1,721,132 research outputs found
FakeBook: Detecting Fake Profiles in On Line Social Networks
No full textOn-line Social Networks (OSNs) are increasingly
influencing the way people communicate with each other and
share personal, professional and political information. Like the
cyberspace in Internet, the OSNs are attracting the interest of
the malicious entities that are trying to exploit the vulnerabilities
and weaknesses of the OSNs. Increasing reports of the security
and privacy threats in the OSNs is attracting security researchers
trying to detect and mitigate threats to individual users. With
many OSNs having tens or hundreds of million users collectively
generating billions of personal data content that can be exploited,
detecting and preventing attacks on individual user privacy is a
major challenge.
Most of the current research has focused on protecting the
privacy of an existing online profile in a given OSN. Instead, we
note that there is a risk of not having a profile in the last fancy
social network! The risk is due to the fact that an adversary may
create a fake profile to impersonate a real person on the OSN.
The fake profile could be exploited to build online relationship
with the friends of victim of identity theft, with the final target of
stealing personal information of the victim, via interacting online
with the friends of the victim.
In this paper, we report on the investigation we did on a
possible approach to mitigate this problem. In doing so, we also
note that we are the first ones to analyze social network graphs
from a dynamic point of view within the context of privacy threats
LineSwitch: Efficiently Managing Switch Flow in Software-Defined Networking while Effectively Tackling DoS Attacks.
No full textSoftware Defined Networking (SDN) is a new networking architecture that aims to provide better decoupling between network control (control plane) and data forwarding functionalities (data plane). This separation introduces several benefits, such as a directly programmable and (virtually) centralized network control. However, researchers showed that the required communication channel between the control and data plane of SDN creates a potential bottleneck in the system, introducing new vulnerabilities. Indeed, this behavior could be exploited to mount powerful attacks, such as the control plane saturation attack, that can severely hinder the performance of the whole network. In this paper we present LineSwitch, an efficient and effective solution against control plane saturation attack. LineSwitch combines SYN proxy techniques and probabilistic blacklisting of network traffic. We implemented LineSwitch as an extension of OpenFlow, the current reference implementation of SDN, and evaluate our solution considering different traffic scenarios (with and without attack). The results of our preliminary experiments confirm that, compared to the state-of-the-art, LineSwitch reduces the time overhead up to 30%, while ensuring the same level of protection. Copyright © 2015 ACM
Towards Scientific Incident Response
Full text linkA scientific incident analysis is one with a methodical, justifiable approach to the human decision-making process. Incident analysis is a good target for additional rigor because it is the most human-intensive part of incident response. Our goal is to provide the tools necessary for specifying precisely the reasoning process in incident analysis. Such tools are lacking, and are a necessary (though not sufficient) component of a more scientific analysis process. To reach this goal, we adapt tools from program verification that can capture and test abductive reasoning. As Charles Peirce coined the term in 1900, “Abduction is the process of forming an explanatory hypothesis. It is the only logical operation which introduces any new idea.” We reference canonical examples as paradigms of decision-making during analysis. With these examples in mind, we design a logic capable of expressing decision-making during incident analysis. The result is that we can express, in machine-readable and precise language, the abductive hypotheses than an analyst makes, and the results of evaluating them. This result is beneficial because it opens up the opportunity of genuinely comparing analyst processes without revealing sensitive system details, as well as opening an opportunity towards improved decision-support via limited automation
Passivity framework for modeling, mitigating, and composing attacks on networked systems
No full textA Convex Optimization Approach for Addressing Storage-Communication Tradeoffs in Multicast Encryption
No full textIn Eurocrypt'99, Canetti, Malkin, and Nissim [1] presented a new tree based key distribution algorithm that required O(log n) (n is the group size) key update communications and key storage of O( n log n ). The results in [1] are known to be the first results presenting the sub-linear storage among the family of tree based key distribution schemes. The question of whether this storage was the possible optimal value while keeping the communication as O(log n) was posed as a problem. We show that the storage-communication tradeoff can be formulated as a convex optimization problem in terms of the size of the minimal storage parameter defined in [1]. In particular, we show that the optimal solution is parameterizable by the ratio of the communication and storage costs denoted , the degree of the tree denoted a, and the group size n. Using this design triplet (a; n; ), we show that not only the results in [1] but also the results of the basic scheme of Wallner, Harder, and Agee ..
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
- …
