TEAM Betatesters &

Editor-in-Chief Proofreaders
Joanna Kretowicz
[email protected]
Lee McKenzie
Managing Editor
Hammad Arshed
Magdalena Jarzębska
Avi Benchimol
[email protected]
Amit Chugh
Editors:
Craig Thornton
Marta Sienicka
[email protected]
Paul Mellen
Marta Strzelec
[email protected] Alex Giles

Bartek Adach Alexandre D’Hondt

[email protected]
Olivier Caleff
Michalina Szpyrka
[email protected] Gilles Lami

Proofreader: Daniel Sligar

Lee McKenzie
Dinesh
Senior Consultant/Publisher:
Paweł Marciniak Kashif Aftab

CEO: Jeff Smith

Joanna Kretowicz
[email protected] David Kosorok

Marketing Director: O Davies

Joanna Kretowicz
[email protected] Clancey

DTP Girshel Chokhonelidze

Magdalena Jarzębska
[email protected] Osvaldo Salazar

Cover Design Gregory Chrysantou

Hiep Nguyen Duc
Joanna Kretowicz

Publisher
Hakin9 Media Sp. z o.o.
02-676 Warszawa
ul. Bielawska 6/19
Phone: 1 917 338 3631

www.hakin9.org

All trademarks, trade names, or logos mentioned or used are the property
of their respective owners. The techniques described in our articles may
only be used in private, local networks. The editors hold no responsibility
for misuse of the presented techniques or consequent data loss.
Dear readers,

Fall is finally here and it’s getting spooky, and that’s why in October we decided to dedicate our newest

issue to a truly terrific topic, that is wireless hacking! Inside of this edition, you will find great tutorials,
case studies, and guides, suitable both for advanced and intermediate hackers. Grab your hot tea or

you-know-what-latte and let’s dive into it!

We prepared a handful of amazing articles that will help you with many aspects of wireless hacking - from

most effective tools, like WiFiPumpkin3 in a tutorial written by Atlas Stark, to pentesting your wireless

networks. Roberto Camerinesi will help you understand what are Stealth Chained Wi-Fi Attacks and how

to perform them, and those of you who are just starting your adventure with hacking will get a chance to

get to know a tool called Airgeddon in the Quick Guide to Wi-Fi Hacking for Newbies.

But there’s more! There are many interesting case studies and tutorials that will help you improve your

wireless security or gain skills to exploit network vulnerabilities.

If Wi-Fi hacking is not your cup of tea, we have something for you too! If you are a fan of Nmap, take a

look at Evading Firewalls & Enumerating SNMP Using Advanced Nmap Techniques by dr. Akashdeep

Bhardwaj. For those who are still hungry for some raspberries we have an amazing tutorial Facial Recogni-

tion Using Raspberry Pi and Pi Camera. Python enthusiasts may be interested in an introduction to

encoding/decoding things with Codext, a great open-source tool, written by Alexandre D’Hondt. You

will also get a chance to get into your detective boots and investigate financial fraud crimes using Graph

techniques!

While we focus mostly on wireless hacking, this issue is full of diverse knowledge and we believe it will

be a great read for everyone, as our contributors did truly an amazing job to share their experience. We

hope this edition will brighten the cold autumn days for you :)

We would like to send gratitude to our amazing contributors and reviewers for helping us create this

piece. It wouldn’t be possible without you!

Without further ado, enjoy!

Magdalena Jarzębska and Hakin9 Editorial Team

Contents WiFiPumpkin3

06 by Atlas Stark

How to Hack Wi-Fi

Networks and
Secure Them

024 by Kirankumar Ramarao

Subuddi, Nikhil Santosh
Mahadeshwar

Stealth Chained Wi-Fi

Attacks

042 by Roberto Camerinesi

Airgeddon - a Quick
Guide to Wi-Fi Hacking
for Newbies

053 by Ali Zaoui

3
4
5
WIFIPUMPKIN3
 ATLAS STARK
Atlas Stark is a security researcher at Stark Industries Inc. with

16+ years in the technology industry. Currently providing cyber

security solutions and OSINT services to anti-human trafficking

non-profits that aid in investigation and victim recovery. He also

consults with state level law enforcement agencies concerning

hacking related incidents. He splits his time between California

and Tennessee.

Q/C: Please email [email protected] with any ques-

tions or concerns.

7
 WiFiPumpkin3

Fall is in the air and with those crisp gusts of wind, the month of October brings us countless “Hacktober” events and cool
tools to discover. One tool I have grown really fond of is WifiPumpkin3 by POcL4bs. WifiPumpkin3 is a framework written
in Python 3 for rogue access point attacks as well as other wireless attack functionalities, according to the project site. So,
fire up a command line, grab your favorite cola or your Pumpkin Spice Latte and get ready to explore how this tool can en-
hance your arsenal for your next engagement.

Setup & Housekeeping

I am using WifiPumpkin3 on Kali Linux 2021.3, but there are directions within the project documentation to utilize the
framework on Ubuntu systems as well. Some things to note from the start, according to the project documentation, Win-
dows and Mac OS X (although docker version is available, but not tested) are not supported by WifiPumpkin3. Below is a
list of must-haves and installed requirements according to the project documentation to successfully install and deploy Wi-
fiPumpkin3 and all of its features. Make sure you are running the current versions of the following requirements.

• WiFi-adapter that supports access point mode

• Iptables (current version: v1.8.7)

• iw (current version: version 5.9)

• net-tools (current version: 1.60+)

• wireless-tools (current version: 30~pre9-13)

WiFi-Adapter

For this article, I am using a WiFi-adapter that was designed by ZSecurity. The adapter features dual band radios (2.4 & 5
Ghz) and supports monitor mode for code injection and access point mode. It uses the RealTek RTL8812AU chipset just
like the Alfa brand adapters, so if you have an Alfa adapter, you are good to go. The most important aspect to ensure is the
chipset of the adapter. You can install the RealTek driver with the following command: “sudo apt-get install
realtek-rtl88xxau-dkms”. As you can see from the screen shot, I already have the newest version installed.

8
 HOW TO HACK
WI-FI
NETWORKS AND
SECURE THEM
KIRANKUMAR RAMARAO SUBUDDI

Kirankumar is an experienced Security Analyst with expertise in

multiple domains of Cyber Security which includes VAPT of An-

droid and Web applications, Infrastructure Pentesting, Blue

Teaming aka SOC_CERT and Digital Forensic Investigation. One

of the Top 15 Researcher of 4Q 2019 of National Critical Infor-

mation Infrastructure Protection Centre. Reported vulnerabili-

ties at various organisations like Paytm, Hotstar, OnePlus, Hack-

ersEra, Mastercard, ISC² and many more. He is a Certified Ethi-

cal Hacker and Security Analyst who has worked with public, pri-

vate organisations and also with police and government bodies.

10
NIKHIL SANTOSH MAHADESHWAR

Mr. Nikhil Mahadeshwar is a renowned cybersecurity expert and technology-

based innovator with more than a decade of experience in the web industry.

He is a Digital Forensics Investigator and Consultant for various law enforce-

ment and private investigative agencies. He is ‘Certified Security Analyst’ ,

‘Computer Hacking Forensics Investigator’ , ‘ISO 27001:2013 Information Se-

curity Management Systems Lead Auditor’, and ‘Certified Threat Intelligence

Analyst’. He has also trained more than 40,000 people on cyber awareness &

lectures to entrepreneurs, school & college students, police officials, corpo-

rates, etc. He has been awarded as the youngest entrepreneur and was pre-

sented as the youngest researcher in the National conference of social media

responsibility. Nikhil is Co-Founder and CTO at Skynet Softtech Private Lim-

ited.

11
 How To Hack Wi-Fi Networks and Secure Them

Due to the pandemic, work from home is becoming a common practice for most people. Many organizations were not pre-
pared for this type of situation, where their employees have to work remotely. It includes a high risk for the organization
from hackers and competitors that could lead to data breach, reputational loss, infrastructure compromise, etc. Also, em-
ployees were not trained for remote jobs with limited resources and limited security, which made organizations more vul-
nerable. If an employee uses free wifi or public wifi, there is a high chance the data that gets transmitted, captured or moni-
tored may leak or lead to an attack on the organization’s infrastructure. Not just employees but any user, even hackers
within approximately 300 feet of the access point, can then access the network.

Wi-Fi is convenient, accessible, and operates in millions of homes, corporate offices, university campuses and public hot-
spots worldwide. Wi-Fi networks use radio waves, similar to cell phones and televisions, to connect to a wireless access
point called a router, which directly connects to the Internet via a cable or DSL modem.

The problem is most Wi-Fi hotspot users are not aware of the risks of using public Wi-Fis. Most public Wi-Fis are unen-
crypted, which means that anyone with easily available software can listen in and access everything being sent over the net-
work.

Many users assume that if they pay for a Wi-Fi network at a hotel or airport then the connection is as secure as the network
connection at home or at the office. But wireless eavesdropping can happen on virtually any public Wi-Fi network. Plus, it is
impossible for the untrained person to determine the safety of a public Wi-Fi network and to identify those that are danger-
ous and make users vulnerable to hacking.

Let’s explore how a public Wi-Fi can be exploited in different means:

Step 1 : Access to a Wi-Fi network

• Hack the Wi-Fi Network

• Connect to the Wi-Fi Network

• Create a Rogue Access Point

For performing an attack on any users, we need users to be connected to the same Wi-Fi network. If the Wi-Fi is secured
with a password, then we can use different tools like Aircrack-ng, Wi-Fite, Airgeddon, etc. If the Wi-Fi has WPS enabled
then you can go for tools like reaver and bcmon. You can directly connect if the Wi-Fi is open. If none of them works then
attackers host a rogue access point using Airgeddon or other tools. For more enhanced impact and wider range attackers
also use hardware such as alpha card, nodemcu, Wi-Fi pineapple, etc.

Hacking a WPA/WPA2 Wi-Fi with WPS Enabled

• iwconfig: This command shows you wireless interfaces only.

• sudo ifconfig wlan0 down: This disables Wi-Fi.

12
 STEALTH
CHAINED WI-FI
ATTACKS
 ROBERTO CAMERINESI
Roberto Camerinesi is a computer security researcher and developer.

Embracing the philosophies of ethical hacking since adolescence, he has

been working for over 11 years in the ICT and security industry.Today he is

CTO of Cyber Evolution, working specifically on cyber security in IoT and In-

dustrial environment.

He believes that security should be a concept that accompanies digitization,

so he spreads and studies systems to capillarize security, inventing and pat-

enting air-gap defense systems.

As a popularizer and speaker he has spoken at important events and training

institutions such as the master Experis Academy, the Italian national event

ITASEC21 of the National Laboratory of CyberSecurity and as a finalist

startup competition WMF20.

14
 Stealth Chained Wi-Fi Attacks

INTRO

Greetings readers,

Wireless has revolutionized the way we can be connected, opening the way to countless application fields.

We find it, in fact, from home networks to public networks but not only; it is used in companies supporting the BYOD
(Bring Your Own Device) model and working methods and today it is coming in Industry 4.0 and sensor networks.

An important note deserves to be mentioned, that of IoT and automotive.

The exponential growth of these two sectors has given a boost to wireless networks, connecting all kinds of devices, from
smart TVs to automatic opening garages.

Born in Hawaii in 1971 with the Alohanet project and then became an IEEE standard around 1997 with 802.11a. The wave
frequency used for communication was initially equal to 2.4Ghz, well above 4G - today’s cellular connections, for example,
which work at about 2.6Mhz, but then, obviously over time, the standard 802.11 has evolved, with important breakthroughs
such as the implantation of MIMO technology, which allows you to expand "physically" the band using multiple antennas
and multiple receivers and the support of 5Ghz (as before it was reserved for some use and in some specific country).

All the implementations and improvements that concern the transmission of wireless networks are collected in nomencla-
ture instead of using IEEE acronyms. Today we are in fact in the Wi-Fi 6 standard and we are going towards Wi-Fi 7, always
with more bandwidth, optimized consumption and performance in terms of latency and security.

In short, its use and continuous evolution does not stop, considering that today there are estimated to be over 500 million
hotspots in the world.

The capillarity is disarming as reported by WiGLE ( https://wigle.net/) in the single portion of New York:

15
AIRGEDDON - A
QUICK GUIDE TO
WI-FI HACKING
FOR NEWBIES
 ALI ZAOUI
27 years from Algeria (North Africa)

Networks security and Systems administrator, more than 5 years

academic and professional experience, ethical hacker and pen-

tester, red hat, Desktop Applications Developer, CiSCO CCNA,

and Cyber Security Foundation Professional certified by Certi-

Prof.

17
 Airgeddon - a Quick Guide to WiFi Hacking for Newbies

Introduction

Many people think that their wireless network is safe from hacking because it is protected by WPA1 or WPA2 encryption
and by using a strong password with different characters and symbols. And yes, it is certainly hard to crack a strong pass-
word because you need a high-performance machine and time, and comparing (WPA1-WPA2) and WPS or WEP, it is clear
that WPA2 encryption is the best.

However, is there a way to break the wifi protection without cracking the password?

There is! A fantastic way called the Evil Twin attack, used in social engineering. There are many tools that can perform the
evil twin attack. From my experience, the best Wi-Fi hacking program for beginners is Airgeddon.

Airgeddon makes things easy for you, from putting the wireless card on monitor mode and selecting target, through captur-
ing the handshake, to cracking the Wi-Fi (WPA1 and WPA2), or performing an evil twin attack (to do this, you’ll need an ex-
ternal wireless card). It is also constantly evolving by adding new features.

How cool is it?

First, let’s see how to install Airgeddon.

Installation

Airgeddon requires other programs that you can find on almost every distribution designed for cyber security (i.e. Parrot,
Kali, Arch, etc.).

This tool can download these dependencies automatically.

Method 1:

> by git

First, let’s open the terminal as a root using the command ‘sudo su’, and enter your password ****

Then, type these commands:

18
 PERFORMING A
PENTEST ON A
WIRELESS
NETWORK -
PRACTICAL CASE
 JOAS ANTONIO DOS SANTOS
+8 years of academic and professional experience, Instructor

and Consultant Red Team by ACADI-TI, Information Security Re-

searcher, CEH Master, eJPT, OSWP and OSCP in Progress.

20
 Performing a Pentest on A Wireless Network - Practical Case

Introduction

The Pandemic has brought us several changes in the way we are going to work from now on, especially in the cybersecurity
area, even though working remotely has been a reality for a long time. But sometimes it's quite difficult to work away from
the company or one of our clients, of course, that's what we would think.

But why am I saying this? I recently did a Wireless Network PenTest for a client, looking to test the security of their Wi-Fi
networks that were used in their office, and for those who made the OSWP know that a connected wireless card and SSH
access is enough for we started our audit and that's how we got here.

However, a pentest in Wireless Network is not the starting point anyway, and having a methodology is important, I use this
methodology which is separated into five topics.

Recognition

Information Collection

Package Analysis

Exploration

Post Exploration

Let's understand each step.

Recognition

In the Recognition part, we can check the wi-fi networks that we can see; for that we can use some tools to help us.

Kismet

A very good tool is Kismet, a good wireless network analyzer, very powerful for performing pentesting and auditing.

Let's open Kismet, just access the terminal and type "kismet":

21
 IMPROVED CYBER
SECURITY ON HIGHER
EDUCATION
INSTITUTES: A CASE
STUDY ON WIRELESS
NETWORKS SECURITY
 LOCHANA KORALAGE
Lochana Koralage is an experienced Systems Engineer, currently

working in the higher education sector in the Leading Higher

Education Institute in Sri Lanka. The author holds an Honors De-

gree in Computing, and a master’s degree, specializing in Cyber

Security.

Lochana Koralage - MSc IT (specializing in cyber security), BSc

(hons) Computing CEH CHFI.

23
 Improved Cyber Security on Higher Education Institutes: a Case
Study on Wireless Networks Security

Introduction: Wireless Network Connectivity

Wireless Networks are part and parcel of our daily life as it is seemingly everywhere. Wi-Fi is a commodity of every person,
every home and organization with proper access and resources. However, only a few people are aware of the risks they are
facing in using wireless networks and exchanging information through these types of networks.

Therefore, through this case Study it is expected to first discuss basic concepts related to wireless networks, information ex-
change through these networks and configuration of security. Then it is expected to discuss the basic ideas of security
threats and existing mitigations in general in wireless networks.

Finally, the key objective of the case study is to focus on campus networks and implementing security in using campus net-
works for information interchange and different research conducted on enhancing the related security through different
protocols and principles.

Security Threats of Wi-Fi Networks

In general, we can identify different threats posed upon wireless networks and information exchange through them. Wire-
less networks provide a false sense of security and comfort to the users who connect through Wi-Fi to exchange informa-
tion. The reason for this risk is mainly due to the ease of setting up a wireless network by a person with a little technological
knowledge with the access to technology in the modern world. Yet, security is not ensured in this manner. It is believed that
around 40 to 50 percent of the users have lesser, unreliable network security in Wi-Fi usage.

The cost advantage of using Wi-Fi is the key reason for choosing Wi-Fi by many small and medium scale businesses and
small home networks as well. Yet, this advantage gets cancelled out by the high risk they are facing in exchanging private
documents with a monetary value of information. Figure 1 shows some of the risks faced by unsecured cyber security net-
works. Most of them are directly affecting unsecured Wi-Fi networks as well.

Figure 1 Source: Ponemon Institute – Security Beyond the Traditional Perimeter

24
EVADING FIREWALLS
& ENUMERATING
SNMP USING
ADVANCED NMAP
TECHNIQUES
 DR. AKASHDEEP BHARDWAJ
Dr. Akashdeep Bhardwaj is working as Professor (Cybersecurity

& Digital Forensics) with University of Petroleum & Energy Stud-

ies (UPES), Dehradun, India. Dr. Akashdeep is an eminent IT In-

dustry & Academic expert with over 26 years of experience in

Cybersecurity, Digital Forensics and IT Management Opera-

tions. In his current role, Dr. Akashdeep mentors graduate, mas-

ters and doctoral students apart from leading projects. Akash

has published over 65 research papers, books, chapters and pat-

ents. Akash has worked as Technology Leader and head in sev-

eral multinational organizations.

26
 Evading Firewalls & Enumerating SNMP Using Advanced
NMAP Techniques

Abstract

You’ve been asked to gather information about a network and its systems (hosts) – about which you have no idea. It is an
unknown network. You are asked to find live IP addresses, network interfaces, hosts running apps, services, OS and their
versions, or simply the open or closed ports. But you are completely blank! This is where NMAP, or Network Mapper,
comes in. We can perform reconnaissance using NMAP to probe the network and systems inside it, craft our TCP packets,
and send them to the targets. You can evade firewalls and Intrusion Detection Systems when gathering valuable informa-
tion from target networks and systems. The information gathered can further be used for penetration testing – search vul-
nerabilities!

Introduction

Nmap (Network Mapper) is a network scanning and host detection programme that comes in handy throughout various
stages of ethical hacking and penetration testing. Nmap is a sophisticated programme that may be used for vulnerability de-
tection or as a security scanner. It is not restricted to just gathering information and enumeration. Nmap is a multifunc-
tional application that works on a variety of platforms, including Kali, Windows, BSD, Linux, and Mac. This paper presents
the advanced level role of NMAP for performing advanced information gathering and recon of hosts and networks. This as-
sumes the readers have prior knowledge and skills of basic NMAP usage. We’ll instead focus on using NMAP to bypass Fire-
walls and the use of NMAP scripts.

Evading Firewalls

Nmap uses various techniques to evade firewalls as presented below.

Decoy Scan: Scan target as if it is being scanned from another system (gateway) as:

# sudo nmap –D <decoy IP> <IP address>

NMAP can also use Random Spoofed IP Address to scan targets: # sudo nmap –D RND:5 IP Address

27
FACIAL RECOGNITION
USING RASPBERRY PI
AND PI CAMERA (IOT
PROTOCOL FOCUS:
MQTT)
 SHOUMIT KARNIK
I am a Cybersecurity Professional working to solve Cybersecu-

rity issues. Discovering bugs/exploits, assessing their risk and im-

pact on financial and software systems and security consultation

are some of my key interest areas. My knowledge base includes

OWASP top 10, NIST standards, penetration testing, threat re-

search, risk assessment, IoT security, applied cryptography, em-

bedded systems hacking, secure software coding, cloud Identity

Access Management (IAM), reverse engineering and malware

analysis. Currently I am working as a risk management profes-

sional for Deloitte.

29
 SOURYADIP SENGUPTA
Internet games were my favorite hobby as a child but the internet was locked with a password
by my parents, since they didn't want me to be spending such long hours in front of the com-
puter. I at that time learnt about password cracking techniques, trying to guess passwords or
use other people's internet connection to play my favorite online game as well as download one
to be played offline. With the introduction of social media in 2008 I learnt more about website
and how passwords could be stolen by few tricks shown online. All of this made me feel hacking
which was a thing of science fiction can be done in reality, only here the hacker is minus a
hooded jacket. My true cybersecurity journey began with Ernst and Young (EY) with Identity and
Access Management (IAM) where I was exposed to plethora of security concepts, learning on
the job was exciting but I always wanted to be a master of the skills I learn. Moreover learn the
art of in depth structured research and working along with bright minds to solve bigger issues
within the industry. University of Maryland had a perfect course as it focused on applied cyberse-
curity and I really enjoyed the learning experience while pursuing my own projects. One such
was the IoT project of face recognition with MQTT. The purpose was to use new technology and
embed the right security so that authentication can be granted. I did this project with my peer/
friend Shoumit without whose contributions the output would be only half its value. I really en-
joyed this project and it helped me better understand network stacks, security in different layers
and assisted me to land a job at Intel working with
30 product security team.
 Facial Recognition using Raspberry Pi and Pi Camera

Project Scope and Description

The project idea was to implement facial recognition using the Raspberry Pi single-board computer along with the Pi Cam-
era attachment. The IoT protocol used to transmit the images between the simulated cloud environment (local machine)
and the Raspberry Pi will be MQTT (Message Queuing Telemetry Transport) and the local environment would be used to
identify the person. Facial recognition through OpenCV would be used to identify the captured image from the Pi Camera.

Architecture Diagram

Use Case(s)

Security Cameras: Identifying people entering/leaving the premises.

Home Automation: Unlocking doors, identifying residents and guests visiting homes.

Healthcare application: Contactless interaction, COVID-19 symptoms Identification.

Oil and Gas industries: Placed in critical locations where human access is limited to monitor risk zones.

31
 ENCODING/
DECODING THINGS
WITH CODEXT
A PYTHON PACKAGE FEATURING CLI
TOOLS FOR ENCODING AND
DECODING MANY THINGS
 ALEXANDRE D’HONDT

Alexandre D'Hondt is a cybersecurity professional and en-

thusiast working in this field for a few years. He holds two

master degrees of civil engineering in telecommunications

and network security. He mostly works in the subfield of

Vulnerability Assessment. He loves continuously learning

new things. He owns multiple GIAC certifications and espe-

cially loves hacking, Python programming, software devel-

opment and automation.

33
 Encoding/Decoding Things with CodExt

Abstract

Python provides a native package for handling encodings called codecs. It has a neat API defining codecs for encoding/
decoding with various well-known encodings, especially for dealing with special characters. However, it contains a limited
set of codecs and does not handle multi-layered encoded inputs.

That is where codext comes into play, the CODecs EXTension. It provides various features for easily enriching the registry
of codecs from the native library, increases this with many new encodings, and provides multi-layer guessing relying on an
artificial intelligence algorithm.

This article explains its basics and presents some of its capabilities.

1.Introduction

Encoding or decoding data is a common operation, especially when dealing with special characters like Cyrillic or Chinese.
These kinds of encodings are handled by a native library in Python called codecs. In security, we can also encrypt some-
thing and then base64-encode it to transform the ciphertext to a limited set of printable characters. This is something also
handled by codecs. However, its registry of codecs is relatively limited and mostly contains classical encodings for special
characters.

Therefore, providing a programming interface for manipulating the registry of codecs is a first challenge. Afterwards, it
could be interesting to provide a guess feature for addressing multi-layer encodings. This can be handled by an artificial in-
telligence algorithm like a tree search, optimized with a scoring heuristic for ranking best-matching encodings. All these
challenges are addressed in codext [1], the CODecs EXTension.

The remainder of this article presents the enhanced API and the extended registry of codecs. Then it explains the guess fea-
ture and the tuning of its parameters for refining a search, converging towards the right decoded output. Finally, it shows
the related Command-Line Interface tools shipped with the package with some usage examples.

2.Codecs registry

The registry of codecs is the structure that contains the definitions of codecs. First, this subsection presents how to inspect
existing codecs and then how codecs can be added or removed from this registry.

2.1. Inspecting codecs

When looking at the source code of codecs, we can see that it imports various objects from _codecs (a shared object), in-
cluding a lookup function for returning a CodecInfo instance holding the attributes of a codec and its encode/decode
functions. This lookup works by walking the registry, an ordered list of so-called search functions. These functions, when
called with a string, return matching CodecInfo instances. This way, while walking this registry, the first search function
34
 INVESTIGATE
FINANCIAL FRAUD
CRIMES USING
GRAPH
TECHNIQUES
 DR. AKASHDEEP BHARDWAJ
Dr. Akashdeep Bhardwaj is working as Professor (Cybersecurity

& Digital Forensics) with University of Petroleum & Energy Stud-

ies (UPES), Dehradun, India. Dr. Akashdeep is an eminent IT In-

dustry & Academic expert with over 26 years of experience in

Cybersecurity, Digital Forensics and IT Management Opera-

tions. In his current role, Dr. Akashdeep mentors graduate, mas-

ters and doctoral students apart from leading projects. Akash

has published over 65 research papers, books, chapters and pat-

ents. Akash has worked as Technology Leader and head in sev-

eral multinational organizations.

36
 Investigate Financial Fraud Crimes Using Graph Techniques

Abstract

Money laundering, terrorism funding, corruption, tax evasion, insurance fraud, are a few examples of financial fraud
crimes. To avoid jail time or penalties, offenders must cover their traces in all of these circumstances. That includes using
fake identities, middlemen, intricate financial schemes, and other techniques to create layers of obfuscation between their
identity and their wrongdoings. Law enforcement authorities, financial institutions, and other fraud detection specialists,
on the other hand, are seeking proof of wrongdoing. New graph technologies provide a one-of-a-kind opportunity to iden-
tify financial criminals:

Comprehensive view of each entity entangled in the crime web with relationships

Identify real-time complicated suspicious patterns and connections

Figure 1: Legit Account Holders and Synthetic Accounts

By ingesting unrelated, unstructured information of suspicious users and their relations, detectives perform advanced inves-
tigations combined with real-time alerts and detection capabilities to fight financial crimes. Failure to do so might result in
fines of billions of dollars. How can banks and financial organizations establish linkages between their clients and their per-
sonal information (geolocations, IP addresses, bank accounts, transactions, etc.) and known criminals and terrorists?

37