CompSciRN: Cyber Attack (Topic)最新文献

{"title":"Method for Detecting Shilling Attacks Based on Implicit Feedback in Recommender Systems","authors":"O. Chala, L. Novikova, L. Chernyshova, Angelika Kalnitskaya","doi":"10.21303/2461-4262.2020.001394","DOIUrl":"https://doi.org/10.21303/2461-4262.2020.001394","url":null,"abstract":"The problem of identifying shilling attacks, which are aimed at forming false ratings of objects in the recommender system, is considered. The purpose of such attacks is to include in the recommended list of items the goods specified by the attacking user. The recommendations obtained as a result of the attack will not correspond to customers' real preferences, which can lead to distrust of the recommender system and a drop in sales. The existing methods for detecting shilling attacks use explicit feedback from the user and are focused primarily on building patterns that describe the key characteristics of the attack. However, such patterns only partially take into account the dynamics of user interests. A method for detecting shilling attacks using implicit feedback is proposed by comparing the temporal description of user selection processes and ratings. Models of such processes are formed using a set of weighted temporal rules that define the relationship in time between the moments when users select a given object. The method uses time-ordered input data. The method includes the stages of forming sets of weighted temporal rules for describing sales processes and creating ratings, calculating a set of ratings for these processes, and forming attack indicators based on a comparison of the ratings obtained. The resulting signs make it possible to distinguish between nuke and push attacks. The method is designed to identify discrepancies in the dynamics of purchases and ratings, even in the absence of rating values at certain time intervals. The technique makes it possible to identify an approach to masking an attack based on a comparison of the rating values and the received attack indicators. When applied iteratively, the method allows to refine the list of profiles of potential attackers. The technique can be used in conjunction with pattern-oriented approaches to identifying shilling attacks","PeriodicalId":252015,"journal":{"name":"CompSciRN: Cyber Attack (Topic)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132497361","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Developing a Model of the Dynamics of States of a Recommendation System under Conditions of Profile Injection Attacks","authors":"Yelyzaveta V. Meleshko, Oleksandr Drieiev, M. Yakymenko, D. Lysytsia","doi":"10.15587/1729-4061.2020.209047","DOIUrl":"https://doi.org/10.15587/1729-4061.2020.209047","url":null,"abstract":"The recommendation systems used to form a news feed in social networks or to create recommendation lists on content websites or Internet stores are often exposed to information profile injection attacks. These attacks are aimed at changing ratings, and thus at changing the frequency of appearing in recommendations, certain objects of a system. This can lead to threats to users’ information security and losses of the system owners. There are methods to detect attacks in recommendation systems, but they require permanent repetitive checks of all users’ profiles, which is a rather resource-intensive operation. At the same time, these methods do not contain any proposals as for determining the optimal frequency of attack checks. However, a properly chosen frequency of such checks will not overload a system too much and, at the same time, will provide an adequate level of its operational security. A mathematical model of the dynamics of states of a recommendation system under conditions of an information attack with the use of the mathematical apparatus of Markovian and semi-Markovian processes was developed. The developed model makes it possible to study the influence of profile injection attacks on recommendation systems, in particular, on their operation efficiency and amount of costs to ensure their information security. The practical application of the developed model enables calculating for recommendation systems the optimum frequency of information attack check, taking into consideration the damage from such attacks and costs of permanent inspections. Based on the developed mathematical model, the method for determining total costs of a recommendation system as a result of monitoring its own information security, neutralization of bot-networks activity and as a result of information attacks was proposed. A method for determining the optimal frequency of checking a recommendation system for information attacks to optimize the overall costs of a system was developed. The application of this method will enable the owners of websites with recommendation systems to minimize their financial costs to provide their information security","PeriodicalId":252015,"journal":{"name":"CompSciRN: Cyber Attack (Topic)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134224427","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"DSSE: Distributed Security Shielded Execution for Communicable Cyber Threats Analysis","authors":"Satinderjeet Singh, A. Lamba, Sivakumar Rela","doi":"10.2139/ssrn.3497815","DOIUrl":"https://doi.org/10.2139/ssrn.3497815","url":null,"abstract":"Cloud computing is a new computing model which enables individuals and organizations to attain access to huge computing resources without capital investment. It does mean that users can utilize computing resources in pay per use fashion. Transmissible cyber threats nowadays have been considered one among the major serious security problems in cyberspace. Several techniques were proposed to model, simulate and identify threats' sources and their propagation in large-scale distributed networks. Most techniques are based on the analysis of real networks dataset that contains sensitive information. Traditional in-memory analysis of these dataset always leads to data leakage because of system vulnerabilities. If the dataset itself is compromised by adversaries, this threat cost would be even higher than the threat being analyzed. To overcome this problem, in this paper, a new Distributed Security Shielded Execution (DSSE) for communicable cyber threats analysis using the Secure Identity Based Encryption (SIBE) technique is proposed. The purpose of the proposed work is to provide security sensitive operations then implemented properly in the Disef enclave. And to minimize potential Iago attacks in Disef system. To introduce a Novel SIBE unbreakable new key-value encrypted format integrated with the version number and update counter to prevent possible rollback and replay attacks. Also to secure a Disef system in high availability with multi-cloud support. The experimental outcomes showed that the proposed framework supports secure cost analysis and response time analysis of large network dataset and has comparable performance with systems that have no confidentiality and integrity guarantees.","PeriodicalId":252015,"journal":{"name":"CompSciRN: Cyber Attack (Topic)","volume":"65 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114596736","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Intrusion Detection System Based on Genetic Algorithm for Detection of Distribution Denial of Service Attacks in MANETs","authors":"A. Chaudhary, G. Shrimal","doi":"10.2139/ssrn.3351807","DOIUrl":"https://doi.org/10.2139/ssrn.3351807","url":null,"abstract":"Mobile ad hoc networks (MANETs) are more susceptible towards security attacks because of its complicated characteristics i.e. lack of clear boundary of defense, no centralized points and dynamic topologies. Due to MANET characteristics, detection of attacks are more difficult than the traditional networks. One of very significant attack is distributed denial of service attack (DDoS) in MANETs. This attack may restrict the availability of the network resources. This paper focuses to develop an intrusion detection system using genetic algorithm for DDoS attacks in MANETs. The implementation results present that the proposed intrusion detection system which is based on genetic algorithm can able to detect the DDoS attacks on MANETs with a good detection rates. <br>","PeriodicalId":252015,"journal":{"name":"CompSciRN: Cyber Attack (Topic)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-03-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130115138","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Tomorrow's Physics Alters Information Technology Which Alters Global Economics and Social Science","authors":"R. Bartlett","doi":"10.2139/SSRN.3272630","DOIUrl":"https://doi.org/10.2139/SSRN.3272630","url":null,"abstract":"Hidden Variables are presently hypothetical factors based on the belief that the theory of quantum mechanics is incomplete. Their identification would lead to exact predictions, not just probabilities, for the outcomes of measurements. Albert Einstein is the most famous proponent of hidden variables (it will be shown that the variables are compatible with entanglement, what Einstein called the result of “spooky action at a distance”). Their existence would vindicate his belief that quantum mechanics is lacking something. If probability is deleted at the universe’s most fundamental level, computer-generated random numbers (and the online security which is based on them) will become vulnerable to computer hackers. Addressing the security of credit cards, a partial remedy would be to develop a worldwide system for increasing each person’s standard of living that totally eliminates money in all its forms. Then there’d be no credit-card details for hackers to steal. This radical step seems to be possible because the human instinct to survive is much greater than other drives such as self-interest and greed. If money ceases to be an option, people will freely share and cooperate if that’s the only way to not merely ensure survival, but to actually improve everyone’s standard of life. The security of government and military records that are encrypted online depends on people eventually realizing that we’re all invisibly and permanently connected (by Hidden Variables). Then hurting others in any manner is the same as hurting yourself and hackers would simply have no motive to hack in evil ways. Realization of our invisible/permanent interconnectedness would also be of great assistance in achieving post-economic sharing and cooperation. This invisible, permanent connection affects not just every part of space (including on Earth) but also every part of time, since physics says space and time can never be separated - giving living beings a conscious existence that continues after death and, bizarrely, before conception.","PeriodicalId":252015,"journal":{"name":"CompSciRN: Cyber Attack (Topic)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130652029","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}