Building a Theory of Socio-technical Fraud

In the last decade, there has been an unprecedented global adoption of information and communication technologies. While developed countries are more attractive targets and suffer significantly higher losses to cyber-crime as a percentage of their Gross Domestic Product, developing and least-developed countries countries are more vulnerable. Phone-based scams such as phreaking and caller identity spoofing are instances of cyber-fraud, theft and forgery that are very widespread in these countries. Interestingly, deception is at the heart of these cyber-crimes. This paper acknowledges the extant literature on deception detection and the contribution of the related theories of deception, but proposes the development of a theory that treats cyber-deception and fraud as fundamentally socio-technical phenomena. Drawing on Humanities and the socio-anthropological concept of ‘cunning intelligence’, we aim to develop an explanatory lens of fraud that can be applied to different types of cyber-crime

Intrusion Detection in Containerized Environments

In this paper, we present the results of using Hidden Markov Models for learning the behavior of Docker containers. This is for use in anomaly-detection based intrusion detection system. Containers provide isolation between the host system and the containerized environment by efficiently packaging applications along with their dependencies. This way, containers become a portable software environment for applications to run and scale. Unlike virtual machines, containers share the same kernel as the host operating system. This is leveraged to monitor the system calls of the container from the host system for anomaly detection. Thus, the monitoring system is not required to have any knowledge about the container nature, neither does the host system or the container being monitored need to be modified