Searched for: mods_originInfo_publisher_s%3A%22USENIX%255C%2BAssociation%22
(1 - 19 of 19)
document
Ni, Tao (author), Lan, G. (author), Wang, Jia (author), Zhao, Qingchuan (author), Xu, Weitao (author)
Radio-frequency (RF) energy harvesting is a promising technology for Internet-of-Things (IoT) devices to power sensors and prolong battery life. In this paper, we present a novel side-channel attack that leverages RF energy harvesting signals to eavesdrop mobile app activities. To demonstrate this novel attack, we propose AppListener, an...
conference paper 2023
document
Binkhorst, V.F. (author), Fiebig, T. (author), Krombholz, Katharina (author), Pieters, Wolter (author), Labunets, K. (author)
With the worldwide COVID-19 pandemic in 2020 and 2021 necessitating working from home, corporate Virtual Private Networks (VPNs) have become an important item securing the continued operation of companies around the globe. However, due to their different use case, corporate VPNs and how users interact with them differ from public VPNs, which are...
conference paper 2022
document
Bouwman, X.B. (author), Le Pochat, Victor (author), Foremski, Pawel (author), Van Goethem, Tom (author), Hernandez Ganan, C. (author), Moura, Giovane C.M. (author), Tajalizadehkhoob, Samaneh (author), Joosen, Wouter (author), van Eeten, M.J.G. (author)
We tracked the largest volunteer security information sharing community known to date: the COVID-19 Cyber Threat Coalition, with over 4,000 members. This enabled us to address long-standing questions on threat information sharing. First, does collaboration at scale lead to better coverage? And second, does making threat data freely available...
conference paper 2022
document
Cuevas, Alejandro (author), Miedema, F.E.G. (author), Soska, Kyle (author), Christin, Nicolas (author), van Wegberg, R.S. (author)
A number of recent studies have investigated online anony- mous (“dark web”) marketplaces. Almost all leverage a “measurement-by-proxy” design, in which researchers scrape market public pages, and take buyer reviews as a proxy for ac- tual transactions, to gain insights into market size and revenue. Yet, we do not know if and how this method...
conference paper 2022
document
Korir, Maina (author), Parkin, S.E. (author), Dunphy, Paul (author)
User-centric digital identity initiatives are emerging with a mission to shift control over online identity disclosures to the individual. However, there is little representation of prospective users in discussions of the merits of empowering users with new data management responsibilities and the acceptability of new technologies. We conducted...
conference paper 2022
document
Cardaioli, Matteo (author), Cecconello, S. (author), Conti, M. (author), Milani, Simone (author), Picek, S. (author), Saraci, Eugen (author)
Automated Teller Machines (ATMs) represent the most used system for withdrawing cash. The European Central Bank reported more than 11 billion cash withdrawals and loading/unloading transactions on the European ATMs in 2019. Although ATMs have undergone various technological evolutions, Personal Identification Numbers (PINs) are still the most...
conference paper 2022
document
Xu, M. (author), Chavez Tapia, M.A. (author), Zuniga, Marco (author)
There is a growing interest in exploiting ambient light for wireless communication. This new research area has two key advantages: it utilizes a free portion of the spectrum and does not require modifications of the lighting infrastructure. Most existing designs, however, rely on a single type of optical surface at the transmitter: liquid...
conference paper 2022
document
Bouwmeester, Brennen (author), Turcios Rodriguez, E.R. (author), Hernandez Ganan, C. (author), van Eeten, M.J.G. (author), Parkin, S.E. (author)
Many consumer Internet-of-Things (IoT) devices are, and will remain, subject to compromise, often without the owner's knowledge. Internet Service Providers (ISPs) are among the actors best-placed to coordinate the remediation of these problems. They receive infection data and can notify customers of recommended remediation actions. There is...
conference paper 2021
document
Bijmans, H.L.J. (author), Booij, T.M. (author), Schwedersky, Anneke (author), Nedgabat, Aria (author), van Wegberg, R.S. (author)
Off-the-shelf, easy-to-deploy phishing kits are believed to lower the threshold for criminal entrepreneurs going phishing. That is, the practice of harvesting user credentials by tricking victims into disclosing these on fraudulent websites. But, how do these kits impact the phishing landscape? And, how often are they used? We leverage the use...
conference paper 2021
document
van de Laarschot, J.W. (author), van Wegberg, R.S. (author)
Cybercriminal entrepreneurs on online anonymous markets rely on security mechanisms to thwart investigators in at- tributing their illicit activities. Earlier work indicates that – despite the high-risk criminal context – cybercriminals may turn to poor security practices due to competing business incentives. This claim has not yet been...
conference paper 2021
document
Noroozian, A. (author), Koenders, Jan (author), van Veldhuizen, Eelco (author), Hernandez Ganan, C. (author), Alrwais, Sumayah (author), McCoy, Damon (author), van Eeten, M.J.G. (author)
This paper presents the first empirical study based on ground-truth data of a major Bullet-Proof Hosting (BPH) provider, a company called Maxided. BPH allows miscreants to host criminal activities in support of various cybercrime business models such as phishing, botnets, DDoS, spam, and counterfeit pharmaceutical websites. Maxided was legally...
conference paper 2019
document
Ghiette, V.D.H. (author), Griffioen, H.J. (author), Dörr, C. (author)
In SSH brute forcing attacks, adversaries try a lot of different username and password combinations in order to compromise a system. As such activities are easily recognizable in log files, sophisticated adversaries distribute brute forcing attacks over a large number of origins. Effectively finding such distributed campaigns proves however...
conference paper 2019
document
Bijmans, H.L.J. (author), Booij, T.M. (author), Dörr, C. (author)
Since the release of a browser-based cryptominer by Coinhive in 2017, the easy use of these miners has skyrocketed illicit cryptomining in 2017 and continued in 2018. This method of monetizing websites attracted website owners, as well as criminals seeking new ways to earn a profit. In this paper, we perform two large studies into the world...
conference paper 2019
document
Batina, Lejla (author), Jap, Dirmanto (author), Bhasin, Shivam (author), Picek, S. (author)
Machine learning has become mainstream across industries. Numerous examples prove the validity of it for security applications. In this work, we investigate how to reverse engineer a neural network by using side-channel information such as timing and electromagnetic (EM) emanations. To this end, we consider multilayer perceptron and...
conference paper 2019
document
van Wegberg, R.S. (author), Tajalizadehkhoob, S. (author), Soska, Kyle (author), Akyazi, U. (author), Hernandez Ganan, C. (author), Klievink, A.J. (author), Christin, Nicolas (author), van Eeten, M.J.G. (author)
Researchers have observed the increasing commoditization of cybercrime, that is, the offering of capabilities, services, and resources as commodities by specialized suppliers in the underground economy. Commoditization enables outsourcing, thus lowering entry barriers for aspiring criminals, and potentially driving further growth in cybercrime....
conference paper 2018
document
Çetin, F.O. (author), Altena, E.M. (author), Hernandez Ganan, C. (author), van Eeten, M.J.G. (author)
conference paper 2018
document
Lastdrager, Elmer (author), Carvajal Gallardo, Inés (author), Hartel, P.H. (author), Junger, M. (author)
User training is a commonly used method for preventing victimization from phishing attacks. In this study, we focus on training children, since they are active online but often overlooked in interventions. We present an experiment in which children at Dutch primary schools received an anti-phishing training. The subjects were subsequently tested...
conference paper 2017
document
Asghari, H. (author), Ciere, M. (author), Van Eeten, M.J.G. (author)
Research on botnet mitigation has focused predominantly on methods to technically disrupt the commandand-control infrastructure. Much less is known about the effectiveness of large-scale efforts to clean up infected machines. We analyze longitudinal data from the sinkhole of Conficker, one the largest botnets ever seen, to assess the impact of...
conference paper 2015
document
Asghari, H. (author), Van Eeten, M.J.G. (author), Mueller, M. (author)
Large and impressive data collection efforts often fail to make their data useful for answering policy questions. In this paper, we argue that this is due to a systematic gap between the ways measurement engineers think about their data, and how other disciplines typically make use of data. We recap our own efforts to use the data generated by a...
conference paper 2013
Searched for: mods_originInfo_publisher_s%3A%22USENIX%255C%2BAssociation%22
(1 - 19 of 19)