Archive for September, 2008

Chris Clifton gives keynote at ACM workshop on AI and security

Sunday, September 28th, 2008

AISL researcher Chris Clifton of Purdue University will give a keynote talk at the The First ACM Workshop on AISec. This workshop is focused on bringing the AI and security research communities together to explore how AI tools and techniques can be applied to problems in information security.

Chris’ talk is titled Opportunities for Private and Secure Machine Learning and has the following abstract.

While the interplay of Artificial Intelligence and Security covers a wide variety of topics, the 2008 AISec program largely focuses on use of artificial intelligence techniques to aid with traditional security concerns: intrusion detection, security policy management, malware detection, etc. This talk will address the flip side of the issue: Using machine learning on sensitive data.

The privacy-preserving data mining literature provides numerous solutions to machine learning on sensitive data, while protecting the data from disclosure. Unfortunately, privacy has yet to provide the economic incentives for commercial development of this technology.

This talk will survey this work (and open challenges) in light of problems that may have greater incentives for development: collaborative machine learning by parties that do not fully trust each other. Opportunities include job brokerage (assigning jobs in ways that most efficiently utilize resources of competing companies), supply chain optimization, inter-agency data sharing, etc. Techniques similar to those in privacy-preserving data mining can enable such applications without the degree of information disclosure and trust currently required, providing a business model for development of the technology (and as a by-product, reducing the number of trusted systems that need to be secured.)

Feel paranoid that Google Chrome is spying on you? Apply UnChrome!

Monday, September 15th, 2008

I’ve seen the following attributed to Woody Allen:

    Question: what’s a three syllable word beginning with ‘P’ that means you think that everybody’s against you?
    Answer: perceptive.

unchromeIt’s fashionable in some circles to be paranoid about Google. If they ever do abandon their Don’t be evil informal motto then we are all in trouble. Search engines can gather a lot of information about a person’s interests. While Google is not the only search engine available, they have assembled quite an array of Web systems, including gmail, Google reader, Google groups, DoubleClick, Feedburner and many more. They would be in a good position to integrate a lot of information about a person’s behavior on the Web.

Enter Google Chrome.

If you own the browser, you can get the full range of a person’s Web activities. What worries some is that each Google Chrome installation contains a unique ID, which could be used to identify its user. The German company Abelssoft has released UnChrome as an application that effectively makes your copy of Google Chrome anonymous.

“Regarding to Google, “Google Chrome is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier”. Unfortunately, each Google Chrome installation contains a unique ID that allowing identifying its user. Google doesn’t make it an easy job to remove this ID.

UnChrome helps you with this task. It replaces your unique ID with Null values so that your browser cannot be identified any longer. The functionality of Google Chrome is not influenced by this. You only need to apply UnChrome once.”

I think this is paranoia rather than being perceptive, but just because you’re paranoid doesn’t mean they aren’t out to get you.

A-Space: a social networking site for intelligence analysts

Sunday, September 7th, 2008

Sixteen US intelligence agencies are encourage their staff to use A-Space, a new social-networking site for analysts being developed by the US Government and slated for launch on 22 September.

A-Space is an effort sponsored by the Office of the Director of National Intelligence. The Defense Intelligence Agency is managing the project with serving as the prime contractor for development.

CNN has an article, CIA, FBI push ‘Facebook for spies’, with some of the details.

“It’s a place where not only spies can meet but share data they’ve never been able to share before,” Wertheimer said. “This is going to give them for the first time a chance to think out loud, think in public amongst their peers, under the protection of an A-Space umbrella.” Wertheimer demonstrated the program to CNN to show how analysts will use it to collaborate.

“One perfect example is if Osama bin Laden comes out with a new video. How is that video obtained? Where are the very sensitive secret sources we may have to put into a context that’s not apparent to the rest of the world?” Wertheimer asked. “In the past, whoever captured that video or captured information about the video kept it in-house. It’s highly classified, because it has so very short a shelf life. That information is considered critical to our understanding.”

Material on A-Space is, of course, highly classified and compartmentalized, so there will be stringent access control procedures. To further prevent information from being inappropriately accessed or used, A-Space will employ additional mechanisms, including monitoring for anomalous access patterns.

“We’re building [a] mechanism to alert that behavior. We call that, for lack of a better term, the MasterCard, where someone is using their credit card in a way they’ve never used it before, and it alerts so that maybe that credit card has been stolen,” Wertheimer said. “Same thing here. We’re going to actually do patterns on the way people use A-Space.”

Federal Computer week also has a recent article on A-Space, A-Space set to launch this month.