First Steps towards Data-Driven Adversarial Deduplication

In traditional databases, the entity resolution problem (which is also known as deduplication)refers to the task of mapping multiple manifestations of virtual objects totheir corresponding real-worldentities. When addressing this problem, in both theory and practice, it is widely assumed that suchsets of virtual objects appear as the result of clerical errors, transliterations, missing or updatedattributes, abbreviations, and so forth. In this paper, we address this problem under the assumptionthat this situation is caused by malicious actors operating in domains in which they do not wishto be identified, such as hacker forums and markets in which the participants are motivated toremain semi-anonymous (though they wish to keep their true identities secret, they find it useful forcustomers to identify their products and services). We are therefore in the presence of a different, andeven more challenging, problem that we refer to as adversarial deduplication. In this paper, we studythis problem via examples that arise from real-world data on malicious hacker forums and marketsarising from collaborations with a cyber threat intelligence company focusing on understanding thiskind of behavior. We argue that it is very difficult—if not impossible—to find ground truth data onwhich to build solutions to this problem, and develop a set of preliminary experiments based ontraining machine learning classifiers that leverage text analysis to detect potential cases of duplicateentities. Our results are encouraging as a first step towards building tools that human analysts canuse to enhance their capabilities towards fighting cyber threats.Fil: Paredes, José Nicolás. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Bahía Blanca. Instituto de Ciencias e Ingeniería de la Computación. Universidad Nacional del Sur. Departamento de Ciencias e Ingeniería de la Computación. Instituto de Ciencias e Ingeniería de la Computación; ArgentinaFil: Simari, Gerardo. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Bahía Blanca. Instituto de Ciencias e Ingeniería de la Computación. Universidad Nacional del Sur. Departamento de Ciencias e Ingeniería de la Computación. Instituto de Ciencias e Ingeniería de la Computación; Argentina. Arizona State University; Estados UnidosFil: Martinez, Maria Vanina. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentina. Universidad de Buenos Aires; ArgentinaFil: Falappa, Marcelo Alejandro. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Bahía Blanca. Instituto de Ciencias e Ingeniería de la Computación. Universidad Nacional del Sur. Departamento de Ciencias e Ingeniería de la Computación. Instituto de Ciencias e Ingeniería de la Computación; Argentin

Challenges of the market for initial coin offerings

This article analyzes the main problems and the solutions adopted in the market for Initial Coin Offerings (ICO), to anticipate the future of this market and determine implications for issuers, investors and regulators. ICOs represent an alternative and innovative financing solution that has experienced spectacular growth and notoriety in recent years. ICOs rely on Blockchain protocols and the ICO market is, therefore, characterized as decentralized, disintermediated and unregulated. Our results show that although the ICO market is innovative, it already displays many of the problems of traditional financial markets, and that these problems were at the genesis of the last financial crisis. Our analysis of the problems and solutions adopted shows a tension between what the Blockchain technology offers, and the problems associated with the financing of innovation. Considering the problems and solutions adopted, we no longer expect the ICO market to be characterized as disintermediated, unregulated or even decentralized in the near future. Furthermore, it is a real possibility that ICOs may end up being a progressor model eventually replaced by similar but more specialized financing models, some of which may already exist. With respect to the particular solutions of the ICO market, while some represent the realization of the potential of Blockchain, others such as forks have important Governance implications with the potential to create as many problems as the ones they addressWe acknowledge financial support from the Spanish Ministry of Economy and Competitiveness, Project PID2020-118064GB-I00 and from the Professorship Excellence Program in accordance with the multi-year agreement signed by the Government of Madrid and the Universidad Aut´onoma de Madrid (Line #3). R. Correia and A. Rezola acknowledge financial support from the Comunidad de Madrid Research Project for Young Researchers (SI3-PJI- 2021-00276). D. Arroyo acknowledges financial support from the Comunidad de Madrid (Spain) under the project CYNAMON (P2018/TCS-4566), and from the Spanish State Research Agency (AEI) of the Ministry of Science and Innovation (MCIN), project P2QProMeTe (PID2020-112586RBI00/ AEI/10.13039/501100011033), co-funded by the European Regional Development Fund (ERDF, EU

Malware and Exploits on the Dark Web

In recent years, the darknet has become the key location for the distribution of malware and exploits. We have seen scenarios where software vulnerabilities have been disclosed by vendors and shortly after, operational exploits are available on darknet forums and marketplaces. Many marketplace vendors offer zero-day exploits that have not yet been discovered or disclosed. This trend has led to security companies offering darknet analysis services to detect new exploits and malware, providing proactive threat intelligence. This paper presents information on the scale of malware distribution, the trends of malware types offered, the methods for discovering new exploits and the effectiveness of darknet analysis in detecting malware at the earliest possible stage.Comment: 5 pages, 0 figure

Innovation as Guided Coevolution: The Trend Micro Case (1998 – 2005)

Innovation is considered crucial for firms to compete effectively. The extant research on innovation has provided significant insights, but, however, the majority examined innovation in the context of technology. Only a few exceptions have explored how social and behavioral factors influence firms in the innovation processes. Based on the coevolution perspective, this study examines innovation process of a software firm participating in the ever-changing information security software industry. We focused on how the firm guided its offerings to coevolve with new technologies and relevant changes among different groups of human actors. Our data reveals that the firm developed different offerings in different periods to cope with the changing driving forces—technologies, users, and hackers—in each period. Effectively identifying the driving forces and guided its offerings to coevolve with them, the firm successfully sustained its competitive advantage in the period characterized with turbulence in the environment.Keywords: innovation, coevolution, software, high-tec

Understanding Hacking-as-a-Service Markets

abstract: An examination of 12 darkweb sites involved in selling hacking services - often referred to as ”Hacking-as-a-Service” (HaaS) sites is performed. Data is gathered and analyzed for 7 months via weekly site crawling and parsing. In this empirical study, after examining over 200 forum threads, common categories of services available on HaaS sites are identified as well as their associated topics of conversation. Some of the most common hacking service categories in the HaaS market include Social Media, Database, and Phone hacking. These types of services are the most commonly advertised; found on over 50\% of all HaaS sites, while services related to Malware and Ransomware are advertised on less than 30\% of these sites. Additionally, an analysis is performed on prices of these services along with their volume of demand and comparisons made between the prices listed in posts seeking services with those sites selling services. It is observed that individuals looking to hire hackers for these services are offering to pay premium prices, on average, 73\% more than what the individual hackers are requesting on their own sites. Overall, this study provides insights into illicit markets for contact based hacking especially with regards to services such as social media hacking, email breaches, and website defacement.Dissertation/ThesisMasters Thesis Computer Science 201

Reasoning about Cyber Threat Actors

abstract: Reasoning about the activities of cyber threat actors is critical to defend against cyber attacks. However, this task is difficult for a variety of reasons. In simple terms, it is difficult to determine who the attacker is, what the desired goals are of the attacker, and how they will carry out their attacks. These three questions essentially entail understanding the attacker’s use of deception, the capabilities available, and the intent of launching the attack. These three issues are highly inter-related. If an adversary can hide their intent, they can better deceive a defender. If an adversary’s capabilities are not well understood, then determining what their goals are becomes difficult as the defender is uncertain if they have the necessary tools to accomplish them. However, the understanding of these aspects are also mutually supportive. If we have a clear picture of capabilities, intent can better be deciphered. If we understand intent and capabilities, a defender may be able to see through deception schemes. In this dissertation, I present three pieces of work to tackle these questions to obtain a better understanding of cyber threats. First, we introduce a new reasoning framework to address deception. We evaluate the framework by building a dataset from DEFCON capture-the-flag exercise to identify the person or group responsible for a cyber attack. We demonstrate that the framework not only handles cases of deception but also provides transparent decision making in identifying the threat actor. The second task uses a cognitive learning model to determine the intent – goals of the threat actor on the target system. The third task looks at understanding the capabilities of threat actors to target systems by identifying at-risk systems from hacker discussions on darkweb websites. To achieve this task we gather discussions from more than 300 darkweb websites relating to malicious hacking.Dissertation/ThesisDoctoral Dissertation Computer Engineering 201

Marketing Aspects of Technology Ventures

Cílem diplomové práce je analýza marketingových nástrojů použitých firmou XAX a následně vyhodnotit a navrhnout zvýšení jejich efektivity. Popis strategie společnosti a faktory ovlivňující budou identifikovány. Práce obsahuje návrhy a doporučení na zvýšení efektivity marketingových nástrojů dané firmy v oblasti High-tech odvětví.The aim of diploma thesis is to analyze marketing tools used in Company XAX and under this condition evaluate and purpose increase efficiency used tools. The current marketing strategy of the company is described and main influencing factors are identified. The thesis contains proposals and recommendations for tools usage in the field of High-tech marketing.

Underground web: the cybercrime challenge

The two papers in this Special Report examine the central role that cybercrime plays in modern society and how technological developments create new opportunities for criminals to exploit. Overview Calum Jeffray’s paper, Caught in the net: the law enforcement response to international cybercrime, surveys the strategic cybercrime landscape and illustrates that, despite calls for law enforcement to ‘do more’ to prevent and investigate cybercrime, the agencies involved are often hampered in acting due to jurisdictional issues or the complexity of the investigations. Tobias Feakin’s paper, Cryptomarkets—illicit goods in the darknet, examines the emergence of the ‘darknet’, where trading in illicit goods and services in online black markets has become increasingly commonplace and exacerbates the problems that law enforcement already faces—tracing and prosecuting illegal activities online. This Special Report includes a foreword by Australian Federal Police Commissioner Andrew Colvin