Abstract-We consider the problem of identifying obscure chat-like botnet command and control (C&C) communications, which are indistinguishable from human-human communication using traditional signature-based techniques. Existing passive-behavior-based anomaly detection techniques are limited because they either require monitoring multiple botinfected machines that belong to the same botnet or require extended monitoring times. In this paper, we explore the potential use of active botnet probing techniques in a network middlebox as a means to augment and complement existing passive botnet C&C detection strategies, especially for small botnets with obfuscated C&C content and infrequent C&C interactions. We present an algorithmic framework that uses hypothesis testing to separate botnet C&C dialogs from humanhuman conversations with desired accuracy and implement a prototype system called BotProbe. Experimental results on multiple real-world IRC bots demonstrate that our proposed active methods can successfully identify obscure and obfuscated botnet communications. A real-world user study on about one hundred participants also shows that the technique has a low false positive rate on human-human conversations. We discuss the limitations of BotProbe and hope this preliminary feasibility study on the use of active techniques in botnet research can inspire new thoughts and directions within the malware research community.
End-users are often perceived as the weakest link in information security. Because of this perception, a growing body of research and commercial activity is focused on automated approaches to security. With these approaches, security decisions are removed from the hands of the users, and are placed instead in systems themselves, or in remote services or organizations that establish policies that are automatically enforced. We contend that although security automation is potentially beneficial in theory, in practice it is not a panacea for end-user information security. A number of technical and social factors mitigate against the acceptance and efficacy of automated end-user security solutions in many cases. In this paper, we present a discussion of the inherent limitations of automating security for end-users. We then discuss a set of design guidelines for choosing whether to automate end-user security systems. We conclude with a set of research directions focused on increasing the acceptance and efficacy of security solutions for end-users.
Nonprofit organizations working with high-risk vulnerable populations such as human trafficking victims often need to engage in a significant level of interorganizational collaboration. Given the importance for nonprofits to be able to work with many different organizations, and given the importance of awareness in initiating and facilitating such collaborations, we conducted a field study to explore existing practices around coordination and awareness across a specific ecosystem of nonprofit organizations. In this paper, we provide an in-depth reflection on interorganizational issues among a cross-section of nonprofits. We identify four aspects of the interorganizational context in which these nonprofits must operate, as well as challenges they may encounter. Our goal is to illuminate first steps towards finding appropriate technological solutions for supporting coordination and awareness between these organizations so they can be more effective in accomplishing their mission.
Few areas have received more frequent scholarly attention in the business literature than leadership. However, insufficient attention had been paid to the study of leadership in a sport context. Therefore, this study examined the direct effects of transformational leadership on sport employee job satisfaction and levels of commitment (to the athletic department and athletic director). Also examined were the mediated effects of both commitment foci on the relationship between transformational leadership and job satisfaction. Participants included 325 athletic department employees in a NCAA BCS football conference. Through CFA and SEM, the direct and mediated effects of transformational leadership on sport employee commitment and job satisfaction were explored. Limited support was found for a direct effect of transformational leadership on job satisfaction. However, the results indicated support for transformational leadership directly influencing organizational- and individual-level commitment. Commitment to the athletic department also mediated the transformational leadership-job satisfaction relationship.
The development of security visualization applications must involve the user in the design process in order to create usable systems. However, it is all too easy to lose track of the user during the design and development process, even though upfront investment in extensive user requirements gathering has proven benefits. To address this challenge, we adapt a user-centered design method called personas that enables effective requirements capture for varying scopes of requirements-gathering efforts, and, when used properly, keeps the user involved at every step of the process from design to evaluation.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.