Presentation is loading. Please wait.

Presentation is loading. Please wait.

Daniela Oliveira 1, Dhiraj Murthy 1, Henric Johnson 2, S. Felix Wu 3, Roozbeh Nia 3 and Jeff Rowe 3 1 Bowdoin College 2 Blekinge Institute of Technology.

Published byMorgan Cole Modified over 9 years ago

Similar presentations

Presentation on theme: "Daniela Oliveira 1, Dhiraj Murthy 1, Henric Johnson 2, S. Felix Wu 3, Roozbeh Nia 3 and Jeff Rowe 3 1 Bowdoin College 2 Blekinge Institute of Technology."— Presentation transcript:

1 Daniela Oliveira 1, Dhiraj Murthy 1, Henric Johnson 2, S. Felix Wu 3, Roozbeh Nia 3 and Jeff Rowe 3 1 Bowdoin College 2 Blekinge Institute of Technology 3 University of California at Davis IEEE Workshop on Semantics, Security and Privacy September 21, 2011

2  Introduction  Limitations of Traditional Defense Solutions  The Challenge of Computing with Social Trust  The Socially-Aware OS  Applications, Benefits and Threats  Concluding Remarks

3  OSNs: rise in popularity;  Malware landscape complex;  Internet: social platform ◦ What can be trusted? Internet

4  Based on social trust;  OS, architecture and applications should become socially-aware;  OSN users assign/have inferred trust values for friends and objects;  Continuum trusted-untrusted.

5  Signature, Behavior, Information-flow models: ◦ Automated, rigid and threat-specific.  Shift to Web-based computer paradigm: ◦ Users accomplish most of their computing need with browser.

6  What if we leverage social trust to distinguish a continuum of trusted/untrusted? ◦ Flexibility ◦ Diversity ◦ Stronger security policies

7  Signature-based ◦ Defeated by code obfuscation, polymorphism, metamorphism ◦ Cannot prevent zero-day attacks  Behavior-based ◦ Susceptible to false positives ◦ Depends of relevant training data  Information flow-based ◦ Usually assumes all data from the Internet as untrusted: too restrictive

8  Unpredictability  Diversity  Continuum of trust/untrusted values  Human role

9  In Sociology: ◦ Essential commodity ◦ Functional pre-requisite for society  Tool for making trustworthy decisions ◦ Risk and uncertainty ◦ An added bonus?  Computing with Social Trust ◦ New research area

10  Operating systems manages: ◦ Processes; ◦ Memory; ◦ File systems; ◦ I/O devices;

11  Operating systems manages: ◦ Processes; ◦ Memory; ◦ File systems; ◦ I/O devices; ◦ Social trust

12

13  People user is connected to: email addresses  Objects: URLs, files, IP addresses, files;  Privacy preserved: only sharable objects 20 Years of Linux: http://www.cnn.com/2011/TECH/gaming.gadgets/08/25/linux.20/index.html?hpt=hp_bn7 Bowdoin College IP: 139.140.214.196/16 danielaseabra@gmail.com http://www.cc.gatech.edu/~brendan/Virtuoso_Oakland.pdf http://sourceforge.net/projects/jedit/files/jedit/4.4.1/jedit4.4.1install.exe/download

14 OSN Server TR User 1 TR User 2 TR User 3 TR User N TR Alice Network Trust-aware syscall interface social_synch() TR: Trust Repository OS Alice TR Alice

15 OSN Server TR User 1 TR User 2 TR User 3 TR User N TR Alice Network Trust-aware syscall interface social_synch() TR: Trust Repository OS Alice TR Alice

16 OSN Server TR User 1 TR User 2 TR User 3 TR User N TR Alice Network Trust-aware syscall interface social_synch() TR: Trust Repository OS Alice TR Alice

17  Adaptation of Web of Trust (Richardson et al.’ 03) t ij = amount of trust user i has for her friend user j t jk = amount of trust user j has for her friend user k t ik = amount of trust user i should have for user k, not directly connected, function of t ij and t jk

18 NxN matrix, where N is the number of user t i = row vector of user i trust in other users t ik = how much user i trusts her friend user k t kj = how much user k trusts her friend user j (t ik. t kj ) = amount user i trusts user j via k ∑ k (t ik. t kj ) = how much user i trusts user j via any other node.

19  Represents trust between any two users ◦ Aggregation function concatenates trusts along paths (1)M (0) = T (2)M (n) = T. M (n-1) Repeat (2) until M (n) = M (n-1) M (i) is the value of M in iteration i. Matrix multiplication definition: C ij = ∑ k (A ik. B kj )

20  Personal beliefs: ◦ Asserted by a user to an object in her trust repository b i = user i’s personal belief (trust) on a certain object. b = collection of personal beliefs in a particular object How much a user believes in any sharable object in the network?

21  Computes for any user, her belief in any sharable object (1)b (0) = b (2)b (n) = T. b (n-1) or (b i ) n = ∑ k (t ik. (b k ) n-1 ) Repeat (2) until b (n) = b (n-1) where: b (i) is the value of b in iteration i.

22  Streamline security policies and decision- making process: ◦ Restriction of system resources based on trust; ◦ Software installation, URL visit.  Information-flow tracking with refined trust levels;  Anti-SPAM techniques.

23  OSN or OS compromised: ◦ Attacker increases trust values for malicious objects:  System behave as if trustworthy framework was never installed;  High trust values do not mean higher privileges:  The higher the trust, the closer to default levels without social trust ◦ Attacker decreases trust values for benign objects:  DoS attack.

24  Challenges ◦ Management and reliability of social data/trust: reliability, ethics issues, no standard API; ◦ The socially-aware kernel: managing multiple repositories, performance, usability, Sybil attacks, identity management. ◦ Confidentiality and Security: new vulnerabilities, privacy leaks, exporting trust information.

25

Download ppt "Daniela Oliveira 1, Dhiraj Murthy 1, Henric Johnson 2, S. Felix Wu 3, Roozbeh Nia 3 and Jeff Rowe 3 1 Bowdoin College 2 Blekinge Institute of Technology."

Similar presentations

Operating System Security

Operating System Security
Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.

Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.
Understanding Cancer-based Networks in Twitter using Social Network Analysis Dhiraj Murthy Daniela Oliveira Alexander Gross Social Network Innovation Lab.

Understanding Cancer-based Networks in Twitter using Social Network Analysis Dhiraj Murthy Daniela Oliveira Alexander Gross Social Network Innovation Lab.
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
Defending against Sniffing Attacks on Mobile Phones Liang Cai (University of California, Davis), Sridhar Machiraju (Sprint Applied Research), Hao Chen.

Defending against Sniffing Attacks on Mobile Phones Liang Cai (University of California, Davis), Sridhar Machiraju (Sprint Applied Research), Hao Chen.
Current Security Threats WMO CBS ET-CTS Toulouse, France 26-30 May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
Winter 20021 CMPE 155 Week 7. Winter 20022 Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.

Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.

Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.
Copyright© 2005-2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson.

Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson.
Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.

Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.
INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.

INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.
Mobile Data Sharing over Cloud Group No. 8 - Akshay Kantak - Swapnil Chavan - Harish Singh.

Mobile Data Sharing over Cloud Group No. 8 - Akshay Kantak - Swapnil Chavan - Harish Singh.
Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.

Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.
DAN WALLACH, RICE UNIVERSITY PRESENTED BY: FERAS AL TAROUTI Smartphone Security: Trends and Predictions.

DAN WALLACH, RICE UNIVERSITY PRESENTED BY: FERAS AL TAROUTI Smartphone Security: Trends and Predictions.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

Similar presentations

Ads by Google