Bitcoin over Tor isn't a good idea

Bitcoin is a decentralized P2P digital currency in which coins are generated by a distributed set of miners and transaction are broadcasted via a peer-to-peer network. While Bitcoin provides some level of anonymity (or rather pseudonymity) by encouraging the users to have any number of random-looking Bitcoin addresses, recent research shows that this level of anonymity is rather low. This encourages users to connect to the Bitcoin network through anonymizers like Tor and motivates development of default Tor functionality for popular mobile SPV clients. In this paper we show that combining Tor and Bitcoin creates an attack vector for the deterministic and stealthy man-in-the-middle attacks. A low-resource attacker can gain full control of information flows between all users who chose to use Bitcoin over Tor. In particular the attacker can link together user's transactions regardless of pseudonyms used, control which Bitcoin blocks and transactions are relayed to the user and can \ delay or discard user's transactions and blocks. In collusion with a powerful miner double-spending attacks become possible and a totally virtual Bitcoin reality can be created for such set of users. Moreover, we show how an attacker can fingerprint users and then recognize them and learn their IP address when they decide to connect to the Bitcoin network directly.Comment: 11 pages, 4 figures, 4 table

Recent Advances and Success of Zero-Knowledge Security Protocols

How someone can get health insurance without sharing his health infor-mation? How you can get a loan without disclosing your credit score? There is a method to certify certain attributes of various data, either this is health metrics or finance information, without revealing the data itself or any other kind of personal data. This method is known as “zero-knowledge proofs”. Zero-Knowledge techniques are mathematical methods used to verify things without sharing or revealing underlying data. Zero-Knowledge protocols have vast applications from simple identity schemes and blockchains to de-fense research programs and nuclear arms control. In this article we present the basic principles behind ZKP technology, possible applications and the threats and vulnerabilities that it is subject to and we review proposed securi-ty solutions

Bitcoin forensics: a tutorial

Over the past eighteen months, the digital cryptocurrency Bitcoin has experienced significant growth in terms of usage and adoption. It has also been predicted that if this growth continues then it will become an increasingly useful tool for various illegal activities. Against this background, it seems safe to assume that students and professionals of digital forensics will require an understanding of the subject. New technologies are often a major challenge to the field of digital forensics due to the technical and legal challenges they introduce. This paper provides a set of tutorials for Bitcoin that allows for leaners from both backgrounds to be taught how it operates, and how it may impact on their working practice. Earlier this year they were delivered to a cohort of third year undergraduates. To the author’s knowledge, this represents the first integration of the topic into a digital forensics programme by a higher education provider

The Dark Web Phenomenon: A Review and Research Agenda

The internet can be broadly divided into three parts: surface, deep and dark. The dark web has become notorious in the media for being a hidden part of the web where all manner of illegal activities take place. This review investigates how the dark web is being utilised with an emphasis on cybercrime, and how law enforcement plays the role of its adversary. The review describes these hidden spaces, sheds light on their history, the activities that they harbour – including cybercrime, the nature of attention they receive, and methodologies employed by law enforcement in an attempt to defeat their purpose. More importantly, it is argued that these spaces should be considered a phenomenon and not an isolated occurrence to be taken as merely a natural consequence of technology. This paper contributes to the area of dark web research by serving as a reference document and by proposing a research agenda

An ensemble-based anomaly-behavioural crypto-ransomware pre-encryption detection model

Crypto-ransomware is a malware that leverages cryptography to encrypt files for extortion purposes. Even after neutralizing such attacks, the targeted files remain encrypted. This irreversible effect on the target is what distinguishes crypto-ransomware attacks from traditional malware. Thus, it is imperative to detect such attacks during pre-encryption phase. However, existing crypto-ransomware early detection solutions are not effective due to inaccurate definition of the pre-encryption phase boundaries, insufficient data at that phase and the misuse-based approach that the solutions employ, which is not suitable to detect new (zero-day) attacks. Consequently, those solutions suffer from low detection accuracy and high false alarms. Therefore, this research addressed these issues and developed an Ensemble-Based Anomaly-Behavioural Pre-encryption Detection Model (EABDM) to overcome data insufficiency and improve detection accuracy of known and novel crypto-ransomware attacks. In this research, three phases were used in the development of EABDM. In the first phase, a Dynamic Pre-encryption Boundary Definition and Features Extraction (DPBD-FE) scheme was developed by incorporating Rocchio feedback and vector space model to build a pre-encryption boundary vector. Then, an improved term frequency-inverse document frequency technique was utilized to extract the features from runtime data generated during the pre-encryption phase of crypto-ransomware attacks’ lifecycle. In the second phase, a Maximum of Minimum-Based Enhanced Mutual Information Feature Selection (MM-EMIFS) technique was used to select the informative features set, and prevent overfitting caused by high dimensional data. The MM-EMIFS utilized the developed Redundancy Coefficient Gradual Upweighting (RCGU) technique to overcome data insufficiency during pre-encryption phase and improve feature’s significance estimation. In the final phase, an improved technique called incremental bagging (iBagging) built incremental data subsets for anomaly and behavioural-based detection ensembles. The enhanced semi-random subspace selection (ESRS) technique was then utilized to build noise-free and diverse subspaces for each of these incremental data subsets. Based on the subspaces, the base classifiers were trained for each ensemble. Both ensembles employed the majority voting to combine the decisions of the base classifiers. After that, the decision of the anomaly ensemble was combined into behavioural ensemble, which gave the final decision. The experimental evaluation showed that, DPBD-FE scheme reduced the ratio of crypto-ransomware samples whose pre-encryption boundaries were missed from 18% to 8% as compared to existing works. Additionally, the features selected by MM-EMIFS technique improved the detection accuracy from 89% to 96% as compared to existing techniques. Likewise, on average, the EABDM model increased detection accuracy from 85% to 97.88% and reduced the false positive alarms from 12% to 1% in comparison to existing early detection models. These results demonstrated the ability of the EABDM to improve the detection accuracy of crypto-ransomware attacks early and before the encryption takes place to protect files from being held to ransom

Les transferts de fonds virtuels – une technologie innovatrice et un moyen potentiel de blanchiment d’argent

Travail dirigé présenté à la Faculté des études supérieures et postdoctorales en vue de l’obtention du grade de Maître ès sciences (M.Sc) en Criminologie – Option sécurité intérieureLa globalisation et le progrès technique ont accompagné la croissance de la popularité de l’argent virtuel. Cet intérêt est dû à ses avantages comme son anonymat, ses faibles couts de transfert, la rapidité de ses opérations, la sécurité de ses transferts et sa décentralisation. Cependant, ces avantages sont perçus comme une vraie menace pour les structures d’application de la loi. Le manque de règlementation quant à ces monnaies, la difficulté de retracer les virements des monnaies virtuelles telles que le Bitcoin, d’identifier les participants dans le réseau et le manque d’une base de données rendent cette méthode propice au blanchiment d’argent et au financement du terrorisme. En même temps, le marché relativement réduit du Bitcoin, ainsi que le manque de cas identifiés de blanchiment effectué avec cette monnaie remettent en question cette menace. Ce travail examine les caractéristiques de la monnaie virtuelle et en particulier du Bitcoin, ainsi que le danger que représenterait son utilisation à des fins criminelles (blanchiment d’argent et financement de terrorisme). En présentant les perceptions de ses utilisateurs d’une part et les autorités responsables de l’application de la loi d’autre part, nous essayerons de mieux comprendre pourquoi les personnes l’utilisent et quelle menace elle représente pour les forces de l’ordre. De plus, nous analyserons la traçabilité de cette monnaie, le rôle des autorités d’application de la loi au Québec concernant le Bitcoin et la nécessité d’une future règlementation des monnaies virtuelles.The globalization and technological progress have increased gradually the popularity of the virtual currency. This interest is due to the advantages of the virtual money such as its anonymity, the low transfer costs, the speed of the operations, the safety of the transfers and its decentralization. However, these benefits are perceived as a real threat by the law enforcement structures (authorities). The lack of regulation of the virtual currencies, the impossibility to track transfers of Bitcoin, to identify participants on the network and the lack of a database makes this method suitable for money laundering and terrorist financing. At the same time, the relatively small Bitcoin market and the lack of identified real money laundering cases performed with the virtual currency question this threat. This work tries to examine the characteristics of the virtual currency in general and the Bitcoin case in particular, as well as the threat of its use for criminal purposes (money laundering and financing of terrorism). In presenting the perceptions of the users on the one hand and law enforcement authorities on the other, we will try to better understand why do people use virtual currency and what real threat it poses for the authorities. In addition, we will analyze the traceability of the virtual currency, the role of law enforcement authorities in Quebec on Bitcoin and the need for future regulation of the virtual currencies

Moeda digital: uma exploração bibliométrica do fenómeno Bitcoin

Num mundo cada vez mais globalizado, temos vindo a assistir à emergência da moeda digital e do seu potencial para aumentar a eficiência dos sistemas de pagamento existentes. No entanto, o dinheiro digital pode também ocultar riscos sérios que se podem transformar em perdas financeiras significativas para os seus utilizadores. Perante este cenário os bancos centrais estão preocupados com a manutenção da estabilidade e eficiência do sistema financeiro e em preservar a confiança nas suas moedas, pois as inovações nos pagamentos podem ter implicações importantes para a segurança do sistema bancário. Com o presente estudo pretende-se efetuar uma revisão sistemática do atual estado da arte da literatura científica sobre a moeda digital, focada sobretudo no caso específico da bitcoin, de modo a investigar a forma como este fenómeno tem sido estudado até à presente data. Tendo como base uma síntese crítica sobre os resultados obtidos, nomeadamente o locus e foco das questões, teorias, métodos e descobertas abordados na literatura pesquisada, pretende-se contribuir para a construção de uma visão mais integrada de um fenómeno que se encontra em expansão. Para o efeito, foi utilizada uma abordagem metodológica quantitativa, a qual proporciona ao leitor uma visão mais abrangente da temática abordada. Foi selecionado um corpus de 140 artigos publicados em fontes indexadas no site Scopus, com o qual foi construída uma base de dados. Essa base de dados serviu depois para efetuar uma análise bibliométrica para estudar a evolução do estado da arte sobre a bitcoin por parte da literatura científica.In an increasingly globalized world, we have been witnessing the emergence of digital currency and its potential to increase the efficiency of existing payment systems. However, digital money can also hide serious risks that can turn into significant financial losses for its users. Against this background, central banks are concerned about maintaining the stability and efficiency of the financial system and maintaining confidence in their currencies, as innovations in payments can have important implications for the security of the banking system. In addition, there is great uncertainty about what will be the economic benefit of the digital currency and its effects on the effectiveness of monetary policy. With the present study we intend to carry out a systematic review of the current state of the art of the scientific literature on digital currency, focused mainly on the specific case of bitcoin, in order to investigate the way this phenomenon has been studied to date. Based on a critical synthesis of the results obtained, namely the locus and focus of the issues, theories, methods and discoveries addressed in the researched literature, it is intended to contribute to the construction of a more integrated vision of a phenomenon that is expanding. For this purpose, a quantitative methodological approach, which provides the reader with a more comprehensive view of the subject matter, was used. A corpus of 140 research studies published in sources indexed in the Scopus was selected, with which a database was built. This database was then used to perform a bibliometric analysis to study the evolution of the state of the art on Bitcoin by the scientific literature