The Experts below are selected from a list of 3942 Experts worldwide ranked by ideXlab platform
Kim-kwang Raymond Choo - One of the best experts on this subject based on the ideXlab platform.
-
Analysis and Triage of Advanced Hacking Groups Targeting Western Countries Critical National Infrastructure: APT28, RED October, and Regin
Critical Infrastructure Security and Resilience, 2019Co-Authors: Henry Mwiki, Tooska Dargahi, Ali Dehghantanha, Kim-kwang Raymond ChooAbstract:Many organizations still rely on traditional methods to protect themselves against various Cyber threats. This is effective when they deal with traditional threats, but it is less effective when it comes to Advanced Persistent Threat (APT) actors. APT attacks are carried by highly skilled (possibly state-sponsored) Cyber Criminal groups who have potentially unlimited time and resources.This paper analyzes three specific APT groups targeting critical national infrastructure of western countries, namely: APT28, Red October, and Regin. Cyber Kill Chain (CKC) was used as the reference model to analyze these APT groups activities. We create a Defense Triage Process (DTP) as a novel combination of the Diamond Model of Intrusion Analysis, CKC, and 7D Model, to triage the attack vectors and potential targets for these three APT groups.A comparative summary of these APT groups is presented, based on their attack impact and deployed technical mechanism. This paper also highlights the type of organization and vulnerabilities that are attractive to these APT groups and proposes mitigation actions.
-
always connected but are smart mobile users getting more security savvy a survey of smart mobile device users
Behaviour & Information Technology, 2014Co-Authors: James Imgraben, Alewyn Engelbrecht, Kim-kwang Raymond ChooAbstract:Smart mobile devices are a potential attack vector for Cyber Criminal activities. Two hundred and fifty smart mobile device owners from the University of South Australia were surveyed. Not surprisingly, it was found that smart mobile device users in the survey generally underestimated the value that their collective identities have to Criminals and how these can be sold. For example, participants who reported jail-breaking/rooting their devices were also more likely to exhibit risky behaviour (e.g. downloading and installing applications from unknown providers), and the participants generally had no idea of the value of their collective identities to Criminals which can be sold to the highest bidder. In general, the participants did not understand the risks and may not have perceived Cyber crime to be a real threat. Findings from the survey and the escalating complexities of the end-user mobile and online environment underscore the need for regular ongoing training programs for basic online security and t...
-
always connected but are smart mobile users getting more security savvy a survey of smart mobile device users
2014Co-Authors: James Imgraben, Alewyn Engelbrecht, Kim-kwang Raymond ChooAbstract:Smart mobile devices are a potential attack vector for Cyber Criminal activities. 250 smart mobile device owners from the University of South Australia (UniSA) were surveyed. Not surprisingly, it was found that smart mobile device users in the survey generally underestimated the value that their collective identities have to Criminals and how these can be sold. For example, participants who reported jail-breaking/rooting their devices were also more likely to exhibit risky behaviour (e.g. downloading and installing applications from unknown providers), and the participants generally had no idea of the value of their collective identities to Criminals which can be sold to the highest bidder. In general, the participants did not understand the risks and may not have perceived Cyber crime to be a real threat. Findings from the survey and the escalating complexities of the end-user mobile and online environment underscore the need for regular ongoing training programs for basic online security and the promotion of a culture of security among smart mobile device users. For example, targeted education and awareness programs could be developed to inform or educate smart mobile device users and correct misconceptions or myths in order to bring about changes in attitudes and usage behaviour (e.g. not taking preventative measures such as strong passwords to protect their devices). Such initiatives would enable all end users (including senior University management who use such devices to access privileged corporate data and accounts) to maintain current knowledge of the latest Cyber crime activities and the best Cyber security protection measures available.
James Imgraben - One of the best experts on this subject based on the ideXlab platform.
-
always connected but are smart mobile users getting more security savvy a survey of smart mobile device users
Behaviour & Information Technology, 2014Co-Authors: James Imgraben, Alewyn Engelbrecht, Kim-kwang Raymond ChooAbstract:Smart mobile devices are a potential attack vector for Cyber Criminal activities. Two hundred and fifty smart mobile device owners from the University of South Australia were surveyed. Not surprisingly, it was found that smart mobile device users in the survey generally underestimated the value that their collective identities have to Criminals and how these can be sold. For example, participants who reported jail-breaking/rooting their devices were also more likely to exhibit risky behaviour (e.g. downloading and installing applications from unknown providers), and the participants generally had no idea of the value of their collective identities to Criminals which can be sold to the highest bidder. In general, the participants did not understand the risks and may not have perceived Cyber crime to be a real threat. Findings from the survey and the escalating complexities of the end-user mobile and online environment underscore the need for regular ongoing training programs for basic online security and t...
-
always connected but are smart mobile users getting more security savvy a survey of smart mobile device users
2014Co-Authors: James Imgraben, Alewyn Engelbrecht, Kim-kwang Raymond ChooAbstract:Smart mobile devices are a potential attack vector for Cyber Criminal activities. 250 smart mobile device owners from the University of South Australia (UniSA) were surveyed. Not surprisingly, it was found that smart mobile device users in the survey generally underestimated the value that their collective identities have to Criminals and how these can be sold. For example, participants who reported jail-breaking/rooting their devices were also more likely to exhibit risky behaviour (e.g. downloading and installing applications from unknown providers), and the participants generally had no idea of the value of their collective identities to Criminals which can be sold to the highest bidder. In general, the participants did not understand the risks and may not have perceived Cyber crime to be a real threat. Findings from the survey and the escalating complexities of the end-user mobile and online environment underscore the need for regular ongoing training programs for basic online security and the promotion of a culture of security among smart mobile device users. For example, targeted education and awareness programs could be developed to inform or educate smart mobile device users and correct misconceptions or myths in order to bring about changes in attitudes and usage behaviour (e.g. not taking preventative measures such as strong passwords to protect their devices). Such initiatives would enable all end users (including senior University management who use such devices to access privileged corporate data and accounts) to maintain current knowledge of the latest Cyber crime activities and the best Cyber security protection measures available.
Alewyn Engelbrecht - One of the best experts on this subject based on the ideXlab platform.
-
always connected but are smart mobile users getting more security savvy a survey of smart mobile device users
Behaviour & Information Technology, 2014Co-Authors: James Imgraben, Alewyn Engelbrecht, Kim-kwang Raymond ChooAbstract:Smart mobile devices are a potential attack vector for Cyber Criminal activities. Two hundred and fifty smart mobile device owners from the University of South Australia were surveyed. Not surprisingly, it was found that smart mobile device users in the survey generally underestimated the value that their collective identities have to Criminals and how these can be sold. For example, participants who reported jail-breaking/rooting their devices were also more likely to exhibit risky behaviour (e.g. downloading and installing applications from unknown providers), and the participants generally had no idea of the value of their collective identities to Criminals which can be sold to the highest bidder. In general, the participants did not understand the risks and may not have perceived Cyber crime to be a real threat. Findings from the survey and the escalating complexities of the end-user mobile and online environment underscore the need for regular ongoing training programs for basic online security and t...
-
always connected but are smart mobile users getting more security savvy a survey of smart mobile device users
2014Co-Authors: James Imgraben, Alewyn Engelbrecht, Kim-kwang Raymond ChooAbstract:Smart mobile devices are a potential attack vector for Cyber Criminal activities. 250 smart mobile device owners from the University of South Australia (UniSA) were surveyed. Not surprisingly, it was found that smart mobile device users in the survey generally underestimated the value that their collective identities have to Criminals and how these can be sold. For example, participants who reported jail-breaking/rooting their devices were also more likely to exhibit risky behaviour (e.g. downloading and installing applications from unknown providers), and the participants generally had no idea of the value of their collective identities to Criminals which can be sold to the highest bidder. In general, the participants did not understand the risks and may not have perceived Cyber crime to be a real threat. Findings from the survey and the escalating complexities of the end-user mobile and online environment underscore the need for regular ongoing training programs for basic online security and the promotion of a culture of security among smart mobile device users. For example, targeted education and awareness programs could be developed to inform or educate smart mobile device users and correct misconceptions or myths in order to bring about changes in attitudes and usage behaviour (e.g. not taking preventative measures such as strong passwords to protect their devices). Such initiatives would enable all end users (including senior University management who use such devices to access privileged corporate data and accounts) to maintain current knowledge of the latest Cyber crime activities and the best Cyber security protection measures available.
Antonio Pescape - One of the best experts on this subject based on the ideXlab platform.
-
Analysis of a "/0" stealth scan from a botnet
IEEE ACM Transactions on Networking, 2015Co-Authors: Alberto Dainotti, Alistair King, Kimberly C. Claffy, Ferdinando Papale, Antonio PescapeAbstract:Botnets are the most common vehicle of Cyber-Criminal activity. They are used for spamming, phishing, denial-of-service attacks, brute-force cracking, stealing private information, and Cyber warfare. Botnets carry out network scans for several reasons, including searching for vulnerable machines to infect and recruit into the botnet, probing networks for enumeration or penetration, etc. We present the measurement and analysis of a horizontal scan of the entire IPv4 address space conducted by the Sality botnet in February 2011. This 12-day scan originated from approximately 3 million distinct IP addresses and used a heavily coordinated and unusually covert scanning strategy to try to discover and compromise VoIP-related (SIP server) infrastructure. We observed this event through the UCSD Network Telescope, a /8 darknet continuously receiving large amounts of unsolicited traffic, and we correlate this traffic data with other public sources of data to validate our inferences. Sality is one of the largest botnets ever identified by researchers. Its behavior represents ominous advances in the evolution of modern malware: the use of more sophisticated stealth scanning strategies by millions of coordinated bots, targeting critical voice communications infrastructure. This paper offers a detailed dissection of the botnet's scanning behavior, including general methods to correlate, visualize, and extrapolate botnet behavior across the global Internet.
-
Internet Measurement Conference - Analysis of a "/0" stealth scan from a botnet
Proceedings of the 2012 ACM conference on Internet measurement conference - IMC '12, 2012Co-Authors: Alberto Dainotti, Alistair King, Kimberly C. Claffy, Ferdinando Papale, Antonio PescapeAbstract:Botnets are the most common vehicle of Cyber-Criminal activity. They are used for spamming, phishing, denial of service attacks, brute-force cracking, stealing private information, and Cyber warfare. Botnets carry out network scans for several reasons, including searching for vulnerable machines to infect and recruit into the botnet, probing networks for enumeration or penetration, etc. We present the measurement and analysis of a horizontal scan of the entire IPv4 address space conducted by the Sality botnet in February of last year. This 12-day scan originated from approximately 3 million distinct IP addresses, and used a heavily coordinated and unusually covert scanning strategy to try to discover and compromise VoIP-related (SIP server) infrastructure. We observed this event through the UCSD Network Telescope, a /8 darknet continuously receiving large amounts of unsolicited traffic, and we correlate this traffic data with other public sources of data to validate our inferences. Sality is one of the largest botnets ever identified by researchers, its behavior represents ominous advances in the evolution of modern malware: the use of more sophisticated stealth scanning strategies by millions of coordinated bots, targeting critical voice communications infrastructure. This work offers a detailed dissection of the botnet's scanning behavior, including general methods to correlate, visualize, and extrapolate botnet behavior across the global Internet.
Seungwon Shin - One of the best experts on this subject based on the ideXlab platform.
-
analyzing spammers social networks for fun and profit a case study of Cyber Criminal ecosystem on twitter
The Web Conference, 2012Co-Authors: Chao Yang, Robert Harkreader, Jialong Zhang, Seungwon ShinAbstract:In this paper, we perform an empirical analysis of the Cyber Criminal ecosystem on Twitter. Essentially, through analyzing inner social relationships in the Criminal account community, we find that Criminal accounts tend to be socially connected, forming a small-world network. We also find that Criminal hubs, sitting in the center of the social graph, are more inclined to follow Criminal accounts. Through analyzing outer social relationships between Criminal accounts and their social friends outside the Criminal account community, we reveal three categories of accounts that have close friendships with Criminal accounts. Through these analyses, we provide a novel and effective Criminal account inference algorithm by exploiting Criminal accounts' social relationships and semantic coordinations.
-
WWW - Analyzing spammers' social networks for fun and profit: a case study of Cyber Criminal ecosystem on twitter
Proceedings of the 21st international conference on World Wide Web - WWW '12, 2012Co-Authors: Chao Yang, Robert Harkreader, Jialong Zhang, Seungwon ShinAbstract:In this paper, we perform an empirical analysis of the Cyber Criminal ecosystem on Twitter. Essentially, through analyzing inner social relationships in the Criminal account community, we find that Criminal accounts tend to be socially connected, forming a small-world network. We also find that Criminal hubs, sitting in the center of the social graph, are more inclined to follow Criminal accounts. Through analyzing outer social relationships between Criminal accounts and their social friends outside the Criminal account community, we reveal three categories of accounts that have close friendships with Criminal accounts. Through these analyses, we provide a novel and effective Criminal account inference algorithm by exploiting Criminal accounts' social relationships and semantic coordinations.
