190 resultados para malicious
Resumo:
Many games now on the market come with a Software Development Kit, or SDK, which allow players to construct their own worlds and mod(ify) the original. One or two of these mods have achieved notoriety in the press, cited as evidence of malicious intent on the part of the modders who often exploit their own known lived experience as a basis for new virtual playgrounds. But most player constructed games are a source of delight and pleasure for the builder and for the community of players. Creating a game is the act of creating a world, of making a place.
Resumo:
Network coding is a method for achieving channel capacity in networks. The key idea is to allow network routers to linearly mix packets as they traverse the network so that recipients receive linear combinations of packets. Network coded systems are vulnerable to pollution attacks where a single malicious node floods the network with bad packets and prevents the receiver from decoding correctly. Cryptographic defenses to these problems are based on homomorphic signatures and MACs. These proposals, however, cannot handle mixing of packets from multiple sources, which is needed to achieve the full benefits of network coding. In this paper we address integrity of multi-source mixing. We propose a security model for this setting and provide a generic construction.
Resumo:
We propose a new kind of asymmetric mutual authentication from passwords with stronger privacy against malicious servers, lest they be tempted to engage in “cross-site user impersonation” to each other. It enables a person to authenticate (with) arbitrarily many independent servers, over adversarial channels, using a memorable and reusable single short password. Beside the usual PAKE security guarantees, our framework goes to lengths to secure the password against brute-force cracking from privileged server information.
Resumo:
We present two unconditional secure protocols for private set disjointness tests. In order to provide intuition of our protocols, we give a naive example that applies Sylvester matrices. Unfortunately, this simple construction is insecure as it reveals information about the intersection cardinality. More specifically, it discloses its lower bound. By using the Lagrange interpolation, we provide a protocol for the honest-but-curious case without revealing any additional information. Finally, we describe a protocol that is secure against malicious adversaries. In this protocol, a verification test is applied to detect misbehaving participants. Both protocols require O(1) rounds of communication. Our protocols are more efficient than the previous protocols in terms of communication and computation overhead. Unlike previous protocols whose security relies on computational assumptions, our protocols provide information theoretic security. To our knowledge, our protocols are the first ones that have been designed without a generic secure function evaluation. More important, they are the most efficient protocols for private disjointness tests in the malicious adversary case.
Resumo:
There has been tremendous interest in watermarking multimedia content during the past two decades, mainly for proving ownership and detecting tamper. Digital fingerprinting, that deals with identifying malicious user(s), has also received significant attention. While extensive work has been carried out in watermarking of images, other multimedia objects still have enormous research potential. Watermarking database relations is one of the several areas which demand research focus owing to the commercial implications of database theft. Recently, there has been little progress in database watermarking, with most of the watermarking schemes modeled after the irreversible database watermarking scheme proposed by Agrawal and Kiernan. Reversibility is the ability to re-generate the original (unmarked) relation from the watermarked relation using a secret key. As explained in our paper, reversible watermarking schemes provide greater security against secondary watermarking attacks, where an attacker watermarks an already marked relation in an attempt to erase the original watermark. This paper proposes an improvement over the reversible and blind watermarking scheme presented in [5], identifying and eliminating a critical problem with the previous model. Experiments showing that the average watermark detection rate is around 91% even with attacker distorting half of the attributes. The current scheme provides security against secondary watermarking attacks.
Resumo:
We present efficient protocols for private set disjointness tests. We start from an intuition of our protocols that applies Sylvester matrices. Unfortunately, this simple construction is insecure as it reveals information about the cardinality of the intersection. More specifically, it discloses its lower bound. By using the Lagrange interpolation we provide a protocol for the honest-but-curious case without revealing any additional information. Finally, we describe a protocol that is secure against malicious adversaries. The protocol applies a verification test to detect misbehaving participants. Both protocols require O(1) rounds of communication. Our protocols are more efficient than the previous protocols in terms of communication and computation overhead. Unlike previous protocols whose security relies on computational assumptions, our protocols provide information theoretic security. To our knowledge, our protocols are first ones that have been designed without a generic secure function evaluation. More importantly, they are the most efficient protocols for private disjointness tests for the malicious adversary case.
Resumo:
To harness safe operation of Web-based systems in Web environments, we propose an SSPA (Server-based SHA-1 Page-digest Algorithm) to verify the integrity of Web contents before the server issues an HTTP response to a user request. In addition to standard security measures, our Java implementation of the SSPA, which is called the Dynamic Security Surveillance Agent (DSSA), provides further security in terms of content integrity to Web-based systems. Its function is to prevent the display of Web contents that have been altered through the malicious acts of attackers and intruders on client machines. This is to protect the reputation of organisations from cyber-attacks and to ensure the safe operation of Web systems by dynamically monitoring the integrity of a Web site's content on demand. We discuss our findings in terms of the applicability and practicality of the proposed system. We also discuss its time metrics, specifically in relation to its computational overhead at the Web server, as well as the overall latency from the clients' point of view, using different Internet access methods. The SSPA, our DSSA implementation, some experimental results and related work are all discussed
Resumo:
This paper begins with a brief review of recent literature about relationships between offending behaviour and mental illness, classifying studies by the settings within which they occurred. The establishment and role of a mental health court liaison (MHCL) service is then described, together with findings from a 3-year service audit, including an examination of relationships between clients’ characteristics and offence profiles, and comparisons with regional offence data. During the audit period, 971 clients (767 males, 204 females) were referred to the service, comprising 1139 service episodes, 35.5% of which involved a comorbid substance use diagnosis. The pattern of offences for MHCL clients was reasonably similar to the regional offence data, except that among MHCL clients there were proportionately more offences against justice procedures (e.g., breaches of apprehended violence orders [AVOs]) and fewer driving offences and “other offences”. Additionally, male MHCL clients had proportionately more malicious damage and robbery offences and lower rates of offensive behaviour and drug offences. A range of service and research issues is also discussed. Overall, the new service appears to have forged more effective links between the mental health and criminal justice systems.
Resumo:
Many software applications extend their functionality by dynamically loading libraries into their allocated address space. However, shared libraries are also often of unknown provenance and quality and may contain accidental bugs or, in some cases, deliberately malicious code. Most sandboxing techniques which address these issues require recompilation of the libraries using custom tool chains, require significant modifications to the libraries, do not retain the benefits of single address-space programming, do not completely isolate guest code, or incur substantial performance overheads. In this paper we present LibVM, a sandboxing architecture for isolating libraries within a host application without requiring any modifications to the shared libraries themselves, while still retaining the benefits of a single address space and also introducing a system call inter-positioning layer that allows complete arbitration over a shared library’s functionality. We show how to utilize contemporary hardware virtualization support towards this end with reasonable performance overheads and, in the absence of such hardware support, our model can also be implemented using a software-based mechanism. We ensure that our implementation conforms as closely as possible to existing shared library manipulation functions, minimizing the amount of effort needed to apply such isolation to existing programs. Our experimental results show that it is easy to gain immediate benefits in scenarios where the goal is to guard the host application against unintentional programming errors when using shared libraries, as well as in more complex scenarios, where a shared library is suspected of being actively hostile. In both cases, no changes are required to the shared libraries themselves.
Resumo:
This collection contains the papers of Ernest W. Michel, Holocaust Survivor Journalist and public speaker,including clippings of newspaper articles written by and about Michel, correspondence between Michel and many important Jewish and political figures and autograph files, which Michel collected. Many of these files concern Michel’s Holocaust experiences, speaking engagements, the World Gathering of Jewish Holocaust Survivors, and Michel’s work with the United Jewish Appeal.
Resumo:
In this thesis we study a series of multi-user resource-sharing problems for the Internet, which involve distribution of a common resource among participants of multi-user systems (servers or networks). We study concurrently accessible resources, which for end-users may be exclusively accessible or non-exclusively. For all kinds we suggest a separate algorithm or a modification of common reputation scheme. Every algorithm or method is studied from different perspectives: optimality of protocols, selfishness of end users, fairness of the protocol for end users. On the one hand the multifaceted analysis allows us to select the most suited protocols among a set of various available ones based on trade-offs of optima criteria. On the other hand, the future Internet predictions dictate new rules for the optimality we should take into account and new properties of the networks that cannot be neglected anymore. In this thesis we have studied new protocols for such resource-sharing problems as the backoff protocol, defense mechanisms against Denial-of-Service, fairness and confidentiality for users in overlay networks. For backoff protocol we present analysis of a general backoff scheme, where an optimization is applied to a general-view backoff function. It leads to an optimality condition for backoff protocols in both slot times and continuous time models. Additionally we present an extension for the backoff scheme in order to achieve fairness for the participants in an unfair environment, such as wireless signal strengths. Finally, for the backoff algorithm we suggest a reputation scheme that deals with misbehaving nodes. For the next problem -- denial-of-service attacks, we suggest two schemes that deal with the malicious behavior for two conditions: forged identities and unspoofed identities. For the first one we suggest a novel most-knocked-first-served algorithm, while for the latter we apply a reputation mechanism in order to restrict resource access for misbehaving nodes. Finally, we study the reputation scheme for the overlays and peer-to-peer networks, where resource is not placed on a common station, but spread across the network. The theoretical analysis suggests what behavior will be selected by the end station under such a reputation mechanism.
Resumo:
Gentlemen, Lads and the Art of War The Construction of Citizen Soldier- and Professional Soldier Armies into the Miracle of the Winter War During the 1920s and 1930s The Miracle of the Winter War was not a myth - at least according to them, who were making that miracle to happen. This study is not just about the Armed Forces and society, but moreover a study about civil society inside the organization of armed forces. Conscription kept Finnish military organization (and is still keeping) very closely connected with civil society and therefore there is no need to locate the possible critical misunderstandings brought by two different identity-based approaches. The great performance of the Armed Forces during the Second World War was not made of superior art of war. It was not the high level of discipline either. Art of war is basically a (deep level) cultural level equation that has more to do with culturally absorbed schemes of meaning making than rational decision-making. Naturally attrition based approach to effect-making directed the organizational methods in attrition based organisational practices, where there were only minor possibilities to practice any manoeuvre-based organisational behaviour. The practice and method of leadership lent similarly to the attrition-based thinking, which directed the organisational cultural thoughts towards composition that confirmed antagonism between gentlemen and lads . This setting has been absorbed and learned through cultural socialisation and was therefore not a product of the military organisation itself. The Finnish Armed Forces included two different communities (gentlemen and lads) within the same organisation as there were both the official and the unofficial organisations presented. This caused problems as they both made meaning-making processes simultaneously. These organisations had their own overlapping and in most cases also contradictory social meanings. The unofficial organisation has been overshadowed by the vast number of studies concerning the official organisation. The main reason for this systematic neglect is based on the reality of the attitudes and living conditions of the micro-level organisation which produced (perhaps) too realistic and repulsive viewpoints that are presenting a picture of a national level identity process in a way that is separating it from the ideals made to verify the ethos of national values. Complaining, griping, grumbling and moaning are usually situated in a category of abnormal and unwanted behaviour. However, within the context of a citizen soldier army community this was more of a characteristic feature of that organisation (in Finland) and therefore it was crucially important to locate the context of that abnormal behaviour. According to this study, it was not a malicious act but moreover seriously formed efforts in trying to use common sense in the chaos citizen soldiers faced when they were uniformed and placed in an unfamiliar process of disciplinary measures and frictions and competition between different ranks. There is much evidence that reinforces the argument that what seemed to be the most unconventional behaviour was finally the most efficient in a sense of military performance.
Resumo:
A Delay Tolerant Network (DTN) is a dynamic, fragmented, and ephemeral network formed by a large number of highly mobile nodes. DTNs are ephemeral networks with highly mobile autonomous nodes. This requires distributed and self-organised approaches to trust management. Revocation and replacement of security credentials under adversarial influence by preserving the trust on the entity is still an open problem. Existing methods are mostly limited to detection and removal of malicious nodes. This paper makes use of the mobility property to provide a distributed, self-organising, and scalable revocation and replacement scheme. The proposed scheme effectively utilises the Leverage of Common Friends (LCF) trust system concepts to revoke compromised security credentials, replace them with new ones, whilst preserving the trust on them. The level of achieved entity confidence is thereby preserved. Security and performance of the proposed scheme is evaluated using an experimental data set in comparison with other schemes based around the LCF concept. Our extensive experimental results show that the proposed scheme distributes replacement credentials up to 35% faster and spreads spoofed credentials of strong collaborating adversaries up to 50% slower without causing any significant increase on the communication and storage overheads, when compared to other LCF based schemes.
Resumo:
This thesis is an exploratory case study that aims to understand the attitudes affecting adoption of mobile self-services. This study used a demo mobile self-service that could be used by consumers for making address changes. The service was branded with a large and trusted Finnish brand. The theoretical framework that was used consisted of adoption theories of technology, adoption theories of self-service and literature concerning mobile services. The reviewed adoption theories of both technology and self-service had their foundation in IDT or TRA/TPB. Based on the reviewed theories an initial framework was created. The empirical data collection was done through three computer aided group interview sessions with a total of 32 respondents. The data analysis started from the premises of the initial framework. Based on the empirical data the framework was constantly reviewed and altered and the data recoded accordingly. The result of this thesis was a list of attitudinal factors that affect the adoption of a mobile self-service either positively or negatively. The factors that were found to affect the attitudes towards adoption of mobile self-services positively were: that the service was time & place independent and saved time. Most respondents, but not all, also had a positive attitude towards adoption due to ease of use and being mentally compatible with the service. Factors that affected adoption negatively were lack of technical compatibility, perceived risk for high costs and risk for malicious software. The identified factors were triangulated in respect to existing literature and general attitudes towards mobile services.
Resumo:
Mobile ad-hoc networks (MANETs) have recently drawn significant research attention since they offer unique benefits and versatility with respect to bandwidth spatial reuse, intrinsic fault tolerance, and low-cost rapid deployment. This paper addresses the issue of delay sensitive realtime data transport in these type of networks. An effective QoS mechanism is thereby required for the speedy transport of the realtime data. QoS issue in MANET is an open-end problem. Various QoS measures are incorporated in the upperlayers of the network, but a few techniques addresses QoS techniques in the MAC layer. There are quite a few QoS techniques in the MAC layer for the infrastructure based wireless network. The goal and the challenge is to achieve a QoS delivery and a priority access to the real time traffic in adhoc wireless environment, while maintaining democracy in the resource allocation. We propose a MAC layer protocol called "FCP based FAMA protocol", which allocates the channel resources to the needy in a more democratic way, by examining the requirements, malicious behavior and genuineness of the request. We have simulated both the FAMA as well as FCP based FAMA and tested in various MANET conditions. Simulated results have clearly shown a performance improvement in the channel utilization and a decrease in the delay parameters in the later case. Our new protocol outperforms the other QoS aware MAC layer protocols.
