Information security

From WikiPapers
Jump to: navigation, search

Information security is included as keyword or extra keyword in 0 datasets, 0 tools and 10 publications.

Datasets

There is no datasets for this keyword.

Tools

There is no tools for this keyword.


Publications

Title Author(s) Published in Language DateThis property is a special property in this wiki. Abstract R C
A Malicious Bot Capturing System using a Beneficial Bot and Wiki Takashi Yamanoue
Kentaro Oda
Koichi Shimozono
Journal of Information Processing English February 2013 Locating malicious bots in a large network is problematic because the internal firewalls and network address translation (NAT) routers of the network unintentionally contribute to hiding the bots’ host address and malicious packets. However, eliminating firewalls and NAT routers merely for locating bots is generally not acceptable. In the present paper, we propose an easy to deploy, easy to manage network security control system for locating a malicious host behind internal secure gateways. The proposed network security control system consists of a remote security device and a command server. The remote security device is installed as a transparent link (implemented as an L2 switch), between the subnet and its gateway in order to detect a host that has been compromised by a malicious bot in a target subnet, while minimizing the impact of deployment. The security device is controlled remotely by 'polling' the command server in order to eliminate the NAT traversal problem and to be firewall friendly. Since the remote security device exists in transparent, remotely controlled, robust security gateways, we regard this device as a beneficial bot. We adopt a web server with wiki software as the command server in order to take advantage of its power of customization, ease of use, and ease of deployment of the server. 5 2
Research collaboration tools for the U.S. Department of Defense Schwalb S.I. Information Services and Use English 2013 America's adversaries have shown their ability to quickly incorporate new technologies that threaten the U.S. and its interests. The Defense Technical Information Center (DTIC) serves the Department of Defense (DoD) research and engineering community as the central resource for DoD-funded scientific, technical, engineering, and business information and exchange. Furthermore, DTIC fulfills a key role by producing secure collaborative tools that facilitate a rapid response to current and emerging threats. The new Research & Engineering (R&E) Gateway (created by DTIC), which includes DoDTechipedia, DoDTechSpace, Search and Analytics, and the Information Analysis Centers and Defense Innovation Marketplace, are aimed at enhancing DoD's ability to collaborate across the defense enterprise, identify solutions for technology challenges, and seek ways to ensure that taxpayer dollars are spent in an efficient manner. This article will examine the approach taken to develop the collaborative tools, intended goals, challenges to adoption of the sites, and some lessons learned. It will also review how DTIC has provided its registered customers with robust social media tools, albeit limited to the defense community. 0 0
Capturing malicious bots using a beneficial bot and wiki Takashi Yamanoue
Kentaro Oda
Koichi Shimozono
SIGUCCS English October 2012 Locating malicious bots in a large network is problematic because its internal firewalls and NAT routers unintentionally contribute to hiding bots' host address and malicious packets. However, eliminating firewalls and NAT routers for merely locating bots is generally not acceptable. In this paper, we propose an easy to deploy, easy to manage network security controlling system for locating a malicious host behind the internal secure gateways. This network security controlling system consists of a remote security device and a command server. Each of the remote security devices is installed as a transparent link (implemented as a L2 switch), between the subnet and its gateway, to detect a host which is compromised with a malicious bot in a target subnet, while minimizing impact of deployment. The security devices are remote controlled by 'polling' the command server in order to eliminating NAT traversal problem and to be firewall friendly. Since the remote security device lives in transparent, remote controlled and robust to security gateways, we regard it as a beneficial bot. We adopt a web server with wiki software as the command server in order to take advantage of its power of customization, easy to use and easy to deployment of the server. 4 1
A Casual Network Security Monitoring System using a Portable Sensor Device and Wiki Software Takashi Yamanoue
Kentaro Oda
Koichi Shimozono
SAINT English July 2012 A casual network security monitoring system is proposed in this paper. The system is easy to deploy without reconfiguring the central network infrastructure, the firewall, and the intrusion detector system (IDS) of an organization. A virus-infected host, which is hidden by the network address translator (NAT) of a sub LAN, can be identified easily by using this monitoring system with the IDS. This monitoring system consists of a portable sensor device and a web site with wiki software. The portable sensor device, which is located on a target LAN that may have virus-infected hosts, is remote-controlled by a network manager's commands. The commands and the results are written on a wiki page. 3 2
Secure Wiki System: A plugin-based solution to wiki security Kasper Lindberg English March 2012 Wiki systems have become an important tool for knowledge sharing among people. From the small wikis for knowledge sharing in organizations to the larger project-related wikis on the Internet. In addition, Wikipedia, which is in a class of its own when it comes to size, has managed to collect an impressive amount of information based solely on the cooperation between strangers from around the world. Any open wiki, with a user-community so large that members of the community have a certain degree of anonymity, suffer from the effects of directed and random vandalism. This vandalism is a problem because it reduces the trustworthiness of the content provided by the wiki system. The secure wiki model is an integrity model that has been proposed to help prevent vandalism and improve the trustworthiness of articles in wiki system. This model is based on both static and dynamic document access controls, which enforce a simple integrity based security policy. This thesis improves this model by proposing a new policy for use with the model. The proposed policy is evaluated and compared to the original policy. The evaluation shows that the new policy is highly configurable and can be configured in such a way that it requires significantly less reviewers than the original policy, which can benefit small systems with a low number of users. An implementation of a base wiki system have been created, which on its own equals any other wiki in terms of its vulnerability to vandalism. In addition to this, an implementation of the secure wiki model has also been created. The implementation is made as a plugin to the base wiki system and adds an integrity model to the existing soft-security model that is used by the base system and other wiki implementations. The integrity model provides harder security guarantees and limits the ability of attackers to compromise the integrity of wiki articles, without compromising the all can edit policy of open wiki systems. 6 0
Autonomous Link Spam Detection in Purely Collaborative Environments Andrew G. West
Avantika Agrawal
Phillip Baker
Brittney Exline
Insup Lee
WikiSym English October 2011 Collaborative models (e.g., wikis) are an increasingly prevalent Web technology. However, the open-access that defines such systems can also be utilized for nefarious purposes. In particular, this paper examines the use of collaborative functionality to add inappropriate hyperlinks to destinations outside the host environment (i.e., link spam). The collaborative encyclopedia, Wikipedia, is the basis for our analysis.

Recent research has exposed vulnerabilities in Wikipedia's link spam mitigation, finding that human editors are latent and dwindling in quantity. To this end, we propose and develop an autonomous classifier for link additions. Such a system presents unique challenges. For example, low barriers-to-entry invite a diversity of spam types, not just those with economic motivations. Moreover, issues can arise with how a link is presented (regardless of the destination).

In this work, a spam corpus is extracted from over 235,000 link additions to English Wikipedia. From this, 40+ features are codified and analyzed. These indicators are computed using "wiki" metadata, landing site analysis, and external data sources. The resulting classifier attains 64% recall at 0.5% false-positives (ROC-AUC=0.97). Such performance could enable egregious link additions to be blocked automatically with low false-positive rates, while prioritizing the remainder for human inspection. Finally, a live Wikipedia implementation of the technique has been developed.
0 0
What Wikipedia Deletes: Characterizing Dangerous Collaborative Content Andrew G. West
Insup Lee
WikiSym English October 2011 Collaborative environments, such as Wikipedia, often have low barriers-to-entry in order to encourage participation. This accessibility is frequently abused (e.g., vandalism and spam). However, certain inappropriate behaviors are more threatening than others. In this work, we study contributions which are not simply ``undone -- but *deleted* from revision histories and public view. Such treatment is generally reserved for edits which: (1) present a legal liability to the host (e.g., copyright issues, defamation), or (2) present privacy threats to individuals (i.e., contact information). Herein, we analyze one year of Wikipedia's public deletion log and use brute-force strategies to learn about privately handled redactions. This permits insight about the prevalence of deletion, the reasons that induce it, and the extent of end-user exposure to dangerous content. While Wikipedia's approach is generally quite reactive, we find that copyright issues prove most problematic of those behaviors studied. 0 1
What Wikipedia deletes: Characterizing dangerous collaborative content West A.G.
Insup Lee
WikiSym 2011 Conference Proceedings - 7th Annual International Symposium on Wikis and Open Collaboration English 2011 Collaborative environments, such as Wikipedia, often have low barriers-to-entry in order to encourage participation. This accessibility is frequently abused (e.g., vandalism and spam). However, certain inappropriate behaviors are more threatening than others. In this work, we study contributions which are not simply "undone" - but deleted from revision histories and public view. Such treatment is generally reserved for edits which: (1) present a legal liability to the host (e.g., copyright issues, defamation), or (2) present privacy threats to individuals (i.e., contact information). Herein, we analyze one year of Wikipedia's public deletion log and use brute-force strategies to learn about privately handled redactions. This permits insight about the prevalence of deletion, the reasons that induce it, and the extent of end-user exposure to dangerous content. While Wikipedia's approach is generally quite reactive, we find that copyright issues prove most problematic of those behaviors studied. 0 1
What Wikipedia deletes: characterizing dangerous collaborative content Andrew G. West
Insup Lee
WikiSym English 2011 Collaborative environments, such as Wikipedia, often have low barriers-to-entry in order to encourage participation. This accessibility is frequently abused (e.g., vandalism and spam). However, certain inappropriate behaviors are more threatening than others. In this work, we study contributions which are not simply ``undone -- but *deleted* from revision histories and public view. Such treatment is generally reserved for edits which: (1) present a legal liability to the host (e.g., copyright issues, defamation), or (2) present privacy threats to individuals (i.e., contact information). Herein, we analyze one year of Wikipedia's public deletion log and use brute-force strategies to learn about privately handled redactions. This permits insight about the prevalence of deletion, the reasons that induce it, and the extent of end-user exposure to dangerous content. While Wikipedia's approach is generally quite reactive, we find that copyright issues prove most problematic of those behaviors studied. 0 1
STiki: An Anti-Vandalism Tool for Wikipedia Using Spatio-Temporal Analysis of Revision Metadata Andrew G. West
Sampath Kannan
Insup Lee
WikiSym English July 2010 STiki is an anti-vandalism tool for Wikipedia. Unlike similar tools, STiki does not rely on natural language processing (NLP) over the article or diff text to locate vandalism. Instead, STiki leverages spatio-temporal properties of revision metadata. The feasibility of utilizing such properties was demonstrated in our prior work, which found they perform comparably to NLP-efforts while being more efficient, robust to evasion, and language independent. STiki is a real-time, on-Wikipedia implementation based on these properties. It consists of, (1) a server-side processing engine that examines revisions, scoring the likelihood each is vandalism, and, (2) a client-side GUI that presents likely vandalism to end-users for definitive classiffcation (and if necessary, reversion on Wikipedia). Our demonstration will provide an introduction to spatio-temporal properties, demonstrate the STiki software, and discuss alternative research uses for the open-source code. 0 0