YoVDO

Risky Business - Investigating the Security Practices of Vendors on an Online Anonymous Market Using Ground-Truth Data

Offered By: USENIX via YouTube

Tags

USENIX Security Courses Cybersecurity Courses Quantitative Analysis Courses Two-Factor Authentication (2FA) Courses

Course Description

Overview

Explore a 16-minute conference talk from USENIX Security '21 that investigates the security practices of vendors on online anonymous markets using ground-truth data. Delve into the research conducted by Jochem van de Laarschot and Rolf van Wegberg from Delft University of Technology, examining the prevalence of poor security practices among cybercriminal entrepreneurs on Hansa Market (2015-2017). Learn about the creation of 'vendor types' through latent profile analysis and how these types differ in their security practices, including password strength, 2FA usage, PGP adoption, and cash-out traceability. Discover the counter-intuitive findings that vendors of digital items often employ less secure practices compared to those selling physical goods like drugs. Gain insights into the competing business incentives that may lead cybercriminals to compromise on security despite operating in a high-risk environment.

Syllabus

Introduction
Online Anonymous Markets
Poor Security Practices
Method
Vendor Types
Security Practices
Password Strength
PGP Keys
Conclusion


Taught by

USENIX

Related Courses

Computer Security
Stanford University via Coursera
Cryptography II
Stanford University via Coursera
Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera
Building an Information Risk Management Toolkit
University of Washington via Coursera
Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network