With the technological advances in the internet, we also come accross certain evil faces of the internet: criminal hackers. Governments, companies, and private citizens around the world are afraid that some hacker will break into their Web server and replace their logo with pornography, read their e-mail, steal their credit card number from an on-line shopping site, or implant software that will secretly transmit their organization's secrets to the open Internet. They then turn to ethical hackers for help.
Ethical Hacking services - the positive side of hacking are sold under the modern name of "Network Security Services".
Ethical hackers help their customers to find and plug in the security loop holes in their respective sites. Watch out guys their is more to more...this is just an introduction
Monday, April 30, 2007
Reputation in P2P
Reputation-based systems are used to establish trust among members of on-line communities where parties with no prior knowledge of each other use the feedback from their peers to assess the trust worthiness of the peers in the community. Generally the reputation system in P2P network follows four steps.
Step 1: a requestor r locates available resources sending a broadcast Query message to ask for the files it needs to download. Other peers will answer with a QueryHit message to the requesting node to notify that they have the requested resource.
Step 2: Upon receiving a set of QueryHit messages, r selects an offerer o and polls the community for any available reputation information on o sending a Poll message. As a result of step 2, r receives a set V of votes, some of which express a good opinion while others express a bad one.
step 3: r evaluates the votes to collapse any set of votes that may belong to a clique and explicitly selects a random set of votes for verifying their trustworthiness.
step 4: the set of reputations collected in step 3 is computed into an aggregated community-wide reputation value. Base on this reputation value, the requestor r can take a decision on whether accessing the resource offered by o or not.After accessing the resource r can update its local trust on o (depending on whether the downloaded resource was satisfactory of not).
P2PRep is a reputation-based protocol runs in a completely anonymous P2P networks. In P2PReP, local reputation management and community-wide reputation management are two different levels. Local reputation is defined as one single peer’s opinion of one other peer’s reputation, based on its formal experience. The community reputation means the aggregated general opinion given by multiple peers. P2PRep is generally combine these two factors togeter.
P2Prep works well in the environments of the percentage of malicious peers’ increasing and decreasing by changing well-behaved ones to rogues ones and changing rogue ones into well-behaved ones. As to the turn over case in peers’ population, P2PReP confirms its robust-ness showing a percentage of malicious downloads greater about 1% than scenario with no change.
Step 1: a requestor r locates available resources sending a broadcast Query message to ask for the files it needs to download. Other peers will answer with a QueryHit message to the requesting node to notify that they have the requested resource.
Step 2: Upon receiving a set of QueryHit messages, r selects an offerer o and polls the community for any available reputation information on o sending a Poll message. As a result of step 2, r receives a set V of votes, some of which express a good opinion while others express a bad one.
step 3: r evaluates the votes to collapse any set of votes that may belong to a clique and explicitly selects a random set of votes for verifying their trustworthiness.
step 4: the set of reputations collected in step 3 is computed into an aggregated community-wide reputation value. Base on this reputation value, the requestor r can take a decision on whether accessing the resource offered by o or not.After accessing the resource r can update its local trust on o (depending on whether the downloaded resource was satisfactory of not).
P2PRep is a reputation-based protocol runs in a completely anonymous P2P networks. In P2PReP, local reputation management and community-wide reputation management are two different levels. Local reputation is defined as one single peer’s opinion of one other peer’s reputation, based on its formal experience. The community reputation means the aggregated general opinion given by multiple peers. P2PRep is generally combine these two factors togeter.
P2Prep works well in the environments of the percentage of malicious peers’ increasing and decreasing by changing well-behaved ones to rogues ones and changing rogue ones into well-behaved ones. As to the turn over case in peers’ population, P2PReP confirms its robust-ness showing a percentage of malicious downloads greater about 1% than scenario with no change.
Monday, April 2, 2007
Analyzing network traffic
The following paper seems to be relevant to the topic we discussed in class and takes a look at how to analyze network traffic by generating a state machine from traces. Could these state machines be also feasibly used in an IDS to filter bad traces?
http://comet.lehman.cuny.edu/griffeth/Papers/Agate.pdf
http://comet.lehman.cuny.edu/griffeth/Papers/Agate.pdf
Friday, March 23, 2007
Unusual E-mail Activity
An example is :
| Subject | failure notice |
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
Sorry, no mailbox here by that name. vpopmail (#5.1.1)
So, have other people also been getting such emails too ?
And what could these signify ?
Monday, March 12, 2007
A video link to byzantine fault tolerant systems by M. Castro
Hi Class,
here is a video link to a lecture given by M. Castro on the topic of Byzantine fault tolerant systems. If reading the papers is a daunting task for somebody, this is an interesting alternative for sure.
http://www.researchchannel.org/prog/displayevent.aspx?rID=2128&fID=569
Produced by:
University of Washington
April 6, 2000
here is a video link to a lecture given by M. Castro on the topic of Byzantine fault tolerant systems. If reading the papers is a daunting task for somebody, this is an interesting alternative for sure.
http://www.researchchannel.org/prog/displayevent.aspx?rID=2128&fID=569
Produced by:
University of Washington
April 6, 2000
Speaker(s):
Miguel Castro, Massachusetts Institute of Technology
Runtime:00:54:40 Description:
The growing reliance of our society on computers demands that we provide systems with improved reliability, availability, and security. This talk describes BFT -- a new software Byzantine fault tolerance toolkit that addresses these issues. BFT can be used to build replicated systems that work correctly and remain available even when some of their replicas behave arbitrarily due to malicious attacks, software errors, or hardware failures.
A video link to byzantine fault tolerant systems by M. Castro
Hi Class,
here is a video link to a lecture given by M. Castro on the topic of Byzantine fault tolerant systems. If reading the papers is a daunting task for somebody, this is an interesting alternative for sure.
Produced by:
University of Washington
April 6, 2000
here is a video link to a lecture given by M. Castro on the topic of Byzantine fault tolerant systems. If reading the papers is a daunting task for somebody, this is an interesting alternative for sure.
Produced by:
University of Washington
April 6, 2000
Speaker(s):
Miguel Castro, Massachusetts Institute of Technology
Runtime:00:54:40 Description:
The growing reliance of our society on computers demands that we provide systems with improved reliability, availability, and security. This talk describes BFT -- a new software Byzantine fault tolerance toolkit that addresses these issues. BFT can be used to build replicated systems that work correctly and remain available even when some of their replicas behave arbitrarily due to malicious attacks, software errors, or hardware failures.
Thursday, March 8, 2007
Digg Mafia, Bury Brigade
Some say there is a group of digg.com users that work together to effectively censor digg posts.
There is debate whether this exists:
http://www.wired.com/news/technology/internet/0,72835-0.html?tw=wn_index_3
http://blog.digg.com/?p=66
http://www.pronetadvertising.com/articles/the-bury-brigade-exists-and-heres-my-proof.html
There is debate whether this exists:
http://www.wired.com/news/technology/internet/0,72835-0.html?tw=wn_index_3
http://blog.digg.com/?p=66
http://www.pronetadvertising.com/articles/the-bury-brigade-exists-and-heres-my-proof.html
Subscribe to:
Posts (Atom)