Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Alexandros Papanikolaou PROmis
1. PROMIS - a PROactive
Malware Identification
System
Vasileios Vlachos
Alexandros Papanikolaou
Fotis Liatsis
2. Crowdsourcing
crowd·sourc·ing:
to utilize (labor, information, etc.) contributed by the general public
to (a project), often via the Internet and without compensation
Can you guess the exact weight of an ox
…or
the exact number of the beans in a jar
3. Crowdsourcing
Probably none of us could do it right
...but all of us together is another story…
Crowdsourcing uses the collective wisdom of the
crowds as it collects large amounts of information
and aggregates it to gain a complete and
accurate picture of a topic, based on the idea that
a group of people is often more intelligent than an
individual Photo (CC-BY) James Cridland.
4. Crowdsourcing
C’mon be serious, who cares about oxen
and coffee beans in jars ?
Apparently the USS Navy (Dr John Craven was
appointed with a group of scientists) to locate the
missing USS Scorpion in the Ocean
…as well its two nuclear torpedoes.
Bow section of the sunken Scorpion containing two nuclear
torpedoes on the sea floor. US Navy photo.
5. Crowdsourcing
Yeah but that was old time ago
๏ DARPA Network Challenge 2009
Ten red balloons were released in various places in the US and the
participants had to get the exact coordinates of the ballons.
๏ Tag Challenge, funded by the US State
Department 2012
Three out 5 individuals in 5 different cities were identified
and found from volunteers using crowdsourcing
New York
Washington DC
Bratislava
Stockholm
6. The Problem: Computer
viruses… and worms
A computer worm is a standalone malware computer program that replicates itself
in order to spread to other computers. Often, it uses a computer network to
spread itself
Code Red 12h Slammmer 10m
7. Computer Viruses
The lifecycle of an antivirus signature
1. Collect a suspicious file
2. Analyze the suspicious code
3. Create a virus signature
4. Test the signature to avoid identifying legitimate
applications as malware
5. Push the update to the software clients
How much time do we need to complete the above steps?
8. PROMIS - a PROactive Malware
Identification System
๏ PROMIS is an Early Warning System for rapidly-spreading
computer viruses
๏ PROMIS is a small software application which transform a
PC in to a sensor
๏ PROMIS needs only to have access to the log file of the
security applications (Firewall and AntiVirus), no sensitive
data are even read
๏ PROMIS combines the basic concepts of crowdsourcing,
biodiversity with epidemiology and public health (after
all computer viruses have striking similarities with biological
viruses)
๏ PROMIS act preactively in order to protect against
unknown threats and buys some time to user and AV
vendors to provide signatures, patches and updates
9. The Question: Biodiversity vs
Monocultures
๏ Monoculture is the agricultural practice of producing or growing a
single crop or plant species over a wide area and for a large number of
consecutive years. In the field of computer science, monoculture is a
community of computers that all run identical software. All the
computer systems in the community have the same vulnerabilities,
and, like agricultural monocultures, are subject to catastrophic failure in
the event of a successful attack.
๏ This concept is significant when discussing computer security and
viruses. In particular, Dan Geer has argued that Microsoft is a
monoculture, since a majority of the overall number of computers
connected to the Internet are workstations and servers running
versions of the Microsoft Windows operating system, many of which
are vulnerable to the same attacks. Biodiversity on the hand utilizes
different software and hardware architectures provides us with
significant and useful information
๏ Monocultures can lead to the quicker spread of diseases
but
๏ also keep costs down (economies of scale, standardization etc)
10. The Problem: Computer
Viruses
If a system isn’t vulnerable then the virus / worm attack is
recorded in the Antivirus / Firewall Log File
An increase in the rate of attacks might indicate
๏ Technical malfunctioning
๏ A targeted attack
๏ A virus epidemic
11. PROMIS - a PROactive Malware Identification
System
Locally intercepted
PROactive malicious activity
k
åh n
i
Malware htn - i= t- k
ptn = k
k
Identification åh n
i
i= t- k
k
System
Estimation of Internet threa
level
n
åP t
i
pavg = i=1
n
12. PROMIS - a PROactive Malware
Identification System
13. PROMIS - Countermeasures
If the threat level exceeds a pre-defined threshold
autonomously increase or decrease the security level by
• Activating / deactivating useful but not critical services
• Increase / decrease the security client of the browser /
e-mail client
• Enable / disable types of content which are known
infection vectors (Flash, Java, VBA, javascript etc)
Instead of trying to create vaccines (signatures) for any
new unknown computer virus we follow simple public
health approaches. Take some basic precautions until the
storm weather out (and or a cure or a vaccine is
ready)…just like the flow
14. Proof of concept prototypes I
Java 1.4
JXTA 1.1
NetBiotic Windows XP
Linux
Outwit tools
15. Proof of concept prototypes II
Windows XP SP1
MSP2P API
C#, C++
MSPROMIS ICF
Outwit tools
16. Simulation
The simulator works fine (output close to the analytical
solution) as well some other software tools that we have
built
18. Conclusions
What do we need from you?
Your feedback, as well as your help to increase
our project’s visibility, because in order to build a
crowdsourcing application you know we need….a
crowd !
Your ideas about a possible business plan to
facilitate the development and support of the
platform for sufficient time to attract adequate
users
19. Summary
Some publications so no patents at all, sorry!
๏ Vasileios Vlachos, and Diomidis Spinellis, A PRoactive Malware Identification System based
on the Computer Hygiene Principles, Information Management & Computer Security,
15(4):295–312, 2007. (doi:10.1108/09685220710817815)
๏ Vasileios Vlachos, Stefanos Androutsellis-Theotokis and Diomidis Spinellis, Security
Applications of Peer-to-peer Networks, Computer Networks (Elsevier Science), Volume 45,
Issue 2, pp 195-205, June 2004. (doi:10.1016/j.comnet.2004.01.002)
๏ Vasileios Vlachos, Andreas Raptis, and Diomidis Spinellis PROMISing steps towards
computer hygiene.", In Steven Furnell, editor, International Network Conference (INC2006),
pages 229-236, July 2006, Plymouth, UK.
Is the outcome of the PhD work of the 1st member under the supervision of Professor Diomidis
Spinellis
๏ PhD Thesis, "Security Applications of Peer to Peer Networks", Athens University of Economics and
Business (AUEB), Athens, July 2007
20. Summary
Our team:
Vasileios Vlachos Alexandros Papanikoalou
Professor of Technological Researcher Fotis Liatsis
Applications Technical University of Crete Undergraduate Student
Technological Educational Technological Educational
Institute of Larissa Institute of Larissa