Hidden and Uncontrolled - On the Emergence of Network Steganographic Threats

Network steganography is the art of hiding secret information within innocent network transmissions. Recent findings indicate that novel malware is increasingly using network steganography. Similarly, other malicious activities can profit from network steganography, such as data leakage or the exchange of pedophile data. This paper provides an introduction to network steganography and highlights its potential application for harmful purposes. We discuss the issues related to countering network steganography in practice and provide an outlook on further research directions and problems.Comment: 11 page

Mining bipartite graphs to improve semantic pedophile activity detection

International audiencePeer-to-peer (P2P) networks are popular to exchange large volumes of data through the Internet. Paedophile activity is a very important topic for our society and some works have recently attempted to gauge the extent of paedophile exchanges on P2P networks. A key issue is to obtain an efficient detection tool, which may decide if a sequence of keywords is related to the topic or not. We propose to use social network analysis in a large dataset from a P2P network to improve a state-of-the-art filter for paedophile queries. We obtain queries and thus combinations of words which are not tagged by the filter but should be. We also perform some experiments to explore if the original four categories of paedophile queries were to be found by topological measures only

A systematic survey of online data mining technology intended for law enforcement

As an increasing amount of crime takes on a digital aspect, law enforcement bodies must tackle an online environment generating huge volumes of data. With manual inspections becoming increasingly infeasible, law enforcement bodies are optimising online investigations through data-mining technologies. Such technologies must be well designed and rigorously grounded, yet no survey of the online data-mining literature exists which examines their techniques, applications and rigour. This article remedies this gap through a systematic mapping study describing online data-mining literature which visibly targets law enforcement applications, using evidence-based practices in survey making to produce a replicable analysis which can be methodologically examined for deficiencies

Child Pornography and Child Sexual Abuse in the 21st Century: A Critical Overview of the Technological Shifts in Distribution, the Academic Literature, and the Current Re-Entry Policies for Convicts of these Crimes

This capstone project focuses on four distinct but interrelated papers. The first details the role of technology in creating a resurgence of child pornography and how both the authorities and corporations have responded to this phenomenon. The second paper provides a literature review on research assessing the amount of child pornography consumers who victimize children. The third work is my own original research on the topic explored in the second paper. The fourth and final paper explains the post-incarceration consequences child pornography possessors often encounter and how they reintegrate into society, in addition to assessing the flaws and successes of these approaches. The overarching theme of this capstone project is to detail why this topic is a major concern and not a single criminal justice problem. By describing how child pornography rose to prominence in the 21st century as a major criminal justice concern, why there is more to the issue than the production, distribution, and consumption of child pornography, and the current approaches to preventing these individuals from reoffending after their release from prison, I aim to provide the reader with an understanding of how the consumption of child pornography is a major issue and how the United States can implement more robust approaches to assessing and confronting it

Design of a Controlled Language for Critical Infrastructures Protection

We describe a project for the construction of controlled language for critical infrastructures protection (CIP). This project originates from the need to coordinate and categorize the communications on CIP at the European level. These communications can be physically represented by official documents, reports on incidents, informal communications and plain e-mail. We explore the application of traditional library science tools for the construction of controlled languages in order to achieve our goal. Our starting point is an analogous work done during the sixties in the field of nuclear science known as the Euratom Thesaurus.JRC.G.6-Security technology assessmen

Digital behaviours and cognitions of individuals convicted of online child pornography offences

BACKGROUND: Modern Child Sexual Exploitation Material (CSEM) offences predominantly occur within a technological ecosystem. The behaviours and cognitions of CSEM offenders influence, and are influenced by, their choice of facilitative technologies that form that ecosystem. OBJECTIVES: This thesis will review the prior research on cognitive distortions present in and technology usage by CSEM offenders, and present a new theory, Lawless Space Theory (LST), to explain those interactions. The cognitions and technical behaviours of previously convicted CSEM offenders will be examined in a psychosocial context and recommendations for deterrence, investigative, and treatment efforts made. PARTICIPANTS AND SETTING: Data was collected using an online survey collected from two samples, one from a reference population of the general public (n=524) and one from a population of previously convicted CSEM offenders (n=78), both of which were composed of adults living in the United States. METHODS: Two reviews were conducted using a PRISMA methodology - a systematic review of the cognitive distortions of CSEM offenders and an integrative review of their technology usage. A theoretical basis for LST was developed, and then seven investigations of the survey data were conducted evaluating the public’s endorsement of lawless spaces; the public’s perceptions of CSEM offenders; the self-perceptions of CSEM offenders; the suicidality of the offender sample; the use of technology and countermeasures by the offender sample; the collecting and viewing behaviours of the offender sample; and the idiographic profiles of the offender sample. RESULTS: The reviews found that the endorsement of traditional child contact offender cognitive distortions by CSEM offenders was low, and that they continued to use technology beyond its normative lifecycle. LST was developed to explain these behaviours, and the view of the Internet as generally lawless was endorsed by the reference and offender samples. The public sample showed biased beliefs that generally overestimated the prevalence of, and risk associated with, CSEM offending when compared to the offender sample. Offenders were found to have viewed investigators as having a lack of understanding and compassion, and they exhibited very high suicidal ideation following their interaction with law enforcement. Offenders exhibited similar technical abilities and lower technophilia than the reference sample, chose technologies to both reduce psychological strain and for utility purposes, and many exhibited cyclic deletions of their collections as part of a guilt/shame cycle. CONCLUSIONS AND IMPLICATIONS: Understanding CSEM offenders’ technological behaviours and cognitions can inform more effective investigative, deterrence, and treatment efforts. Law enforcement showing compassion during investigations may generate more full disclosures while facilitating offender engagement with resources to reduce suicidality. Deterrence efforts focused on establishing capable guardianship and reducing perceived lawlessness provide the potential to reduce offending. Treatment of criminogenic needs for the majority of CSEM offenders is not supported by evidence, but non-criminogenic treatment warrants broader consideration

Future of the Internet--and how to stop it

vi, 342 p. : ill. ; 25 cmLibro ElectrónicoOn January 9, 2007, Steve Jobs introduced the iPhone to an eager audience crammed into San Francisco’s Moscone Center.1 A beautiful and brilliantly engineered device, the iPhone blended three products into one: an iPod, with the highest-quality screen Apple had ever produced; a phone, with cleverly integrated functionality, such as voicemail that came wrapped as separately accessible messages; and a device to access the Internet, with a smart and elegant browser, and with built-in map, weather, stock, and e-mail capabilities. It was a technical and design triumph for Jobs, bringing the company into a market with an extraordinary potential for growth, and pushing the industry to a new level of competition in ways to connect us to each other and to the Web.Includes bibliographical references (p. 249-328) and index Acceso restringido a miembros del Consorcio de Bibliotecas Universitarias de Andalucía Electronic reproduction. Palo Alto, Calif. : ebrary, 2009 Modo de acceso : World Wide Webpt. 1. The rise and stall of the generative Net -- Battle of the boxes -- Battle of the networks -- Cybersecurity and the generative dilemma -- pt. 2. After the stall -- The generative pattern -- Tethered appliances, software as service, and perfect enforcement -- The lessons of Wikipedia -- pt. 3. Solutions -- Stopping the future of the Internet : stability on a generative Net -- Strategies for a generative future -- Meeting the risks of generativity : Privacy 2.0. Index32

Data quality measures for identity resolution

The explosion in popularity of online social networks has led to increased interest in identity resolution from security practitioners. Being able to connect together the multiple online accounts of a user can be of use in verifying identity attributes and in tracking the activity of malicious users. At the same time, privacy researchers are exploring the same phenomenon with interest in identifying privacy risks caused by re-identification attacks. Existing literature has explored how particular components of an online identity may be used to connect profiles, but few if any studies have attempted to assess the comparative value of information attributes. In addition, few of the methods being reported are easily comparable, due to difficulties with obtaining and sharing ground- truth data. Attempts to gain a comprehensive understanding of the identifiability of profile attributes are hindered by these issues. With a focus on overcoming these hurdles to effective research, this thesis first develops a methodology for sampling ground-truth data from online social networks. Building on this with reference to both existing literature and samples of real profile data, this thesis describes and grounds a comprehensive matching schema of profile attributes. The work then defines data quality measures which are important for identity resolution, and measures the availability, consistency and uniqueness of the schema’s contents. The developed measurements are then applied in a feature selection scheme to reduce the impact of missing data issues common in identity resolution. Finally, this thesis addresses the purposes to which identity resolution may be applied, defining the further application-oriented data quality measurements of novelty, veracity and relevance, and demonstrating their calculation and application for a particular use case: evaluating the social engineering vulnerability of an organisation

Access Denied

A study of Internet blocking and filtering around the world: analyses by leading researchers and survey results that document filtering practices in dozens of countries.Many countries around the world block or filter Internet content, denying access to information that they deem too sensitive for ordinary citizens—most often about politics, but sometimes relating to sexuality, culture, or religion. Access Denied documents and analyzes Internet filtering practices in more than three dozen countries, offering the first rigorously conducted study of an accelerating trend. Internet filtering takes place in more than three dozen states worldwide, including many countries in Asia, the Middle East, and North Africa. Related Internet content-control mechanisms are also in place in Canada, the United States and a cluster of countries in Europe. Drawing on a just-completed survey of global Internet filtering undertaken by the OpenNet Initiative (a collaboration of the Berkman Center for Internet and Society at Harvard Law School, the Citizen Lab at the University of Toronto, the Oxford Internet Institute at Oxford University, and the University of Cambridge) and relying on work by regional experts and an extensive network of researchers, Access Denied examines the political, legal, social, and cultural contexts of Internet filtering in these states from a variety of perspectives. Chapters discuss the mechanisms and politics of Internet filtering, the strengths and limitations of the technology that powers it, the relevance of international law, ethical considerations for corporations that supply states with the tools for blocking and filtering, and the implications of Internet filtering for activist communities that increasingly rely on Internet technologies for communicating their missions. Reports on Internet content regulation in forty different countries follow, with each two-page country profile outlining the types of content blocked by category and documenting key findings.ContributorsRoss Anderson, Malcolm Birdling, Ronald Deibert, Robert Faris, Vesselina Haralampieva [as per Rob Faris], Steven Murdoch, Helmi Noman, John Palfrey, Rafal Rohozinski, Mary Rundle, Nart Villeneuve, Stephanie Wang, Jonathan Zittrai