Adaptive Traffic Fingerprinting for Darknet Threat Intelligence

Darknet technology such as Tor has been used by various threat actors for organising illegal activities and data exfiltration. As such, there is a case for organisations to block such traffic, or to try and identify when it is used and for what purposes. However, anonymity in cyberspace has always been a domain of conflicting interests. While it gives enough power to nefarious actors to masquerade their illegal activities, it is also the cornerstone to facilitate freedom of speech and privacy. We present a proof of concept for a novel algorithm that could form the fundamental pillar of a darknet-capable Cyber Threat Intelligence platform. The solution can reduce anonymity of users of Tor, and considers the existing visibility of network traffic before optionally initiating targeted or widespread BGP interception. In combination with server HTTP response manipulation, the algorithm attempts to reduce the candidate data set to eliminate client-side traffic that is most unlikely to be responsible for server-side connections of interest. Our test results show that MITM manipulated server responses lead to expected changes received by the Tor client. Using simulation data generated by shadow, we show that the detection scheme is effective with false positive rate of 0.001, while sensitivity detecting non-targets was 0.016+-0.127. Our algorithm could assist collaborating organisations willing to share their threat intelligence or cooperate during investigations.Comment: 26 page

Proactive threat detection for connected cars using recursive Bayesian estimation

Upcoming disruptive technologies around autonomous driving of connected cars have not yet been matched with appropriate security by design principles and lack approaches to incorporate proactive preventative measures in the wake of increased cyber-threats against such systems. In this paper, we introduce proactive anomaly detection to a use-case of hijacked connected cars to improve cyber-resilience. First, we manifest the opportunity of behavioral profiling for connected cars from recent literature covering related underpinning technologies. Then, we design and utilize a new data set file for connected cars influenced by the automatic dependent surveillance-broadcast surveillance technology used in the aerospace industry to facilitate data collection and sharing. Finally, we simulate the analysis of travel routes in real time to predict anomalies using predictive modeling. Simulations show the applicability of a Bayesian estimation technique, namely, Kalman filter. With the analysis of future state predictions based on the previous behavior, cyber-threats can be addressed with a vastly increased time window for a reaction when encountering anomalies. We discuss that detecting real-time deviations for malicious intent with the predictive profiling and behavioral algorithms can be superior in effectiveness than the retrospective comparison of known-good/known-bad behavior. When quicker action can be taken while connected cars encounter cyberattacks, more effective engagement or interception of command and control will be achieved

Arabic text classification methods: Systematic literature review of primary studies

Recent research on Big Data proposed and evaluated a number of advanced techniques to gain meaningful information from the complex and large volume of data available on the World Wide Web. To achieve accurate text analysis, a process is usually initiated with a Text Classification (TC) method. Reviewing the very recent literature in this area shows that most studies are focused on English (and other scripts) while attempts on classifying Arabic texts remain relatively very limited. Hence, we intend to contribute the first Systematic Literature Review (SLR) utilizing a search protocol strictly to summarize key characteristics of the different TC techniques and methods used to classify Arabic text, this work also aims to identify and share a scientific evidence of the gap in current literature to help suggesting areas for further research. Our SLR explicitly investigates empirical evidence as a decision factor to include studies, then conclude which classifier produced more accurate results. Further, our findings identify the lack of standardized corpuses for Arabic text; authors compile their own, and most of the work is focused on Modern Arabic with very little done on Colloquial Arabic despite its wide use in Social Media Networks such as Twitter. In total, 1464 papers were surveyed from which 48 primary studies were included and analyzed

A spin-coherent semiconductor photo-detector for quantum communication

We describe how quantum information may be transferred from photon polarization to electron spin in a semiconductor device. The transfer of quantum information relies on selection rules for optical transitions, such that two superposed photon polarizations excite two superposed spin states. Entanglement of the electron spin state with the spin state of the remaining hole is prevented by using a single, non-degenerate initial valence band. The degeneracy of the valence band is lifted by the combination of strain and a static magnetic field. We give a detailed description of a semiconductor structure that transfers photon polarization to electron spin coherently, and allows electron spins to be stored and to be made available for quantum information processing.Comment: To be published in the proceedings of the 11th International Winterschool on New Developments in Solid State Physics, 21 - 25 February, 2000, Mauterndorf, Austria (Physica E, Sept. 2000). 5 pages, 4 figures Revised with updated work on light-hole/heavy-hole selection rule

‘The language is disgusting and they refer to my disability’: the cyberharassment of disabled people

Disabled people face hostility and harassment in their sociocultural environment. The use of electronic-communications creates an online context that further reshape this discrimination. We explored the experiences of 19 disabled victims of cyberharassment. Five themes emerged from the study: disability and health consequences, family involvement, misrepresentation of self, perceived complexity, and lack of awareness and expertise. Cyberharassment incidents against disabled people were influenced by the pre-existing impairment, perceived hate-targeting, and perpetrators faking disability to get closer to victims online. Our findings highlight a growing issue requiring action and proper support

AdPExT: designing a tool to assess information gleaned from browsers by online advertising platforms

The world of online advertising is directly dependent on data collection of the online browsing habits of individuals to enable effective advertisement targeting and retargeting. However, these data collection practices can cause leakage of private data belonging to website visitors (end-users) without their knowledge. The growing privacy concern of end-users is amplified by a lack of trust and understanding of what and how advertisement trackers are collecting and using their data. This paper presents an investigation to restore the trust or validate the concerns. We aim to facilitate the assessment of the actual end-user related data being collected by advertising platforms (APs) by means of a critical discussion but also the development of a new tool, AdPExT (Advertising Parameter Extraction Tool), which can be used to extract third-party parameter key-value pairs at an individual key-value level. Furthermore, we conduct a survey covering mostly United Kingdom-based frequent internet users to gather the perceived sensitivity sentiment for various representative tracking parameters. End-users have a definite concern with regards to advertisement tracking of sensitive data by global dominating platforms such as Facebook and Google