The Use of Communication Technologies in Web Attacks and Hacker Tagging: Analysis of the Zone-H Model
İletişim Teknolojilerinin Web Saldırılarında Kullanımı ve Hacker Etiketlemesi: Zone-H Modelinin Analizi
Özet Görüntüleme: 75
/ 
PDF İndirme: 38
DOI:
https://doi.org/10.5281/zenodo.10020766Anahtar Kelimeler:
Keywords: Zone-H, Web Service Attack, Communication Technologies, Hacker Tagging, Council of Europe., Anahtar Kelimeler: Zone-H, Web Servis Saldırısı, İletişim Teknolojileri, Yasadışı Etiketleme, Avrupa Konseyi.Özet
ABSTRACT
Web-based cyber-attacks pose a major threat among the various problems experienced in data security in the digital world. Various measures are taken by governing bodies against data theft on web services. In addition to software and hardware-based protective applications, legal regulations on a global scale are among the effective solution policies. Subjects defined as black hat hackers label and publish their attacks on web services during the monitoring period. Zone-H is used as the only official platform that monitors and labels real-time cyber attacks in order to prove this labeling system at an ethical level in the digital environment. Within the scope of this study, a one-month attack analysis was conducted on the Zone-H system during the period October 1-31, 2022. During the analysis process, 968 attacks were detected and it was determined that these attacks were made over 9 different operating systems. When the attacks are classified regionally; Asia ranks first with 354 attacks and 36.5%. On a country basis, Indonesia ranks first with 250 attacks. North America ranks second with 198 attacks and 20.45%, while the USA ranks first among the countries in the region with 172 attacks. Europe ranks third with 129 total attacks and 13.32%. Turkey ranks first in this group with 62 attacks. South America ranks fourth with 116 total attacks and 11.98%, with Brazil ranking first in terms of countries with 66 attacks. Africa ranks fourth with 36 attacks and 3.71%. In the study, it is understood that the actions of individuals and groups who carry out web service attacks are directed from peripheral countries towards the systems of central countries.
Keywords: Zone-H, Web Service Attack, Communication Technologies, Hacker Tagging, Council of Europe.
ÖZET
Dijital dünyada veri güvenliği konusunda yaşanan çeşitli sorunlar içerisinde web tabanlı siber saldırılar büyük bir tehdit oluşturmaktadır. Web servisleri üzerinde gerçekleştirilen veri hırsızlığına karşı yönetim organları tarafından çeşitli önlemler alınmaktadır. Yazılım ve donanım tabanlı koruyucu uygulamalar yanında küresel ölçekteki hukuki düzenlemeler etkin çözüm politikaları arasında yer almaktadır. Siyah şapkalı hacker olarak tanımlanan özneler, web servislerine yönelik saldırılarını izleme periyodunda etiketleyerek yayınlamaktadır. Bu etiketleme sisteminin dijital ortamda etik düzeyde kanıtlanması aşamasında gerçek zamanlı siber saldırıları izleyen ve etiketleyen tek resmi platform olarak Zone-H kullanılmaktadır. Bu çalışma kapsamında 1-31 Ekim 2022 döneminde Zone-H sistemi üzerinde bir aylık saldırı analizi yapılmıştır. Analiz sürecinde 968 saldırı saptanmış olup, bu saldırıların 9 farklı işletim sistemi üzerinden yapıldığı tespit edilmiştir. Saldırılar bölgesel olarak sınıflandırıldığında Asya kıtası 354 saldırı ve %36,5 ile ilk sırada yer almaktadır. Ülke bazında ise Endonezya 250 saldırı ile ilk sırada yer almaktadır. Kuzey Amerika 198 saldırı ve %20,45 ile ikinci sırada yer alırken ABD 172 saldırı ile bölge ülkeleri arasında ilk sıradadır. Avrupa kıtası ise 129 toplam saldırı ve %13,32 ile üçüncü sırada bulunmaktadır. Türkiye’nin bu grup içerisinde 62 saldırı ile ilk sırada olduğu görülmektedir. Güney Amerika toplam 116 saldırı ve %11,98 ile dördüncü sırada olup, Brezilya 66 saldırı ile ülke bazında ilk sırada bulunmaktadır. Afrika kıtası 36 saldırı ve %3,71 ile dördüncü sırada yer almaktadır. Çalışmada, web servis saldırılarını gerçekleştiren kişi ve grupların eylemlerinin çevre ülkelerden merkez ülkelerin sistemlerine doğru yönelim gösterdikleri anlaşılmaktadır.
Anahtar Kelimeler: Zone-H, Web Servis Saldırısı, İletişim Teknolojileri, Yasadışı Etiketleme, Avrupa Konseyi.
Referanslar
REFERENCES
C. Urcuqui, M. García, J. Osorio, and A. Navarro, “Antidefacement-state of art”, Sistemas & Telemática, 14(39), pp.9-27, 2016.
Thomas J. Holt, “The Attack dynamics of political and religiously motivated hackers”, in Cyber Infrastruture Protection, T. Saadawi and L. Jordan, Ed, Strategic Studies Institute, 2011, pp.159-180.
A. W. Samuel, Hacktivism and the future of political participation, Ph.D. dissertation, in Political Science, department of Government, Harvard University, Cambridge, Massachusetts, USA, 2004.
Y. Zhong, H. Asakura, H. Takakura, and Y. Oshima, “Detecting malicious inputs of web application parameters using character class sequences”, In Computer Software and Applications Conference (COMPSAC), 2015 IEEE 39th Annual, 2(2015), Jul. 2015, pp. 525-532.
X. D. Hoang, “A Website defacement detection method based on machine learning techniques”. In SoICT’18: Ninth International Symposium on Information and Communication Technology, ACM, December 6–7, 2018, Da Nang City, Vietnam, 2018, pp.1-6.
S. C. III McQuade, Understanding and Managing Cybercrime, Boston, USA: Allyn and Bacon, 2006.
K. Cardwell, The Best Damn Cybercrime and Digital Forensics Book Period, New York, NY, USA: Syngres, Elsevier, 2007.
M. Britz, Computer Forensics and Cyber Crime, 3rd ed, Upper Saddle River, Pearson, NJ, USA, 2013.
B. Arief, M.A. Bin Adzmi, and T. Gross, “Understanding cybercrime from its stakeholders’perspectives: Part 1 attackers”, IEEE Security & Privacy, 13(1), 2015, pp.71-76.
M. Chawki, A. Darwish, A. Mohammed, and S. Tyagi, Cybercrime, Digital Forensics and Jurisdiction, New York, NY, USA: Springer International Publishing, 2015.
R. Sabillon, J. Cano, V. Cavaller, and J. Serra, “Cybercrime and cybercriminals: A Comprehensive study”, International Journal of Computer Networks and Communications Security, 4(6), June 2016, pp.165-176.
D. Maimon, A. Fukuda, S. Hinton, O. Babko-Malaya, and R. Cathey, “On the relevance of social media platforms in predicting the volume and patterns of web defacement attacks”, In EBCS Proceedings IEEE International Conference on Big Data, 2017, pp. 4668-4673.
G. Kirwan and A. Power, The Psychology of Cyber Crime: Concepts and Principles, Pennyslvania, Philadelphia, USA: IGI Global Press, 2012.
G. Kirwan and A. Power, Cybercrime: The Psychology of Online Offenders, New York, NY, USA: Cambridge University Press, 2013.
M. P. Aiken, C. McMahon, C. Haughton, L. O’Neill, and E. O’Carrol, “A Consideration of the social impact of cybercrime: Examples from hacking, piracy, and child abuse material online”, Contemporary Social Science,11(4), 2015, pp. 373-391.
T. J. Holt, E. R. Leukfeldt, S. Van De Weijer, “An Examination of motivation and routine activity theory to account for cyberattacks against dutch web sites”, Criminal Justice and Behavior, 47(4), 2020, pp. 487-505.
S. Banerjee, T. Swearingen, R. Shillair, J. M. Bauer, T. J. Holt, and A. Ross, “Using machine learning to examine cyberattack motivations on web defacement data”, Social Science Computer Review 40, 4(2022), pp. 914-932.
J. Lee, M. Azamfar, J. Singh, and S. Siahpour, “Integration of digital twin and deep learning in cyber-physical systems: Towards smart manufacturing”, IET Collaborative Intelligent Manufacturing, March 2020, 2(1), pp.34-36.
F. Maggi, M. Balduzzi, R. Flores, L. Gu, and V. Ciancaglini, “Investigating web defacement campaigns at large”. In Proceedings of the Asia Conference on Computer and Communications Security (ASIACCS), Association for Computing Machinery (ACM), New York, USA, 2018, pp. 443-456.
T. Kanti, V. Richariya, and V. Richariya, “Implementing a web browser with web defacement detection techniques”, World of Computer Science and Information Technology Journal (WCSIT), 1(7), 2011, pp. 307-310.
J. Nazario, “Politically motivated denial of service attacks”, in The Virtual Battlefield, C. Czosseck and K. Geers, Eds, Amsterdam, The Netherlands: IOS Press, 2009, s.163-181.
D. Cid, “More than 162,000 wordpress sites used for distributed denial of service attack, Sucuri Blog, [Online], https://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html (accessed May. 15, 2022).
D. Kopp, M. Wichtlhuber, I. Poese, J. Santanna, O. Hohlfeld, and C Dietzel, “DDoS hide & seek: On the effectiveness of a booter services takedown”, In Proceedings of the ACM Internet Measurement Conference (IMC), Association for Computing Machinery (ACM), New York, USA, 2019, pp. 65-72.
D. R. Thomas, R. Clayton, A. R. Beresford, “1000 Days of udp amplification DDoS attacks”, In Proceedings of the APWG Symposium on Electronic Crime Research (eCrime), 2017, pp.79-84.
D. Canali and D. Balzarotti, “Behind the scenes of online attacks: An analysis of exploitation behaviors on the web”, 20th Annual Network & Distributed System Security Symposium (NDSS 2013), Feb 2013, San Diego, USA, 2013, pp.n/a. hal-00799082
T. J. Holt, “The Attack dynamics of political and religiously motivated hackers”, in Cyber Infrastructure Protection, T. Saadawi and L. Jordan Eds, New York, USA: Strategic Studies Institute, 2009, pp.161-183.
A.V. Vu, D.D. Thomas, B. Collier, A. Hutchings, R. Clayton, and R. Anderson, “Getting bored of cyberwar: Exploring the role of civilian hacktivists in the Russia-Ukraine conflict”, arXiv:2208.10629v4 [cs.CR],
D. Jaquet-Chiffelle and M. Loi, “Ethical and unethical hacking”. in M, Christen., B. Gordijn, M. Loi, Eds, The Ethics of Cybersecurity. The International Library of Ethics, Law and Technology, vol 21, 2021, pp.1-6, New York, USA: Springer-Verlag, Cham.
A. Moneva, E. R. Leukfeldt, S.V.D. Weijer, and F. Miró-Llinares, “Repeat victimization by website defacement: An Empirical test of premises from an environmental criminology perspective”, Computers in Human Behavior, 126 (2022), pp.1-11.
S.V.D. Weijer, T. J. Holt, and E. R. Leukfeldt, “Heterogeneity in trajectories of cybercriminals: a longitudinal analyses of web defacements, Computers in Human Behavior Reports, 4(2021), 100113, pp. 1-10.
G. Davanzo, E. Medvet, and A Bartoli, “Anomaly detection techniques for a web defacement monitoring service”, Expert Systems With Applications, 38(10), pp.12521/12530, 2011.
R. A. Shweder, “Why Cultural Psychology”, Ethos, 27(1), 1999, pp.62-73.
M. Minkov, Cultural Differences in a Globalizing World, Bingley, Plymouth, UK: Emerald Group Publishing, 2011.
G. Hofstede, G. J. Hofstede, M. Minkov, Cultures and Organizations, New York, NY, USA: McGraw-Hill Publishing, 2010.
C. D. Guss and D. Dorner, “Cultural differences in dynamic decisionmaking strategies in a non-linear, time-delayed task”, Cogn. Sys. Res.,12(3), 2011, pp.365-376.
C. Sample, J. Cowley, and S. Hutchinson, “Cultural exploration of attack vector preferences for self-identified attackers”, 11th International Conference on Research Challenges in Information Science (RCIS), Brighton, UK, 2017, pp. 305-314, doi: 10.1109/RCIS.2017.7956551.
K. W. Ooi, S.H. Kim, Q. H. Wang, and K. L. Hui, “Do hackers seek variety? An empirical analysis of website defacements”, In International Conference on Information Systems, ICIS, vol.1, AIS/ICIS Administrative Office, 2011, pp. 824-833.
M. Romagna and N. J. Van den Hout, “Hacktivism and website defacement motivations, capabilities and potential threats”, 27th Virus Bulletin International Conference, October 2017, vol.1, 2017, pp.1-10.
O. E. M. Mondragón, A. F. M. Arcos, C. Urcuqui, and A. N. Cavadid, “Security control for website defacement”, Sistemas & Telemática, 15(41), 2017, pp. 45-55, doi: 110.18046/syt.v15i41.2442. (accessed May. 4, 2022).
E. Sorio, A. Bartoli, and E. Medvet, “Detection of hidden fraudulent urls within trusted sites using lexical features”, 2013 International Conference on Availability, Reliability and Security, IEEE, 2013, pp. 242-247, doi: 10.1109/ARES.2013.31. (accessed May. 4, 2022).
D. Stuttard and M. Pinto, The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws, Hoboken, NJ, USA: John Wiley & Sons, 2011.
S. Gupta and L. Sharma, “Exploitation of cross-site scripting (XSS) vulnerability on real world web applications and its defense”, International Journal of Computer Applications (IJCA), 2012, pp.28-33.
S. Gupta and B. B. Gupta, “BDS: Browser dependent xss sanitizer”, In Book on Cloud-Based Databases with Biometric Applications, IGI-Global’s Advances in Information Security, Privacy, and Ethics (AISPE) Series, 2014, pp.174-191, Pennyslvania, Philadelphia, USA: IGI Global Press.
S. Gupta and B. B. Gupta, “PHP-Sensor: A Prototype Method to Discover Workflow Violation and XSS Vulnerabilities in PHP Web Applications”. In Proceedings of the 12th ACM International Conference on Computing Frontiers. ACM. FISP’15, May 18-21, Ischia, Italy, 2015, pp.1-8, doi: 10.1145/2742854.2745719. (accessed May. 7, 2022).
A. Barth, C. Jackson, and J. C. Mitchell, “Robust defenses for cross-site request forgery”. In Proceedings of The 15th ACM Conference on Computer and Communications Security, 2008, pp.75-88.
İ. Üzüm and Ö. Can, “An anomaly detection system proposal to ensure ınformation security for file ıntegrations”, In 2018 26th Signal Processing and Communications Applications Conference (SIU), IEEE, 2018, pp.1-4.
G. Carl, G. Kesidis, R. R. Brooks, and S. Rai, “Denial-of-service attack-detection techniques”, IEEE Internet Computing, 10(1), 2006, pp. 82-89.
N. Borisov, G. Danezis, P. Mittal, and P. Tabriz, “Denial of service or denial of security?”, In Proceedings of The 14th ACM Conference on Computer and Communications Security, 2007, pp. 92-102.
Q. Gu and P. Liu, “Denial of service attacks”, Handbook of Computer Networks: Distributed Networks, Network Planning, Control, Management, and New Trends and Applications, vol.3, 2007, pp.454-468.
S. Liu, X. P. Liu, and A. El Saddik, “Denial-of-service (dos) attacks on load frequency control in smart grids”, In 2013 IEEE Pes Innovative Smart Grid Technologies Conference (ISGT), IEEE, 2013, pp.1-6.
E. Moradian and A. Håkansson, “Possible attacks on xml web services”, IJCSNS International Journal of Computer Science and Network Security, 6(1B), 2006, pp.154-170.
C. Gupta, R. K. Singh, A. K. Mohapatra, “A Survey and classification of xml based attacks on web applications”, Information Security Journal: A Global Perspective, 29(4), 2020, pp.183-198.
E. Karaarslan, T. Tuğlular, and H. Şengonca, “Web saldırı saptama ve engelleme sistemi temelleri”, Türkiye Bilişim Vakfı Bilgisayar Bilimleri ve Mühendisliği Dergisi, 2(1), 2016, pp.1-8.
F. Kargl, J. Maier, and M. Weber, “Protecting web servers from distributed denial of service attacks”. In Proceedings of the 10th International Conference on World Wide Web, WWW10, 1-5 May 2001, Hong Kong, 2001 pp. 514-524, doi: 10.1145/371920.372148. (accessed May. 7, 2022).
M. Jensen., N. Gruschka., R., Herkenhöner, “A Survey of attacks on web services: classification and countermeasures”, Computer Science-Research and Development, 24, 2009, pp.185-197.
B. Sterling, The Hacker Crackdown: Law and Disorder on the Electronic Frontier, Penguin (Books), Baltimore, MD, USA: Mass Market Paperback, 1993.
S. Levy, Hackers: Heroes of the Computer Revolution, Penguin (Books), Baltimore, MD, USA: 1984.
S. Lysonski and S. Durvasula, “Digital piracy of mp3s: Consumer and ethical predispositions”, Journal of Consumer Marketing, 25(3), 2008, pp.167-178, doi: 10.1108/07363760810870662. (accessed May. 6, 2022).
D. J. Gunkel, “Editorial: Introduction to hacking and hacktivism”, New Media & Society, 7(5), 2005, pp. 595-597, doi: 10.1177/1461444805056007. (accessed May. 6, 2022).
J. Suler, “The Online disinhibition effect”, Cyberpsychology & Behavior: The Impact of the Internet, Multimedia and Virtual Reality on Behavior and Society, 7(3), 2004, pp.321-326, doi: 10.1089/1094931041291295. (accessed May. 4, 2022).
T. T. Moores and J.C.J. Chang, “Ethical Decision Making in Software Piracy: Initial Development and Test of A Four-Component Model”, MIS Quarterly, 30(1), 2006, pp. 167-180. [online] http://dl.acm.org/citation.cfm?id=2017284.2017294 (accessed May. 2, 2022).
M. Warren, “The Ethics of the hacker taggers: The New Generation of Hackers”, In. Proceedings of The Tenth International Conference Living, Working and Learning Beyond Technology, ETHICOMP 2008, T.W. Bynum, M. Calzarossa, I. D. Lotto & S. Rogerson (Eds.), University of Pavia, 24-26 September 2008, Mantua, Italy, 2008, pp.787-793.
M. Warren and S. Leitch, “Hacker taggers: A New type of hackers”, Information Systems Frontiers, 2009, pp.425-431, doi: 10.1007/s10796-009-9203y. (accessed May. 6, 2022).
M. C. Calzarossa, I. D. Lotto, and S. Rogerson, “Ethics and Information Systems -Guest Editors’ Introduction”. Inf Syst Front 12, 357-359, 2010, pp.357-359, doi: 10.1007/s10796-009-9198-4. (accessed May. 8, 2022).
S. Furnell, “Hackers, viruses and malicious software”, in Handbook of Internet Crime, Y. Jewkes and M. Yar, Eds, Cullompton, UK: Willan, 2009, pp.173-193.
H. J. Woo, Y. Kim, J. Dominick, “Hackers: Militant or merry pranksters? A Content analysis of deface web pages”, Media Psychology, 6, 2004, pp.63-82.
A.K. Jain, S.R. Sahoo, and J. Kaubiyal, “Online social networks security and privacy: comprehensive review and analysis”. Complex Intell. Syst. 7, (2021), pp. 2157–2177, doi: 10.1007/s40747-021-00409-7.
A. Weber, “The Council of Europe’s convention on cybercrime”, Berkeley Technology Law Journal, 18(1), Annual Review of Law and Technology, 2003, pp.425-444.
M. Gercke, Understanding Cybercrime. A Guide for Developing Countries, 2nd Ed, Geneva, Switzerland, ITU, 2011.
Tonya L. Putnam and D. D. Elliott, “International Responses to Cyber Crime”, A. Sofaer and S. Goodman, Ed, Transnational Dimension of Cyber Crime and Terrorism, 2001, pp. 35-67, Stanford California, USA: Stanford University Hoower Institution press.
O. S. Kerr, “Searches and seizures in a digital world”, Harvard Law Review, 119(2), 2005, pp.531-585, Available at SSRN: https://ssrn.com/abstract=697541
S. D. Moitra, “Developing policies for cybercrime”, 13 Eur. J. Crime Crim. L. & Crim. Just, 2005, pp. 435-464.
H. Sınar, Avrupa Konseyi Siber Suç Sözleşmesi Üzerine Bir Deneme, Prof. Dr. Çetin Özek Armağanı, 2004, pp.765-300.
J. Clough, Principles of Cybercrime, New York, NY, USA: Cambridge University Press, 2010.
Council of Europe, Convention on Cybercrime, ETS (European Treaty Series), No:185, 2001.
ITU, “ITU_T X.1205 Sayılı tavsiye kararı, siber güvenliğe genel bakış̧”, 2008.
A. Karagülmez, Bilişim Suçları ve Soruşturma-Kovuşturma Evreleri, 4th Ed., İstanbul, Türkiye: Seçkin Yayıncılık, 2013.
H. Akıncı, A. E. Alıç̧, and C. Er, “Türk ceza kanunu ve bilişim suçları”, İnternet ve Hukuk, Y. M. Atamer, Ed, İstanbul, Türkiye: İstanbul Bilgi Ünı̇versitesi Yayınları, 2004.
Ö. Uçkan and Y. Beceni, “Bilişim-ı̇letişim teknolojileri ve ceza hukuku”, İnternet ve Hukuk, Y. M. Atamer, Ed, İstanbul, Türkiye: İstanbul Bilgi Üniversitesi Yayınları, 2004.
L. Kurt, Tüm Yönleriyle Bilişim Suçları ve Türk Ceza Kanundaki Uygulaması, 1st Ed, Ankara, Türkiye: Seçkin Yayıncılık, 2005.
Resmi Gazete, “İnternet ortamında yapılan yayınların düzenlenmesı̇ ve bu yayınlar yoluyla ı̇şlenen suçlarla mücadele edı̇lmesı̇ hakkında kanun, 5651 Sayılı Kanun”, Kabul Tarihi:4/5/2007, Resmi Gazete, 23/5/2007, Sayı:26530: Tertip:5, Cilt:46. 2007.
Zone-H, “Zone-H website main page”, http://www.zone-h.org/ (accessed Jul. 1, 2022).
Zone-H, “Monthly attack statistics for 01/22-10/22”, http://www.zone-h.org/stats/ymd (accessed Jul. 1, 2022).
Zone-H, “Annual attack statistics for 2015-2022”, http://www.zone-h.org/stats/ymd (accessed Jul. 1, 2022).
Zone-H, “Example page mirroring-tagging section of Hmei7 coded hacker”, http://www.zone-h.org/archive/notifier=Hmei7 (accessed Jul. 1, 2022).
Zone-H, “Example page mirroring-tagging section of hacker code 0x1998”, http://www.zone-h.org/mirror/id/39410678 (accessed Jul. 1, 2022).
Zone-H, “Example page mirroring-tagging section of Ramil Feyziyev coded hacker”, http://www.zone-h.org/mirror/id/40641580 (accessed Jul. 1, 2022).
Zone-H, “Example page mirroring tagging cross section of Yodo coded hacker”, http://www.zone-h.org/mirror/id/40626693 (accessed Jul. 1, 2022).
İndir
Yayınlanmış
Nasıl Atıf Yapılır
Sayı
Bölüm
Lisans
Telif Hakkı (c) 2022 Ases Ulusal Sosyal Bilimler Dergisi
Bu çalışma Creative Commons Attribution 4.0 International License ile lisanslanmıştır.
