IWCC 2019

8th International Workshop on Cyber Crime (IWCC 2019)

to be held in conjunction with the 14 th International Conference on Availability, Reliability and Security
(ARES 2019 – )

August 26 – August 29, 2019, University of Kent, Canterbury, United Kingdom

Today’s world’s societies are becoming more and more dependent on open networks such as the Internet – where commercial activities, business transactions and government services are realized. This has led to the fast development of new cyber threats and numerous information security issues which are exploited by cyber criminals. The inability to provide trusted secure services in contemporary computer network technologies has a tremendous socio-economic impact on global enterprises as well as individuals.

Moreover, the frequently occurring international frauds impose the necessity to conduct the investigation of facts spanning across multiple international borders. Such examination is often subject to different jurisdictions and legal systems. A good illustration of the above being the Internet, which has made it easier to perpetrate traditional crimes. It has acted as an alternate avenue for the criminals to conduct their activities, and launch attacks with relative anonymity. The increased complexity of the communications and the networking infrastructure is making investigation of the crimes difficult. Traces of illegal digital activities are often buried in large volumes of data, which are hard to inspect with the aim of detecting offences and collecting evidence. Nowadays, the digital crime scene functions like any other network, with dedicated administrators functioning as the first responders.

This poses new challenges for law enforcement policies and forces the computer societies to utilize digital forensics to combat the increasing number of cybercrimes. Forensic professionals must be fully prepared in order to be able to provide court admissible evidence. To make these goals achievable, forensic techniques should keep pace with new technologies.

The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of digital forensics and to present the development of tools and techniques, which assist the investigation process of potentially illegal cyber activity. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews.

Topics of interest include, but are not limited to

Ransomware: evolution, functioning, types, etc.
Criminal use of IoT, e.g., IoT-based botnets
Mobile malware
Novel techniques in exploit kits
Criminal to criminal (C2C) communications
Criminal to victim (C2V) communications
Darknets and hidden services
Criminal abuse of clouds and social networks
Cybercrimes: evolution, new trends and detection
Protecting Big Data against cybercrimes
Cybercrime related investigations
Privacy issues in digital forensics

Big Data analytics helping to track cybercrimes
Network traffic analysis, traceback and attribution
Incident response, investigation and evidence handling
Integrity of digital evidence and live investigations
Identification, authentication and collection of digital evidence
Anti-forensic techniques and methods
Watermarking and intellectual property theft
Steganography/steganalysis and covert/subliminal channels
Network anomalies detection
Novel applications of information hiding in networks
Political and business issues related to digital forensics and anti-forensic techniques

Important Dates
Submission Deadline May 28, 2019
Author Notification June 15, 2019
Proceedings Version June 23, 2019
ARES EU Symposium August 26, 2019
Conference August 26 – August 29, 2019

Internet-wide Measurements to Prevent and Combat Cybercrime: The Case of DNS Zone Poisoning
Dr. Maciej Korczyński, University of Grenoble, France

Workshop IWCC

Abstract: Current communication networks are increasingly becoming pervasive, complex, and ever-evolving due to factors like enormous growth in the number of network users, continuous appearance of network applications, increasing amount of data transferred, and diversity of user behavior. Therefore, there is a great need for comprehensive Internet-wide measurements to prevent and combat cybercrime. Critical facts about the Internet security, such as “Which domain registries are abused by the cybercriminals the most?” or “Which Internet Service Providers do not deploy source IP address filtering, facilitating massive DDoS attacks?” remain poorly quantified.

In this talk, we will discuss a number of examples of measurement studies of the domain name space. In particular, we will explore an attack against configuration files of poorly maintained name servers allowing, for example, domain hijacking. We refer to this type of attack as to “zone poisoning”. The attack is as simple as sending a single RFC compliant DNS dynamic update packet to a misconfigured server. In the simplest version of an attack, a miscreant could replace an existing A or MX DNS resource record in a zone file of a server and point the domain name to an IP address under control of an attacker. We will present the global measurement study of the vulnerability. To assess the potential impact of non-secure dynamic updates, we scanned 290 million domains worldwide and found that among the vulnerable domains are governments, banks and health care providers, demonstrating that the threat impacts important services.

Via our study of the zone poisoning attack and subsequent notifications to affected parties and respective intermediaries, we aimed to improve the security of the global DNS ecosystem and test methods to contact affected parties after the introduction of the General Data Protection Regulation.

Maciej Korczyński holds an associate professor position at University of Grenoble in cybersecurity and Internet measurements. He is a member of the Messaging, Malware and Mobile Anti-Abuse Working Group(M3AAWG) and Grenoble Alpes Cybersecurity Institute. He obtained a PhD(2012) in computer science from University of Grenoble. He was a postdoctoral researcher in the Cybersecurity research group at TU Delft (2014-2017), at Rutgers University (2013-2014), and a member of European TMA group dedicated to traffic measurements and network attack detection. He has published research papers in major cybersecurity and networking conferences and journals (IEEE INFOCOM, ACM CCS, RAID, ACM IMC, IEEE Euro S&P, ACM AsiaCCS, PAM, IEEE ComMag). He gave over 30 invited industry talks in the domain of cybersecurity at ICANN, DNS-OARC, M3AAWG, etc. Over the past 10 years, he wrote successful project proposals, and has been working as a principal investigator and a senior researcher in several national and international projects funded by and in collaboration with ICANN, SIDN (registry of .nl domains), AFNIC (registry of .fr domains), the Dutch Ministry of Economics, the National Cyber Security Centre (NCSC), or the Dutch National High Tech Crime Unit. His main research interests include Internet-wide passive and active security measurements, incident data analysis, vulnerability notifications, economics of cybersecurity, attack detection, encrypted traffic classification, and security of Internet protocols such DNS.

Workshop Chairs

Artur Janicki, Warsaw University of Technology, Poland
Wojciech Mazurczyk, Warsaw University of Technology, Poland
Krzysztof Szczypiorski, Warsaw University of Technology, Poland


Elias Bou-Harb, National Cyber Forensics and Traning Alliance & Florida Atlantic University, USA
Samia Bouzefrane, CEDRIC Lab Conservatoire National des Arts et Métiers, France
Luca Caviglione, IMATI, CNR, Italy
Eric Chan-Tin, Loyola University Chicago, USA
Michal Choras, ITTI Ltd., Poland
Frédéric Cuppens, TELECOM Bretagne, France
Roberto Di Pietro, Hamad Bin Khalifa University, Doha-Qatar
Jana Dittmann, Otto-von-Guericke University Magdeburg, Germany
Germany Bela Genge Petru, Maior University of Tg Mures, Romania
Stefan Katzenbeisser, TU Darmstadt, Germany
Igor Kotenko, St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences (SPIIRAS), Russia
Christian Kraetzer, Otto-von-Guericke University Magdeburg, Germany
Jean-Francois Lalande, CentraleSupélec, France
Pedro Luis Prospero Sanchez, University of São Paulo, Brasil
Nabil Schear, Massachusetts Institute of Technology, USA
Ewa Syta, Trinity College, USA
Joanna Śliwa, Military Communication Institute, Poland
Hui Tian, College of Computer Science and Technology, National Huaqiao University, China
Steffen Wendzel, Worms University of Applied Sciences and Fraunhofer FKIE, Germany
Jozef Wozniak, Gdansk University of Technology, Poland

Submission Guidelines

The submission guidelines valid for the workshop are the same as for the ARES conference. They can be found at .