4,655 research outputs found
Government mandated blocking of foreign Web content
Blocking of foreign Web content by Internet access providers has been a hot
topic for the last 18 months in Germany. Since fall 2001 the state of
North-Rhine-Westphalia very actively tries to mandate such blocking. This paper
will take a technical view on the problems imposed by the blocking orders and
blocking content at access or network provider level in general. It will also
give some empirical data on the effects of the blocking orders to help in the
legal assessment of the orders.Comment: Preprint, revised 30.6.200
Practical Attacks Against Graph-based Clustering
Graph modeling allows numerous security problems to be tackled in a general
way, however, little work has been done to understand their ability to
withstand adversarial attacks. We design and evaluate two novel graph attacks
against a state-of-the-art network-level, graph-based detection system. Our
work highlights areas in adversarial machine learning that have not yet been
addressed, specifically: graph-based clustering techniques, and a global
feature space where realistic attackers without perfect knowledge must be
accounted for (by the defenders) in order to be practical. Even though less
informed attackers can evade graph clustering with low cost, we show that some
practical defenses are possible.Comment: ACM CCS 201
The NASA Astrophysics Data System: Architecture
The powerful discovery capabilities available in the ADS bibliographic
services are possible thanks to the design of a flexible search and retrieval
system based on a relational database model. Bibliographic records are stored
as a corpus of structured documents containing fielded data and metadata, while
discipline-specific knowledge is segregated in a set of files independent of
the bibliographic data itself.
The creation and management of links to both internal and external resources
associated with each bibliography in the database is made possible by
representing them as a set of document properties and their attributes.
To improve global access to the ADS data holdings, a number of mirror sites
have been created by cloning the database contents and software on a variety of
hardware and software platforms.
The procedures used to create and manage the database and its mirrors have
been written as a set of scripts that can be run in either an interactive or
unsupervised fashion.
The ADS can be accessed at http://adswww.harvard.eduComment: 25 pages, 8 figures, 3 table
ECN with QUIC: Challenges in the Wild
TCP and QUIC can both leverage ECN to avoid congestion loss and its
retransmission overhead. However, both protocols require support of their
remote endpoints and it took two decades since the initial standardization of
ECN for TCP to reach 80% ECN support and more in the wild. In contrast, the
QUIC standard mandates ECN support, but there are notable ambiguities that make
it unclear if and how ECN can actually be used with QUIC on the Internet.
Hence, in this paper, we analyze ECN support with QUIC in the wild: We conduct
repeated measurements on more than 180M domains to identify HTTP/3 websites and
analyze the underlying QUIC connections w.r.t. ECN support. We only find 20% of
QUIC hosts, providing 6% of HTTP/3 websites, to mirror client ECN codepoints.
Yet, mirroring ECN is only half of what is required for ECN with QUIC, as QUIC
validates mirrored ECN codepoints to detect network impairments: We observe
that less than 2% of QUIC hosts, providing less than 0.3% of HTTP/3 websites,
pass this validation. We identify possible root causes in content providers not
supporting ECN via QUIC and network impairments hindering ECN. We thus also
characterize ECN with QUIC distributedly to traverse other paths and discuss
our results w.r.t. QUIC and ECN innovations beyond QUIC.Comment: Accepted at the ACM Internet Measurement Conference 2023 (IMC'23
Body language, security and e-commerce
Security is becoming an increasingly more important concern both at the desktop level and at the network level. This article discusses several approaches to authenticating individuals through the use of biometric devices. While libraries might not implement such devices, they may appear in the near future of desktop computing, particularly for access to institutional computers or for access to sensitive information. Other approaches to computer security focus on protecting the contents of electronic transmissions and verification of individual users. After a brief overview of encryption technologies, the article examines public-key cryptography which is getting a lot of attention in the business world in what is called public key infrastructure. It also examines other efforts, such as IBM’s Cryptolope, the Secure Sockets Layer of Web browsers, and Digital Certificates and Signatures. Secure electronic transmissions are an important condition for conducting business on the Net. These business transactions are not limited to purchase orders, invoices, and contracts. This could become an important tool for information vendors and publishers to control access to the electronic resources they license. As license negotiators and contract administrators, librarians need to be aware of what is happening in these new technologies and the impact that will have on their operations
- …