fbpx

Anonymity networks offer individuals living under restraining regimes protection from surveillance of their internet use. But citing the recently divulged vulnerabilities in the most popular of these networks - Tor - has urged computer scientists to bring forth more secure anonymity schemes.

An all-new anonymity scheme that offers strong security guarantees, but utilizes bandwidth more efficiently as compared to its predecessors is in the works.

Researchers at MIT's Computer Science and Artificial Intelligence Laboratory in collaboration with the the école Polytechnique Fédérale de Lausanne will present the new scheme during the Privacy Enhancing Technologies Symposium in this month.

During experiments, the researchers' system required only one-tenth as much time as current systems to transfer a large file between anonymous users, according to a post on MIT official website.

Albert Kwon, the first author on the new paper and a graduate student in electrical engineering and computer science said as the basic use case, the team thought of doing anonymous file-sharing where both, the receiving and the sending ends didn't each other.

This was done keeping in mind that honeypotting and other similar things - in which spies offer services via an anonymity network in a bid to entice its users - are real challenges. "But we also studied applications in microblogging," Kwon said - something like Twitter where a user can opt to anonymously broadcast his/her message to everyone.

The system designed by Kwon in collaboration with his coauthors - Bryan Ford SM '02 PhD '08, an associate professor of computer and communication sciences at the école Polytechnique Fédérale de Lausanne, David Lazar, a graduate student in electrical engineering and computer science, Edwin Sibley Webster Professor of Electrical Engineering and Computer Science at MIT and his adviser Srini Devadas - makes use of an array of existing cryptographic techniques, but combines them in a peculiar manner.

The internet, for a lot of people can seem like a frightening and intimidating place and all they seek is help feeling safer on the internet, especially while performing an array of tasks such as making an online purchase, Anonhq reported.

Shell game

 A series of servers known as a 'mixnet,' is the core f the system. Just before passing a received message on to the next server, each server rearranges the order in which it receives messages - for instance - messages from Tom, Bob and Rob reach the first server in the order A, B, C, that server would then forward them to the second server in a completely different order, something like C, B, A. The second server would do the same before sending them to the third and so on.

Even if an attacker somehow manages to track the messages' point of origin, he/she will not be able to decipher which was which by the time they moved out of the last server. The new system is called 'Riffle' citing this reshuffling of the messages.

Public proof

In a bid to curb messages tampering, Riffle makes use of a technique dubbed a verifiable shuffle.

Thanks to the onion encryption, the messages forwarded by each server does not resemble the ones it receives, it has peeled off a layer of encryption. However, the encryption can be done in a way that allows the server to generate mathematical evidence that the messages it sends are indeed credible manipulations of the ones it receives.

In order to verify the proof, it has to be checked against copies of messages received by the server. Basically, with Riffle, users send their primary messages to all the servers in the mixnet at the same time. Servers then independently check for manipulation.

As long as one server in the mixnet continues to be uncompromised by an attacker, Riffle is cryptographically secure.

Author : Vinay Patel

Source : http://www.universityherald.com/articles/34093/20160712/mit-massachusetts-institute-of-technology-researchschool-of-engineering-computer-science-and-artificial-intelligence-laboratory-csail-computer-science-and-technology-cyber-security.htm

Categorized in Online Research

Table Of Contents

1. What is the Deep Web?

There are many words to describe the deep web, including the invisible web, hidden web, and even Deepnet.

The reason it exists is because the Internet has become so dependent upon search engines, and search engines are only as good as the web crawlers that serve up content for the results. Some researchers believe that the searchable web is barely 1% of what’s actually available on the World Wide Web.

Crawlers are excellent at crawling through static web pages, extracting information on those pages, and providing that information in the form of search results. However, there is valuable information tucked away below the surface of those search results – information buried inside online databases and dynamically generated pages that the search spiders are capable of crawling.

Just a few examples of those tremendous databases include information like patents, census data, data collected on space missions, climate data and academic databases filled with scientific papers overflowing with interesting and valuable information.

All of this doesn’t even include the deepest and darkest corner of the Internet where secretive onion websites exist, accessible only through special Tor software. A basic layout of what this looks like is shown below.

Deep Web.png

Methods of accessing these different parts of the deep web are determined by the data that you want to get at. The tools used to navigate the deep web are outlined here.

  • Databases – Information about people, census data, climate data, world information and other searchable information that could be stored in a table format.
  • Journals and Books – Information contained in a digital format that is either stored in a format not accessible by web crawlers or exists behind a paid gateway. These files need to be downloaded and opened on a PC.
  • Tor Network – Sites that want to remain hidden, and typically include things like illegal porn, stolen personal data, drug contacts, anonymous political dissidents, terrorists, and more.

This manual will take you on a tour through the many levels of the deep web, starting with the databases where you can find information only accessible to those who know the secrets to accessing them. Then, we’ll continue on to the spectrum of information available in academic journals and books where you can browse through volumes of writings about scholarly topics. Finally, we’ll arrive at the gates of Tor, beyond which lies the deep darkness of the entire Internet.

1.1 Databases for People Research

If you are a landlord or if you’ve ever taught in most school systems, then you’re probably more than familiar with one of the most common deep web databases around – the background search.

Most businesses or public institutions like schools will pay for a background check, but there are also databases all throughout the Internet where you can query to learn more about people.

The databases that are available for free include public records, criminal databases, digitized court records, and a variety of “people search” websites that provide basic identifying information, physical address, and family details.

There are a number of reasons to use deep web for people research – everything from finding lost relatives to genealogical research.

1.1.1 Adoption Research

A common use of people search databases is by adopted children trying to find their natural parents.

Regular people-search websites and services can be used for adoption research, but usually such research is hit-and-miss, since most of the free services provide only superficial information about people, and the paid websites require the researcher to know things like birth date and current location of residence. In most cases, an adopted child or parent may have some vague idea of the birth date, but no idea where the person is currently located.

This kind of research is so common in fact that there is now an influx of new websites specifically designed to match adopted children with natural parents who want to be found.

These are non-profit “registries” where adopted children and the parents who gave up their children are able to register for finding their child or parent.

deep-web2.jpg

These databases are not accessible from search engines, but knowing the right registry databases, either parents or children stand the chance of discovering and reuniting with their family members.

1.1.2 Lost Relatives

Another common use for people-search websites is when children run away, one parent leaves the family, or extended family members simply lose contact over time. In cases like these, a family member may seek out resources on the Internet to track down those relatives. Typical tools for this sort of research includes things like:

  • Social Networks – There have been many family reunions on Facebook
  • Search Engines – You’d be surprised what you can find!
  • Public Records
  • Online White Pages
  • People Search Websites
  • Birth, Marriage & Death Indexes

Finding lost relatives is probably one of the hardest research activities on the deep web, unless you have a good amount of detailed information about the person. Usually with a birthday, current residence, current age, full name or the names of immediate family members, you should be able to locate nearly anyone to a good degree of certainty.

1.1.3 Veteran Research

Most veterans work for a national government, and since most governments that are open with information offer a number of valuable and useful tools for research, veteran research on the Web is actually very fruitful.

For example, the Ministry of Defence in the UK provides a “Subject Access Request” form where veterans can request their own service records from the government.

deep-web3.jpg

This form can be found at The National Archivesfor the UK, and most governments around the world also have their own National Archives online where you can also do veteran research for service members in your country.

In addition to national archives, you can do Veterans research online using the following Deep Web resources not searchable via any search engine.

  • FOIA Requests
  • Non-Profit Organizations for Veterans
  • US Veteran Services Websites
  • Historical Research Websites

Because veterans records are maintained by governments, and because they are typically stored in locations that are easy to access, finding the records for specific veterans is usually pretty easy. This is especially true when those records have been digitized, which is more common these days than ever before. The Deep Web is chock-full of valuable veterans information.

1.1.4Genealogy

In the people-research genre, genealogy is probably one of the most common. It is an extremely popular hobby that many thousands of people across the world actively take part in. For this reason, there are long lists of fantastic genealogy websitesacross the Internet that can help you find your past ancestors. Of course the MakeUseOf Genealogy Manualis always a great place to start.

One of the more well-known and long running one of those are the various GenWeb projects across the world.

deep-web4.jpg

Most major countries have their own branch of the GenWeb website, and each of those is focused on providing a database of local ancestry research resources to genealogists in those local areas.

Other Deep Web databases that you’ll find on the topic are things like:

  • Cemetery Records
  • Online Obituaries and Birth Notices
  • Free Genealogy Databases
  • Local Historical Society Databases and File Archives

1.1.5 Background Checks

Whether you’re a landlord trying to verify that your new tenants don’t have a criminal record, or you’re trying to find out if your new boyfriend has some deep hidden secrets he’s not telling you, there are lots of legitimate reasons for wanting to conduct a background check.

Any in-depth background check that you conduct online is likely going to cost a modest fee. However, what many people don’t realize is that there are legitimate ways to look up background information about people at no cost on the web. You can’t get all of the details, but you can pull up information like family members, email addresses, phone numbers and even a criminal record.

If you don’t want to spend any cash right away for the paid online background database information, you can always dig through the Internet for information. With a Google search or by searching on social networks, you can learn a lot about people – but not nearly as much as you can uncover when you start dipping into the Deep Web.

deep-web5.jpg

Even paid services offer just enough information in the free “introductory” searches that will let you dig up even more dirt on other sites, like public records databases.

Options to look up background data on your own include:

  • County or small regional government websites with searchable databases for local town code citations, birth or marriage records
  • State databases for arrest records or criminal history
  • Federal databases for licenses and federal criminal records, investigations, and any military service

The benefit of using paid database searches is that it saves you a lot of time and effort to dig up information on individuals. However, you can discover much of the information that turns up in the paid background reports by taking the time to visit various public records websites around the net that offer databases filled with records that are publicly accessible by anyone for free.

1.2 Other Types of Deep WebResearch

Sometimes, when you’re researching the Internet, your needs may go deeper than just researching people. It may involve digging into the history about a certain location or an event. This kind of research can span several areas of the deep web – and these areas include academic resources, government and legal case databases, and of course the many historical resources buried throughout the web, and untouchable by most web crawlers.

1.2.1 Local History

No matter where in the world you live, the odds are pretty good that you have a historical society there, or at least some organization who works to preserve and protect the history of that local region.

That local historical society may actually have their own online research database where you can search for digitized historical records.

deep-web6.jpg

These databases – unreachable by search engines – contain photos, scanned historical documents, and other records that all together make up a treasure trove of information that you have access to thanks to the Internet.

In additional to historical societies, your local library may actually offer similar database search utilities on their websites that let you look up digitized documents or newspaper scans that cover the history of the region.

Local history is also linked to genealogy. Researchers use just about every records database on the Internet – public records, historical societies, libraries and more, in order to track down the lineage of a family.

One of the most well-known Deep Web databases that is used as part of historical research like this is FamilySearch.org.

deep-web7.jpg

This is a website that is astonishingly rich with information and resources for doing genealogy research, considering the fact that the service is provided entirely free, built and supported by The Church of Jesus Christ of Latter-day Saints.

It certainly isn’t the only genealogy database website out there, but it is one of the largest.

1.2.2 Legal Research

Whether or not you’re in trouble with the law doesn’t matter – when it comes to taking a stance on public policy or on any issue that involves legal questions, it’s good to have access to court cases and court decisions that set precedence for future court decisions.

In fact, if you arein trouble with the law, your lawyer will hopefully have a legal researcher who is well aware of the deep web, and capable of exploiting all of the resources that are buried there.

A few examples of legal research websites that you’ll find in the deep web include:

  • Law school court opinion search engines
  • Law library case databases
  • Non-profit legal organization search tools for legal cases

There are literally thousands of high quality legal research databases available on the Internet today, and surprisingly, not one item from that mountain of case documents and court decisions ever makes its way into search engine results. It’s basically a mountain of data about people, companies, organizations and historical events that you have access to if you know where to look.

1.2.3 Academic Studies

Academic research goes on around the world every single day. Often, findings are reported in the news, and other times they go unnoticed. However, you can find all of these studies tucked away deep inside of the deep web in the databases stored on various university servers.

Usually these academic databases are accessible and searchable by the public, but there are some systems that will charge you for access to the scientific journals where many of those findings are published.

However, the best option when looking to the deep web for data on academic studies and research findings are the free search tools offered by large organizations like Google (Google Scholar) and Microsoft (Microsoft Academic Research).

deep-web8.jpg

These are search forms that will burrow deep into the academic research databases and pull out the research and the findings that are most important to you. You won’t find these through search engines, but only through these academic research database search tools that pull the data out of the deep web for you.

1.3 Tor Websites

If the informational databases and private search tools of individual organizations make up one small part of the deep web, then Tor represents the secret dark corners where few respectable people dare to go.

Think of Tor as an alternative web. It is literally its own network, where websites don’t have any domain or IP addresses. Because of this, they are completely inaccessible to search engines. You need a special browser — these days known as the “Tor browser bundle” to access those difficult-to-find websites. I’ll give you more details on that later.

deep-web9.jpg

The Tor browser is your gateway into the Tor network of websites where you can download pirated movies and music, access questionable pornography or conspire to commit a crime.

Okay — so it isn’t all just about bad stuff. The Tor network is also where journalists, protesters and other people go who are wary about governments or officials trying to track their online activities. The Tor network, being one level removed from the Internet itself, provides a certain degree of privacy and security.

The websites located on the Tor network are known as “onion” sites, because most of the sites located there end with the .onion extension — only readable with the Tor browser.

1.3.1 Secret Websites

The Tor browser lets you browse the normal Internet anonymously — under a fake IP address. However, to access the hidden websites, you’ll need to find the Onion directories. You can browse the regular Internet for directories that list active Onion sites.

deep-web10.jpg

Some of those sites may also include “Deep Search” sites that act as sort of search engines for the Tor Network. Most Onion sites come and go, so it isn’t useful to list any active ones here because they likely will disappear before long.

The best way to find the sites is to start with a standard Internet search engine for “onion sites” and look for search engines or directories within the Tor network. Access those from your Tor browser, and you’re on your way toward discovering the many secret Onion sites scattered throughout the deep web.

1.3.2 Illegal Websites and Content

Once you start exploring the Tor network through these directories and search engines, it won’t take long for you to realize just how astonishing this part of the Deep web really is. You’ll find all sorts of downloadable content like books, magazines, and all kinds of other media that you’d be hard-pressed to discover on the open web.

deep-web11.jpg

Much of this is content that is openly available for free to the public without any sort of royalty issues, but there is also content throughout the Tor network that is fully licensed and where the owner should legally receive royalties. By downloading the content – like music, movies and more – you are essentially stealing those published works from the creator.

However, that ethical problem doesn’t stop the Tor network from being used as the distribution center for illegal, pirated movies, music and print publications.

In fact, the anonymity provided by the Tor browser, combined with the creation of so many “secret” websites that offer anything you could possibly hope to find, has also resulted in the proliferation of things like illegal pornography, terrorism and crime handbooks, stolen credit card numbers, and more.


This is the darkest part of the web, so the fact that this kind of content and people exist there shouldn’t surprise you – so if you do decide to go there, tread very carefully.

2. Deep Web Research Resources

In the next chapters, we’ll provide you with specific instructions on how to go about finding information, data or other content inside the deep web. In addition. you’ll find lots of useful resources in each section, which should offer a good starting point in your own journey through that part of the invisible Internet.

2.1 Statistics

Have you ever wondered how many women vs men use social networks? Are you working on a research paper for school, and need to know the results of the latest studies on disease?

The volume of data that’s available on the Internet outside of the reach of search engines is remarkable, and this is especially true when it comes to statistical research online. The reason for this is that there are two types of organizations that generally make it their business to distribute very detailed statistical information to the public — governments, and educational organizations.

By taking advantage of the free databases made available by these organizations, you can discover information that most people would find surprising. Anyone else who tries to find that data simply by Googling won’t find it, because to get access to that data, you need to know the URL for the search form of those databases.

The following are some of the most valuable deep web databases for statistical data on the web.

2.1.1 Government Databases

Governments around the world offer citizens a virtual warehouse filled to the ceiling with impressive data about regions and people. The following are some examples of government databases around the world.

2.1.1.1 United States

Nearly every agency inside of the U.S. government performs some form of research. Because of this, the U.S. government as a collective entity contains an unimaginable amount of data. As a service to the public for sifting through all that information, the government offers a website called FedStatsthat organizes government-created statistical data in one place.

deep-web12.jpg

The “Topic Links” section allows visitors to sift through a list of U.S. statistical data on subjects like adoption, state and national historical data, disease rates, educational statistics and much more. FedStats is probably the single most comprehensive statistical database research tool for deep web researchers. Most of the data found here is available in PDF format, or via database search forms.

The Pollak Libraryat the University Fullerton of California has accumulated its own impressive collection of free government databases for you to sift through for information.

deep-web13.jpg

Interesting databases you’ll find here include the Homeland Security Digital Library, the Child Welfare Information Gateway, and the Educator’s Reference Desk [ERIC].

Another valuable resource for government deep web databases is a wiki called GODORT, the Government Documents Round Table of the American Library Association. GODORT offers a list of State agencies across the United States. In this Wiki for every state in the U.S. you can find court docket records, political information, property databases and more.

courts-records.jpg

Other government databases that provide you with information that’s untouchable to search engines includes all of the following:

  • CGP– A database of published government ebooks covering research and studies across many different topical areas.
  • Christopher Center– Valparaiso University has a nice collection of government databases, organized by genre like Arts & Humanities, Consumer Affairs, Education and more.
  • GPO– The U.S. Government Printing office offers a useful search engine for collections of printed documents like government manuals, laws, presidential papers and more.

2.1.1.2 Europe

If you live in Europe and you’re looking for deep web government databases online, there are plenty of options. In Europe, there are just as many (if not more) Departments and organizations where you can find data that may be important to you, but you need to know where to look.

Because the list is so long, the European Unionactually provides a directory of government databases organized by subject.

In the EU directory, you’ll find sections for Agriculture, Environment, Public Health and even local development databases like EURYDICE, the Educational system and policies in Europe where you can find facts, figures and reports about the educational systems in Europe, all buried deep inside the website as a collection of PDF reports and data.

deep-web15.jpg

Just like FedStats for the U.S., the corresponding starting point for European statistics is a website called Eurostat. It is a little more focused on government financials than anything else.

deep-web16.jpg

Here, you can look up database information about government expenditures, government debt, and quarterly financial statements.

This is all great for financial information, but what about the sort of data sources that you’d find at a place like the National Archives in the U.S.? Well, the Harold B. Lee Library at Brigham Young University offers a system called Euro Docs, which is a giant directory linking you to historical documents for European countries.

You never know what you’ll find while browsing through these resources. While many of these are simply links to other informational websites, many of those external websites are databases or documents to volumes of information.

For example, at one link I stumbled upon a digital, interactive map of Roman and Medieval civilizations in Europe.

deep-web17.jpg

One of the coolest tools that you could use to efficiently visualize public data from around the world is theGoogle Public Data Explorer, an online data visualization tool that we’ve covered previously at MakeUseOf.

This is an amazing tool that pulls data from many of the same government data sources mentioned above, but in a visual format, allows you to compare and predict data trends across the world for things like domestic issues, economic factors, education, and agriculture.

deep-web18.jpg

You can select from the list of any country in the world, and even filter by gender, or narrow the size of the prediction window from 50 years down to just a few.

2.1.2 Academic Databases

Across the world, there are many thousands of ongoing scientific studies and research about some of the most important issues facing the world today. Many of the findings in these studies have ramifications that sometimes could influence the health, social beliefs or the laws of entire populations.

Academic databases are probably the deepest part of the invisible Internet, so it’s not an easy task to cover all of them, however there is a very clear shortlist of resources that provide access to the largest bulk of academic journals and books on the Internet. These are search engines or database that are inaccessible to the Google search engine. Once you start using these resources to research for statistics, studies and other data, you’ll wonder how you ever got by without it.

One of the most comprehensive search engines for academic journals and books is JSTOR, a digital library of over 1,500 journals, books and other sources.

deep-web19.jpg

The goal of this non-profit is to help researchers, students and others build and use a “wide range of scholarly content”.

deep-web20.jpg

Even if you don’t plan to invest in obtaining research material, most of the studies and other sources provide findings in the introduction, so you can at least obtain the ultimate conclusion of the study even though you need to pay to read the entire report.

The results of most searches using this database search tool usually return hundreds or even thousands of results. The journals and other sources that are available are displayed in sample form — but to download the full study or book you do need to pay.

Another very popular resource for digging into the deep web of scholarly works is ironically Google itself, with a resource known as Google Scholar.

deep-web21.jpg

Google Scholar will sift through articles published in major journals — utilizing the same search techniques as organizations like JSTOR, and often providing the same results. Google Scholar provides access to journal publications, patents and even case law results from U.S. federal or State courts (U.S.-based only).

The patents search capability of this search tool is worth its weight in gold. There are some amazing discoveries hidden away in the patents database.

One of the most well known academic research tools is the Institute of Education Sciences (ERIC). This system run by the Education Department of the U.S. government has long been a tool of librarians and educators to conduct academic research, and to help students find citations for their work.

deep-web22.jpg

ERIC is probably one of the most useful resources for students, because many of the papers and studies provided in the results are available in full from educational institutions or non-profit research organizations. Excerpts are always available, and a direct link to the source is provided for every result.

deep-web23.jpg

You can search for only published work that has been peer reviewed, or only for results that provide the full text download straight from the ERIC system. The ease of use and low-cost of many results make this a research tool of choice for academic information on the deep web.

Never to be outdone, Microsoft provides a counterpart to Google Scholar in the form of Microsoft Academic Search.

deep-web24.jpg

Like Google Scholar, many results are available for free, but just as many of the results include links to paid academic journals or journal distributors. Excerpts are available however, so if only the results or findings of the paper are desired, this is a quick and easy search tool to find those.

If you’re looking for only freely available papers and journals, then you’ll want to explore the Genamics journal database. This search tool and journal directory is focused only on “freely available journal information”, and allows you to search by Title/ISSN, or browse using the “Category Browser” within the academic area that you’re interested in.

deep-web25.jpg

The website doesn’t look very professionally made, but the face of the site betrays the fact that the database contains over 101794 journals available for free, and that list continues to grow.

If academic conferences are your thing, then you’ll definitely want to check out the Conference Alerts website. Conferences are a fantastic way for academics to discuss and share research, and just to meet other professionals within the academic community. Conal is a website that lets you search for conferences by topic, country, or city.

deep-web26.jpg

This site isn’t just some dead listing that hardly ever gets updated. This website isn’t entirely a deep web search tool, because the listings themselves are HTML based, so search engines could crawl these results.

However, the Conal advanced search tool lets you search through the entire database by date, and you can subscribe to automated alerts that let you know of upcoming conferences that fit your search criteria.

Other valuable resources if you are an academic researcher looking for information inside of the deep web:

  • iSeek– The creators of this tool promise the results are safe, authoritative, intelligent and time-saving.
  • Digital Library of the Commons– The DLC is provided by Indiana University so students can research “full-text articles, papers and dissertations.” Most of the results found here include full PDF documents not accessible to search engines.
  • Infomine– This search engine from the University of California is what the school library offers to students to find scholarly information on the Internet.

2.2 People Research

One of the most common areas of the deep web that people dive into are resources available for checking into the background of other people. This might be a journalist trying to vet a source, a landlord looking into the background of a potential tenant, or a number of other reasons to research another person.

Researching people online covers a wide range of different areas and resources, mostly depending on what type of information you’re looking for, how you want to use it, and your connection or relationship to the person you’re researching.

In the following sections, you’ll learn the many different ways that you can do background research on people. In most cases the services are free, but in those cases where there’s a cost, that will be clearly noted.

2.2.1 Adoption Research

Between 1999 and 2011, there were roughly 234,000 adoptions. That means that the odds are pretty good that of those thousands of children across the world, either one of the adopted children or one of the natural parents will eventually want to locate and reconnect with each other.

A very good starting point for any adoption research effort is the Adoption Database. This site offers a search tool where you can filter for things like adopted name at birth, date of birth, birth mother’s maiden name, the hospital where the birth took place, and much more.

deep-web28.jpg

The volume of detail and the depth of results from this database is tremendous. What you’ll basically find here are records from adopted children or natural parents who’ve submitted their information so that they can be found, in addition to who they are looking for.

deep-web29.jpg

This means that the database is balanced on the principle that if both the adopted child and the natural parent both want to be found and submit their information to the database, the odds are good that they’ll find each other. There are thousands of records spanning many years of adoptions in this database, which makes it a powerful tool for adoption research.

Another free tool that can help with adoption research is the Adoption Registry. This registry is run like a classified ads database, where natural parents or adopted children can place an ad describing themselves and who they are looking for.

deep-web30.jpg

Another good search tool is called FindMe.org, a non-profit and free “mutual consent” reunion registry. This is a registry that lets both the adoptee and the adopted find each other when they are both interested in being found.

A final, useful deep web search engine for adoption records searches is a registry search tool called Adoptee Connect.

The listings themselves are free to browse or search, but to see more of the details (such as contact info) of the poster, you’ll need to sign up for a free membership. A basic free membership provides you with 5 free entries into the database, and free searching. For more entries, you’ll need to upgrade your account.

2.2.2 Background Check Websites

Whether you’re a landlord looking to ensure your future tenant isn’t a criminal, or you just met someone new at the local dance club and want to make sure they’re not a creep, searching someone’s background on the Internet is exceedingly easy.

There are a number of websites that will provide you with information about a person’s location, online interests and even the names of their family members for absolutely free. Many of these offer limited information with a paid premium service to see all of the details.

There are a lot of services out there, like Peoplefinders, which provide you with a free listing of possible matches in a certain area, when you search for specific names.

deep-web31.jpg

It even provides the town where the name was located in public records, and a list of potentially related names. Many times these names are actually people who lived in the same place as that person, but are not actually relatives — so the service is not perfect.

A similar service to this is Intelius, which provides similar information, as well as a history of most recent places the person has lived. It isn’t always easy to identify the actual person you’re interested in, especially if the name is fairly common.

There are some more advanced free services that do more than just provide basic listings from public records databases, but actually use custom Internet searches to dig up whatever information exists about the person across websites, blogs and social networks throughout the Internet.

One example of this is a site called PeekYou, where you can search for a name in a specific region across the world, and then review profile information that PeekYou has collected about the person based on their activities on Twitter, Facebook, forums and other activities across the net.

deep-web32.jpg

Another site like this is Pipl, which provides you with search results that span different people search services across the net, as well as social network activity and regular search results.

deep-web33.jpg

If you are concerned that the person you’re dealing with specifically might be a sex offender, there is a National Sex Offender registryquick search available (U.S. only) provided by the U.S. Department of Justice, that will show you whether that person’s name appears in any State’s registry anywhere in the United States.

deep-web34.jpg

There are plenty of paid services that will perform a criminal background check for you, but the truth is that in the U.S., if you know the State where a crime probably occurred, you can usually do your own research right at the State website.

deep-web35.jpg

Just look for the state Criminal Justice Department website, or the Corrections Department website. These services are usually free and offered for the good of public safety.

If you are more interested in fast, paid services, the following options are available for criminal searches on people:

  • Criminal Searches– Public records criminal history search service.
  • Criminal Check– Search all state criminal records databases at once.
  • Black Book Online– Lets you search the records of criminal courts, prison inmate records, and even arrest warrants.
  • FBI– While you’re the only one who can request your own records, aside from the police, you can submit for an Identity Theft Summary from the FBI to determine if your “rap sheet” is accurate.

International/European services to search criminal records:


  • Verified Credentials– Performs an international background check, but you must be a registered business.
  • Interpol– Offers a search tool for searching whether someone is listed in the International list of Wanted Persons.
  • ICC(International Criminal Court) – Provides search tools for cases, panel discussions and news releases about past cases. This can turn up criminal cases regarding the person you’re researching.

2.2.3Phone DDirectories

Surprisingly, one of the most useful deep web research tools to find people is actually the simplest — phone directories. The old days of thick paper phone directories being delivered door-to-door are pretty much over.

Now, you can pretty much go online and so long as you know the name of the person you’re looking for and the town where they live, you can probably get their phone number and street address – assuming they haven’t specifically requested that their information be kept private (which usually requires a fee paid to the phone company).

The White Pages Neighbors look-up toolis an excellent example of this. A quick search for my info turned up my full name, phone number, and street address.

deep-web36.jpg

It got my age just a tiny bit off – but hey, I’m not complaining!

Other yellow & white page online directories where you can do the same kind of look-up with similar results include:

  • WhoWhere.com– U.S. based search that includes a mobile app.
  • AnyWho.com– Lets you search for both people and businesses.
  • WhitePages International– Use the International directories listing to search phone directories for other countries across the world.
  • Reverse Phone Directory– Provides a “people search” option to look up addresses and phone numbers.
  • New Ultimates– Lets you search 10 phone directory databases at once from a single page.
  • Zaba Search– One of the few phone directory search engines that lets you search names in all 50 U.S. States at once.

2.2.4Veteran & Military Information

Are you looking for information about veterans in your family or want to dig into historical research? There is a surprising wealth of veteran information in the deep web, buried behind uncrawlable military database search tools.

The most impressive, free deep web directory for veteran information is the Veterans History Project.

deep-web37.jpg

This is a tremendous historic database filled with volumes of veteran service information, and a very useful resource if you’re looking for information about a specific service member.

Other deep web resources for finding information about veterans include:

  • National Archives– At this site you can locate historic military service records and documents online, plus you can request specific veterans records like personnel and medical records.
  • VetFriends– A service that helps veterans reunite, is also a great deep web search tool for searching through over 10,000 units and over 1.5 million military names. Search is limited unless you join as a member.
  • Grave Locator– An excellent resource for veterans who fought alongside and lost friends in battle. The service is offered by the U.S. Department of Veterans Affairs, and you can locate the graves of soldiers by name and date or birth or death.
  • Find a Grave in Scotland– Similar to Grave Locator, except this is focused on graves in Scotland and includes citizens as well as soldiers.
  • Ancestry.co.uk– Provides you with a search form to find soldier, veteran and prisoner lists from the past.

3. Tor – The Dark Web

After traversing the fields of the deep web, you’ve now arrived at the entrance to a cave. This cave is a deep, dark one where the potential for danger is great, but so is the possibility of finding treasure.

Presenting the Tor network, also known as “Onion sites”, due to the fact that the sites that are hidden away on the network often have the extension of “.onion”.

The Tor network is essentially an Internet within the Internet. You need special software to visit the pages hidden there, and since sites hosted on that network do not use an IP (Internet Protocol), they are not only uncrawlable by search engines, but it is extremely difficult for law enforcement to track down and prosecute sites there with illegal content.

If you dare to enter this deep domain, the first step is to download the Tor Browser Bundle.

deep-web38.jpg

Once you’ve installed the Tor browser, your next task is to find all that hidden content. How do you find hidden websites? Well, think back to the early days of the Internet when there were no magical search engines crawling the net and returning results automatically. There were hundreds of “directories” available where you could find what you were looking for.

That is precisely the case here, with directories known as .onion link lists. The three most common of these – and excellent starting points for your journey into this dark land – are the following (access these links with your Tor browser.

  • TorLinks– A categorized list covering everything from financial services and drugs to warez, media, political and erotic links.
  • The Hidden Wiki– This Wiki page is a frequently updated directory covering all sorts of content like media, books, whistleblower sites and more.
  • Deep Web Links– Lots of valuable links to be found on this directory, with an over-arching theme of freedom of speech.

These are starting points for exploring the darker hidden web of Tor, but they are most certainly not the only places to go. Many of the sites hidden away on the Tor network are provided via word of mouth and through communities of people who are also interested in the same content. Many of this “sharing” takes place on the regular Internet on websites and forums.

Some places to check for onion links thrown out into the public where you may discover them:

  • Reddit /r/onions– A dedicated area devoted to Onion sites.
  • The Hidden Wiki– This site has a frequently updated blog of new onion links, but you’ll also find user-generated comments throughout, where you might also discover interesting onion links.
  • DeepDotWeb– Deep Dot Web is a popular blog that stays on top of not only deep web links and news, but also anything to do with bitcoin, since the two topics and communities are usually tightly intertwined.
  • Pastebin– Search this directory frequently for anonymously posted onion links.
  • Anonbin– Another popular dropping point for anonymously shared onion sites.

Once you’ve installed Tor and you’ve warmed up your taste buds for all of these interesting deep web links, your final mission – if you choose to accept it – is to read the MakeUseOf Tor Guide, and really start exploring this mysterious area of the Internet.

What Are Your Favourite Deep Web Resources?

There are countless other interesting places to explore in the deep web. What are the best research resources you know of?

Author : Ryan Dube

Source : http://www.makeuseof.com/tag/journey-into-the-hidden-web-a-guide-for-new-researchers/

Categorized in Deep Web

In the X-Men comic books, Wolverine’s mutant power is an accelerated healing process, allowing him to regenerate damaged tissues within seconds.

Now, a new material could see Wolverine’s self-healing talents replicated in real-life.

Researchers including several from the University of California, Riverside, have developed a new self-healing substance that regenerates itself opening up the possibility of creating robots that repair themselves.

The findings, which were published in the journal Advanced Material, represent the first time researchers have created an ionic conductor, meaning materials that ions can flow through, that is transparent, mechanically stretchable, and self-healing.

The material has potential applications in a wide range of fields. It could give robots the ability to self-heal after mechanical failure; extend the lifetime of lithium ion batteries used in electronics and electric cars; and improve biosensors used in the medical field and environmental monitoring.

“Creating a material with all these properties has been a puzzle for years,” said Chao Wang, an adjunct assistant professor of chemistry who is one of the authors of the paper. “We did that and now are just beginning to explore the applications.”

This project brings together the research areas of self-healing materials and ionic conductors.

Inspired by wound healing in nature, self-healing materials repair damage caused by wear and extend the lifetime, and lower the cost, of materials and devices. Wang developed an interest in self-healing materials because of his lifelong love of Wolverine, the comic book character who has the ability to self-heal.

Ionic conductors are a class of materials with key roles in energy storage, solar energy conversion, sensors, and electronic devices.

Another author of the paper, Christoph Keplinger, an assistant professor at the University of Colorado, Boulder, previously demonstrated that stretchable, transparent, ionic conductors can be used to power artificial muscles and to create transparent loudspeakers – devices that feature several of the key properties of the new material (transparency, high stretchability and ionic conductivity) – but none of these devices additionally had the ability to self-heal from mechanical damage.

The key difficulty is the identification of bonds that are stable and reversible under electrochemical conditions. Conventionally, self-healing polymers make use of non-covalent bonds, which creates a problem because those bonds are affected by electrochemical reactions that degrade the performance of the materials.

Wang helped solve that problem by using a mechanism called ion-dipole interactions, which are forces between charged ions and polar molecules that are highly stabile under electrochemical conditions. He combined a polar, stretchable polymer with a mobile, high-ionic-strength salt to create the material with the properties the researchers were seeking.

The low-cost, easy to produce soft rubber-like material can stretch 50 times its original length. After being cut, it can completely re-attach, or heal, in 24 hours at room temperature. In fact, after only five minutes of healing the material can be stretched two times its original length.

Timothy Morrissey and Eric Acome, two graduate students working with Keplinger, demonstrated that the material could be used to power a so-called artificial muscle, also called dielectric elastomer actuator. Artificial muscle is a generic term used for materials or devices that can reversibly contract, expand, or rotate due to an external stimulus such as voltage, current, pressure or temperature.

The dielectric elastomer actuator is actually three individual pieces of polymer that are stacked together. The top and bottom layers are the new material developed at UC Riverside, which is able to conduct electricity and is self-healable, and the middle layer is a transparent, non-conductive rubber-like membrane.

The researchers used electrical signals to get the artificial muscle to move. So, just like how a human muscle (such as a bicep) moves when the brain sends a signal to the arm, the artificial muscle also reacts when it receives a signal. Most importantly, the researchers were able to demonstrate that the ability of the new material to self-heal can be used to mimic a preeminent survival feature of nature: wound-healing. After parts of the artificial muscle were cut into two separate pieces, the material healed without relying on external stimuli, and the artificial muscle returned to the same level of performance as before being cut.

Source:  http://canadajournal.net/science/researchers-create-wolverine-inspired-self-healing-material-54301-2017

Categorized in Online Research

The world will be a very different place in 2045, experts working at the Pentagon’s research agency may be the best people to ask.

According to a study published on World Economic Forum,  the Defense Advanced Research Projects Agency (DARPA) experts predicted what they imagined would be a reality in 30 years.

Dr. Justin Sanchez, a neurosscientist and director of Darpa’s Biological Technologies Office, believes we’ll be at a point where we can control things simply by using our mind.

“Imagine a world where you could just use your thoughts to control your environment,” Sanchez said.

“Think about controlling different aspects of your home just using your brain signals, or maybe communicating with your friends and your family just using neural activity from your brain.”

According to Sanchez, Darpa is working on neurotechnologies that can enable this to happen. There are already some examples of these kinds of futuristic breakthroughs in action, like brain implants controlling prosthetic arms.

Just last week Darpa demonstrated this amazing tech for the first time and gave a paralyzed man back the sense of touch — with brain implants that provided the feeling “as if his own hand were being touched,” he reported.

The future has more than just brain implants. Many other exciting things could change the buildings and other objects around us, says Stefanie Tompkins, a geologist and director of Darpa’s Defense Sciences Office.

She thinks we’ll be able to build things that are incredibly strong but also very lightweight. Think of a skyscraper using materials that are strong as steel but light as carbon fiber. That’s a simple explanation for what Tompkins envisions, which gets a little bit more complicated down at the molecular level.

Here’s how she explains it: “In 30 years, I imagine a world where we don’t even recognize the materials that surround us.”

“I think in 2045 we’re going to find that we have a very different relationship with the machines around us,” says Pam Melroy, an aerospace engineer and a former astronaut who is now a deputy director at Darpa’s Tactical Technologies Office.

“I think that we will begin to see a time when we’re able to simply just talk or even press a button” to interact with a machine to get things done more intelligently, instead of using keyboards or rudimentary voice-recognition systems.She continued: “For example, right now to prepare for landing in an aircraft there’s multiple steps that have to be taken to prepare yourself, from navigation, get out of the cruise mode, begin to set up the throttles … put the gear down. All of these steps have to happen in the right sequence.”

Instead, Melroy envisions an aircraft landing in the future being as simple as what an airline pilot tells the flight attendants: “Prepare for landing.” In 2045, a pilot may just say those three words and the computer knows the series of complex steps it needs to do to make that happen.

Or perhaps, with artificial intelligence, a pilot won’t even be necessary.

“Our world will be full of those kinds of examples where we can communicate directly our intent and have very complex outcomes by working together,” she said.

Author:  Web Desk

Source:  http://arynews.tv/

Categorized in Science & Tech

The darknet (or darkweb/any variation thereof) has an undeniable stigma. Some know the hidden sites to be a gateway to speaking freely. Others use darknet marketplaces to purchase drugs that are safer than those on the street. Another group may use the anonymity to share child pornography. In the words of Ross Ulbricht, “I learned… when you give people freedom, you don’t know what they’ll do with it.”

Researchers from Terbium Labs claim to have found evidence that disputes the majorly negative reputation the darknet has garnered.

Anonymity does not mean criminality,” the study’s landing page displays. “In the industry’s first data-driven, fact-based research report, Terbium Labs analyzes what’s really taking place on the far corners of the Internet.”

contentbydoman.png

Dr. Clare Gollnick and Emily Wilson, according to Engadget, claimed to be the first to conduct such a study. While the exact intention or scope of the claim remains unknown, Terbium Labs is far from the first entity to conduct a scan of onion links. Thanks to the well-known security and privacy researcher Sarah Jamie Lewis, we have OnionScan. And again, thanks to Lewis, we have a list of darknet papers and studies conducted throughout the last decade.

The Terbium Labs paper listed the the full methodology at the end of the paper, but the introduction holds “what you need to know to get started.” To start, Dr. Clare Gollnick and Emily Wilson used data pulled from 400 URLs. The URLs were pulled by an automated crawler over the course of a single day. Each URL, the paper noted, was used as an independent unit.

A team of analysts classified the contents of each URL. The categories were predefined were labeled with one of the following terms: Legal, Explicit, Drugs, Pharmaceuticals, Fraud, Multiple Categories (Illicit), Falsified Documents & Counterfeits, Exploitation, Hacking & Exploits, Weapons, Extremism, Weapons of Mass Destruction, Other Illicit Activity, Unknown/Site Down, Downloadable File.

Legal content made the majority of the 400 domains documented and it mirrored what could be found on the clearnet. According to the study, 6.8% of the legal content was porn. The rest consisted of nothing worthwhile. There were political blogs, graphic design firms, and even forums to discuss erectile dysfunction. The legal content appeared to be seemingly no different than content anywhere else.

After the legal category came everything else.

The majority of the content in the study is simply a description for each of the aforementioned categories. For example:

We defined Drugs as any non-pharmaceutical drug or substance bought or sold for recreational purposes. To provide a more detailed breakdown of the kinds of drugs available on the dark web, we separately classified any Pharmaceuticals available for sale as well. We include marijuana as a drug and not a pharmaceutical for the purposes of this study.

And similarly:

Pharmaceuticals include any kind of drug that a doctor might prescribe, excluding painkillers and their derivatives. For our classification, Pharmaceuticals include ADD/ADHD and anti-anxiety medications, even though these medications are often used recreationally… No prescriptions, unlimited refills, and no questions asked. Dark web pharmacies provide unfettered access to prescription medications, recalled over-the-counter drugs, and unregulated supplements.

Note that in this study, prescription drugs and street drugs were not categorized together.

The study found that the “drugs” category constituted close to 44.5% of the illegal content on the darknet.

drugs.png

Illegal pharmaceuticals only accounted for another 11.9%.

pharma.png

Both categories combined, the study found, made up the majority of the darknet content at around 56%.

For the most part, the remaining categories, save for “Multiple Categories (Illicit),” made little impact. “Weapons” and “Weapons of Mass Destruction,” among others, yielded no results in study. One category stood out to researchers: Exploitation.

Researchers discovered more content depicting the exploitation of children than content in several other categories. The exploitation category was almost as large as the fraud category.

Ex.png

The results of this study should not necessarily be treated as canon. Various scans over the years have had very different results. Most scans with accompanying data have been far more in-depth than this one. This doesn’t change the fact that legal content exists on the darknet. Similarly, this study’s inaccuracies and small sample size do not inherently disqualify other findings.

Sarah Jamie Lewis, on Twitter, pointed out some issues with these types of studies. One-third or more of darknet sites have a duplicate or clone, according to Lewis. In a study like the one from Terbium Labs, pulling any number of duplicates paints an inaccurate picture. Likewise, Lewis wrote that she had never seen a study that did anything other than http-only. Other factors like site ownership and a website’s weight need to be taken into account.

Source : deepdotweb

Categorized in Deep Web

The Tor network has become the most widely used system for online anonymity.

It has been used by journalists, lawyers and other professionals and people residing in countries with repressive regimes to hide their Internet browsing habits, for over a decade.

In addition, websites hosting content that may be considered subversive have used Tor to conceal the actual location of their web servers.

However, researchers at the Massachusetts Institute of Technology (MIT) and Qatar Computing Research Institute (QCRI) have come up with a smart way to break Tor anonymity without even touching its onion encryption system.

They discovered that an adversary can deduce the server location of a hidden service or the actual source of the data coming to a particular user, by studying the traffic patterns of the encrypted data moving through one computer in the Tor network.

The researchers, led by Albert Kwon, a graduate student of computer science and electrical engineering, will demonstrate Tor’s vulnerability this summer at the Usenix Security Symposium.

How Tor Provides Anonymity

Basically, the Tor network is made up of Internet users who have installed the Tor software.

To provide anonymity to users, their Internet requests are wrapped in many layers of encryption and sent to a randomly selected Tor-enabled computer.

This computer is called the guard.

The guard will remove the initial layer of encryption and send the request to another randomly selected Tor-enabled computer which will peel off the next encryption layer.

The final Tor-enabled computer will take the last layer of encryption off and expose the final destination of the original user’s request.

The last computer is called the exit. No computer in the encryption chain knows both the source and destination of the request.

In addition, Tor’s hidden services allow users to hide the actual address of their servers through the use of Tor routers called “introduction points”.

Users’ browsers can therefore connect to those “introduction points” so that the provider of the hidden service can publish information without revealing any location details.

Once a browser and hidden host establish a connection through the introduction point, a Tor circuit is formed.

How an Attacker Can Break Tor Anonymity

Albert Kwon and his fellow researchers at MIT and QCRI revealed that an attacker can break Tor anonymity by ensuring that his computer becomes a guard on the Tor network or circuit.

This can be done by connecting many computers to the network so that one of them will eventually be randomly selected as a guard.

Then the computer can be used to snoop and study the data being passed back and forth in the circuit.

The researchers demonstrated that machine-learning algorithms, in programs installed on a guard computer, could study this data and reveal whether the circuit was for ordinary anonymous web browsing or for a connection to a hidden service, with 99% accuracy.

In addition, they showed that a computer that becomes a guard for a hidden service can use the analysis of traffic patterns to reveal the actual identity of the host of the service, with 88% accuracy.

All these could be done without attempting to decode Tor’s encryption.

Tor Software

Conclusion

Effective Tor anonymity is vital for the protection of freedom of expression online.

So this revelation of Tor’s vulnerability is critical.

The researchers have suggested the use of dummy packets to make every type of circuit look similar.

With this new discovery, Tor’s developers have proposed the concealing of fingerprints of various circuits in future versions of the software so that attackers will not be able to study them successfully.

Source : Dark Web News

Categorized in Deep Web

Academic researchers study many aspects of business, but business practitioners rarely make use of that research. A multi-university research team reports that researchers and practitioners share more interests than either group realizes and outlines ways that the two groups can collaborate more effectively to address shared challenges.

"There's a big gap between science and practice, and our goal with this study was to look at both why that gap exists and how we can eliminate it," says Jeff Pollack, co-author of a paper on the work and an assistant professor of management, innovation and entrepreneurship at North Carolina State University.

Fundamentally, the researchers found that there are two key issues that contribute to the gap between researchers and practitioners -- and those two issues are essentially two sides of the same coin. First, there is a perception that there is little overlap in the interests of researchers and practitioners, which acts as a disincentive for them to work together. Second, generally speaking, the two groups know very little about each other -- meaning that neither group has a clear understanding of what the other group thinks is important.

To address these issues in detail, a team of researchers from NC State, the University of North Carolina at Charlotte, Virginia Commonwealth University and the University of Iowa conducted surveys of 929 business practitioners and 828 active researchers in business disciplines. The researchers also conducted in-depth interviews with 16 academics in the business field and 22 practitioners, ranging from "C-suite" executives and managers to government officials and legal advisors. The surveys and interviews focused on the needs and goals of the study participants.

The interview and survey data were consistent with each other, and identified clear areas of overlap.

"There are many more areas of common interest than either researchers or practitioners were aware of," says George Banks, lead author of the paper and an assistant professor of management at UNC-Charlotte. Specifically, both groups expressed significant interest in eight particular business challenges:

  • Reducing or eliminating pay inequality.
  • Reducing or eliminating workplace discrimination.
  • Reducing or eliminating unethical business practices.
  • Expanding opportunities for continuing education.
  • Leveraging technological innovation to improve job availability and quality.
  • Improving employee morale.
  • Reducing the carbon footprint of businesses and products.
  • And enhancing the quality of customer service.

"To be clear, we didn't give people a list of topics to choose from," says Brad Kirkman, co-author of the paper, General (Ret.) H. Hugh Shelton Distinguished Professor of Leadership and head of the Department of Management, Innovation and Entrepreneurship in NC State's Poole College of Management.

"These shared interests are subjects that researchers and practitioners brought up independently again and again when asked what they felt were the biggest challenges facing their fields."

"Interestingly, many of these challenges aren't focused on gaining a competitive advantage, but rather on addressing fundamental business practices that apply to multiple stakeholders in the domain of management," Pollack says.

The researchers also outlined four steps that could be taken by business schools to improve collaboration on these shared areas of interest.

First, the researchers urge the academic community to promote research findings. For example, faculty can work with university media offices to disseminate findings to reporters and the public.

Second, the researchers call for the creation of a new journal that is specifically focused on providing management professionals with practical advice they can actually use.

"We argue that peer-reviewed research can be both academically rigorous and relevant to practitioners - and we need a new journal that appreciates this," Pollack says.

Third, the researchers call on members of the business research community to use social media and other online platforms to reach out directly to business professionals.

Finally, the researchers suggest that business schools change the way they evaluate their faculty.

"Currently, evaluations of professors look at research, teaching and service," Kirkman says. "We propose that faculty also be evaluated based on 'practical impact.' That term may be defined differently in different places, but we think of it broadly as encompassing actions that researchers have made to reach business audiences -- whether that is by publishing books for a popular audience or working with businesses to help them craft business plans."

The researchers have already identified more than 160 businesses that are interested in working with the research community. "And that number is growing all the time," Pollack says. More information about these potential business/research partners is available from the authors.

"We are in the early stages of using these findings to implement change," Pollack says. "But we have every reason to believe that this change is inevitable, and that it will benefit both researchers and the business community."

The paper, "Management's Science-Practice Gap: A Grand Challenge for All Stakeholders," is published online in the Academy of Management Journal. Co-authors include Jaime Bochantin of UNC-Charlotte, Christopher Whelpley of VCU, and Ernest O'Boyle of the University of Iowa. The work was done with support from the Department of Management, Innovation and Entrepreneurship in NC State's Poole College of Management.

Source : http://www.eurekalert.org/pub_releases/2016-07/ncsu-siw072116.php 

Categorized in Business Research

IT security experts are developing a new method for detecting and fixing vulnerabilities in the applications run on different devices – regardless of the processor integrated in the respective device.

 

The number of devices connected to the Internet is continuously growing – including household appliances. They open up numerous new attack targets 

IT security experts from Bochum, headed by Prof Dr Thorsten Holz, are developing a new method for detecting and fixing vulnerabilities in the applications run on different devices -- regardless of the processor integrated in the respective device.

In future, many everyday items will be connected to the Internet and, consequently, become targets of attackers. As all devices run different types of software, supplying protection mechanisms that work for all poses a significant challenge.

This is the objective pursued by the Bochum-based project "Leveraging Binary Analysis to Secure the Internet of Things," short Bastion, funded by the European Research Council.

A shared language for all processors

As more often than not, the software running on a device remains the manufacturer's corporate secret, researchers at the Chair for System Security at Ruhr-Universität Bochum do not analyse the original source code, but the binary code of zeros and ones that they can read directly from a device.

However, different devices are equipped with processors with different complexities: while an Intel processor in a computer understands more than 500 commands, a microcontroller in an electronic key is able to process merely 20 commands. An additional problem is that one and the same instruction, for example "add two numbers," is represented as different sequences of zeros and ones in the binary language of two processor types. This renders an automated analysis of many different devices difficult.

In order to perform processor-independent security analyses, Thorsten Holz' team translates the different binary languages into a so called intermediate language. The researchers have already successfully implemented this approach for three processor types named Intel, ARM and MIPS.

Closing security gaps automatically

The researchers then look for security-critical programming errors on the intermediate language level. They intend to automatically close the gaps thus detected. This does not yet work for any software. However, the team has already demonstrated that the method is sound in principle: in 2015, the IT experts identified a security gap in the Internet Explorer and succeeded in closing it automatically.

The method is expected to be completely processor-independent by the time the project is wrapped up in 2020. Integrating protection mechanisms is supposed to work for many different devices, too.

Helping faster than the manufacturers

"Sometimes, it can take a while until security gaps in a device are noticed and fixed by the manufacturers," says Thorsten Holz. This is where the methods developed by his group can help. They protect users from attacks even if security gaps had not yet been officially closed.

Source:  https://www.sciencedaily.com/releases/2016/06/160609064300.htm

Categorized in Internet of Things
Page 2 of 2

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.

Follow Us on Social Media