Data mining seems to be a promising way to tackle the problem of unpredictability in MRO organizations. The Amsterdam University of Applied Sciences therefore cooperated with the aviation industry for a two-year applied research project exploring the possibilities of data mining in this area. Researchers studied more than 25 cases at eight different MRO enterprises, applying a CRISP-DM methodology as a structural guideline throughout the project. They explored, prepared and combined MRO data, flight data and external data, and used statistical and machine learning methods to visualize, analyse and predict maintenance. They also used the individual case studies to make predictions about the duration and costs of planned maintenance tasks, turnaround time and useful life of parts. Challenges presented by the case studies included time-consuming data preparation, access restrictions to external data-sources and the still-limited data science skills in companies. Recommendations were made in terms of ways to implement data mining – and ways to overcome the related challenges – in MRO. Overall, the research project has delivered promising proofs of concept and pilot implementations
MULTIFILE
Introduction: Few studies have examined the sales of stolen account credentials on darkweb markets. In this study, we tested how advertisement characteristics affect the popularity of illicit online advertisements offering account credentials. Unlike previous criminological research, we take a novel approach by assessing the applicability of knowledge on regular consumer behaviours instead of theories explaining offender behaviour.Methods: We scraped 1,565 unique advertisements offering credentials on a darkweb market. We used this panel data set to predict the simultaneous effects of the asking price, endorsement cues and title elements on advertisement popularity by estimating several hybrid panel data models.Results: Most of our findings disconfirm our hypotheses. Asking price did not affect advertisement popularity. Endorsement cues, including vendor reputation and cumulative sales and views, had mixed and negative relationships, respectively, with advertisement popularity.Discussion: Our results might suggest that account credentials are not simply regular products, but high-risk commodities that, paradoxically, become less attractive as they gain popularity. This study highlights the necessity of a deeper understanding of illicit online market dynamics to improve theories on illicit consumer behaviours and assist cybersecurity experts in disrupting criminal business models more effectively. We propose several avenues for future experimental research to gain further insights into these illicit processes.
The modern economy is largely data-driven and relies on the processing and sharing of data across organizations as a key contributor to its success. At the same time, the value, amount, and sensitivity of processed data is steadily increasing, making it a major target of cyber-attacks. A large fraction of the many reported data breaches happened in the healthcare sector, mostly affecting privacy-sensitive data such as medical records and other patient data. This puts data security technologies as a priority item on the agenda of many healthcare organizations, such as of the Dutch health insurance company Centraal Ziekenfonds (CZ). In particular when it comes to sharing data securely, practical data protection technologies are lacking as they mostly focus on securing the link between two organizations while being completely oblivious of what is happening with the data after sharing. For CZ, searchable encryption (SE) technologies that allow to share data in encrypted form, while enabling the private search on this encrypted data without the need to decrypt, are of particular interest. Unfortunately, existing efficient SE schemes completely leak the access pattern (= pattern of encrypted search results, e.g. identifiers of retrieved items) and the search pattern (= pattern of search queries, e.g. frequency of same queries), making them susceptible to leakage-abuse attacks that exploit this leakage to recover what has been queried for and/or (parts of) the shared data itself. The SHARE project will investigate ways to reduce the leakage in searchable encryption in order to mitigate the impact of leakage-abuse attacks while keeping the performance-level high enough for practical use. Concretely, we propose the construction of SE schemes that allow the leakage to be modeled as a statistic released on the queries and shared dataset in terms of ε-differential privacy, a well-established notion that informally says that, after observing the statistic, you learn approximately (determined by the ε-parameter) the same amount of information about an individual data item or query as if the item was not present in the dataset or the query has not been performed. Naturally, such an approach will produce false positives and negatives in the querying process, affecting the scheme’s performance. By calibrating the ε-parameter, we can achieve various leakage-performance trade-offs tailored to the needs of specific applications. SHARE will explore the idea of differentially-private leakage on different parts of SE with different search capabilities, starting with exact-keyword-match SE schemes with differentially-private leakage on the access pattern only, up to schemes with differentially-private leakage on the access and search pattern as well as on the shared dataset itself, allowing for more expressive query types like fuzzy match, range, or substring queries. SHARE comes with an attack lab in which we investigate existing and new types of leakage-abuse attacks to assess the mitigation-potential of our proposed combination of differential privacy with cryptographic guarantees in searchable encryption. To stimulate commercial exploitation of SHARE-results, our consortium partners CZ and TNO will take the lead on applying and evaluating our envisioned technologies in various healthcare use-cases.
