7,781 research outputs found
A Dataset on Malicious Paper Bidding in Peer Review
In conference peer review, reviewers are often asked to provide "bids" on
each submitted paper that express their interest in reviewing that paper. A
paper assignment algorithm then uses these bids (along with other data) to
compute a high-quality assignment of reviewers to papers. However, this process
has been exploited by malicious reviewers who strategically bid in order to
unethically manipulate the paper assignment, crucially undermining the peer
review process. For example, these reviewers may aim to get assigned to a
friend's paper as part of a quid-pro-quo deal. A critical impediment towards
creating and evaluating methods to mitigate this issue is the lack of any
publicly-available data on malicious paper bidding. In this work, we collect
and publicly release a novel dataset to fill this gap, collected from a mock
conference activity where participants were instructed to bid either honestly
or maliciously. We further provide a descriptive analysis of the bidding
behavior, including our categorization of different strategies employed by
participants. Finally, we evaluate the ability of each strategy to manipulate
the assignment, and also evaluate the performance of some simple algorithms
meant to detect malicious bidding. The performance of these detection
algorithms can be taken as a baseline for future research on detecting
malicious bidding
Privacy-Friendly Collaboration for Cyber Threat Mitigation
Sharing of security data across organizational boundaries has often been
advocated as a promising way to enhance cyber threat mitigation. However,
collaborative security faces a number of important challenges, including
privacy, trust, and liability concerns with the potential disclosure of
sensitive data. In this paper, we focus on data sharing for predictive
blacklisting, i.e., forecasting attack sources based on past attack
information. We propose a novel privacy-enhanced data sharing approach in which
organizations estimate collaboration benefits without disclosing their
datasets, organize into coalitions of allied organizations, and securely share
data within these coalitions. We study how different partner selection
strategies affect prediction accuracy by experimenting on a real-world dataset
of 2 billion IP addresses and observe up to a 105% prediction improvement.Comment: This paper has been withdrawn as it has been superseded by
arXiv:1502.0533
Understanding Unauthorized Access using Fine-Grained Human-Computer Interaction Data
Unauthorized Data Access (UDA) by an internal employee is a major threat to an organization. Regardless of whether the individuals engaged in UDA with malicious intent or not, real-time identification of UDA events and anomalous behaviors is extremely difficult. For example, various artificial intelligence methods for detecting insider threat UDA have become readily available; while useful, such methods rely on post hoc analysis of the past (e.g., unsupervised learning algorithms on access logs). This research-in-progress note reports on if the analysis of Human-Computer Interaction (HCI) behaviors, which have been empirically validated in various studies to reveal hidden cognitive state, can be utilized as a method to detect UDAs. To examine this, an experimental design was required that would grant the subjects an opportunity to engage in UDA events while tracking the HCI behaviors in an unobtrusive manner. Background, experimental design, study execution, preliminary results, and future research plans are presented
- …