Filtering, Fusion and Dynamic Information Presentation: Towards a General Information Firewall Gregory Conti College of Computing Georgia Institute of Technology United States Military Academy
Denial of Information Attacks: Intentional Attacks that overwhelm the human or otherwise alter their decision making
The Problem of Information Growth The surface WWW contains ~170TB (17xLOC) IM generates five billion messages a day (750GB), or 274 terabytes a year. generates about 400,000 TB/year. P2P file exchange on the Internet is growing rapidly. The largest files exchanged are video files larger than 100 MB, but the most frequently exchanged files contain music (MP3 files).
Defense Taxonomy (Big Picture) Microsoft, AOL, Earthlink and Yahoo file 6 antispam lawsuits (Mar 04) Federal Can Spam Legislation (Jan 04) California Business and Professions Code, prohibits the sending of unsolicited commercial (September 98) First Spam Conference (Jan 03)
Defense Taxonomy (Big Picture) Microsoft, AOL, Earthlink and Yahoo file 6 antispam lawsuits (Mar 04) Federal Can Spam Legislation (Jan 04) California Business and Professions Code, prohibits the sending of unsolicited commercial (September 98) First Spam Conference (Jan 03)
Human Consumer Human Producer Communication Channel Consumer Node RAM Hard Drive CPU Producer Node STM LTM Cognition Consumer Producer RAM Hard Drive CPU STM LTM Cognition Vision Hearing Speech Motor Vision Hearing Speech Motor System Model
Human Consumer Human Producer Communication Channel Consumer Node RAM Hard Drive CPU Producer Node STM LTM Cognition Consumer Producer RAM Hard Drive CPU STM LTM Cognition Vision Hearing Speech Motor Vision Hearing Speech Motor very small text exploit round off algorithm trigger many alerts Example DoI Attacks misleading advertisements spoof browser
Human Consumer Human Producer Communication Channel Consumer Node RAM Hard Drive CPU Producer Node STM LTM Cognition Consumer Producer RAM Hard Drive CPU STM LTM Cognition Vision Hearing Speech Motor Vision Hearing Speech Motor TCP Damping Usable Security Eliza Spam Responder Decompression Bombs Example DoI Defenses Computational Puzzle Solving
DoI Countermeasures in the Web Domain
Transform Database Content Producer Transform Processing Engine Organizational Web Server view original document Information Firewall publish content submit suggested transform store and retrieve transforms Content Consumer receive original content submit new or modified transform submit feedback on transform search for desired transform request transformed content receive transformed content request original content
parser data sources information firewall filtering fusion filter all but headlines rules engine transform database analyst views filter all but today’s weather transform processing engine
Demo
For more information… G. Conti, M. Ahamad and R. Norback; "Filtering, Fusion and Dynamic Information Presentation: Towards a General Information Firewall;" IEEE International Conference on Intelligence and Security Informatics (IEEE-ISI); May for extended version me… G. Conti and M. Ahamad; "A Taxonomy and Framework for Countering Denial of Information Attacks;" IEEE Security and Privacy. (to be published) me… G. Conti, M. Ahamad and J. Stasko; "Attacking Information Visualization System Usability: Overloading and Deceiving the Human;" Symposium on Usable Privacy and Security (SOUPS); July (accepted, to be published)
For more information… Rennison, Earl. Galaxy of News: An Approach to Visualizing and Understanding Expansive News Landscapes. Proceedings of the 7th Annual ACM Symposium on User Interface Software and Technology, 1994, pp M. Ahamad, W. Lee, L. Liu, L. Mark, E. Omicienski, C. Pu and A. Dos Santos; “Guarding the Next Internet Frontier: Countering Denial of Information Attacks;” Proceedings of the New Security Paradigms Workshop; pp ; September 2002.
Questions? Image: Greg Conti
Backup Slides
GreaseMonkey 05/05/16/ &tid=95&tid=154&tid=1 56&tid=1
Orient Observe Act Decide Scan Subject Line Spam Delete Confirm Deletion Successful Not Spam No Observation No Action Overhead Number of x Time to Decide Overhead Number of Spam x Time to Delete Overhead Number of Spam x Time to Observe Total Overhead = (Number of Spam x (Time to Delete + Time to Observe))+(Number of X (Time to Decide + Time to Scan)) Overhead Number of x Time to Scan