Pages
- 1
- 2
- document
-
Anghel, R.I. (author), Zhauniarovich, Y. (author), Hernandez Ganan, C. (author)Distributed Denial-of-Service (DDoS) attacks continue to threaten the availability of Internet-based services. While countermeasures exist to decrease the impact of these attacks, not all operators have the resources or knowledge to deploy them. Alternatively, anti-DDoS services such as DDoS clearing houses and blackholing have emerged....journal article 2024
- document
-
Anghel, R.I. (author), Vetrivel, Swaathi (author), Turcios Rodriguez, E.R. (author), Sameshima, Kaichi (author), Makita, Daisuke (author), Yoshioka, Katsunari (author), Hernandez Ganan, C. (author), Zhauniarovich, Y. (author)Remotely Triggered Black Hole (RTBH) is a common DDoS mitigation approach that has been in use for the last two decades. Usually, it is implemented close to the attack victim in networks sharing some type of physical connectivity. The Unwanted Traffic Removal Service (UTRS) project offers a free, global, and relatively low-effort-to-join and...conference paper 2024
- document
-
Fiebig, T. (author), Gürses, F.S. (author), Hernandez Ganan, C. (author), Kotkamp, E. (author), Kuipers, F.A. (author), Lindorfer, Martina (author), Prisse, M.M.G.C. (author), Sari, P.T. (author)With the emergence of remote education and work in universi- ties due to COVID-19, the ‘zoomification’ of higher education, i.e., the migration of universities to the clouds, reached the public dis- course. Ongoing discussions reason about how this shift will take control over students’ data away from universities, and may ulti- mately harm the...book chapter 2023
- document
-
Geers, Artur (author), Ding, Aaron Yi (author), Hernandez Ganan, C. (author), Parkin, S.E. (author)The smishing-based malware Flubot was taken down in mid-2022, yet there is little understanding of how it directly impacted smartphone users. We engage with customers of a partner Internet Service Provider (ISP), who have suffered a Flubot infection on their smartphones. We surveyed 87 ISP customers who had been notified of a Flubot infection,...conference paper 2023
- document
-
Al Alsadi, Arwa (author), Sameshima, Kaichi (author), Yoshioka, Katsunari (author), van Eeten, M.J.G. (author), Hernandez Ganan, C. (author)For years, attackers have exploited vulnerabilities in Internet of Things (IoT) devices. Previous research has examined target selection in cybercrime, but there has been little investigation into the factors that influence target selection in attacks on IoT. This study aims to better understand how attackers choose their targets by analyzing...conference paper 2023
- document
-
Vermeer, M. (author), Kadenko, N.I. (author), van Eeten, M.J.G. (author), Hernandez Ganan, C. (author), Parkin, S.E. (author)Signature-based network intrusion detection systems (NIDSs) and network intrusion prevention systems (NIPSs) remain at the heart of network defense, along with the rules that enable them to detect threats. These rules allow Security Operation Centers (SOCs) to properly defend a network, yet we know almost nothing about how rules are created,...conference paper 2023
- document
-
Streibelt, Florian (author), Lindorfer, Martina (author), Gürses, F.S. (author), Hernandez Ganan, C. (author), Fiebig, T. (author)Researchers and practitioners often face the issue of having to attribute an IP address to an organization. For current data this is comparably easy, using services like whois or other databases. Similarly, for historic data, several entities like the RIPE NCC provide websites that provide access to historic records. For large-scale network...conference paper 2023
- document
-
Nosyk, Yevheniya (author), Lone, Qasim (author), Zhauniarovich, Y. (author), Hernandez Ganan, C. (author), Aben, Emile (author), Moura, Giovane C. M. (author), Tajalizadehkhoob, Samaneh (author), Duda, Andrzej (author), Korczyński, Maciej (author)DNS is a protocol responsible for translating human-readable domain names into IP addresses. Despite being essential for many Internet services to work properly, it is inherently vulnerable to manipulation. In November 2021, users from Mexico received bogus DNS responses when resolving whatsapp.net. It appeared that a BGP route leak diverged DNS...conference paper 2023
- document
-
Streibelt, Florian (author), Sattler, Patrick (author), Lichtblau, Franziska (author), Hernandez Ganan, C. (author), Feldmann, Anja (author), Gasser, Oliver (author), Fiebig, Tobias (author)DNS is one of the core building blocks of the Internet. In this paper, we investigate DNS resolution in a strict IPv6-only scenario and find that a substantial fraction of zones cannot be resolved. We point out, that the presence of an AAAA resource record for a zone’s nameserver does not necessarily imply that it is resolvable in an IPv6-only...conference paper 2023
- document
-
Bouwman, X.B. (author), Le Pochat, Victor (author), Foremski, Pawel (author), Van Goethem, Tom (author), Hernandez Ganan, C. (author), Moura, Giovane C.M. (author), Tajalizadehkhoob, Samaneh (author), Joosen, Wouter (author), van Eeten, M.J.G. (author)We tracked the largest volunteer security information sharing community known to date: the COVID-19 Cyber Threat Coalition, with over 4,000 members. This enabled us to address long-standing questions on threat information sharing. First, does collaboration at scale lead to better coverage? And second, does making threat data freely available...conference paper 2022
- document
-
Vermeer, M. (author), van Eeten, M.J.G. (author), Hernandez Ganan, C. (author)Notwithstanding the predicted demise of signature-based network monitoring, it is still part of the bedrock of security operations. Rulesets are fundamental to the efficacy of Network Intrusion Detection Systems (NIDS). Yet, they have rarely been studied in production environments. We partner with a Managed Security Service Provider (MSSP) to...conference paper 2022
- document
-
Al Alsadi, Arwa (author), Sameshima, Kaichi (author), Bleier, Jakob (author), Yoshioka, Katsunari (author), Lindorfer, Martina (author), van Eeten, M.J.G. (author), Hernandez Ganan, C. (author)The Internet of things (IoT) is composed by a wide variety of software and hardware components that inherently contain vulnerabilities. Previous research has shown that it takes only a few minutes from the moment an IoT device is connected to the Internet to the first infection attempts. Still, we know little about the evolution of exploit...conference paper 2022
- document
-
Rodriguez, Elsa (author), Fukkink, Max (author), Parkin, S.E. (author), van Eeten, M.J.G. (author), Hernandez Ganan, C. (author)Consumer IoT devices may suffer malware attacks, and be recruited into botnets or worse. There is evidence that generic advice to device owners to address IoT malware can be successful, but this does not account for emerging forms of persistent IoT malware. Less is known about persistent malware, which resides on persistent storage, requiring...conference paper 2022
- document
-
Sasaki, Takayuki (author), Fujita, Akira (author), Hernandez Ganan, C. (author), van Eeten, M.J.G. (author), Yoshioka, Katsunari (author), Matsumoto, Tsutomu (author)Geographically distributed infrastructures, such as buildings, dams, and solar power plants, are commonly maintained via Internet-connected remote management devices. Previous studies on detecting and securing industrial control systems (ICS) have overlooked these remote management devices, as they do not expose ICS-specific services like Modbus...conference paper 2022
- document
-
Lone, Q.B. (author), Frik, Alisa (author), Luckie, Matthew (author), Korczyński, MacIej (author), van Eeten, M.J.G. (author), Hernandez Ganan, C. (author)IP spoofing, sending IP packets with a false source IP address, continues to be a primary attack vector for large-scale Denial of Service attacks. To combat spoofing, various interventions have been tried to increase the adoption of source address validation (SAV) among network operators. How can SAV deployment be increased? In this work, we...conference paper 2022
- document
-
Tanabe, Rui (author), Watanabe, Tsuyufumi (author), Fujita, Akira (author), Isawa, Ryoichi (author), Hernandez Ganan, C. (author), van Eeten, M.J.G. (author), Yoshioka, Katsunari (author), Matsumoto, Tsutomu (author)Large botnets made up of Internet-of-Things (IoT) devices have a steady presence in the threat landscape since 2016. However, it has not explained how attackers maintain control over their botnets. In this paper, we present a long-term analysis of the infrastructure of IoT botnets based on 36 months of data gathered via honeypots and the...journal article 2022
- document
-
d' Estalenx, A.A.L. (author), Hernandez Ganan, C. (author)IoT devices keep entering our homes with the promise of delivering more services and enhancing user experience; however, these new devices also carry along an alarming number of vulnerabilities and security issues. In most cases, the users of these devices are completely unaware of the security risks that connecting these devices entail....conference paper 2021
- document
-
Akyazi, U. (author), van Eeten, M.J.G. (author), Hernandez Ganan, C. (author)The emergence of Cybercrime-as-a-Service (CaaS) is a critical evolution in the cybercrime landscape. A key area of research on CaaS is where and how the supply of CaaS is being matched with demand. Next to underground marketplaces and custom websites, cybercrime forums provide an important channel for CaaS suppliers to attract customers. Our...conference paper 2021
- document
-
Bouwmeester, Brennen (author), Turcios Rodriguez, E.R. (author), Hernandez Ganan, C. (author), van Eeten, M.J.G. (author), Parkin, S.E. (author)Many consumer Internet-of-Things (IoT) devices are, and will remain, subject to compromise, often without the owner's knowledge. Internet Service Providers (ISPs) are among the actors best-placed to coordinate the remediation of these problems. They receive infection data and can notify customers of recommended remediation actions. There is...conference paper 2021
- document
-
Noroozian, A. (author), Turcios Rodriguez, E.R. (author), Lastdrager, Elmer (author), Kasama, Takahiro (author), van Eeten, M.J.G. (author), Hernandez Ganan, C. (author)For the mitigation of compromised Internet of Things (IoT) devices we rely on Internet Service Providers (ISPs) and their users. Given that devices are in the hands of their subscribers, what can ISPs realistically do? This study examines the effects of ISP countermeasures on infections caused by variants of the notorious Mirai family of IoT...conference paper 2021
Pages
- 1
- 2