|
Shahrin Sahib, Universiti Teknikal Malaysia Melaka, Melaka
Shahrin Sahib @ Sahibuddin is a Professor of Computer Science at
the faculty of Information and Communication Technology, Universiti Teknikal Malaysia Melaka (UTeM), Malaysia. He obtained his PhD in the area of Parallel Processing from the University of Sheffield United Kingdom in 1995. His Master’s Degree and Bachelor’s Degree are from Purdue University, United States in the area of Computer Systems Engineering. Before serving Universiti Teknikal Malaysia Melaka (UTeM), he has served a number of institutions namely University of Science Malaysia, Multimedia University and Yayasan Melaka College in various administrative capacities as Dean of Faculty, Directors of Centers and Director of Academic Affairs. He also serves as the Deputy Chairman for the ICT Cluster of the National Council of Professors. His expertise in curriculum development is frequently sought by the Malaysian Qualification Agency (MQA) at which he sits in the Accreditation Committee and Chair the Computing Standards Committee. Besides contributing to the development of Malaysian Critical National Information Infrastructure (CNII) Policy and the National Cyber-Security Policy (NCSP), he still contributes to Cybersecurity Malaysia as a Member of Malaysia Common Criteria (MyCC) Scheme Management Board. His current areas of interest are in the area of Network and Computer Security. He has published over 100 technical papers in both international conferences and journals. He has contributed his knowledge and experience as international program committee, reviewer and resource person in numerous research events.
Abstract
Exposure Index of Internet Users for Privacy and Security Assessment
As a network grows in size and complexity, more content are placed on-line to serve various needs and as in any free trade environment, the supply will continue to grow so long that there are demands for various contents. The explosion of social network of late open up a new opportunity for attacker profile internet users before an attack is lunch either to an individual or an organization. Even though the online identities that people defined in the social network are not necessarily reliable, there are some users who prefer to use their real names and identities online. The popularity of intrusion tools and script also make it easier for anyone to launch an attack to any unguarded machines. Before an attacker is able to compromise a specific machine, valuable information such as IP addresses and vulnerable applications are first gathered. There are numerous techniques to get this information such as sweeping, scanning, probing and so on. Put together with data obtained by web data mining either through web structure mining or web content mining, attack pattern are becoming more complex and subtle. One possible approach to evade this possibility is to propose a new web content mining with the application of soft computing to rank or profile the level of exposition of an individual users using various features to Personally Identifiable Information (PII). The next stage is use the voluntarily exposed information in launching possible attacks to the users or the organization they are with. By introducing a feature selection and information from users’ characteristics and resource content, the specification of ontology for the profiling domain, information that can be used to uniquely identify, contact, or locate a single person or can be used with other sources to triangulate and uniquely identify a single individual. This research proposes an index using an augmented Personally Identifiable Information (PII) so that such attack can be minimized if not eliminated altogether.
|
