The public health analogy in web security

Traditional law enforcement methods have proven inadequate against the current levels of cybercrime we are experiencing. This is due to the ease of automating attacks, and also that even a single jurisdiction prepared to ignore or unable to prosecute cybercriminals mean that they are usually beyond the reach of local law enforcement. This has led to different analogies to attempt to describe the phenomenon, and one of these is that of public health. In the past, this was used to describe the propagation methods of computer \viruses", which exhibited similar characteristics to biological viruses. Whilst other malware also had a similar propagation pattern, these no longer apply given the popularity of drive-by downloads, where Web pages attack users who visit them. A consequence of this new method of propagation is that \infected" machines do not have any contagion, so one infected machine on a network does not mean that an other machine on the network will become infected as well.This thesis proposes a novel interpretation of the public health analogy, which focuses on the notions of efficacy and rights, so that these guidelines can continue to be used. This is considered in the context of the major stakeholders who could intervene in the drive-by download process, where it is concluded that hosting providers are best placed to intervene to make a difference. It is proposed that they should proactively search for vulnerable websites they host, and warn the operator, implementing blocking procedures if the operator does not respond. An agent based model is then used to assess the efficacy of such an intervention.<br/

Web science challenges in researching bug bounties

The act of searching for security flaws (vulnerabilities) in a piece of software was previously considered to be the preserve of malicious actors, or at least actors who wished to cause chaos. Increasingly, however, companies are recognising the value of running a bug bounty program, where they will pay "white hat" hackers to locate and disclose security flaws in their applications in order that they can fix it. This is known as a "bug bounty" or a "vulnerability reward program", and at present has seen comparatively little research. This paper introduces two existing research on bug bounties in two areas: as a means of regulating the sale of vulnerabilities; and as a form of crowdsourcing. We argue that the nature of bug bounties makes Web science particularly suitable to drive forward research. We identify gaps in the current literature, and propose areas which we consider to be particularly promising for future research

Web science challenges in researching bug bounties

The act of searching for security flaws (vulnerabilities) in a piece of software was previously considered to be the preserve of malicious actors, or at least actors who wished to cause chaos. Increasingly, however, companies are recognising the value of running a bug bounty program, where they will pay "white hat" hackers to locate and disclose security flaws in their applications in order that they can fix it. This is known as a "bug bounty" or a "vulnerability reward program", and at present has seen comparatively little research. This paper introduces two existing research on bug bounties in two areas: as a means of regulating the sale of vulnerabilities; and as a form of crowdsourcing. We argue that the nature of bug bounties makes Web science particularly suitable to drive forward research. We identify gaps in the current literature, and propose areas which we consider to be particularly promising for future research

Malicious web pages: what if hosting providers could actually do something...

The ability of cyber criminals to compromise networked computer systems through the spread of malware allows the creation of significant criminal information technologies (IT) infrastructures or ‘botnets’. The systems compromising such infrastructures can be used to harvest credentials, typically through keylogging malware, or provide a cover for illegal activities by making victim computers perform criminal acts initiated by others, such as distributed denial of service (DDoS) attacks. A single compromise may result in an infected system that is used in multiple criminal activities, and the cumulative effect of these activities and the resources dedicated to prevention can be considerable . This paper explains how the phenomenon of drive-by downloads has evolved to become a significant threat to both Internet users and third party systems. To effect a compromise via a drive-by, a criminal will create a malicious Web page which, when visited, attempts to exploit vulnerabilities on the user’s computer automatically. In contrast to email or worm-based malware propagation, such drive-by attacks are stealthy as they are ‘invisible’ to the user when doing general Web browsing. They also increase the potential victim base for attackers since they allow a way through the user's firewall, since the user initiates the connection to the Web page from within their own network. The phenomenon of drive-by downloads is not a new one, but remains one of the significant threats to the security of the Web, with the prominent malware variants being distributed in this way . The perception that malware only resides on ‘suspect’ sites such as file sharing sites, or those carrying pornography is now far from reality. Commonly, an attacker will seek to compromise an otherwise legitimate website and use that to distribute malware. They may also attempt to place malware on a cheap throwaway domain name, but it is harder for ISPs or authorities to take measures against a legitimate website, and it also increases the probability of a potential victim visiting it. Where the target is a website on a trending topic, the risk of exposure is even greater. With the rise of blogging and similar content creation, there is also a significant risk of vulnerabilities in common blogging platforms, such as WordPress, exposing visitors to such sites to potential drive-by malware.This article provides a review of the existing strategies being used to mitigate this problem, and explains why they are not enough. We suggest that simple actions by Web intermediaries, in particular companies providing hosting services, could significantly impact upon the amount of malicious web pages, and force the criminals to use a smaller, more readily identifiable set of platforms to spread their malware. We conclude that laws excluding liability for intermediaries such as the E-commerce Directive in the European Union do not necessarily give an incentive to hosting providers to engage in such security practices and legitimate use of the Web suffers as a result.<br/

Creating an Open Data Application for Sustainability Education: Globe-Town

Globe-Town.org is an information visualisation using open data, designed to convey the connections between economics, society and environment in a globalising world. It informs about global challenges whilst being easy and enjoyable to use. It aims to motivate to act by showing how an intensifying network of linkages connects global sustainability issues to the home country of the user, and the topics that they care about. Globe-Town’s central innovation in interaction design is how it combines visualisation of the properties of the individual country with a listing of the countries that are most strongly connected to it by a chosen type of relationship. This shows how ties of trade, migration, communication and culture increasingly connect countries, sharing the risks, responsibilities and opportunities of issues like climate change. Globe-Town takes a domain-specific storytelling approach to information visualisation, co-creating hypermedia narratives of sustainability and globalisation along with the user. Having sufficient open data availability is found to be highly valuable, as it prevents understanding of these expansive interdisciplinary problems being stymied by arbitrary limits of data access. Globe-Town has won second place in the Linked Up Veni Open Education competition and third place in the finals of the World Bank&apos;s Apps for Climate competition. This article describes the Globe-Town application in detail, along with the numerous online data resources that have enabled it, and the design and development process through which it was created

The phenotype of Sotos syndrome in adulthood:A review of 44 individuals

Sotos syndrome is an overgrowth-intellectual disability (OGID) syndrome caused by NSD1 pathogenic variants and characterized by a distinctive facial appearance, an intellectual disability, tall stature and/or macrocephaly. Other associated clinical features include scoliosis, seizures, renal anomalies, and cardiac anomalies. However, many of the published Sotos syndrome clinical descriptions are based on studies of children; the phenotype in adults with Sotos syndrome is not yet well described. Given that it is now 17 years since disruption of NSD1 was shown to cause Sotos syndrome, many of the children first reported are now adults. It is therefore timely to investigate the phenotype of 44 adults with Sotos syndrome and NSD1 pathogenic variants. We have shown that adults with Sotos syndrome display a wide spectrum of intellectual ability with functioning ranging from fully independent to fully dependent. Reproductive rates are low. In our cohort, median height in adult women is +1.9 SD and men +0.5 SD. There is a distinctive facial appearance in adults with a tall, square, prominent chin. Reassuringly, adults with Sotos syndrome are generally healthy with few new medical issues; however, lymphedema, poor dentition, hearing loss, contractures and tremor have developed in a small number of individuals