Localisation of Attacks, Combating Browser-Based Geo-Information and IP Tracking Attacks

Mapping Intimacies ◽

10.26686/wgtn.17061767.v1 ◽

2021 ◽

Author(s):

◽

Masood Mansoori

Keyword(s):

Real World ◽

Web Sites ◽

Geographical Location ◽

Specific Information ◽

Experimental Setup ◽

False Negatives ◽

Ip Address ◽

Network Information ◽

Targeted Attacks ◽

User Groups

<p>Accessing and retrieving users’ browser and network information is a common practice used by advertisers and many online services to deliver targeted ads and explicit improved services to users belonging to a particular group. They provide a great deal of information about a user’s geographical location, ethnicity, language, culture and general interests. However, in the same way these techniques have proven effective in advertising services, they can be used by attackers to launch targeted attacks against specific user groups. Targeted attacks have been proven more effective against user groups than their blind untargeted counterparts (e.g.spam, phishing). Their detection is more challenging as the detection tools need to be located within the targeted user group. This is one of the challenges faced by security researchers and organisations involved in the detection of new malware and exploits, using client honeypots. Client honeypots are detection systems used in the identification of malicious web sites. The client honeypot needs to mimic users in a pre-defined location, system, network and personality for which the malware is intended. The case is amplified by the use of Browser Exploit Packs/kits (BEPs), supporting these features. BEPs provide simplicity in deployment of targeted malicious web sites. They allow attackers to utilise specific geographical locations, network information, visit patterns or browser header information obtained from a visiting user to determine if a user should be subjected to an attack. Malicious web sites that operate based on targeted techniques can disguise themselves as legitimate web sites and bypass detection. Benign content is delivered to attacker-specified users while avoiding delivery to suspicious systems such as well-known or possible subnets that may host client honeypots. A client honeypot deployed in a single location with a single IP address will fail to detect an attack targeted at users in different demographic and network subnets. Failure in detection of such attacks results in high rates of false negatives which affect all honeypots regardless of detection technique or interaction level. BEPs are hugely popular and most include tracking features. The number of malicious web sites that utilise these features is currently unknown. There are very few studies that have addressed identifying the rate and number of malicious web sites utilising these techniques and no available client honeypot system is currently able to detect them. Any failure to detect these web sites will result in unknown numbers of users being exploited and infected with malware. The false negatives resulting from failing to detect these web sites can incorrectly be interpreted as a decline in the number of attacks. In this work, a study of information that can potentially expose users to targeted attack through a browser is examined through experimental analysis. Concrete approaches by attackers to obtain user-specific information in the deployment of targeted attacks through browsers are discussed and analysed. We propose a framework for designing a client honeypot capable of detecting geolocation attacks. Our framework relies on HAZard and OPerability (HAZOP) studies to identify components of the client honeypot, its processes and attributes of the experimental setup which could potentially introduce bias into our study. Any potential bias neglected, would affect the results of our real-world experiments and undermine our analysis through deviation from the intent of the study. To facilitate in our experiments, we developed a low interaction client honeypoy (YALIH) and performed real-world experiments on large selection of web sites. We determined the popularity of targeted malicious attacks based on likely attributes of a visiting user’s system. Our approach relies on previous research performed in the area of online spam detection which has similar attributes to malicious web sites. Our experiments show that referer, via, X-Forwarded-For and browser language attributes of HTTP protocol header, retrieval behaviour (i.e. IP tracking) and geographical location of a visitor identified by an IP address can be used in a targeted attack. These attributes can have significant effect on the number of detected malicious web sites in a study and should therefore be reliably controlled in an experimental setup. This findings in this research can potentially reduce false negative rates in all types of client honeypots, measurement studies of malicious malicious web sites and help researchers and malware analysts capture and analyse new malware and exploit samples from malicious web sites.</p>

Download Full-text

Localisation of Attacks, Combating Browser-Based Geo-Information and IP Tracking Attacks

10.26686/wgtn.17061767 ◽

2021 ◽

Author(s):

◽

Masood Mansoori

Keyword(s):

Real World ◽

Web Sites ◽

Geographical Location ◽

Specific Information ◽

Experimental Setup ◽

False Negatives ◽

Ip Address ◽

Network Information ◽

Targeted Attacks ◽

User Groups

Download Full-text

Interpreting collocations: An analysis of collocation dictionaries of: English, German and Russian

Lexicographica - International Annual for Lexicography / Internationales Jahrbuch für Lexikographie ◽

10.1515/lex-2019-0007 ◽

2019 ◽

Vol 35 (1) ◽

pp. 107-132

Author(s):

Armine Garibyan

Keyword(s):

Specific Information ◽

Lexical Unit ◽

User Groups

Abstract Unless online collocation tools have not become common yet, printed collocation dictionaries are still one of the few sources of checking collocative possibilities of a lexical unit. The aim of this paper is to analyse one printed collocation dictionary in each of the 3 languages: English, German and Russian and see which interpretation of collocation was focused on and what user groups were targeted. Also, it was attempted to see whether the morphological specificity of the languages was taken consideration of as compared to the structure of these dictionaries, and further determine whether inclusion or exclusion of certain language-specific information aims at a particular group of target users.

Download Full-text

Information Attacks and Defenses on the Social Web

Global Implications of Emerging Technology Trends - Advances in IT Standards and Standardization Research ◽

10.4018/978-1-5225-4944-4.ch012 ◽

2018 ◽

pp. 216-235

Author(s):

Agostino Poggi ◽

Michele Tomaiuolo

Keyword(s):

Social Networks ◽

Social Networking ◽

Real World ◽

Web Sites ◽

Online Social Networks ◽

Social Web ◽

Security Measures ◽

The Social ◽

Attacks And Defenses ◽

Interest In Technology

Social web sites are used daily by many millions of users. They have attracted users with very weak interest in technology, including absolute neophytes of computers in general. Common users of social web sites often have a carefree attitude in sharing information. Moreover, some system operators offer sub-par security measures, which are not adequate for the high value of the published information. For all these reasons, online social networks suffer more and more attacks by sophisticated crackers and scammers. To make things worse, the information gathered from social web sites can trigger attacks to even more sensible targets. This work reviews some typical social attacks that are conducted on social networking systems, describing real-world examples of such violations and analyzing in particular the weakness of password mechanisms. It then presents some solutions that could improve the overall security of the systems.

Download Full-text

Competence Management over Social Networks Through Dynamic Taxonomies

Knowledge Management 2.0 ◽

10.4018/978-1-61350-195-5.ch006 ◽

2013 ◽

pp. 103-120

Author(s):

Giuseppe Berio ◽

Antonio Di Leva ◽

Mounira Harzallah ◽

Giovanni M. Sacco

Keyword(s):

Social Networks ◽

Social Network ◽

Real World ◽

Reference Model ◽

Effective Solution ◽

Network Information ◽

The Social ◽

Competence Management

The exploitation and integration of social network information in a competence reference model (CRAI, Competence, Resource, Aspect, Individual) are discussed. The Social-CRAI model, which extends CRAI to social networks, provides an effective solution to this problem and is discussed in detail. Finally, dynamic taxonomies, a model supporting explorative conceptual search, are introduced and their use in the context of the Social-CRAI model for exploring retrieved information available in social networks is discussed. A real-world example is provided.

Download Full-text

Making sense of the users of public sector accounting information and their needs

Journal of Public Budgeting Accounting & Financial Management ◽

10.1108/jpbafm-10-2018-0124 ◽

2019 ◽

Vol 31 (4) ◽

pp. 478-495 ◽

Cited By ~ 8

Author(s):

Jan van Helden ◽

Christoph Reichard

Keyword(s):

Financial Reporting ◽

Information Needs ◽

Accounting Information ◽

Influential Factors ◽

Future Research ◽

Specific Information ◽

Content Type ◽

Making Sense ◽

Actual Use ◽

User Groups

Purpose The purpose of this paper is to dismantle the complex issue of “use of accounting information (AI)” by pointing to different groups of information users, diverging interests and needs of these user groups and various influential factors on the usability and the actual use of AI. Design/methodology/approach This paper includes a literature review and conceptual reflections. Findings The review of recently published articles on the issue of “use of accounting information” presents an actual picture of the academic debate on purposes of use, user types, needs of various user groups and factors influencing the usability and the actual use of AI. The subsequent conceptual reflections deal with so far less regarded user groups, with options to strengthen the user perspective in budgeting and financial reporting, with approaches for engaging users in the content of accounting documents, with interrelations between user needs, usability and use intensity, including various antecedents of the different variables of the information-use issue. Research limitations/implications This paper presents promising routes for future research. Practical implications The paper emphasizes the importance of paying more attention to the specific information needs and the motivations of various stakeholder groups generally interested in using financial information. Originality/value The paper presents results of reviewing recent literature on the issue of “use of accounting information” and provides some insight into specific aspects of this issue.

Download Full-text

VRMiner

Processing and Managing Complex Data for Decision Support ◽

10.4018/978-1-59140-655-6.ch011 ◽

2011 ◽

pp. 318-339 ◽

Cited By ~ 4

Author(s):

H. Azzag ◽

F. Picarougne ◽

C. Guinot ◽

G. Venturini

Keyword(s):

Virtual Reality ◽

Real World ◽

Web Sites ◽

Contextual Information ◽

3D Models ◽

Multimedia Data ◽

Stereoscopic Display ◽

Specific Domain ◽

Data Glove ◽

Virtual Camera

We present in this chapter a new 3D interactive method for visualizing multimedia data with virtual reality named VRMiner. We consider that an expert in a specific domain has collected a set of examples described with numeric and symbolic attributes but also with sounds, images, videos and Web sites or 3D models, and that this expert wishes to explore these data to understand their structure. We use a 3D stereoscopic display in order to let the expert easily visualize and observe the data. We add to this display contextual information such as texts and small images, voice synthesis and sound. Larger images, videos and Web sites are displayed on a second computer in order to ensure real time display. Navigating through the data is done in a very intuitive and precise way with a 3D sensor that simulates a virtual camera. Interactive requests can be formulated by the expert with a data glove that recognizes the hand gestures. We show how this tool has been successfully applied to several real world applications.

Download Full-text

Using IT to Augment Authentic Learning

Authentic Learning Environments in Higher Education ◽

10.4018/978-1-59140-594-8.ch013 ◽

2006 ◽

pp. 172-181

Author(s):

Sandra Jones

Keyword(s):

Real World ◽

Web Sites ◽

Learning Experience ◽

Learning Opportunities ◽

Learning System ◽

Learning Activity ◽

Discussion Boards ◽

Face To Face ◽

Access Information ◽

Student Centred Learning

This chapter discusses how information technology (IT) can be used to augment the authenticity of the learning experience in student-centred learning environments. It argues that technology provides the opportunity to embed students in learning activity by bridging the gap between the “real world” and the classroom. The particular learning environment used to illustrate this is a restaurant complex with a number of outlets that was designed by the author to provide a common work environment. Using the Distributed Learning System (DLS) to which all students have access, the author was able to increase the authenticity of the “case” by first, having students access information (as employees and/or lessees’) about the commercial conditions facing the company, and its policies and practices). Second, “employees” were able to communicate through discussion boards. Third, students were able to access resources through hyperlinks to external Web sites. The author concludes that there is need for a mixture of face-to-face and virtual learning opportunities in order to add real-world authenticity to experiential learning opportunities.

Download Full-text

Comparison of Cycling Behavior between Keyboard-Controlled and Instrumented Bicycle Experiments in Virtual Reality

Transportation Research Record Journal of the Transportation Research Board ◽

10.1177/0361198120921850 ◽

2020 ◽

Vol 2674 (7) ◽

pp. 244-257

Author(s):

Martyna Bogacz ◽

Stephane Hess ◽

Chiara Calastri ◽

Charisma F. Choudhury ◽

Alexander Erath ◽

...

Keyword(s):

Virtual Reality ◽

Experimental Design ◽

Data Collection ◽

Real World ◽

Head Movements ◽

Behavioral Data ◽

Experimental Setup ◽

Real World Data ◽

World Data ◽

Cycling Behavior

The use of virtual reality (VR) in transport research offers the opportunity to collect behavioral data in a controlled dynamic setting. VR settings are useful in the context of hypothetical situations in which real-world data does not exist or in situations which involve risk and safety issues making real-world data collection infeasible. Nevertheless, VR studies can contribute to transport-related research only if the behavior elicited in a virtual environment closely resembles real-world behavior. Importantly, as VR is a relatively new research tool, the best-practice with regards to the experimental design is still to be established. In this paper, we contribute to a better understanding of the implications of the choice of the experimental setup by comparing cycling behavior in VR between two groups of participants in similar immersive scenarios, the first group controlling the maneuvers using a keyboard and the other group riding an instrumented bicycle. We critically compare the speed, acceleration, braking and head movements of the participants in the two experiments. We also collect electroencephalography (EEG) data to compare the alpha wave amplitudes and assess the engagement levels of participants in the two settings. The results demonstrate the ability of VR to elicit behavioral patterns in line with those observed in the real-world and indicate the importance of the experimental design in a VR environment beyond the choice of audio-visual stimuli. The findings will be useful for researchers in designing the experimental setup of VR for behavioral data collection.

Download Full-text

Implementing the Knowledge Assessment of CPT Critical Skills (KACCS) Scale

Military Medicine ◽

10.1093/milmed/usy341 ◽

2019 ◽

Vol 184 (Supplement_1) ◽

pp. 461-466

Author(s):

Hazel R Atuel ◽

Luci Ursich ◽

Ashley Schuyler ◽

Dax Berg ◽

Sara Kintzle ◽

...

Keyword(s):

Cognitive Processing ◽

Validation Study ◽

Knowledge Assessment ◽

Cognitive Processing Therapy ◽

Specific Information ◽

Implementation Study ◽

Health Administration ◽

Critical Skills ◽

Core Concepts ◽

User Groups

Abstract Cognitive processing therapy (CPT) has been endorsed as an evidence-based therapy for PTSD. It is currently being implemented within the Veterans Health Administration (VA) as a manualized, trauma-focused psychotherapy in line with recommendations from the most recent VA/DOD Clinical Practice Guideline for the management of PTSD. While research on CPT implementation has focused on individual factors that facilitate or hinder adoption, little is known on whether trainees retain core concepts of CPT. The present research addresses this gap in the literature by conducting a validation study of the Knowledge Assessment of CPT Critical Skills (KACCS) Scale among known user groups of CPT (no experience, immediate user, expert user) and, subsequently, an implementation study of the KACCS Scale among clinician trainees participating in an online CPT training. The validation study found that the KACCS Scale can discriminate among various CPT user groups (no experience, intermediate, expert), while the implementation study found that the KACCS Scale provides specific information on core concepts that have been learned at the end of training. The KACCS Scale could benefit from further validation studies and, subsequently, be added to the current CPT instrumentation to monitor learning and retention of core concepts at various training periods (initial workshop, consultation, booster workshop).

Download Full-text

OP79 Experimenting HTAi Patient Group Submission Template To Involve Patients

International Journal of Technology Assessment in Health Care ◽

10.1017/s0266462317001593 ◽

2017 ◽

Vol 33 (S1) ◽

pp. 37-38

Author(s):

Alessandra Lo Scalzo ◽

Anna Maria Vincenza Amicosante ◽

Francesca Gillespie ◽

Emilio Chiarolla ◽

Tom Jefferson ◽

...

Keyword(s):

Health Technology Assessment ◽

Patient Group ◽

Technology Assessment ◽

Information Needs ◽

Public Involvement ◽

Geographical Location ◽

Health Technology ◽

Specific Information ◽

Self Administration ◽

Umbrella Organization

INTRODUCTION:The Health Technology Assessment International (HTAi) community recognises the importance of including patients’ views from published research and systematically obtaining input from patient organizations (POs). The HTAi's Patients and Public Involvement Subgroup has elaborated the Patient Group Submission Template for HTA (HTA Template) to facilitate the collection of evidence from patients via POs involvement. In 2015 AGENAS outlined a procedure to involve POs and tested the HTA Template within a Health Technology Assessment (HTA) report on dialysis.METHODS:The HTAi template was translated into Italian and adapted to the HTA report's specific information needs: to understand patients’ experiences with different dialysis modalities and any delivery problems at the regional level. Some questions were reformulated, others were cut and two different versions of the template were used. One was tailored to POs representatives and the other to individual patients selected with a purposive sampling procedure. We provided the HTA Template to POs appointed by an umbrella organization, Cittadinanzattiva, for their input and to identify other relevant POs to be involved. We identified a list of four associations, based on geographical location and typology of patients. Each POs representative completed the first template and administered the second one to, at least one patient for each five dialysis modalities. AGENAS staff provided support on a cascade basis POs collected and returned all templates.RESULTS:Researchers performed a thematic analysis of the answers received and this input was introduced in the HTA report within the chapter on Patients Aspects. Patients’ experiences closely corresponded to the ones in our qualitative literature's systematic review. However, PO representatives templates revealed an important problem of equity in access to different dialysis modalities across regions that we highlighted in the HTA report's recommendations.CONCLUSIONS:One of the template's limitations was related to self-administration. In some cases, a lack of familiarity with communicating one's views in writing may have affected the survey's informative power. This pilot also demonstrated the need for a more inclusive involvement procedure, as some important POs were not initially represented by the umbrella organization.

Download Full-text