Going dark? Analysing the impact of end-to-end encryption on the outcome of Dutch criminal court cases

Law enforcement agencies struggle with criminals using end-to-end encryption (E2EE). A recent policy paper states: “while encryption is vital and privacy and cyber security must be protected, that should not come at the expense of wholly precluding law enforcement”. The main argument is that E2EE hampers attribution and prosecution of...

Investigating sentence severity with judicial open data: A case study on sentencing high-tech crime in the Dutch criminal justice system

Open data promotes transparency and accountability as everyone can analyse it. Law enforcement and the judiciary are increasingly making data available, to increase trust and confidence in the criminal justice system. Due to privacy legislation, judicial open data — like court judgements — in Europe is usually anonymized. And even if the...

HeadPrint: Detecting anomalous communications through header-based application fingerprinting

Passive application fingerprinting is a technique to detect anomalous outgoing connections. By monitoring the network traffic, a security monitor passively learns the network characteristics of the applications installed on each machine, and uses them to detect the presence of new applications (e.g., malware infection). In this work, we...

Teaching Empirical Social-Science Research to Cybersecurity Students: The Case of "Thinking Like a Thief"

We report on an educational experiment where computer science students perform empirical research into the human factor in cyber security. Most courses restrict students to work in a lab environment,but we encouraged our students to conduct a realistic experiment with real -world subjects. The students wrote a research proposal that had to be...

Putting the privacy paradox to the test: Online privacy and security behaviors among users with technical knowledge, privacy awareness, and financial resources

Research shows that people's use of computers and mobile phones is often characterized by a privacy paradox: Their self-reported concerns about their online privacy appear to be in contradiction with their often careless online behaviors. Earlier research into the privacy paradox has a number of caveats. Most studies focus on intentions...

An Empirical Study into the Success of Listed Smart Contracts in Ethereum

Since it takes time and effort to put a new product or service on the market, one would like to predict whether it will be a success. In general this is not possible, but it is possible to follow best practices in order to maximize the chance of success. A smart contract is intended to encode business logic and is therefore at the heart of...

Rethinking Blockchain Security: Position Paper

Blockchain technology has become almost as famous for incidents involving security breaches as for its innovative potential. We shed light on the prevalence and nature of these incidents through a database structured using the STIX format. Apart from OPSEC-related incidents, we find that the nature of many incidents is specific to blockchain...

On the anatomy of social engineering attacks: A literature-based dissection of successful attacks

The aim of this study was to explore the extent to which persuasion principles are used in successful social engineering attacks. Seventy-four scenarios were extracted from 4 books on social engineering (written by social engineers) and analysed. Each scenario was split into attack steps, containing single interactions between offender and...

Computer science

Every new technology brings new opportunity for crime, and information and communication technology (ICT) is no exception. This short article offers students of crime insights in the two main connections between ICT and criminology. On the one hand we show how ICT can be used as a tool, target, or location of crime. On the other hand we show how...

Physical Location of Smart Key Activators: A Building Security Penetration Test

Purpose – When security managers choose to deploy a smart lock activation system, the number of units needed and their location needs to be established. This study presents the results of a penetration test involving smart locks in the context of building security. We investigated how the amount of effort an employee has to invest in complying...

How Effective is Anti-Phishing Training for Children?

User training is a commonly used method for preventing victimization from phishing attacks. In this study, we focus on training children, since they are active online but often overlooked in interventions. We present an experiment in which children at Dutch primary schools received an anti-phishing training. The subjects were subsequently tested...

DECANTeR: DEteCtion of Anomalous outbouNd HTTP Traffic by Passive Application Fingerprinting

We present DECANTeR, a system to detect anomalous outbound HTTP communication, which passively extracts fingerprints for each application running on a monitored host. The goal of our system is to detect unknown malware and backdoor communication indicated by unknown fingerprints extracted from a host's network traffic. We evaluate a prototype...