28 research outputs found
Denial of Service in Web-Domains: Building Defenses Against Next-Generation Attack Behavior
The existing state-of-the-art in the field of application layer Distributed Denial of Service (DDoS) protection is generally designed, and thus effective, only for static web domains. To the best of our knowledge, our work is the first that studies the problem of application layer DDoS defense in web domains of dynamic content and organization, and for next-generation bot behaviour. In the first part of this thesis, we focus on the following research tasks: 1) we identify the main weaknesses of the existing application-layer anti-DDoS solutions as proposed in research literature and in the industry, 2) we obtain a comprehensive picture of the current-day as well as the next-generation application-layer attack behaviour and 3) we propose novel techniques, based on a multidisciplinary approach that combines offline machine learning algorithms and statistical analysis, for detection of suspicious web visitors in static web domains. Then, in the second part of the thesis, we propose and evaluate a novel anti-DDoS system that detects a broad range of application-layer DDoS attacks, both in static and dynamic web domains, through the use of advanced techniques of data mining. The key advantage of our system relative to other systems that resort to the use of challenge-response tests (such as CAPTCHAs) in combating malicious bots is that our system minimizes the number of these tests that are presented to valid human visitors while succeeding in preventing most malicious attackers from accessing the web site. The results of the experimental evaluation of the proposed system demonstrate effective detection of current and future variants of application layer DDoS attacks
Top 10 technologies and their impact on CPA\u27s
https://egrove.olemiss.edu/aicpa_guides/2474/thumbnail.jp
Programming Language Abstractions for the Global Network
Increasing demand for Internet-based applications motivates the development of programming models that ease their implementation. With the research presented in this thesis, we aim to improve understanding of what is involved when programming applications for the global network, and in particular the Web. We are primarily concerned with the development of language-level programming abstractions that address issues arising from the failure and performance properties of the Web. Frequent failure and unpredictable performance are ever-present aspects of any Web computation, so we must bring the properties of the Web into the semantic domain of our program systems. Our primary goal is to enable concise and intuitive expression of failure semantics in the context of concurrency, which is necessary for efficient Web computation given the large overhead in every network access. The main scientific contribution of this thesis is the development of a Web programming model for which a major design goal is the integration of domain concepts, failure interpretation, concurrency, and a mechanism for flow of control after failure. Our model is the first to successfully achieve a clean integration. We develop a programming language called Focus, which incorporates two complimentary abstractions. Persistent relative observables allow reasoning about the dynamic behaviour of computations in the context of past behaviours. Examples of observables are the rate, elapsed time, and success probability of http fetches. The mechanics of our observables mechanism allows the generalisation of the observables concept to all computation, and not just Web fetches. This generalisation is key in our design approach to supervisors, which are abstractions over concurrency designed for the specification of failure semantics and concurrency for computations that contain Web fetches. In essence, supervisors monitor and control the behaviour of arbitrary concurrent computations, which are passed as parameters, while retaining a strict separation of computational logic and control logic. In conjunction with observables, supervisors allow the writing of general control functions, parameterisable both by value and computation. Observables are abstract values that fluctuate dynamically, and all computations export the same set of observables. Observables allow genericity in supervisor control, since the mechanism constrains the value of observables within a pattern of fluctuation around a single number. Whatever the activity of a computation, information about its behaviour can be obtained within a range of values in the observables. This means that supervisors can be applied independently of knowledge of the program logic for supervised computations. Supervisors and observables are useful in the context of the Web due to the multiplicity of possible failure modes, many of which require interpretation, and the need for complex flow of control in the presence of concurrency
Blown to Bits: Your Life, Liberty, and Happiness After the Digital Explosion
382 p.Libro ElectrónicoEach of us has been in the computing field for more than 40 years. The book is the product of a lifetime of observing and participating in the changes it has brought. Each of us has been both a teacher and a learner in the field.
This book emerged from a general education course we have taught at Harvard, but it is not a textbook. We wrote this book to share what wisdom we have with as many people as we can reach. We try to paint a big picture,
with dozens of illuminating anecdotes as the brushstrokes. We aim to entertain you at the same time as we provoke your thinking.Preface
Chapter 1 Digital Explosion
Why Is It Happening, and What Is at Stake?
The Explosion of Bits, and Everything Else
The Koans of Bits
Good and Ill, Promise and Peril
Chapter 2 Naked in the Sunlight
Privacy Lost, Privacy Abandoned
1984 Is Here, and We Like It
Footprints and Fingerprints
Why We Lost Our Privacy, or Gave It Away
Little Brother Is Watching
Big Brother, Abroad and in the U.S.
Technology Change and Lifestyle Change
Beyond Privacy
Chapter 3 Ghosts in the Machine
Secrets and Surprises of Electronic Documents
What You See Is Not What the Computer Knows
Representation, Reality, and Illusion
Hiding Information in Images
The Scary Secrets of Old Disks
Chapter 4 Needles in the Haystack
Google and Other Brokers in the Bits Bazaar
Found After Seventy Years
The Library and the Bazaar
The Fall of Hierarchy
It Matters How It Works
Who Pays, and for What?
Search Is Power
You Searched for WHAT? Tracking Searches
Regulating or Replacing the Brokers
Chapter 5 Secret Bits
How Codes Became Unbreakable
Encryption in the Hands of Terrorists, and Everyone Else
Historical Cryptography
Lessons for the Internet Age
Secrecy Changes Forever
Cryptography for Everyone
Cryptography Unsettled
Chapter 6 Balance Toppled
Who Owns the Bits?
Automated Crimes—Automated Justice
NET Act Makes Sharing a Crime
The Peer-to-Peer Upheaval
Sharing Goes Decentralized
Authorized Use Only
Forbidden Technology
Copyright Koyaanisqatsi: Life Out of Balance
The Limits of Property
Chapter 7 You Can’t Say That on the Internet
Guarding the Frontiers of Digital Expression
Do You Know Where Your Child Is on the Web Tonight?
Metaphors for Something Unlike Anything Else
Publisher or Distributor?
Neither Liberty nor Security
The Nastiest Place on Earth
The Most Participatory Form of Mass Speech
Protecting Good Samaritans—and a Few Bad Ones
Laws of Unintended Consequences
Can the Internet Be Like a Magazine Store?
Let Your Fingers Do the Stalking
Like an Annoying Telephone Call?
Digital Protection, Digital Censorship—and Self-Censorship
Chapter 8 Bits in the Air
Old Metaphors, New Technologies, and Free Speech
Censoring the President
How Broadcasting Became Regulated
The Path to Spectrum Deregulation
What Does the Future Hold for Radio?
Conclusion After the Explosion
Bits Lighting Up the World
A Few Bits in Conclusion
Appendix The Internet as System and Spirit
The Internet as a Communication System
The Internet Spirit
Endnotes
Inde
Law and the “Sharing Economy”
The rapid expansion of sharing economy platforms such as Airbnb and Uber has generated enormous controversy. This book brings legal and interdisciplinary perspectives to the labour, market and technology and other regulatory challenges that arise from this phenomenon that has taken the world by storm
Recent Developments in Smart Healthcare
Medicine is undergoing a sector-wide transformation thanks to the advances in computing and networking technologies. Healthcare is changing from reactive and hospital-centered to preventive and personalized, from disease focused to well-being centered. In essence, the healthcare systems, as well as fundamental medicine research, are becoming smarter. We anticipate significant improvements in areas ranging from molecular genomics and proteomics to decision support for healthcare professionals through big data analytics, to support behavior changes through technology-enabled self-management, and social and motivational support. Furthermore, with smart technologies, healthcare delivery could also be made more efficient, higher quality, and lower cost. In this special issue, we received a total 45 submissions and accepted 19 outstanding papers that roughly span across several interesting topics on smart healthcare, including public health, health information technology (Health IT), and smart medicine
INTERNET SURVEILLANCE TECHNOLOGIES AND THE RIGHT TO PRIVACY: AN INTERNATIONAL PERSPECTIVE
Ph.DDOCTOR OF PHILOSOPH
An Approach to Guide Users Towards Less Revealing Internet Browsers
When browsing the Internet, HTTP headers enable both clients and servers send extra data in their requests or responses such as the User-Agent string. This string contains information related to the sender’s device, browser, and operating system. Previous research has shown that there are numerous privacy and security risks result from exposing sensitive information in the User-Agent string. For example, it enables device and browser fingerprinting and user tracking and identification. Our large analysis of thousands of User-Agent strings shows that browsers differ tremendously in the amount of information they include in their User-Agent strings. As such, our work aims at guiding users towards using less exposing browsers. In doing so, we propose to assign an exposure score to browsers based on the information they expose and vulnerability records. Thus, our contribution in this work is as follows: first, provide a full implementation that is ready to be deployed and used by users. Second, conduct a user study to identify the effectiveness and limitations of our proposed approach. Our implementation is based on using more than 52 thousand unique browsers. Our performance and validation analysis show that our solution is accurate and efficient. The source code and data set are publicly available and the solution has been deployed
Fostering Freedom Online: The Role of Internet Intermediaries
“Fostering Freedom Online: the Role of Internet Intermediaries” is the title of a new title in the UNESCO Internet freedom series. With the rise of Internet intermediaries that play a mediating role on the internet between authors of content and audiences, UNESCO took a joint initiative, with the Open Society Foundations, the Internet Society, and Center for Global Communication Studies at the University of Pennsylvania’s Annenberg School for Communication, to examine this recent historical phenomenon and how it impacts on freedom of expression and associated fundamental rights such as privacy.
The case study research, collaboratively delivered by 16 international researchers led by Ms Rebecca MacKinnon and Mr Allon Bar, as well as 14 members of International Advisory Committee, covers of three categories of intermediaries: Internet Service Providers (fixed line and mobile) such as Vodafone (UK, Germany, Egypt), Vivo/Telefônica Brasil (Brazil), Bharti Airtel (India, Kenya), Safaricom (Kenya), Search Engines such as Google (USA, EU, India, China, Russia), Baidu (China), Yandex (Russia) and Social Networking Platforms such as Facebook (USA, Germany, India, Brazil, Egypt), Twitter (USA, Kenya), Weibo (China), iWiW (Hungary).
The research showed that internet intermediaries are heavily influenced by the legal and policy environments of states, but they do have leeway over many areas of policy and practice affecting online expression and privacy. The findings also highlighted the challenge where many state policies, laws, and regulations are – to varying degrees – poorly aligned with the duty to promote and protect intermediaries’ respect for freedom of expression. It is a resource which enables the assessment of Internet intermediaries’ decisions on freedom of expression, by ensuring that any limitations are consistent with international standards