Cyber-dependent crimes have rocketed in recent years. Illicit services, knowledge and tools are a commodity exchanged in anonymous online markets. An example is crypto-mining malware, a criminal operation that has produced over 57M USD of revenues by levering these services. This income fuels the underground economy and gears other cyber-criminal activities. All this poses a threat to our society, costing governments, private companies and citizens billions per year.

In this talk, I will provide a panoramic view of how cybercrime has evolved from an amateur business to a professional activity. We will see how criminals have created a complex ecosystem that targets multiple technologies. In particular, I will cover in detail three prolific case studies. I will also describe three innovative solutions that address each case study at a distinct layer of the Internet protocol stack.

I will first present how we can monitor interactions through the Stratum network protocol (Layer 5) to uncover unknown threats in the illicit crypto-mining ecosystem. Then, I will explain how we use causal inference to detect privacy-violating Browser extensions in Layer 4 (Transport), even over encrypted traffic. Finally, I will show how we can secure BYOD using dependable secure networks by systematically enforcing corporate policies in Layer 3 (Internet) devices, such as network routers. The talk will then conclude discussing emerging threats in online communities, including those that target IoT and VoIP technology.

About Guillermo Suarez-Tangil

Guillermo Suarez-Tangil is Assistant Professor at King’s College London (KCL). His research focuses on systems security and malware analysis and detection. In particular, his area of expertise lies in the study of smart malware, ranging from the detection of advanced obfuscated malware to automated analysis of targeted malware. Before joining KCL, he has been senior research associate at University College London (UCL) where he has worked on detecting and preventing of Mass-Marketing Fraud (MMF), while studying security and privacy issues in the social web with the iDrama lab (https://idrama.science/).

Prior to that, he held a post-doctoral position at Royal Holloway, University of London (RHUL) where he was part of the development team of CopperDroid, a tool to dynamically test malware that uses machine learning to model malicious behaviors. He also holds a solid expertise on building novel data learning algorithms for cybersecurity. He obtained his PhD on smart malware analysis in UC3M with distinction. He received the FUNCAS Best National Student Academic Award -a highly competitive award given to the best Thesis in the field of Engineering between 2014-2015.

This event will be conducted in English