Cryptography: Malicious Cryptography – Exposing Cryptovirology

Young, Adam; Yung, Moti

doi:10.1016/s0267-3649(04)00079-2

Cited by 60 publications

(77 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Ransomware: In 2004, Young and Yung first suggested the idea of a virus that encrypts data on victims' computers using an asymmetric cipher and holds it hostage for ransom [22]. The decryption key is not embedded in the virus codebase, so the attack cannot be reverse-engineered.…”

Section: Theft and Malwarementioning

confidence: 99%

Bitcoin: Perils of an Unregulated Global P2P Currency

Ali

Clarke

McCorry

2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Bitcoin has, since 2009, become an increasingly popular online currency, in large part because it resists regulation and provides anonymity. We discuss how Bitcoin has become both a highly useful tool for criminals and a lucrative target for crime, and argue that this arises from the same essential ideological and design choices that have driven Bitcoin's success to date. In this paper, we survey the landscape of Bitcoinrelated crime, such as dark markets and bitcoin theft, and speculate about possible future possibilities, including tax evasion and money laundering. AbstractBitcoin has, since 2009, become an increasingly popular online currency, in large part because it resists regulation and provides anonymity. We discuss how Bitcoin has become both a highly useful tool for criminals and a lucrative target for crime, and argue that this arises from the same essential ideological and design choices that have driven Bitcoin's success to date. In this paper, we survey the landscape of Bitcoin-related crime, such as dark markets and bitcoin theft, and speculate about possible future possibilities, including tax evasion and money laundering. Abstract. Bitcoin has, since 2009, become an increasingly popular online currency, in large part because it resists regulation and provides anonymity. We discuss how Bitcoin has become both a highly useful tool for criminals and a lucrative target for crime, and argue that this arises from the same essential ideological and design choices that have driven Bitcoin's success to date. In this paper, we survey the landscape of Bitcoin-related crime, such as dark markets and bitcoin theft, and speculate about possible future possibilities, including tax evasion and money laundering. About the authors

show abstract

Section: Theft and Malwarementioning

confidence: 99%

Bitcoin: Perils of an Unregulated Global P2P Currency

Ali

Clarke

McCorry

2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…We envision many applications of the approach proposed in this paper, including: -Malware analysis: A Trojan that employs cryptovirology [6] and exploits covert channels in commodity operating systems could be placed in a virtual machine and the mutual information between various inputs (e.g., credit card numbers, passwords, personal files) and potential outputs (e.g., the network, the hard drive) could be measured as an analysis of the Trojan's capabilities and purpose. -Testing to guide system design: The basic framework for information flow measurement via repeated deterministic replays presented in this paper could be used to test existing systems for inference and side channels [7][8][9][10].…”

Section: Applicationsmentioning

confidence: 99%

“…In this example two bits are simply masked out and written directly to the hard drive 6 . Figure 2(b) shows that after 38 replays of the transaction only four states have been observed, so that with 99.8% confidence (see Section 4.3) we can reject the null hypothesis and ensure that the policy ǫ = 2 was enforced.…”

Section: Prototype Implementation and Examplementioning

confidence: 99%

Putting Trojans on the Horns of a Dilemma: Redundancy for Information Theft Detection

Crandall

Brevik

et al. 2009

Transactions on Computational Science IV

View full text Add to dashboard Cite

Abstract. Conventional approaches to either information flow security or intrusion detection are not suited to detecting Trojans that steal information such as credit card numbers using advanced cryptovirological and inference channel techniques. We propose a technique based on repeated deterministic replays in a virtual machine to detect the theft of private information. We prove upper bounds on the average amount of information an attacker can steal without being detected, even if they are allowed an arbitrary distribution of visible output states. Our intrusion detection approach is more practical than traditional approaches to information flow security. We show that it is possible to, for example, bound the average amount of information an attacker can steal from a 53-bit credit card number to less than a bit by sampling only 11 of the 2 53 possible outputs visible to the attacker, using a two-pronged approach of hypothesis testing and information theory.

show abstract

“…Our goal, of course, is not to empower criminal operations, but to evaluate this threat so that preemptive solutions may be devised. This is in the spirit of existing research efforts exploring emergent threats (such as cryptovirology [7] and the FORWARD initiative [8]). Our specific contributions are:…”

Section: Introductionmentioning

confidence: 99%

ZombieCoin: Powering Next-Generation Botnets with Bitcoin

Ali

McCorry

Lee

et al. 2015

Financial Cryptography and Data Security

View full text Add to dashboard Cite

Abstract. Botnets are the preeminent source of online crime and arguably the greatest threat to the Internet infrastructure. In this paper, we present ZombieCoin, a botnet command-and-control (C&C) mechanism that runs on the Bitcoin network. ZombieCoin offers considerable advantages over existing C&C techniques, most notably the fact that Bitcoin is designed to resist the very regulatory processes currently used to combat botnets. We believe this is a desirable avenue botmasters may explore in the near future and our work is intended as a first step towards devising effective countermeasures.

show abstract

Cryptography: Malicious Cryptography – Exposing Cryptovirology

Cited by 60 publications

References 0 publications

Bitcoin: Perils of an Unregulated Global P2P Currency

Bitcoin: Perils of an Unregulated Global P2P Currency

Putting Trojans on the Horns of a Dilemma: Redundancy for Information Theft Detection

ZombieCoin: Powering Next-Generation Botnets with Bitcoin

Contact Info

Product

Resources

About