Security and online social networks

In the last few years we have witnessed a sustained rise in the popularity of online Social Network Sites (SNSs) such as Twitter, Facebook, Myspace, Flickr, LinkedIn, FriendFeed, Google Friend Con- nect, Yahoo! Groups, etc., which are some of the most visited websites worldwide. However, since they are are easy to use and the users are often not aware of the nature of the access of their profiles, they often reveal information which should be kept away from the public eyes. As a result, these social sites may originate security related threats for their members. This paper highlights the benefits of safe use of SNSs and emphasizes the most important threats to members of SNSs. Moreover, we will show the main factors behind these threats. Finally we present policy and technical recommendations in order to improve security without compromising the benefits of information sharing through SNSs.IV Workshop Arquitectura, Redes y Sistemas Operativos (WARSO)Red de Universidades con Carreras en Informática (RedUNCI

Preventing and handling phishing attacks

Phishing (also known as carding and spoofing) is the act of attempting to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business with a real need for such information in a seemingly official electronic notification or message (most often an email, or an instant message (IM)). It is a form of social engineering attack. Customers of banks throughout the world have been victims of phishing. This paper covers the technologies and security flaws phishers exploit to conduct their attacks, and provides advice on security measures that can be employed by financial service providers such as Banks in order to prevent and handle phishing attacks. The customers’ perspective is also considered.VI Workshop de Procesamiento Distribuido y Paralelo (WPDP)Red de Universidades con Carreras en Informática (RedUNCI

(In)Security above the Clouds

In an ideal world, organizations “share” the cloud, logically separated from each other by the cloud provider, operating independently of each other in a sandbox, pulling resources only when needed, and respecting the separation put in place by the cloud provider. In the real world, applications uploaded to the cloud are trying to break out of their sandbox, attempting to gain access to other applications and hardware and trying to consume resources. The attackers know they have complete control of what the cloud runs; they know cloud security is immature and developing. Cloud computing creates new security problems that must be dealt with in addition to the existing problems. This research line explores these security problems.Eje: Procesamiento distribuido y paraleloRed de Universidades con Carreras en Informática (RedUNCI

A framework for implementing a Distributed Intrusion Detection System (DIDS) with interoperabilty and information analysis

Computer Intrusion Detection Systems (IDS) are primarily designed to protect availability, condentiality and integrity of critical information infrastructures. A Distributed IDS (DIDS) consists of several IDS over a large network(s), all of which communicate with each other, with a central server or with a cluster of servers that facilitates advanced network monitoring. In a distributed environment, DIDS are implemented using cooperative intelligent sensors distributed across the network(s). A significant challenge remains for IDS designers to combine data and information from numerous heterogeneous distributed agents into a coherent process which can be used to evaluate the security of the system. Multisensor data sensing, or distributed sensing, is a discipline used to combine data from multiple and diverse sensors and sources in order to make inferences about events, activities and situations. Today, common environments consists in large networks of high bandwidth. In these scenarios the amount of data produced by the sensors is extremely large so the efficient processing becomes a critical factor. In this article we propose a framework that aims to achieve the interoperability of the diverse heterogeneous agents that compose the typical infrastructure of a DIDS. Also, we address the alert aggregation and correlation problem proposing an alert processing software pipeline.Presentado en el XI Workshop Procesamiento Distribuido y Paralelo (WPDP)Red de Universidades con Carreras en Informática (RedUNCI

A framework for implementing a Distributed Intrusion Detection System (DIDS) with interoperabilty and information analysis

Computer Intrusion Detection Systems (IDS) are primarily designed to protect availability, condentiality and integrity of critical information infrastructures. A Distributed IDS (DIDS) consists of several IDS over a large network(s), all of which communicate with each other, with a central server or with a cluster of servers that facilitates advanced network monitoring. In a distributed environment, DIDS are implemented using cooperative intelligent sensors distributed across the network(s). A significant challenge remains for IDS designers to combine data and information from numerous heterogeneous distributed agents into a coherent process which can be used to evaluate the security of the system. Multisensor data sensing, or distributed sensing, is a discipline used to combine data from multiple and diverse sensors and sources in order to make inferences about events, activities and situations. Today, common environments consists in large networks of high bandwidth. In these scenarios the amount of data produced by the sensors is extremely large so the efficient processing becomes a critical factor. In this article we propose a framework that aims to achieve the interoperability of the diverse heterogeneous agents that compose the typical infrastructure of a DIDS. Also, we address the alert aggregation and correlation problem proposing an alert processing software pipeline.Presentado en el XI Workshop Procesamiento Distribuido y Paralelo (WPDP)Red de Universidades con Carreras en Informática (RedUNCI

Preventing and handling phishing attacks

Phishing (also known as carding and spoofing) is the act of attempting to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business with a real need for such information in a seemingly official electronic notification or message (most often an email, or an instant message (IM)). It is a form of social engineering attack. Customers of banks throughout the world have been victims of phishing. This paper covers the technologies and security flaws phishers exploit to conduct their attacks, and provides advice on security measures that can be employed by financial service providers such as Banks in order to prevent and handle phishing attacks. The customers’ perspective is also considered.VI Workshop de Procesamiento Distribuido y Paralelo (WPDP)Red de Universidades con Carreras en Informática (RedUNCI

Scheduling en el paradigma GRID

Un sistema grid conforma una red dinámica de recursos de cómputo heterogéneos que trabajan conjuntamente formando un entorno único y uniforme. Un sistema grid puede abarcar diferentes dominios administrativos, y puede ser capaz de soportar cambios dinámicos en las organizaciones participantes y en los requerimientos de cómputo. Para lograr este objetivo, un sistema grid debe ser capaz de proveer acceso a los recursos que los usuarios requieran, incluyendo procesamiento, datos, y aplicaciones. Este acceso debe estar respaldado por una infraestructura de seguridad a nivel del grid, pero que al mismo tiempo permita diversas y cambiantes políticas de seguridad locales. Además, el sistema debe ser diseñado con la capacidad de tolerar fallas a nivel de nodos individuales y cambios en la composición del grid (hardware, configuración de los sistemas y potencialmente sistema operativo). Por último es importante que un sistema con estas características sea simple de instalar y administrar. Para lograr este prometedor potencial es esencial contar con algoritmos de planificación (scheduling) eficientes y efectivos. Desafortunadamente, los algoritmos tradicionales de scheduling empleados en sistemas paralelos y distribuidos, los cuales suelen correr sobre recursos homogéneos y dedicados, e.g., clusters de computadoras, no funcionan bien bajo el paradigma grid. En este trabajo exploraremos algunos de los problemas abiertos relacionado con el problema del scheduling distribuido en sistemas grid.Eje: Procesamiento Concurrente, Paralelo y DistribuidoRed de Universidades con Carreras en Informática (RedUNCI

Scheduling en el paradigma GRID

Un sistema grid conforma una red dinámica de recursos de cómputo heterogéneos que trabajan conjuntamente formando un entorno único y uniforme. Un sistema grid puede abarcar diferentes dominios administrativos, y puede ser capaz de soportar cambios dinámicos en las organizaciones participantes y en los requerimientos de cómputo. Para lograr este objetivo, un sistema grid debe ser capaz de proveer acceso a los recursos que los usuarios requieran, incluyendo procesamiento, datos, y aplicaciones. Este acceso debe estar respaldado por una infraestructura de seguridad a nivel del grid, pero que al mismo tiempo permita diversas y cambiantes políticas de seguridad locales. Además, el sistema debe ser diseñado con la capacidad de tolerar fallas a nivel de nodos individuales y cambios en la composición del grid (hardware, configuración de los sistemas y potencialmente sistema operativo). Por último es importante que un sistema con estas características sea simple de instalar y administrar. Para lograr este prometedor potencial es esencial contar con algoritmos de planificación (scheduling) eficientes y efectivos. Desafortunadamente, los algoritmos tradicionales de scheduling empleados en sistemas paralelos y distribuidos, los cuales suelen correr sobre recursos homogéneos y dedicados, e.g., clusters de computadoras, no funcionan bien bajo el paradigma grid. En este trabajo exploraremos algunos de los problemas abiertos relacionado con el problema del scheduling distribuido en sistemas grid.Eje: Procesamiento Concurrente, Paralelo y DistribuidoRed de Universidades con Carreras en Informática (RedUNCI

Seguridad en entornos virtuales

En un entorno virtual, un monitor de maquina virtual (VMM) controla múltiples VMs mediante una abstracción de software del hardware subyacente. Esta arquitectura provee algunas ventajas con respecto a la seguridad pero también introduce desafíos únicos. Irónicamente los avances en la potencia de cómputo y la disminución de los costos del hardware fueron los factores que dieron origen a la pérdida de interés en la virtualización, hoy principales contribuyentes de su renacimiento. La virtualización surgió finales de la década de 1960, con el objetivo de multiplexarlas aplicaciones sobre mainframes de forma tal de poder repartir los escasos y costosos recursos de cómputo entre múltiples procesos. La creación de las VMs hizo posible que múltiples aplicaciones coexistiesen sobre una máquina única. Esta línea de investigación busca desarrollar nuevas tecnologías centradas en la seguridad de los entornos virtuales, especialmente a nivel del VMM.Eje: Procesamiento Distribuido y ParaleloRed de Universidades con Carreras en Informática (RedUNCI

Security and online social networks

In the last few years we have witnessed a sustained rise in the popularity of online Social Network Sites (SNSs) such as Twitter, Facebook, Myspace, Flickr, LinkedIn, FriendFeed, Google Friend Con- nect, Yahoo! Groups, etc., which are some of the most visited websites worldwide. However, since they are are easy to use and the users are often not aware of the nature of the access of their profiles, they often reveal information which should be kept away from the public eyes. As a result, these social sites may originate security related threats for their members. This paper highlights the benefits of safe use of SNSs and emphasizes the most important threats to members of SNSs. Moreover, we will show the main factors behind these threats. Finally we present policy and technical recommendations in order to improve security without compromising the benefits of information sharing through SNSs.IV Workshop Arquitectura, Redes y Sistemas Operativos (WARSO)Red de Universidades con Carreras en Informática (RedUNCI