Security

The Internet-of-things promises sweeping change through increased connectivity and ubiquitous integration of technology into our lives. However, as we create economies of scale for data aggregation and processing, we also create attractive targets for various adversaries. In this work we design a lightweight, probabilistic intrusion detection system, or PIDIoT. We design PIDIoT to use operational measurements from IoT devices, with lightweight hash functions and Bloom filters to perform fuzzy anomaly detection.

Spam, or unsolicited commercial communication, has evolved from telemarketing schemes to a highly sophisticated and profitable black-market business. Although many users are aware that email spam is prominent, they are less aware of blog spam (Thomason, 2007). Blog spam, also known as forum spam, is spam that is posted to a public or outward facing website. Blog spam can be to accomplish many tasks that email spam is used for like posting links to a malicious executable.

As any veteran of the editor wars can attest, Unix users can be fiercely and irrationally attached to the commands they use and the manner in which they use them. In this work, we investigate the problem of identifying users out of a large set of candidates (25-97) through their command-line histories. Using standard algorithms and feature sets inspired by natural language authorship attribution literature, we demonstrate conclusively that individual users can be identified with a high degree of accuracy through their command-line behavior.