The Dark Web is notorious for being a major distribution channel of harmful content as well as unlawful goods. Perpetrators have also used cryptocurrencies to conduct illicit financial transactions while hiding their identities. The limited coverage and outdated data of the Dark Web in previous studies motivated us to conduct an in-depth investigative study to understand how perpetrators abuse cryptocurrencies in the Dark Web. We designed and implemented MFScope, a new framework which collects Dark Web data, extracts cryptocurrency information, and analyzes their usage characteristics on the Dark Web. Specifically, MFScope collected more than 27 million dark webpages and extracted around 10 million unique cryptocurrency addresses for Bitcoin, Ethereum, and Monero. It then classified their usages to identify trades of illicit goods and traced cryptocurrency money flows, to reveal black money operations on the Dark Web. In total, using MFScope we discovered that more than 80% of Bitcoin addresses on the Dark Web were used with malicious intent; their monetary volume was around 180 million USD, and they sent a large sum of their money to several popular cryptocurrency services (e.g., exchange services). Furthermore, we present two real-world unlawful services and demonstrate their Bitcoin transaction traces, which helps in understanding their marketing strategy as well as black money operations.
The Internet of Things (IoT), based on interconnected devices, enables a variety of elegant new services that could not be realized in a traditional environment, and many of these services harvest the information of a potentially sensitive and private nature belonging to individual users. Unfortunately, existing security functions used to protect such information are difficult to implement in an IoT environment due to the widely varying capacities, functionalities, and security requirements of IoT devices. In this work, to protect against unrestricted accesses to other devices and information extortion from these devices, we propose SODA, a secure IoT gateway that enables a device-side dynamic access control and is capable of deploying various security services to protect sensitive and private information. To show its effectiveness and practicality, we assume that a large number of IoT devices are crowded around an IoT gateway, and we implement a prototype of SODA for such an environment based on software-defined-networking (SDN) and integrate virtual network functions (VNFs) over network function virtualization (NFV) on top of a real IoT device. From our evaluation, we demonstrate how SODA mitigates real-world attacks through its security functions, and presents how it satisfies the performance requirements of a real environment.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.