Exploits

Sizing the Opportunity for Opportunistic Cybercriminals

ABSTRACT

According to Graboske, et al ‘the fundamental principle of criminology is that crime follows opportunity, and the opportunities for theft abound in the Digital Age’. But what is the extent of this opportunity? There are numerous hacker toolkits readily available from the Internet that exploits security weaknesses in target systems. This paper presents the results of a 11⁄2- year survey of websites that tested for such weaknesses. The author examined popular ‘hacker’ toolkits and assembled a data collection toolkit that tested for 70 exploits. Whilst some 2 million websites were targeted across the 57 most populous domains, 748,000 are reported. Of these, 77% displayed susceptibility to at least one exploit. Whilst this indicates significant opportunity, it also demonstrates the lack of capable guardianship by system owners and those tasked with protecting cyberspace. The facts that ISPs’ fail to collect identification details and allows bulk system scanning are factors that facilitate the commission of cybercrime.

PrEP: A Framework for Malware & Cyber Weapons

ABSTRACT

The contemporary debate over cybersecurity rests on a set of linguistic artifacts that date from the Cold War. Attempting to glean a starting point for debate over use of terms such as ‘cyber attack’ or ‘cyber war’ is difficult, largely because there is little agreement on what constitutes a weapon in cyberspace. This paper proposes a new framework to classify malware and cyber weapons based on the different pieces of malicious code that constitute them, then evaluates competing definitions of cyber weapons, and concludes with implications for this approach.

Locating Zero-Day Exploits with Coarse-Grained Forensics

ABSTRACT

This paper describes a novel coarse-grained forensics capability for locating zero-day exploits by recording and correlating on-host actions with network packets, with no discernible impact on user experience. The technology builds upon the Bear micro-kernel, a clean-slate custom OS specifically designed with modern Intel security features and Multics style protections. The capability provides an alternative to fine-grained techniques, such as memory taint tracking, that are intractable approaches for high-volume Internet facing servers. Two associated network attack scenarios, modelled from typical website designs, are described in order to illustrate how the technique can be used, and the associated results are presented.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com