The war of attrition in cyber-space or "cyber-attacks", "cyber-war" and "cyber-terrorism"

Nos últimos anos tornou-se óbvio que o mundo virtual das bases de dados e do software – popularmente denominado como ciberespaço – tem um lado negro. Este lado negro tem várias dimensões, nomeadamente perda de produtividade, crime financeiro, furto de propriedade intelectual, de identidade, bullying e outros. Empresas, governos e outras entidades são cada vez mais alvo de ataques de terceiros com o fim de penetrarem as suas redes de dados e sistemas de informação. Estes vão desde os adolescentes a grupos organizados e extremamente competentes, sendo existem indicações de que alguns Estados têm vindo a desenvolver “cyber armies” com capacidades defensivas e ofensivas. Legisladores, políticos e diplomatas têm procurado estabelecer conceitos e definições, mas apesar da assinatura da Convenção do Conselho da Europa sobre Cibercrime em 2001 por vários Estados, não existiram novos desenvolvimentos desde então. Este artigo explora as várias dimensões deste domínio e enfatiza os desafios que se colocam a todos aqueles que são responsáveis pela proteção diária da informação das respetivas organizações contra ataques de origem e objetivos muitas vezes desconhecidos.

Probabilistic resource space model for managing resources in cyber-physical society

Classification is the most basic method for organizing resources in the physical space, cyber space, socio space and mental space. To create a unified model that can effectively manage resources in different spaces is a challenge. The Resource Space Model RSM is to manage versatile resources with a multi-dimensional classification space. It supports generalization and specialization on multi-dimensional classifications. This paper introduces the basic concepts of RSM, and proposes the Probabilistic Resource Space Model, P-RSM, to deal with uncertainty in managing various resources in different spaces of the cyber-physical society. P-RSM’s normal forms, operations and integrity constraints are developed to support effective management of the resource space. Characteristics of the P-RSM are analyzed through experiments. This model also enables various services to be described, discovered and composed from multiple dimensions and abstraction levels with normal form and integrity guarantees. Some extensions and applications of the P-RSM are introduced.

Semantic linking through spaces for cyber-physical-socio intelligence:a methodology

Humans consciously and subconsciously establish various links, emerge semantic images and reason in mind, learn linking effect and rules, select linked individuals to interact, and form closed loops through links while co-experiencing in multiple spaces in lifetime. Machines are limited in these abilities although various graph-based models have been used to link resources in the cyber space. The following are fundamental limitations of machine intelligence: (1) machines know few links and rules in the physical space, physiological space, psychological space, socio space and mental space, so it is not realistic to expect machines to discover laws and solve problems in these spaces; and, (2) machines can only process pre-designed algorithms and data structures in the cyber space. They are limited in ability to go beyond the cyber space, to learn linking rules, to know the effect of linking, and to explain computing results according to physical, physiological, psychological and socio laws. Linking various spaces will create a complex space — the Cyber-Physical-Physiological-Psychological-Socio-Mental Environment CP3SME. Diverse spaces will emerge, evolve, compete and cooperate with each other to extend machine intelligence and human intelligence. From multi-disciplinary perspective, this paper reviews previous ideas on various links, introduces the concept of cyber-physical society, proposes the ideal of the CP3SME including its definition, characteristics, and multi-disciplinary revolution, and explores the methodology of linking through spaces for cyber-physical-socio intelligence. The methodology includes new models, principles, mechanisms, scientific issues, and philosophical explanation. The CP3SME aims at an ideal environment for humans to live and work. Exploration will go beyond previous ideals on intelligence and computing.

Literatura boa é que eu gosto; ruim a que eu não gosto: fóruns de discussão literária da rede social ORKUT e a Teoria da Valoração uma análise crítica

Esta dissertação se insere nos estudos de Linguística e é vinculada à Análise Crítica do Discurso (FAIRCLOUGH, 1989, 2003) e à Linguística Sistêmico-Funcional (HALLIDAY, 1970, 1973), investigando o que é a qualidade literária para os internautas que interagem em fóruns de discussão do Orkut, à luz da Teoria da Valoração (MARTIN ; WHITE, 2005). De acordo com as categorias que abrangem o subsistema da Atitude da Teoria da Valoração (MARTIN ; WHITE, 2005), analisa-se como os leitores internautas se posicionam sobre a questão da qualidade literária e a ideologia que perpassa seus discursos. O conceito de ideologia adotado é o proposto por Thompson (2009), para quem o conceito deve ser compreendido a partir da noção de hegemonia e poder, ou seja, a ideologia necessariamente estabelece e sustenta relações de dominação, reproduzindo a ordem social que favorece indivíduos e grupos dominantes.O corpus desta pesquisa é composto de três amostras colhidas entre 15/07/2009 e 05/01/2010 correspondentes a uma discussão iniciada em comunidade relacionada a assuntos literários. A AMOSTRA 1 refere-se ao tópico Leitura difícil é sinal de qualidade?, da comunidade Literatura; a AMOSTRA 2, se refere ao tópico Qualidade do texto literário, da comunidade Discutindo... literatura e, por fim, a AMOSTRA 3 representa o tópico O que é um bom texto literário para você, também da comunidade Literatura. Cada discussão possui congruências e divergências quanto às representações sobre literatura e essas foram também analisadas. Não obstante, o que nos interessa é perceber como as ideologias perpassam seus discursos de acordo com os valores que os internautas atribuem a aspectos do texto literário. Foram escolhidos fóruns de discussão online do Orkut porque as interações em redes sociais constituem elemento novo das práticas sociais e, portanto, relevantes pontos de apoio para a investigação da criação de sentidos sobre o conceito de boa literatura. Investigar como a literatura, objeto de estudo acadêmico, é analisada em tais espaços cibernéticos é instigante, por não ser usual. Os resultados obtidos nessa pesquisa sugerem que o internauta reproduz o discurso acadêmico hegemônico acerca da qualidade literária ao debater a qualidade intrínseca do texto literário com a ressalva de manifestar seu contentamento ou descontentamento acerca de determinados textos literários e escritores, dado novo que revela uma característica deste espaço não institucional de discussão, em que os internautas se sentem à vontade para manifestar sua opinião

Polityka ochrony cyberprzestrzeni RP

Celem niniejszego opracowania jest analiza założeń polityki ochrony cyberprzestrzeni RP zaprezentowanych w dokumencie zatytułowanym Polityka ochrony cyberprzestrzeni Rzeczypospolitej Polskiej, zaprezentowanym w 2013 r. przez Ministerstwo Administracji i Cyfryzacji i Agencję Bezpieczeństwa Wewnętrznego. Artykuł poddaje analizie postulaty i wytyczne tam zamieszczone, jak również konfrontuje te założenia z elementami systemu ochrony cyberprzestrzeni RP. Zgodzić należy się z twórcami tej strategii, iż zapewnienie stanu pełnego bezpieczeństwa teleinformatycznego, jest niemożliwe. Można mówić jedynie osiągnięciu pewnego, akceptowalnego jego poziomu. Wydaje się, że do osiągnięcia tego celu, powinna w znaczącym stopniu przyczynić się realizacja priorytetów polityki ochrony cyberprzestrzeni RP, a wśród nich w szczególności określenie kompetencji podmiotów odpowiedzialnych za bezpieczeństwo cyberprzestrzeni, stworzenie i realizacja spójnego dla wszystkich podmiotów administracji rządowej systemu zarządzania bezpieczeństwem cyberprzestrzeni oraz ustanowienie wytycznych w tym zakresie dla podmiotów niepublicznych, stworzenie trwałego systemu koordynacji i wymiany informacji pomiędzy podmiotami odpowiedzialnymi za bezpieczeństwo cyberprzestrzeni i użytkownikami cyberprzestrzeni, zwiększenie świadomości użytkowników cyberprzestrzeni w zakresie metod i środków bezpieczeństwa.

Wireless and Physical Security via Embedded Sensor Networks

Wireless Intrusion Detection Systems (WIDS) monitor 802.11 wireless frames (Layer-2) in an attempt to detect misuse. What distinguishes a WIDS from a traditional Network IDS is the ability to utilize the broadcast nature of the medium to reconstruct the physical location of the offending party, as opposed to its possibly spoofed (MAC addresses) identity in cyber space. Traditional Wireless Network Security Systems are still heavily anchored in the digital plane of "cyber space" and hence cannot be used reliably or effectively to derive the physical identity of an intruder in order to prevent further malicious wireless broadcasts, for example by escorting an intruder off the premises based on physical evidence. In this paper, we argue that Embedded Sensor Networks could be used effectively to bridge the gap between digital and physical security planes, and thus could be leveraged to provide reciprocal benefit to surveillance and security tasks on both planes. Toward that end, we present our recent experience integrating wireless networking security services into the SNBENCH (Sensor Network workBench). The SNBENCH provides an extensible framework that enables the rapid development and automated deployment of Sensor Network applications on a shared, embedded sensing and actuation infrastructure. The SNBENCH's extensible architecture allows an engineer to quickly integrate new sensing and response capabilities into the SNBENCH framework, while high-level languages and compilers allow novice SN programmers to compose SN service logic, unaware of the lower-level implementation details of tools on which their services rely. In this paper we convey the simplicity of the service composition through concrete examples that illustrate the power and potential of Wireless Security Services that span both the physical and digital plane.

Cibercrimen y ciberterrorismo : ¿exageración mediática o realidad?

La expansión de las tecnologías de la información y las comunicaciones (TIC) ha traído muchas ventajas, pero también algunos peligros. Son frecuentes hoy en día las noticias sobre delitos relacionados con las TIC. Se usa a menudo el término cibercrimen y el de ciberterrorismo pero, ¿realmente son una amenaza para la sociedad?. Este trabajo realiza un análisis del cibercrimen y el ciberterrorismo. Para ello se hace un estudio en profundidad desde distintos puntos de vista. En primer lugar se analizan varios aspectos básicos de la materia: el contexto en el que se desarrollan estas actividades, el ciberespacio y sus características, las ventajas que tiene el cibercrimen respecto a la delincuencia tradicional, características y ejemplos de ciberterrorismo y la importancia de la protección de las infraestructuras críticas. Luego se realiza un estudio del mundo del cibercrimen, en el cual se muestran los distintos tipos de cibercriminales, los actos delictivos, herramientas y técnicas más habituales usadas por el cibercrimen, la web profunda y la criptomoneda; se indican asimismo varios de los grupos criminales más conocidos y algunas de sus acciones, y se realiza un estudio de las consecuencias económicas del cibercrimen. Finalmente se hace un repaso a los medios legales que distintos países y organizaciones han establecido para combatir estos hechos delictivos. Para ello se analizan estrategias de seguridad de distinto tipo aprobadas en multitud de países de todo el mundo y los grupos operativos de respuesta (tanto los de tipo policial como los CSIRT/CERT), además de la legislación publicada para poder perseguir el cibercrimen y el ciberterrorismo, con especial atención a la legislación española. De esta manera, tras la lectura de este Proyecto se puede tener una visión global completa del mundo de la ciberdelincuencia y el ciberterrorismo. ABSTRACT. The expansion of Information and Communications Technology (ITC) has brought many benefits, but also some dangers. It is very usual nowadays to see news about ITC-related crimes. Terms like cyber crime and cyber terrorism are usually used but, are they really a big threat for our society?. This work analyzes cyber crime and cyber terrorism. To achieve it, a deep research under different points of view is made. First, basic aspects of the topic are analyzed: the context where these activities are carried out, cyber space and its features, benefits for cyber criminals with respect to traditional crime, characteristics and relevant examples of cyber terrorism, and importance of critical infrastructures protection. Then, a study about the world of cyber crime is made, analyzing the typology of different kinds of cyber criminals, the most common criminal acts, tools and techniques used by cyber crime, and the deep web and cryptocurrency. Some of the most known criminal groups and their activities are also explored, and the economic consequences of cyber crime are assessed. Finally, there is a review of the legal means used by countries and organizations to fight against these unlawful acts; this includes the analysis of several types of security strategies approved by countries all around the world, operational response groups (including law enforcement and CSIRT/CERT) and legislation to fight cyber crime and cyber terrorism, with special emphasis on Spanish legal rules. This way, a global, complete view of the world around cyber crime and cyber terrorism can be obtained after reading this work.

Autonomous classification models in ubiquitous environments

Stream-mining approach is defined as a set of cutting-edge techniques designed to process streams of data in real time, in order to extract knowledge. In the particular case of classification, stream-mining has to adapt its behaviour to the volatile underlying data distributions, what has been called concept drift. Moreover, it is important to note that concept drift may lead to situations where predictive models become invalid and have therefore to be updated to represent the actual concepts that data poses. In this context, there is a specific type of concept drift, known as recurrent concept drift, where the concepts represented by data have already appeared in the past. In those cases the learning process could be saved or at least minimized by applying a previously trained model. This could be extremely useful in ubiquitous environments that are characterized by the existence of resource constrained devices. To deal with the aforementioned scenario, meta-models can be used in the process of enhancing the drift detection mechanisms used by data stream algorithms, by representing and predicting when the change will occur. There are some real-world situations where a concept reappears, as in the case of intrusion detection systems (IDS), where the same incidents or an adaptation of them usually reappear over time. In these environments the early prediction of drift by means of a better knowledge of past models can help to anticipate to the change, thus improving efficiency of the model regarding the training instances needed. By means of using meta-models as a recurrent drift detection mechanism, the ability to share concepts representations among different data mining processes is open. That kind of exchanges could improve the accuracy of the resultant local model as such model may benefit from patterns similar to the local concept that were observed in other scenarios, but not yet locally. This would also improve the efficiency of training instances used during the classification process, as long as the exchange of models would aid in the application of already trained recurrent models, that have been previously seen by any of the collaborative devices. Which it is to say that the scope of recurrence detection and representation is broaden. In fact the detection, representation and exchange of concept drift patterns would be extremely useful for the law enforcement activities fighting against cyber crime. Being the information exchange one of the main pillars of cooperation, national units would benefit from the experience and knowledge gained by third parties. Moreover, in the specific scope of critical infrastructures protection it is crucial to count with information exchange mechanisms, both from a strategical and technical scope. The exchange of concept drift detection schemes in cyber security environments would aid in the process of preventing, detecting and effectively responding to threads in cyber space. Furthermore, as a complement of meta-models, a mechanism to assess the similarity between classification models is also needed when dealing with recurrent concepts. In this context, when reusing a previously trained model a rough comparison between concepts is usually made, applying boolean logic. The introduction of fuzzy logic comparisons between models could lead to a better efficient reuse of previously seen concepts, by applying not just equal models, but also similar ones. This work faces the aforementioned open issues by means of: the MMPRec system, that integrates a meta-model mechanism and a fuzzy similarity function; a collaborative environment to share meta-models between different devices; a recurrent drift generator that allows to test the usefulness of recurrent drift systems, as it is the case of MMPRec. Moreover, this thesis presents an experimental validation of the proposed contributions using synthetic and real datasets.

3D information visualisation: An historical perspective

The use of 3D visualisation of digital information is a recent phenomenon. It relies on users understanding 3D perspectival spaces. Questions about the universal access of such spaces has been debated since its inception in the European Renaissance. Perspective has since become a strong cultural influence in Western visual communication. Perspective imaging assists the process of experimenting by the sketching or modelling of ideas. In particular, the recent 3D modelling of an essentially non-dimensional Cyber-space raises questions of how we think about information in general. While alternate methods clearly exist they are rarely explored within the 3D paradigm (such as Chinese isometry). This paper seeks to generate further discussion on the historical background of perspective and its role in underpinning this emergent field. © 2005 IEEE.

COMUNIDADE VIRTUAL E COMUNICAÇÃO: O site da Igreja Adventista do Sétimo Dia

O desenvolvimento das novas tecnologias de comunicação e informação não representa apenas uma nova forma de transmitir conteúdos informacionais às pessoas. Ao se refletir nas novas possibilidades de atuação à distância, permitida pela mídia interativa on-line, percebese uma mudança significativa na postura comportamental das pessoas em suas interações nas relações sociais básicas. Há uma transformação ocorrendo no conceito de comunidade, visto que as novas e emergentes formas de comunicação, próprias do atual cenário tecnológico, passam a coabitar com as formas tradicionais de comunidade. Esta metamorfose seria produto de uma tentativa de agregação das práticas sociais realizadas nas comunidades reais dentro de um espaço virtual. Surgem assim as chamadas comunidades virtuais, que carregam consigo uma nova dinâmica de atuação a distância disjunta de contextos sociais imediatos. Através da metodologia de estudo de caso, buscou-se conhecer como as coabitações de formas tradicionais e emergent es de comunidades estão convivendo e interagindo. Além disso, procurou-se conhecer quais são os resultados obtidos das trocas informacionais e relacionais ocorridas no ciberespaço. A investigação se deu a partir do estudo de caso de um site da Igreja Adventista do Sétimo Dia, no qual foram utilizadas entrevistas, observação direta e observação participativa como fontes de evidência. Os resultados obtidos da investigação sugerem que o indivíduo corpóreo deseja viver dentro de uma nova ambiência regida pela fluidez digital, pois esta se apresenta como um meio no qual as trocas informacionais se dão de forma efetiva e responsiva, ao mesmo tempo em que relacionamentos sociais podem ser engendrados, confirmados e mantidos.(AU)

Cuba’s Role in Venezuela’s Control of the Internet and Online Social Networks

The arrival of Cuba’s Information Technology (IT) and Communications Minister Ramiro Valdés to Venezuela in the Spring of 2010 to serve as a ‘consultant’ to the Venezuelan government awakened a new reality in that country. Rampant with deep economic troubles, escalating crime, a murder rate that has doubled since Chávez took over in 1999, and an opposition movement led by university students and other activists who use the Internet as their primary weapon, Venezuela has resorted to Cuba for help. In a country where in large part traditional media outlets have been censored or are government-controlled, the Internet and its online social networks have become the place to obtain, as well as disseminate, unfiltered information. As such, Internet growth and use of its social networks has skyrocketed in Venezuela, making it one of Latin America’s highest Web users. Because of its increased use to spark political debate among Venezuelans and publish information that differs with the official government line, Chávez has embarked on an initiative to bring the Internet to the poor and others who would otherwise not have access, by establishing government-sponsored Internet Info Centers throughout the country, to disseminate information to his followers. With the help of Cuban advisors, who for years have been a part of Venezuela’s defense, education, and health care initiatives, Chávez has apparently taken to adapting Cuba’s methodology for the control of information. He has begun to take special steps toward also controlling the type of information flowing through the country’s online social networks, considering the implementation of a government-controlled single Internet access point in Venezuela. Simultaneously, in adapting to Venezuela’s Internet reality, Chávez has engaged online by creating his own Twitter account in an attempt to influence public opinion, primarily of those who browse the Web. With a rapidly growing following that may soon reach one million subscribers, Chávez claims to have set up his own online trench to wage cyber space battle.

La Ciberseguridad como factor crítico en la Seguridad de la Unión Europea

El ciberespacio es un escenario de conflicto altamente complejo al estar en constante evolución. Ni la Unión Europea ni ningún otro actor del sistema internacional se encuentra a salvo de las amenazas procedentes del ciberespacio. Pero los pasos dados desde la UE en el mundo de la ciberseguridad no son en absoluto suficientes. Europa necesita que su Estrategia de ciberseguridad sea realmente capaz de integrar a las diferentes Estrategias nacionales. Es urgente una mayor determinación, unos mayores recursos y unos mejores instrumentos que permitan a la Unión implementar una gestión de crisis y una prevención de ciberconflictos verdaderamente eficaz.