Underground forums allow criminals to interact, exchange knowledge, and trade in products services. They also provide a pathway into cybercrime, tempting the curious join those already motivated obtain easy money. Analysing these enables us better understand behaviours of offenders pathways crime. Prior research has been valuable, but limited by reliance on datasets that are incomplete or outdated. More complete data, going back many years, allows for comprehensive evolution their users. We...

We evaluate the use of data obtained by illicit means against a broad set ethical and legal issues. Our analysis covers both direct collection, secondary uses of, via such as exploiting vulnerability, or unauthorized disclosure. extract principles from existing advice guidance analyse how they have been applied within more than 20 recent peer reviewed papers that deal with illicitly datasets. find does not address all problems researchers faced explain tackle issues inconsistently, sometimes...

Illicit crypto-mining leverages resources stolen from victims to mine cryptocurrencies on behalf of criminals. While recent works have analyzed one side this threat, i.e.: web-browser cryptojacking, only commercial reports partially covered binary-based malware.

Abstract Deep Learning (DL) is a powerful solution for complex problems in many disciplines such as finance, medical research, or social sciences. Due to the high computational cost of DL algorithms, data scientists often rely upon Machine Service (MLaaS) outsource computation onto third-party servers. However, outsourcing raises privacy concerns when dealing with sensitive information, e.g., health financial records. Also, regulations like European GDPR limit collection, distribution, and...

The automatic classification of posts from hacking-related online forums is potential value for the understanding user behaviour in social networks relating to cybercrime. We designed annotation schema label forum three properties: post type, author intent, and addressee. type indicates whether text a question, comment, so on. author's intent writing could be positive, negative, moderating discussion, showing gratitude another user, etc. addressee tends general audience (e.g. other users) or...

Homomorphic Encryption (HE) is a set of powerful properties certain cryptosystems that allow privacy-preserving operation over the encrypted text. Still, HE not widespread due to limitations in terms efficiency and usability. Among challenges HE, scheme parametrization (i.e., selection appropriate parameters within algorithms) relevant multi-faced problem. First, needs comply with guarantee security underlying scheme. Second, requires deep understanding low-level primitives since have...

Nowadays, both the amount of cyberattacks and their sophistication have considerably increased, prevention concerns many organizations. Cooperation by means information sharing is a promising strategy to address this problem, but unfortunately it poses challenges. Indeed, looking for win-win environment not straightforward organizations are properly motivated share information. This work presents model analyse benefits drawbacks among that present certain level dependency. The proposed...

In this paper, we describe a new type of online fraud, referred to as 'eWhoring' by offenders. This crime script analysis provides an overview the business model, drawing on more than 6,500 posts crawled from underground forum. is unusual fraud type, in that offenders readily share information about how it committed way almost prescriptive. There are economic factors at play here, providing make money can increase demand for types images enable happen. We find sexualised typically stolen and...

eWhoring is the term used by offenders to refer a type of online fraud in which cybersexual encounters are simulated for financial gain. Perpetrators use social engineering techniques impersonate young women communities, e.g., chat or networking sites. They engage potential customers conversation with aim selling misleading sexual material -- mostly photographs and interactive video shows illicitly compiled from third-party popular topic underground forums acting as gateway into offending....

We outline in this article a study of `adversarial scraping' for academic research, which involves the collection data from websites that implement defences against traditional web scraping tools. Although is primarily research methods article, it also constitutes valuable systematic accounting different defensive techniques used by administrators illicit online services. Some these intentionally functionality attempts to prevent scrapers gathering their site, and some will unintentionally...

In cybersecurity, adversaries employ a myriad of tactics to evade detection and breach defenses. Malware remains formidable weapon in their arsenal. To counter this threat, researchers unceasingly pursue dynamic analysis, which aims comprehend thwart established malware strains. This paper introduces an innovative methodology for analysis while critically evaluating prevailing technologies limitations. The proposed approach hinges on harnessing the capabilities open-source Security...

Currently, the Dark Web is one key platform for online trading of illegal products and services. Analysing .onion sites hosting marketplaces interest law enforcement security researchers. This paper presents a study on 123k listings obtained from 6 different markets. While most current works leverage existing datasets, these are outdated might not contain new products, e.g., those related to 2020 COVID pandemic. Thus, we build custom focused crawler collect data. Being able conduct analyses...

Illicit crypto-mining leverages resources stolen from victims to mine cryptocurrencies on behalf of criminals. While recent works have analyzed one side this threat, i.e.: web-browser cryptojacking, only commercial reports partially covered binary-based malware. In paper, we conduct the largest measurement malware date, analyzing approximately 4.5 million samples (1.2 malicious miners), over a period twelve years 2007 2019. Our analysis pipeline applies both static and dynamic extract...

The pervasive presence of interconnected objects enables new communication paradigms where devices can easily reach each other while interacting within their environment. so-called Internet Things (IoT) represents the integration several computing and communications systems aiming at facilitating interaction between these devices. Arduino is one most popular platforms used to prototype IoT due its open, flexible easy-to-use architecture. Ardunio Yun a dual board microcontroller that supports...

Fake engagement services allow users of online social media and other web platforms to illegitimately increase their reach boost perceived popularity. Driven by socio-economic even political motivations, the demand for fake has increased in last years, which incentivized rise a vast underground market support infrastructure. Prior research this area been limited study infrastructure used provide these (e.g., botnets) development algorithms detect remove activity targeted platforms. Yet, are...

Blocklists constitute a widely-used Internet security mechanism to filter undesired network traffic based on IP/domain reputation and behavior. Many blocklists are distributed in open source form by threat intelligence providers who aggregate process input from their own sensors, but also third-party feeds or providers. Despite wide adoption, many open-source blocklist lack clear documentation about structure, curation process, contents, dynamics, inter-relationships with other In this...