- Email: [email protected]
Research review
research review
Research review Berni Dwan Berni Dwan examines research in product push attacks, Internet data integrity and a collaborative research consortium in the Northern Hemisphere
Internet data integrity Just consider for a moment how we increasingly place our blind trust in the veracity of the content of websites, especially government websites, but also financial institutions, colleges, airlines and medical sites. Imagine the mayhem at airports if some had managed to tamper with bookings and flight schedules! It is not beyond the bounds of possibility that hackers could break into these online databases, make illegal changes, remove information and generally tamper with the data. How do you know that a piece of information you get from the Internet is true, especially if it comes from disparate sources? Data integrity can be problematic when integrating and organizing information from many sources, and researchers at University of California, Davis describe efficient mechanisms that enable a group of data owners to contribute data sets to an untrusted thirdparty publisher, who then answers users' queries. It's called the TruthSayer project, developed by Premkumar Devanbu, Michael Gertz, Charles Martell and Phil Rogaway at UC Davis and independent consultant Stuart Stubblebine, and it's funded by the National Science Foundation. "We aim to reduce the trust required of the publisher of large, infrequently updated databases. To do this, we separate the roles of owner and publisher. With a few trusted digital signatures on the part of the owner, an untrusted publisher can use techniques based on Merkle hash trees, to provide authenticity and non-repudiation of the answer to a database query. We do not require a
key to be held in an online system, thus reducing the impact of system penetrations. By allowing untrusted publishers, our solution moves towards more scalable publication of large databases", says the researchers. This means that if a hacker did break in, any tampering would be detected and the information would not be used, the main benefit being that you don't have to be so concerned about protecting your website from hackers. Here's how it works. The original database is kept on a "trusted" computer, which is not connected to the Internet. Copies of the database are given out to other computers, which publish it on the Internet, along with a digital signature from the trusted computer. When a user queries an online database, not only does it return an answer, it also returns a "proof" guaranteeing that the answer has come from the correct database. Both pieces of information (answer and proof ) should give the original signature. That is, unless the database has been tampered with, in which case the proof will be wrong. Each owner gets proof from the publisher that their data is properly represented, and each user gets proof that the answer given to them is correct, giving confidence to both parties. They show that a group of data owners can efficiently certify that an untrusted third party publisher has computed the correct digest of the owners' collected data sets. Users can then verify that the answers they get from the publisher are the same as a fully trusted publisher would provide, or detect if they are not.
More information • Certifying Data from Multiple Sources, G. Nuckolls, C. Martel, S. Stubblebine. Proceedings of the 17th IFIP WG 11.3 Working Conference on Database and Applications Security, 2003. • http://truthsayer.cs.ucdavis.edu/ index.html Contact: Glen Nuckolls, email [email protected]. edu.
Product push attacks Guenole Silvestre, Neil Hurley and Michael O'Mahony of the Department of Computer Science, University College Dublin are examining an important aspect of computer security that affects the millions of people who engage in online commerce every day. It's not viruses, spam, hacking, spoofing, eliciting personal details or any of those over publicised misdemeanours, it's product push, or product nuke attacks. They examine this in the context of automatic personalisation of the Web in E-commerce. Personalisation techniques, which enable websites to adapt to customers needs, and recommender systems, that help customers to find products that best meet their needs. While recommender systems are undeniably useful to customers - the questions are, are they secure? Or do they represent a threat to customers and companies alike? Collaborative filtering enables customers to make informed choices based upon the opinions of other, like-minded, customers. The basic principle employed is that customers who agreed or disagreed on past products are likely to agree or disagree on future products. The UCD researchers have shown that it is possible for malicious users to manipulate the output of Automated Collaborative Filtering systems by inserting speciallytailored attack profiles into the dataset. In product push attacks, predictions are promoted for targeted items. For
17
research review example, an author who wishes to increase sales might force a recommender system to output artificially high ratings for his work. Attacks are implemented by creating and inserting attack user profiles into the system through the normal user interface. If attack profiles are to influence predictions, they need to be similar to as many genuine users in the database as possible, explain the UCD researchers. "In our work, we have simulated attacks on realworld systems and have demonstrated that such systems are indeed vulnerable. We are investigating techniques to prevent against attack and have proposed a set of solutions - thereby helping to ensure the accuracy and integrity of E-commerce recommender systems." In some cases, attacks may be costly to perform if, for example, the input of data requires that you buy something. "However, if a system permits data entry without a purchase, then the effort required to mount an attack is not significant. Hence, it is important to also understand how biased noise, entered with a specific motive in mind, can affect the performance of the system. Our recent work has shown that collaborative filtering is vulnerable to a biased noise attack and that, with the addition of relatively small amounts of data, significant changes in system output can be achieved", explain the researchers. "Security is a major concern for all Internet systems and applications, and yet, thus far, it seems little consideration has been given to the security of recommender systems. Even if one assumes that a system's database and recommendation algorithms are secure against attack, recommender systems remain vulnerable given the very manner in which they operate. Since it is practically impossible to assess the integrity of those who use a system (especially true for on-line systems), there is nothing to prevent users from inputting false data into the system", conclude the researchers. The will be presenting their latest findings at the 5th ACM
18
Conference on Electronic Commerce (EC'04) in May. Contact: Guenole Silvestre, email: guenole.silvestre @ihl.ucd.ie Michael O'Mahony, email: [email protected]
Finnish Information Security Consortium (FISC) The objective of the Finnish Information Security Consortium (FISC) is to enhance research, education and co-operation of information security, and one of the methods of achieving this is by connecting information security researchers, teachers and institutions. Internet pages, expertise sharing and email lists are also utilised for enhanced co-operation. In the first phase the consortium consisted mainly of researcher’s and organisations associated with information security research. This was followed by the creation of a network of co-operation that promotes research and security of electronic commerce, to which companies were invited. The aim of the co-operation network is to improve information security, promote development of security innovations and services, promote knowledge of security and lessen common misconceptions. The rational behind the consortium is explained on their Web site. “Information security is an inherent part of electronic commerce. After the first enthusiasm of electronic commerce people have awoken to reflect the reasons for the failures. Besides logical reasons security solutions and infrastructures have been immature. It is important to notice that information security solutions have often been insufficient from a user’s or an organization’s point of view. For example, rapidly spreading computer worms have demonstrated security shortages. Current information networks and systems are complex but also vulnerable because of lack of fundamental security
design. Our understanding is that security can be achieved most efficiently when security is part of design as early as possible. Typically information security solutions patch some known deficiencies but the basic design of information systems is left vulnerable. Furthermore, information security research and education are incoherent.” The co-operation network is an important part of the overall plan, creating as it does the consortium, which promotes education and virtual teaching of information security. Here are some of the organisations involved. The Institute for Legal Informatics of the Faculty of Law, University of Lapland, is participating in an Educational Multimedia Project ENLIST1 with several other European Universities and the Commission of the European Communities DG XIII. The project aims to establish a network of major European research centres in information technology law and applications. This network will enable scarce teaching resources to be accessed via Web sites. Other participants in this project include: • Centre for Law, Computers and Technology, University of Strathclyde, U.K • Centre de Recherches Informatique et Droit, Facultés Universitaires Notre-Dame de la Paix de Namur, Belgium • Norwegian Research Centre for Computers and Law (NRCCL), University of Oslo, Norway • Institut fur Rechtsinformatik, University of Hannover, Germany • Centre for Commercial Law Studies, Queen Mary Westfield, London, UK • Context, London, U.K • Oulu University Secure Programming Group (OUSPG). More Information: www.itlaw.strath.ac.uk/ENLIST www.urova.fi/home/oiffi/index.asp www.stakes.fi/english/
Research review Berni Dwan Berni Dwan examines research in product push attacks, Internet data integrity and a collaborative research consortium in the Northern Hemisphere
Internet data integrity Just consider for a moment how we increasingly place our blind trust in the veracity of the content of websites, especially government websites, but also financial institutions, colleges, airlines and medical sites. Imagine the mayhem at airports if some had managed to tamper with bookings and flight schedules! It is not beyond the bounds of possibility that hackers could break into these online databases, make illegal changes, remove information and generally tamper with the data. How do you know that a piece of information you get from the Internet is true, especially if it comes from disparate sources? Data integrity can be problematic when integrating and organizing information from many sources, and researchers at University of California, Davis describe efficient mechanisms that enable a group of data owners to contribute data sets to an untrusted thirdparty publisher, who then answers users' queries. It's called the TruthSayer project, developed by Premkumar Devanbu, Michael Gertz, Charles Martell and Phil Rogaway at UC Davis and independent consultant Stuart Stubblebine, and it's funded by the National Science Foundation. "We aim to reduce the trust required of the publisher of large, infrequently updated databases. To do this, we separate the roles of owner and publisher. With a few trusted digital signatures on the part of the owner, an untrusted publisher can use techniques based on Merkle hash trees, to provide authenticity and non-repudiation of the answer to a database query. We do not require a
key to be held in an online system, thus reducing the impact of system penetrations. By allowing untrusted publishers, our solution moves towards more scalable publication of large databases", says the researchers. This means that if a hacker did break in, any tampering would be detected and the information would not be used, the main benefit being that you don't have to be so concerned about protecting your website from hackers. Here's how it works. The original database is kept on a "trusted" computer, which is not connected to the Internet. Copies of the database are given out to other computers, which publish it on the Internet, along with a digital signature from the trusted computer. When a user queries an online database, not only does it return an answer, it also returns a "proof" guaranteeing that the answer has come from the correct database. Both pieces of information (answer and proof ) should give the original signature. That is, unless the database has been tampered with, in which case the proof will be wrong. Each owner gets proof from the publisher that their data is properly represented, and each user gets proof that the answer given to them is correct, giving confidence to both parties. They show that a group of data owners can efficiently certify that an untrusted third party publisher has computed the correct digest of the owners' collected data sets. Users can then verify that the answers they get from the publisher are the same as a fully trusted publisher would provide, or detect if they are not.
More information • Certifying Data from Multiple Sources, G. Nuckolls, C. Martel, S. Stubblebine. Proceedings of the 17th IFIP WG 11.3 Working Conference on Database and Applications Security, 2003. • http://truthsayer.cs.ucdavis.edu/ index.html Contact: Glen Nuckolls, email [email protected]. edu.
Product push attacks Guenole Silvestre, Neil Hurley and Michael O'Mahony of the Department of Computer Science, University College Dublin are examining an important aspect of computer security that affects the millions of people who engage in online commerce every day. It's not viruses, spam, hacking, spoofing, eliciting personal details or any of those over publicised misdemeanours, it's product push, or product nuke attacks. They examine this in the context of automatic personalisation of the Web in E-commerce. Personalisation techniques, which enable websites to adapt to customers needs, and recommender systems, that help customers to find products that best meet their needs. While recommender systems are undeniably useful to customers - the questions are, are they secure? Or do they represent a threat to customers and companies alike? Collaborative filtering enables customers to make informed choices based upon the opinions of other, like-minded, customers. The basic principle employed is that customers who agreed or disagreed on past products are likely to agree or disagree on future products. The UCD researchers have shown that it is possible for malicious users to manipulate the output of Automated Collaborative Filtering systems by inserting speciallytailored attack profiles into the dataset. In product push attacks, predictions are promoted for targeted items. For
17
research review example, an author who wishes to increase sales might force a recommender system to output artificially high ratings for his work. Attacks are implemented by creating and inserting attack user profiles into the system through the normal user interface. If attack profiles are to influence predictions, they need to be similar to as many genuine users in the database as possible, explain the UCD researchers. "In our work, we have simulated attacks on realworld systems and have demonstrated that such systems are indeed vulnerable. We are investigating techniques to prevent against attack and have proposed a set of solutions - thereby helping to ensure the accuracy and integrity of E-commerce recommender systems." In some cases, attacks may be costly to perform if, for example, the input of data requires that you buy something. "However, if a system permits data entry without a purchase, then the effort required to mount an attack is not significant. Hence, it is important to also understand how biased noise, entered with a specific motive in mind, can affect the performance of the system. Our recent work has shown that collaborative filtering is vulnerable to a biased noise attack and that, with the addition of relatively small amounts of data, significant changes in system output can be achieved", explain the researchers. "Security is a major concern for all Internet systems and applications, and yet, thus far, it seems little consideration has been given to the security of recommender systems. Even if one assumes that a system's database and recommendation algorithms are secure against attack, recommender systems remain vulnerable given the very manner in which they operate. Since it is practically impossible to assess the integrity of those who use a system (especially true for on-line systems), there is nothing to prevent users from inputting false data into the system", conclude the researchers. The will be presenting their latest findings at the 5th ACM
18
Conference on Electronic Commerce (EC'04) in May. Contact: Guenole Silvestre, email: guenole.silvestre @ihl.ucd.ie Michael O'Mahony, email: [email protected]
Finnish Information Security Consortium (FISC) The objective of the Finnish Information Security Consortium (FISC) is to enhance research, education and co-operation of information security, and one of the methods of achieving this is by connecting information security researchers, teachers and institutions. Internet pages, expertise sharing and email lists are also utilised for enhanced co-operation. In the first phase the consortium consisted mainly of researcher’s and organisations associated with information security research. This was followed by the creation of a network of co-operation that promotes research and security of electronic commerce, to which companies were invited. The aim of the co-operation network is to improve information security, promote development of security innovations and services, promote knowledge of security and lessen common misconceptions. The rational behind the consortium is explained on their Web site. “Information security is an inherent part of electronic commerce. After the first enthusiasm of electronic commerce people have awoken to reflect the reasons for the failures. Besides logical reasons security solutions and infrastructures have been immature. It is important to notice that information security solutions have often been insufficient from a user’s or an organization’s point of view. For example, rapidly spreading computer worms have demonstrated security shortages. Current information networks and systems are complex but also vulnerable because of lack of fundamental security
design. Our understanding is that security can be achieved most efficiently when security is part of design as early as possible. Typically information security solutions patch some known deficiencies but the basic design of information systems is left vulnerable. Furthermore, information security research and education are incoherent.” The co-operation network is an important part of the overall plan, creating as it does the consortium, which promotes education and virtual teaching of information security. Here are some of the organisations involved. The Institute for Legal Informatics of the Faculty of Law, University of Lapland, is participating in an Educational Multimedia Project ENLIST1 with several other European Universities and the Commission of the European Communities DG XIII. The project aims to establish a network of major European research centres in information technology law and applications. This network will enable scarce teaching resources to be accessed via Web sites. Other participants in this project include: • Centre for Law, Computers and Technology, University of Strathclyde, U.K • Centre de Recherches Informatique et Droit, Facultés Universitaires Notre-Dame de la Paix de Namur, Belgium • Norwegian Research Centre for Computers and Law (NRCCL), University of Oslo, Norway • Institut fur Rechtsinformatik, University of Hannover, Germany • Centre for Commercial Law Studies, Queen Mary Westfield, London, UK • Context, London, U.K • Oulu University Secure Programming Group (OUSPG). More Information: www.itlaw.strath.ac.uk/ENLIST www.urova.fi/home/oiffi/index.asp www.stakes.fi/english/