Countering Social Engineering through Social Media: An Enterprise Security Perspective

The increasing threat of social engineers targeting social media channels to advance their attack effectiveness on company data has seen many organizations introducing initiatives to better understand these vulnerabilities. This paper examines concerns of social engineering through social media within the enterprise and explores countermeasures undertaken to stem ensuing risk. Also included is an analysis of existing social media security policies and guidelines within the public and private sectors.Comment: Proceedings of The 7th International Conference on Computational Collective Intelligence Technologies and Applications (ICCCI 2015), LNAI, Springer, Vol. 9330, pp. 54-6

Solutions to Detect and Analyze Online Radicalization : A Survey

Online Radicalization (also called Cyber-Terrorism or Extremism or Cyber-Racism or Cyber- Hate) is widespread and has become a major and growing concern to the society, governments and law enforcement agencies around the world. Research shows that various platforms on the Internet (low barrier to publish content, allows anonymity, provides exposure to millions of users and a potential of a very quick and widespread diffusion of message) such as YouTube (a popular video sharing website), Twitter (an online micro-blogging service), Facebook (a popular social networking website), online discussion forums and blogosphere are being misused for malicious intent. Such platforms are being used to form hate groups, racist communities, spread extremist agenda, incite anger or violence, promote radicalization, recruit members and create virtual organi- zations and communities. Automatic detection of online radicalization is a technically challenging problem because of the vast amount of the data, unstructured and noisy user-generated content, dynamically changing content and adversary behavior. There are several solutions proposed in the literature aiming to combat and counter cyber-hate and cyber-extremism. In this survey, we review solutions to detect and analyze online radicalization. We review 40 papers published at 12 venues from June 2003 to November 2011. We present a novel classification scheme to classify these papers. We analyze these techniques, perform trend analysis, discuss limitations of existing techniques and find out research gaps

Artificial intelligence in the cyber domain: Offense and defense

Artificial intelligence techniques have grown rapidly in recent years, and their applications in practice can be seen in many fields, ranging from facial recognition to image analysis. In the cybersecurity domain, AI-based techniques can provide better cyber defense tools and help adversaries improve methods of attack. However, malicious actors are aware of the new prospects too and will probably attempt to use them for nefarious purposes. This survey paper aims at providing an overview of how artificial intelligence can be used in the context of cybersecurity in both offense and defense.Web of Science123art. no. 41

Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning

Learning-based pattern classifiers, including deep networks, have shown impressive performance in several application domains, ranging from computer vision to cybersecurity. However, it has also been shown that adversarial input perturbations carefully crafted either at training or at test time can easily subvert their predictions. The vulnerability of machine learning to such wild patterns (also referred to as adversarial examples), along with the design of suitable countermeasures, have been investigated in the research field of adversarial machine learning. In this work, we provide a thorough overview of the evolution of this research area over the last ten years and beyond, starting from pioneering, earlier work on the security of non-deep learning algorithms up to more recent work aimed to understand the security properties of deep learning algorithms, in the context of computer vision and cybersecurity tasks. We report interesting connections between these apparently-different lines of work, highlighting common misconceptions related to the security evaluation of machine-learning algorithms. We review the main threat models and attacks defined to this end, and discuss the main limitations of current work, along with the corresponding future challenges towards the design of more secure learning algorithms.Comment: Accepted for publication on Pattern Recognition, 201

Domino: exploring mobile collaborative software adaptation

Social Proximity Applications (SPAs) are a promising new area for ubicomp software that exploits the everyday changes in the proximity of mobile users. While a number of applications facilitate simple file sharing between co–present users, this paper explores opportunities for recommending and sharing software between users. We describe an architecture that allows the recommendation of new system components from systems with similar histories of use. Software components and usage histories are exchanged between mobile users who are in proximity with each other. We apply this architecture in a mobile strategy game in which players adapt and upgrade their game using components from other players, progressing through the game through sharing tools and history. More broadly, we discuss the general application of this technique as well as the security and privacy challenges to such an approach

How Do Tor Users Interact With Onion Services?

Onion services are anonymous network services that are exposed over the Tor network. In contrast to conventional Internet services, onion services are private, generally not indexed by search engines, and use self-certifying domain names that are long and difficult for humans to read. In this paper, we study how people perceive, understand, and use onion services based on data from 17 semi-structured interviews and an online survey of 517 users. We find that users have an incomplete mental model of onion services, use these services for anonymity and have varying trust in onion services in general. Users also have difficulty discovering and tracking onion sites and authenticating them. Finally, users want technical improvements to onion services and better information on how to use them. Our findings suggest various improvements for the security and usability of Tor onion services, including ways to automatically detect phishing of onion services, more clear security indicators, and ways to manage onion domain names that are difficult to remember.Comment: Appeared in USENIX Security Symposium 201

Naming and Framing Difficult Issues to Make Sound Decisions

Outlines how to promote shared decision making and effective collective action by naming divisive community issues in ways that focus on common concerns, deliberating over options, identifying actions citizens can take, and working through disagreements

Servant Leadership and Violent Extremism: An Evaluative Framework

The following article presents a conceptual servant leadership framework for evaluating preventing violent extremism (PVE) policies and programs. The purpose of the work was to discover how servant leadership could strengthen existing PVE evaluative strategies. This article stems from work being done in servant leadership, counterterrorism, and countering violent extremism at Nichols College and Utah Valley University. The authors used a secondary analysis of empirical and literary servant leadership and PVE works to develop the framework. The analysis revealed a relationship between servant leadership’s commitment to the growth of people and building community and the need for PVE to be about nurturing resilient individuals and communities. That relationship became the foundation for the work, allowing for a discussion of many different aspects of the two areas. The framework led to the development of a servant leadership evaluative framework to be used as part of an overall PVE evaluative toolkit

THE URGENCY OF DERADICALIZATION MEASURES FOR TERRORISM INMATES IN CORRECTIONAL FACILITIES

Terrorism crimes pose a threat to the state ideology, national security, state sovereignty, human values, and various aspects of societal, national, and state life, and they often have a transnational nature. These terrorism crimes require deradicalization measures for terrorism inmates in Indonesia, taking into account the individual conditions of each perpetrator, their families, and their social environment. The problem addressed in this paper pertains to the urgency of deradicalization measures for terrorism inmates in correctional facilities. This paper adopts an empirical juridical approach, conducting field research that examines legal regulations combined with data and behavior prevalent in society. The research findings indicate that: (1) The implementation of deradicalization measures for terrorism inmates in correctional facilities is not yet effective due to internal factors, which involve the lack of integration in handling terrorism inmates. Additionally, external factors, such as insufficient socialization, lack of training for officers, inadequate support facilities, budget constraints, and limited facilities in correctional facilities, contribute to the inefficiency. (2) The regulation of deradicalization for terrorism inmates in correctional facilities is based on Law Number 22 of 2022 concerning Correctional Institutions. The deradicalization regulation for terrorism inmates is stipulated in Article 54 paragraph (4), which outlines the stages: identification and assessment, rehabilitation, reeducation, and social reintegration. (3) The urgency of deradicalization measures for terrorism inmates in correctional facilities is not specific, as it is still treated similarly to other cases involving inmates. The deradicalization measures are carried out through social reintegration programs, education programs, skills training, and entrepreneurship programs for terrorism inmates, which aims to improve their well-being after their release and facilitate their reintegration into society to support their families. The independence and self-confidence of terrorism inmates in returning to society will prevent them from returning to their terrorist groups