Tor and i2p networks are two of the most popular darknets. Both darknets have become an area of illegal activities highlighting the necessity to study and analyze them to identify and report illegal content to Law Enforcement Agencies (LEAs). This paper analyzes the connections between the Tor network and the i2p network. We created the first dataset that combines information from Tor and i2p networks. The dataset contains more than 49k darknet services. The process of building and analyzing the dataset shows that it is not possible to explore one of the networks without considering the other. Both networks work as an ecosystem and there are clear paths between them. Using graph analysis, we also identified the most relevant domains, the prominent types of services in each network, and their relations. Findings are relevant to LEAs and researchers aiming to crawl and investigate i2p and Tor networks.
Nowadays, the Zero Trust model has become one of the standard security models. This paradigm stipulates as mandatory the protection of each endpoint, looking for providing security to all the network. To meet this end, it is necessary to guarantee the integrity of the access control systems. One possibility for bringing security to the different endpoints is continuous authentication, as an access control system. Continuous authentication is the set of technologies capable of determining if a user’s identity remains in time; whether he is the legitimate user (i.e., the only one who should know the secret credentials) or the identity has been impersonated by someone else after the authentication’s process was completed. Continuous authentication does not require the active participation of the user. Aiming to identify the different technologies involved in continuous authentication’s implementations, evaluation methods, and its use cases, this paper presents a systematic review that synthesizes the state of the art. This review is conducted to get a picture about which data sources could allow continuous authentication, in which systems it has been successfully implemented, and which are the most adequate ways to process the data. This review also identifies the defining dimensions of continuous authentication systems.
Continuous authentication (CA) is the process to verify the user’s identity regularly without their active participation. CA is becoming increasingly important in the mobile environment in which traditional one-time authentication methods are susceptible to attacks, and devices can be subject to loss or theft. The existing literature reports CA approaches using various input data from typing events, sensors, gestures, or other user interactions. However, there is significant diversity in the methodology and systems used, to the point that studies differ significantly in the features used, data acquisition, extraction, training, and evaluation. It is, therefore, difficult to establish a reliable basis to compare CA methods. In this study, keystroke mechanics of the public HMOG dataset were used to train seven different machine learning classifiers, including ensemble methods (RFC, ETC, and GBC), instance-based (k-NN), hyperplane optimization (SVM), decision trees (CART), and probabilistic methods (naïve Bayes). The results show that a small number of key events and measurements can be used to return predictions of user identity. Ensemble algorithms outperform others regarding the CA mobile keystroke classification problem, with GBC returning the best statistical results.
Several continuous authentication methods provide very accurate ways of detecting the impersonation of a user. However, even though they should be access control chain's links, they are commonly documented as algorithms unrelated to any system. In this paper, we propose a continuous authentication architecture to integrate several kinds of continuous authentication engines in a complete framework. The architecture covers different use cases where continuous authentication methods, placed in the user's device or in the cloud, collaborate to determine if the user's identity has changed. We use ensemble learning principles to combine the values generated by each CA model, and compute the trust level adaptively, addressing common errors caused by changes in the environments of continuous authentication systems.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.