Wojciech Mazurczyk

Wojciech Mazurczyk
Warsaw University of Technology · Institute of Computer Science

Ph.D., D.Sc.

About

216
Publications
110,247
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
3,353
Citations
Introduction
Wojciech Mazurczyk holds B.Sc. (2003), M.Sc. (2004), Ph.D. (2009, with honours) and D.Sc. (habilitation, 2014) all in Telecommunications from Warsaw University of Technology, Poland. Author or co-author of over 80 papers, 1 patent application and over 30 invited talks devoted mainly to network security. Serving as Technical Program Committee Member of (among others): IEEE INFOCOM, IEEE GLOBECOM, IEEE ICC, IEEE LCN, IEEE CNS, IEEE WIFS and ACM IH&MMSec. Since 2013 IEEE Senior Member.
Additional affiliations
April 2014 - April 2015
Warsaw University of Technology
Position
  • Professor (Associate)
January 2010 - March 2014
Warsaw University of Technology
Position
  • Professor (Assistant)
April 2007 - December 2009
Warsaw University of Technology
Position
  • Research Assistant

Publications

Publications (216)
Preprint
A unified understanding of terms and their applicability is essential for every scientific discipline: steganography is no exception. Being divided into several domains (for instance, text steganography, digital media steganography, and network steganography), it is crucial to provide a unified terminology as well as a taxonomy that is not limited...
Preprint
Full-text available
A unified understanding of terms and their applicability is essential for every scientific discipline: steganography is no exception. Being divided into several domains (for instance, text steganography, digital media steganography, and network steganography), it is crucial to provide a unified terminology as well as a taxonomy that is not limited...
Preprint
A unified understanding of terms and their applicability is essential for every scientific discipline: steganography is no exception. Being divided into several domains (for instance, text steganography, digital media steganography, and network steganography), it is crucial to provide a unified terminology as well as a taxonomy that is not limited...
Article
Full-text available
Due to steady improvements in defensive systems, malware developers are turning their attention to mechanisms for cloaking attacks as long as possible. A recent trend exploits techniques like Invoke-PSImage, which allows embedding a malicious script within an innocent-looking image, for example, to smuggle data into compromised devices. To address...
Article
Information hiding is the science of concealing a secret message or a watermark inside a cover media (a host file/message) for providing various security purposes such as content authentication, integrity verification, covert communication, etc. When the cover media is textual content, the process of hiding is very difficult compared to other digit...
Article
Full-text available
The growing interest in agentless and server-less environments for the implementation of virtual/container network functions makes monitoring and inspection of network services challenging tasks. A major requirement concerns the agility of deploying security agents at runtime, especially to effectively address emerging and advanced attack patterns....
Article
User authentication remains a challenging issue, despite the existence of a large number of proposed solutions, such as traditional text-based, graphical-based, biometrics-based, web-based, and hardware-based schemes. For example, some of these schemes are not suitable for deployment in an Internet of Things (IoT) setting, partly due to the hardwar...
Article
Full-text available
This special issue presents five articles that address the topic of replicability and scientific methodology in information security research, featuring two extended articles from the 2021 International Workshop on Information Security Methodology and Replication Studies (IWSMR). This special issue also comprises two distinguished dissertations.
Article
It is increasingly challenging to deal with the volume,variety, velocity, and veracity of misinformation (e.g., dissemination of fake news contents, spurious posts, and fabricated images/videos) from different online platforms. In this article, we present an overview of existing machine learning and information hiding-based misinformation detection...
Article
Full-text available
IPv6CC is a suite of network covert channels targeting the IPv6 protocol. Its main scope is supporting penetration test campaigns to evaluate the security of a system against emerging information-hiding- capable attacks or steganographic malware. This paper presents the techniques used to inject data within IPv6 packets, the reference use case and...
Book
This book presents state-of-the-art research on security and privacy- preserving for IoT and 5G networks and applications. The accepted book chapters covered many themes, including traceability and tamper detection in IoT enabled waste management networks, secure Healthcare IoT Systems, data transfer accomplished by trustworthy nodes in cognitive r...
Article
Full-text available
In the last years, the utilization of information hiding techniques for empowering modern strains of malware has become a serious concern for security experts. Such an approach allows attackers to act in a stealthy manner, for instance, to covertly exfiltrate confidential data or retrieve additional command & control payloads for the operation of m...
Chapter
Full-text available
The dark web is often associated with criminal activities such as the sale of exploit kits using cryptocurrencies as payment. However, the difficulty in determining the identities of dark website owners and the tracing of the associated transactions compounds the challenges of investigating dark web activities. In this study, we explore how cryptoc...
Preprint
Full-text available
The detection and elimination of covert channels are performed by a network node, known as a warden. Especially if faced with adaptive covert communication parties, a regular warden equipped with a static set of normalization rules is ineffective compared to a dynamic warden. However, dynamic wardens rely on periodically changing rule sets and have...
Article
This special issue was desired to foster the progress in research on the development of novel defense methods in information security, especially for sophisticated and networked/hyper-connected systems, including those within IoT and CPS scenarios.
Conference Paper
The detection and elimination of covert channels are performed by a network node, known as a warden. Especially if faced with adaptive covert communication parties, a regular warden equipped with a static set of normalization rules is ineffective compared to a dynamic warden. However, dynamic wardens rely on periodically changing rule sets and have...
Article
Full-text available
Almost all spatial domain image steganography methods rely on modifying the Least Significant Bits (LSB) of each pixel to minimize the visual distortions. However, these methods are susceptible to LSB blind attacks and quantitative steganalyses. This paper presents an adaptive spatial domain image steganography algorithm for hiding digital media ba...
Conference Paper
Full-text available
Steganography embraces several hiding techniques which spawn across multiple domains. However, the related terminology is not unified among the different domains, such as digital media steganography, text steganography, cyber-physical systems steganography, network steganography (network covert channels), local covert channels, and out-of-band cove...
Preprint
Full-text available
The dark web is often associated with criminal activities such as the sale of exploit kits using cryptocurrencies as payment. However, the difficulty in determining the identities of dark website owners and the tracing of the associated transactions compounds the challenges of investigating dark web activities. In this study, we explore how cryptoc...
Preprint
Full-text available
Steganography embraces several hiding techniques which spawn across multiple domains. However, the related terminology is not unified among the different domains, such as digital media steganography, text steganography, cyber-physical systems steganography, network steganography (network covert channels), local covert channels, and out-of-band cove...
Article
Full-text available
Customer Edge Switching (CES) is an extension of the already known classical firewall that is often described and used in future networks like 5G. It extends its functionality by enabling information exchange with other firewalls to decide whether the inspected network traffic should be considered malicious or legitimate. In this paper, we show how...
Article
Full-text available
Information hiding techniques have been recently getting increased attention from the security community. This is because attackers often apply a variety of data hiding methods to exfiltrate confidential information, enable covert transfers between the compromised victim’s machine and an attacker-operated infrastructure, or stealthily transmit addi...
Article
Full-text available
Malicious software utilizes HTTP protocol for communication purposes, creating network traffic that is hard to identify as it blends into the traffic generated by benign applications. To this aim, fingerprinting tools have been developed to help track and identify such traffic by providing a short representation of malicious HTTP requests. However,...
Article
Full-text available
Modern malware is becoming hard to spot since attackers are increasingly adopting new techniques to elude signature- and rule-based detection mechanisms. Among the others, steganography and information hiding can be used to bypass security frameworks searching for suspicious communications between processes or exfiltration attempts through covert c...
Preprint
Full-text available
Original paper: https://doi.org/10.1016/j.future.2018.12.047 Network covert channels are hidden communication channels in computer networks. They influence several factors of the cybersecurity economy. For instance, by improving the stealthiness of botnet communications, they aid and preserve the value of darknet botnet sales. Covert channels can...
Article
Full-text available
In this article, we introduce the classification and the evolution of the most popular reconnaissance methods. Then, we discuss possible countermeasures and present some future directions.
Article
Full-text available
In this paper, a novel device identification method is proposed to improve the security of Visible Light Communication (VLC) in 5G networks. This method extracts the fingerprints of Light-Emitting Diodes (LEDs) to identify the devices accessing the 5G network. The extraction and identification mechanisms have been investigated from the theoretical...
Article
Message Queuing Telemetry Transport (MQTT) is a publish-subscribe protocol which is currently popular in Internet of Things (IoT) applications. Recently its 5.0 version has been introduced and ensuring that it is capable of providing services in a secure manner is of great importance. It must be noted that holistic security analysis should also eva...
Article
Full-text available
Managing the vulnerabilities reported by a number of security scanning software is a tedious and time-consuming task, especially in large-scale, modern communication networks. Particular software vulnerabilities can have a range of impacts on an IT system depending on the context in which they were detected. Moreover, scanning software can report t...
Article
Full-text available
Cyber attacks are currently blooming, as the attackers reap significant profits from them and face a limited risk when compared to committing the “classical” crimes. One of the major components that leads to the successful compromising of the targeted system is malicious software. It allows using the victim’s machine for various nefarious purposes,...
Chapter
Cyber security is one of the most relevant parts of modern information and communications technology (ICT) deployments and it will further grow in importance in the future. Therefore it is necessary to develop proper courses and educational tools to train students with the required sets of skill. From the educational point of view, due to the inter...
Article
Full-text available
In recent years, research started to focus on the scientific fundamentals of information security. These fundamentals include several important aspects such as the unified description of attacks and countermeasures, the reproducibility of experiments and means to achieve this reproducibility, the sharing of research data and code, the discussion of...
Article
5G is a paradigm-shifting communications technology that is envisioned to provide an even wider range of high-quality services than 4G. It promises to offer high bandwidth and ultra-low latency, which are desirable not only for voice and mobile broadband, but also for new vertical industries such as healthcare, public transport, manufacturing, medi...
Article
Full-text available
Currently, we are witnessing a significant rise in various types of malware, which has an impact not only on companies, institutions, and individuals, but also on entire countries and societies. Malicious software developers try to devise increasingly sophisticated ways to perform nefarious actions. In consequence, the security community is under p...
Conference Paper
Full-text available
Covert channels nested within network traffic are important tools for allowing malware to act unnoticed or to stealthily exchange and exfiltrate information. Thus, understanding how to detect or mitigate their utilization is of paramount importance, especially to counteract the rise of increasingly sophisticated threats. In this perspective, the li...
Article
Full-text available
Cyber attacks are on the rise and each day cyber criminals are developing more and more sophisticated methods to compromise the security of their targets. Sniffing is one of the most important techniques that enables the attacker to collect information on the vulnerabilities of the devices, protocols and applications that can be exploited within th...
Article
The five articles in this special section focus on novel research contributions, demonstration results, and standardization efforts on 5G network security, privacy and trust. Currently it is expected that the generation (5G) wireless systems will soon provide rich ubiquitous communication infrastructure with wide a range of high-quality services. I...
Article
Full-text available
Authentication is the process of confirming one’s identity. There is a steadily growing need to protect confidential, especially financial, data, as banks provide their services online through their ubiquitous systems. This paper presents a novel authentication method based on the analysis of body composition. A trusted system that relies on the bi...
Article
The articles in this special section focus on mobile communications and networks. While the core architecture and radio aspects for 5G are starting to achieve a degree of consensus in 3GPP Rel-15 and Rel-16, a huge number of ancillary proposals and functional areas are still being worked on. The anticipated pervasive nature of 5G into every nook an...
Article
Full-text available
Internet of Things acts an essential role in our everyday lives and it definitely has the potential to grow on the importance and revolutionize our future. However, the present communication technologies have several security related issues which is required to provide secure end to end connectivity among services. Moreover, due to recent, rapid gr...
Article
One of the fascinating aspects of modern communications is how it is interwoven into every new advance in technology. In fact, it is difficult to find a new technology, renewable power generation, unmanned aerial vehicles, etc., that does not feature wireless communications in some form. The Internet of Things would not be possible without mobile n...
Article
Information hiding is increasingly used to implement covert channels, to exfiltrate data or to perform attacks in a stealthy manner. Another important usage deals with privacy, for instance, to bypass limitations imposed by a regime, to prevent censorship or to share information in sensitive scenarios such as those dealing with cyber defense. In th...
Article
The articles in this special section examine the market for 5G and 6G mobile communications. After great success and widespread worldwide deployment throughout the last decade, 4G networks are passing the baton to 5G as the technology in the forefront of the race toward ubiquitous communications. 5G is a paradigm-shifting communications technology...
Article
Fifth generation (5G) networks are the base communication technology for connecting objects in the internet of things (IoT) environment. 5G is being developed to provide extremely large capacity, robust integrity, high bandwidth, and low latency. With the development and innovating new techniques for 5G-IoT, it surely will drive to new enormous sec...
Article
Full-text available
The Internet of Things (IoT) concept has been widely adopted and Internet connected devices enter more and more areas of our everyday lives. However, their limited security measures raise increasing concerns, especially in terms of users’ privacy. That is why, in this paper, privacy risks, focusing primarily on information leakage exposed by traffi...
Article
Full-text available
Each day more and more Internet of Things (IoT) devices are being connected to the Internet. In general, their applications are diverse but from the security perspective, it is evident that they are increasingly targeted by cybercriminals and used for nefarious purposes. Network covert channels form a subgroup of the information-hiding research are...
Article
Network covert channels enable stealthy communications for malware and data exfiltration. For this reason, developing effective countermeasures for these threats is important for the protection of individuals and organizations. However, due to the large number of available covert channel techniques, it is considered impractical to develop counterme...
Article
The articles in this special section focus on mobile communications and networks. Wireless communication has become more pervasive in our world today facilitated by the advancement in technologies such as LTE, Wi-Fi, and Bluetooth to such an extent that we find ourselves immersed in them on a daily basis while working, entertaining, or learning. Th...
Conference Paper
Full-text available
The increasing diffusion of malware endowed with steganographic techniques requires to carefully identify and evaluate a new set of threats. The creation of a covert channel to hide a communication within network traffic is one of the most relevant, as it can be used to exfiltrate information or orchestrate attacks. Even if network steganography is...
Article
Full-text available
Network covert channels are a part of the information hiding research area that deals with the secret transfer of information over communication networks. Covert channels can be utilized, for instance, for data leakage and stealthy malware communications. While data hiding in communication networks has been studied within the last years for several...
Article
“Smart” has gradually infiltrating all areas of people's daily life and the environments where we lead our life. The term of “Smart Industrial Environment” can be used to refer to each aspect of the industrial environments focused on the future, being smart vehicles, smart systems of transportation, smart devices (wearables and smartphones), smart...