15,358 research outputs found
The Internet of Hackable Things
The Internet of Things makes possible to connect each everyday object to the
Internet, making computing pervasive like never before. From a security and
privacy perspective, this tsunami of connectivity represents a disaster, which
makes each object remotely hackable. We claim that, in order to tackle this
issue, we need to address a new challenge in security: education
Enforcing reputation constraints on business process workflows
The problem of trust in determining the flow of execution of business processes has been in the centre of research interst in the last decade as business processes become a de facto model of Internet-based commerce, particularly with the increasing popularity in Cloud computing. One of the main mea-sures of trust is reputation, where the quality of services as provided to their clients can be used as the main factor in calculating service and service provider reputation values. The work presented here contributes to the solving of this problem by defining a model for the calculation of service reputa-tion levels in a BPEL-based business workflow. These levels of reputation are then used to control the execution of the workflow based on service-level agreement constraints provided by the users of the workflow. The main contribution of the paper is to first present a formal meaning for BPEL processes, which is constrained by reputation requirements from the users, and then we demonstrate that these requirements can be enforced using a reference architecture with a case scenario from the domain of distributed map processing. Finally, the paper discusses the possible threats that can be launched on such an architecture
Television: Peer-To-Peer’s Next Challenger
The entertainment industry has obsessed over the threat of peer-to-peer file sharing since the introduction of Napster in 1999. The sharing of television content may present a compelling case for fair use under the long-standing Betamax decision. Some argue that television sharing is fundamentally different than the distribution of music or movies since television is often distributed for free over public airwaves. However, a determination of fair use is unlikely because of the fundamental differences between recording a program and downloading it, recent regulation to suppress unauthorized content distribution and shifts in the television market brought on by new technology
Voter Information in the Digital Age: Grading State Election Websites
Voter Information in the Digital Age: Grading State Election Websites examines the extent to which state election websites provide voters with sufficient information to make informed choices. The report assesses the quantity and quality of candidate and ballot measure information offered by the 50 state and District of Columbia election websites and ranks them from one to 51. It recommends a number of best practices currently used by some state or local jurisdictions, as well as innovations on other websites that are used rarely or not at all on state election websites. The authors recommend that states follow new technologies and trends in information delivery and design, and offer voters a full range of candidate and ballot information in innovative formats and media
The Art of The Scam: Demystifying Honeypots in Ethereum Smart Contracts
Modern blockchains, such as Ethereum, enable the execution of so-called smart
contracts - programs that are executed across a decentralised network of nodes.
As smart contracts become more popular and carry more value, they become more
of an interesting target for attackers. In the past few years, several smart
contracts have been exploited by attackers. However, a new trend towards a more
proactive approach seems to be on the rise, where attackers do not search for
vulnerable contracts anymore. Instead, they try to lure their victims into
traps by deploying seemingly vulnerable contracts that contain hidden traps.
This new type of contracts is commonly referred to as honeypots. In this paper,
we present the first systematic analysis of honeypot smart contracts, by
investigating their prevalence, behaviour and impact on the Ethereum
blockchain. We develop a taxonomy of honeypot techniques and use this to build
HoneyBadger - a tool that employs symbolic execution and well defined
heuristics to expose honeypots. We perform a large-scale analysis on more than
2 million smart contracts and show that our tool not only achieves high
precision, but is also highly efficient. We identify 690 honeypot smart
contracts as well as 240 victims in the wild, with an accumulated profit of
more than $90,000 for the honeypot creators. Our manual validation shows that
87% of the reported contracts are indeed honeypots
- …