4,380 research outputs found
User's Privacy in Recommendation Systems Applying Online Social Network Data, A Survey and Taxonomy
Recommender systems have become an integral part of many social networks and
extract knowledge from a user's personal and sensitive data both explicitly,
with the user's knowledge, and implicitly. This trend has created major privacy
concerns as users are mostly unaware of what data and how much data is being
used and how securely it is used. In this context, several works have been done
to address privacy concerns for usage in online social network data and by
recommender systems. This paper surveys the main privacy concerns, measurements
and privacy-preserving techniques used in large-scale online social networks
and recommender systems. It is based on historical works on security,
privacy-preserving, statistical modeling, and datasets to provide an overview
of the technical difficulties and problems associated with privacy preserving
in online social networks.Comment: 26 pages, IET book chapter on big data recommender system
An approach to preventing spam using Access Codes with a combination of anti-spam mechanisms
Spam is becoming a more and more severe problem for individuals, networks,
organisations and businesses. The losses caused by spam are billions of dollars every
year. Research shows that spam contributes more than 80% of e-mails with an increased
in its growth rate every year. Spam is not limited to emails; it has started affecting other
technologies like VoIP, cellular and traditional telephony, and instant messaging services.
None of the approaches (including legislative, collaborative, social awareness and
technological) separately or in combination with other approaches, can prevent sufficient
of the spam to be deemed a solution to the spam problem.
The severity of the spam problem and the limitations of the state-of-the-Art solutions
create a strong need for an efficient anti-spam mechanism that can prevent significant
volumes of spam without showing any false positives. This can be achieved by an
efficient anti-spam mechanism such as the proposed anti-spam mechanism known as
"Spam Prevention using Access Codes", SPAC. SPAC targets spam from two angles i.e.
to prevent/block spam and to discourage spammers by making the infrastructure
environment very unpleasant for them.
In addition to the idea of Access Codes, SPAC combines the ideas behind some of the
key current technological anti-spam measures to increase effectiveness. The difference in
this work is that SPAC uses those ideas effectively and combines them in a unique way
which enables SPAC to acquire the good features of a number of technological anti-spam
approaches without showing any of the drawbacks of these approaches. Sybil attacks,
Dictionary attacks and address spoofing have no impact on the performance of SPAC. In
fact SPAC functions in a similar way (i.e. as for unknown persons) for these sorts of
attacks.
An application known as the "SPAC application" has been developed to test the
performance of the SPAC mechanism. The results obtained from various tests on the
SPAC application show that SPAC has a clear edge over the existing anti-spam
technological approaches
AVOIDIT IRS: An Issue Resolution System To Resolve Cyber Attacks
Cyber attacks have greatly increased over the years and the attackers have progressively improved in devising attacks against specific targets. Cyber attacks are considered a malicious activity launched against networks to gain unauthorized access causing modification, destruction, or even deletion of data. This dissertation highlights the need to assist defenders with identifying and defending against cyber attacks. In this dissertation an attack issue resolution system is developed called AVOIDIT IRS (AIRS). AVOIDIT IRS is based on the attack taxonomy AVOIDIT (Attack Vector, Operational Impact, Defense, Information Impact, and Target). Attacks are collected by AIRS and classified into their respective category using AVOIDIT.Accordingly, an organizational cyber attack ontology was developed using feedback from security professionals to improve the communication and reusability amongst cyber security stakeholders. AIRS is developed as a semi-autonomous application that extracts unstructured external and internal attack data to classify attacks in sequential form. In doing so, we designed and implemented a frequent pattern and sequential classification algorithm associated with the five classifications in AVOIDIT. The issue resolution approach uses inference to educate the defender on the plausible cyber attacks. The AIRS can work in conjunction with an intrusion detection system (IDS) to provide a heuristic to cyber security breaches within an organization. AVOIDIT provides a framework for classifying appropriate attack information, which is fundamental in devising defense strategies against such cyber attacks. The AIRS is further used as a knowledge base in a game inspired defense architecture to promote game model selection upon attack identification. Future work will incorporate honeypot attack information to improve attack identification, classification, and defense propagation.In this dissertation, 1,025 common vulnerabilities and exposures (CVEs) and over 5,000 lines of log files instances were captured in the AIRS for analysis. Security experts were consulted to create rules to extract pertinent information and algorithms to correlate identified data for notification. The AIRS was developed using the Codeigniter [74] framework to provide a seamless visualization tool for data mining regarding potential cyber attacks relative to web applications. Testing of the AVOIDIT IRS revealed a recall of 88%, precision of 93%, and a 66% correlation metric
Big Data Privacy Context: Literature Effects On Secure Informational Assets
This article's objective is the identification of research opportunities in
the current big data privacy domain, evaluating literature effects on secure
informational assets. Until now, no study has analyzed such relation. Its
results can foster science, technologies and businesses. To achieve these
objectives, a big data privacy Systematic Literature Review (SLR) is performed
on the main scientific peer reviewed journals in Scopus database. Bibliometrics
and text mining analysis complement the SLR. This study provides support to big
data privacy researchers on: most and least researched themes, research
novelty, most cited works and authors, themes evolution through time and many
others. In addition, TOPSIS and VIKOR ranks were developed to evaluate
literature effects versus informational assets indicators. Secure Internet
Servers (SIS) was chosen as decision criteria. Results show that big data
privacy literature is strongly focused on computational aspects. However,
individuals, societies, organizations and governments face a technological
change that has just started to be investigated, with growing concerns on law
and regulation aspects. TOPSIS and VIKOR Ranks differed in several positions
and the only consistent country between literature and SIS adoption is the
United States. Countries in the lowest ranking positions represent future
research opportunities.Comment: 21 pages, 9 figure
- …