30 research outputs found
Peer Surveillance in Online Communities
Online communities are not safe spaces for user privacy. Even though existing
research focuses on creating and improving various content moderation
strategies and privacy preserving technologies, platforms hosting online
communities support features allowing users to surveil one another--leading to
harassment, personal data breaches, and offline harm. To tackle this problem,
we introduce a new, work-in-progress framework for analyzing data privacy
within vulnerable, identity-based online communities. Where current SOUPS
papers study surveillance and longitudinal user data as two distinct challenges
to user privacy, more work needs to be done in exploring the sites where
surveillance and historical user data assemble. By synthesizing over 40 years
of developments in the analysis of surveillance, we derive properties of online
communities that enable the abuse of user data by fellow community members and
suggest key steps to improving security for vulnerable users. Deploying this
new framework on new and existing platforms will ensure that online communities
are privacy-conscious and designed more inclusively
The Ethics of Going Deep: Challenges in Machine Learning for Sensitive Security Domains
Sometimes, machine learning models can determine the trajectory of human life, and a series of cascading ethical failures could be irreversible. Ethical concerns are nevertheless set to increase, in particular when the injection of algorithmic forms of decision-making occurs in highly sensitive security contexts. In cybercrime, there have been cases of algorithms that have not identified racist and hateful speeches, as well as missing the identification of Image Based Sexual Abuse cases. Hence, this paper intends to add a voice of caution on the vulnerabilities pervading the different stages of a machine learning development pipeline and the ethical challenges that these potentially nurture and perpetuate. To highlight both the issues and potential fixes in an adversarial environment, we use Child Sexual Exploitation and its implications on the Internet as a case study, being 2021 its worst year according to the Internet Watch Foundation
Understanding and preventing the advertisement and sale of illicit drugs to young people through social media: A multidisciplinary scoping review
ISSUES: The sale of illicit drugs online has expanded to mainstream social media apps. These platforms provide access to a wide audience, especially children and adolescents. Research is in its infancy and scattered due to the multidisciplinary aspects of the phenomena. APPROACH: We present a multidisciplinary systematic scoping review on the advertisement and sale of illicit drugs to young people. Peer-reviewed studies written in English, Spanish and French were searched for the period 2015 to 2022. We extracted data on users, drugs studied, rate of posts, terminology used and study methodology. KEY FINDINGS: A total of 56 peer-reviewed papers were included. The analysis of these highlights the variety of drugs advertised and platforms used to do so. Various methodological designs were considered. Approaches to detecting illicit content were the focus of many studies as algorithms move from detecting drug-related keywords to drug selling behaviour. We found that on average, for the studies reviewed, 13 in 100 social media posts advertise illicit drugs. However, popular platforms used by adolescents are rarely studied. IMPLICATIONS: Promotional content is increasing in sophistication to appeal to young people, shifting towards healthy, glamourous and seemingly legal depictions of drugs. Greater inter-disciplinary collaboration between computational and qualitative approaches are needed to comprehensively study the sale and advertisement of illegal drugs on social media across different platforms. This requires coordinated action from researchers, policy makers and service providers
âInvest in crypto!â: An analysis of investment scam advertisements found in Bitcointalk
This paper investigates the evolution of investment
scam lures and scam-related keywords in the cryptocurrency
online forum Bitcointalk over a period of 12 years. Our findings
show a shift in scam-related keywords found within posts in the
forum, where âPonziâ was the most popular and most frequently
mentioned in 2014 and 2018 and âHYIPâ appeared more often in
2018 and 2021. We also identify that the financial principle is the
tactic more likely to be used to lure people into investment scams
from 2015 until 2017, coinciding with the period when âPonziâ
was the most commonly found keyword. This is followed by a
transition to the authority and distraction principles from 2018
until 2022, which also coincides with the increase of popularity
of âHYIPâ.
We collect more than 17.8M posts from 399k threads from
the forum from July 2010 until June 2022. Our longitudinal
analysis shows the popularity transition between subforums
and keywords across time. We design a categorisation criteria
and annotate 4,218 posts from 2,630 threads based on it. We
then use the annotated sample to train four machine learning
statistical models. We use the best performing model to classify all
281k English-language threads into four categories: overt scams,
potential scams, scam comments and not investment scam related.
We analyze the frequency changes of scam-related threads across
the 12 year period and observe that overt and potential scams
peaked in 2015 and 2018 respectively. We see that potential scams
also increased during the COVID-19 pandemic. We use heuristics
to pinpoint the types of cryptocurrencies most frequently used
within scam advertisements. Bitcoin is most commonly found
in potential scams while Ethereum appears more often than
other cryptocurrencies in overt scams. We use machine learning
classifiers to identify the scam actor types behind the posts
categorised as overt and potential scams. We also classify the
type of lure used by scammers. Our results indicate that the time
principle is not a tactic used as frequently as expected. Finally,
we observe the influence of the pandemic in the strategies used to
lure victims, reflected in higher than expected use of the kindness
principle in 2021 and 2022
The Bitcoin Brain Drain: Examining the Use and Abuse of Bitcoin Brain Wallets
In the cryptocurrency Bitcoin, users can deterministically derive the private keys used for transmitting money from a password. Such âbrain walletsâ are appealing because they free users from storing their private keys on untrusted computers. Unfortunately, they also enable attackers to conduct unlimited offline password guessing. In this paper, we report on the first large-scale measurement of the use of brain wallets in Bitcoin. Using a wide range of word lists, we evaluated around 300 billion passwords. Surprisingly, after excluding activities by researchers, we identified just 884 brain wallets worth around $100K in use from September 2011 to August 2015. We find that all but 21 wallets were drained, usually within 24 h but often within minutes. We find that around a dozen âdrainersâ are competing to liquidate brain wallets as soon as they are funded. We find no evidence that users of brain wallets loaded with more bitcoin select stronger passwords, but we do find that brain wallets with weaker passwords are cracked more quickly
Measuring the Changing Cost of Cybercrime
In 2012 we presented the first systematic study of the costs of cybercrime. In this paper, we report what has changed in the seven years since. The period has seen major platform evolution, with the mobile phone replacing the PC and laptop as the consumer terminal of choice, with Android replacing Windows, and with many services moving to the cloud. The use of social networks has become extremely widespread. The executive summary is that about half of all property crime, by volume and by value, is now online. We hypothesised in 2012 that this might be so; it is now established by multiple victimisation studies. Many cybercrime patterns appear to be fairly stable, but there are some interesting changes. Payment fraud, for example, has more than doubled in value but has fallen slightly as a proportion of payment value; the payment system has simply become bigger, and slightly more efficient. Several new cybercrimes are significant enough to mention, including business email compromise and crimes involving cryptocurrencies. The move to the cloud means that system misconfiguration may now be responsible for as many breaches as phishing. Some companies have suffered large losses as a side-effect of denial-of-service worms released by state actors, such as NotPetya; we have to take a view on whether they count as cybercrime. The infrastructure supporting cybercrime, such as botnets, continues to evolve, and specific crimes such as premium-rate phone scams have evolved some interesting variants. The overall picture is the same as in 2012: traditional offences that are now technically âcomputer crimesâ such as tax and welfare fraud cost the typical citizen in the low hundreds of Euros/dollars a year; payment frauds and similar offences, where the modus operandi has been completely changed by computers, cost in the tens; while the new computer crimes cost in the tens of cents. Defending against the platforms used to support the latter two types of crime cost citizens in the tens of dollars. Our conclusions remain broadly the same as in 2012: it would be economically rational to spend less in anticipation of cybercrime (on antivirus, firewalls, etc.) and more on response. We are particularly bad at prosecuting criminals who operate infrastructure that other wrongdoers exploit. Given the growing realisation among policymakers that crime hasnât been falling over the past decade, merely moving online, we might reasonably hope for better funded and coordinated law-enforcement action
Investigating MMM Ponzi scheme on Bitcoin
Cybercriminals exploit cryptocurrencies to carry out illicit activities. In
this paper, we focus on Ponzi schemes that operate on Bitcoin and perform an
in-depth analysis of MMM, one of the oldest and most popular Ponzi schemes.
Based on 423K transactions involving 16K addresses, we show that: (1) Starting
Sep 2014, the scheme goes through three phases over three years. At its peak,
MMM circulated more than 150M dollars a day, after which it collapsed by the
end of Jun 2016. (2) There is a high income inequality between MMM members,
with the daily Gini index reaching more than 0.9. The scheme also exhibits a
zero-sum investment model, in which one member's loss is another member's gain.
The percentage of victims who never made any profit has grown from 0% to 41% in
five months, during which the top-earning scammer has made 765K dollars in
profit. (3) The scheme has a global reach with 80 different member countries
but a highly-asymmetrical flow of money between them. While India and Indonesia
have the largest pairwise flow in MMM, members in Indonesia have received 12x
more money than they have sent to their counterparts in India
SmartOTPs: An Air-Gapped 2-Factor Authentication for Smart-Contract Wallets
With the recent rise of cryptocurrencies' popularity, the security and
management of crypto-tokens have become critical. We have witnessed many
attacks on users and providers, which have resulted in significant financial
losses. To remedy these issues, several wallet solutions have been proposed.
However, these solutions often lack either essential security features,
usability, or do not allow users to customize their spending rules.
In this paper, we propose SmartOTPs, a smart-contract wallet framework that
gives a flexible, usable, and secure way of managing crypto-tokens in a
self-sovereign fashion. The proposed framework consists of four components
(i.e., an authenticator, a client, a hardware wallet, and a smart contract),
and it provides 2-factor authentication (2FA) performed in two stages of
interaction with the blockchain. To the best of our knowledge, our framework is
the first one that utilizes one-time passwords (OTPs) in the setting of the
public blockchain. In SmartOTPs, the OTPs are aggregated by a Merkle tree and
hash chains whereby for each authentication only a short OTP (e.g., 16B-long)
is transferred from the authenticator to the client. Such a novel setting
enables us to make a fully air-gapped authenticator by utilizing small QR codes
or a few mnemonic words, while additionally offering resilience against quantum
cryptanalysis. We have made a proof-of-concept based on the Ethereum platform.
Our cost analysis shows that the average cost of a transfer operation is
comparable to existing 2FA solutions using smart contracts with
multi-signatures
Measuring the changing cost of cybercrime
In 2012 we presented the rst systematic study of the costs of cybercrime. In this paper,
we report what has changed in the seven years since. The period has seen major platform
evolution, with the mobile phone replacing the PC and laptop as the consumer terminal
of choice, with Android replacing Windows, and with many services moving to the cloud.
The use of social networks has become extremely widespread. The executive summary is
that about half of all property crime, by volume and by value, is now online. We hypothesised
in 2012 that this might be so; it is now established by multiple victimisation studies.
Many cybercrime patterns appear to be fairly stable, but there are some interesting changes.
Payment fraud, for example, has more than doubled in value but has fallen slightly as a
proportion of payment value; the payment system has simply become bigger, and slightly
more ecient. Several new cybercrimes are signicant enough to mention, including business
email compromise and crimes involving cryptocurrencies. The move to the cloud means that
system misconguration may now be responsible for as many breaches as phishing. Some
companies have suered large losses as a side-eect of denial-of-service worms released by
state actors, such as NotPetya; we have to take a view on whether they count as cybercrime.
The infrastructure supporting cybercrime, such as botnets, continues to evolve, and specic
crimes such as premium-rate phone scams have evolved some interesting variants. The overall
picture is the same as in 2012: traditional oences that are now technically `computer
crimes' such as tax and welfare fraud cost the typical citizen in the low hundreds of Euros/
dollars a year; payment frauds and similar oences, where the modus operandi has been
completely changed by computers, cost in the tens; while the new computer crimes cost in
the tens of cents. Defending against the platforms used to support the latter two types of
crime cost citizens in the tens of dollars. Our conclusions remain broadly the same as in 2012:
it would be economically rational to spend less in anticipation of cybercrime (on antivirus,
rewalls, etc.) and more on response. We are particularly bad at prosecuting criminals who
operate infrastructure that other wrongdoers exploit. Given the growing realisation among
policymakers that crime hasn't been falling over the past decade, merely moving online, we
might reasonably hope for better funded and coordinated law-enforcement action