A Taxonomy for and Analysis of Anonymous Communications Networks

Any entity operating in cyberspace is susceptible to debilitating attacks. With cyber attacks intended to gather intelligence and disrupt communications rapidly replacing the threat of conventional and nuclear attacks, a new age of warfare is at hand. In 2003, the United States acknowledged that the speed and anonymity of cyber attacks makes distinguishing among the actions of terrorists, criminals, and nation states difficult. Even President Obama’s Cybersecurity Chief-elect recognizes the challenge of increasingly sophisticated cyber attacks. Now through April 2009, the White House is reviewing federal cyber initiatives to protect US citizen privacy rights. Indeed, the rising quantity and ubiquity of new surveillance technologies in cyberspace enables instant, undetectable, and unsolicited information collection about entities. Hence, anonymity and privacy are becoming increasingly important issues. Anonymization enables entities to protect their data and systems from a diverse set of cyber attacks and preserves privacy. This research provides a systematic analysis of anonymity degradation, preservation and elimination in cyberspace to enhance the security of information assets. This includes discovery/obfuscation of identities and actions of/from potential adversaries. First, novel taxonomies are developed for classifying and comparing well-established anonymous networking protocols. These expand the classical definition of anonymity and capture the peer-to-peer and mobile ad hoc anonymous protocol family relationships. Second, a unique synthesis of state-of-the-art anonymity metrics is provided. This significantly aids an entity’s ability to reliably measure changing anonymity levels; thereby, increasing their ability to defend against cyber attacks. Finally, a novel epistemic-based mathematical model is created to characterize how an adversary reasons with knowledge to degrade anonymity. This offers multiple anonymity property representations and well-defined logical proofs to ensure the accuracy and correctness of current and future anonymous network protocol design

Protecting mobile agents against malicious hosts.

by Sau-Koon Ng.Thesis (M.Phil.)--Chinese University of Hong Kong, 2000.Includes bibliographical references (leaves 100-112).Abstracts in English and Chinese.Chapter 1 --- Introduction --- p.1Chapter 1.1 --- Evolution of the mobile agent paradigm --- p.1Chapter 1.2 --- Terminology --- p.5Chapter 1.3 --- Beneficial aspects --- p.7Chapter 1.3.1 --- Autonomy --- p.7Chapter 1.3.2 --- Client customization --- p.8Chapter 1.3.3 --- Attendant and real time interactions --- p.8Chapter 1.4 --- Fundamental deployment bottleneck: security concern --- p.9Chapter 1.4.1 --- Risking the mobile agent hosts --- p.10Chapter 1.4.2 --- Risking the mobile agents --- p.11Chapter 1.4.3 --- The difficult problem --- p.12Chapter 1.5 --- Contribution of this thesis --- p.13Chapter 1.6 --- Structure of the thesis --- p.14Chapter 2 --- Understanding attacks and defense --- p.15Chapter 2.1 --- Introduction --- p.15Chapter 2.2 --- Understanding attacks --- p.16Chapter 2.2.1 --- The meaning of an attack --- p.16Chapter 2.2.2 --- An abstract model of attacks --- p.17Chapter 2.2.3 --- A survey of various attacks --- p.21Chapter 2.3 --- Understanding defense --- p.25Chapter 2.3.1 --- The meaning of defense --- p.25Chapter 2.3.2 --- Security requirements of defense --- p.26Chapter 2.3.3 --- A survey of protection schemes --- p.28Chapter 2.4 --- Concluding remarks --- p.40Chapter 3 --- Confidentiality in mobile agent systems --- p.42Chapter 3.1 --- Introduction --- p.42Chapter 3.2 --- Motivations --- p.43Chapter 3.2.1 --- Program comprehension --- p.44Chapter 3.2.2 --- Black-box testing --- p.45Chapter 3.3 --- Theory --- p.46Chapter 3.3.1 --- Assumptions --- p.46Chapter 3.3.2 --- Entropy of mobile agents --- p.46Chapter 3.3.3 --- Intention spreading by insertion --- p.49Chapter 3.3.4 --- Intention shrinking by splitting --- p.52Chapter 3.3.5 --- Nested spreading and shrinking --- p.55Chapter 3.4 --- Implementation possibilities --- p.55Chapter 3.4.1 --- Addition of irrelevant variables and conditional statements --- p.55Chapter 3.4.2 --- Splitting the cost function --- p.60Chapter 3.5 --- Security analysis --- p.63Chapter 3.5.1 --- Human inspection --- p.63Chapter 3.5.2 --- Automatic program comprehension --- p.64Chapter 3.6 --- Related work --- p.66Chapter 3.6.1 --- Time limited blackbox security --- p.66Chapter 3.6.2 --- Computing with encrypted function --- p.66Chapter 3.7 --- Applicability --- p.67Chapter 3.8 --- Further considerations --- p.68Chapter 3.8.1 --- Weaknesses --- p.68Chapter 3.8.2 --- Relationship with other approaches --- p.69Chapter 3.8.3 --- Further development --- p.71Chapter 3.9 --- Concluding remarks --- p.71Chapter 4 --- Anonymity in mobile agent systems --- p.73Chapter 4.1 --- Introduction --- p.73Chapter 4.2 --- Solutions to anonymity --- p.74Chapter 4.2.1 --- Mixing --- p.75Chapter 4.2.2 --- Group signatures --- p.76Chapter 4.3 --- Anonymous agents --- p.78Chapter 4.3.1 --- Anonymous connection --- p.78Chapter 4.3.2 --- Anonymous communication --- p.79Chapter 4.4 --- Concluding remarks --- p.84Chapter 5 --- Open issues --- p.86Chapter 5.1 --- Introduction --- p.86Chapter 5.2 --- Security issues --- p.86Chapter 5.2.1 --- Reachable problems --- p.87Chapter 5.2.2 --- Difficult problems --- p.88Chapter 5.3 --- Performance issues --- p.88Chapter 5.3.1 --- Complexity and strength --- p.89Chapter 5.3.2 --- An optimizing protocol --- p.90Chapter 5.4 --- Concluding remarks --- p.94Chapter 6 --- Conclusions --- p.9

Zero-Knowledge Proof-of-Identity: Sybil-Resistant, Anonymous Authentication on Permissionless Blockchains and Incentive Compatible, Strictly Dominant Cryptocurrencies

Zero-Knowledge Proof-of-Identity from trusted public certificates (e.g., national identity cards and/or ePassports; eSIM) is introduced here to permissionless blockchains in order to remove the inefficiencies of Sybil-resistant mechanisms such as Proof-of-Work (i.e., high energy and environmental costs) and Proof-of-Stake (i.e., capital hoarding and lower transaction volume). The proposed solution effectively limits the number of mining nodes a single individual would be able to run while keeping membership open to everyone, circumventing the impossibility of full decentralization and the blockchain scalability trilemma when instantiated on a blockchain with a consensus protocol based on the cryptographic random selection of nodes. Resistance to collusion is also considered. Solving one of the most pressing problems in blockchains, a zk-PoI cryptocurrency is proved to have the following advantageous properties: - an incentive-compatible protocol for the issuing of cryptocurrency rewards based on a unique Nash equilibrium - strict domination of mining over all other PoW/PoS cryptocurrencies, thus the zk-PoI cryptocurrency becoming the preferred choice by miners is proved to be a Nash equilibrium and the Evolutionarily Stable Strategy - PoW/PoS cryptocurrencies are condemned to pay the Price of Crypto-Anarchy, redeemed by the optimal efficiency of zk-PoI as it implements the social optimum - the circulation of a zk-PoI cryptocurrency Pareto dominates other PoW/PoS cryptocurrencies - the network effects arising from the social networks inherent to national identity cards and ePassports dominate PoW/PoS cryptocurrencies - the lower costs of its infrastructure imply the existence of a unique equilibrium where it dominates other forms of paymentComment: 2.1: Proof-of-Personhood Considered Harmful (and Illegal); 4.1.5: Absence of Active Authentication; 4.2.6: Absence of Active Authentication; 4.2.7: Removing Single-Points of Failure; 4.3.2: Combining with Non-Zero-Knowledge Authentication; 4.4: Circumventing the Impossibility of Full Decentralizatio

#Blockchain4EU: Blockchain for Industrial Transformations

The project #Blockchain4EU is a forward looking exploration of existing, emerging and potential applications based on Blockchain and other DLTs for industrial / non-financial sectors. It combined Science and Technology Studies with a transdisciplinary policy lab toolbox filled with frameworks from Foresight and Horizon Scanning, Behavioural Insights, or Participatory, Critical and Speculative Design. Amid unfolding and uncertain developments of the Blockchain space, our research signals a number of crucial opportunities and challenges around a technology that could record, secure and transfer any digitised transaction or process, and thus potentially affect large parts of current industrial landscapes. This report offers key insights for its implementation and uptake by industry, businesses and SMEs, together with science for policy strategic recommendations.JRC.I.2-Foresight, Behavioural Insights and Design for Polic

Preface

DAMSS-2018 is the jubilee 10th international workshop on data analysis methods for software systems, organized in Druskininkai, Lithuania, at the end of the year. The same place and the same time every year. Ten years passed from the first workshop. History of the workshop starts from 2009 with 16 presentations. The idea of such workshop came up at the Institute of Mathematics and Informatics. Lithuanian Academy of Sciences and the Lithuanian Computer Society supported this idea. This idea got approval both in the Lithuanian research community and abroad. The number of this year presentations is 81. The number of registered participants is 113 from 13 countries. In 2010, the Institute of Mathematics and Informatics became a member of Vilnius University, the largest university of Lithuania. In 2017, the institute changes its name into the Institute of Data Science and Digital Technologies. This name reflects recent activities of the institute. The renewed institute has eight research groups: Cognitive Computing, Image and Signal Analysis, Cyber-Social Systems Engineering, Statistics and Probability, Global Optimization, Intelligent Technologies, Education Systems, Blockchain Technologies. The main goal of the workshop is to introduce the research undertaken at Lithuanian and foreign universities in the fields of data science and software engineering. Annual organization of the workshop allows the fast interchanging of new ideas among the research community. Even 11 companies supported the workshop this year. This means that the topics of the workshop are actual for business, too. Topics of the workshop cover big data, bioinformatics, data science, blockchain technologies, deep learning, digital technologies, high-performance computing, visualization methods for multidimensional data, machine learning, medical informatics, ontological engineering, optimization in data science, business rules, and software engineering. Seeking to facilitate relations between science and business, a special session and panel discussion is organized this year about topical business problems that may be solved together with the research community. This book gives an overview of all presentations of DAMSS-2018.DAMSS-2018 is the jubilee 10th international workshop on data analysis methods for software systems, organized in Druskininkai, Lithuania, at the end of the year. The same place and the same time every year. Ten years passed from the first workshop. History of the workshop starts from 2009 with 16 presentations. The idea of such workshop came up at the Institute of Mathematics and Informatics. Lithuanian Academy of Sciences and the Lithuanian Computer Society supported this idea. This idea got approval both in the Lithuanian research community and abroad. The number of this year presentations is 81. The number of registered participants is 113 from 13 countries. In 2010, the Institute of Mathematics and Informatics became a member of Vilnius University, the largest university of Lithuania. In 2017, the institute changes its name into the Institute of Data Science and Digital Technologies. This name reflects recent activities of the institute. The renewed institute has eight research groups: Cognitive Computing, Image and Signal Analysis, Cyber-Social Systems Engineering, Statistics and Probability, Global Optimization, Intelligent Technologies, Education Systems, Blockchain Technologies. The main goal of the workshop is to introduce the research undertaken at Lithuanian and foreign universities in the fields of data science and software engineering. Annual organization of the workshop allows the fast interchanging of new ideas among the research community. Even 11 companies supported the workshop this year. This means that the topics of the workshop are actual for business, too. Topics of the workshop cover big data, bioinformatics, data science, blockchain technologies, deep learning, digital technologies, high-performance computing, visualization methods for multidimensional data, machine learning, medical informatics, ontological engineering, optimization in data science, business rules, and software engineering. Seeking to facilitate relations between science and business, a special session and panel discussion is organized this year about topical business problems that may be solved together with the research community. This book gives an overview of all presentations of DAMSS-2018

Unauthorized Access

Going beyond current books on privacy and security, this book proposes specific solutions to public policy issues pertaining to online privacy and security. Requiring no technical or legal expertise, it provides a practical framework to address ethical and legal issues. The authors explore the well-established connection between social norms, privacy, security, and technological structure. They also discuss how rapid technological developments have created novel situations that lack relevant norms and present ways to develop these norms for protecting informational privacy and ensuring sufficient information security