Catalogue Search | MBRL
Are you sure you want to remove the book from the shelf?
{{itemTitle}}
33
result(s) for
"Dark Web Safety measures."
Sort by:
Casting light on the dark web : a guide for safe exploration
\"This book is an easy-to-read and comprehensive guide to understanding how the Dark Web works and why you should be using it! Readers are led on a tour from how to download the platform for personal or public use, to how it can best be utilized for finding information. This guide busts myths and informs readers, remaining jargon-free\"-- Provided by publisher.
Book
Relational Framework of Cyberattacks: Empirical Evidence from Multistage Incidents
The increasing scale and operational complexity of cyberattacks have exposed the limitations of static taxonomies for representing multistage threat scenarios. This study addresses the need for more flexible classification models by proposing a relational taxonomy of cyberattacks grounded in documented incidents. Therefore, the main objective is to propose a relational taxonomy that encodes direct transitions across eight groups in a dependency matrix and a directed graph while preserving traceability to MITRE ATT&CK. The taxonomy was validated by an independent panel of experts who assessed methodological clarity and operational utility. The results reveal consistent transition patterns across groups, delineate reproducible escalation routes, and pinpoint cut-off points linked to specific detection and control activities, providing an operational map of progression and intervention. The conclusions show that the taxonomy clarifies escalation paths, strengthens alignment across security monitoring and incident response functions, threat intelligence workflows and training, and provides an operational structure to manage interdependencies, anticipate escalation and focus monitoring on critical points.
Journal Article
A Three-Dimensional Convolutional Neural Network for Dark Web Traffic Classification Based on Multi-Channel Image Deep Learning
Dark web traffic classification is an important research direction in cybersecurity; however, traditional classification methods have many limitations. Although deep learning architectures like CNN and LSTM, as well as multi-structural fusion frameworks, have demonstrated partial success, they remain constrained by shallow feature representation, localized decision boundaries, and poor generalization capacity. To improve the prediction accuracy and classification precision of dark web traffic, we propose a novel dark web traffic classification model integrating multi-channel image deep learning and a three-dimensional convolutional neural network (3D-CNN). The proposed framework leverages spatial–temporal feature fusion to enhance discriminative capability, while the 3D-CNN structure effectively captures complex traffic patterns across multiple dimensions. The experimental results show that compared to common 2D-CNN and 1D-CNN classification models, the dark web traffic classification method based on multi-channel image visual features and 3D-CNN can improve classification by 5.1% and 3.3% while maintaining a smaller total number of parameters and feature recognition parameters, effectively reducing the computational complexity of the model. In comparative experiments, 3D-CNN validates the model’s superiority in accuracy and computational efficiency compared to state-of-the-art methods, offering a promising solution for dark web traffic monitoring and security applications.
Journal Article
The Dark Side of Using Online Social Networks: A Review of Individuals' Negative Experiences
Research on online social networks (OSNs) has focused overwhelmingly on their benefits and potential, with their negative effects overlooked. This study builds on the limited existing work on the so-called ‘dark side’ of using OSNs. The authors conducted a systematic review of selected databases and identified 46 negative effects of using OSNs from the users’ perspective, which is a rich spectrum of users’ negative experiences. This article then proposed nomenclature and taxonomy for the dark side of using OSNs by grouping these negative effects into six themes: cost of social exchange, cyberbullying, low performance, annoying content, privacy concerns and security threats. This study then conducted structured interviews with experts to confirm the sense-making and validity of the proposed taxonomy. This study discusses the confirmed taxonomy and outlines directions for future research.
Journal Article
Optimizing ML models for cybercrime detection: balancing performance, energy consumption, and carbon footprint through multi-objective optimization
This study aims to enhance computational performance while minimizing environmental impact in AI (Artificial Intelligence) and ML (Machine Learning) applications, especially in cybersecurity, by developing energy-efficient models using a multi-objective optimization approach. The research utilizes the Non-Dominated Sorting Genetic Algorithm II (NSGA-II), a multi-objective evolutionary algorithm (MOEA), to reduce data dimensionality and identify key features for traffic analysis related to global human trafficking (HTr). The study addresses the increasing energy consumption and carbon emissions due to the rapid adoption of AI technologies, especially during training and deployment. The methodology involves using NSGA-II for feature selection and evaluating energy consumption (Econ) and carbon footprint (CFP) with tools like CodeCarbon and EmissionsTracker. The performance of models such as LSTM (Long short-term memory) and SVM (Support Vector Machine) is assessed in terms of F-measure, with computational environments (Google Colab vs. personal laptop) compared for sustainability. The study applies two datasets: Transnational Terrorist Hostage Event (TTHE) and Counter Trafficking Data Collaborative (CTDC), focusing on key attributes for optimization. Results show that the LSTM model achieved a top F1 score of 98.93%, with precision and recall at 98.96% and 98.81%, respectively. In Pareto front evaluations, the CTDC dataset showed a 94.89% F-measure with a reduction in energy consumption and carbon footprint by 8%, while the TTHE dataset reached a 97.87% F-measure with an 11% reduction. These findings underscore the potential for balancing high performance with reduced environmental impact, contributing to sustainable AI innovations in cybersecurity.
Journal Article
Classification of Hacker’s Posts Based on Zero-Shot, Few-Shot, and Fine-Tuned LLMs in Environments with Constrained Resources
This paper investigates, applies, and evaluates state-of-the-art Large Language Models (LLMs) for the classification of posts from a dark web hackers’ forum into four cyber-security categories. The LLMs applied included Mistral-7B-Instruct-v0.2, Gemma-1.1-7B, Llama-3-8B-Instruct, and Llama-2-7B, with zero-shot learning, few-shot learning, and fine-tuning. The four cyber-security categories consisted of “Access Control and Management”, “Availability Protection and Security by Design Mechanisms”, “Software and Firmware Flaws”, and “not relevant”. The hackers’ posts were also classified and labelled by a human cyber-security expert, allowing a detailed evaluation of the classification accuracy per each LLM and customization/learning method. We verified LLM fine-tuning as the most effective mechanism to enhance the accuracy and reliability of the classifications. The results include the methodology applied and the labelled hackers’ posts dataset.
Journal Article
Cybersecurity Threats in Saudi Healthcare: Exploring Email Communication Practices to Enhance Cybersecurity Among Healthcare Employees in Saudi Arabia
As cyber threats such as phishing and ransomware continue to escalate, healthcare systems are facing significant challenges in protecting sensitive data and ensuring operational continuity. This study explores how email communication practices influence cybersecurity in Saudi Arabia’s healthcare sector, particularly within the framework of rapid digitalisation under Vision 2030. The research employs a qualitative approach, with semi-structured interviews conducted with 40 healthcare professionals across various hospitals. A phenomenological analysis of the data revealed several key vulnerabilities, including inconsistent cybersecurity training, a reliance on informal messaging apps, and limited awareness of phishing tactics. The inconsistent cybersecurity training across regions emerged as a major weakness affecting overall resilience. These findings, grounded in rich qualitative data, offer a significant standalone contribution to understanding cybersecurity in healthcare settings. The findings highlight the need for mandatory training and awareness programmes and policy reforms to enhance cyber resilience within healthcare settings.
Journal Article
Enhancing Security in International Data Spaces: A STRIDE Framework Approach
The proliferation of Internet of Things (IoT) devices and big data has catalyzed the emergence of data markets. Regulatory and technological frameworks such as International Data Spaces (IDS) have been developed to facilitate secure data exchange while integrating security and data sovereignty aspects required by laws and regulations, such as the GDPR and NIS2. Recently, novel attack vectors have taken a toll on many enterprises, causing significant damage despite the deployed security mechanisms. Hence, it is reasonable to assume that the IDS may be just as susceptible. In this paper, we conduct a STRIDE threat analysis on IDS to assess its susceptibility to traditional and emerging cybersecurity threats. Specifically, we evaluate novel threats such as Man-in-the-Middle (MitM) attacks, compromised end-user devices, SIM swapping, and potential backdoors in commonly used open-source software. Our analysis identifies multiple vulnerabilities, particularly at the trust boundary (TB) between users and the IDS system. These include the traditionally troublesome Denial of Service (DoS) attacks, key management weaknesses, and the mentioned novel threats. We discuss the hacking techniques, tools, and associated risks to the IDS framework, followed by targeted mitigation strategies and recommendations. This paper provides a framework for performing a STRIDE-based threat analysis of the IDS. Using the proposed methodology, we identified the most potent threats and suggested solutions, thus contributing to the development of a safer and more resilient data space architecture.
Journal Article
Cyber Threat Intelligence Discovery using Machine Learning from the Dark Web
Cyber threat intelligence (CTI) is an actionable information or insight an organization uses to understand potential vulnerabilities it does have and threats it is facing. One important CTI for proactive cyber defense is exploit type with possible values system, web, network, website or Mobile. This study compares the performance of machine learning algorithms in predicating exploit types using form posts in the dark web, which is a semi- structured dataset collected from dark web. The study uses the CRISP data science approach. The results of the study show that machine learning algorithms which are function-based including support vector machine and deep-learning using artificial neural network are more accurate than those algorithms which are based on tree including Random Forest and Decision-Tree for CTI discovery from semi-structured dataset. Future research will include the use of high-performance computing and advanced deep-learning algorithms.
Journal Article
Security governance as a service on the cloud
Small companies need help to detect and to respond to increasing security related threats. This paper presents a cloud service that automates processes that make checks for such threats, implement mitigating procedures, and generally instructs client companies on the steps to take. For instance, a process that automates the search for leaked credentials on the Dark Web will, in the event of a leak, trigger processes that instruct the client on how to change passwords and perhaps a micro-learning process on credential management. The security governance service runs on the cloud as it needs to be managed by a security expert and because it should run on an infrastructure separated from clients. It also runs as a cloud service for economy of scale: the processes it runs can service many clients simultaneously, since many threats are common to all. We also examine how the service may be used to prove to independent auditors (e.g., cyber-insurance agents) that a company is taking the necessary steps to implement its security obligations.
Journal Article