Wojciech Mazurczyk

• Professor
• Professor (Full) at Warsaw University of Technology

Over the past three decades, standardizing organizations (e.g., the National Institute of Standards and Technology and Internet Engineering Task Force) have investigated the efficiency of cryptographic algorithms and provided (technical) guidelines for practitioners. For example, the (Datagram) Transport Layer Security ‘‘(D)TLS’’ 1.2/1.3 was design...

In recent years, society has witnessed accelerated advancement in generative artificial intelligence (GenAI) technologies, which may be viewed as a double-edged sword. On one hand, GenAI tools can be used to create synthetic content legitimately. For example, advertising agencies may, with permission, generate celebrities’ images or videos using Ge...

Information hiding techniques are used by threat actors to elude countermeasures and prevent reversing the attack chain. Recently, they have been deployed to create covert channels, i.e., parasitic communications paths cloaked in network traffic and digital objects. Unfortunately, their detection and mitigation are not simple tasks, especially when...

Why disinformation is a cyber threat.

Malware is a serious threat to the modern Internet, as it is used to, e.g., sending spam or stealing bank login credentials. Typically, to communicate with the attacker, it utilizes popular network protocols such as the HyperText Transfer Protocol (HTTP). The network traffic characteristics related to this protocol can be used to detect malware and...

During the past few decades, research on digital media watermarking –initially designed for digital images with the envisioned applications of copyright protection or copy control– has significantly evolved with respect to other covers (i.e., video, audio, speech) and many more potential applications, including tamper detection, broadcast monitorin...

Currently, one can observe the evolution of social media networks. In particular, humans are faced with the fact that, often, the opinion of an expert is as important and significant as the opinion of a non-expert. It is possible to observe changes and processes in traditional media that reduce the role of a conventional ’editorial office’, placing...

The integration of new technologies is resulting in an increased demand for security and authentication in all types of data communications. Cybersecurity is the protection of networks and systems from theft. Biometric technologies use unique traits of particular parts of the body such facial recognition, iris, fingerprints and voice to identify in...

Modern malware now takes advantage of information hiding to avoid detection and implement various offensive and elusive mechanisms. The creation of covert channels, i.e., parasitic communication paths nested within legitimate traffic, is becoming a prime tool to exfiltrate sensitive information or retrieve additional malicious payloads. Despite the...

The commercialization of DNA tagging is a growing trend that demonstrates the increasing practicality of this novel approach. This interdisciplinary technology is based on the distinctive characteristics of DNA as a molecule that can remain stable in varying environmental conditions and store data following appropriate preparation. Moreover, newly...

Deep learning brings the opportunity to achieve effective speech steganalysis in speech signals. However, the speech samples used to train speech steganalysis models (i.e., steganalyzers) are usually sensitive and distributed among different agencies, making it impractical to train an effective centralized steganalyzer. Therefore, in this paper, we...

With the explosive advancement of AI technologies in recent years, the scene of the disinformation research is also expected to rapidly change. In this viewpoint article, in particular, we first present the notion of "disinformation 2.0" in the age of AI where disinformation would become more targeted and personalized, its content becomes very diff...

Social Media Platforms (SMPs) have changed how we communicate, share, and obtain information. However , this also comes at a cost, as users (willingly) share their Privately Sensitive Data (PSDs), such as pictures, real-time locations, and other personal connections, on SMPs. Recently, privacy concerns have gained much attention from both academia...

Every scientific domain benefits from a unified understanding and categorization of terms. This article highlights lessons learned from several years of taxonomy and terminology research in a cybersecurity domain.

Recently, various artificial intelligence (AI)-based methods have been proposed to support humans in detecting disinformation and fake news. The goal of this article is to provide a meta-analysis, and formally evaluate, compare, and benchmark various classes of fake news detection approaches. To this end, the following paper performs a comprehensiv...

While encryption can prevent unauthorized access to a secret message, it does not provide undetectability of covert communications over the public network. Implementing a highly latent data exchange, especially with low eavesdropping/discovery probability, is challenging for practical scenarios, such as social and political movements in authoritari...

This book gathers the proceedings of the International conference on Cybersecurity, Cybercrimes, and Smart Emerging Technologies, held on May 10–11, 2022, in Riyadh, Saudi Arabia. The conference organized by the College of Computer Science of Prince Sultan University, Saudi Arabia.

To prevent the abuse of low‐rate speech‐based steganography from threatening cyberspace security, the corresponding steganalysis approaches have been developed and received significant attention from research community. However, most existing steganalysis methods assume that steganography methods are known in advance, which in practice is impractic...

In recent years, the use of steganographic techniques has been progressively observed to endow threats with cloaking capabilities and launch sophisticated attack campaigns. This requires partially rethinking the perception of malware.

With the wide application of adaptive multi-rate (AMR) speech coder, steganography and steganalysis based on AMR coded speech streams have become a hot spot in the field of information hiding. Quantization Index Modulation (QIM)-based steganography is one of the most effective approaches to hide secret information into AMR coded speech streams with...

A unified understanding of terms and their applicability is essential for every scientific discipline: steganography is no exception. Being divided into several domains (for instance, text steganography, digital media steganography, and network steganography), it is crucial to provide a unified terminology as well as a taxonomy that is not limited...

A unified understanding of terms and their applicability is essential for every scientific discipline: steganography is no exception. Being divided into several domains (for instance, text steganography, digital media steganography, and network steganography), it is crucial to provide a unified terminology as well as a taxonomy that is not limited...

A unified understanding of terms and their applicability is essential for every scientific discipline: steganography is no exception. Being divided into several domains (for instance, text steganography, digital media steganography, and network steganography), it is crucial to provide a unified terminology as well as a taxonomy that is not limited...

Due to steady improvements in defensive systems, malware developers are turning their attention to mechanisms for cloaking attacks as long as possible. A recent trend exploits techniques like Invoke-PSImage, which allows embedding a malicious script within an innocent-looking image, for example, to smuggle data into compromised devices. To address...

Information hiding is the science of concealing a secret message or a watermark inside a cover media (a host file/message) for providing various security purposes such as content authentication, integrity verification, covert communication, etc. When the cover media is textual content, the process of hiding is very difficult compared to other digit...

With the advent of the Internet of Things (IoT), various industries have made considerable progress [1], including agriculture, utilities, manufacturing, and retail. IoT solutions help to increase productivity and efficiency in factories and workplaces. Meanwhile, in smart cities, interconnected traffic lights and parking lots are established throu...

The growing interest in agentless and server-less environments for the implementation of virtual/container network functions makes monitoring and inspection of network services challenging tasks. A major requirement concerns the agility of deploying security agents at runtime, especially to effectively address emerging and advanced attack patterns....

User authentication remains a challenging issue, despite the existence of a large number of proposed solutions, such as traditional text-based, graphical-based, biometrics-based, web-based, and hardware-based schemes. For example, some of these schemes are not suitable for deployment in an Internet of Things (IoT) setting, partly due to the hardwar...

This special issue presents five articles that address the topic of replicability and scientific methodology in information security research, featuring two extended articles from the 2021 International Workshop on Information Security Methodology and Replication Studies (IWSMR). This special issue also comprises two distinguished dissertations.

With the advent of the Internet of Things (IoT), various industries have made considerable progress, including agriculture, utilities, manufacturing, and retail. IoT solutions help to increase productivity and efficiency in factories and workplaces. Meanwhile, in smart cities, interconnected traffic lights and parking lots are established through I...

It is increasingly challenging to deal with the volume,variety, velocity, and veracity of misinformation (e.g., dissemination of fake news contents, spurious posts, and fabricated images/videos) from different online platforms. In this article, we present an overview of existing machine learning and information hiding-based misinformation detection...

IPv6CC is a suite of network covert channels targeting the IPv6 protocol. Its main scope is supporting penetration test campaigns to evaluate the security of a system against emerging information-hiding- capable attacks or steganographic malware. This paper presents the techniques used to inject data within IPv6 packets, the reference use case and...

This book presents state-of-the-art research on security and privacy- preserving for IoT and 5G networks and applications. The accepted book chapters covered many themes, including traceability and tamper detection in IoT enabled waste management networks, secure Healthcare IoT Systems, data transfer accomplished by trustworthy nodes in cognitive r...

In the last years, the utilization of information hiding techniques for empowering modern strains of malware has become a serious concern for security experts. Such an approach allows attackers to act in a stealthy manner, for instance, to covertly exfiltrate confidential data or retrieve additional command & control payloads for the operation of m...

The dark web is often associated with criminal activities such as the sale of exploit kits using cryptocurrencies as payment. However, the difficulty in determining the identities of dark website owners and the tracing of the associated transactions compounds the challenges of investigating dark web activities. In this study, we explore how cryptoc...

The real-time detection of speech steganography in Voice-over-Internet-Protocol (VoIP) scenarios remains an open problem, as it requires steganalysis methods to perform for low-intensity embeddings and short-sample inputs, as well as provide rapid detection results. To address these challenges, this paper presents a novel steganalysis model based o...

Data hiding techniques [...]

The detection and elimination of covert channels are performed by a network node, known as a warden. Especially if faced with adaptive covert communication parties, a regular warden equipped with a static set of normalization rules is ineffective compared to a dynamic warden. However, dynamic wardens rely on periodically changing rule sets and have...

This special issue was desired to foster the progress in research on the development of novel defense methods in information security, especially for sophisticated and networked/hyper-connected systems, including those within IoT and CPS scenarios.

The detection and elimination of covert channels are performed by a network node, known as a warden. Especially if faced with adaptive covert communication parties, a regular warden equipped with a static set of normalization rules is ineffective compared to a dynamic warden. However, dynamic wardens rely on periodically changing rule sets and have...

Almost all spatial domain image steganography methods rely on modifying the Least Significant Bits (LSB) of each pixel to minimize the visual distortions. However, these methods are susceptible to LSB blind attacks and quantitative steganalyses. This paper presents an adaptive spatial domain image steganography algorithm for hiding digital media ba...

Steganography embraces several hiding techniques which spawn across multiple domains. However, the related terminology is not unified among the different domains, such as digital media steganography, text steganography, cyber-physical systems steganography, network steganography (network covert channels), local covert channels, and out-of-band cove...

The dark web is often associated with criminal activities such as the sale of exploit kits using cryptocurrencies as payment. However, the difficulty in determining the identities of dark website owners and the tracing of the associated transactions compounds the challenges of investigating dark web activities. In this study, we explore how cryptoc...

Steganography embraces several hiding techniques which spawn across multiple domains. However, the related terminology is not unified among the different domains, such as digital media steganography, text steganography, cyber-physical systems steganography, network steganography (network covert channels), local covert channels, and out-of-band cove...

Customer Edge Switching (CES) is an extension of the already known classical firewall that is often described and used in future networks like 5G. It extends its functionality by enabling information exchange with other firewalls to decide whether the inspected network traffic should be considered malicious or legitimate. In this paper, we show how...

Information hiding techniques have been recently getting increased attention from the security community. This is because attackers often apply a variety of data hiding methods to exfiltrate confidential information, enable covert transfers between the compromised victim’s machine and an attacker-operated infrastructure, or stealthily transmit addi...

Malicious software utilizes HTTP protocol for communication purposes, creating network traffic that is hard to identify as it blends into the traffic generated by benign applications. To this aim, fingerprinting tools have been developed to help track and identify such traffic by providing a short representation of malicious HTTP requests. However,...

Modern malware is becoming hard to spot since attackers are increasingly adopting new techniques to elude signature- and rule-based detection mechanisms. Among the others, steganography and information hiding can be used to bypass security frameworks searching for suspicious communications between processes or exfiltration attempts through covert c...

Original paper: https://doi.org/10.1016/j.future.2018.12.047 Network covert channels are hidden communication channels in computer networks. They influence several factors of the cybersecurity economy. For instance, by improving the stealthiness of botnet communications, they aid and preserve the value of darknet botnet sales. Covert channels can...

In this article, we introduce the classification and the evolution of the most popular reconnaissance methods. Then, we discuss possible countermeasures and present some future directions.

In this paper, a novel device identification method is proposed to improve the security of Visible Light Communication (VLC) in 5G networks. This method extracts the fingerprints of Light-Emitting Diodes (LEDs) to identify the devices accessing the 5G network. The extraction and identification mechanisms have been investigated from the theoretical...

Message Queuing Telemetry Transport (MQTT) is a publish-subscribe protocol which is currently popular in Internet of Things (IoT) applications. Recently its 5.0 version has been introduced and ensuring that it is capable of providing services in a secure manner is of great importance. It must be noted that holistic security analysis should also eva...

Managing the vulnerabilities reported by a number of security scanning software is a tedious and time-consuming task, especially in large-scale, modern communication networks. Particular software vulnerabilities can have a range of impacts on an IT system depending on the context in which they were detected. Moreover, scanning software can report t...

Cyber attacks are currently blooming, as the attackers reap significant profits from them and face a limited risk when compared to committing the “classical” crimes. One of the major components that leads to the successful compromising of the targeted system is malicious software. It allows using the victim’s machine for various nefarious purposes,...

Each day more and more Internet of Things (IoT) devices are being connected to the Internet. In general, their applications are diverse but from the security perspective, it is evident that they are increasingly targeted by cybercriminals and used for nefarious purposes. Network covert channels form a subgroup of the information-hiding research are...

Cyber security is one of the most relevant parts of modern information and communications technology (ICT) deployments and it will further grow in importance in the future. Therefore it is necessary to develop proper courses and educational tools to train students with the required sets of skill. From the educational point of view, due to the inter...

In recent years, research started to focus on the scientific fundamentals of information security. These fundamentals include several important aspects such as the unified description of attacks and countermeasures, the reproducibility of experiments and means to achieve this reproducibility, the sharing of research data and code, the discussion of...

5G is a paradigm-shifting communications technology that is envisioned to provide an even wider range of high-quality services than 4G. It promises to offer high bandwidth and ultra-low latency, which are desirable not only for voice and mobile broadband, but also for new vertical industries such as healthcare, public transport, manufacturing, medi...

Currently, we are witnessing a significant rise in various types of malware, which has an impact not only on companies, institutions, and individuals, but also on entire countries and societies. Malicious software developers try to devise increasingly sophisticated ways to perform nefarious actions. In consequence, the security community is under p...

Covert channels nested within network traffic are important tools for allowing malware to act unnoticed or to stealthily exchange and exfiltrate information. Thus, understanding how to detect or mitigate their utilization is of paramount importance, especially to counteract the rise of increasingly sophisticated threats. In this perspective, the li...

Cyber attacks are on the rise and each day cyber criminals are developing more and more sophisticated methods to compromise the security of their targets. Sniffing is one of the most important techniques that enables the attacker to collect information on the vulnerabilities of the devices, protocols and applications that can be exploited within th...

The five articles in this special section focus on novel research contributions, demonstration results, and standardization efforts on 5G network security, privacy and trust. Currently it is expected that the generation (5G) wireless systems will soon provide rich ubiquitous communication infrastructure with wide a range of high-quality services. I...

Authentication is the process of confirming one’s identity. There is a steadily growing need to protect confidential, especially financial, data, as banks provide their services online through their ubiquitous systems. This paper presents a novel authentication method based on the analysis of body composition. A trusted system that relies on the bi...

The articles in this special section focus on mobile communications and networks. While the core architecture and radio aspects for 5G are starting to achieve a degree of consensus in 3GPP Rel-15 and Rel-16, a huge number of ancillary proposals and functional areas are still being worked on. The anticipated pervasive nature of 5G into every nook an...

Internet of Things acts an essential role in our everyday lives and it definitely has the potential to grow on the importance and revolutionize our future. However, the present communication technologies have several security related issues which is required to provide secure end to end connectivity among services. Moreover, due to recent, rapid gr...