368 research outputs found
Recommended from our members
Master Copies, Unique Copies and Volitional Conduct: Cartoon Network’s Implications for the Liability of Cyber Lockers
As technology advances, new types of devices and increasing compatibility of data formats make it possible to use files previously accessible on only one or two devices. For example, a person might wish to access a business file (formerly stored on a work computer or perhaps even in a file cabinet at the office) from her smart phone. Similarly, another might wish to access his MP3 collection (stored on an iPod or personal computer) from his work computer. Such technological progress has paved the way for innovative digital, cable and Internet services that enable users to enjoy copyrighted content in new ways: from time-shifting via VCRs to place-shifting via new TV devices; from instantly purchasing a movie through video on demand to watching a live stream of sports coverage on the Internet. One type of service that has recently proliferated is the digital storage locker—also known as the cyber locker
Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse
Domain squatting is a common adversarial practice where attackers register
domain names that are purposefully similar to popular domains. In this work, we
study a specific type of domain squatting called "combosquatting," in which
attackers register domains that combine a popular trademark with one or more
phrases (e.g., betterfacebook[.]com, youtube-live[.]com). We perform the first
large-scale, empirical study of combosquatting by analyzing more than 468
billion DNS records---collected from passive and active DNS data sources over
almost six years. We find that almost 60% of abusive combosquatting domains
live for more than 1,000 days, and even worse, we observe increased activity
associated with combosquatting year over year. Moreover, we show that
combosquatting is used to perform a spectrum of different types of abuse
including phishing, social engineering, affiliate abuse, trademark abuse, and
even advanced persistent threats. Our results suggest that combosquatting is a
real problem that requires increased scrutiny by the security community.Comment: ACM CCS 1
User-profile-based analytics for detecting cloud security breaches
While the growth of cloud-based technologies has benefited the society tremendously, it has also increased the surface area for cyber attacks. Given that cloud services are prevalent today, it is critical to devise systems that detect intrusions. One form of security breach in the cloud is when cyber-criminals compromise Virtual Machines (VMs) of unwitting users and, then, utilize user resources to run time-consuming, malicious, or illegal applications for their own benefit. This work proposes a method to detect unusual resource usage trends and alert the user and the administrator in real time. We experiment with three categories of methods: simple statistical techniques, unsupervised classification, and regression. So far, our approach successfully detects anomalous resource usage when experimenting with typical trends synthesized from published real-world web server logs and cluster traces. We observe the best results with unsupervised classification, which gives an average F1-score of 0.83 for web server logs and 0.95 for the cluster traces
Data security awareness within the scope of digital public relations practices and privacy
Public relations (PR) practices vary in parallel with the devel-
opments in cornmunication technologies and the progress of web
2.0 and 3.0 technologies and are increasingly acquiring a digital
form. Such circumstances bring PR practices to digital platforms,
which are currently digital public relations. The concept of digi-
tal public relations; effectuates the strategic relationship manage-
ment goals based on favorable between the organization and its
target audiences via digital platforms. Hence, conveying the PR
career to the extended reality (XR) -most probably the metaverse-
has evolved additionally. On the contrary, the digitalization of
everything-things drives ali business processes computer-based
and refines them in data/info security..
Kill the Dinosaurs, and Other Tips for Achieving Technical Competence in Your Law Practice
It is a challenge to practice law in the digital age. This is particularly true when a practice involves significant e-Discovery, Intellectual Property, and technology law—areas in which technical issues merge with legal ones. One of the major challenges of bringing a law practice up to twenty-first-century standards relates to dinosaur thoughts, a.k.a. an “old ways are best” mentality
A Shift from Cloud Computing Model to Fog Computing
Cloud computing has provided many opportunities to businesses and individuals. It enables global and on demand network access to a shared pool of resources with minimal management effort. However, this bliss has become a problem for latency-sensitive applications. To improve efficiency of cloud and to reduce the amount of data that needs to be transported to the cloud for data processing, analysis and storage, a new network architect technology 'Fog Computing' has been introduced. In fog computing, small applications and resources are processed at the edge of the cloud, rather than processing entire applications on the cloud
Security Posture: A Systematic Review of Cyber Threats and Proactive Security
In the last decade, several high-profile cyber threats have occurred with global impact and devastating consequences. The tools, techniques, and procedures used to prevent cyber threats from occurring fall under the category of proactive security. Proactive security methodologies, however, vary among professionals where differing tactics have proved situationally effective. To determine the most effective tactics for preventing exploitation of vulnerabilities, the author examines the attack vector of three incidents from the last five years in a systematic review format: the WannaCry incident, the 2020 SolarWinds SUNBURST exploit, and the recently discovered Log4j vulnerability. From the three cases and existing literature, the author determined that inventory management, auditing, and patching are essential proactive security measures which may have prevented the incidents altogether. Then, the author discusses obstacles inherent to these solutions, such as time, talent, and resource restrictions, and proposes the use of user-friendly, open-source tools as a solution. The author intends through this research to improve the security posture of the Internet by encouraging further research into proactive cyber threat intelligence measures and motivating business executives to prioritize cybersecurity
- …