Rozprawy doktorskie na temat „Hacking network”

Thesis (M.S. in Information Systems and Operations)--Naval Postgraduate School, March 2007.
Thesis Advisor(s): David Tucker. "March 2007." Includes bibliographical references (p. 55-56). Also available in print.

Day by day, more and more people are using internet all over the world. It is becoming apart of everyone’s life. People are checking their e-mails, surfing over internet, purchasinggoods, playing online games, paying bills on the internet etc. However, while performingall these things, how many people know about security? Do they know the risk of beingattacked, infecting by malicious software? Even some of the malicious software arespreading over network to create more threats by users. How many users are aware of thattheir computer may be used as zombie computers to target other victim systems? Astechnology is growing rapidly, newer attacks are appearing. Security is a key point to getover all these problems. In this thesis, we will make a real life scenario, using honeypots.Honeypot is a well designed system that attracts hackers into it. By luring the hackerinto the system, it is possible to monitor the processes that are started and running on thesystem by hacker. In other words, honeypot is a trap machine which looks like a realsystem in order to attract the attacker. The aim of the honeypot is analyzing, understanding,watching and tracking hacker’s behaviours in order to create more secure systems.Honeypot is great way to improve network security administrators’ knowledge and learnhow to get information from a victim system using forensic tools. Honeypot is also veryuseful for future threats to keep track of new technology attacks.

Computer networks are used in much wider extent than 20 years ago. People use the computer mainly for communication, entertainment and data storage. Information is often stored only in electronic devices and that is why the security of the data is so important. The objective of my thesis is to describe network security problems and their solutions. First chapter deals with the network security, security checks and attacks. It describes procedures used in practise. First part deals with traffic scanning and filtering at various layers of the TCP/IP model. Second part presents the types of proxy and its pros and cons. Network Address Translation (NAT) is a favourite technique of managing IP addresses of inside and outside network which helps to improve the security and lower the costs paid for IP addresses. NAT description, IPSec, VPN and basic attacks are described in this section. The second chapter of the thesis presents set of Perl scripts for network security checking. The purpose of the project is not to check the whole network security. It is designed for contemporary needs of IBM Global Services Delivery Centrum Brno. The first script checks running applications on target object. The aim is to detect services that are not necessary to run or that are not updated. The second one checks the security of the Cisco device configuration. There is a list of rules that has to be kept. The third script inspects the Nokia firewall configuration which is on the border of IBM network. If some of the rule is broken, it shows the command that has to be proceeded at the particular device. The output of the first and the second script is an HTML file. The third script uses the command line for the final report. The last part of this chapter gives advice to configure Cisco devices. It is a list of security recommendations that can be used by configuring e.g. routers. The appendix presents two laboratory exercises. The aim is to give students an opportunity to learn something about programs and technologies which are used in practise by IT experts to check the weaknesses of their networks.

While there are many examples to turn to regarding the thriving phenomenon of private persons being exploited to launch cyber attacks on behalf of states, this thesis will direct it’s attention onto two special cases. Russia has been accused of being the state actor behind the cyber attacks on Estonia in 2007 and Georgia in 2008. The cases are chosen as Estonia have been recognised as the first coordinated cyber attack on a foreign country, and Georgia being the first case were cyber attacks have been utilised in synchronisation with military action. The purpose of the thesis is to analyse the facts of each case in relation to the International Law Commission’s Draft Articles on Responsibility of States for Internationally Wrongful Acts (DARSIWA). The analysis will work through article 4, article 5, article 8 and article 11. The main question is how Russia may be hold as legally responsible under international law for the private conduct of ’patriotic’ hackers, the Nashi Youth Group and the Russian Business Network. The thesis concludes that while the circumstances of each case highly indicate state-involvement, this cannot be proven under the respective criterias of the articles and Russia does therefore not bear legal responsibility.

Computer hacking has come to represent something negative within mainstream society and is typically associated with malicious or criminal acts. However, for those involved in hacking, this practice typically means something quite different and much more positive in nature. Recently, hacking has also gained increasing popular appeal with greater interest in the role of hackers in the history of technology. This portrayal, however, represents hacking in a binary way, portraying the activity as either ‘good’ or ‘bad’ rather than as the reality of a complex and heterogeneous set of practices and ethics. It is within this context that the Civic Hacking movement has emerged. Those involved in Civic Hacking apply these ethics on a global and local scale to create projects which aim to solve a range of social problems using technology and borrowing from the approaches and practices of hacking. These ‘problems’ can include crime; violence; humanitarian disasters such as tsunamis, famine or earthquake; improvements needed to local government in terms of the democratic process or infrastructure; providing access to healthcare, education or banking in remote areas; involving local communities in issues and a range of other challenges which require solutions. This research project explores hacking as a non-technologically specific social practice based around a collection of Hacker Ethics. Through research focusing on hacking events, I argue that Civic Hacking is indicative of the influence of the Hacker Ethic in wider areas of society. In particular, I explore how Civic Hacking is situated within the wider history of hacking; to what extent the technological artefacts produced by Civic Hacking are shaped by the ethics of these groups; whether Civic Hacking is indicative of a democratisation of technologies; and the types of communities which form around Civic Hacking.

WikiLeaks’ rise to prominence in 2010, with its release of classified U.S. government and military documents, polarised opinion worldwide; some viewed it as a cyber-terrorist group, others saw it as journalism’s saviour. WikiLeaks and Communicative Counterpower investigates why the organisation has been such a contentious cultural and political phenomenon, via a study of its capacity to exercise networked communicative counterpower. The thesis analyses WikiLeaks’ exercise of ideational, cultural and mediated political counterpower, providing a unique mixed methods, critical media studies account of its significance. Drawing largely on hermeneutic approaches the thesis presents a cultural history of WikiLeaks philosophical underpinnings, a cultural production analysis of its claim to journalism, and a news framing analysis of its mediated political counterpower. It argues that WikiLeaks is founded on a hybrid theory of political change, which unites computing technology with the possibility for achieving personal freedom, social agency and more open government. It then demonstrates how WikiLeaks’ operation as a globally networked, radical media organisation challenges the operation of institutional media power and the norms and practices of liberal-pluralist journalism, even as it has appropriated those norms to legitimate its work. Finally the thesis illustrates how WikiLeaks’ perceived challenges to media and political power manifested in critical coverage by elite mainstream media, which framed its activities as transgressive and dismissed its impact, delegitimising it as a political and cultural actor. WikiLeaks is bound into existing circuits of power, which shape and constrain its ability to function as a locus for change. At the same time however the multi-method research design of this work reveals that WikiLeaks evidences signs of counterpower effect in its promotion of information and communication transparency. It provides a particular form of networked social agency to whistleblowers and hence enhances the communicative freedom of individuals to motivate them to pursue change to institutionalised political power relations.

The thesis deals with the topic of computer crime. Foremost, it demonstrates on an example of the operation of a medical image information processing system some selected aspects of this issue. It shows that it is always necessary to monitor the current state of the technical knowledge at the time, but also the need of addressing the issue within the corresponding legal limits. The thesis presents criminal law reality as a complex system. The links between different parts of the system are examined, and possible shortcomings are considered. The legal instruments and legal limits of the procedures that can be used against cybercrime are evaluated. The thesis focuses especially on the issue of obtaining evidence under the Czech Criminal Procedure Code. It presents a proposal on how to understand individual procedural legal institutes and for what purposes and how to use them. Consequently it suggests legal procedures for specific selected practical situations.

Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Marketing Intelligence
Os programas de marketing referral têm vindo a tornar-se numa ferramenta popular entre as empresas. Os seus benefícios são um tema polémico na literatura, uma vez que são programas propensos a atraírem utilizadores com um comportamento de compra oportunista. Como resultado disso, a entrega de recompensas despoleta uma corrida ao reward por parte de utilizadores com perfil oportunista. No presente estudo, propomos um modelo matemático baseado em agentes e suportado por 20.000 simulações, capaz de estudar o impacto desta população na disseminação do programa e na sua lucratividade. Mostrámos que os agentes interessados numa recolha oportunista do reward são responsáveis pelo sucesso do programa e pela sua disseminação. Este efeito ganha dimensão quando a disparidade monetária entre o custo do serviço e o valor do reward é maior. Por fim, concluímos que o aumento do número de convites, que os oportunistas realizam, despoleta uma intensificação dos resultados supra indicados.
Referral marketing programs have become a popular tool among businesses. Its benefits are a controversial topic in the literature, as they are programs likely to attract users with opportunistic buying behavior. As a result, reward distribution triggers a rush for rewards by users who have this opportunistic behavior. In the present study, we propose a mathematical model based on agents and supported by 20.000 simulations, capable of studying the impact of this population on the dissemination of the program and its profitability. We have shown that agents interested in an opportunistic reward collection are responsible for the success of the program and its dissemination. This effect gains dimension when the monetary disparity between the cost of the service and the reward value is greater. Finally, we conclude that the increase in the number of invitations that opportunists make triggers the intensification of the above results.

Relatório Final Estágio do Mestrado Engenharia Informática apresentado à Faculdade de Ciências e Tecnologia da Universidade de Coimbra.
Security was not always an important aspect in terms of networking and hosts. Nowadays, it is absolutely mandatory. Security measures must make an e ort to evolve at the same rate, or even at a higher rate, than threats, which is proving to be the most di cult of tasks. In this report we will detail the process of the implementation of a real distributed intrusion detection and reaction system, that will be responsible for securing a core set of networks already in production, comprising of thousands of servers, users and their respective con dential information.

abstract: Malicious hackers utilize the World Wide Web to share knowledge. Previous work has demonstrated that information mined from online hacking communities can be used as precursors to cyber-attacks. In a threatening scenario, where security alert systems are facing high false positive rates, understanding the people behind cyber incidents can help reduce the risk of attacks. However, the rapidly evolving nature of those communities leads to limitations still largely unexplored, such as: who are the skilled and influential individuals forming those groups, how they self-organize along the lines of technical expertise, how ideas propagate within them, and which internal patterns can signal imminent cyber offensives? In this dissertation, I have studied four key parts of this complex problem set. Initially, I leverage content, social network, and seniority analysis to mine key-hackers on darkweb forums, identifying skilled and influential individuals who are likely to succeed in their cybercriminal goals. Next, as hackers often use Web platforms to advertise and recruit collaborators, I analyze how social influence contributes to user engagement online. On social media, two time constraints are proposed to extend standard influence measures, which increases their correlation with adoption probability and consequently improves hashtag adoption prediction. On darkweb forums, the prediction of where and when hackers will post a message in the near future is accomplished by analyzing their recurrent interactions with other hackers. After that, I demonstrate how vendors of malware and malicious exploits organically form hidden organizations on darkweb marketplaces, obtaining significant consistency across the vendors’ communities extracted using the similarity of their products in different networks. Finally, I predict imminent cyber-attacks correlating malicious hacking activity on darkweb forums with real-world cyber incidents, evidencing how social indicators are crucial for the performance of the proposed model. This research is a hybrid of social network analysis (SNA), machine learning (ML), evolutionary computation (EC), and temporal logic (TL), presenting expressive contributions to empower cyber defense.
Dissertation/Thesis
Doctoral Dissertation Computer Science 2020

Diploma thesis 77 million PlayStation Network accounts stolen, does it affect us?: An analysis of Internet discussions revolving around this topic deals with the case of what so far seems to be the biggest case of user information leak on the Internet. The introduction outlines the history and development of PlayStation consoles and maps major attempts to jailbreak the last generation of the console by hackers. The following section presents PlayStation Network itself, whose users were at risk of the loss of their online identity because of the attack and chronologically describes the course of breach-related events including the subsequent theft of user data. It also focuses in detail on the case of GeoHot - a hacker whose dispute with Sony alienated fellow hacker community and initiated retaliatory activities which as a result led to loss of data. Another part of the thesis examines the issue of digital identity and its protection, gives an insight into the history of the formation of the hacker community and further explains the phenomenon of existence and perception of the term hacker in the context of the Internet. The final section is devoted to analysis of selected discussion posts under thematically relevant articles, analyzes them in terms of content relevance, information sentiment and...

MANET is a self-con guring, decentralized and infrastructure-less mobile wireless network, where autonomous mobile nodes (such as laptops, smartphones, sensors, etc.) communicate over the wireless channels. Thus, MANETs are suitable for supporting decentralized and mo- bile applications in the areas, like healthcare, military, commercial, education and many others. However, MANETs consist of limited transmission range, limited device capabilities, unreliable wireless links, dynamic changes in network topology, lack of security, etc., which introduce sev- eral vulnerabilities that must be dealt with to achieve the success of MANETs. A vulnerability is a weakness, that is exploited by the attackers to introduce privacy breaches during route es- tablishment and data transfer stages. In route establishment stage, the nodes have to disclose some of the routing information such as their identity, location, etc., which can be obtained by an attacker at the malicious intermediate nodes, thus resulting in privacy breach. Due to wireless nature of links between the mobile nodes, the attackers can identify the communicating nodes just by overhearing and tracing the transmitted data packets from sender to receiver, thus breaching privacy during the data transfer stage. Thus, lack of strong privacy preserving solutions may lead to highly unacceptable results, such as real-time tracking of location move- ments, the disclosure of sensitive data, etc. In this thesis, we propose solutions to preserve location privacy and data privacy in MANETs, which are paramount to ensure acceptance of MANET applications. We have applied Rough Set Theory (RST) concepts, as it is efficiently used for classi cation of nodes, and generating privacy policies with minimum overheads by eliminating redundant information. First, we design and develop, a Location Privacy Preservation (LPP) protocol which estab- lishes an untraceable route between communicating nodes while preserving location privacy. The sender initiates the establishment of a route to a receiver through trusted nodes, where RST de nes the trust attributes such as resource availability, node reliability and node history of 1-hop neighbor nodes. The trust value (or trustworthiness) of a node is determined based on their trust attribute values. The route between sender and receiver nodes is established through trusted nodes only, and these trusted nodes act as the temporary sender for their next hop, till the receiver is reached. To ensures that the route is established with designated trusted node, and to check for any suspected situation, challenge-response messages are exchanged at each hop. The proposed LPP protocol is evaluated through simulation and also compared with earlier works. We discuss the performance analysis of the LPP protocol. We provide a formal veri cation model to shows the validity of the LPP protocol using ProVerif tool (an automatic formal protocol veri cation tool), which is utilized to formalize the functions of LPP protocol using ProVerif's calculus. The data transmitted may contain sensitive information, and undesired disclosure of in- formation can lead to the launching of various attacks, thus breaching the data privacy. For this, we have proposed a Data Privacy Preservation (DPP) scheme based on data anonymity approach, where RST concepts are applied to determine the level of data anonymity during the data transfer. Data packets are enclosed within capsules that can be opened only by the designated nodes, thus preventing the undesired leakage of the data. On the suspected situa- tions, challenge-response messages are exchanged to check data privacy violations by next hop trusted node. The route between sender and receiver is changed dynamically at each hop. The proposed DPP scheme is evaluated through simulation, and compared with some of the earlier works. The performance analysis of DPP scheme is discussed. Also, DPP scheme is tested by considering different case studies in a MANET deployed for the stock market application. Due to the development in the technology and realistic result expectation of the user, it is required to develop more practical privacy preserving solutions by collecting the context information. In this connection, we have extended the LPP protocol to a Context based Loca- tion Privacy Maintenance (CLPM) scheme, which takes context information related to nodes en route to maintain location privacy during the data transfer. RST concepts are applied to determine the privacy maintenance level of next hop trusted node, and then based on the pri- vacy maintenance level, failure to preserve location privacy are identi fied. The challenge and response messages are exchanged at each hop to ensure that trusted node maintains location privacy. If location privacy violation is detected, then the route is locally repaired. Otherwise, if there is no location privacy violation, then data is transferred through the same trusted node. The performance of CLPM scheme is evaluated through simulation, and compared with the earlier works. The performance analysis of CLPM scheme is carried out. Healthcare is currently, one of the most attractive application areas in the Internet of Things (IoT), which includes many benefi ts such as real-time patient monitoring, elderly care, and much more. However, privacy in IoT healthcare remains the most challenging obstacle, which requires dynamic privacy protection solutions for preserving the privacy of patients, doctors, etc. Thus, proposed privacy preserving protocol and schemes are applied to preserve location privacy and data privacy in the IoT healthcare application. Then, some of the healthcare transactions are illustrated to test the working of proposed privacy preserving protocol and schemes. In summary, in this work, we have designed: 1) a location privacy preservation protocol which establishes an untraceable route between sender and receiver, and preserves location pri- vacy; 2) a data privacy preservation scheme based on data anonymity approach, where concepts of RST are applied to hide the sensitive data during data transfer; 3) a context based location privacy maintenance scheme, which takes context information of nodes en route to maintain location privacy; and 4) an IoT healthcare application is considered to test the designed pro- tocol and schemes for preserving location privacy and data privacy. Simulations are performed in different MANET environments to test the proposed protocol and schemes. The simulation and analytical results obtained show the importance of the approaches and the efficiency of the proposed protocol and schemes, which could be implemented in the existing applications. Based on obtained solutions, the system can be applied to any network by adapting the nature of communications and security challenges of that network.

The Electronic Communications and Transactions Act, 25 of 2002, eradicated various lacunae that previously existed in respect of cyber crimes. Cyber crimes such as inter alia hacking, rogue code, unauthorised modification of data and denial of service attacks have now been criminalised. Specific criminal provisions in relation to spamming, computer-related fraud and extortion have also been included in the Act. It is argued that theft of incorporeal items such as information has already been recognised in our law, but has not been taken to its logical conclusion in our case law. However, there are instances where neither the common law nor our statutory provisions are applicable and where there is still a need for legislative intervention. The Act sufficiently deals with jurisdiction, the admissibility of data messages, the admissibility of electronic signatures and the regulation of cryptography. Cyber inspectors are a new addition to law enforcement.
Jurisprudence
L. L. M.

E-crimes continue to generate grave challenges to the ICT regulatory agenda. Because e-crimes involve a wrongful appropriation of information online, it is enquired whether information is property which is capable of being stolen. This then requires an investigation to be made of the law of property. The basis for this scrutiny is to establish if information is property for purposes of the law. Following a study of the Roman-Dutch law approach to property, it is argued that the emergence of an information society makes real rights in information possible. This is the position because information is one of the indispensable assets of an information society. Given the fact that information can be the object of property, its position in the law of theft is investigated. This study is followed by an examination of the conventional risks that ICTs generate. For example, a risk exists that ICTs may be used as the object of e-crimes. Furthermore, there is a risk that ICTs may become a tool in order to appropriate information unlawfully. Accordingly, the scale and impact of e-crimes is more than those of the offline crimes, for example theft or fraud. The severe challenges that ICTs pose to an information society are likely to continue if clarity is not sought regarding: whether ICTs can be regulated or not, if ICTs can be regulated, how should an ICT regulatory framework be structured? A study of the law and regulation for regulatory purposes reveals that ICTs are spheres where regulations apply or should apply. However, better regulations are appropriate in dealing with the dynamics of these technologies. Smart-regulations, meta-regulations or reflexive regulations, self-regulations and co-regulations are concepts that support better regulations. Better regulations enjoin the regulatory industries, for example the state, businesses and computer users to be involved in establishing ICT regulations. These ICT regulations should specifically be in keeping with the existing e-authentication measures. Furthermore, the codes-based theory, the Danger or Artificial Immune Systems (the AIS) theory, the Systems theory and the Good Regulator Theorem ought to inform ICT regulations. The basis for all this should be to establish a holistic approach to e-authentication. This approach must conform to the Precautionary Approach to E-Authentication or PAEA. PAEA accepts the importance of legal rules in the ICT regulatory agenda. However, it argues that flexible regulations could provide a suitable framework within which ICTs and the ICT risks are controlled. In addition, PAEA submit that a state should not be the single role-player in ICT regulations. Social norms, the market and nature or architecture of the technology to be regulated are also fundamental to the ICT regulatory agenda.
Jurisprudence
LL. D.

The thesis deals with the emergence of bank and non-bank entities that provide a range of unique transaction-based payment services broadly called Mobile Financial Services (MFS) to unbanked, underserved and underbanked persons via mobile phones. Models of MFS from Mobile Network Operators (MNOs), banks, combinations of MNOs and banks, and independent Mobile Financial Services Providers are covered. Provision by non-banks of ‘bank-type’ services via mobile phones has been termed ‘transformational banking’ versus the ‘additive banking’ services from banks. All involve the concept of ‘branchless banking’ whereby ‘cash-in/cash out’ services are provided through ‘agents.’ Funds for MFS payments may available through a Stored Value Product (SVP), particularly through a Stored Value Account SVP variant offered by MNOs where value is stored as a redeemable fiat- or mobile ‘airtime’-based Store of Value. The competitive, legal, technical and regulatory nature of non-bank versus bank MFS models is discussed, in particular the impact of banking, payments, money laundering, telecommunications, e-commerce and consumer protection laws. Whether funding mechanisms for SVPs may amount to deposit-taking such that entities could be engaged in the ‘business of banking’ is discussed. The continued use of ‘deposit’ as the traditional trigger for the ‘business of banking’ is investigated, alongside whether transaction and paymentcentric MFS rises to the ‘business of banking.’ An extensive evaluation of ‘money’ based on the Orthodox and Claim School economic theories is undertaken in relation to SVPs used in MFS, their legal associations and import, and whether they may be deemed ‘money’ in law. Consumer protection for MFS and payments generally through current statute, contract, and payment law and common law condictiones are found to be wanting. Possible regulatory arbitrage in relation to MFS in South African law is discussed. The legal and regulatory regimes in the European Union, Kenya and the United States of America are compared with South Africa. The need for a coordinated payments-specific law that has consumer protections, enables proportional risk-based licensing of new non-bank providers of MFS, and allows for a regulator for retail payments is recommended. The use of trust companies and trust accounts is recommended for protection of user funds. | vi
Public, Constitutional and International Law
LLD