Towards trustworthy social computing systems

The rising popularity of social computing systems has managed to attract rampant forms of service abuse that negatively affects the sustainability of these systems and degrades the quality of service experienced by their users. The main factor that enables service abuse is the weak identity infrastructure used by most sites, where identities are easy to create with no verification by a trusted authority. Attackers are exploiting this infrastructure to launch Sybil attacks, where they create multiple fake (Sybil) identities to take advantage of the combined privileges associated with the identities to abuse the system. In this thesis, we present techniques to mitigate service abuse by designing and building defense schemes that are robust and practical. We use two broad defense strategies: (1) Leveraging the social network: We first analyze existing social network-based Sybil detection schemes and present their practical limitations when applied on real world social networks. Next, we present an approach called Sybil Tolerance that bounds the impact an attacker can gain from using multiple identities; (2) Leveraging activity history of identities: We present two approaches, one that applies anomaly detection on user social behavior to detect individual misbehaving identities, and a second approach called Stamper that focuses on detecting a group of Sybil identities. We show that both approaches in this category raise the bar for defense against adaptive attackers.Die steigende Popularität sozialer Medien führt zu umfangreichen Missbrauch mit negativen Folgen für die nachhaltige Funktionalität und verringerter Qualität des Services. Der Missbrauch wird maßgeblich durch die Nutzung schwacher Identifikationsverfahren, die eine einfache Anmeldung ohne Verifikation durch eine vertrauenswürdige Behörde erlaubt, ermöglicht. Angreifer nutzen diese Umgebung aus und attackieren den Service mit sogenannten Sybil Angriffen, bei denen mehrere gefälschte (Sybil) Identitäten erstellt werden, um einen Vorteil durch die gemeinsamen Privilegien der Identitäten zu erhalten und den Service zu missbrauchen. Diese Doktorarbeit zeigt Techniken zur Verhinderung von Missbrauch sozialer Medien, in dem Verteidigungsmechanismen konstruiert und implementiert werden, die sowohl robust als auch praktikabel sind. Zwei Verteidigungsstrategien werden vorgestellt: (1) Unter Ausnutzung des sozialen Netzwerks: Wir analysieren zuerst existierende soziale Netzwerk-basierende Sybil Erkennungsmechanismen und zeigen deren praktische Anwendungsgrenzen auf bei der Anwendung auf soziale Netzwerke aus der echten Welt. Im Anschluss zeigen wir den Ansatz der sogenannten Sybil Toleranz, welcher die Folgen eines Angriffs mit mehreren Identitäten einschränkt. (2) Unter Ausnutzung des Aktivitätsverlaufs von Identitäten: Wir präsentieren zwei Ansätze, einen anwendbar für die Erkennung von Unregelmäßigkeiten in dem sozialen Verhalten eines Benutzers zur Erkennung unanständiger Benutzer und ein weiterer Ansatz namens Stamper, dessen Fokus die Erkennung von Gruppen bestehend aus Sybil Identitäten ist. Beide gezeigten Ansätze erschweren adaptive Angriffe und verbessern existierende Verteidigungsmechanismen

Towards trustworthy social computing systems

The rising popularity of social computing systems has managed to attract rampant forms of service abuse that negatively affects the sustainability of these systems and degrades the quality of service experienced by their users. The main factor that enables service abuse is the weak identity infrastructure used by most sites, where identities are easy to create with no verification by a trusted authority. Attackers are exploiting this infrastructure to launch Sybil attacks, where they create multiple fake (Sybil) identities to take advantage of the combined privileges associated with the identities to abuse the system. In this thesis, we present techniques to mitigate service abuse by designing and building defense schemes that are robust and practical. We use two broad defense strategies: (1) Leveraging the social network: We first analyze existing social network-based Sybil detection schemes and present their practical limitations when applied on real world social networks. Next, we present an approach called Sybil Tolerance that bounds the impact an attacker can gain from using multiple identities; (2) Leveraging activity history of identities: We present two approaches, one that applies anomaly detection on user social behavior to detect individual misbehaving identities, and a second approach called Stamper that focuses on detecting a group of Sybil identities. We show that both approaches in this category raise the bar for defense against adaptive attackers.Die steigende Popularität sozialer Medien führt zu umfangreichen Missbrauch mit negativen Folgen für die nachhaltige Funktionalität und verringerter Qualität des Services. Der Missbrauch wird maßgeblich durch die Nutzung schwacher Identifikationsverfahren, die eine einfache Anmeldung ohne Verifikation durch eine vertrauenswürdige Behörde erlaubt, ermöglicht. Angreifer nutzen diese Umgebung aus und attackieren den Service mit sogenannten Sybil Angriffen, bei denen mehrere gefälschte (Sybil) Identitäten erstellt werden, um einen Vorteil durch die gemeinsamen Privilegien der Identitäten zu erhalten und den Service zu missbrauchen. Diese Doktorarbeit zeigt Techniken zur Verhinderung von Missbrauch sozialer Medien, in dem Verteidigungsmechanismen konstruiert und implementiert werden, die sowohl robust als auch praktikabel sind. Zwei Verteidigungsstrategien werden vorgestellt: (1) Unter Ausnutzung des sozialen Netzwerks: Wir analysieren zuerst existierende soziale Netzwerk-basierende Sybil Erkennungsmechanismen und zeigen deren praktische Anwendungsgrenzen auf bei der Anwendung auf soziale Netzwerke aus der echten Welt. Im Anschluss zeigen wir den Ansatz der sogenannten Sybil Toleranz, welcher die Folgen eines Angriffs mit mehreren Identitäten einschränkt. (2) Unter Ausnutzung des Aktivitätsverlaufs von Identitäten: Wir präsentieren zwei Ansätze, einen anwendbar für die Erkennung von Unregelmäßigkeiten in dem sozialen Verhalten eines Benutzers zur Erkennung unanständiger Benutzer und ein weiterer Ansatz namens Stamper, dessen Fokus die Erkennung von Gruppen bestehend aus Sybil Identitäten ist. Beide gezeigten Ansätze erschweren adaptive Angriffe und verbessern existierende Verteidigungsmechanismen

DRONE DELIVERY OF CBNRECy – DEW WEAPONS Emerging Threats of Mini-Weapons of Mass Destruction and Disruption (WMDD)

Drone Delivery of CBNRECy – DEW Weapons: Emerging Threats of Mini-Weapons of Mass Destruction and Disruption (WMDD) is our sixth textbook in a series covering the world of UASs and UUVs. Our textbook takes on a whole new purview for UAS / CUAS/ UUV (drones) – how they can be used to deploy Weapons of Mass Destruction and Deception against CBRNE and civilian targets of opportunity. We are concerned with the future use of these inexpensive devices and their availability to maleficent actors. Our work suggests that UASs in air and underwater UUVs will be the future of military and civilian terrorist operations. UAS / UUVs can deliver a huge punch for a low investment and minimize human casualties.https://newprairiepress.org/ebooks/1046/thumbnail.jp

Using MapReduce Streaming for Distributed Life Simulation on the Cloud

Distributed software simulations are indispensable in the study of large-scale life models but often require the use of technically complex lower-level distributed computing frameworks, such as MPI. We propose to overcome the complexity challenge by applying the emerging MapReduce (MR) model to distributed life simulations and by running such simulations on the cloud. Technically, we design optimized MR streaming algorithms for discrete and continuous versions of Conway’s life according to a general MR streaming pattern. We chose life because it is simple enough as a testbed for MR’s applicability to a-life simulations and general enough to make our results applicable to various lattice-based a-life models. We implement and empirically evaluate our algorithms’ performance on Amazon’s Elastic MR cloud. Our experiments demonstrate that a single MR optimization technique called strip partitioning can reduce the execution time of continuous life simulations by 64%. To the best of our knowledge, we are the first to propose and evaluate MR streaming algorithms for lattice-based simulations. Our algorithms can serve as prototypes in the development of novel MR simulation algorithms for large-scale lattice-based a-life models.https://digitalcommons.chapman.edu/scs_books/1014/thumbnail.jp

Tematski zbornik radova međunarodnog značaja. Tom 3 / Međunarodni naučni skup “Dani Arčibalda Rajsa”, Beograd, 3-4. mart 2015.

In front of you is the Thematic Collection of Papers presented at the International Scientific Confer-ence “Archibald Reiss Days”, which was organized by the Academy of Criminalistic and Police Studies in Belgrade, in co-operation with the Ministry of Interior and the Ministry of Education, Science and Techno-logical Development of the Republic of Serbia, National Police University of China, Lviv State University of Internal Affairs, Volgograd Academy of the Russian Internal Affairs Ministry, Faculty of Security in Skopje, Faculty of Criminal Justice and Security in Ljubljana, Police Academy “Alexandru Ioan Cuza“ in Bucharest, Academy of Police Force in Bratislava and Police College in Banjaluka, and held at the Academy of Crimi-nalistic and Police Studies, on 3 and 4 March 2015.International Scientific Conference “Archibald Reiss Days” is organized for the fifth time in a row, in memory of the founder and director of the first modern higher police school in Serbia, Rodolphe Archibald Reiss, PhD, after whom the Conference was named.The Thematic Collection of Papers contains 168 papers written by eminent scholars in the field of law, security, criminalistics, police studies, forensics, informatics, as well as members of national security system participating in education of the police, army and other security services from Spain, Russia, Ukraine, Bela-rus, China, Poland, Armenia, Portugal, Turkey, Austria, Slovakia, Hungary, Slovenia, Macedonia, Croatia, Montenegro, Bosnia and Herzegovina, Republic of Srpska and Serbia. Each paper has been reviewed by two reviewers, international experts competent for the field to which the paper is related, and the Thematic Conference Proceedings in whole has been reviewed by five competent international reviewers.The papers published in the Thematic Collection of Papers contain the overview of contemporary trends in the development of police education system, development of the police and contemporary secu-rity, criminalistic and forensic concepts. Furthermore, they provide us with the analysis of the rule of law activities in crime suppression, situation and trends in the above-mentioned fields, as well as suggestions on how to systematically deal with these issues. The Collection of Papers represents a significant contribution to the existing fund of scientific and expert knowledge in the field of criminalistic, security, penal and legal theory and practice. Publication of this Collection contributes to improving of mutual cooperation between educational, scientific and expert institutions at national, regional and international level