Darknet As A Source Of Cyber Threat Intelligence

Darknet as a Source of Cyber Threat Intelligence

Author : Claude Fachkha

Publisher :

Page : 222 pages

File Size : 44,98 MB

Release : 2016

Category :

ISBN :

Get eBook

Book Description

Cyberspace has become a massive battlefield between computer criminals and computer security experts. In addition, large-scale cyber attacks have enormously matured and became capable to generate, in a prompt manner, significant interruptions and damage to Internet resources and infrastructure. Denial of Service (DoS) attacks are perhaps the most prominent and severe types of such large-scale cyber attacks. Furthermore, the existence of widely available encryption and anonymity techniques greatly increases the difficulty of the surveillance and investigation of cyber attacks. In this context, the availability of relevant cyber monitoring is of paramount importance. An effective approach to gather DoS cyber intelligence is to collect and analyze traffic destined to allocated, routable, yet unused Internet address space known as darknet. In this thesis, we leverage big darknet data to generate insights on various DoS events, namely, Distributed DoS (DDoS) and Distributed Reflection DoS (DRDoS) activities. First, we present a comprehensive survey of darknet. We primarily define and characterize darknet and indicate its alternative names. We further list other trap-based monitoring systems and compare them to darknet. In addition, we provide a taxonomy in relation to darknet technologies and identify research gaps that are related to three main darknet categories: deployment, traffic analysis, and visualization. Second, we characterize darknet data. Such information could generate indicators of cyber threat activity as well as provide in-depth understanding of the nature of its traffic. Particularly, we analyze darknet packets distribution, its used transport, network and application layer protocols and pinpoint its resolved domain names. Furthermore, we identify its IP classes and destination ports as well as geo-locate its source countries. We further investigate darknet-triggered threats. The aim is to explore darknet inferred threats and categorize their severities. Finally, we contribute by exploring the inter-correlation of such threats, by applying association rule mining techniques, to build threat association rules. Specifically, we generate clusters of threats that co-occur targeting a specific victim. Third, we propose a DDoS inference and forecasting model that aims at providing insights to organizations, security operators and emergency response teams during and after a DDoS attack. Specifically, this work strives to predict, within minutes, the attacks’ features, namely, intensity/rate (packets/sec) and size (estimated number of compromised machines/bots). The goal is to understand the future short-term trend of the ongoing DDoS attacks in terms of those features and thus provide the capability to recognize the current as well as future similar situations and hence appropriately respond to the threat. Further, our work aims at investigating DDoS campaigns by proposing a clustering approach to infer various victims targeted by the same campaign and predicting related features. To achieve our goal, our proposed approach leverages a number of time series and fluctuation analysis techniques, statistical methods and forecasting approaches. Fourth, we propose a novel approach to infer and characterize Internet-scale DRDoS attacks by leveraging the darknet space. Complementary to the pioneer work on inferring DDoS activities using darknet, this work shows that we can extract DoS activities without relying on backscattered analysis. The aim of this work is to extract cyber security intelligence related to DRDoS activities such as intensity, rate and geographic location in addition to various network-layer and flow-based insights. To achieve this task, the proposed approach exploits certain DDoS parameters to detect the attacks and the expectation maximization and k-means clustering techniques in an attempt to identify campaigns of DRDoS attacks. Finally, we conclude this work by providing some discussions and pinpointing some future work.



Darkweb Cyber Threat Intelligence Mining

Author : John Robertson

Publisher : Cambridge University Press

Page : 149 pages

File Size : 49,11 MB

Release : 2017-04-04

Category : Computers

ISBN : 1107185777

Get eBook

Book Description

This book describes techniques and results in cyber threat intelligence from the center of the malicious hacking underworld - the dark web.



Darknet Mining and Game Theory for Enhanced Cyber Threat Intelligence

Author : John Robertson

Publisher :

Page : 27 pages

File Size : 33,78 MB

Release : 2016

Category :

ISBN :

Get eBook

Book Description

Due to a recent increase in popularity, Darknet hacker marketplaces and forums now provide a rich source of cyber threat intelligence for security analysts. This paper offers background information on Darknet hacker communities and their value to the cybersecurity community before detailing an operational data-collection system that is currently gathering over 300 threat warnings per week, with a precision of around 90% (Nunes 2016). Additionally, we introduce a game theoretic framework designed to leverage the exploit data mined from the Darknet to provide system-specific policy recommendations. For the framework, we provide complexity results, provably near-optimal approximation algorithms, and evaluations on a dataset of real-world exploits.



Cyber Threat Intelligence

Author : Ali Dehghantanha

Publisher : Springer

Page : 334 pages

File Size : 12,78 MB

Release : 2018-04-27

Category : Computers

ISBN : 3319739514

Get eBook

Book Description

This book provides readers with up-to-date research of emerging cyber threats and defensive mechanisms, which are timely and essential. It covers cyber threat intelligence concepts against a range of threat actors and threat tools (i.e. ransomware) in cutting-edge technologies, i.e., Internet of Things (IoT), Cloud computing and mobile devices. This book also provides the technical information on cyber-threat detection methods required for the researcher and digital forensics experts, in order to build intelligent automated systems to fight against advanced cybercrimes. The ever increasing number of cyber-attacks requires the cyber security and forensic specialists to detect, analyze and defend against the cyber threats in almost real-time, and with such a large number of attacks is not possible without deeply perusing the attack features and taking corresponding intelligent defensive actions – this in essence defines cyber threat intelligence notion. However, such intelligence would not be possible without the aid of artificial intelligence, machine learning and advanced data mining techniques to collect, analyze, and interpret cyber-attack campaigns which is covered in this book. This book will focus on cutting-edge research from both academia and industry, with a particular emphasis on providing wider knowledge of the field, novelty of approaches, combination of tools and so forth to perceive reason, learn and act on a wide range of data collected from different cyber security and forensics solutions. This book introduces the notion of cyber threat intelligence and analytics and presents different attempts in utilizing machine learning and data mining techniques to create threat feeds for a range of consumers. Moreover, this book sheds light on existing and emerging trends in the field which could pave the way for future works. The inter-disciplinary nature of this book, makes it suitable for a wide range of audiences with backgrounds in artificial intelligence, cyber security, forensics, big data and data mining, distributed systems and computer networks. This would include industry professionals, advanced-level students and researchers that work within these related fields.



Dark Web Investigation

Author : Babak Akhgar

Publisher : Springer Nature

Page : 296 pages

File Size : 33,39 MB

Release : 2021-01-19

Category : Technology & Engineering

ISBN : 3030553434

Get eBook

Book Description

This edited volume explores the fundamental aspects of the dark web, ranging from the technologies that power it, the cryptocurrencies that drive its markets, the criminalities it facilitates to the methods that investigators can employ to master it as a strand of open source intelligence. The book provides readers with detailed theoretical, technical and practical knowledge including the application of legal frameworks. With this it offers crucial insights for practitioners as well as academics into the multidisciplinary nature of dark web investigations for the identification and interception of illegal content and activities addressing both theoretical and practical issues.



Inside the Dark Web

Author : Erdal Ozkaya

Publisher : CRC Press

Page : 302 pages

File Size : 25,8 MB

Release : 2019-06-19

Category : Computers

ISBN : 100001228X

Get eBook

Book Description

Inside the Dark Web provides a broad overview of emerging digital threats and computer crimes, with an emphasis on cyberstalking, hacktivism, fraud and identity theft, and attacks on critical infrastructure. The book also analyzes the online underground economy and digital currencies and cybercrime on the dark web. The book further explores how dark web crimes are conducted on the surface web in new mediums, such as the Internet of Things (IoT) and peer-to-peer file sharing systems as well as dark web forensics and mitigating techniques. This book starts with the fundamentals of the dark web along with explaining its threat landscape. The book then introduces the Tor browser, which is used to access the dark web ecosystem. The book continues to take a deep dive into cybersecurity criminal activities in the dark net and analyzes the malpractices used to secure your system. Furthermore, the book digs deeper into the forensics of dark web, web content analysis, threat intelligence, IoT, crypto market, and cryptocurrencies. This book is a comprehensive guide for those who want to understand the dark web quickly. After reading Inside the Dark Web, you’ll understand The core concepts of the dark web. The different theoretical and cross-disciplinary approaches of the dark web and its evolution in the context of emerging crime threats. The forms of cybercriminal activity through the dark web and the technological and "social engineering" methods used to undertake such crimes. The behavior and role of offenders and victims in the dark web and analyze and assess the impact of cybercrime and the effectiveness of their mitigating techniques on the various domains. How to mitigate cyberattacks happening through the dark web. The dark web ecosystem with cutting edge areas like IoT, forensics, and threat intelligence and so on. The dark web-related research and applications and up-to-date on the latest technologies and research findings in this area. For all present and aspiring cybersecurity professionals who want to upgrade their skills by understanding the concepts of the dark web, Inside the Dark Web is their one-stop guide to understanding the dark web and building a cybersecurity plan.



Inside the Dark Web

Author : Erdal Ozkaya

Publisher : CRC Press

Page : 285 pages

File Size : 46,26 MB

Release : 2019-06-19

Category : Computers

ISBN : 1000005461

Get eBook

Book Description

Inside the Dark Web provides a broad overview of emerging digital threats and computer crimes, with an emphasis on cyberstalking, hacktivism, fraud and identity theft, and attacks on critical infrastructure. The book also analyzes the online underground economy and digital currencies and cybercrime on the dark web. The book further explores how dark web crimes are conducted on the surface web in new mediums, such as the Internet of Things (IoT) and peer-to-peer file sharing systems as well as dark web forensics and mitigating techniques. This book starts with the fundamentals of the dark web along with explaining its threat landscape. The book then introduces the Tor browser, which is used to access the dark web ecosystem. The book continues to take a deep dive into cybersecurity criminal activities in the dark net and analyzes the malpractices used to secure your system. Furthermore, the book digs deeper into the forensics of dark web, web content analysis, threat intelligence, IoT, crypto market, and cryptocurrencies. This book is a comprehensive guide for those who want to understand the dark web quickly. After reading Inside the Dark Web, you’ll understand The core concepts of the dark web. The different theoretical and cross-disciplinary approaches of the dark web and its evolution in the context of emerging crime threats. The forms of cybercriminal activity through the dark web and the technological and "social engineering" methods used to undertake such crimes. The behavior and role of offenders and victims in the dark web and analyze and assess the impact of cybercrime and the effectiveness of their mitigating techniques on the various domains. How to mitigate cyberattacks happening through the dark web. The dark web ecosystem with cutting edge areas like IoT, forensics, and threat intelligence and so on. The dark web-related research and applications and up-to-date on the latest technologies and research findings in this area. For all present and aspiring cybersecurity professionals who want to upgrade their skills by understanding the concepts of the dark web, Inside the Dark Web is their one-stop guide to understanding the dark web and building a cybersecurity plan.



Identification of Pathogenic Social Media Accounts

Author : Hamidreza Alvari

Publisher : Springer Nature

Page : 100 pages

File Size : 49,74 MB

Release : 2021-01-04

Category : Computers

ISBN : 303061431X

Get eBook

Book Description

This book sheds light on the challenges facing social media in combating malicious accounts, and aims to introduce current practices to address the challenges. It further provides an in-depth investigation regarding characteristics of “Pathogenic Social Media (PSM),”by focusing on how they differ from other social bots (e.g., trolls, sybils and cyborgs) and normal users as well as how PSMs communicate to achieve their malicious goals. This book leverages sophisticated data mining and machine learning techniques for early identification of PSMs, using the relevant information produced by these bad actors. It also presents proactive intelligence with a multidisciplinary approach that combines machine learning, data mining, causality analysis and social network analysis, providing defenders with the ability to detect these actors that are more likely to form malicious campaigns and spread harmful disinformation. Over the past years, social media has played a major role in massive dissemination of misinformation online. Political events and public opinion on the Web have been allegedly manipulated by several forms of accounts including “Pathogenic Social Media (PSM)” accounts (e.g., ISIS supporters and fake news writers). PSMs are key users in spreading misinformation on social media - in viral proportions. Early identification of PSMs is thus of utmost importance for social media authorities in an effort toward stopping their propaganda. The burden falls to automatic approaches that can identify these accounts shortly after they began their harmful activities. Researchers and advanced-level students studying and working in cybersecurity, data mining, machine learning, social network analysis and sociology will find this book useful. Practitioners of proactive cyber threat intelligence and social media authorities will also find this book interesting and insightful, as it presents an important and emerging type of threat intelligence facing social media and the general public.



Cyber Threat Intelligence for the Internet of Things

Author : Elias Bou-Harb

Publisher : Springer Nature

Page : 98 pages

File Size : 17,21 MB

Release : 2020-05-30

Category : Computers

ISBN : 303045858X

Get eBook

Book Description

This book reviews IoT-centric vulnerabilities from a multidimensional perspective by elaborating on IoT attack vectors, their impacts on well-known security objectives, attacks which exploit such vulnerabilities, coupled with their corresponding remediation methodologies. This book further highlights the severity of the IoT problem at large, through disclosing incidents of Internet-scale IoT exploitations, while putting forward a preliminary prototype and associated results to aid in the IoT mitigation objective. Moreover, this book summarizes and discloses findings, inferences, and open challenges to inspire future research addressing theoretical and empirical aspects related to the imperative topic of IoT security. At least 20 billion devices will be connected to the Internet in the next few years. Many of these devices transmit critical and sensitive system and personal data in real-time. Collectively known as “the Internet of Things” (IoT), this market represents a $267 billion per year industry. As valuable as this market is, security spending on the sector barely breaks 1%. Indeed, while IoT vendors continue to push more IoT devices to market, the security of these devices has often fallen in priority, making them easier to exploit. This drastically threatens the privacy of the consumers and the safety of mission-critical systems. This book is intended for cybersecurity researchers and advanced-level students in computer science. Developers and operators working in this field, who are eager to comprehend the vulnerabilities of the Internet of Things (IoT) paradigm and understand the severity of accompanied security issues will also be interested in this book.



Encyclopedia of Criminal Activities and the Deep Web

Author : Khosrow-Pour D.B.A., Mehdi

Publisher : IGI Global

Page : 1162 pages

File Size : 26,33 MB

Release : 2020-02-01

Category : True Crime

ISBN : 1522597166

Get eBook

Book Description

As society continues to rely heavily on technological tools for facilitating business, e-commerce, banking, and communication, among other applications, there has been a significant rise in criminals seeking to exploit these tools for their nefarious gain. Countries all over the world are seeing substantial increases in identity theft and cyberattacks, as well as illicit transactions, including drug trafficking and human trafficking, being made through the dark web internet. Sex offenders and murderers explore unconventional methods of finding and contacting their victims through Facebook, Instagram, popular dating sites, etc., while pedophiles rely on these channels to obtain information and photographs of children, which are shared on hidden community sites. As criminals continue to harness technological advancements that are outpacing legal and ethical standards, law enforcement and government officials are faced with the challenge of devising new and alternative strategies to identify and apprehend criminals to preserve the safety of society. The Encyclopedia of Criminal Activities and the Deep Web is a three-volume set that includes comprehensive articles covering multidisciplinary research and expert insights provided by hundreds of leading researchers from 30 countries including the United States, the United Kingdom, Australia, New Zealand, Germany, Finland, South Korea, Malaysia, and more. This comprehensive encyclopedia provides the most diverse findings and new methodologies for monitoring and regulating the use of online tools as well as hidden areas of the internet, including the deep and dark web. Highlighting a wide range of topics such as cyberbullying, online hate speech, and hacktivism, this book will offer strategies for the prediction and prevention of online criminal activity and examine methods for safeguarding internet users and their data from being tracked or stalked. Due to the techniques and extensive knowledge discussed in this publication it is an invaluable addition for academic and corporate libraries as well as a critical resource for policy makers, law enforcement officials, forensic scientists, criminologists, sociologists, victim advocates, cybersecurity analysts, lawmakers, government officials, industry professionals, academicians, researchers, and students within this field of study.