92,075 research outputs found
Representing Network Trust and Using It to Improve Anonymous Communication
Motivated by the effectiveness of correlation attacks against Tor, the
censorship arms race, and observations of malicious relays in Tor, we propose
that Tor users capture their trust in network elements using probability
distributions over the sets of elements observed by network adversaries. We
present a modular system that allows users to efficiently and conveniently
create such distributions and use them to improve their security. The major
components of this system are (i) an ontology of network-element types that
represents the main threats to and vulnerabilities of anonymous communication
over Tor, (ii) a formal language that allows users to naturally express trust
beliefs about network elements, and (iii) a conversion procedure that takes the
ontology, public information about the network, and user beliefs written in the
trust language and produce a Bayesian Belief Network that represents the
probability distribution in a way that is concise and easily sampleable. We
also present preliminary experimental results that show the distribution
produced by our system can improve security when employed by users; further
improvement is seen when the system is employed by both users and services.Comment: 24 pages; talk to be presented at HotPETs 201
POISED: Spotting Twitter Spam Off the Beaten Paths
Cybercriminals have found in online social networks a propitious medium to
spread spam and malicious content. Existing techniques for detecting spam
include predicting the trustworthiness of accounts and analyzing the content of
these messages. However, advanced attackers can still successfully evade these
defenses.
Online social networks bring people who have personal connections or share
common interests to form communities. In this paper, we first show that users
within a networked community share some topics of interest. Moreover, content
shared on these social network tend to propagate according to the interests of
people. Dissemination paths may emerge where some communities post similar
messages, based on the interests of those communities. Spam and other malicious
content, on the other hand, follow different spreading patterns.
In this paper, we follow this insight and present POISED, a system that
leverages the differences in propagation between benign and malicious messages
on social networks to identify spam and other unwanted content. We test our
system on a dataset of 1.3M tweets collected from 64K users, and we show that
our approach is effective in detecting malicious messages, reaching 91%
precision and 93% recall. We also show that POISED's detection is more
comprehensive than previous systems, by comparing it to three state-of-the-art
spam detection systems that have been proposed by the research community in the
past. POISED significantly outperforms each of these systems. Moreover, through
simulations, we show how POISED is effective in the early detection of spam
messages and how it is resilient against two well-known adversarial machine
learning attacks
Recommended from our members
Privacy-Preserving iVector-Based Speaker Verification
This paper introduces an efficient algorithm to develop a privacy-preserving voice verification based on iVector and linear discriminant analysis techniques. This research considers a scenario in which users enrol their voice biometric to access different services (i.e., banking). Once enrolment is completed, users can verify themselves using their voice print instead of alphanumeric passwords. Since a voice print is unique for everyone, storing it with a third-party server raises several privacy concerns. To address this challenge, this paper proposes a novel technique based on randomization to carry out voice authentication, which allows the user to enrol and verify their voice in the randomized domain. To achieve this, the iVector-based voice verification technique has been redesigned to work on the randomized domain. The proposed algorithm is validated using a well-known speech dataset. The proposed algorithm neither compromises the authentication accuracy nor adds additional complexity due to the randomization operations
Sound and Complete Runtime Security Monitor for Application Software
Conventional approaches for ensuring the security of application software at
run-time, through monitoring, either produce (high rates of) false alarms (e.g.
intrusion detection systems) or limit application performance (e.g. run-time
verification). We present a runtime security monitor that detects both known
and unknown cyber attacks by checking that the run-time behavior of the
application is consistent with the expected behavior modeled in application
specification. This is crucial because, even if the implementation is
consistent with its specification, the application may still be vulnerable due
to flaws in the supporting infrastructure (e.g. the language runtime system,
libraries and operating system). This runtime security monitor is sound and
complete, eliminating false alarms, as well as efficient, so that it does not
limit runtime application performance and so that it supports real-time
systems. The security monitor takes as input the application specification and
the application implementation, which may be expressed in different languages.
The specification language of the application software is formalized based on
monadic second order logic and event calculus interpreted over algebraic data
structures. This language allows us to express behavior of an application at
any desired (and practical) level of abstraction as well as with high degree of
modularity. The security monitor detects every attack by systematically
comparing the application execution and specification behaviors at runtime,
even though they operate at two different levels of abstraction. We define the
denotational semantics of the specification language and prove that the monitor
is sound and complete. Furthermore, the monitor is efficient because of the
modular application specification at appropriate level(s) of abstraction
Detecting Conflicts and Inconsistencies in Web Application Requirements
Web applications evolve fast. One of the main reasons for this
evolution is that new requirements emerge and change constantly. These new
requirements are posed either by customers or they are the consequence of
users’ feedback about the application. One of the main problems when dealing
with new requirements is their consistency in relationship with the current
version of the application. In this paper we present an effective approach for
detecting and solving inconsistencies and conflicts in web software
requirements. We first characterize the kind of inconsistencies arising in web
applications requirements and then show how to isolate them using a modeldriven
approach. With a set of examples we illustrate our approach
- …