+ All Categories
Home > Documents > Filtering, Fusion and Dynamic Information Presentation: Towards a General Information Firewall...

Filtering, Fusion and Dynamic Information Presentation: Towards a General Information Firewall...

Date post: 17-Jan-2016
Category:
Upload: linette-french
View: 216 times
Download: 0 times
Share this document with a friend
22
Filtering, Fusion and Dynamic Information Presentation: Towards a General Information Firewall Gregory Conti College of Computing Georgia Institute of Technology United States Military Academy http://www.sharky.tv/
Transcript
  • Filtering, Fusion and Dynamic Information Presentation: Towards a General Information Firewall

    Gregory Conti College of Computing Georgia Institute of TechnologyUnited States Military Academy

    http://www.sharky.tv/

  • Denial of Information Attacks:

    Intentional Attacks that overwhelm the human or otherwise alter their decision makinghttp://circadianshift.net/images/Virginia_Tech_1920s_NS5423_Y_small.jpg

  • The Problem of Information GrowthThe surface WWW contains ~170TB (17xLOC) IM generates five billion messages a day (750GB), or 274 terabytes a year. Email generates about 400,000 TB/year. P2P file exchange on the Internet is growing rapidly. The largest files exchanged are video files larger than 100 MB, but the most frequently exchanged files contain music (MP3 files).

    http://www.sims.berkeley.edu/research/projects/how-much-info-2003/

  • Defense Taxonomy (Big Picture)Microsoft, AOL, Earthlink and Yahoo file 6 antispam lawsuits (Mar 04)Federal Can Spam Legislation (Jan 04)California Business and Professions Code, prohibits the sending of unsolicited commercial email (September 98)http://www.metroactive.com/papers/metro/12.04.03/booher-0349.htmlFirst Spam Conference (Jan 03)

    Legal

    Lawsuits

    New Laws

    Regulatory

    Government Regulation

    Moral

    PR Campaign

    Code of Ethics

    Cultural

    Communities

    Organizational

    Topical counter-DoI groups

    Financial

    Increasing cost of DoI operations

    Violence

    Violence against DoI perpetrators

    Technology

    (see next slide)

  • Defense Taxonomy (Big Picture)Microsoft, AOL, Earthlink and Yahoo file 6 antispam lawsuits (Mar 04)Federal Can Spam Legislation (Jan 04)California Business and Professions Code, prohibits the sending of unsolicited commercial email (September 98)http://www.metroactive.com/papers/metro/12.04.03/booher-0349.htmlFirst Spam Conference (Jan 03)

    Legal

    Lawsuits

    New Laws

    Regulatory

    Government Regulation

    Moral

    PR Campaign

    Code of Ethics

    Cultural

    Communities

    Organizational

    Topical counter-DoI groups

    Financial

    Increasing cost of DoI operations

    Violence

    Violence against DoI perpetrators

    Technology

    (see next slide)

  • Human ConsumerHuman ProducerCommunicationChannelConsumerNodeRAMHardDriveCPUProducerNodeSTMLTMCognitionConsumerProducerRAMHardDriveCPUSTMLTMCognitionVisionHearingSpeechMotorVisionHearingSpeechMotorSystem Model

  • Human ConsumerHuman ProducerCommunicationChannelConsumerNodeRAMHardDriveCPUProducerNodeSTMLTMCognitionConsumerProducerRAMHardDriveCPUSTMLTMCognitionVisionHearingSpeechMotorVisionHearingSpeechMotorvery small textexploit round off algorithmtrigger many alertsExampleDoI Attacksmisleadingadvertisementsspoof browser

  • Human ConsumerHuman ProducerCommunicationChannelConsumerNodeRAMHardDriveCPUProducerNodeSTMLTMCognitionConsumerProducerRAMHardDriveCPUSTMLTMCognitionVisionHearingSpeechMotorVisionHearingSpeechMotorTCP DampingUsableSecurityEliza Spam ResponderDecompression BombsExampleDoI DefensesComputationalPuzzle Solving

  • DoI Countermeasures in the Web Domain

  • TransformDatabaseContent Producer

    Transform Processing EngineOrganizationalWeb Serverview original documentInformation Firewallpublish contentsubmit suggestedtransformstore and retrieve transformsContent Consumerreceive original contentsubmit new or modifiedtransform submit feedbackon transformsearch for desiredtransformrequest transformedcontentreceive transformed contentrequest original content

  • parserdata sourcesinformation firewallfilteringfusionfilter all but headlinesrules enginetransformdatabaseanalyst viewsfilter all but todays weathertransform processing engine

  • Demo

  • For more information G. Conti, M. Ahamad and R. Norback; "Filtering, Fusion and Dynamic Information Presentation: Towards a General Information Firewall;" IEEE International Conference on Intelligence and Security Informatics (IEEE-ISI); May 2005. for extended version email me

    G. Conti and M. Ahamad; "A Taxonomy and Framework for Countering Denial of Information Attacks;" IEEE Security and Privacy. (to be published)email me

    G. Conti, M. Ahamad and J. Stasko; "Attacking Information Visualization System Usability: Overloading and Deceiving the Human;" Symposium on Usable Privacy and Security (SOUPS); July 2005. (accepted, to be published)

  • For more information Rennison, Earl. Galaxy of News: An Approach to Visualizing and Understanding Expansive News Landscapes. Proceedings of the 7th Annual ACM Symposium on User Interface Software and Technology, 1994, pp. 3 - 12.

    M. Ahamad, W. Lee, L. Liu, L. Mark, E. Omicienski, C. Pu and A. Dos Santos; Guarding the Next Internet Frontier: Countering Denial of Information Attacks; Proceedings of the New Security Paradigms Workshop; pp 136-143; September 2002.

  • Questions?Image: http://altura.speedera.net/ccimg.catalogcity.com/210000/211700/211780/Products/6203927.jpgGreg [email protected]/~conti

  • Backup Slides

  • GreaseMonkeyhttp://developers.slashdot.org/article.pl?sid=05/05/16/0052245&tid=95&tid=154&tid=156&tid=1

  • OrientObserveActDecideScan Subject Line

    SpamDelete

    Confirm DeletionSuccessful

    Not SpamNo ObservationNo Action

    OverheadNumber of Email x Time to Decide OverheadNumber of Spam x Time to Delete OverheadNumber of Spam x Time to Observe Total Overhead= (Number of Spam x (Time to Delete + Time to Observe))+(Number of Email X (Time to Decide + Time to Scan)) OverheadNumber of Email x Time to Scan

    overview of DoI problemattacking people through their computer systemmalicious visualizationsphoto from virginia tech circa 1920s

    contrast this with denial of service attacksunintentional attacks fall approach information overloadintentional attacks by active malicious entitites

    CategoriesIntentional vs. unintentional possibly self inflictedDatabase corruptionMisleading information, tricking users or protocolsToo much vs. wrong informationRestricted Information

    http://www.rdpslides.com/pptfaq/FAQ00170.htm

    Charles Booher, Nov 2003 arrested for spam ragehttp://www.rdpslides.com/pptfaq/FAQ00170.htm

    Charles Booher, Nov 2003 arrested for spam rageUseful to consider what solutions fall into which categories.Where is there room for future work.Useful to consider what solutions fall into which categories.Where is there room for future work.


Recommended