Hardening Tor Hidden Services

Tor is an overlay anonymization network that provides anonymity for clients surfing the web but also allows hosting anonymous services called hidden services. These enable whistleblowers and political activists to express their opinion and resist censorship. Administrating a hidden service is not trivial and requires extensive knowledge because Tor uses a comprehensive protocol and relies on volunteers. Meanwhile, attackers can spend significant resources to decloak them. This thesis aims to improve the security of hidden services by providing practical guidelines and a theoretical architecture. First, vulnerabilities specific to hidden services are analyzed by conducting an academic literature review. To model realistic real-world attackers, court documents are analyzed to determine their procedures. Both literature reviews classify the identified vulnerabilities into general categories. Afterward, a risk assessment process is introduced, and existing risks for hidden services and their operators are determined. The main contributions of this thesis are practical guidelines for hidden service operators and a theoretical architecture. The former provides operators with a good overview of practices to mitigate attacks. The latter is a comprehensive infrastructure that significantly increases the security of hidden services and alleviates problems in the Tor protocol. Afterward, limitations and the transfer into practice are analyzed. Finally, future research possibilities are determined

Wide-Area Situation Awareness based on a Secure Interconnection between Cyber-Physical Control Systems

Posteriormente, examinamos e identificamos los requisitos especiales que limitan el diseño y la operación de una arquitectura de interoperabilidad segura para los SSC (particularmente los SCCF) del smart grid. Nos enfocamos en modelar requisitos no funcionales que dan forma a esta infraestructura, siguiendo la metodología NFR para extraer requisitos esenciales, técnicas para la satisfacción de los requisitos y métricas para nuestro modelo arquitectural. Estudiamos los servicios necesarios para la interoperabilidad segura de los SSC del SG revisando en profundidad los mecanismos de seguridad, desde los servicios básicos hasta los procedimientos avanzados capaces de hacer frente a las amenazas sofisticadas contra los sistemas de control, como son los sistemas de detección, protección y respuesta ante intrusiones. Nuestro análisis se divide en diferentes áreas: prevención, consciencia y reacción, y restauración; las cuales general un modelo de seguridad robusto para la protección de los sistemas críticos. Proporcionamos el diseño para un modelo arquitectural para la interoperabilidad segura y la interconexión de los SCCF del smart grid. Este escenario contempla la interconectividad de una federación de proveedores de energía del SG, que interactúan a través de la plataforma de interoperabilidad segura para gestionar y controlar sus infraestructuras de forma cooperativa. La plataforma tiene en cuenta las características inherentes y los nuevos servicios y tecnologías que acompañan al movimiento de la Industria 4.0. Por último, presentamos una prueba de concepto de nuestro modelo arquitectural, el cual ayuda a validar el diseño propuesto a través de experimentaciones. Creamos un conjunto de casos de validación que prueban algunas de las funcionalidades principales ofrecidas por la arquitectura diseñada para la interoperabilidad segura, proporcionando información sobre su rendimiento y capacidades.Las infraestructuras críticas (IICC) modernas son vastos sistemas altamente complejos, que precisan del uso de las tecnologías de la información para gestionar, controlar y monitorizar el funcionamiento de estas infraestructuras. Debido a sus funciones esenciales, la protección y seguridad de las infraestructuras críticas y, por tanto, de sus sistemas de control, se ha convertido en una tarea prioritaria para las diversas instituciones gubernamentales y académicas a nivel mundial. La interoperabilidad de las IICC, en especial de sus sistemas de control (SSC), se convierte en una característica clave para que estos sistemas sean capaces de coordinarse y realizar tareas de control y seguridad de forma cooperativa. El objetivo de esta tesis se centra, por tanto, en proporcionar herramientas para la interoperabilidad segura de los diferentes SSC, especialmente los sistemas de control ciber-físicos (SCCF), de forma que se potencie la intercomunicación y coordinación entre ellos para crear un entorno en el que las diversas infraestructuras puedan realizar tareas de control y seguridad cooperativas, creando una plataforma de interoperabilidad segura capaz de dar servicio a diversas IICC, en un entorno de consciencia situacional (del inglés situational awareness) de alto espectro o área (wide-area). Para ello, en primer lugar, revisamos las amenazas de carácter más sofisticado que amenazan la operación de los sistemas críticos, particularmente enfocándonos en los ciberataques camuflados (del inglés stealth) que amenazan los sistemas de control de infraestructuras críticas como el smart grid. Enfocamos nuestra investigación al análisis y comprensión de este nuevo tipo de ataques que aparece contra los sistemas críticos, y a las posibles contramedidas y herramientas para mitigar los efectos de estos ataques

The Failure of the Surveillance State: Observation, Narrative and Identity in American Literature and Culture Since the Cold War

This dissertation examines an aporia in Michel Foucault\u27s analysis of ideological panopticism. Foucault would likely suggest that the contemporary widespread use and acceptance of second-generation surveillance technologies exemplifies the discursive circulation of panoptic ideology. To the contrary, there is a great deal of evidence that suggests that such technology can be used for, to borrow Steve Mann\u27s phrase, sousveillance (or, literally, to watch from below ). By drawing from Niklas Luhmann\u27s and Gregory Bateson\u27s examinations of the inherent blind spots of observation systems (both literal and metaphorical), this dissertation suggests that sousveillance posits a challenge to the theoretically neat (according to Foucault) ideological function of surveillance. Moreover, this dissertation draws from Chilean biologists and systems theorists Humberto Maturana and Francisco Varela\u27s concept of autopoiesis, or self-creation, in order to examine how the second-generation surveillance camera facilitates opportunities to discursively express and forge identities that are not so neatly explained by the limited possibilities of ideological interpellation.;This project approaches these issues by examining a triangulated, discursive relationship between surveillance, narrative, and subjectivity as it manifests in contemporary American culture, and it locates examples of this triangulated relationship in both the form and content of various postmodern, cultural products such as Don DeLillo\u27s novel Cosmopolis, Anna Deavere Smith\u27s stage play Twilight: Los Angeles, 1992, Hasan Elahi\u27s digital art installation Tracking Transience, and David Simon\u27s HBO series The Wire. The Failure of the Surveillance State ultimately posits that panoptic power does not function as neatly as Foucault proposed and that the failures and blind spots of contemporary surveillance systems provide significant possibilities for reconsidering and reconstructing theoretical models of subjectivity, agency, and narrative. It concludes by asserting that these failures have become embedded in emerging narrative frameworks that have moved away from the authority of a singular narrator to a practice that mirrors an infinite regress of secondary observers in multiple points-of-view narrative frameworks (as in the case of Jennifer Egan\u27s novel A Visit from the Goon Squad)

The Illinois Biometric Privacy Act: History, Developments, And Adapting Protection for the Future

Biometric technology, used to identify individuals based on their unique, unchangeable attributes such as fingerprints, face prints, and retinas, has grown in use over the last five to ten years as biometrics are incorporated into popular devices and different areas of our lives.1 Today, many people around the world use their face or their thumbprint as a password to unlock their smartphone or complete transactions, and many others use the technology to clock in at work, to see who rang their doorbell at home, or to access secure facilities

Wide spectrum attribution: Using deception for attribution intelligence in cyber attacks

Modern cyber attacks have evolved considerably. The skill level required to conduct a cyber attack is low. Computing power is cheap, targets are diverse and plentiful. Point-and-click crimeware kits are widely circulated in the underground economy, while source code for sophisticated malware such as Stuxnet is available for all to download and repurpose. Despite decades of research into defensive techniques, such as firewalls, intrusion detection systems, anti-virus, code auditing, etc, the quantity of successful cyber attacks continues to increase, as does the number of vulnerabilities identified. Measures to identify perpetrators, known as attribution, have existed for as long as there have been cyber attacks. The most actively researched technical attribution techniques involve the marking and logging of network packets. These techniques are performed by network devices along the packet journey, which most often requires modification of existing router hardware and/or software, or the inclusion of additional devices. These modifications require wide-scale infrastructure changes that are not only complex and costly, but invoke legal, ethical and governance issues. The usefulness of these techniques is also often questioned, as attack actors use multiple stepping stones, often innocent systems that have been compromised, to mask the true source. As such, this thesis identifies that no publicly known previous work has been deployed on a wide-scale basis in the Internet infrastructure. This research investigates the use of an often overlooked tool for attribution: cyber de- ception. The main contribution of this work is a significant advancement in the field of deception and honeypots as technical attribution techniques. Specifically, the design and implementation of two novel honeypot approaches; i) Deception Inside Credential Engine (DICE), that uses policy and honeytokens to identify adversaries returning from different origins and ii) Adaptive Honeynet Framework (AHFW), an introspection and adaptive honeynet framework that uses actor-dependent triggers to modify the honeynet envi- ronment, to engage the adversary, increasing the quantity and diversity of interactions. The two approaches are based on a systematic review of the technical attribution litera- ture that was used to derive a set of requirements for honeypots as technical attribution techniques. Both approaches lead the way for further research in this field

Developing Cyberspace Data Understanding: Using CRISP-DM for Host-based IDS Feature Mining

Current intrusion detection systems generate a large number of specific alerts, but do not provide actionable information. Many times, these alerts must be analyzed by a network defender, a time consuming and tedious task which can occur hours or days after an attack occurs. Improved understanding of the cyberspace domain can lead to great advancements in Cyberspace situational awareness research and development. This thesis applies the Cross Industry Standard Process for Data Mining (CRISP-DM) to develop an understanding about a host system under attack. Data is generated by launching scans and exploits at a machine outfitted with a set of host-based data collectors. Through knowledge discovery, features are identified within the data collected which can be used to enhance host-based intrusion detection. By discovering relationships between the data collected and the events, human understanding of the activity is shown. This method of searching for hidden relationships between sensors greatly enhances understanding of new attacks and vulnerabilities, bolstering our ability to defend the cyberspace domain

Threats to Autonomy from Emerging ICT’s

This thesis investigates possible future threats to human autonomy created by currently emerging ICT’s. Prepared for evaluation as PhD by Publication, it consists of four journal papers and one book chapter, together with explanatory material. The ICT’s under examination are drawn from the results of the ETICA project, which sought to identify emerging ICT’s of ethical import. We first evaluate this research and identify elements in need of enhancement – the social aspects pertaining to ethical impact and the need to introduce elements of General Systems Theory in order to account for ICT’s as socio-technical systems. The first two publications for evaluation present arguments from marxist and capitalist perspectives which provide an account of the social dimensions through which an ICT can reduce human autonomy. There are many competing accounts of what constitutes human autonomy. These may be grouped into classes by their primary characteristics. The third publication for evaluation cross-references these classes with the ICT’s identified by the ETICA project, showing which version of autonomy could be restricted by each ICT and how. Finally, this paper induces from this analysis some general characteristics which any ICT must exhibit if it is to restrict autonomy of any form. Since ICT’s all operate in the same environment, the ultimate effect on the individual is the aggregated effect of all those ICT’s with which they interact and can be treated as an open system. Our fourth paper for evaluation therefore develops a theory of ICT’s as systems of a socio-technical nature, titled “Integrated Domain Theory”. Our fifth publication uses Integrated Domain Theory to explore the manner in which sociotechnical systems can restrict human autonomy, no matter how conceived. This thesis thus offers two complementary answers to the primary research question

Whistleblowing for Change

The courageous acts of whistleblowing that inspired the world over the past few years have changed our perception of surveillance and control in today's information society. But what are the wider effects of whistleblowing as an act of dissent on politics, society, and the arts? How does it contribute to new courses of action, digital tools, and contents? This urgent intervention based on the work of Berlin's Disruption Network Lab examines this growing phenomenon, offering interdisciplinary pathways to empower the public by investigating whistleblowing as a developing political practice that has the ability to provoke change from within

Foucault 2.0: Discipline, Governmentality and Ethics

The rise of globalisation, along with the proliferation of the internet and the development of groundbreaking technologies like artificial intelligence, machine learning and blockchain technology has, in the twenty-first century, given rise to a complex nexus of mutable relations that lends itself to a continuation and recontextualization of the kind of philosophical explorations and analyses that Michel Foucault started in the previous century. This then is what this thesis sets out to do, with the ultimate goal of seeing what lessons we can learn from Foucault, particularly in the context of the modern organisation and business ethics. This thesis tracks the trajectory of the subject through Foucault’s work on power, governmentality, and ethics. Central to this, is the question of how Foucault’s analysis may be applied to the contemporary networked, high-tech social context today’s subject finds himself in. I contend that today’s subject constitutes itself in a way that is very different from the subject of any preceding epoch. The subject of today is a divided subject, a type of Deleuzian "dividual" who occupies both the physical world as well as the virtual one. In order to understand how the modern subject constitutes itself within the current socio-economic and technological environment, I use a quasi-Foucauldian methodology. However, instead of analysing practices in hospitals, sanitariums, schools or clinics, my focus is on the twenty-first century enterprise - on companies and corporations as microcosms of a larger social, economic and technological macrocosm. This entails a thoroughgoing investigation into the twenty-first century organisation - its discourses, its mechanisms of power, domination, and control, “managementality”, and the care of the self or the self-constitution of the contemporary working subject. Ultimately, this results in an attempt to unearth an entirely new perspective on ethics, particularly in business.A importância cada vez mais reforçada da globalização, em conjunto com a expansão da internet e o desenvolvimento de tecnologias pioneiras, tais como a inteligência artificial, machine learning e as tecnologias de block chain, têm dado origem, no século XXI, a um nexo complexo de relações mutáveis que se adequa a uma continuação e uma recontextualização da atividade exploratória e analítica filosófica que Michel Foucault iniciou no século passado. Neste sentido, o principal objetivo desta tese prende-se com uma examinação das lições que podemos tirar dos conceitos de Foucault, e em particular, no contexto da organização empresarial contemporânea e de ética empresarial. Esta tese acompanha a trajetória do tema através da obra de Foucault nas áreas de poder, governamentalidade e ética, tendo como cerne especial a questão de como a análise de Foucault pode ser aplicada no contexto social, contemporâneo, high-tech, e online, no qual o tema se insere. O tema abordado, hoje em dia, é constituído de uma forma bem diferente a qualquer abordagem feita no passado, considerando, agora, que se trata de um sujeito dividido, um tipo de “dividual” Deleuziano que ocupa o mundo físico e o mundo virtual ao mesmo tempo. Para entender como o sujeito moderno se constitui no ambiente socioeconómico e tecnológico atual, uma metodologia quase-Foucaultiana é usada. Contudo, em vez de analisar estas práticas em hospitais, sanitários, escolas ou clínicas, pretende-se focar nas empresas do século XXI, olhando-as como microcosmos de um macrocosmo social, económico e tecnológico mais abrangente. Isto implica investigar a organização empresarial do século XXI – os seus discursos, os seus mecanismos de poder, a sua dominação e controlo, a sua managementality, e a noção de cuidar de si e como se constitui como um sujeito trabalhador contemporâneo. Por último, pretende-se apontar para uma nova perspetiva sobre a ética, sobretudo, na área de negócios

Whistleblowing for Change

The courageous acts of whistleblowing that inspired the world over the past few years have changed our perception of surveillance and control in today's information society. But what are the wider effects of whistleblowing as an act of dissent on politics, society, and the arts? How does it contribute to new courses of action, digital tools, and contents? This urgent intervention based on the work of Berlin's Disruption Network Lab examines this growing phenomenon, offering interdisciplinary pathways to empower the public by investigating whistleblowing as a developing political practice that has the ability to provoke change from within