jm + via:adulau   10

'Yet another Crypto-PAn implementation for Python':
This package provides a function to anonymize IP addresses keeping their prefix consistency. This program is based on the paper "Prefix-Preserving IP Address Anonymization: Measurement-based Security Evaluation and a New Cryptography-based Scheme" written by Jun Xu, Jinliang Fan, Mostafa H. Ammar, and Sue B. Moon. The detailed explanation can be found in [Xu2002]. This package supports both IPv4 and IPv6 anonymization.

(via Alexandre Dulaunoy)
via:adulau  anonymization  ip-addresses  internet  ipv4  ipv6  security  crypto  python  crypto-pan 
4 weeks ago by jm
Trend Micro Locality Sensitive Hash
a fuzzy matching library. Given a byte stream with a minimum length
of 512 bytes, TLSH generates a hash value which can be used for similarity
comparisons. Similar objects will have similar hash values which allows for
the detection of similar objects by comparing their hash values. Note that
the byte stream should have a sufficient amount of complexity. For example,
a byte stream of identical bytes will not generate a hash value.

Paper here:

via adulau
nilsimsa  sdhash  ssdeep  locality-sensitive  hashing  algorithm  hashes  trend-micro  tlsh  hash  fuzzy-matching  via:adulau 
may 2015 by jm
Schneier on Security: Air Gaps
interesting discussion in the comments. "Patricia"'s process is particularly hair-raisingly complex, involving 3 separate machines and a multitude of VMs
air-gaps  security  networking  bruce-schneier  via:adulau 
october 2013 by jm
'Poisoning Attacks against Support Vector Machines', Battista Biggio, Blaine Nelson, Pavel Laskov
The perils of auto-training SVMs on unvetted input.
We investigate a family of poisoning attacks against Support Vector Machines (SVM). Such attacks inject specially crafted training data that increases the SVM's test error. Central to the motivation for these attacks is the fact that most learning algorithms assume that their training data comes from a natural or well-behaved distribution. However, this assumption does not generally hold in security-sensitive settings. As we demonstrate, an intelligent adversary can, to some extent, predict the change of the SVM's decision function due to malicious input and use this ability to construct malicious data. The proposed attack uses a gradient ascent strategy in which the gradient is computed based on properties of the SVM's optimal solution. This method can be kernelized and enables the attack to be constructed in the input space even for non-linear kernels. We experimentally demonstrate that our gradient ascent procedure reliably identifies good local maxima of the non-convex validation error surface, which significantly increases the classifier's test error.

Via Alexandre Dulaunoy
papers  svm  machine-learning  poisoning  auto-learning  security  via:adulau 
july 2012 by jm
'Free open source self-hosted log management and exception tracking', loggly-style.  Basically, a nifty web data-mining UI on your syslogs (via adulau)
logging  syslog  sysadmin  mongodb  opensource  via:adulau  logs  web  ui  data-mining  from delicious
january 2011 by jm
Draft Functional Spec of Hadopi "securisation" software
Crazy suggestions leaked from the French anti-piracy authority. Mandatory host-based and router-based anti-piracy software and firmware with blocklists of suspect keywords, suspicious applications, TCP ports, protocols; detect suspicious apps installed; detect use of open wifi; detect use of anti-filtering/anti-blocking "workarounds" (ie. VPNs and Tor). Log all this to a dual journal, one of which will be encrypted using key escrow (presumably for use in prosecutions), retaining data for a year. Basically, a mandatory snooping infrastructure. Where would this leave Macs and Linux for French users?
hadopi  piracy  filtering  snooping  big-brother  1984  via:adulau  vpn  tor  blocklists  from delicious
july 2010 by jm
Comparing genomes to computer operating systems in terms of the topology and evolution of their regulatory control networks — PNAS
'we present a comparison between the transcriptional regulatory network of a well-studied bacterium (E. coli) and the call graph of a canonical OS (Linux) in terms of topology and evolution. ... both networks have a fundamentally hierarchical layout, but there is a key difference: The transcriptional regulatory network possesses a few global regulators at the top and many targets at the bottom; conversely, the call graph has many regulators controlling a small set of generic functions. This top-heavy organization leads to highly overlapping functional modules in the call graph, in contrast to the relatively independent modules in the regulatory network. ... These findings stem from the design principles of the two systems: robustness for biological systems and cost effectiveness (reuse) for software systems.' (via adulau)
via:adulau  papers  toread  genetics  genome  call-graph  linux  kernel  e-coli  operating-systems  transcriptional-regulatory-network  from delicious
may 2010 by jm
'Lsyncd uses rsync to synchronize local directories with a remote machine running rsyncd. Lsyncd watches multiple directories trees through inotify. The first step after adding the watches is to rsync all directories with the remote host, and then sync single file by collecting the inotify events. So lsyncd is a light-weight live mirror solution that should be easy to install and use while blending well with your system.' (via adulau)
via:adulau  lsyncd  mirroring  linux  inotify  backup  sysadmin  synchronization  sync  dropbox  from delicious
december 2009 by jm
Structural Regular Expressions
'The current UNIX text processing tools are weakened by the built-in concept of a line. There is a simple notation that can describe the `shape' of files when the typical array-of-lines picture is inadequate. That notation is regular expressions. Using regular expressions to describe the structure in addition to the contents of files has interesting applications, and yields elegant methods for dealing with some problems the current tools handle clumsily. When operations using these expressions are composed, the result is reminiscent of shell pipelines.' Paper by Rob Pike, via adulau. intriguing
sregex  via:adulau  regexp  rob-pike  regex  library  text  structural  parsing  from delicious
november 2009 by jm
sregex - Structural Regular Expressions
'The sregex module implements Structural Regular Expressions.' Python, Apache-licensed
sregex  python  via:adulau  regexp  robpike  regex  library  text  structural  parsing  from delicious
november 2009 by jm

Copy this bookmark: