Similarity Analysis of Single-Vendor Marketplaces in the Tor-Network

Single-vendor shops are darknet marketplaces where individuals offer their own goods or services on their own darknet website. There are many single-vendor shops with a wide range of offers in the Tor-network. This paper presents a method to find similarities between these vendor websites to discover possible operational structures between them. In order to achieve this, similarity values between the darknet websites are determined by combining different features from the categories content, structure and metadata. Our results show that the features HTML-Tag, HTML-Class, HTML-DOM-Tree as well as File-Content, Open Ports and Links-To proved to be particularly important and very effective in revealing commonalities between darknet websites. Using the similarity detection method, it was found that only 49% of the 258 single-vendor marketplaces were unique, meaning that there were no similar websites. In addition, 20% of all vendor shops are duplicates. 31% of all single-vendor marketplaces can be sorted into seven similarity groups.

Read more...

The Threat of Covert Channels in Network Time Synchronisation Protocols

Abstract: Synchronized clocks are vital for most communication scenarios in networks of Information Technology (IT) and Operational Technology (OT). The process of time synchronisation requires transmission of high-precision timestamps often originating from external sources. In this paper, we analyze how time synchronization protocols impose a threat by being leveraged as carrier for network covert channels.

Read more...

Privacy Preservation for Enterprises Data in Edge Devices

Abstract: Privacy becomes the most important topic as user’s data gets more and more widely used and exchanged across internet. Edge devices are replacing traditional monitoring and maintenance strategy for daily used items in households as well as industrial establishments. The usage of technology is getting more and more pervasive. 6G further increases the importance of edge devices in a network as network speeds increase, making the edge device much more powerful element in the network. Edge devices would have massive store and exchange of personal data of the individual. Data privacy forms the primary requirement for accessing data of individuals. Paper presents a novel concept on combination of techniques including cryptography, randomization, pseudonymization and others to achieve anonymization. It investigates in detail how the privacy relevant data of individuals can be protected as well as made relevant for research. It arrives at an interesting and unique approach for privacy preservation on edge devices opening up new business opportunities and make the data subject in charge of their data.

Read more...

IoT Health Data in Electronic Health Records (EHR): Security and Privacy Issues in Era of 6G

Millions of wearable devices with embedded sensors (e.g., fitness trackers) are present in daily lives of its users, with the number growing continuously, especially with the approaching 6G communication technology. These devices are helping their users in monitoring daily activities and promoting positive health habits. Potential integration of such collected data into central medical system would lead to more personalized healthcare and an improved patient-physician experience. However, this process is met with several challenges, as medical data is of a highly sensitive nature. This paper focuses on the security and privacy issues for such a process. After providing a comprehensive list of security and privacy threats relevant to data collection and its handling within a Central Health Information system, the paper addresses the challenges of designing a secure system and offers recommendations, solutions and guidelines for identified pre-6G and 6G security and privacy issues.

Read more...

Adaptive Matrix Pattern Steganography on RGB Images

Abstract: Almost all spatial domain image steganography methods rely on modifying the Least Significant Bits (LSB) of each pixel to minimize the visual distortions. However, these methods are susceptible to LSB blind attacks and quantitative steganalyses.
This paper presents an adaptive spatial domain image steganography algorithm for hiding digital media based on matrix patterns, named “Adaptive Matrix Pattern” (AMP). The AMP method increases the security of the steganography scheme of largely hidden messages since it adaptively generates a unique codebook matrix pattern for each ASCII character in each image block.

Read more...

Phisher Fighter: Website Phishing Detection System Based on URL and Term Frequency-Inverse Document Frequency Values

Fundamentally, phishing is a common cybercrime that is indulged by the intruders or hackers on naïve and credible individuals to make them reveal their unique and sensitive information through fictitious websites. The primary intension of this kind of cybercrime is to gain access to the ad hominem or classified information from the recipients. The obtained data comprises of information that can very well utilized to recognize an individual. The purloined personal or sensitive information is commonly marketed in the online dark market and subsequently these information will be bought by the personal identity brigands. Depending upon the sensitivity and the importance of the stolen information, the price of a single piece of purloined information would vary from few dollars to thousands of dollars. Machine learning (ML) as well as Deep Learning (DL) are powerful methods to analyse and endeavour against these phishing attacks.

Read more...

An Enhanced Sybil Guard to Detect Bots in Online Social Networks

Sybil accounts are swelling in popular social networking sites such as Twitter, Facebook etc. owing to cheap subscription and easy access to large masses. A malicious person creates multiple fake identities to outreach and outgrow his network. People blindly trust their online connections and fall into trap set up by these fake perpetrators. Sybil nodes exploit OSN’s ready-made connectivity to spread fake news, spamming, influencing polls, recommendations and advertisements, masquerading to get critical information, launching phishing attacks etc. Such accounts are surging in wide scale and so it has become very vital to effectively detect such nodes. In this research a new classifier (combination of Sybil Guard, Twitter engagement rate and Profile statistics analyser) is developed to combat such Sybil nodes. The proposed classifier overcomes the limitations of structure based, machine learning based and behaviour-based classifiers and is proven to be more accurate and robust than the base Sybil guard algorithm.

Read more...

Identifying the Phishing Websites Using the Patterns of TLS Certificates

With the recent rise of HTTPS adoption on the Web, attackers have begun “HTTPSifying” phishing websites. HTTPSifying a phishing website has the advantage of making the website appear legitimate and evading conventional detection methods that leverage URLs or web contents in the network. Further, adopting HTTPS could also contribute to generating intrinsic footprints and provide defenders with a great opportunity to monitor and detect websites, including phishing sites, as they would need to obtain a public-key certificate issued for the preparation of the websites. The potential benefits of certificate-based detection include (1) the comprehensive monitoring of all HTTPSified websites by using certificates immediately after their issuance, even if the attacker utilizes dynamic DNS (DDNS) or hosting services; this could be overlooked with the conventional domain-registration-based approaches; and (2) to detect phishing websites before they are published on the Internet.

Read more...