Talk PPT Slides - PowerPoint Presentation

					                        Filtering, Fusion and
                        Dynamic Information
                        Presentation:
                        Towards a General
                        Information Firewall



                        Gregory Conti
                        College of Computing
                        Georgia Institute of Technology
                        United States Military Academy



http://www.sharky.tv/
Denial of
Information Attacks:

Intentional Attacks
that overwhelm the
human or otherwise
alter their decision
making


                       http://circadianshift.net/images/Virginia_Tech_1920s_NS5423_Y_small.jpg
The Problem of Information Growth
 • The surface WWW contains ~170TB (17xLOC)
 • IM generates five billion messages a day (750GB),
   or 274 terabytes a year.
 • Email generates about 400,000 TB/year.
 • P2P file exchange on the Internet is growing
   rapidly. The largest files exchanged are video files
   larger than 100 MB, but the most frequently
   exchanged files contain music (MP3 files).




http://www.sims.berkeley.edu/research/projects/how-much-info-2003/
Defense Taxonomy (Big                                                      Microsoft, AOL, Earthlink
                                                                           and Yahoo file 6 antispam
       Picture)                                                            lawsuits (Mar 04)

                                                                           Federal Can Spam
 Legal            Lawsuits                                                 Legislation (Jan 04)
                  New Laws                                                 California Business and
                                                                           Professions Code, prohibits
 Regulatory       Government Regulation
                                                                           the sending of unsolicited
 Moral            PR Campaign                                              commercial email
                                                                           (September 98)
                  Code of Ethics
                                                                           First Spam Conference
 Cultural         Communities                                              (Jan 03)

 Organizational   Topical counter-DoI groups

 Financial        Increasing cost of DoI operations

 Violence         Violence against DoI perpetrators

 Technology       (see next slide)


                                                 http://www.metroactive.com/papers/metro/12.04.03/booher-0349.html
Defense Taxonomy (Big                                                      Microsoft, AOL, Earthlink
                                                                           and Yahoo file 6 antispam
       Picture)                                                            lawsuits (Mar 04)

                                                                           Federal Can Spam
 Legal            Lawsuits                                                 Legislation (Jan 04)
                  New Laws                                                 California Business and
                                                                           Professions Code, prohibits
 Regulatory       Government Regulation
                                                                           the sending of unsolicited
 Moral            PR Campaign                                              commercial email
                                                                           (September 98)
                  Code of Ethics
                                                                           First Spam Conference
 Cultural         Communities                                              (Jan 03)

 Organizational   Topical counter-DoI groups

 Financial        Increasing cost of DoI operations

 Violence         Violence against DoI perpetrators

 Technology       (see next slide)


                                                 http://www.metroactive.com/papers/metro/12.04.03/booher-0349.html
                            System Model
Consumer
                       Vision
                 STM                           CPU     RAM
                       Hearing
 Cognition
                       Speech
                                            Consumer   Hard
                 LTM   Motor                Node       Drive
Human Consumer




                                                       Communication
                                                       Channel




                                                                Vision                     STM
                                   CPU       RAM                Hearing    Cognition

                                                                Speech
                                 Producer    Hard
                                 Node                                                      LTM
                                             Drive              Motor     Human Producer


                                                                                       Producer
   Consumer                                                     very small text
                           Vision
                     STM
                                                    CPU         RAM
                           Hearing
     Cognition
                           Speech
                                                 Consumer       Hard
                     LTM   Motor                 Node           Drive
    Human Consumer




misleading                          spoof
advertisements                      browser               Communication   exploit round off
                                                          Channel
                                                                          algorithm
trigger many alerts
                                                                          Vision                     STM
                                        CPU

   Example
                                                  RAM                     Hearing    Cognition

                                                                          Speech
                                      Producer    Hard

     DoI
                                      Node                                                           LTM
                                                  Drive                   Motor     Human Producer




   Attacks
                                                                                                 Producer
Consumer
                       Vision
                 STM
                                               CPU         RAM

                                                                               Example
                       Hearing
 Cognition
                       Speech
                                            Consumer       Hard


                                                                                 DoI
                 LTM   Motor                Node           Drive
Human Consumer

                        Usable
                        Security                                               Defenses
                                                     Communication
                 TCP Damping                         Channel

                                                                      Eliza Spam Responder

     Computational                                                   Vision                     STM
                                   CPU       RAM
     Puzzle Solving                                                  Hearing    Cognition

                                                                     Speech
                                 Producer    Hard                                               LTM
                                 Node                                Motor     Human Producer
                                             Drive


                                                                                            Producer

                        Decompression Bombs
DoI Countermeasures in the
      Web Domain
                                   Information Firewall


                   search for
                                                             submit
                   desired
                                                             suggested
                   transform                                               Content
                                                             transform
                                                                           Producer

                                        Transform
                   request              Processing
                   transformed            Engine
                   content



                                                                                  publish
                   receive             store and                                  content
                   transformed         retrieve transforms
                   content
Content Consumer

                                                                request
                                                                original
                    submit new          Transform               content
                    or modified         Database
                    transform

                    submit                                      receive    Organizational
                    feedback                                    original       Web
                    on transform                                content       Server




                                   view original document
               analyst      information   data
               views          firewall    sources

                             transform
                             processing
            filter all
                               engine
            but headlines



                              parser

filtering



                             rules
                             engine

            filter all
            but today’s
            weather




 fusion                     transform
                            database
Demo
         For more information…

G. Conti, M. Ahamad and R. Norback;
 "Filtering, Fusion and Dynamic Information
 Presentation: Towards a General
 Information Firewall;" IEEE International
 Conference on Intelligence and Security
 Informatics (IEEE-ISI); May 2005. for extended
 version email me…

G. Conti and M. Ahamad; "A Taxonomy and
 Framework for Countering Denial of
 Information Attacks;" IEEE Security and
 Privacy. (to be published)email me…

G. Conti, M. Ahamad and J. Stasko;
 "Attacking Information Visualization System
 Usability: Overloading and Deceiving the
 Human;" Symposium on Usable Privacy and
 Security (SOUPS); July 2005. (accepted, to
 be published)
       For more information…

Rennison, Earl. Galaxy of News: An
Approach to Visualizing and Understanding
Expansive News Landscapes. Proceedings
of the 7th Annual ACM Symposium on
User Interface Software and Technology,
1994, pp. 3 - 12.

M. Ahamad, W. Lee, L. Liu, L. Mark, E.
Omicienski, C. Pu and A. Dos Santos;
“Guarding the Next Internet Frontier:
Countering Denial of Information
Attacks;” Proceedings of the New
Security Paradigms Workshop; pp 136-
143; September 2002.
Questions?
Greg Conti
conti@cc.gatech.edu
www.cc.gatech.edu/~conti




Image: http://altura.speedera.net/ccimg.catalogcity.com/210000/211700/211780/Products/6203927.jpg
Backup Slides
             GreaseMonkey
• http://developers.slashdot.org/article.pl?sid=
  05/05/16/0052245&tid=95&tid=154&tid=1
  56&tid=1
Total Overhead= (Number of Spam x (Time to Delete + Time to Observe))+(Number of Email X (Time to Decide + Time to Scan))




       Overhead
                                                        Orient
       Number of Spam                                                               Scan             Overhead
       x Time to Observe                                                                             Number of Email
                                                                                    Subject          x Time to Scan
                            Confirm Deletion                                        Line
                            Successful

                                             No
                                             Observation



                           Observe                                                   Decide




                                           No Action             Not Spam



      Overhead
      Number of Spam
                            Delete
      x Time to Delete
                                                                                         Spam        Overhead
                                                                                                     Number of Email
                                                          Act                                        x Time to Decide

				
DOCUMENT INFO