@article{OosthoekDoerr2021,
  author    = {Oosthoek, Kris and D{\"o}rr, Christian},
  title     = {Cyber security threats to bitcoin exchanges},
  series = {IEEE transactions on network and service management : a publication of the IEEE},
  volume    = {18},
  journal   = {IEEE transactions on network and service management : a publication of the IEEE},
  number    = {2},
  publisher = {IEEE},
  address   = {New York},
  issn      = {1932-4537},
  doi       = {10.1109/TNSM.2020.3046145},
  pages     = {1616 -- 1628},
  year      = {2021},
  abstract  = {Bitcoin is gaining traction as an alternative store of value. Its market capitalization transcends all other cryptocurrencies in the market. But its high monetary value also makes it an attractive target to cyber criminal actors. Hacking campaigns usually target an ecosystem's weakest points. In Bitcoin, the exchange platforms are one of them. Each exchange breach is a threat not only to direct victims, but to the credibility of Bitcoin's entire ecosystem. Based on an extensive analysis of 36 breaches of Bitcoin exchanges, we show the attack patterns used to exploit Bitcoin exchange platforms using an industry standard for reporting intelligence on cyber security breaches. Based on this we are able to provide an overview of the most common attack vectors, showing that all except three hacks were possible due to relatively lax security. We show that while the security regimen of Bitcoin exchanges is subpar compared to other financial service providers, the use of stolen credentials, which does not require any hacking, is decreasing. We also show that the amount of BTC taken during a breach is decreasing, as well as the exchanges that terminate after being breached. Furthermore we show that overall security posture has improved, but still has major flaws. To discover adversarial methods post-breach, we have analyzed two cases of BTC laundering. Through this analysis we provide insight into how exchange platforms with lax cyber security even further increase the intermediary risk introduced by them into the Bitcoin ecosystem.},
  language  = {en}
}
@book{OPUS4-6813,
  title     = {Cloud security mechanisms},
  number    = {87},
  editor    = {Neuhaus, Christian and Polze, Andreas},
  publisher = {Universit{\"a}tsverlag Potsdam},
  address   = {Potsdam},
  isbn      = {978-3-86956-281-0},
  issn      = {1613-5652},
  url       = {http://nbn-resolving.de/urn:nbn:de:kobv:517-opus-68168},
  publisher      = {Universit{\"a}t Potsdam},
  pages     = {78},
  year      = {2014},
  abstract  = {Cloud computing has brought great benefits in cost and flexibility for provisioning services. The greatest challenge of cloud computing remains however the question of security. The current standard tools in access control mechanisms and cryptography can only partly solve the security challenges of cloud infrastructures. In the recent years of research in security and cryptography, novel mechanisms, protocols and algorithms have emerged that offer new ways to create secure services atop cloud infrastructures. This report provides introductions to a selection of security mechanisms that were part of the "Cloud Security Mechanisms" seminar in summer term 2013 at HPI.},
  language  = {en}
}