Denial of Information Attacks in Event Processing

Author Calton Pu



PDF
Thumbnail PDF

File

DagSemProc.07191.5.pdf
  • Filesize: 163 kB
  • 7 pages

Document Identifiers

Author Details

Calton Pu

Cite AsGet BibTex

Calton Pu. Denial of Information Attacks in Event Processing. In Event Processing. Dagstuhl Seminar Proceedings, Volume 7191, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2007)
https://doi.org/10.4230/DagSemProc.07191.5

Abstract

It is a common assumption in event processing that the events are "clean", i.e., they come from well-behaved and trustworthy sources. Some researchers have studied uncertain event streams [Mok et al, RTCSA’06], but few have considered malicious event sources. In the real world, event sources from open environments (e.g., large scale sensor networks and Internet) can be influenced by adversaries injecting misleading or noise data. This has happened to all media that have become valuable in open environments. Spammers have been active with email spam, web spam, blog spam, spam over VoIP, and fake profiles in social networks. We call this automated injection of false or noise fabricated events "Denial of Information" (DOI) attacks. The automated nature of DOI attacks makes it inexpensive and easy to implement. DOI attacks introduce some fundamental research challenges. For example, consider a set of audio sensors for detection of activities through sound. If half of the sensors report sound and the other half are silent, it is difficult to decide whether the silent one are reporting real phenomena (with the sound purposefully produced by the adversary) or the noisy ones are reporting real phenomena (assuming the silent ones have been incapacitated). This problem is often called Deceptive Information Detection. Furthermore, DOI attacks are different from typical information security problems (e.g., multi-level security) is the "arms race" between DOI attacks and defenses. This can be illustrated with the co-evolution of spam messages and automated email filters employed by spam victims. The evolution of email spam (with randomized camouflaged content and image spam) is a good example. This problem is usually called Adversarial Learning. Robust event processing of the future must be able to tolerate and resist DOI attacks, by introducing techniques and tools that can counter DOI attacks in areas such as Deceptive Information Detection and Adversarial Learning. We discuss some progress made in specific applications such as email to illustrate the difficulty of these challenges and some promising approaches.
Keywords
  • Denial of information
  • information security
  • adversarial learning
  • deceptive information detection

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail