Pub Date : 2015-05-27DOI: 10.1109/ISI.2015.7165951
Huseyin Ulusoy, Murat Kantarcioglu, B. Thuraisingham, L. Khan
The data processing capabilities of MapReduce systems pioneered with the on-demand scalability of cloud computing have enabled the Big Data revolution. However, the data controllers/owners worried about the privacy and accountability impact of storing their data in the cloud infrastructures as the existing cloud computing solutions provide very limited control on the underlying systems. The intuitive approach - encrypting data before uploading to the cloud - is not applicable to MapReduce computation as the data analytics tasks are ad-hoc defined in the MapReduce environment using general programming languages (e.g, Java) and homomorphic encryption methods that can scale to big data do not exist. In this paper, we address the challenges of determining and detecting unauthorized access to data stored in MapReduce based cloud environments. To this end, we introduce alarm raising honeypots distributed over the data that are not accessed by the authorized MapReduce jobs, but only by the attackers and/or unauthorized users. Our analysis shows that unauthorized data accesses can be detected with reasonable performance in MapReduce based cloud environments.
{"title":"Honeypot based unauthorized data access detection in MapReduce systems","authors":"Huseyin Ulusoy, Murat Kantarcioglu, B. Thuraisingham, L. Khan","doi":"10.1109/ISI.2015.7165951","DOIUrl":"https://doi.org/10.1109/ISI.2015.7165951","url":null,"abstract":"The data processing capabilities of MapReduce systems pioneered with the on-demand scalability of cloud computing have enabled the Big Data revolution. However, the data controllers/owners worried about the privacy and accountability impact of storing their data in the cloud infrastructures as the existing cloud computing solutions provide very limited control on the underlying systems. The intuitive approach - encrypting data before uploading to the cloud - is not applicable to MapReduce computation as the data analytics tasks are ad-hoc defined in the MapReduce environment using general programming languages (e.g, Java) and homomorphic encryption methods that can scale to big data do not exist. In this paper, we address the challenges of determining and detecting unauthorized access to data stored in MapReduce based cloud environments. To this end, we introduce alarm raising honeypots distributed over the data that are not accessed by the authorized MapReduce jobs, but only by the attackers and/or unauthorized users. Our analysis shows that unauthorized data accesses can be detected with reasonable performance in MapReduce based cloud environments.","PeriodicalId":292352,"journal":{"name":"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127434443","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-27DOI: 10.1109/ISI.2015.7165963
Fangyue Chen, Yunke Wang, Heng Song, Xiangyang Li
This paper first reviews covert timing channels with network packet frequencies as information carriers. Then, based on the study of communication and statistical models, it proposes a method to detect an enhanced covert timing channel and its use of carrier frequencies. With the help of MATLAB for simulation, several experiments have been conducted for the verification of the proposed method.
{"title":"A statistical study of covert timing channels using network packet frequency","authors":"Fangyue Chen, Yunke Wang, Heng Song, Xiangyang Li","doi":"10.1109/ISI.2015.7165963","DOIUrl":"https://doi.org/10.1109/ISI.2015.7165963","url":null,"abstract":"This paper first reviews covert timing channels with network packet frequencies as information carriers. Then, based on the study of communication and statistical models, it proposes a method to detect an enhanced covert timing channel and its use of carrier frequencies. With the help of MATLAB for simulation, several experiments have been conducted for the verification of the proposed method.","PeriodicalId":292352,"journal":{"name":"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126135303","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-27DOI: 10.1109/ISI.2015.7165935
S. Samtani, Ryan Chinn, Hsinchun Chen
Many large companies today face the risk of data breaches via malicious software, compromising their business. These types of attacks are usually executed using hacker assets. Researching hacker assets within underground communities can help identify the tools which may be used in a cyberattack, provide knowledge on how to implement and use such assets and assist in organizing tools in a manner conducive to ethical reuse and education. This study aims to understand the functions and characteristics of assets in hacker forums by applying classification and topic modeling techniques. This research contributes to hacker literature by gaining a deeper understanding of hacker assets in well-known forums and organizing them in a fashion conducive to educational reuse. Additionally, companies can apply our framework to forums of their choosing to extract their assets and appropriate functions.
{"title":"Exploring hacker assets in underground forums","authors":"S. Samtani, Ryan Chinn, Hsinchun Chen","doi":"10.1109/ISI.2015.7165935","DOIUrl":"https://doi.org/10.1109/ISI.2015.7165935","url":null,"abstract":"Many large companies today face the risk of data breaches via malicious software, compromising their business. These types of attacks are usually executed using hacker assets. Researching hacker assets within underground communities can help identify the tools which may be used in a cyberattack, provide knowledge on how to implement and use such assets and assist in organizing tools in a manner conducive to ethical reuse and education. This study aims to understand the functions and characteristics of assets in hacker forums by applying classification and topic modeling techniques. This research contributes to hacker literature by gaining a deeper understanding of hacker assets in well-known forums and organizing them in a fashion conducive to educational reuse. Additionally, companies can apply our framework to forums of their choosing to extract their assets and appropriate functions.","PeriodicalId":292352,"journal":{"name":"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"92 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125534113","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-27DOI: 10.1109/ISI.2015.7165930
Q. Zheng, D. Skillicorn
The relationships within criminal groups are of qualitatively different kinds, and are typically not symmetric because of issues of power and influence. Social network analysis techniques have not been able to model this richness of relationships well. We develop a new technique for spectral embedding of directed graphs, and combine it with a recently developed technique for spectral embedding of graphs with typed edges. We use the combination to model two 'Ndrangheta organized crime groups, and show that structure that is otherwise not visible can be extracted.
{"title":"Analysis of criminal social networks with typed and directed edges","authors":"Q. Zheng, D. Skillicorn","doi":"10.1109/ISI.2015.7165930","DOIUrl":"https://doi.org/10.1109/ISI.2015.7165930","url":null,"abstract":"The relationships within criminal groups are of qualitatively different kinds, and are typically not symmetric because of issues of power and influence. Social network analysis techniques have not been able to model this richness of relationships well. We develop a new technique for spectral embedding of directed graphs, and combine it with a recently developed technique for spectral embedding of graphs with typed edges. We use the combination to model two 'Ndrangheta organized crime groups, and show that structure that is otherwise not visible can be extracted.","PeriodicalId":292352,"journal":{"name":"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129592592","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-27DOI: 10.1109/ISI.2015.7165966
Garima Bajwa, M. Fazeen, R. Dantu, Sonal Tanpure
The intention of an Android application, determined by the source code analysis is used to identify potential maliciousness in that application (app). Similarly, it is possible to analyze the unintentional behaviors of an app to identify and reduce the window of vulnerabilities. Unintentional behaviors of an app can be any developmental loopholes such as software bugs overlooked by a developer or introduced by an adversary intentionally. FindBugsTM and Android Lint are a couple of tools that can detect such bugs easily. A software bug can cause many security vulnerabilities (known or unknown) and vice-versa, thus, creating a many-to-many mapping. In our approach, we construct a matrix of mapping between the bugs and the potential vulnerabilities. A software bug detection tool is used to identify a list of bugs and create an empirical list of the vulnerabilities in an app. The many-to-many mapping matrix is obtained by two approaches - severity mapping and probability mapping. These mappings can be used as tools to measure the unknown vulnerabilities and their strength. We believe our study is the first of its kind and it can enhance the security of Android apps in their development phase itself. Also, the reverse mapping matrix (vulnerabilities to bugs) could be used to improve the accuracy of malware detection in Android apps.
{"title":"Unintentional bugs to vulnerability mapping in Android applications","authors":"Garima Bajwa, M. Fazeen, R. Dantu, Sonal Tanpure","doi":"10.1109/ISI.2015.7165966","DOIUrl":"https://doi.org/10.1109/ISI.2015.7165966","url":null,"abstract":"The intention of an Android application, determined by the source code analysis is used to identify potential maliciousness in that application (app). Similarly, it is possible to analyze the unintentional behaviors of an app to identify and reduce the window of vulnerabilities. Unintentional behaviors of an app can be any developmental loopholes such as software bugs overlooked by a developer or introduced by an adversary intentionally. FindBugsTM and Android Lint are a couple of tools that can detect such bugs easily. A software bug can cause many security vulnerabilities (known or unknown) and vice-versa, thus, creating a many-to-many mapping. In our approach, we construct a matrix of mapping between the bugs and the potential vulnerabilities. A software bug detection tool is used to identify a list of bugs and create an empirical list of the vulnerabilities in an app. The many-to-many mapping matrix is obtained by two approaches - severity mapping and probability mapping. These mappings can be used as tools to measure the unknown vulnerabilities and their strength. We believe our study is the first of its kind and it can enhance the security of Android apps in their development phase itself. Also, the reverse mapping matrix (vulnerabilities to bugs) could be used to improve the accuracy of malware detection in Android apps.","PeriodicalId":292352,"journal":{"name":"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127890525","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-27DOI: 10.1109/ISI.2015.7165971
N. Oshiro
This paper provides the first evidence, using listed Japanese companies, that information in accruals has become more helpful as an early warning indicator of Financial Statement Fraud when they are appropriately preprocessed.
{"title":"Detection of financial statement fraud: Is accrual really useful as an early warning indicator?","authors":"N. Oshiro","doi":"10.1109/ISI.2015.7165971","DOIUrl":"https://doi.org/10.1109/ISI.2015.7165971","url":null,"abstract":"This paper provides the first evidence, using listed Japanese companies, that information in accruals has become more helpful as an early warning indicator of Financial Statement Fraud when they are appropriately preprocessed.","PeriodicalId":292352,"journal":{"name":"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126275007","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-27DOI: 10.1109/ISI.2015.7165954
Chuan Luo, D. Zeng
Existing causal inference methods for social media usually rely on limited explicit causal context, preassume certain user interaction model, or neglect the nonlinear nature of social interaction, which could lead to bias estimations of causality. Besides, they often require sufficiently long time series to achieve reasonable results. Here we propose to take advantage of multivariate embedding to perform causality detection in social media. Experimental results show the efficacy of the proposed approach in causality detection and user behavior prediction in social media.
{"title":"Multivariate embedding based causaltiy detection with short time series","authors":"Chuan Luo, D. Zeng","doi":"10.1109/ISI.2015.7165954","DOIUrl":"https://doi.org/10.1109/ISI.2015.7165954","url":null,"abstract":"Existing causal inference methods for social media usually rely on limited explicit causal context, preassume certain user interaction model, or neglect the nonlinear nature of social interaction, which could lead to bias estimations of causality. Besides, they often require sufficiently long time series to achieve reasonable results. Here we propose to take advantage of multivariate embedding to perform causality detection in social media. Experimental results show the efficacy of the proposed approach in causality detection and user behavior prediction in social media.","PeriodicalId":292352,"journal":{"name":"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122013213","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-27DOI: 10.1109/ISI.2015.7165946
J. Proudfoot, Jeffrey L. Jenkins, J. Burgoon, J. Nunamaker
Deception is pervasive, often leading to adverse consequences for individuals, organizations, and society. Information systems researchers are developing tools and evaluating sensors that can be used to augment human deception judgments. One sensor exhibiting particular promise is the eye tracker. Prior work evaluating eye trackers for deception detection has focused on the detection and interpretation of brief eye behavior variations in response to stimuli (e.g, images) or interview questions. However, research is needed to understand how eye behaviors evolve over the course of an interaction with a deception detection system. Using latent growth curve modeling, we test how pupil diameter evolves over one's interaction with a deception detection system. The results indicate that pupil diameter changes over the course of a deception detection interaction, and that these trends are indicative of deception during the interaction, regardless if incriminating target items are shown.
{"title":"Deception is in the eye of the communicator: Investigating pupil diameter variations in automated deception detection interviews","authors":"J. Proudfoot, Jeffrey L. Jenkins, J. Burgoon, J. Nunamaker","doi":"10.1109/ISI.2015.7165946","DOIUrl":"https://doi.org/10.1109/ISI.2015.7165946","url":null,"abstract":"Deception is pervasive, often leading to adverse consequences for individuals, organizations, and society. Information systems researchers are developing tools and evaluating sensors that can be used to augment human deception judgments. One sensor exhibiting particular promise is the eye tracker. Prior work evaluating eye trackers for deception detection has focused on the detection and interpretation of brief eye behavior variations in response to stimuli (e.g, images) or interview questions. However, research is needed to understand how eye behaviors evolve over the course of an interaction with a deception detection system. Using latent growth curve modeling, we test how pupil diameter evolves over one's interaction with a deception detection system. The results indicate that pupil diameter changes over the course of a deception detection interaction, and that these trends are indicative of deception during the interaction, regardless if incriminating target items are shown.","PeriodicalId":292352,"journal":{"name":"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131736763","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-27DOI: 10.1109/ISI.2015.7165959
H. Roy, S. Kase
Examining the relation between global microlending and corruption may inform how trust and influence propogate through crowds. Building this understanding may help U.S. Army intelligence officers leverage crowds for humanitarian efforts as well as, to detect signs of adversarial influence. A dataset was created combining open source data from Kiva, a non-profit microfinancing institution, and Transparency International, a global coalition against corruption that publishes an annual Corruption Perceptions Index (CPI). The CPI was merged with Kiva microfinancing variables related to Kiva field partners. A preliminary analysis was conducted on a subset of the data in an effort to determine a near real-time microfinancing proxy for the CPI using the Kiva microfinancing data. Results suggest that when controlling for time on Kiva, the average loan size in dollars, delinquency rate, average loan size per GDP, and average time to fund loan all significantly predict CPI.
{"title":"The relation between microfinacing and corruption by country: An analysis of an open source dataset","authors":"H. Roy, S. Kase","doi":"10.1109/ISI.2015.7165959","DOIUrl":"https://doi.org/10.1109/ISI.2015.7165959","url":null,"abstract":"Examining the relation between global microlending and corruption may inform how trust and influence propogate through crowds. Building this understanding may help U.S. Army intelligence officers leverage crowds for humanitarian efforts as well as, to detect signs of adversarial influence. A dataset was created combining open source data from Kiva, a non-profit microfinancing institution, and Transparency International, a global coalition against corruption that publishes an annual Corruption Perceptions Index (CPI). The CPI was merged with Kiva microfinancing variables related to Kiva field partners. A preliminary analysis was conducted on a subset of the data in an effort to determine a near real-time microfinancing proxy for the CPI using the Kiva microfinancing data. Results suggest that when controlling for time on Kiva, the average loan size in dollars, delinquency rate, average loan size per GDP, and average time to fund loan all significantly predict CPI.","PeriodicalId":292352,"journal":{"name":"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"257 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124217785","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-27DOI: 10.1109/ISI.2015.7165962
Samuel Owusu, Lina Zhou
Cyberbullying is becoming an epidemic problem in adolescents. The accelerated diffusion of information in an online environment exposes bullying messages to a large group of bystanders who witness such incidents. However, bystanders have received much less research attention than the aggressors and victims in the cyberbullying. The current research aims to understand whether adolescents' empathy has an impact on their positive by standing behavior - cyber bullied support behavior. Drawing on related theories and models, we proposed two hypotheses about the effect of empathy. A mixture of survey questionnaire and focus group was used to test the hypotheses. The analysis results of the survey data provided support for the effect of cognitive empathy but not affective empathy. The focus group study revealed that adolescent bystanders preferred offering indirect support to the cyber bullied by reporting to adults over direct intervention. The findings highlight the important roles of empathy training as well as teacher and parent intervention in preventing and curtaining cyberbullying both within and beyond the school environments.
{"title":"Positive bystanding behavior in cyberbullying: The impact of empathy on adolescents' cyber bullied support behavior","authors":"Samuel Owusu, Lina Zhou","doi":"10.1109/ISI.2015.7165962","DOIUrl":"https://doi.org/10.1109/ISI.2015.7165962","url":null,"abstract":"Cyberbullying is becoming an epidemic problem in adolescents. The accelerated diffusion of information in an online environment exposes bullying messages to a large group of bystanders who witness such incidents. However, bystanders have received much less research attention than the aggressors and victims in the cyberbullying. The current research aims to understand whether adolescents' empathy has an impact on their positive by standing behavior - cyber bullied support behavior. Drawing on related theories and models, we proposed two hypotheses about the effect of empathy. A mixture of survey questionnaire and focus group was used to test the hypotheses. The analysis results of the survey data provided support for the effect of cognitive empathy but not affective empathy. The focus group study revealed that adolescent bystanders preferred offering indirect support to the cyber bullied by reporting to adults over direct intervention. The findings highlight the important roles of empathy training as well as teacher and parent intervention in preventing and curtaining cyberbullying both within and beyond the school environments.","PeriodicalId":292352,"journal":{"name":"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"187 3-4","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132030236","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: