DOCSLIB.ORG

How to Use Encryption and Privacy Tools to Evade Corporate Espionage

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

How to use Encryption and Privacy Tools to Evade Corporate Espionage An ICIT White Paper Institute for Critical Infrastructure Technology August 2015 NOTICE: The recommendations contained in this white paper are not intended as standards for federal agencies or the legislative community, nor as replacements for enterprise-wide security strategies, frameworks and technologies. This white paper is written primarily for individuals (i.e. lawyers, CEOs, investment bankers, etc.) who are high risk targets of corporate espionage attacks. The information contained within this briefing is to be used for legal purposes only. ICIT does not condone the application of these strategies for illegal activity. Before using any of these strategies the reader is advised to consult an encryption professional. ICIT shall not be liable for the outcomes of any of the applications used by the reader that are mentioned in this brief. This document is for information purposes only. It is imperative that the reader hires skilled professionals for their cybersecurity needs. The Institute is available to provide encryption and privacy training to protect your organization’s sensitive data. To learn more about this offering, contact information can be found on page 41 of this brief. Not long ago it was speculated that the leading world economic and political powers were engaged in a cyber arms race; that the world is witnessing a cyber resource buildup of Cold War proportions. The implied threat in that assessment is close, but it misses the mark by at least half. The threat is much greater than you can imagine. We have passed the escalation phase and have engaged directly into full confrontation in the cyberwar. State-sponsored hacking groups are regularly committing targeted and complex attacks against governments, businesses, and individuals. In this new reality there are two possibilities when it comes to your own personal/business data and the data of your clients. The first possibility is that you and your business are already breached in some way and have been for some time now. Somewhere in your system (at home, the office, your cellphone/tablet, or even your smartwatch) state-sponsored hackers from China, the Eastern Bloc, North Korea, or even Iran have placed software that allows them to quietly watch your every online move and record it all; thereby, stealing away information that provides them with a decided advantage in business negotiations or outright stealing intellectual property to copy it with impunity. Hacker groups like Anonymous, The Syrian Electronic Army, The Chaos Computer Club (Europe), and Tarh Andishan (Iran) may be siphoning off the your organization’s most treasured secrets for no other reason than to expose them to the world and embarrass those you protect. Further, compromised systems, potentially including every PC in your organization, are infected and their resources are used to assist in attacks against other organizations, such as dedicated- denial-of-service (DDoS) attacks. Your organization can be investigated by the FBI or carry liability for attacks made against other organizations from your network. In today’s climate bad actors are not always sitting half a world away. Often it is an employee whose laissez faire attitude or ignorance about basic cyber security methods brings down even the most sophisticated organization. Given the current state of the Federal cybersecurity landscape, odds are that there will be no white knights on charging steeds coming to your rescue anytime soon. They are going to be busy setting their own houses in order. More likely is that you will get more and more regulations to comply with and stiffer penalties to endure for failing to do so. The second possibility is that your organization is about to be breached and you have the opportunity to proactively prevent that occurrence. There is absolutely no chance that everything is just fine and you have nothing at all about which to be concerned. Unsuspecting targets and those who do not appreciate the threat are the most appealing victims. Everything is up for grabs in the escalating cyberwar. Are you willing to risk everything? Those perpetrating these attacks are interested in every detail they can collect and that includes the most mundane pieces of daily life. Some information is useful for decades, and other information, including expired records, can be fed into Big Data algorithms to generate valuable information. In a world of legal holds and incredibly long file retention requirements, legal organizations are a massive treasure hoard capable of sustaining those who breach them for decades. These bad actors are patient, well-funded (especially if they are state-sponsored), and have the strength of numbers on their side. Vandals and criminals pursue quick payoffs and easy returns but foreign governments value a broader palate of information and they have limitless resources and patience. Once attackers penetrate a system, they may continuously monitor the network in real time until they choose to act. Adversaries may even patch vulnerabilities behind them so that other parties do not also breach the system and set off alerts. Becoming discouraged at the possibility of a full-court press against your existing cybersecurity measures is exactly what these groups count on. Constant vigilance is the first block in a solid foundation to protecting yourself, your business, and your clients. In the following pages you will see that there is a combination of small steps that, when executed in concert, make your organization a much more difficult target to hit and thus less appealing to groups who often begin by looking for the easiest/fastest win they can get. This is by no means a talisman or magic bullet that will prevent all cyber-attacks, but often making yourself a more difficult target than your competitors is enough to mitigate most attacks. Attackers have breached 96% of organizations across all sectors, including Legal, Financial, Healthcare, Pharmaceutical, and Government, at some point in the past decade. According to Bloomberg Business, adversaries have breached 80 of the biggest 100 law firms, by revenue, since 2011. Clients are pressuring organizations to adequately protect their data under the threat of migration to another firm. No organization wants to publically admit that they their unprotected systems and cyber-apathy assisted the exfiltration of client intellectual property. Data is no longer solely safe behind the layered security supporting organizations because sophisticated actors, who cannot breach the defenses, will alter their strategy and target the employees supporting the organization instead of attacking the system directly. The most prevalent and by far the most successful attack vector against an organization is social engineering, the process where an attacker, bent on soliciting confidential information or minute organizational details, interacts with an employee person-to-person via email, phone, or real life. This process is akin to the big bad wolf knocking on the door and asking for a cup of sugar instead of trying to huff, puff, and blow the brick house down. Social engineering attacks, which range from stealing user login information to mapping the organizational structure, are so successful that if you think of a major breach that has appeared in the media in the past 5 years (Ashley Madison, Darkode, OPM, Target, etc.) there is almost a certain likelihood that the breach began as a social engineering attack. Simply, if an actor knows who you are, what you do, when you do it, where you browse online, why you interact online, and how you access the internet, then the actor literally knows or knows how to learn, every scrap of information necessary to steal your data, financial information, or intellectual property. Fortunately, employees can utilize many of the procedures and tools popularized by the nefarious lot to ensure the levels of privacy, anonymity, and security necessary to prevent personally targeted attacks. Every person in an organization should adopt these preventative measures to ensure organizational resiliency. When an attacker fails to gain entry with their initial target, most often they simply adjust their attack laterally or diagonally in an organization and repeat the endeavor until they achieve success. Blocking the ability to gain a foothold by creating an organizational culture of cybersecurity in this way makes yours a much more difficult target to attack. Data must be protected where it is accessed, where it is stored, and while it is in transit. An increasingly more mobile workforce requires secure access to data on personal computers and smartphones as well as the ability to navigate online without attracting the attention of malicious actors. Predators can be avoided if they never notice prey. Data stored on servers and personal computers must be protected and encrypted. More importantly, the data known to personnel must be protected by training employees to value security, privacy, and anonymity. Information can be securely transferred through encrypted email, encrypted telephony and text message solutions, and through end -to-end encryption solutions such as virtual private network (VPN) connections. Data that must be accessed through the use of mobile devices must be accessed through a containerized solution that keeps the data secured and away from the personal data and apps that a user also keeps on their device. This containerized segment may also be remotely wiped clean and remotely removed from a user’s device when a device is lost or stolen, or if the individual’s association with your organization is terminated. Enterprises can no longer consider best of breed solutions that are narrow in focus. Best of suite tools must be employed that allow data to be protected regardless of the platform and application used to access and interact with it. While this may sound like a daunting and expensive proposition do not be discouraged.
Recommended publications

  • Backbox Penetration Testing Never Looked So Lovely

    DISTROHOPPER DISTROHOPPER Our pick of the latest releases will whet your appetite for new Linux distributions. Picaros Diego Linux for children. here are a few distributions aimed at children: Doudou springs to mind, Tand there’s also Sugar on a Stick. Both of these are based on the idea that you need to protect children from the complexities of the computer (and protect the computer from the children). Picaros Diego is different. There’s nothing stripped- down or shielded from view. Instead, it’s a normal Linux distro with a brighter, more kid-friendly interface. The desktop wallpaper perhaps best We were too busy playing Secret Mario on Picaros Diego to write a witty or interesting caption. exemplifies this. On one hand, it’s a colourful cartoon image designed to interest young file manager. In the programming category, little young for a system like this, but the it children. Some of the images on the we were slightly disappointed to discover it may well work for children on the upper end landscape are icons for games, and this only had Gambas (a Visual Basic-like of that age range. should encourage children to investigate the language), and not more popular teaching Overall, we like the philosophy of wrapping system rather than just relying on menus. languages like Scratch or a Python IDE. Linux is a child-friendly package, but not On the other hand, it still displays technical However, it’s based on Debian, so you do dumbing it down. Picaros Diego won’t work details such as the CPU usage and the RAM have the full range of software available for every child, but if you have a budding and Swap availability.
  • Uila Supported Apps

    Uila Supported Apps

    Uila Supported Applications and Protocols updated Oct 2020 Application/Protocol Name Full Description 01net.com 01net website, a French high-tech news site. 050 plus is a Japanese embedded smartphone application dedicated to 050 plus audio-conferencing. 0zz0.com 0zz0 is an online solution to store, send and share files 10050.net China Railcom group web portal. This protocol plug-in classifies the http traffic to the host 10086.cn. It also 10086.cn classifies the ssl traffic to the Common Name 10086.cn. 104.com Web site dedicated to job research. 1111.com.tw Website dedicated to job research in Taiwan. 114la.com Chinese web portal operated by YLMF Computer Technology Co. Chinese cloud storing system of the 115 website. It is operated by YLMF 115.com Computer Technology Co. 118114.cn Chinese booking and reservation portal. 11st.co.kr Korean shopping website 11st. It is operated by SK Planet Co. 1337x.org Bittorrent tracker search engine 139mail 139mail is a chinese webmail powered by China Mobile. 15min.lt Lithuanian news portal Chinese web portal 163. It is operated by NetEase, a company which 163.com pioneered the development of Internet in China. 17173.com Website distributing Chinese games. 17u.com Chinese online travel booking website. 20 minutes is a free, daily newspaper available in France, Spain and 20minutes Switzerland. This plugin classifies websites. 24h.com.vn Vietnamese news portal 24ora.com Aruban news portal 24sata.hr Croatian news portal 24SevenOffice 24SevenOffice is a web-based Enterprise resource planning (ERP) systems. 24ur.com Slovenian news portal 2ch.net Japanese adult videos web site 2Shared 2shared is an online space for sharing and storage.
  • The Handshake - Establishing Secure Connections Over Insecure Channels

    The Handshake - Establishing Secure Connections Over Insecure Channels

    Lecture 13: The handshake - establishing secure connections over insecure channels Boaz Barak We’ve now compiled all the tools that are needed for the basic goal of cryptography (which is still being subverted quite often) allowing Alice and Bob to exchange messages assuring their integrity and confidentiality over a channel that is observed or controlled by an adversary. Our tools for achieving this goal are: • Public key (aka assymetric) encryption schemes. • Public key (aka assymetric) digital signatures schemes. • Private key (aka symmetric) encryption schemes - block ciphers and stream ciphers. • Private key (aka symmetric) message authentication codes and psedoran- dom functions. • Hash functions that are used both as ways to compress messages for authentication as well as key derivation and other tasks. The notions of security we require from these building blocks can vary as well. For encryption schemes we talk about CPA (chosen plaintext attack) and CCA (chosen ciphertext attacks), for hash functions we talk about collision-resistance, being used (combined with keys) as pseudorandom functions, and then sometimes we simply model those as random oracles. Also, all of those tools require access to a source of randomness, and here we use hash functions as well for entropy extraction. Cryptography’s obsession with adjectives. As we learn more and more cryptography we see more and more adjectives, every notion seems to have modifiers such as “non malleable”, “leakage-resilient”, “identity based”, “concurrently secure”, “adaptive”, “non-interactive”, etc.. etc. Indeed, this motivated a parody web page of an automatic crypto paper title generator. Unlike algorithms, where typically there are straightforward quantitative tradeoffs (e.g., faster is better), in cryptography there are many qualitative ways protocols can vary based on the assumptions they operate under and the notions of security they provide.
  • Wiretapping End-To-End Encrypted Voip Calls Real-World Attacks on ZRTP

    Wiretapping End-To-End Encrypted Voip Calls Real-World Attacks on ZRTP

    Institute of Operating Systems and Computer Networks Wiretapping End-to-End Encrypted VoIP Calls Real-World Attacks on ZRTP Dominik Schürmann, Fabian Kabus, Gregor Hildermeier, Lars Wolf, 2017-07-18 wiretapping difficulty End-to-End Encryption SIP + DTLS-SRTP (SIP + Datagram Transport Layer Security-SRTP) End-to-End Encryption & Authentication SIP + SRTP + ZRTP Introduction Man-in-the-Middle ZRTP Attacks Conclusion End-to-End Security for Voice Calls Institute of Operating Systems and Computer Networks No End-to-End Security PSTN (Public Switched Telephone Network) SIP + (S)RTP (Session Initiation Protocol + Secure Real-Time Transport Protocol) 2017-07-18 Dominik Schürmann Wiretapping End-to-End Encrypted VoIP Calls Page 2 of 13 wiretapping difficulty End-to-End Encryption & Authentication SIP + SRTP + ZRTP Introduction Man-in-the-Middle ZRTP Attacks Conclusion End-to-End Security for Voice Calls Institute of Operating Systems and Computer Networks No End-to-End Security PSTN (Public Switched Telephone Network) SIP + (S)RTP (Session Initiation Protocol + Secure Real-Time Transport Protocol) End-to-End Encryption SIP + DTLS-SRTP (SIP + Datagram Transport Layer Security-SRTP) 2017-07-18 Dominik Schürmann Wiretapping End-to-End Encrypted VoIP Calls Page 2 of 13 wiretapping difficulty Introduction Man-in-the-Middle ZRTP Attacks Conclusion End-to-End Security for Voice Calls Institute of Operating Systems and Computer Networks No End-to-End Security PSTN (Public Switched Telephone Network) SIP + (S)RTP (Session Initiation Protocol + Secure Real-Time
  • AUTHENTICATION TECHNIQUES for HETEROGENEOUS TELEPHONE NETWORKS by BRADLEY GALLOWAY REAVES a DISSERTATION PRESENTED to the GRADUA

    AUTHENTICATION TECHNIQUES for HETEROGENEOUS TELEPHONE NETWORKS by BRADLEY GALLOWAY REAVES a DISSERTATION PRESENTED to the GRADUA

    AUTHENTICATION TECHNIQUES FOR HETEROGENEOUS TELEPHONE NETWORKS By BRADLEY GALLOWAY REAVES A DISSERTATION PRESENTED TO THE GRADUATE SCHOOL OF THE UNIVERSITY OF FLORIDA IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY UNIVERSITY OF FLORIDA 2017 © 2017 Bradley Galloway Reaves For Sarah ACKNOWLEDGMENTS Iamonlywritingthistodaybecauseofthemultitudeoffamily,friends,teachers,and colleagues who helped get me here. This journey began in high school, when Mrs. Reid, my English teacher, suggested that I would make a good college professor. I wasn’t sure about the idea until my second programming class in college. I loved programming, so I would do the lab assignments at home, then show up in the lab to demonstrate the project to the TA. My work for the week was done, but I didn’t leave the lab. Instead, I stayed for the next few hours helping other students when they needed help with the programming assignments. It became the best part of my week, and I realized that there was no career I wanted more than to be a professor of computing. Having a goal and knowing what it takes to achieve it are two very di↵erent things. At the time I knew I needed a PhD, but nothing of what it took to get one. Luckily, I had wonderfully supportive professors and advisors who told me what it took, and one in particular helped me take the first steps toward a research career. Tommy Morris was a new professor at Mississippi State, and after teaching my digital design class o↵ered me a (paid!) position in his research lab.
  • Online Media and the 2016 US Presidential Election

    Online Media and the 2016 US Presidential Election

    Partisanship, Propaganda, and Disinformation: Online Media and the 2016 U.S. Presidential Election The Harvard community has made this article openly available. Please share how this access benefits you. Your story matters Citation Faris, Robert M., Hal Roberts, Bruce Etling, Nikki Bourassa, Ethan Zuckerman, and Yochai Benkler. 2017. Partisanship, Propaganda, and Disinformation: Online Media and the 2016 U.S. Presidential Election. Berkman Klein Center for Internet & Society Research Paper. Citable link http://nrs.harvard.edu/urn-3:HUL.InstRepos:33759251 Terms of Use This article was downloaded from Harvard University’s DASH repository, and is made available under the terms and conditions applicable to Other Posted Material, as set forth at http:// nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of- use#LAA AUGUST 2017 PARTISANSHIP, Robert Faris Hal Roberts PROPAGANDA, & Bruce Etling Nikki Bourassa DISINFORMATION Ethan Zuckerman Yochai Benkler Online Media & the 2016 U.S. Presidential Election ACKNOWLEDGMENTS This paper is the result of months of effort and has only come to be as a result of the generous input of many people from the Berkman Klein Center and beyond. Jonas Kaiser and Paola Villarreal expanded our thinking around methods and interpretation. Brendan Roach provided excellent research assistance. Rebekah Heacock Jones helped get this research off the ground, and Justin Clark helped bring it home. We are grateful to Gretchen Weber, David Talbot, and Daniel Dennis Jones for their assistance in the production and publication of this study. This paper has also benefited from contributions of many outside the Berkman Klein community. The entire Media Cloud team at the Center for Civic Media at MIT’s Media Lab has been essential to this research.
  • Improving Signal's Sealed Sender

    Improving Signal's Sealed Sender

    Improving Signal’s Sealed Sender Ian Martiny∗, Gabriel Kaptchuky, Adam Avivz, Dan Rochex, Eric Wustrow∗ ∗University of Colorado Boulder, fian.martiny, [email protected] yBoston University, [email protected] zGeorge Washington University, [email protected] xU.S. Naval Avademy, [email protected] Abstract—The Signal messaging service recently deployed a confidential support [25]. In these cases, merely knowing to sealed sender feature that provides sender anonymity by crypto- whom Alice is communicating combined with other contextual graphically hiding a message’s sender from the service provider. information is often enough to infer conversation content with- We demonstrate, both theoretically and empirically, that this out reading the messages themselves. Former NSA and CIA one-sided anonymity is broken when two parties send multiple director Michael Hayden succinctly illustrated this importance messages back and forth; that is, the promise of sealed sender of metadata when he said the US government “kill[s] people does not compose over a conversation of messages. Our attack is in the family of Statistical Disclosure Attacks (SDAs), and is made based on metadata” [29]. particularly effective by delivery receipts that inform the sender Signal’s recent sealed sender feature aims to conceal this that a message has been successfully delivered, which are enabled metadata by hiding the message sender’s identity. Instead of by default on Signal. We show using theoretical and simulation- based models that Signal could link sealed sender users in as seeing a message from Alice to Bob, Signal instead observes few as 5 messages. Our attack goes beyond tracking users via a message to Bob from an anonymous sender.
  • Diplomat: Using Delegations to Protect Community Repositories

    Diplomat: Using Delegations to Protect Community Repositories

    Diplomat: Using Delegations to Protect Community Repositories Trishank Karthik Kuppusamy, Santiago Torres-Arias, Vladimir Diaz, and Justin Cappos, New York University https://www.usenix.org/conference/nsdi16/technical-sessions/presentation/kuppusamy This paper is included in the Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI ’16). March 16–18, 2016 • Santa Clara, CA, USA ISBN 978-1-931971-29-4 Open access to the Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI ’16) is sponsored by USENIX. Diplomat: Using Delegations to Protect Community Repositories Trishank Karthik Kuppusamy Santiago Torres-Arias Vladimir Diaz Justin Cappos Tandon School of Engineering, New York University Abstract software. Major repositories run by Adobe, Apache, Debian, Fedora, FreeBSD, Gentoo, GitHub, GNU Sa- Community repositories, such as Docker Hub, PyPI, vannah, Linux, Microsoft, npm, Opera, PHP, RedHat, and RubyGems, are bustling marketplaces that distribute RubyGems, SourceForge, and WordPress repositories software. Even though these repositories use common have all been compromised at least once [4,5,7,27,28,30, software signing techniques (e.g., GPG and TLS), at- 31,35,36,39–41,48,59,61,62,67,70,79,80,82,86,87,90]. tackers can still publish malicious packages after a server For example, a compromised SourceForge repository compromise. This is mainly because a community repos- mirror located in Korea distributed a malicious ver- itory must have immediate access to signing keys in or- sion of phpMyAdmin, a popular database administration der to certify the large number of new projects that are tool [79]. The modified version allowed attackers to gain registered each day.
  • Improving Signal's Sealed Sender

    Improving Signal's Sealed Sender

    Improving Signal’s Sealed Sender Ian Martiny∗, Gabriel Kaptchuky, Adam Avivz, Dan Rochex, Eric Wustrow∗ ∗University of Colorado Boulder, fian.martiny, [email protected] yBoston University, [email protected] zGeorge Washington University, [email protected] xU.S. Naval Avademy, [email protected] Abstract—The Signal messaging service recently deployed a confidential support [25]. In these cases, merely knowing to sealed sender feature that provides sender anonymity by crypto- whom Alice is communicating combined with other contextual graphically hiding a message’s sender from the service provider. information is often enough to infer conversation content with- We demonstrate, both theoretically and empirically, that this out reading the messages themselves. Former NSA and CIA one-sided anonymity is broken when two parties send multiple director Michael Hayden succinctly illustrated this importance messages back and forth; that is, the promise of sealed sender of metadata when he said the US government “kill[s] people does not compose over a conversation of messages. Our attack is in the family of Statistical Disclosure Attacks (SDAs), and is made based on metadata” [29]. particularly effective by delivery receipts that inform the sender Signal’s recent sealed sender feature aims to conceal this that a message has been successfully delivered, which are enabled metadata by hiding the message sender’s identity. Instead of by default on Signal. We show using theoretical and simulation- based models that Signal could link sealed sender users in as seeing a message from Alice to Bob, Signal instead observes few as 5 messages. Our attack goes beyond tracking users via a message to Bob from an anonymous sender.
  • Mass Surveillance

    Mass Surveillance

    Mass Surveillance Mass Surveillance What are the risks for the citizens and the opportunities for the European Information Society? What are the possible mitigation strategies? Part 1 - Risks and opportunities raised by the current generation of network services and applications Study IP/G/STOA/FWC-2013-1/LOT 9/C5/SC1 January 2015 PE 527.409 STOA - Science and Technology Options Assessment The STOA project “Mass Surveillance Part 1 – Risks, Opportunities and Mitigation Strategies” was carried out by TECNALIA Research and Investigation in Spain. AUTHORS Arkaitz Gamino Garcia Concepción Cortes Velasco Eider Iturbe Zamalloa Erkuden Rios Velasco Iñaki Eguía Elejabarrieta Javier Herrera Lotero Jason Mansell (Linguistic Review) José Javier Larrañeta Ibañez Stefan Schuster (Editor) The authors acknowledge and would like to thank the following experts for their contributions to this report: Prof. Nigel Smart, University of Bristol; Matteo E. Bonfanti PhD, Research Fellow in International Law and Security, Scuola Superiore Sant’Anna Pisa; Prof. Fred Piper, University of London; Caspar Bowden, independent privacy researcher; Maria Pilar Torres Bruna, Head of Cybersecurity, Everis Aerospace, Defense and Security; Prof. Kenny Paterson, University of London; Agustín Martin and Luis Hernández Encinas, Tenured Scientists, Department of Information Processing and Cryptography (Cryptology and Information Security Group), CSIC; Alessandro Zanasi, Zanasi & Partners; Fernando Acero, Expert on Open Source Software; Luigi Coppolino,Università degli Studi di Napoli; Marcello Antonucci, EZNESS srl; Rachel Oldroyd, Managing Editor of The Bureau of Investigative Journalism; Peter Kruse, Founder of CSIS Security Group A/S; Ryan Gallagher, investigative Reporter of The Intercept; Capitán Alberto Redondo, Guardia Civil; Prof. Bart Preneel, KU Leuven; Raoul Chiesa, Security Brokers SCpA, CyberDefcon Ltd.; Prof.
  • A Framework for Identifying Host-Based Artifacts in Dark Web Investigations

    A Framework for Identifying Host-Based Artifacts in Dark Web Investigations

    Dakota State University Beadle Scholar Masters Theses & Doctoral Dissertations Fall 11-2020 A Framework for Identifying Host-based Artifacts in Dark Web Investigations Arica Kulm Dakota State University Follow this and additional works at: https://scholar.dsu.edu/theses Part of the Databases and Information Systems Commons, Information Security Commons, and the Systems Architecture Commons Recommended Citation Kulm, Arica, "A Framework for Identifying Host-based Artifacts in Dark Web Investigations" (2020). Masters Theses & Doctoral Dissertations. 357. https://scholar.dsu.edu/theses/357 This Dissertation is brought to you for free and open access by Beadle Scholar. It has been accepted for inclusion in Masters Theses & Doctoral Dissertations by an authorized administrator of Beadle Scholar. For more information, please contact [email protected]. A FRAMEWORK FOR IDENTIFYING HOST-BASED ARTIFACTS IN DARK WEB INVESTIGATIONS A dissertation submitted to Dakota State University in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Cyber Defense November 2020 By Arica Kulm Dissertation Committee: Dr. Ashley Podhradsky Dr. Kevin Streff Dr. Omar El-Gayar Cynthia Hetherington Trevor Jones ii DISSERTATION APPROVAL FORM This dissertation is approved as a credible and independent investigation by a candidate for the Doctor of Philosophy in Cyber Defense degree and is acceptable for meeting the dissertation requirements for this degree. Acceptance of this dissertation does not imply that the conclusions reached by the candidate are necessarily the conclusions of the major department or university. Student Name: Arica Kulm Dissertation Title: A Framework for Identifying Host-based Artifacts in Dark Web Investigations Dissertation Chair: Date: 11/12/20 Committee member: Date: 11/12/2020 Committee member: Date: Committee member: Date: Committee member: Date: iii ACKNOWLEDGMENT First, I would like to thank Dr.
  • Introduction to Fmxlinux Delphi's Firemonkey For

    Introduction to Fmxlinux Delphi's Firemonkey For

    Introduction to FmxLinux Delphi’s FireMonkey for Linux Solution Jim McKeeth Embarcadero Technologies [email protected] Chief Developer Advocate & Engineer For quality purposes, all lines except the presenter are muted IT’S OK TO ASK QUESTIONS! Use the Q&A Panel on the Right This webinar is being recorded for future playback. Recordings will be available on Embarcadero’s YouTube channel Your Presenter: Jim McKeeth Embarcadero Technologies [email protected] | @JimMcKeeth Chief Developer Advocate & Engineer Agenda • Overview • Installation • Supported platforms • PAServer • SDK & Packages • Usage • UI Elements • Samples • Database Access FireDAC • Migrating from Windows VCL • midaconverter.com • 3rd Party Support • Broadway Web Why FMX on Linux? • Education - Save money on Windows licenses • Kiosk or Point of Sale - Single purpose computers with locked down user interfaces • Security - Linux offers more security options • IoT & Industrial Automation - Add user interfaces for integrated systems • Federal Government - Many govt systems require Linux support • Choice - Now you can, so might as well! Delphi for Linux History • 1999 Kylix: aka Delphi for Linux, introduced • It was a port of the IDE to Linux • Linux x86 32-bit compiler • Used the Trolltech QT widget library • 2002 Kylix 3 was the last update to Kylix • 2017 Delphi 10.2 “Tokyo” introduced Delphi for x86 64-bit Linux • IDE runs on Windows, cross compiles to Linux via the PAServer • Designed for server side development - no desktop widget GUI library • 2017 Eugene