Woo can tell me what I'm looking for?: An in-depth study on the Information Search Process that is part of Freedom of Information request handling at Ministries of the Dutch National Government

The “Wet open overheid” or Woo is a law that facilitates access to government information for Dutch citizens and states that “everyone has the right to access government information without having to show an interest in it, subject to the limitations provided for by this law.” This law is the Dutch embodiment of a Freedom of Information (FOI)...

SAVing the Internet: Measuring the adoption of Source Address Validation (SAV) by network providers

IP spoofing is the act of forging source IP addresses assigned to a host machine. Spoofing provides users the ability to hide their identity and impersonate another machine. Malicious users use spoofing to invoke a variety of attacks. Examples are Distributed Denial of Service (DDoS) attacks, policy evasion and a range of application-level...

Can ISPs help mitigate IoT malware? A longitudinal study of broadband ISP security efforts

For the mitigation of compromised Internet of Things (IoT) devices we rely on Internet Service Providers (ISPs) and their users. Given that devices are in the hands of their subscribers, what can ISPs realistically do? This study examines the effects of ISP countermeasures on infections caused by variants of the notorious Mirai family of IoT...

Increasing the Impact of Voluntary Action Against Cybercrime

Resources on the Internet allow constant communication and data sharing between Internet users. While these resources keep vital information flowing, cybercriminals can easily compromise and abuse them, using them as a platform for fraud and misuse. Every day, we observe millions of internet-connected resources are being abused in criminal...

Cybersecurity via Intermediaries: Analyzing Security Measurements to Understand Intermediary Incentives and Inform Public Policy

Research in the field of information security economics has clarified how attacker and defender incentives affect cybersecurity. It has also highlighted the role of intermediaries in strengthening cybersecurity. Intermediaries are organizations and firms that provide the Internet’s infrastructure and platforms. This dissertation looks at how...

Towards Incentivizing ISPs To Mitigate Botnets

ISPs form a centralized point to control botnet infections. However, they do not have enough incentives to invest in mitigation of botnets. In this paper, we propose an approach based on comparative metrics to incentivize ISPs to mitigate botnets.

Botnet Mitigation and the Role of ISPs: A quantitative study into the role and incentives of Internet Service Providers in combating botnet propagation and activity