Haider M. Al-Khateeb

‘The language is disgusting and they refer to my disability’: the cyberharassment of disabled people

Abstract Disabled people face hostility and harassment in their socio-cultural environment. The use of electronic communications creates an online context that further reshapes this discrimination. We explored the experiences of 19 disabled victims of cyberharassment. Five themes emerged from the study: disability and health consequences, family involvement, misrepresentation of self, perceived complexity, and lack of awareness and expertise. Cyberharassment incidents against disabled people were influenced by the pre-existing impairment, perceived hate-targeting, and perpetrators faking disability to get closer to victims online. Our findings highlight a growing issue requiring action and proper support.

How technology can mitigate and counteract cyber-stalking and online grooming

With the virtual world having become part of the social lives of adults and minors alike, new attack vectors emerged to increase the severity of human-related attacks to a level the community has not experienced before. This article investigates this phenomenon and shares an outline of how technology could develop further to counteract and mitigate the damage caused by online perpetrators. Cyber-stalking and online bullying can have devastating effects on individuals, but its affecting the workplace too. In response, relevant technology could be used to counteract and mitigate the damage caused by online perpetrators. Haider M al-Khateeb and Gregory Epiphaniou of the University of Bedfordshire approach this issue using an incident response methodology and discuss the role of machine learning to identify and classify such attacks. They also examine how digital forensic investigations can be carried out in order to analyse the nature of the offence and preserve evidence.

Cyberstalking: Investigating formal intervention and the role of Corporate Social Responsibility

Abstract Context Online harassment and stalking have been identified with growing accordance as anti-social behaviours, potentially with extreme consequences including indirect or direct physical injury, emotional distress and/or financial loss. Objective As part of our ongoing work to research and establish better understanding of cyberstalking, this study aims to investigate the role of Police, Mobile Operators, Internet Service Providers (ISPs) and owners/administrators of online platforms (e.g. websites, chatrooms) in terms of intervention in response to offences. We ask to what different authorities do people report incidents of cyberstalking? Do these authorities provide satisfactory responses or interventions? And how can this be improved? Furthermore, we discuss the role of Corporate Social Responsibility (CSR) to encourage the implementation of cyberstalking-aware schemes by service providers to support victims. In addition, CSR can be used as a means to measure the effects of externality factor in dictating the relationship between the impact of a given individuals’ privacy loss and strategic decisions on investment to security controls in an organisational context. Method A mixed method design has been used in this study. Data collection took place by means of an online survey made available for three years to record both qualitative and quantitative data. Overall, 305 participants responded from which 274 identified themselves as victims of online harassment. Result Our results suggest that most offences were communicated through private channels such as emails and/or mobile texts/calls. A significant number of victims did not report this to their service provider because they did not know they could. While Police were recognised as the first-point-of-contact in such cases, 41.6% of our sample did not contact the Police due to reasons such as fear of escalation, guilt/sympathy and self-blaming. Experiences from those who have reported offences to service providers demonstrate that no or very little support was offered. Overall, the majority of participants shared the view that third-party intervention is required on their behalf in order to mitigate risks associated with cyberstalking. An independent specialist anti-stalking organisation was a popular choice to act on their behalf followed by the Police and network providers. Conclusion Incidents are taking place on channels owned and controlled by large, cross-border international companies providing mobile services, webmail and social networking. The lack of support offered to victims in many cases of cyberstalking can be identified as Corporate Social Irresponsibility (CSI). We anticipate that awareness should be raised as regarding service providers’ liability and social responsibility towards adopting better strategies.

Arabic text classification methods: Systematic literature review of primary studies

Recent research on Big Data proposed and evaluated a number of advanced techniques to gain meaningful information from the complex and large volume of data available on the World Wide Web. To achieve accurate text analysis, a process is usually initiated with a Text Classification (TC) method. Reviewing the very recent literature in this area shows that most studies are focused on English (and other scripts) while attempts on classifying Arabic texts remain relatively very limited. Hence, we intend to contribute the first Systematic Literature Review (SLR) utilizing a search protocol strictly to summarize key characteristics of the different TC techniques and methods used to classify Arabic text, this work also aims to identify and share a scientific evidence of the gap in current literature to help suggesting areas for further research. Our SLR explicitly investigates empirical evidence as a decision factor to include studies, then conclude which classifier produced more accurate results. Further, our findings identify the lack of standardized corpuses for Arabic text; authors compile their own, and most of the work is focused on Modern Arabic with very little done on Colloquial Arabic despite its wide use in Social Media Networks such as Twitter. In total, 1464 papers were surveyed from which 48 primary studies were included and analyzed.

Web browser artefacts in private and portable modes: a forensic investigation

Web browsers are essential tools for accessing the internet. Extra complexities are added to forensic investigations when recovering browsing artefacts as portable and private browsing are now common and available in popular web browsers. Browsers claim that whilst operating in private mode, no data is stored on the system. This paper investigates whether the claims of web browsers discretion are true by analysing the remnants of browsing left by the latest versions of Internet Explorer, Chrome, Firefox, and Opera when used in a private browsing session, as a portable browser, and when the former is running in private mode. Some of our key findings show how forensic analysis of the file system recovers evidence from IE while running in private mode whereas other browsers seem to maintain better user privacy. We analyse volatile memory and demonstrate how physical memory by means of dump files, hibernate and page files are the key areas where evidence from all browsers will still be recoverable despite their mode or location they run from.

Adaptive Traffic Fingerprinting for Darknet Threat Intelligence

Darknet technology such as Tor has been used by various threat actors for organising illegal activities and data exfiltration. As such there is a case for organisations to block such traffic, or to try and identify when it is used and for what purposes. However, anonymity in cyberspace has always been a domain of conflicting interests. While it gives enough power to nefarious actors to masquerade their illegal activities, it is also the corner stone to facilitate freedom of speech and privacy. We present a proof of concept for a novel algorithm that could form the fundamental pillar of a darknet-capable Cyber Threat Intelligence platform. The solution can reduce anonymity of users of Tor, and considers the existing visibility of network traffic before optionally initiating targeted or widespread BGP interception. In combination with server HTTP response manipulation, the algorithm attempts to reduce the candidate data set to eliminate client-side traffic that is most unlikely to be responsible for server-side connections of interest. Our test results show that MITM manipulated server responses lead to expected changes received by the Tor client. Using simulation data generated by shadow, we show that the detection scheme is effective with false positive rate of 0.001, while sensitivity detecting non-targets was 0.016±0.127. Our algorithm could assist collaborating organisations willing to share their threat intelligence or cooperate during investigations.

Classification of colloquial Arabic tweets in real-time to detect high-risk floods

Twitter has eased real-time information flow for decision makers, it is also one of the key enablers for Open-source Intelligence (OSINT). Tweets mining has recently been used in the context of incident response to estimate the location and damage caused by hurricanes and earthquakes. We aim to research the detection of a specific type of high-risk natural disasters frequently occurring and causing casualties in the Arabian Peninsula, namely ‘floods’. Researching how we could achieve accurate classification suitable for short informal (colloquial) Arabic text (usually used on Twitter), which is highly inconsistent and received very little attention in this field. First, we provide a thorough technical demonstration consisting of the following stages: data collection (Twitter REST API), labelling, text pre-processing, data division and representation, and training models. This has been deployed using ‘R’ in our experiment. We then evaluate classifiers’ performance via four experiments conducted to measure the impact of different stemming techniques on the following classifiers SVM, J48, C5.0, NNET, NB and k-NN. The dataset used consisted of 1434 tweets in total. Our findings show that Support Vector Machine (SVM) was prominent in terms of accuracy (F1=0.933). Furthermore, applying McNemar’s test shows that using SVM without stemming on Colloquial Arabic is significantly better than using stemming techniques.

A Novel Anonymity Quantification and Preservation Model for UnderNet Relay Networks

With the wide spread of Internet applications in both the surface net (Internet) and Darknet, the necessity to safeguard privacy and anonymity has become more prominent than ever. In an attempt to assure untraceability and undetectability between entities, as part of the communication process, traditional confidentiality mechanisms have proved insufficient to address attacks against those principles. In addition, different international laws and cross-continental cybercrimes become immune from being affected by a global public policy on how data traffic should be treated. In this article, a holistic view of anonymity preservation approaches and techniques is given with emphasis on the partial articulation of a novel anonymity preservation model based on infrastructure elements, circuit attributes and adversarial engagement rates on clustered and unindexed portions of the cyberspace.

Responsibility and non-repudiation in resource-constrained Internet of Things scenarios

The proliferation and popularity of smart autonomous systems necessitates the development of methods and models for ensuring the effective identification of their owners and controllers. The aim of this paper is to critically discuss the responsibility of Things and their impact on human affairs. This starts with an in-depth analysis of IoT Characteristics such as Autonomy, Ubiquity and Pervasiveness. We argue that Things governed by a controller should have an identifiable relationship between the two parties and that authentication and non-repudiation are essential characteristics in all IoT scenarios which require trustworthy communications. However, resources can be a problem, for instance, many Things are designed to perform in low-powered hardware. Hence, we also propose a protocol to demonstrate how we can achieve the authenticity of participating Things in a connectionless and resource-constrained environment.

Anonymity networks and the fragile cyber ecosystem

It is well known that government agencies have had the capability to eavesdrop on public switched telephone networks for many decades. 1 However, with the growing use of the Internet and the increasing technical capabilities of agencies to conduct mass surveillance, an individuals right to privacy is of far greater concern in recent years. The ethical issues surrounding privacy, anonymity and mass-surveillance are complicated, with compelling arguments for and against, due in part to the fact that privacy and anonymity are desired by criminals and terrorists, not just individuals who care about their privacy. 2 , 3 , 4