Antidefacement

Internet connects around three billions of users worldwide, a number increasing every day. Thanks to this technology, people, companies and devices perform several tasks, such as information broadcasting through websites. Because of the large volumes of sensitive information and the lack of security in the websites, the number of attacks on these applications has been increasing significantly. Attacks on websites have different purposes, one of these is the introduction of unauthorized modifications (defacement). Defacement is an issue which involves impacts on both, system users and company image, thus, the researchers community has been working on solutions to reduce security risks. This paper presents an introduction to the state of the art about techniques, methodologies and solutions proposed by both, the researchers community and the computer security industry

Defacement Detection with Passive Adversaries

A novel approach to defacement detection is proposed in this paper, addressing explicitly the possible presence of a passive adversary. Defacement detection is an important security measure for Web Sites and Applications, aimed at avoiding unwanted modifications that would result in significant reputational damage. As in many other anomaly detection contexts, the algorithm used to identify possible defacements is obtained via an Adversarial Machine Learning process. We consider an exploratory setting, where the adversary can observe the detector’s alarm-generating behaviour, with the purpose of devising and injecting defacements that will pass undetected. It is then necessary to make to learning process unpredictable, so that the adversary will be unable to replicate it and predict the classifier’s behaviour. We achieve this goal by introducing a secret key—a key that our adversary does not know. The key will influence the learning process in a number of different ways, that are precisely defined in this paper. This includes the subset of examples and features that are actually used, the time of learning and testing, as well as the learning algorithm’s hyper-parameters. This learning methodology is successfully applied in this context, by using the system with both real and artificially modified Web sites. A year-long experimentation is also described, referred to the monitoring of the new Web Site of a major manufacturing company

Website Defacement Detector

It is undeniable that website has become an important element in the life of nowadays generation. As the website become more sophisticated, likewise the security threats that the website poses. One of them is website defacement in which unauthorized person changes the visual appearances of the website for various intention. Some are only for fun and hacking skill-testing, but worst case, it can be cause further severe security damages. It can be said that website defacement can causes security threats to a website and also can damage the reputation of the website owner. This is very bad especially for businesses-website because the website portray their public face. Usually, website administrator or website owner get the information about their website being deface too late, making public already see the messages or images on their defaced website which can humiliate and lower down their reputation. That is why, a website defacement detector is a must to be developed to monitor the website at a specific time interval and alert the website admin through email as soon as the system detected any unauthorized changes. Therefore, the target user for this application is the website admin and website owner. The approaches that will be implemented in this project are whether anomaly detection technique or hash tags comparison technique. The approach is not yet decided as this research study is yet to test on both approaches. Besides that this research study has conducted data collection such as interview, document studies and website defacement patterns observation. The results will help this research study to further develop a system that fulfills the requirements that a website admin or website owner might ask

Malicious Malware Detection Using Machine Learning Perspectives

The opportunity for potential attackers to use more advanced techniques to exploit more people who are online is growing. These methods include getting visitors to click on dangerous URLs that could expose them to spam and ads, financial fraud, defacement of their website, and malware.  In this study, we tested different machine learning algorithms against a set of harmful URLs to see how well they worked overall and how well they found malware, spam, defacement, or phishing. The ISXC-URL-2016 dataset from the University of New Brunswick was used to make the dataset. The data was evaluated in Weka using the Random Forest, Decision Tree, Naïve Bayes, and Support Vector Machine algorithms. Each evaluation had a split of 80% of the data and a 5-fold, 10-fold, or 15-fold cross-validation. It was found that the 10-fold Random Forest algorithm correctly categorized 98.8% of the dataset's cases with the most accuracy.  The results of this experiment showed that machine learning can be a useful tool for companies that want to improve their security. Despite different limitations encountered in the completion of this research, This study is the most comprehensive available on the use of practices relevant to Malware detection. Keywords:Machine Learning, URLs, Random Forest, Naive Bayes, Decision Tree, Support Vector Machine DOI: 10.7176/JIEA/12-2-02 Publication date: November 30th 202

The effects of security protocols on cybercrime at Ahmadu Bello University, Zaria, Nigeria.

Masters Degree. University of KwaZulu-Natal, Durban.The use of Information Communication Technology (ICT) within the educational sector is increasing rapidly. University systems are becoming increasingly dependent on computerized information systems (CIS) in order to carry out their daily routine. Moreover, CIS no longer process staff records and financial data only, as they once did. Nowadays, universities use CIS to assist in automating the overall system. This automation includes the use of multiple databases, data detail periodicity (i.e. gender, race/ethnicity, enrollment, degrees granted, and program major), record identification (e.g. social security number ‘SSN’), linking to other databases (i.e. linking unit record data with external databases such as university and employment data). The increasing demand and exposure to Internet resources and infrastructure by individuals and universities have made IT infrastructure easy targets for cybercriminals who employ sophisticated attacks such as Advanced Persistent Threats, Distributed Denial of Service attacks and Botnets in order to steal confidential data, identities of individuals and money. Hence, in order to stay in business, universities realise that it is imperative to secure vital Information Systems from easily being exploited by emerging and existing forms of cybercrimes. This study was conducted to determine and evaluate the various forms of cybercrimes and their consequences on the university network at Ahmadu Bello University, Zaria. The study was also aimed at proposing means of mitigating cybercrimes and their effects on the university network. Hence, an exploratory research design supported by qualitative research approach was used in this study. Staff of the Institute of Computing, Information and Communication technology (ICICT) were interviewed. The findings of the study present different security measures, and security tools that can be used to effectively mitigate cybercrimes. It was found that social engineering, denial of service attacks, website defacement were among the types of cybercrimes occurring on the university network. It is therefore recommended that behavioural approach in a form of motivation of staff behaviour, salary increases, and cash incentive to reduce cybercrime perpetrated by these staff

The World of Defacers: Looking through the Lens of Their Activities on Twitter

Many web-based attacks have been studied to understand how web hackers behave, but web site defacement attacks (malicious content manipulations of victim web sites) and defacers’ behaviors have received less attention from researchers. This paper fills this research gap via a computational data-driven analysis of a public database of defacers and defacement attacks and activities of 96 selected defacers who were active on Twitter. We conducted a comprehensive analysis of the data: an analysis of a friendship graph with 10,360 nodes, an analysis on how sentiments of defacers related to attack patterns, and a topical modelling based analysis to study what defacers discussed publicly on Twitter. Our analysis revealed a number of key findings: a modular and hierarchical clustering method can help discover interesting sub-communities of defacers; sentiment analysis can help categorize behaviors of defacers in terms of attack patterns; and topic modelling revealed some focus topics (politics, country-specific topics, and technical discussions) among defacers on Twitter and also geographic links of defacers sharing similar topics. We believe that these findings are useful for a better understanding of defacers' behaviors, which could help design and development of better solutions for detecting defacers and even preventing impeding defacement attacks

Website Defacement Detector

It is undeniable that website has become an important element in the life of nowadays generation. As the website become more sophisticated, likewise the security threats that the website poses. One of them is website defacement in which unauthorized person changes the visual appearances of the website for various intention. Some are only for fun and hacking skill-testing, but worst case, it can be cause further severe security damages. It can be said that website defacement can causes security threats to a website and also can damage the reputation of the website owner. This is very bad especially for businesses-website because the website portray their public face. Usually, website administrator or website owner get the information about their website being deface too late, making public already see the messages or images on their defaced website which can humiliate and lower down their reputation. That is why, a website defacement detector is a must to be developed to monitor the website at a specific time interval and alert the website admin through email as soon as the system detected any unauthorized changes. Therefore, the target user for this application is the website admin and website owner. The approaches that will be implemented in this project are whether anomaly detection technique or hash tags comparison technique. The approach is not yet decided as this research study is yet to test on both approaches. Besides that this research study has conducted data collection such as interview, document studies and website defacement patterns observation. The results will help this research study to further develop a system that fulfills the requirements that a website admin or website owner might ask

Cyber Places, Crime Patterns, and Cybercrime Prevention: An Environmental Criminology and Crime Analysis approach through Data Science

For years, academics have examined the potential usefulness of traditional criminological theories to explain and prevent cybercrime. Some analytical frameworks from Environmental Criminology and Crime Analysis (ECCA), such as the Routine Activities Approach and Situational Crime Prevention, are frequently used in theoretical and empirical research for this purpose. These efforts have led to a better understanding of how crime opportunities are generated in cyberspace, thus contributing to advancing the discipline. However, with a few exceptions, other ECCA analytical frameworks — especially those based on the idea of geographical place— have been largely ignored. The limited attention devoted to ECCA from a global perspective means its true potential to prevent cybercrime has remained unknown to date. In this thesis we aim to overcome this geographical gap in order to show the potential of some of the essential concepts that underpin the ECCA approach, such as places and crime patterns, to analyse and prevent four crimes committed in cyberspace. To this end, this dissertation is structured in two phases: firstly, a proposal for the transposition of ECCA's fundamental propositions to cyberspace; and secondly, deriving from this approach some hypotheses are contrasted in four empirical studies through Data Science. The first study contrasts a number of premises of repeat victimization in a sample of more than nine million self-reported website defacements. The second examines the precipitators of crime at cyber places where allegedly fixed match results are advertised and the hyperlinked network they form. The third explores the situational contexts where repeated online harassment occurs among a sample of non-university students. And the fourth builds two metadata-driven machine learning models to detect online hate speech in a sample of Twitter messages collected after a terrorist attack. General results show (1) that cybercrimes are not randomly distributed in space, time, or among people; and (2) that the environmental features of the cyber places where they occur determine the emergence of crime opportunities. Overall, we conclude that the ECCA approach and, in particular, its place-based analytical frameworks can also be valid for analysing and preventing crime in cyberspace. We anticipate that this work can guide future research in this area including: the design of secure online environments, the allocation of preventive resources to high-risk cyber places, and the implementation of new evidence- based situational prevention measure