The current Internet infrastructure has very few built-in protection mechanisms, and is therefore vulnerable to attacks and failures. In particular, recent events have illustrated the Internet's vulnerability to both denial of service (DoS) attacks and flash crowds in which one or more links in the network (or servers at the edge of the network) become severely congested. In both DoS attacks and flash crowds the congestion is due neither to a single flow, nor to a general increase in traffic, but to a well-defined subset of the traffic -an aggregate. This paper proposes mechanisms for detecting and controlling such high bandwidth aggregates. Our design involves both a local mechanism for detecting and controlling an aggregate at a single router, and a cooperative pushback mechanism in which a router can ask upstream routers to control an aggregate. The presentation in this paper is a first step towards a more rigorous evaluation of these mechanisms. While certainly not a panacea, these mechanisms could provide some needed relief from flash crowds and flooding-style DoS attacks.
Abstract. We present a reputation scheme for a pseudonymous peer-to-peer (P2P) system in an anonymous network. Misbehavior is one of the biggest problems in pseudonymous P2P systems, where there is little incentive for proper behavior. In our scheme, using ecash for reputation points, the reputation of each user is closely related to his real identity rather than to his current pseudonym. Thus, our scheme allows an honest user to switch to a new pseudonym keeping his good reputation, while hindering a malicious user from erasing his trail of evil deeds with a new pseudonym.
Abstract-Access control policies are notoriously difficult to configure correctly, even people who are professionally trained system administrators experience difficulty with the task. With the increasing popularity of online social networks (OSN) users of all levels are sharing an unprecedented amount of personal information on the Internet. Most OSNs give users the ability to specify what they share with whom, but the difficulty of the task raises the question of whether users' privacy settings match their sharing intentions. We present the results of a study that measures sharing intentions to identify potential violations in users' real Facebook privacy settings. Our results indicate a serious mismatch between intentions and reality: every one of the 65 participants in our study had at least one confirmed sharing violation. In other words, OSN users' are unable to correctly manage their privacy settings. Furthermore, a majority of users cannot or will not fix such errors.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.