Мы используем файлы cookies для улучшения работы сайта НИУ ВШЭ и большего удобства его использования. Более подробную информацию об использовании файлов cookies можно найти здесь, наши правила обработки персональных данных – здесь. Продолжая пользоваться сайтом, вы подтверждаете, что были проинформированы об использовании файлов cookies сайтом НИУ ВШЭ и согласны с нашими правилами обработки персональных данных. Вы можете отключить файлы cookies в настройках Вашего браузера.
Адрес: 109028, г. Москва, Покровский бульвар, д. 11
Телефон: +7(495) 772-95-90 *27306
In the domain of web security, websites strive to prevent themselves from data gathering performed by automatic programs called bots. In that way, crawler traps are an efficient brake against this kind of programs. By creating similar pages or random content dynamically, crawler traps give fake information to the bot and resulting by wasting time and resources. Nowadays, there is no available bots able to detect the presence of a crawler trap. Our aim was to find a generic solution to escape any type of crawler trap. Since the random generation is potentially endless, the only way to perform crawler trap detection is on the fly. Using machine learning, it is possible to compute the comparison between datasets of webpages extracted from regular websites from those generated by crawler traps. Since machine learning requires to use distances, we designed our system using information theory. We considered widely used distances compared to a new one designed to take into account heterogeneous data. Indeed, two pages does not have necessary the same words and it is operationally impossible to know all possible words by advance. To solve our problematic, our new distance compares two webpages and the results showed that our distance is more accurate than other tested distances. By extension, we can say that our distance has a much larger potential range than just crawler traps detection. This opens many new possibilities in the scope of data classification and data mining.
This talk deals with new, innovative, data exfiltration techniques using laser printers. The aim is to understand the possibilities offered by laser printing to insert data subliminally on paper during printing when using office printers. These techniques are similar to those used in auxiliary channel attacks or sidechannel/covert channel attacks), which mainly target confidential environments requiring a high level of security (military, state, industrial sectors). By using the print function, not only it is possible to hide a message (invisible to the public eye) but also to decipher it easily once printed on a paper sheet. The objective is to make people aware of the need of strong security management of printers against unauthorized access to avoid data breach. The main reason lies in the fact that a simple malware hooking the print queue may enable confidential information to be added to legitimate documents and organize the leakage of sensitive information. Demos of our techniques will be made during the talk and source codes will be released.
This book constitutes revised selected papers of the 9th International Conference on Analysis of Images, Social Networks and Texts, AIST 2020, held in Moscow, Russia, in october 2020. Due to the COVID-19 pandemic the conference was held online.
The 14 full papers, 9 short papers and 4 poster papers were carefully reviewed and selected from 108 qualified submissions. The papers are organized in topical sections on natural language processing; computer vision; social network analysis; data analysis and machine learning; theoretical machine learning and optimization; process mining; posters.
Most modern democracies and states have adopted a large number of standards and norms to promote and harmonize international trade. The precautionary principle has come to complete this regulatory arsenal especially in the field of security of states and citizens, their health, their private life ... The aim is also to protect government agencies against wrong decisions, especially when uncertain, immature technologies are concerned. Social, political, institutional security and stability and now cybersecurity has become heavily dependent on these new forms of regulation. In this article we will show how this regulation arsenal could be exploited by cybercriminals. It is indeed possible through a broader vision of the notion of cyber attack to turn these norms and standards and this precautionary principle precisely against those they are supposed to protect. Among many possible scenarios, we consider a specific one for illustration with respect to the attack of voting machines. The m ain conclusion is that any (cyber)security risk analysis should now extend the mostly favoured technical view to a more operational vision in which non technical aspects also be included.
Сборник продолжает начатую в 2017 году исследовательскую программу и экспертную дискуссию о новых вызовах агломерационного развития.
Проблема бесшовного перехода с одной версии CentOS на другую не теряет остроты со времен выхода CentOS 6. Выход CentOS 8 не привнес ничего нового - официальных инструментов обновления с CentOS 7 нет, а изменение отношения к дистрибутиву со стороны компании RedHat и вовсе заставляет задуматься, не выбрать ли другую альтернативу, также основанную на исходных кодах RedHat Enterprise Linux