Performance analysis of next generation web access via satellite

Acknowledgements This work was partially funded by the European Union's Horizon 2020 research and innovation programme under grant agreement No. 644334 (NEAT). The views expressed are solely those of the author(s).Peer reviewedPostprin

adF: A Novel System for Measuring Web Fingerprinting through Ads

This paper introduces adF, a novel system for analyzing the vulnerability of different devices, Operating Systems (OSes), and browsers to web fingerprinting. adF performs its measurements from code inserted in ads. We have used our system in several ad campaigns that delivered 5,40 million ad impressions. The collected data enable us to assess the vulnerability of current desktop and mobile devices to web fingerprinting. Based on our results, we estimate that 64% of desktop devices and 40% of mobile devices can be uniquely fingerprinted with our web fingerprinting system. However, the resilience to web fingerprinting varies significantly across browsers and device types, with Chrome on desktops being the most vulnerable configuration.Comment: 12 pages, 2 figures, 4 tables; added keyword

A Privacy Analysis of Google and Yandex Safe Browsing

Google and Yandex Safe Browsing are popular services included in many webbrowsers to prevent users from visiting phishing or malware website links. If Safe Browsing servicesprotect their users from losing private information, they also require that their servers receivebrowsing information on the very same users. In this paper, we present an analysis of Googleand Yandex Safe Browsing services from a privacy perspective. We quantify the privacy providedby these services by analyzing the possibility of re-identifying a URL visited by a client. Wehence challenge Google’s privacy policies where they claim that Google can not recover URLsvisited by its users. Our analysis and experimental results show that Google and Yandex SafeBrowsing can potentially be used as a tool to track specific classes of individuals. Additionally, ourinvestigations on the data currently included in Yandex Safe Browsing provides a concrete set ofURLs/domains that can be re-identified without much effort

INCORPORATING PERISHABILITY AND OBSOLESCENCE INTO CYBERWEAPON SCHEDULING

As cyberspace operations become further integrated into operational planning for nation-states, planners must understand the implications of perishability and obsolescence when deciding how to use cyberweapons. Obsolescence reflects the risk that a vulnerability will be patched without cyberweapon use, while perishability describes the short lifespan of a cyberweapon once it is used; one creates an incentive to use and the other an incentive to stockpile. This thesis examined operating-system vulnerabilities over four years: we quantified the duration between key events of their life cycles as well as the time to release a patch after disclosure. We performed survival analysis for longevity and post-disclosure patch time using Kaplan-Meier curves, then found that the data fit well to Weibull distributions. We also examined the effects of severity and operating system on the lengths of vulnerability life-cycle phases. Our parametric models enable planners to predict the expected survival time of a cyberweapon’s vulnerability, allowing them to determine when to use them, replenish them, and assess windows of opportunity for reuse. This reduces the need to stockpile cyberweapons and creates incentives to use them before the expected survival time. The observed wide variability in longevity values indicates that risk tolerance is important in deciding when to use a cyberweapon.Outstanding ThesisLieutenant Commander, United States NavyApproved for public release. Distribution is unlimited

Effects of Diversity and Procrastination in Priority Queuing Theory: the Different Power Law Regimes

Empirical analysis show that, after the update of a browser, the publication of the vulnerability of a software, or the discovery of a cyber worm, the fraction of computers still using the older version, or being not yet patched, or exhibiting worm activity decays as power laws $\sim 1/t^{\alpha}$ with $0 < \alpha \leq 1$ over time scales of years. We present a simple model for this persistence phenomenon framed within the standard priority queuing theory, of a target task which has the lowest priority compared with all other tasks that flow on the computer of an individual. We identify a "time deficit" control parameter $\beta$ and a bifurcation to a regime where there is a non-zero probability for the target task to never be completed. The distribution of waiting time ${\cal T}$ till the completion of the target task has the power law tail $\sim 1/t^{1/2}$, resulting from a first-passage solution of an equivalent Wiener process. Taking into account a diversity of time deficit parameters in a population of individuals, the power law tail is changed into $1/t^\alpha$ with $\alpha\in(0.5,\infty)$, including the well-known case $1/t$. We also study the effect of "procrastination", defined as the situation in which the target task may be postponed or delayed even after the individual has solved all other pending tasks. This new regime provides an explanation for even slower apparent decay and longer persistence.Comment: 32 pages, 10 figure

Integrating real-time analysis with the dendritic cell algorithm through segmentation

As an immune inspired algorithm, the Dendritic Cell Algorithm (DCA) has been applied to a range of problems, particularly in the area of intrusion detection. Ideally, the intrusion detection should be performed in real-time, to continuously detect misuses as soon as they occur. Consequently, the analysis process performed by an intrusion detection system must operate in real-time or near-to real-time. The analysis process of the DCA is currently performed offline, therefore to improve the algorithm's performance we suggest the development of a real-time analysis component. The initial step of the development is to apply segmentation to the DCA. This involves segmenting the current output of the DCA into slices and performing the analysis in various ways. Two segmentation approaches are introduced and tested in this paper, namely antigen based segmentation (ABS) and time based segmentation (TBS). The results of the corresponding experiments suggest that applying segmentation produces different and significantly better results in some cases, when compared to the standard DCA without segmentation. Therefore, we conclude that the segmentation is applicable to the DCA for the purpose of real-time analysis