Information Security Commons^™

Insider Threat Mitigation Models Based On Thresholds And Dependencies, Harini Ragavan

Graduate Theses and Dissertations

Insider threat causes great damage to data in any organization and is considered a serious issue. In spite of the presence of threat prevention mechanisms, sophisticated insiders still continue to attack a database with new techniques. One such technique which remains an advantage for insiders to attack databases is the dependency relationship among data items. This thesis investigates the ways by which an authorized insider detects dependencies in order to perform malicious write operations. The goal is to monitor malicious write operations performed by an insider by taking advantage of dependencies. A term called `threshold' is associated with every data …

Stochastic Analysis Of Horizontal Ip Scanning, Derek Leonard, Zhongmei Yao, Xiaoming Wang, Dmitri Loguinov

Computer Science Faculty Publications

Intrusion Detection Systems (IDS) have become ubiquitous in the defense against virus outbreaks, malicious exploits of OS vulnerabilities, and botnet proliferation. As attackers frequently rely on host scanning for reconnaissance leading to penetration, IDS is often tasked with detecting scans and preventing them. However, it is currently unknown how likely an IDS is to detect a given Internet-wide scan pattern and whether there exist sufficiently fast scan techniques that can remain virtually undetectable at large-scale. To address these questions, we propose a simple analytical model for the window-expiration rules of popular IDS tools (i.e., Snort and Bro) and utilize a …

An Iterative Association Rule Mining Framework To K-Anonymize A Dataset, Michael Hayes, Miriam A M Capretz, Jefferey Reed, Cheryl Forchuk

Electrical and Computer Engineering Publications

Preserving and maintaining client privacy and anonymity is of utmost importance in any domain and specially so in healthcare, as loss of either of these can result in legal and ethical implications. Further, it is sometimes important to extract meaningful and useful information from existing data for research or management purposes. In this case it is necessary for the organization who manages the dataset to be certain that no attributes can identify individuals or group of individuals. This paper proposes an extendable and generalized framework to anonymize a dataset using an iterative association rule mining approach. The proposed framework also …

Privacy-Preserving Data Sharing In High Dimensional Regression And Classification Settings, Stephen E. Fienberg, Jiashun Jin

LARC Research Publications

We focus on the problem of multi-party data sharing in high dimensional data settings where the number of measured features (or the dimension) p is frequently much larger than the number of subjects (or the sample size) n, the so-called p>> n scenario that has been the focus of much recent statistical research. Here, we consider data sharing for two interconnected problems in high dimensional data analysis, namely the feature selection and classification. We characterize the notions of “cautious", “regular", and “generous" data sharing in terms of their privacy-preserving implications for the parties and their share of data, with focus …

Crisis Response Information Networks, Shan L. Pan, Gary Pan, Dorothy Leidner

Research Collection School Of Accountancy

In the past two decades, organizational scholars have focused significant attention on how organizations manage crises. While most of these studies concentrate on crisis prevention, there is a growing emphasis on crisis response. Because information that is critical to crisis response may become outdated as crisis conditions change, crisis response research recognizes that the management of information flows and networks is critical to crisis response. Yet despite its importance, little is known about the various types of crisis information networks and the role of IT in enabling these information networks. Employing concepts from information flow and social network theories, this …

Warcreate - Create Wayback-Consumable Warc Files From Any Webpage, Mat Kelly, Michele C. Weigle, Michael L. Nelson

Computer Science Faculty Publications

[First Slide]

What is WARCreate?

• Google Chrome extension
• Creates WARC files
• Enables preservation by users from their browser
• First steps in bringing Institutional Archiving facilities to the PC

Understanding And Protecting Privacy: Formal Semantics And Principled Audit Mechanisms, Anupam Datta, Jeremiah Blocki, Nicolas Christin, Henry Deyoung, Deepak Garg, Limin Jia, Dilsun Kaynar, Arunesh Sinha

Research Collection School Of Computing and Information Systems

Privacy has become a significant concern in modern society as personal information about individuals is increasingly collected, used, and shared, often using digital technologies, by a wide range of organizations. Certain information handling practices of organizations that monitor individuals’ activities on the Web, data aggregation companies that compile massive databases of personal information, cell phone companies that collect and use location data about individuals, online social networks and search engines—while enabling useful services—have aroused much indignation and protest in the name of privacy. Similarly, as healthcare organizations are embracing electronic health record systems and patient portals to enable patients, employees, …

Privacy Beyond Single Sensitive Attribute, Yuan Fang, Mafruz Zaman Ashrafi, See Kiong Ng

Research Collection School Of Computing and Information Systems

Publishing individual specific microdata has serious privacy implications. The k-anonymity model has been proposed to prevent identity disclosure from microdata, and the work on ℓ-diversity and t-closeness attempt to address attribute disclosure. However, most current work only deal with publishing microdata with a single sensitive attribute (SA), whereas real life scenarios often involve microdata with multiple SAs that may be multi-valued. This paper explores the issue of attribute disclosure in such scenarios. We propose a method called CODIP (Complete Disjoint Projections) that outlines a general solution to deal with the shortcomings in a naïve approach. We also introduce two measures, …

Network Security: Privacy-Preserving Data Publication: A Review On “Updates” In Continuous Data Publication, Adeel Anjum, Guillaume Raschia

International Conference on Information and Communication Technologies

Preserving the privacy of individuals while publishing their relevant data has been an important problem. Most of previous works in privacy preserving data publication focus on one time, static release of datasets. In multiple publications however, where data is published multiple times, these techniques are unable to ensure privacy of the concerned individuals as just joining either of the releases could result in identity disclosure. In this work, we tried to investigate the major findings in the scenario of continuous data publication, in which the data is not only published multiple times but also modified with INSERTS, UPDATES and DELETE …

Automatic Content Generation For Video Self Modeling, Ju Shen, Anusha Raghunathan, Sen-Ching S. Cheung, Ravi R. Patel

Computer Science Faculty Publications

Video self modeling (VSM) is a behavioral intervention technique in which a learner models a target behavior by watching a video of him or herself. Its effectiveness in rehabilitation and education has been repeatedly demonstrated but technical challenges remain in creating video contents that depict previously unseen behaviors. In this paper, we propose a novel system that re-renders new talking-head sequences suitable to be used for VSM treatment of patients with voice disorder. After the raw footage is captured, a new speech track is either synthesized using text-to-speech or selected based on voice similarity from a database of clean speeches. …

Fraud Detection In Online Consumer Reviews, Nan Hu, Ling Liu, Vallabh Sambamurthy

Research Collection School Of Computing and Information Systems

Increasingly, consumers depend on social information channels, such as user-posted online reviews, to make purchase decisions. These reviews are assumed to be unbiased reflections of other consumers' experiences with the products or services. While extensively assumed, the literature has not tested the existence or non-existence of review manipulation. By using data from Amazon and Barnes & Noble, our study investigates if vendors, publishers, and writers consistently manipulate online consumer reviews. We document the existence of online review manipulation and show that the manipulation strategy of firms seems to be a monotonically decreasing function of the product's true quality or the …

Fraud Detection In Online Consumer Reviews, Nan Hu, Ling Liu, Vallbh Sambamurthy

Research Collection School Of Computing and Information Systems

Increasingly, consumers depend on social information channels, such as user-posted online reviews, to make purchase decisions. These reviews are assumed to be unbiased reflections of other consumers' experiences with the products or services. While extensively assumed, the literature has not tested the existence or non-existence of review manipulation. By using data from Amazon and Barnes & Noble, our study investigates if vendors, publishers, and writers consistently manipulate online consumer reviews. We document the existence of online review manipulation and show that the manipulation strategy of firms seems to be a monotonically decreasing function of the product's true quality or the …

Efficient Strong Designated Verifier Signature Schemes Without Random Oracle Or With Non-Delegatability, Qiong Huang, Guomin Yang, Duncan S. Wong, Willy Susilo

Research Collection School Of Computing and Information Systems

Designated verifier signature (DVS) allows a signer to convince a designated verifier that a signature is generated by the signer without letting the verifier transfer the conviction to others, while the public can still tell that the signature must be generated by one of them. Strong DVS (SDVS) strengthens the latter part by restricting the public from telling whether the signature is generated by one of them or by someone else. In this paper, we propose two new SDVS schemes. Compared with existing SDVS schemes, the first new scheme has almost the same signature size and meanwhile, is proven secure …

When Machines Are Watching: How Warrantless Use Of Gps Surveillance Technology Violates The Fourth Amendment Right Against Unreasonable Searches, David Thaw, Priscilla Smith, Nabiha Syed, Albert Wong

Articles

Federal and state law enforcement officials throughout the nation are currently using Global Positioning System (GPS) technology for automated, prolonged surveillance without obtaining warrants. As a result, cases are proliferating in which criminal defendants are challenging law enforcement’s warrantless uses of GPS surveillance technology, and courts are looking for direction from the Supreme Court. Most recently, a split has emerged between the Ninth and D.C. Circuit Courts of Appeal on the issue. In United States v. Pineda-Moreno, the Ninth Circuit relied on United States v. Knotts — which approved the limited use of beeper technology without a warrant — to …

Identity-Based Strong Designated Verifier Signature Revisited, Qiong Huang, Guomin Yang, Duncan S. Wong, Willy Susilo

Research Collection School Of Computing and Information Systems

Designated verifier signature (DVS) allows the signer to persuade a verifier the validity of a statement but prevent the verifier from transferring the conviction. Strong designated verifier signature (SDVS) is a variant of DVS, which only allows the verifier to privately check the validity of the signer’s signature. In this work we observe that the unforgeability model considered in the existing identity-based SDVS schemes is not strong enough to capture practical attacks, and propose to consider another model which is shown to be strictly stronger than the old one. We then propose a new efficient construction of identity-based SDVS scheme, …

A Multi-User Steganographic File System On Untrusted Shared Storage, Jin Han, Meng Pan, Debin Gao, Hwee Hwa Pang

Research Collection School Of Computing and Information Systems

Existing steganographic file systems enable a user to hide the existence of his secret data by claiming that they are (static) dummy data created during disk initialization. Such a claim is plausible if the adversary only sees the disk content at the point of attack. In a multi-user computing environment that employs untrusted shared storage, however, the adversary could have taken multiple snapshots of the disk content over time. Since the dummy data are static, the differences across snapshots thus disclose the locations of user data, and could even reveal the user passwords. In this paper, we introduce a Dummy-Relocatable …

Information Leakage Through Online Social Networking: Opening The Doorway For Advanced Persistence Threats, Nurul Nuha Abdul Molok, Shanton Chang, Atif Ahmad

Australian Information Security Management Conference

The explosion of online social networking (OSN) in recent years has caused damages to organisations due to leakage of information by their employees. Employees’ social networking behaviour, whether accidental or intentional, provides an opportunity for advanced persistent threats (APT) attackers to realise their social engineering techniques and undetectable zero-day exploits. APT attackers use a spear-phishing method that targeted on key employees of victim organisations through social media in order to conduct reconnaissance and theft of confidential proprietary information. This conceptual paper posits OSN as the most challenging channel of information leakage and provides an explanation about the underlying factors of …

Program Transformations For Information Personalization, Saverio Perugini, Naren Ramakrishnan

Computer Science Faculty Publications

Personalization constitutes the mechanisms necessary to automatically customize information content, structure, and presentation to the end user to reduce information overload. Unlike traditional approaches to personalization, the central theme of our approach is to model a website as a program and conduct website transformation for personalization by program transformation (e.g., partial evaluation, program slicing). The goal of this paper is study personalization through a program transformation lens and develop a formal model, based on program transformations, for personalized interaction with hierarchical hypermedia. The specific research issues addressed involve identifying and developing program representations and transformations suitable for classes of hierarchical …

Embellishing Text Search Queries To Protect User Privacy, Hwee Hwa Pang, Xuhua Ding, Xiaokui Xiao

Research Collection School Of Computing and Information Systems

Users of text search engines are increasingly wary that their activities may disclose confidential information about their business or personal profiles. It would be desirable for a search engine to perform document retrieval for users while protecting their intent. In this paper, we identify the privacy risks arising from semantically related search terms within a query, and from recurring highspecificity query terms in a search session. To counter the risks, we propose a solution for a similarity text retrieval system to offer anonymity and plausible deniability for the query terms, and hence the user intent, without degrading the system’s precision-recall …

Learning User Profiles For Personalized Information Dissemination, Ah-Hwee Tan, Christine Teo

Research Collection School Of Computing and Information Systems

Personalized information systems represent the recent effort of delivering information to users more effectively in the modern electronic age. This paper illustrates how a supervised Adaptive Resonance Theory (ART) system, known as fuzzy ARAM, can be used to learn user profiles for personalized information dissemination. ARAM learning is on-line, fast, and incremental. Acquisition of new knowledge does not require re-training on previously learned cases. ARAM integrates both user-defined and system-learned knowledge in a single framework. Therefore inconsistency between the two knowledge sources will not arise. ARAM has been used to develop a personalized news system known as PIN. Preliminary experiments …

Personalization By Website Transformation: Theory And Practice, Saverio Perugini

Computer Science Faculty Publications

We present an analysis of a progressive series of out-of-turn transformations on a hierarchical website to personalize a user’s interaction with the site. We formalize the transformation in graph-theoretic terms and describe a toolkit we built that enumerates all of the traversals enabled by every possible complete series of these transformations in any site and computes a variety of metrics while simulating each traversal therein to qualify the relationship between a site’s structure and the cumulative effect of support for the transformation in a site. We employed this toolkit in two websites. The results indicate that the transformation enables users …

Multi-Objective Constraint Satisfaction For Mobile Robot Area Defense, Kenneth W. Mayo

Theses and Dissertations

In developing multi-robot cooperative systems, there are often competing objectives that need to be met. For example in automating area defense systems, multiple robots must work together to explore the entire area, and maintain consistent communications to alert the other agents and ensure trust in the system. This research presents an algorithm that tasks robots to meet the two specific goals of exploration and communication maintenance in an uncoordinated environment reducing the need for a user to pre-balance the objectives. This multi-objective problem is defined as a constraint satisfaction problem solved using the Non-dominated Sorting Genetic Algorithm II (NSGA-II). Both …

Cyber Attacks: Does Physical Boundary Matter?, Qiu-Hong Wang, Seung-Hyun Kim

Research Collection School Of Computing and Information Systems

Information security issues are characterized with interdependence. Particularly, cyber criminals can easily cross national boundaries and exploit jurisdictional limitations between countries. Thus, whether cyber attacks are spatially autocorrelated is a strategic issue for government authorities and a tactic issue for insurance companies. Through an empirical study of cyber attacks across 62 countries during the period 2003-2007, we find little evidence on the spatial autocorrelation of cyber attacks at any week. However, after considering economic opportunity, IT infrastructure, international collaboration in enforcement and conventional crimes, we find strong evidence that cyber attacks were indeed spatially autocorrelated as they moved over time. …

Wake Up Or Fall Asleep: Value Implication Of Trusted Computing, Nan Hu, Jianhui Huang, Ling Liu, Yingjiu Li, Dan Ma

Research Collection School Of Computing and Information Systems

More than 10 years have passed since trusted computing (TC) technology was introduced to the market; however, there is still no consensus about its value. The increasing importance of user and enterprise security and the security promised by TC, coupled with the increasing tension between the proponents and the opponents of TC, make it timely to investigate the value relevance of TC in terms of both capital market and accounting performance. Based on both price and volume studies, we found that news releases related to the adoption of the TC technology had no information content. All investors, regardless of whether …

Ensemble And Individual Noise Reduction Method For Induction-Motor Signature Analysis, Zhaoxia Wang, C.S. Chang, Tw Chua, W.W Tan

Research Collection School Of Computing and Information Systems

Unlike a fixed-frequency power supply, the voltagesupplying an inverter-fed motor is heavily corrupted by noises,which are produced from high-frequency switching leading tonoisy stator currents. To extract useful information from statorcurrentmeasurements, a theoretically sound and robust denoisingmethod is required. The effective filtering of these noisesis difficult with certain frequency-domain techniques, such asFourier transform or Wavelet analysis, because some noises havefrequencies overlapping with those of the actual signals, andsome have high noise-to-frequency ratios. In order to analyze thestatistical signatures of different types of signals, a certainnumber is required of the individual signals to be de-noisedwithout sacrificing the individual characteristic and quantity ofthe …

Robust Lifetime Measurement In Large-Scale P2p Systems With Non-Stationary Arrivals, Xiaoming Wang, Zhongmei Yao, Yueping Zhang, Dmitri Loguinov

Computer Science Faculty Publications

Characterizing user churn has become an important topic in studying P2P networks, both in theoretical analysis and system design. Recent work has shown that direct sampling of user lifetimes may lead to certain bias (arising from missed peers and round-off inconsistencies) and proposed a technique that estimates lifetimes based on sampled residuals. In this paper, however, we show that under non-stationary arrivals, which are often present in real systems, residual-based sampling does not correctly reconstruct user lifetimes and suffers a varying degree of bias, which in some cases makes estimation completely impossible. We overcome this problem using two contributions: a …

Wireless Networks: Spert: A Stateless Protocol For Energy-Sensitive Real-Time Routing For Wireless Sensor Network, Sohail Jabbar, Abid Ali Minhas, Raja Adeel Akhtar

International Conference on Information and Communication Technologies

Putting constraints on performance of a system in the temporal domain, some times turns right into wrong and update into outdate. These are the scenarios where apposite value of time inveterate in the reality. But such timing precision not only requires tightly scheduled performance constraints but also requires optimal design and operation of all system components. Any malfunctioning at any relevant aspect may causes a serious disaster and even loss of human lives. Managing and interacting with such real-time system becomes much intricate when the resources are limited as in wireless sensor nodes. A wireless sensor node is typically comprises …

Networks - Ii: Overhead Analysis Of Security Implementation Using Ipsec, Muhammad Awais Azam, Zaka -Ul- Mustafa, Usman Tahir, S. M. Ahsan, Muhammad Adnan Naseem, Imran Rashid, Muhammad Adeel

International Conference on Information and Communication Technologies

Authentication, access control, encryption and auditing make up the essential elements of network security. Researchers have dedicated a large amount of efforts to implement security features that fully incorporate the use of all these elements. Currently, data networks mainly provide authentication and confidentiality services. Confidentiality alone is not able to protect the system, thus, suitable security measures must be taken. However, this security is itself an overhead which must be accounted for. A trade-off must exist between performance and security. This trade-off must be carefully managed so as not to deteriorate the systems being secured. This calls for the true …

Cyber Attacks: Cross-Country Interdependence And Enforcement, Qiu-Hong Wang, Seung Hyun Kim

Research Collection School Of Computing and Information Systems

This study empirically characterizes the interdependence in cyber attacks and examines theimpact from the first international treaty against cybercrimes (Convention on Cybercrimes:Europe Treaty Series No. 185). With the data covering 62 countries over the period from year2003 to 2007, we find that, international cooperation in enforcement as measured by theindicator of joining the Convention on Cybercrimes, deterred cyber attacks originating from anyparticular country by 15.81% ~ 24.77% (in 95% confidence interval). Second, joining theConvention also affected the interdependence in cyber attacks from two angels. First, for anypair of country, closer status in joining or not joining the Convention was associated …

Mitigating Insider Sabotage And Espionage: A Review Of The United States Air Force's Current Posture, Erika C. Leach

Theses and Dissertations

The security threat from malicious insiders affects all organizations. Mitigating this problem is quite difficult due to the fact that (1) there is no definitive profile for malicious insiders, (2) organizations have placed trust in these individuals, and (3) insiders have a vast knowledge of their organization’s personnel, security policies, and information systems. The purpose of this research is to analyze to what extent the United States Air Force (USAF) security policies address the insider threat problem. The policies are reviewed in terms of how well they align with best practices published by the Carnegie Mellon University Computer Emergency Readiness …