1,235 research outputs found

    Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning

    Get PDF
    The secret keys of critical network authorities - such as time, name, certificate, and software update services - represent high-value targets for hackers, criminals, and spy agencies wishing to use these keys secretly to compromise other hosts. To protect authorities and their clients proactively from undetected exploits and misuse, we introduce CoSi, a scalable witness cosigning protocol ensuring that every authoritative statement is validated and publicly logged by a diverse group of witnesses before any client will accept it. A statement S collectively signed by W witnesses assures clients that S has been seen, and not immediately found erroneous, by those W observers. Even if S is compromised in a fashion not readily detectable by the witnesses, CoSi still guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to risk that the compromise will soon be detected by one of the W witnesses. Because clients can verify collective signatures efficiently without communication, CoSi protects clients' privacy, and offers the first transparency mechanism effective against persistent man-in-the-middle attackers who control a victim's Internet access, the authority's secret key, and several witnesses' secret keys. CoSi builds on existing cryptographic multisignature methods, scaling them to support thousands of witnesses via signature aggregation over efficient communication trees. A working prototype demonstrates CoSi in the context of timestamping and logging authorities, enabling groups of over 8,000 distributed witnesses to cosign authoritative statements in under two seconds.Comment: 20 pages, 7 figure

    Data sharing in DHT based P2P systems

    Get PDF
    International audienceThe evolution of peer-to-peer (P2P) systems triggered the building of large scale distributed applications. The main application domain is data sharing across a very large number of highly autonomous participants. Building such data sharing systems is particularly challenging because of the "extreme" characteristics of P2P infrastructures: massive distribution, high churn rate, no global control, potentially untrusted participants... This article focuses on declarative querying support, query optimization and data privacy on a major class of P2P systems, that based on Distributed Hash Table (P2P DHT). The usual approaches and the algorithms used by classic distributed systems and databases forproviding data privacy and querying services are not well suited to P2P DHT systems. A considerable amount of work was required to adapt them for the new challenges such systems present. This paper describes the most important solutions found. It also identies important future research trends in data management in P2P DHT systems

    A Distributed Network Logging Topology

    Get PDF
    Network logging is used to monitor computer systems for potential problems and threats by network administrators. Research has found that the more logging enabled, the more potential threats can be detected in the logs (Levoy, 2006). However, generally it is considered too costly to dedicate the manpower required to analyze the amount of logging data that it is possible to generate. Current research is working on different correlation and parsing techniques to help filter the data, but these methods function by having all of the data dumped in to a central repository. Central repositories are limited in the amount of data they are able to receive without losing some of the data (SolarWindows, 2009). In large networks, the data limit is a problem, and industry standard syslog protocols could potentially lose data without being aware of the loss, potentially handicapping network administrators in their ability to analyze network problems and discover security risks. This research provides a scalable, accessible and fault-tolerant logging infrastructure that resolves the centralized server bottleneck and data loss problem while still maintaining a searchable and efficient storage system

    Group and individual time management tools: what you get is not what you need

    Get PDF
    Some studies of diaries and scheduling systems have considered how individuals use diaries with a view to proposing requirements for computerised time management tools. Others have focused on the criteria for success of group scheduling systems. Few have paid attention to how people use a battery of tools as an ensemble. This interview study reports how users exploit paper, personal digital assistants (PDAs) and a group scheduling system for their time management. As with earlier studies, we find many shortcomings of different technologies, but studying the ensemble rather than individual tools points towards a different conclusion: rather than aiming towards producing electronic time management tools that replace existing paper-based tools, we should be aiming to understand the relative strengths and weaknesses of each technology and look towards more seamless integration between tools. In particular, the requirements for scheduling and those for more responsive, fluid time management conflict in ways that demand different kinds of support

    Guidelines for the analysis of student web usage in support of primary educational objectives

    Get PDF
    The Internet and World Wide Web provides huge amounts of information to individuals with access to it. Information is an important driving factor of education and higher education has experienced massive adoption rates of information and communication technologies, and accessing the Web is not an uncommon practice within a higher educational institution. The Web provides numerous benefits and many students rely on the Web for information, communication and technical support. However, the immense amount of information available on the Web has brought about some negative side effects associated with abundant information. Whether the Web is a positive influence on students’ academic well-being within higher education is a difficult question to answer. To understand how the Web is used by students within a higher education institution is not an easy task. However, there are ways to understand the Web usage behaviour of students. Using established methods for gathering useful information from data produced by an institution, Web usage behaviours of students within a higher education institution could be analysed and presented. This dissertation presents guidance for analysing Web traffic within a higher educational institution in order to gain insight into the Web usage behaviours of students. This insight can provide educators with valuable information to bolster their decision-making capacity towards achieving their educational goals

    High-Fidelity Provenance:Exploring the Intersection of Provenance and Security

    Get PDF
    In the past 25 years, the World Wide Web has disrupted the way news are disseminated and consumed. However, the euphoria for the democratization of news publishing was soon followed by scepticism, as a new phenomenon emerged: fake news. With no gatekeepers to vouch for it, the veracity of the information served over the World Wide Web became a major public concern. The Reuters Digital News Report 2020 cites that in at least half of the EU member countries, 50% or more of the population is concerned about online fake news. To help address the problem of trust on information communi- cated over the World Wide Web, it has been proposed to also make available the provenance metadata of the information. Similar to artwork provenance, this would include a detailed track of how the information was created, updated and propagated to produce the result we read, as well as what agents—human or software—were involved in the process. However, keeping track of provenance information is a non-trivial task. Current approaches, are often of limited scope and may require modifying existing applications to also generate provenance information along with thei regular output. This thesis explores how provenance can be automatically tracked in an application-agnostic manner, without having to modify the individual applications. We frame provenance capture as a data flow analysis problem and explore the use of dynamic taint analysis in this context. Our work shows that this appoach improves on the quality of provenance captured compared to traditonal approaches, yielding what we term as high-fidelity provenance. We explore the performance cost of this approach and use deterministic record and replay to bring it down to a more practical level. Furthermore, we create and present the tooling necessary for the expanding the use of using deterministic record and replay for provenance analysis. The thesis concludes with an application of high-fidelity provenance as a tool for state-of-the art offensive security analysis, based on the intuition that software too can be misguided by "fake news". This demonstrates that the potential uses of high-fidelity provenance for security extend beyond traditional forensics analysis

    Taxonomy for Anti-Forensics Techniques & Countermeasures

    Get PDF
    Computer Forensic Tools are used by forensics investigators to analyze evidence from the seized devices collected at a crime scene or from a person, in such ways that the results or findings can be used in a court of law. These computer forensic tools are very important and useful as they help the law enforcement personnel to solve crimes. Computer criminals are now aware of the forensics tools used; therefore, they use countermeasure techniques to efficiently obstruct the investigation processes. By doing so, they make it difficult or almost impossible for investigators to uncover the evidence. These techniques, used against the computer forensics processes, are called Anti-forensics. This paper describes some of the many anti-forensics’ method, techniques and tools using a taxonomy. The taxonomy classified anti-forensics into different levels and different categories: WHERE, WHICH, WHAT, and HOW. The WHERE level indicates where anti-forensics can occur during an investigation. The WHICH level indicates which anti-forensics techniques exist. The WHAT level defines the exact method used for each technique. Finally, the HOW level indicates the tools used. Additionally, some countermeasures were proposed

    Process Mining Concepts for Discovering User Behavioral Patterns in Instrumented Software

    Get PDF
    Process Mining is a technique for discovering “in-use” processes from traces emitted to event logs. Researchers have recently explored applying this technique to documenting processes discovered in software applications. However, the requirements for emitting events to support Process Mining against software applications have not been well documented. Furthermore, the linking of end-user intentional behavior to software quality as demonstrated in the discovered processes has not been well articulated. After evaluating the literature, this thesis suggested focusing on user goals and actual, in-use processes as an input to an Agile software development life cycle in order to improve software quality. It also provided suggestions for instrumenting software applications to support Process Mining techniques
    • …
    corecore