Andrew G. West i Jonathan Smith van oferir xerrades al Department

Andrew G. West, del CIS Departament de la University of Pennsylvania, va oferir una xerrada el passat 13 de juny en el Departament, titolada “Securing Wiki Platforms Against Malicious Contributions”.

 

D’altra banda, el professor Jonathan Smith, també de la University of Pennsylvania, va oferir una xerrada el passat 10 de juliol, titolada “Host security, network security and cognitive radios”.

 

A continuació podeu trobar els abstracts de les xerrades.

 

ABSTRACT OF ANDREW G. WEST TALK:

As wikis become increasingly prevalent more attention is needed on the

Security properties of the platform. Wikis are a novel paradigm even relative to the Web 2.0 functionality they build upon: open editing permissions and minimal barriers-to-entry invite a diversity of attackers. Moreover, wikis' community driven nature means solutions must address both technical and social considerations. My dissertation research has identified attack vectors and use-cases against wikis (e.g., vandalism, spam, etc.), characterized their nature, and mitigated their ill effects. Using English Wikipedia as a case-study

This talk will discuss these approaches and demonstrate our software tools.

 

At ~7% of all contributions "vandalism" (blatantly unconstructive

editing) is a significant problem for Wikipedia. We first describe our metadata driven technique for vandalism detection, before detailing cooperation with reputation and NLP approaches to build a meta-classifier of increased accuracy. Our anti-vandalism efforts are integrated into "STiki", an intelligent-routing tool that

has been used to remove 100,000+ unconstructive contributions. Shifting focus to "link spam", we hoped that well-incentivized attackers would reveal more interesting vulnerabilities. While unfounded, our investigation did reveal vectors which proved viable (and controversial) in proof-of-concept experiments.

 

While vandalism and link spam are among the most prominent challenges facing wikis, they are neither the most acute or difficult to solve. Issues such as: (1) author bias, (2) liability-laden contributions (e.g., copyright violations), (3) dynamics of off-wiki environments (e.g., link rot), and (4) practical protection for smaller wikis -- have been identified but lack production-ready solutions. The talk will conclude by discussing promising research directions in these spaces.

 

ABSTRACT OF JONATHAN SMITH TALK:

This talk examines a set of topics in the constantly evolving space of

computing and communications technologies.

First, we introduce the challenge of achieving trust, to frame a discussion of security. To illustrate emerging threats, we use analysis of residual marks left on smartphone touch screens. We propose a path forward with a project (SAFE) intended to address many fundamental host security problems.

Second, as computing is increasingly distributed, network security (in

particular reliability) becomes more critical. We argue that for

networks, availability is more important (to users) than confidentiality and integrity. Availability is threatened by Distributed Denial of Service (DDoS) attacks, and we look at architectures for network self-defense in the Networks Opposing Botnets (NoBot) and NEBULA projects.

Finally, we illustrate some of the challenges faced in wireless

communication systems that comprise an increasing fraction of the

network edge, particularly in areas of high population density. We

illustrate the possibility for RF Mobility Gain and explain one

technique (LANdroids) for achieving this gain.

 

BIO:

Jonathan M. Smith is the Olga and Alberico Pompa Professor of

Engineering and Applied Science and a Professor of Computer and

Information Science at the University of Pennsylvania. He served as a

Program Manager at DARPA 2004-2006, and was awarded the OSD Medal for

Exceptional Public Service in 2006. He is an IEEE Fellow. His current

research interests range from programmable network infrastructures and

cognitive radios, to disinformation theory and architectures for

computer augmented immune response.