When: July, 2, 2024, 2 PM
Where: Building TZR ("MB"), Level 1, Room S-MO-104, Universitätsstraße 142, 44799 Bochum
Online-Participation: Zoom-Webinar
Abstract: Cybercrime is rapidly escalating, inflicting significant damage on individuals, corporations, and states worldwide. Recent studies have revealed that nearly a fifth of businesses in the US and Europe have faced severe cyberattacks, with some narrowly avoiding bankruptcy. Consequently, investigating cybercrime is critically urgent, yet remains extremely challenging due to existing limitations in network traffic analysis. Current methods struggle to accurately trace encrypted communications from anonymity networks like Tor, typical of the so-called Dark Web, which enable actors to conduct illicit activities with minimal traceability. Additionally, developing ethically responsible traffic analysis methods that ensure compliance with data protection regulations and prevent abusive surveillance practices remains an open challenge.
In this talk, Nuno Santos will present their research roadmap for developing new techniques and tools to enable Law Enforcement Agencies (LEAs), with the cooperation of ISPs, to responsibly track Dark Web traffic as part of crime investigations. In the first part, he will introduce their first major result in achieving this goal: a new distributed traffic correlation technique named Sliding Subset Sum (SUMo). Presented at NDSS’24, SUMo advances the state of the art by enabling efficient and accurate deanonymization of onion service sessions in the Tor network. In the second part of this talk, Nuno Santos will discuss their plans to leverage SUMo’s base approach to build a comprehensive cybercrime investigation framework for LEAs. He will highlight some of the most difficult research challenges that lie ahead and present ideas to overcome them, including tackling the dangers of mass surveillance.
Bio: Nuno Santos is an Associate Professor at Instituto Superior Técnico (IST), University of Lisbon, and a senior researcher in the Distributed, Parallel, and Secure Systems (DPSS) group at INESC-ID Lisbon. He earned his PhD in Computer Science from the Max Planck Institute for Software Systems (MPI-SWS) in affiliation with Saarland University, Germany. His research focuses on systems security and privacy, covering a range of topics including trusted computing, web and software security, censorship resistance, network security, and anonymity systems. Nuno has served as a PC member for major security venues such as CCS, USENIX Security, and IEEE SP. He is also set to serve as a PC vice co-chair for USENIX Security 2025.