Project R-10918

Title

Facing Cyber security threats head-on through insight, prevention and education (Research)

Abstract

The amount and impact of cyber security incidents have increased rapidly over the past few years. Attacks have become more targeted and have an increased financial impact. Over 12 million USD worth of ransomware payments were made between 2013 and mid-2017. Mostly, criminals enter systems using spear phishing. Multiple techniques to detect these attacks and decrease their success rate have already been described in literature or are available in commercial products, but few are successful under real-life conditions on a large scale. When the attacker succeeds in installing malware and encrypting all the user's files, a ransom will be requested. To remove traces of these payments, attackers embrace the pseudo-anonymity of cryptocurrencies to obfuscate their identity. Meanwhile, improved protection on the network level makes it harder for phishers to mislead their victims. New protocol designs try to achieve this by encrypting nearly all user data in transit. These new services are imperfect, as they are typically deployed in a highly centralized way, and are not always compatible with legacy systems. This proposal strives to tackle these issues and focus on the user perspective. New methods will be developed to protect users from becoming a victim, systems for automatic detection of malicious cryptocurrency wallets will be proposed and the implementation and consequences of the encrypted web will be studied. All aiming to improve security for and awareness of users online.

Period of project

01 November 2020 - 30 April 2022