48,413 research outputs found
Privacy-Friendly Collaboration for Cyber Threat Mitigation
Sharing of security data across organizational boundaries has often been
advocated as a promising way to enhance cyber threat mitigation. However,
collaborative security faces a number of important challenges, including
privacy, trust, and liability concerns with the potential disclosure of
sensitive data. In this paper, we focus on data sharing for predictive
blacklisting, i.e., forecasting attack sources based on past attack
information. We propose a novel privacy-enhanced data sharing approach in which
organizations estimate collaboration benefits without disclosing their
datasets, organize into coalitions of allied organizations, and securely share
data within these coalitions. We study how different partner selection
strategies affect prediction accuracy by experimenting on a real-world dataset
of 2 billion IP addresses and observe up to a 105% prediction improvement.Comment: This paper has been withdrawn as it has been superseded by
arXiv:1502.0533
TRIDEnT: Building Decentralized Incentives for Collaborative Security
Sophisticated mass attacks, especially when exploiting zero-day
vulnerabilities, have the potential to cause destructive damage to
organizations and critical infrastructure. To timely detect and contain such
attacks, collaboration among the defenders is critical. By correlating
real-time detection information (alerts) from multiple sources (collaborative
intrusion detection), defenders can detect attacks and take the appropriate
defensive measures in time. However, although the technical tools to facilitate
collaboration exist, real-world adoption of such collaborative security
mechanisms is still underwhelming. This is largely due to a lack of trust and
participation incentives for companies and organizations. This paper proposes
TRIDEnT, a novel collaborative platform that aims to enable and incentivize
parties to exchange network alert data, thus increasing their overall detection
capabilities. TRIDEnT allows parties that may be in a competitive relationship,
to selectively advertise, sell and acquire security alerts in the form of
(near) real-time peer-to-peer streams. To validate the basic principles behind
TRIDEnT, we present an intuitive game-theoretic model of alert sharing, that is
of independent interest, and show that collaboration is bound to take place
infinitely often. Furthermore, to demonstrate the feasibility of our approach,
we instantiate our design in a decentralized manner using Ethereum smart
contracts and provide a fully functional prototype.Comment: 28 page
SciTech News Volume 71, No. 1 (2017)
Columns and Reports From the Editor 3
Division News Science-Technology Division 5 Chemistry Division 8 Engineering Division Aerospace Section of the Engineering Division 9 Architecture, Building Engineering, Construction and Design Section of the Engineering Division 11
Reviews Sci-Tech Book News Reviews 12
Advertisements IEEE
Recommended from our members
Between Scylla and Charybdis: Environmental governance and illegibility in the American West
In The Odyssey, Odysseus and his crew must navigate the Strait of Messina between two great hazards: the six-headed monster Scylla on one side, and the whirlpool Charybdis on the other. This conceit here guides a critical engagement with scientific knowledge and state power, grounded in the positionality and practices of government agents charged with the management of controversial species and processes in the American West. Based in ethnographic and archival research on wolf-livestock conflict and public lands grazing in Central Idaho, I relate how agents with the U.S. Forest Service and Idaho Department of Fish and Game navigate conditions not of their own choosing. Sailing the “choppy seas” of complex systems and multiple-use mandates, with the “whirlpool” of cuts to capacity on one side and the “monster” of political controversy and litigation on the other, agents appear to collect less or more ambiguous information on their charges, resulting in a partial “blindness” or illegibility. Although a rational adaptation to unrealistic expectations, this ignorance is not bliss but rather symptom and source of dysfunction, limiting agents’ ability to carry out monitoring, collaboration, and effectively conduct on-the-ground management. Understanding patterns of illegibility requires that we attend both to broader contextual pressures and situated motivations. In so doing, we might account for the seeming disconnect between agencies’ stated aims and practices, complicate traditional assumptions of evidence-based scientific management and analyses of bureaucratic rationality and state power, and make sense of the apparent dysfunction around environmental governance in the American West today
- …