Article

Defending against an Internet-based attack on the physical world

Authors:

Simon Byers,

Aviel D. Rubin,

David KormannAuthors Info & Claims

WPES '02: Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society

Pages 11 - 18

https://doi.org/10.1145/644527.644529

Published: 21 November 2002 Publication History

Get Access

Abstract

We discuss the dangers that scalable Internet functionality may present to the real world, focusing on a simple yet impactful attack that we believe may occur quite soon. We offer and critique various solutions to this class of attack and hope to provide a warning to the Internet community of what is currently possible. The attack is, to some degree, a consequence of the availability of private information on the Web, and the increase in the amount of personal information that users must reveal to obtain Web services.

References

[1]

T. Aura, P. Nikander, and J. Leiwo. Dos resistant authentication with client puzzles. In Proceedings of the Cambridge Security Protocols Workshop 2000, LNCS, April 2000.]]

Digital Library

Google Scholar

[2]

S. Byers, C. Silva, and J. Freire. Imaging web databases with restricted query access, 2001.]]

Google Scholar

[3]

B. Cheswick and S. Bellovin. Firewalls and Internet Security: Repelling the Wily Hacker. Addison-Wesley Publishing Company, 1994.]]

Digital Library

Google Scholar

[4]

A. L. Coates, H. S. Baird, and R. J. Fateman. Pessimal print: a reverse Turing test. In Proceedings of the IAPR 2001 International Conference Document Analysis and Recognition (ICDAR 2001), September 2001.]]

Digital Library

Google Scholar

[5]

D. Dean and A. Stubblefield. Using client puzzles to protect tls. 10th Annual USENIX Security Symposium, 2001.]]

Digital Library

Google Scholar

[6]

N. S. Foundation. Report on the national workshop on internet voting, March 2001.]]

Google Scholar

[7]

A. Juels and J. Brainard. Client puzzles: A cryptographic defense against connection depletion attacks. In S. Kent, editor, Proceedings of NDSS 99, pages 151--165, 1999.]]

Google Scholar

[8]

M. Naor. Verification of a human in the loop or identification via the turing test, 1996.]]

Google Scholar

[9]

N. C. on Federal Election Reform. To assure pride and confidence in the electoral process, August 2001.]]

Google Scholar

[10]

M. R. P. Syverson and D. Goldschlag. Private web browsing. Journal of Computer Security, 5(3):237--248., 1997.]]

Digital Library

Google Scholar

[11]

T. H. Project, editor. Know Your Enemy: Revealing the Security Tools, Tactics, and Motives of the Blackhat Community. Addison-Wesley Publishing Company, 2002.]]

Google Scholar

[12]

M. K. Reiter and A. D. Rubin. Crowds: Anonymity for web transactions. ACM Transactions on Information System Security, 1(1), April 1998.]]

Digital Library

Google Scholar

[13]

T. D. O. P. The Debate Over Technology. Voting in the information age: The debate over technology, January 2001.]]

Google Scholar

[14]

C.-M. voting technology project. Voting: What is; what could be, July 2001.]]

Google Scholar

Cited By

View all

Rai B(2022)Patient-Controlled Mechanism Using Pseudonymization Technique for Ensuring the Security and Privacy of Electronic Health RecordsInternational Journal of Reliable and Quality E-Healthcare10.4018/IJRQEH.29707611:1(1-15)Online publication date: Jan-2022
https://doi.org/10.4018/IJRQEH.297076
Rai B(2022)Blockchain-Enabled Electronic Health Records for Healthcare 4.0International Journal of E-Health and Medical Communications10.4018/IJEHMC.30943813:4(1-13)Online publication date: 11-Aug-2022
https://doi.org/10.4018/IJEHMC.309438
Stubblebine Svan Oorschot P(2004)Addressing Online Dictionary Attacks with Login Histories and Humans-in-the-LoopFinancial Cryptography10.1007/978-3-540-27809-2_5(39-53)Online publication date: 2004
https://doi.org/10.1007/978-3-540-27809-2_5
Show More Cited By

Index Terms

Defending against an Internet-based attack on the physical world
1. Information systems
  1. Information systems applications

Recommendations

Defending against an Internet-based attack on the physical world

We discuss the dangers that scalable Internet functionality may present to the real world, focusing upon an attack that is simple, yet can have great impact, which we believe may occur quite soon. We offer and critique various solutions to this class of ...
Detecting Insider Theft of Trade Secrets

Trusted insiders who misuse their privileges to gather and steal sensitive information represent a potent threat to businesses. Applying access controls to protect sensitive information can reduce the threat but has significant limitations. Even if ...
Traceback-based Bloomfilter IPS in defending SYN flooding attack
WiCOM'09: Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing

Recently, the key of network security is turning from passive detection to active defense. However, most works focused on how fast it can detect the DDoS attack and start defence, and existing methods for differentiating DDoS attack packets, especially ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

WPES '02: Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society

November 2002

115 pages

ISBN:1581136331

DOI:10.1145/644527

General Chair:
Sushil Jajodia
George Mason University
,
Program Chair:
Pierangela Samarati
University of Milan

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 November 2002

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS02

Sponsor:

SIGSAC

CCS02: ACM Conference on Computer and Communications Security

November 21, 2002

DC, Washington

Acceptance Rates

Overall Acceptance Rate 106 of 355 submissions, 30%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
1,091
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)1

Reflects downloads up to 20 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Rai B(2022)Patient-Controlled Mechanism Using Pseudonymization Technique for Ensuring the Security and Privacy of Electronic Health RecordsInternational Journal of Reliable and Quality E-Healthcare10.4018/IJRQEH.29707611:1(1-15)Online publication date: Jan-2022
https://doi.org/10.4018/IJRQEH.297076
Rai B(2022)Blockchain-Enabled Electronic Health Records for Healthcare 4.0International Journal of E-Health and Medical Communications10.4018/IJEHMC.30943813:4(1-13)Online publication date: 11-Aug-2022
https://doi.org/10.4018/IJEHMC.309438
Stubblebine Svan Oorschot P(2004)Addressing Online Dictionary Attacks with Login Histories and Humans-in-the-LoopFinancial Cryptography10.1007/978-3-540-27809-2_5(39-53)Online publication date: 2004
https://doi.org/10.1007/978-3-540-27809-2_5
Rong CGeng Yang (2003)Honeypots in blackhat mode and its implications [computer security]Proceedings of the 8th International Scientific and Practical Conference of Students, Post-graduates and Young Scientists. Modern Technique and Technologies. MTT'2002 (Cat. No.02EX550)10.1109/PDCAT.2003.1236284(185-188)Online publication date: 2003
https://doi.org/10.1109/PDCAT.2003.1236284

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Defending against an Internet-based attack on the physical world

Detecting Insider Theft of Trade Secrets

Traceback-based Bloomfilter IPS in defending SYN flooding attack