collection curated by joecohen https://academictorrents.com/collection/security @article{, title= {"Pwned Passwords" Dataset}, keywords= {}, journal= {}, author= {haveibeenpwned.com}, year= {}, url= {https://haveibeenpwned.com/Passwords}, license= {}, abstract= {Version 3 with 517M hashes and counts of password usage ordered by most to least prevalent Pwned Passwords are 517,238,891 real world passwords previously exposed in data breaches. This exposure makes them unsuitable for ongoing use as they're at much greater risk of being used to take over other accounts. They're searchable online below as well as being downloadable for use in other online system. The entire set of passwords is downloadable for free below with each password being represented as a SHA-1 hash to protect the original value (some passwords contain personally identifiable information) followed by a count of how many times that password had been seen in the source data breaches. The list may be integrated into other systems and used to verify whether a password has previously appeared in a data breach after which a system may warn the user or even block the password outright.}, superseded= {}, terms= {} } https://academictorrents.com/download/53555c69e3799d876159d7290ea60e56b35e36a9 @article{, title= {CrackStation's Password Cracking Dictionary}, journal= {}, author= {Defuse Security}, year= {2010}, url= {https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm}, license= {Creative Commons Attribution-ShareAlike 3.0}, abstract= {The list contains every wordlist, dictionary, and password database leak that I could find on the internet (and I spent a LOT of time looking). It also contains every word in the Wikipedia databases (pages-articles, retrieved 2010, all languages) as well as lots of books from Project Gutenberg. It also includes the passwords from some low-profile database breaches that were being sold in the underground years ago. The format of the list is a standard text file sorted in non-case-sensitive alphabetical order. Lines are separated with a newline "\n" character. You can test the list without downloading it by giving SHA256 hashes to the free hash cracker or to @PlzCrack on twitter. Here's a tool for computing hashes easily. Here are the results of cracking LinkedIn's and eHarmony's password hash leaks with the list. The list is responsible for cracking about 30% of all hashes given to CrackStation's free hash cracker, but that figure should be taken with a grain of salt because some people try hashes of really weak passwords just to test the service, and others try to crack their hashes with other online hash crackers before finding CrackStation. Using the list, we were able to crack 49.98% of one customer's set of 373,000 human password hashes to motivate their move to a better salting scheme.}, keywords= {}, terms= {} } https://academictorrents.com/download/fd62cc1d79f595cbe1de6356fb13c2165994e469 @article{, title= {Internet History, Technology, and Security by Charles Severance}, journal= {}, author= {Charles Severance}, year= {}, url= {}, abstract= {(Including videos, presentation files and subtitles for the videos [ENG only]) ## About the Course The impact of technology and networks on our lives, culture, and society continues to increase. The very fact that you can take this course from anywhere in the world requires a technological infrastructure that was designed, engineered, and built over the past sixty years. To function in an information-centric world, we need to understand the workings of network technology. This course will open up the Internet and show you how it was created, who created it and how it works. Along the way we will meet many of the innovators who developed the Internet and Web technologies that we use today. ## What You Will Learn After this course you will not take the Internet and Web for granted. You will be better informed about important technological issues currently facing society. You will realize that the Internet and Web are spaces for innovation and you will get a better understanding of how you might fit into that innovation. If you get excited about the material in this course, it is a great lead-in to taking a course in Web design, Web development, programming, or even network administration. At a minimum, you will be a much wiser network citizen. ## Course Syllabus * Week 1: Introduction to the Course and The Dawn of Electronic Computing (1940-1960) * Week 2: The First Internet (1960-1990) * Week 3: The World Wide Web (1990-1995) * Week 4: Commercialization and Growth (1995-2000) * Week 5: Internets and Packets * Week 6: Transports and Security * Week 7: Networked Applications * Week 8: Security - Protecting Information * Week 9: Security - Establishing Identity * Final Exam ## Recommended Background This course has no prerequisites and there will be no programming. Literally anyone can and everyone should take this course.}, keywords= {Coursera, Internet, Security, History}, terms= {}, license= {}, superseded= {} } https://academictorrents.com/download/d666bf4b83066bcf7401e9c155fcd1b1c01cfb11 @article{, title= {DNS Census 2013 - dataset of registered domains and DNS records}, keywords= {}, journal= {}, author= {DNS Census}, year= {2013}, url= {http://dnscensus2013.neocities.org/}, license= {}, abstract= {==Introduction Probably the last time any person or entity had a complete list of all hostnames on the Internet was in the mid-1980s, when the Domain Name System (DNS) replaced the old, centralized DoD Internet Host table. Some domain registries like Verisign have zone file access programs, which offer a way to download a complete zone file. But many country-code Top Level Domains (ccTLDs) do not offer such programs. Various companies have, usually through crawling large parts of the web, collected a huge number of DNS records, but none have a complete list of all domains. And even those incomplete lists are in the hands of few companies like Google, Microsoft (Bing) and DomainTools LLC (whois.sc), presumably most major ISPs, and some research organizations like DNS-OARC, where they are treated as closely guarded company secrets. Other than the zone files provided by Verisign and some other registries, there are few datasets freely available for research or data mining. The DNS Census 2013 is an attempt to provide a public dataset of registered domains and DNS records. It was inspired by the Internet Census 2012 which showed that releasing data anonymously via BitTorrent is a good thing to do. The dataset contains about 2.5 billion DNS records gathered in the years 2012-2013. ==The data All data is compressed using xz/LZMA2. ==DNS records DNS records are written into CSV files. There is one file for each DNS record type (A/AAAA/CNAME/DNAME/MX/NS/SOA/TXT). The records are sorted lexicographically by hostname and by time. ==Registered domains lists If you only care about currently registered domains (e.g. example.com, nominet.org.uk, ?) but not subdomains (e.g. www.example.com, nom-ns1.nominet.org.uk., ?), the registered domains lists are for you. The lists contain only those hostnames for which a DNS record has been observed on or after January 1st, 2013. Each file contains the hostnames registered under one top-level domain. The lists are sorted lexicographically.}, tos= {}, superseded= {}, terms= {} } https://academictorrents.com/download/c89c9c891f7008e124e7382e605d04e3872e5541 @article{, title= {An Introduction to Computer Networks}, journal= {}, author= {Peter L Dordal}, year= {}, url= {http://intronetworks.cs.luc.edu/}, license= {Attribution-NonCommercial-NoDerivs}, abstract= {An Introduction to Computer Networks, a free and open general-purpose computer-networking textbook, complete with diagrams and exercises. It covers the LAN, internetworking and transport layers, focusing primarily on TCP/IP. Particular attention is paid to congestion; other special topics include queuing, real-time traffic, network management, security and the ns simulator. The book is suitable as the primary text for an undergraduate or introductory graduate course in computer networking, as a supplemental text for a wide variety of network-related courses, and as a reference work.}, keywords= {}, terms= {} } https://academictorrents.com/download/958e2487d2db5f41f9c056bb35cf547edf38528f @article{, title= {Internet Census 2012}, journal= {}, author= {Carna Botnet}, year= {2012}, url= {http://internetcensus2012.github.io/InternetCensus2012/paper.html}, license= {public domain}, abstract= {All data collected during the Internet Census 2012 is available for download via BitTorrent. It is released into public domain so everybody can use it for any purpose. For an explanation of what this data is and how it was obtained, see Paper. The full download is 568GB large. The data is segmented and organized into folders and subfolders, so you may just choose the files you need and don't have to download everything. The data is tab separated, ordered by IP and timestamp. The torrent also contains an offline version of this website and tab separated lists of the data which can be browsed in the service probe overview section, in the Hilbert Browser and in the reverse DNS overview. The data is compressed using ZPAQ 1.10, which is default in Debian and Ubuntu. It was found to have the smallest filesize, although it comes at the cost of very high cpu usage. Python code to distribute decompression workload across LAN computers is part of the code pack. Decompressing all data results in 9TB of raw logfiles, but this code can also be used to recompress the data into gzip files. The gziped dataset should be ~1.5TB.}, keywords= {Dataset, Internet}, terms= {}, superseded= {} } https://academictorrents.com/download/7e138693170629fa7835d52798be18ab2fb847fe @article{, title= {CrackStation's Password Cracking Dictionary (Human Passwords Only)}, journal= {}, author= {Defuse Security}, year= {}, url= {https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm}, license= {Creative Commons Attribution-ShareAlike 3.0}, abstract= {The list contains every wordlist, dictionary, and password database leak that I could find on the internet (and I spent a LOT of time looking). It also contains every word in the Wikipedia databases (pages-articles, retrieved 2010, all languages) as well as lots of books from Project Gutenberg. It also includes the passwords from some low-profile database breaches that were being sold in the underground years ago. The format of the list is a standard text file sorted in non-case-sensitive alphabetical order. Lines are separated with a newline "\n" character. You can test the list without downloading it by giving SHA256 hashes to the free hash cracker or to @PlzCrack on twitter. Here's a tool for computing hashes easily. Here are the results of cracking LinkedIn's and eHarmony's password hash leaks with the list. The list is responsible for cracking about 30% of all hashes given to CrackStation's free hash cracker, but that figure should be taken with a grain of salt because some people try hashes of really weak passwords just to test the service, and others try to crack their hashes with other online hash crackers before finding CrackStation. Using the list, we were able to crack 49.98% of one customer's set of 373,000 human password hashes to motivate their move to a better salting scheme.}, keywords= {}, terms= {}, superseded= {} } https://academictorrents.com/download/7ae809ccd7f0778328ab4b357e777040248b8c7f @article{, title = {LBL-CONN-7 Network Traces}, journal = {}, author = {Vern Paxson}, year = {1993}, url = {http://ita.ee.lbl.gov/html/contrib/LBL-CONN-7.html}, abstract = {Description This trace contains thirty days' worth of all wide-area TCP connections between the Lawrence Berkeley Laboratory (LBL) and the rest of the world. Format The reduced trace was generated by tcp-reduce, and has the format explained in that script's documentation . Briefly, the trace is an ASCII file with one line per connection, with the following columns: timestamp duration protocol bytes sent by originator of the connection, or ? if not available bytes sent by responder to the connection, or ? if not available local host - the (renumbered) LBL host that participated in the connection remote host - the remote (non-LBL) host that participated in the connection. Remote hosts have not been renumbered, to allow for geographic analysis of the data. Please do not attempt any further traffic analysis regarding the remote hosts. state that the connection ended in. The two most important states are SF, indicating normal SYN/FIN completion, and REJ, indicating a rejected connection (initial SYN elicited a RST in reply). Other states are discussed in the tcp_reduce documentation . flags zero or more flags: L indicates the connection was initiated locally (i.e., the LBL host is the one that began the connection) N indicates the connection was with nearby U.C. Berkeley. When this dataset was captured, a filter was used so that only nntp traffic with UCB was included, so this flag is only ever set for nntp connections. Measurement The trace ran from midnight, Thursday, September 16 1993 through midnight, Friday, October 15 1993 (times are Pacific Standard Time), capturing 606,497 wide-area connections. The tracing was done on the Ethernet DMZ network over which flows all traffic into or out of the Lawrence Berkeley Laboratory, located in Berkeley, California. The raw trace was made using tcpdump on a Sun Sparcstation using the BPF kernel packet filter. Fewer than 15 SYN/FIN/RST packets in a million were dropped. Timestamps have microsecond precision. As noted above, the traffic was filtered to exclude connections with nearby UCB except for nntp. Privacy The LBL hosts in the trace have been renumbered. The remote hosts remain as full IP addresses, to allow for geographic analysis of the data. Please do not attempt any further traffic analysis regarding the remote hosts. Acknowledgements The trace was made by Vern Paxson (vern@ee.lbl.gov). In publications, please include one or more citations to the papers mentioned below, as appropriate. Publications The SF connections in this trace correspond to LBL-7 in the papers Empirically-Derived Analytic Models of Wide-Area TCP Connections, V. Paxson, IEEE/ACM Transactions on Networking, 2(4), pp. 316-336, August 1994; Growth Trends in Wide-Area TCP Connections, V. Paxson, IEEE Network, 8(4), pp. 8-17, July 1994; and Wide-Area Traffic: The Failure of Poisson Modeling, V. Paxson and S. Floyd, IEEE/ACM Transactions on Networking, 3(3), pp. 226-244, June 1995. Restrictions The trace may be freely redistributed.} } https://academictorrents.com/download/2060d7faa61dd774f9279be7f3f79cece12ed0ed @article{, title = {BU-Web-Client Network Traces}, journal = {}, author = {Oceans research group at Boston University}, year = {1994}, url = {http://ita.ee.lbl.gov/html/contrib/BU-Web-Client.html}, license = {The traces may be freely redistributed.}, abstract = {Description These traces contain records of the HTTP requests and user behavior of a set of Mosaic clients running in the Boston University Computer Science Department, spanning the timeframe of 21 November 1994 through 8 May 1995. During the data collection period a total of 9,633 Mosaic sessions were traced, representing a population of 762 different users, and resulting in 1,143,839 requests for data transfer. Format Trace logfiles contain the sequence of WWW object requests (whether the object was served from the local cache or from the network). Each log file name contains a user id number, converted from Unix UIDs via a one-way function that allows user IDs to be compared for equality but not to be easily traced back to particular users. The file name also gives the machine on which the session took place, and the Unix timestamp when the session started. Boston University is located in the United States Eastern Time Zone. For example, a file named con1.cs20.785526125 is a log of a session from user 1, on machine cs20, starting at time 785526125 (12:42:05 EST, Tuesday, November 22, 1994). Each line in a log corresponds to a single URL requested by the user; it contains the machine name, the timestamp when the request was made, the user id number, the URL, the size of the document (including the overhead of the protocol) and the object retrieval time in seconds (reflecting only actual communication time, and not including the intermediate processing performed by Mosaic in a multi-connection transfer). An example of a line from a condensed log is: cs20 785526142 920156 "http://cs-www.bu.edu/lib/pics/bu-logo.gif" 1804 0.484092 Lines with the number of bytes equal to 0 and retrieval delay equal to 0.0 mean that the request was satisfied by Mosaic's internal cache. Measurement To collect this data we installed an instrumented version of Mosaic in the general computing environment at Boston University's Computer Science Department. This environment consists principally of 37 SparcStation 2 workstations connected in a local network, which is divided in 2 subnets. Each workstation has its own local disk; logs were written to the local disk and subsequently transferred to a central repository. We began by collecting data on a subset of the workstations only, while testing our data collection process. This period lasted from 21 November 1994 until 17 January 1995. When we were statisfied that data collection was occurring correctly, we extended the data collection process to include all workstations; data collection then took place until 8 May 1995. Since Mosaic ceased to be the dominant browser in use by early March 1995, the most representative portion of the traces are those covering the period 21 November 1995 through 28 February 1995. Privacy The user IDs in these logs have been renumbered to protect privacy. Acknowledgements These logs were collected by the members of the Oceans research group at Boston University. Mosaic was instrumented by Carlos Cunha (carro@cs.bu.edu). When referring to the use of these traces in published work, please cite Characteristics of WWW Client Traces, Carlos A. Cunha, Azer Bestavros and Mark E. Crovella, Boston University Department of Computer Science, Technical Report TR-95-010, April 1995. } } https://academictorrents.com/download/f305fe91840e1e117bdf27bd6c3970a69d90b92f @article{cheungeffectiveness, title={Effectiveness of Cybersecurity Competitions}, author={Cheung, Ronald S and Cohen, Joseph Paul and Lo, Henry Z and Elia, Fabio and Carrillo-Marquez, Veronica}, abstract = {There has been a heightened interest among U.S.government agencies to fund cybersecurity workforce development. These efforts include offering universities funding forstudent scholarships, funding for building capacity in cybersecurity education, as well as sponsoring cybersecurity competitions, games, and outreach programs. This paper examines the effectiveness of cybersecurity competitions in educating students.Our study shows that though competitions do pique students interest, the effectiveness of this approach in producing more high quality professionals can be limited. One reason is that the knowledge barrier to compete in these competitions is high. To be successful, students have to be proficient in operating systems,application services, software engineering, system administration and networking. Many Computer Science and InformationTechnology students do not feel qualified, and consequently this reduces participation from a wider student audience. Our approach takes aims at lowering this barrier to entry. We employ a hands-on learning methodology where students attend lectures on background knowledge on weekdays and practice what they learn in weekend workshops. A virtual networking environment is provided for students to practice network defense in the workshops and on their own time} } https://academictorrents.com/download/30ec3bb79d95e4af3b92315a5a073fb10ec8a87d