Transcript Slides
Traps, Pitfalls, Swindles, Lies, Doubts and Suspicions: A Counter-Case for the Study of Good Etiquette Jack L. Edwards & Greg Scott A I Management & Development Corp. Sharon McFadden & Keith C. Hendy Defence Research & Development Toronto AI M Artificial Intelligence Management and Development Corporation Defence R & D Canada - Toronto Etiquette • A Nice Image • Context: Human & System Etiquette • Benevolence Assumption AI M Artificial Intelligence Management and Development Corporation Some General Rules of Etiquette AI M • Be helpful • Be respectful • Be relevant • Be prompt • Be brief • Be protective (of privacy) • Be pleasant • Be adaptable Artificial Intelligence Management and Development Corporation Foundational Rule • Foundational Rule of Etiquette – Assumption of Honesty (“Be honest”) • Benevolence Assumption • High Correlation With Some Overlap in Meaning AI M Artificial Intelligence Management and Development Corporation The Internet: Ubiquitous and Evolving • Work & Leisure Time Extends Beyond Local Processing • Increasing Involvement of Technology in Person-ToPerson Exchanges – E.g., email; chat-rooms; video conferencing • Modern Agents Increasingly Software and Internet-Based • Traps, Pitfalls, Swindles Generalize Easily to the Internet AI M Artificial Intelligence Management and Development Corporation Violations of the Foundational Rule: Traps, Pitfalls, Swindles, Lies... • Nigerian Fee Scam • On-line Credit Card Fraud in 2001 – (5% of online consumers)* • Merchant’s lost $700M in 2001* • Lies & Hoaxes (Bush’s IQ) * Gartner Group AI M Artificial Intelligence Management and Development Corporation Thorough Understanding of Etiquette Is Not Possible Without An Active Study of the Abuse of Good Etiquette • Focusing Only on Good Etiquette Prejudices Us Toward Assumptions of Benevolence • Actively Assume Mantle of Hacker, Vandal, Scam Artist, Thief or Terrorist – Explore how to enlist rules of etiquette in deception & fraud • Active Contemplation Will Engage the Mind in a Creative Pursuit of a Deeper Understanding of Etiquette – Norman & Rumelhart Example AI M Artificial Intelligence Management and Development Corporation Applying Etiquette Rules in the Service of Scams & Frauds • Give the Appearance of Honesty – Falsely Establish Credibility • • • • Be helpful Be relevant Be brief Be pleasant • • • • Be respectful Be prompt Protect privacy Provide options • Some Examples of Grfter Etiquette AI M Artificial Intelligence Management and Development Corporation Fraud, Vandalism, Theft & Terrorism on the Internet • Ubiquitous Computing Is Giving Rise to Ubiquitous “Underworld” Activity • Generalization of Classic Con Games is Underway – – – – • Ponzi schemes Affinity Fraud Badger Game Embezzlement – – – – Identity Theft Insider Trading Twice-fleeced Fraud Weights and Measures Frauds Segmentation & Other Refinement Techniques – Mark (or Victim) Categories AI M Artificial Intelligence Management and Development Corporation Generalizing Grifter and Other Criminal Agents • Current & Future Software Agents – Roper Agents – Inside Man Agent – Shill Agents • – Manager Agent – Forger Agent – Vandal Agents Humans, Corporations & Other Organizations – The Target, Victim or Mark AI M Artificial Intelligence Management and Development Corporation Generalizing “Big Con” Grifters to Software • Roper Agents - Automated Solicitations (e.g., Nigerian Fee Scam) • Inside Man - Remotely Controlled & Coordinated Attack Agents • Manager - External Automated Attack Agents on Distributed Machines • Shills - Support Agents in a Society of Grifter Agents AI M Artificial Intelligence Management and Development Corporation Malicious Software Agents (Zeltser, 2000) • Rapidly Spreading Agents – Viruses and Worms - Explicitly Copy Themselves – e.g. Melissa Virus and Morris Worm • Spying (Espionage) Agents – Transmits Sensitive Information – e.g. Caligula, Marker and Groov Viruses • Remotely Controlled Agents – Complete Control of Victim’s Machine – Client/Server Architecture • • • • Server Communicates with Attacker through Outbound HTTP & FTP Channels Client directs Agent through Inbound Email and Web Browsing Channels Programming API Permits Controlling Traffic to be Encrypted with Plug-Ins Plug-Ins Permit Newly Propagated Versions to Register with Home-Base – e.g. Back Orifice and NetBus AI M Artificial Intelligence Management and Development Corporation Malicious Software Agents (Zeltser, 2000) (continued…) • Coordinated Attack Agents – Complete Control of Victim’s Machine – Client/Server Architecture • Multiple Clients Operate from Compromised Machines • Difficult to Trace – e.g. Trinoo and TFN • Advanced Malicious Agents – Builds on Strengths of Previously Described Agents – Alleviates Their Weaknesses – e.g. RingZero Trojan AI M Artificial Intelligence Management and Development Corporation Veracity Agent Network (VAN) - A Society of Protection Agents • Monitoring Agents - Incoming/Outgoing Traffic & Unusual Local Activity • Filtering Agents - Filters (Blocks) Unwanted Activity • Masking Agents - Masks Identify (Hides or Falsifies) • Tracking Agents - Track & Identify Unknown Sources • Information Agents - Explains Activities to Users • Proactive Agents - Build User Profiles of Attackers; Report Violations; Alter Code of Intrusive Agents; Search & Destroy AI M Artificial Intelligence Management and Development Corporation VAN Functionality: Ensuring Good “Underworld” Etiquette? • Monitoring, Intercepting & Controlling Cookie Traffic • Monitoring Automatic Version Personal Info to Company Sites Checkers Sending – (e.g. usage statistics correlated with software Serial No.) • Blocking Unwanted Transmission of Personal Info – (e.g. credit card numbers, email address) • Stripping Browser Type, Platform & OS Info Sent With Every Request for Web Page • Blocking Banner Ads; Automatic Closing of Pop-Up Ads AI M Artificial Intelligence Management and Development Corporation Current Level of Development: Monitoring Agents • Internet Traffic Can Be Intercepted Either: – leaving an application & passing to the OS – leaving the OS & passing to network • Both Require Low-Level Drivers to Intercept Data AI M Artificial Intelligence Management and Development Corporation Current Level of Development: Monitoring Agents (continued…) • Look Up IP Addresses Automatically Using “whois” • Determine Usage Stats Being Collected, by RealPlayer • Port Number Look-Up (65K+ Ports): Identify Type of Traffic Using Ports & Build a DataBase • Identify Information Sent Out Without Asking User – – – – AI M cookies software update requests AOL messenger activity usage stats Artificial Intelligence Management and Development Corporation Current Level of Development: Monitoring Agents (continued…) • Outside Attempts to Access System • Personal Info Being Sent Out – e.g. credit card numbers; email addresses; passwords • System Info Sent Out While Web Browsing – e.g. browser type, operating system, type of computer • Monitor Email to... – identify common Internet hoaxes & scams – compile statistics on incoming messages for future use AI M Artificial Intelligence Management and Development Corporation Support Technology • NetTraffic & WinpCap - Monitors Low-Level Event Traffic on PC • Current Open Source Code from Politecnico di Torino – http://winpcap.polito.it/ • Original UNIX Pcap Developed at Berkeley • Higher-Level Functionality is Needed to Interpret & Use That Information AI M Artificial Intelligence Management and Development Corporation User Requirements • Protection Only - Don’t Bother Me With Details • Track Activities (At Least in the Beginning) • See Explanations of Activity; ID Sources; Report Intrusions & Misuse of Information • Be Proactive Realtive to Intruders AI M Artificial Intelligence Management and Development Corporation “User” Models • For Actual User (Encrypted) • For Several Masked Versions of Own User • For “Friends” of Own User • For Tracked (Potentially Malicious) Sources AI M Artificial Intelligence Management and Development Corporation Possibility of Agent Wars • Disseminate Info Other Agents Created To Block • Misrepresent Themselves For Nefarious Purposes • Hack Other Agents to Prevent Them from Achieving Competing Goals AI M Artificial Intelligence Management and Development Corporation The Future of “Underworld” Internet Computing • “Underworld” of the Internet - The “Wild West” • Few Rules and Little Explicit “Consideration of Others,” as We Defined as the Source of Good Etiquette • Helplessness of Average User to Protect Themselves From This “Underworld” Activity Will Help Drive Etiquette • Our Goal: Agents to Help Ensure You Are “Taken Into Consideration,” in this New World of Ubiquitous Internet Computing AI M Artificial Intelligence Management and Development Corporation