekanismien ohella k\u00e4ytt\u00e4jien koulutus ja asennekasvatus ovat keskeisi\u00e4 keinoja organisaation tietoturvan kehitt\u00e4misess\u00e4.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "The aim of this study was to shed light on spear phishing as a threat for organizations' IT security from a user action point of view. This study examined which factors associate with the probability to fall for spear phishing email. The focus was both on email qualities and on individual factors such as awareness of IT security risks. This topic is important because organizations are increasingly dependent on availability of IT systems and information those contain. Spear phishing may cause remarkable damages to organizations and the probability of damages has increased during last years as technology and attack techniques have developed. The sample consisted of 30 employees working in banking and insurance sector.\r\n\r\nSpear phishing is one of the most challenging security threat for organization IT security point of view. Technical filters can defend against simple phishing emails but spear phishing emails are less likely to be detected with technical solutions. Because spear phishing emails are crafted for certain receiver those are hard to point out from normal email flows.\r\n\r\nLinear regression analysis showed that email qualities and individual factors predicted statistically significantly the probability to fraud with spear phishing email. The results indicated that that persons who feel pleasant to use information technology were less likely to be fraud with spear phishing email. In addition, knowledge of IT security risks for organization seems prevent probability to be fraud. However, email's features, high reliability seems to be associated with the probability to fall for spear phishing email. There is two key findings based on this study which helps organizations to concentrate resources for developing IT security. In addition to technical IT security, it is important to put effort on user's general IT and attitudinal education.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted using Plone Publishing form by Niko H\u00e4kkinen (nialhakk) on 2017-06-15 10:03:01.798690. Form: Pro gradu -lomake (https://kirjasto.jyu.fi/julkaisut/julkaisulomakkeet/pro-gradu-lomake). JyX data: [jyx_publishing-allowed (fi) =True]", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by jyx lomake-julkaisija (jyx-julkaisija.group@korppi.jyu.fi) on 2017-06-15T10:03:02Z\r\nNo. of bitstreams: 2\r\nURN:NBN:fi:jyu-201706152905.pdf: 1009246 bytes, checksum: b22c2e19d6d92edb3f0cac693447d9fd (MD5)\r\nlicense.html: 4823 bytes, checksum: 738d0e37cf7fdab41171100cde622919 (MD5)", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2017-06-15T10:03:02Z (GMT). No. of bitstreams: 2\r\nURN:NBN:fi:jyu-201706152905.pdf: 1009246 bytes, checksum: b22c2e19d6d92edb3f0cac693447d9fd (MD5)\r\nlicense.html: 4823 bytes, checksum: 738d0e37cf7fdab41171100cde622919 (MD5)\r\n Previous issue date: 2017", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "1 verkkoaineisto (51 sivua)", "language": null, "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.format.mimetype", "value": "application/pdf", "language": null, "element": "format", "qualifier": "mimetype", "schema": "dc"}, {"key": "dc.language.iso", "value": "fin", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.subject.other", "value": "kohdistettu huijauss\u00e4hk\u00f6posti", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "spear phishing", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "organisaation tietoturva", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.title", "value": "Kohdistettu huijauss\u00e4hk\u00f6posti organisaatioiden tietoturvauhkana", "language": null, "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "master thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-201706152905", "language": null, "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Master\u2019s thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Pro gradu -tutkielma", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Information Systems Science", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Tietoj\u00e4rjestelm\u00e4tiede", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.date.updated", "value": "2017-06-15T10:03:02Z", "language": "", "element": "date", "qualifier": "updated", "schema": "dc"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": "", "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_bdcc", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": "fi", "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "masterThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "601", "language": null, "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "s\u00e4hk\u00f6posti", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "huijaus", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "organisaatiot", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietoturva", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "verkkourkinta", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.format.content", "value": "fulltext", "language": null, "element": "format", "qualifier": "content", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}, {"key": "dc.type.okm", "value": "G2", "language": null, "element": "type", "qualifier": "okm", "schema": "dc"}]
|