Note-10

Note-10 - IMPORTANT DATES CSE 467/598 Data and Information...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
CSE 467/598 Data and Information Security Prof. Gail-Joon Ahn IMPORTANT DATES ! Project: ! Phase I: 11:59PM, February 22, 2011 ! Exam #1 (Midterm): Mar 8, 2011 ! Spring Break: Mar 15 & 17, 2011 (no class) ! Class Presentation : April19, 21, 26, and 28, 2011 (paper report due) ! Exam #2 (Final): May 10, 2011 (12:00PM – 2:00 PM) 2 Cyber Gazette ! IPv6 could help bots churn out more spam The global spam volume is down due to the success of blacklisting IP addresses , but, according to a malware expert , IPv6 adoption may cause problems for Internet service providers using IP blacklisting for antispam measures. IP blacklisting is a common but limited approach to weeding out spambots because cybercriminals can cycle through new IP addresses in hours. Cybercriminals can also hijack known good IP addresses, such as a stolen webmail account, to bypass blacklisting efforts and causing issues for webmail providers. The Internet Engineering Task Force (IETF) is supporting the move to IPv6, which will lengthen IP addresses from 32 bits to 128 bits, because the Internet is running out of the shorter IP addresses. The IPv6 rollout could enable ISPs to take the easy approach of cycling through IPv6 addresses rather than giving users static addresses. Assigning a static IP address to users may prove too costly for ISPs or amount to more paperwork. The issue could lead to increased consumer costs. Rustock continues to be the most prominent spambot, with an estimated 250,000 machines churning out spam and malware. Rustock's strength is its stealthy way of infecting Windows PCs. It was designed as a rootkit, burying its files deep inside Windows machines. The cybercriminals behind Rustock use stealth and evasion tactics to stay under the radar. It uses encryption to disguise command-and-control orders and a technique to avoid being disconnected by network administrators. 3 Based on the slides for "Computer Security: Art and Science" 4 ACM (HRU) vs . SPM ! ACM allows revocation ! SPM has no equivalent commands to delete, destroy ! ACM allows multiparent creates ! SPM cannot express multiparent creates easily, and not at all if the parents are of different types because can create allows for only one type of creator
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Based on the slides for "Computer Security: Art and Science" 5 Extended SPM (ESPM) ! In ESPM: ! Anna, Bill type a ; ! Proxy(Jim) type p ; ! right x ! R ! cc ( a1 , a2 ) = p ! cr a1 ( a1 , a2 , p ) = cr a2 ( a1 , a2 , p ) = " ! cr p ( a1 , a2 , p ) = { a1/ x , a2/ x } ! a1 = Anna ! a2 = Bill ! p =Jim ! (the right) x = “t” cc ( a , b ) : can-create (a,b) type a can create entities of type b cr ( a , b ) tickets introduced when subject of type a creates entity of type b Based on the slides for "Computer Security: Art and Science" 6 Expressiveness ! Graph-based representation to compare models ! Graph ! Vertex: represents entity, has static type ! Edge: represents right, has static type ! Graph rewriting rules: ! Initial state operations create graph in a particular
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/09/2011 for the course CSE 497 taught by Professor Ahn during the Spring '11 term at ASU.

Page1 / 10

Note-10 - IMPORTANT DATES CSE 467/598 Data and Information...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online