# USENIX 2013 - Day 1

Perhaps unsurprisingly, there were fewer papers today that I was particularly interested–given that FOCI is directly related to my area of research. Still, computer security is a very useful field and one that I’m keen to learn more about. I only went to two of the sessions today (it’s always unfortunate when they run two interesting sessions at the same time) and here are some of the talks I found particularly interesting:

## Greystar: Fast and Accurate Detection of SMS Spam Numbers in Large Cellular Networks Using Gray Phone Space

Nan Jiang, *University of Minnesota;* Yu Jin and Ann Skudlark, *AT&T Labs;* Zhi-Li Zhang, University of Minnesota

The first talk of the day was essentially about SMS / text message spam. They seemed to have some pretty nice data about how spammers actually send out such messages; showing that something like 4.5 billion spam texts were sent in 2012, up 45% from the year before. They showed that since phone numbers are so regular, spammers can essentially just text an entire block. This is contrary to email where you have to have a list of email addresses to really get anywhere. With that though, you can do a fair amount to automatically detect such spammers on the network even without complete control just by watching numbers that don’t normally get text messages. It’s a neat concept and a field that will certainly keep growing in the coming years.

## Practical Comprehensive Bounds on Surreptitious Communication over DNS

Vern Paxson, *University of California, Berkeley, and International Computer Science Institute;* Mihai Christodorescu, *Qualcomm Research;* Mobin Javed,*University of California, Berkeley; *Josyula Rao, Reiner Sailer, Douglas Lee Schales, and Marc Ph. Stoecklin,*IBM Research;* Kurt Thomas, *University of California, Berkeley; *Wietse Venema, *IBM Research;* Nicholas Weaver, International Computer Science Institute and University of California, San Diego

That’s one heck of an author list. 😄 It makes sense though, it was a rather in depth paper with some impressive data. Basically, they took the idea of communicating over DNS (basically, running your own DNS server and abusing the DNS protocol) and went with the most covert methods they could think of. One in particular was sending requests of different types in order to encode messages. From that, they analyzed some 230 billion DNS records, looking for statistically significant patterns… and they found them. They found 59 channels in those queries that so far as I understand weren’t previously known. Crazy stuff that; but it really makes me want to try to implement one of these systems on my home computer…

## Let Me Answer That for You: Exploiting Broadcast Information in Cellular Networks

Nico Golde, Kévin Redon, and Jean-Pierre Seifert,Technische Universität Berlin and Deutsche Telekom Innovation Laboratories

## The Velocity of Censorship: High-Fidelity Detection of Microblog Post Deletions

Tao Zhu, *Independent Researcher;* David Phipps,*Bowdoin College;* Adam Pridgen, *Rice University;*Jedidiah R. Crandall, *University of New Mexico; *Dan S. Wallach, Rice University

This paper was similar to some I’ve already read before, essentially talking about how China censors its own internal microblogging networks (since Twitter is blocked entirely(more or less)). What they found was that new posts of a sensitive nature will be blocked within 1-2 minutes and that it’s not terribly difficult to get yourself on a watchlist where your posts will be deleted. It’s even more interesting to see how Chinese users get around such problems, essentially using their equivalent of homonyms. Rather than words that sound similar, they use characters that look *almost *the same. It’s easy for a human reader to ‘fix’ the mistake, but much harder for a computer to automatically detect it.

Well, that’s all for today. It’s only the first day of three, but I’m already tired. It’s amazing how intense sitting in a room and watching / listening to people talk for a day can be…

comments powered by Disqus