20,912 research outputs found
Trust on the Web: Some Web Science Research Challenges
Web Science is the interdisciplinary study of the World Wide Web as a first-order object in order to understand its relationship with the wider societies in which it is embedded, and in order to facilitate its future engineering as a beneficial object. In this paper, research issues and challenges relating to the vital topic of trust are reviewed, showing how the Web Science agenda requires trust to be addressed, and how addressing the challenges requires a range of disciplinary skills applied in an integrated manner
Trust Based Participant Driven Privacy Control in Participatory Sensing
Widespread use of sensors and multisensory personal devices generate a lot of
personal information. Sharing this information with others could help in
various ways. However, this information may be misused when shared with all.
Sharing of information between trusted parties overcomes this problem. This
paper describes a model to share information based on interactions and opinions
to build trust among peers. It also considers institutional and other controls,
which influence the behaviour of the peers. The trust and control build
confidence. The computed confidence bespeaks whether to reveal information or
not thereby increasing trusted cooperation among peers.Comment: 14 page
Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments
Decentralized systems are a subset of distributed systems where multiple
authorities control different components and no authority is fully trusted by
all. This implies that any component in a decentralized system is potentially
adversarial. We revise fifteen years of research on decentralization and
privacy, and provide an overview of key systems, as well as key insights for
designers of future systems. We show that decentralized designs can enhance
privacy, integrity, and availability but also require careful trade-offs in
terms of system complexity, properties provided, and degree of
decentralization. These trade-offs need to be understood and navigated by
designers. We argue that a combination of insights from cryptography,
distributed systems, and mechanism design, aligned with the development of
adequate incentives, are necessary to build scalable and successful
privacy-preserving decentralized systems
Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences
In this survey, we first briefly review the current state of cyber attacks,
highlighting significant recent changes in how and why such attacks are
performed. We then investigate the mechanics of malware command and control
(C2) establishment: we provide a comprehensive review of the techniques used by
attackers to set up such a channel and to hide its presence from the attacked
parties and the security tools they use. We then switch to the defensive side
of the problem, and review approaches that have been proposed for the detection
and disruption of C2 channels. We also map such techniques to widely-adopted
security controls, emphasizing gaps or limitations (and success stories) in
current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages.
Listing abstract compressed from version appearing in repor
- âŠ