YoVDO

Risky Business - Investigating the Security Practices of Vendors on an Online Anonymous Market Using Ground-Truth Data

Offered By: USENIX via YouTube

Tags

USENIX Security Courses Cybersecurity Courses Quantitative Analysis Courses Two-Factor Authentication (2FA) Courses

Course Description

Overview

Explore a 16-minute conference talk from USENIX Security '21 that investigates the security practices of vendors on online anonymous markets using ground-truth data. Delve into the research conducted by Jochem van de Laarschot and Rolf van Wegberg from Delft University of Technology, examining the prevalence of poor security practices among cybercriminal entrepreneurs on Hansa Market (2015-2017). Learn about the creation of 'vendor types' through latent profile analysis and how these types differ in their security practices, including password strength, 2FA usage, PGP adoption, and cash-out traceability. Discover the counter-intuitive findings that vendors of digital items often employ less secure practices compared to those selling physical goods like drugs. Gain insights into the competing business incentives that may lead cybercriminals to compromise on security despite operating in a high-risk environment.

Syllabus

Introduction
Online Anonymous Markets
Poor Security Practices
Method
Vendor Types
Security Practices
Password Strength
PGP Keys
Conclusion


Taught by

USENIX

Related Courses

Never Been KIST - Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport
USENIX via YouTube
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network
USENIX via YouTube
Control-Flow Bending - On the Effectiveness of Control-Flow Integrity
USENIX via YouTube
Protecting Privacy of BLE Device Users
USENIX via YouTube
K-Fingerprinting - A Robust Scalable Website Fingerprinting Technique
USENIX via YouTube