Behind the Botnet: Evaluating Avalanche's security controls using a reconstruction of its anatomy from forensic evidence

How did Avalanche, a botnet with an active lifetime of 8 years while serving 20+ malware families, ensure a smooth operation of business? Avalanche had the attention of security researchers and law enforcement, yet it managed to persevere for a long period of time.<br/>In this work, we answer this question by analyzing Avalanche’s security...

Preventing intellectual (near-) monopoly in digital education by developing free space for education technology development

In this thesis I investigate possibilities for expanding freedom of choice in the development and use of digital education technologies. This thesis may be of interest to university policy-makers, students, professors, software-developers, or anyone interested in expanding freedom of choice in the development and use of digital education...

The Risks and Regulation of Decentralized Finance: A Recommendation to Policy Makers

In the past several years, financial applications of the blockchain technology experienced significant growth, development and adoption among the public and institutional investors. With the rise of stablecoins and major events such as the announcement of Facebook’s own cryptocurency Libra in 2019, the EU regulators felt the urgent need to...

Exploring the practice of organisational Security Patch Management from a socio-technical perspective: Using a Mixed Methods Approach to investigate IT-practitioners’ decision-making and patch activity

In the current digitalised society keeping assets secure is one of the most prominent challenges organisations face. In the ongoing arms race between attackers and defenders, software security patching is a well-recognised and effective strategy to mitigate vulnerabilities in software products. However, organisations struggle with the best...

Understanding organizations’ approaches to managing cybersecurity challenges related to high levels of teleworking: a multi-actor perspective

This study investigates organizations’ approaches to managing cybersecurity challenges that are associated with high levels of teleworking. Over the last two and a half years the pandemic forced organizations to implement teleworking models that resulted in a large share of the workforce working from home. The increasing use of teleworking...

Countering money laundering: Implications of the 5th Anti-Money Laundering Directive on virtual currency exchanges in the Netherlands

In order to combat financially-economically related crime the government implemented a new directive ensuring that virtual currency exchanges now have to adhere to requirements from legislation countering money laundering. This thesis researches what the extent is of effects that this legislation posed to the daily operations of virtual currency...

People ignore design that ignores people: Understanding the impact of security training on the security behaviour of employees within an organisational context

Research shows that most of the security issues arise through human shortcomings, instead of technical issues (Abawajy, 2014). Therefore, users of information systems have to become more security aware. The reasonable solution to these human shortcomings was to provide users with policies that tell them what to do and have the technical systems...

Have you updated your lightbulb?: Solving IoT vulnerabilities through governance

Connecting ‘things’ like a doorbell, webcam, lamp, or other objects to the web to provide a service or control is called the Internet of Things (IoT). These devices contain vulnerabilities that form risks for the device user and possibly the network owner through their heterogeneity. The identified knowledge gap is the need for more IoT...

Looking under the Streetlights: Evaluating Cyber Threat Intelligence Feeds Using Quantitative Metrics and User Appreciation Scores

In the battle against ever-changing cyber threats, a new ally has joined in: Cyber Threat Intelligence. Evolved from historical blacklists and anti-virus, Threat Intelligence aims to protect and inform its clients against both nation state actors, as well as cyber criminals. Threat Intelligence comes in many shapes and sizes, and for a wide...

Risky Business: Analysing the security behaviour of cybercriminals active on a darknet market

Cybercrime thrives and online anonymous markets, or darknet markets, play an important role in the cybercriminal ecosystem. Vendors active on darknet markets invest in security mechanisms to compromise the availability or usefulness of evidence to Law Enforcement Agencies. Therefore, difficulties arise in linking identities or machines to...

Development of Injected Code Attacks in Online Banking Fraud Incidents: An exploratory study for understanding the evolution of code used by cyber criminals in financial malware

The frequency of online banking fraud incidents has increased over the last years. A method used by different cybercriminals is the injection of malicious code into the targeted web pages. For example, attackers might inject an additional piece code into the webpage of a targeted bank asking users to enter extra personal information (e.g., the...

Targeting financial organisations with DDoS: a multi-sided perspective: Comparing patterns in AmpPot data to experts view on target selection in the financial sector

Currently, DDoS attacks have become inevitable for financial services and their threat keeps rising. Numerous researches have focused on the technical since the rise of DDoS amplification attacks. However, there is less understanding regarding their target selection on financial services. This research uses a mixed method approach to capture...