Schloss Dagstuhl - Leibniz-Zentrum für Informatik GmbH Schloss Dagstuhl - Leibniz-Zentrum für Informatik GmbH scholarly article en Pu, Calton License: Creative Commons Attribution 4.0 license (CC BY 4.0)
when quoting this document, please refer to the following
URN: urn:nbn:de:0030-drops-11473

Denial of Information Attacks in Event Processing



It is a common assumption in event processing that the events are "clean", i.e., they come from well-behaved and trustworthy sources. Some researchers have studied uncertain event streams [Mok et al, RTCSA’06], but few have considered malicious event sources. In the real world, event sources from open environments (e.g., large scale sensor networks and Internet) can be influenced by adversaries injecting misleading or noise data. This has happened to all media that have become valuable in open environments. Spammers have been active with email spam, web spam, blog spam, spam over VoIP, and fake profiles in social networks. We call this automated injection of false or noise fabricated events "Denial of Information" (DOI) attacks. The automated nature of DOI attacks makes it inexpensive and easy to implement.

DOI attacks introduce some fundamental research challenges. For example, consider a set of audio sensors for detection of activities through sound. If half of the sensors report sound and the other half are silent, it is difficult to decide whether the silent one are reporting real phenomena (with the sound purposefully produced by the adversary) or the noisy ones are reporting real phenomena (assuming the silent ones have been incapacitated). This problem is often called Deceptive Information Detection. Furthermore, DOI attacks are different from typical information security problems (e.g., multi-level security) is the "arms race" between DOI attacks and defenses. This can be illustrated with the co-evolution of spam messages and automated email filters employed by spam victims. The evolution of email spam (with randomized camouflaged content and image spam) is a good example. This problem is usually called Adversarial Learning.

Robust event processing of the future must be able to tolerate and resist DOI attacks, by introducing techniques and tools that can counter DOI attacks in areas such as Deceptive Information Detection and Adversarial Learning. We discuss some progress made in specific applications such as email to illustrate the difficulty of these challenges and some promising approaches.

BibTeX - Entry

  author =	{Pu, Calton},
  title =	{{Denial of Information Attacks in Event Processing}},
  booktitle =	{Event Processing},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2007},
  volume =	{7191},
  editor =	{Mani Chandy and Opher Etzion and Rainer von Ammon},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{},
  URN =		{urn:nbn:de:0030-drops-11473},
  doi =		{10.4230/DagSemProc.07191.5},
  annote =	{Keywords: Denial of information, information security, adversarial learning, deceptive information detection}

Keywords: Denial of information, information security, adversarial learning, deceptive information detection
Seminar: 07191 - Event Processing
Issue date: 2007
Date of publication: 27.09.2007

DROPS-Home | Fulltext Search | Imprint | Privacy Published by LZI