ICT Systems Security and Privacy Protection

The Domain Name System (DNS) is an essential infrastructure service on the internet. It provides a worldwide mapping between easily memorizable domain names and numerical IP addresses. Today, legitimate users and malicious applications use this service to locate content on the internet. Yet botnets increasingly rely on DNS to connect to their command and control servers. A widespread approach to detect bot infections inside corporate networks is to inspect DNS traffic using domain C&C blacklists. These are built using a wide range of techniques including passive DNS analysis, malware sandboxing and web content filtering. Using DNS to detect botnets is still an error-prone process; and current blacklist generation algorithms often add innocuous domains that lead to a large number of false positives during detection. This paper presents a new system called Mentor. It implements a scalable, positive DNS reputation system that automatically removes benign entries within a blacklist of botnet C&C domains. Mentor embeds a crawler system that collects statistical features about a suspect domain name, including both web content and DNS properties. It applies supervised learning to a labeled set of known benign and malicious domain names, using its features set in order to build a DNS pruning model. It further processes domain blacklists using this model in order to skim-off benign domains and keep only true malicious domains for detection. We tested our system against a wide set of public botnet blacklists. Experimental results prove the ability of this system to efficiently detect and remove benign domain names with a very low false positives rate.

[1]  Hartmut König,et al.  A survey of video encryption algorithms , 2010, Comput. Secur..

[2]  G. Armstrong,et al.  The Maximum Surveillance Society: The Rise of CCTV , 1999 .

[3]  A. Cavallaro Privacy in Video Surveillance , 2007 .

[4]  Patrick Pérez,et al.  Object removal by exemplar-based inpainting , 2003, 2003 IEEE Computer Society Conference on Computer Vision and Pattern Recognition, 2003. Proceedings..

[5]  Sarah Rothstein,et al.  Digital Video An Introduction To Mpeg 2 , 2016 .

[6]  Jin Wang,et al.  A Novel Texture Synthesis Based Algorithm for Object Removal in Photographs , 2004, ASIAN.

[7]  Noboru Babaguchi,et al.  Privacy protecting visual processing for secure video surveillance , 2008, 2008 15th IEEE International Conference on Image Processing.

[8]  Borko Furht,et al.  Digital Video Encryption Algorithms Based on Correlation-Preserving Permutations , 2007, EURASIP J. Inf. Secur..

[9]  T.E. Boult,et al.  PICO: Privacy through Invertible Cryptographic Obscuration , 2005, Computer Vision for Interactive and Intelligent Environment (CVIIE'05).

[10]  Peter Schartner,et al.  Video Surveillance: A Distributed Approach to Protect Privacy , 2005, Communications and Multimedia Security.

[11]  Patrick Pérez,et al.  Region filling and object removal by exemplar-based image inpainting , 2004, IEEE Transactions on Image Processing.

[12]  Bernhard Rinner,et al.  Securing Embedded Smart Cameras with Trusted Computing , 2011, EURASIP J. Wirel. Commun. Netw..

[13]  Tomoji Toriyama,et al.  Factors on the sense of privacy in video surveillance , 2006, CARPE '06.

[14]  Alfredo De Santis,et al.  Towards a Lawfully Secure and Privacy Preserving Video Surveillance System , 2010, EC-Web.

[15]  Jianping Fan,et al.  Access control, confidentiality and privacy for video surveillance databases , 2006, SACMAT '06.

[16]  D. Brin The Transparent Society: Will Technology Force Us to Choose Between Privacy and Freedom? , 1998 .

[17]  Mohan S. Kankanhalli,et al.  Privacy aware publication of surveillance video , 2013, Int. J. Trust. Manag. Comput. Commun..

[18]  Touradj Ebrahimi,et al.  Scrambling for Privacy Protection in Video Surveillance Systems , 2008, IEEE Transactions on Circuits and Systems for Video Technology.

[19]  Arun Hampapur Smart Video Surveillance for Proactive Security [In the Spotlight] , 2008, IEEE Signal Processing Magazine.

[20]  Shih-Fu Chang,et al.  A robust content based digital signature for image authentication , 1996, Proceedings of 3rd IEEE International Conference on Image Processing.

[21]  Hartmut König,et al.  Puzzle - A Novel Video Encryption Algorithm , 2005, Communications and Multimedia Security.

[22]  Sharath Pankanti,et al.  Enabling video privacy through computer vision , 2005, IEEE Security & Privacy Magazine.

[23]  Qi Tian,et al.  A Secure and Robust Authentication Scheme for Video Transcoding , 2006, IEEE Transactions on Circuits and Systems for Video Technology.

[24]  Leon Pan A Web-based Multilayer Access Control Model for Multimedia Applications in MPEG-7 , 2007, Int. J. Netw. Secur..

[25]  Hari Kalva,et al.  Compression independent object encryption for ensuring privacy in video surveillance , 2008, 2008 IEEE International Conference on Multimedia and Expo.

[26]  Yuliang Zheng,et al.  Communication protection in IP-based video surveillance systems , 2005, Seventh IEEE International Symposium on Multimedia (ISM'05).

[27]  Ahmet M. Eskicioglu,et al.  Selective Encryption of Multimedia Content in Distribution Networks: Challenges and New Directions , 2003 .

[28]  Elisa Bertino,et al.  An access control model for video database systems , 2000, CIKM '00.

[29]  Jianping Fan,et al.  A hierarchical access control model for video database systems , 2003, TOIS.

[30]  Svetha Venkatesh,et al.  Dynamic Privacy in Public Surveillance , 2009, Computer.

[31]  Larry S. Davis,et al.  W4: Real-Time Surveillance of People and Their Activities , 2000, IEEE Trans. Pattern Anal. Mach. Intell..

[32]  Bernhard Rinner,et al.  TrustCAM: Security and Privacy-Protection for an Embedded Smart Camera Based on Trusted Computing , 2010, 2010 7th IEEE International Conference on Advanced Video and Signal Based Surveillance.

[33]  Bernhard Rinner,et al.  A systematic approach towards user-centric privacy and security for smart camera networks , 2010, ICDSC '10.

[34]  Mohan S. Kankanhalli,et al.  A scalable signature scheme for video authentication , 2006, Multimedia Tools and Applications.