Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Traps, Pitfalls, Swindles, Lies, Doubts and Suspicions in Human
Document related concepts
Technological singularity wikipedia , lookup
Artificial intelligence in video games wikipedia , lookup
Agent-based model in biology wikipedia , lookup
Agent-based model wikipedia , lookup
Embodied cognitive science wikipedia , lookup
Philosophy of artificial intelligence wikipedia , lookup
Agent (The Matrix) wikipedia , lookup
History of artificial intelligence wikipedia , lookup
Ethics of artificial intelligence wikipedia , lookup
Intelligence explosion wikipedia , lookup
Existential risk from artificial general intelligence wikipedia , lookup
Transcript
Traps, Pitfalls, Swindles, Lies, Doubts and Suspicions: A Counter-Case for the Study of Good Etiquette Jack L. Edwards & Greg Scott A I Management & Development Corp. Sharon McFadden & Keith C. Hendy Defence Research & Development Toronto AI M Artificial Intelligence Management and Development Corporation Defence R & D Canada - Toronto Etiquette • A Nice Image • Context: Human & System Etiquette • Benevolence Assumption AI M Artificial Intelligence Management and Development Corporation Some General Rules of Etiquette AI M • Be helpful • Be respectful • Be relevant • Be prompt • Be brief • Be protective (of privacy) • Be pleasant • Be adaptable Artificial Intelligence Management and Development Corporation Foundational Rule • Foundational Rule of Etiquette – Assumption of Honesty (“Be honest”) • Benevolence Assumption • High Correlation With Some Overlap in Meaning AI M Artificial Intelligence Management and Development Corporation The Internet: Ubiquitous and Evolving • Work & Leisure Time Extends Beyond Local Processing • Increasing Involvement of Technology in Person-ToPerson Exchanges – E.g., email; chat-rooms; video conferencing • Modern Agents Increasingly Software and Internet-Based • Traps, Pitfalls, Swindles Generalize Easily to the Internet AI M Artificial Intelligence Management and Development Corporation Violations of the Foundational Rule: Traps, Pitfalls, Swindles, Lies... • Nigerian Fee Scam • On-line Credit Card Fraud in 2001 – (5% of online consumers)* • Merchant’s lost $700M in 2001* • Lies & Hoaxes (Bush’s IQ) * Gartner Group AI M Artificial Intelligence Management and Development Corporation Thorough Understanding of Etiquette Is Not Possible Without An Active Study of the Abuse of Good Etiquette • Focusing Only on Good Etiquette Prejudices Us Toward Assumptions of Benevolence • Actively Assume Mantle of Hacker, Vandal, Scam Artist, Thief or Terrorist – Explore how to enlist rules of etiquette in deception & fraud • Active Contemplation Will Engage the Mind in a Creative Pursuit of a Deeper Understanding of Etiquette – Norman & Rumelhart Example AI M Artificial Intelligence Management and Development Corporation Applying Etiquette Rules in the Service of Scams & Frauds • Give the Appearance of Honesty – Falsely Establish Credibility • • • • Be helpful Be relevant Be brief Be pleasant • • • • Be respectful Be prompt Protect privacy Provide options • Some Examples of Grfter Etiquette AI M Artificial Intelligence Management and Development Corporation Fraud, Vandalism, Theft & Terrorism on the Internet • Ubiquitous Computing Is Giving Rise to Ubiquitous “Underworld” Activity • Generalization of Classic Con Games is Underway – – – – • Ponzi schemes Affinity Fraud Badger Game Embezzlement – – – – Identity Theft Insider Trading Twice-fleeced Fraud Weights and Measures Frauds Segmentation & Other Refinement Techniques – Mark (or Victim) Categories AI M Artificial Intelligence Management and Development Corporation Generalizing Grifter and Other Criminal Agents • Current & Future Software Agents – Roper Agents – Inside Man Agent – Shill Agents • – Manager Agent – Forger Agent – Vandal Agents Humans, Corporations & Other Organizations – The Target, Victim or Mark AI M Artificial Intelligence Management and Development Corporation Generalizing “Big Con” Grifters to Software • Roper Agents - Automated Solicitations (e.g., Nigerian Fee Scam) • Inside Man - Remotely Controlled & Coordinated Attack Agents • Manager - External Automated Attack Agents on Distributed Machines • Shills - Support Agents in a Society of Grifter Agents AI M Artificial Intelligence Management and Development Corporation Malicious Software Agents (Zeltser, 2000) • Rapidly Spreading Agents – Viruses and Worms - Explicitly Copy Themselves – e.g. Melissa Virus and Morris Worm • Spying (Espionage) Agents – Transmits Sensitive Information – e.g. Caligula, Marker and Groov Viruses • Remotely Controlled Agents – Complete Control of Victim’s Machine – Client/Server Architecture • • • • Server Communicates with Attacker through Outbound HTTP & FTP Channels Client directs Agent through Inbound Email and Web Browsing Channels Programming API Permits Controlling Traffic to be Encrypted with Plug-Ins Plug-Ins Permit Newly Propagated Versions to Register with Home-Base – e.g. Back Orifice and NetBus AI M Artificial Intelligence Management and Development Corporation Malicious Software Agents (Zeltser, 2000) (continued…) • Coordinated Attack Agents – Complete Control of Victim’s Machine – Client/Server Architecture • Multiple Clients Operate from Compromised Machines • Difficult to Trace – e.g. Trinoo and TFN • Advanced Malicious Agents – Builds on Strengths of Previously Described Agents – Alleviates Their Weaknesses – e.g. RingZero Trojan AI M Artificial Intelligence Management and Development Corporation Veracity Agent Network (VAN) - A Society of Protection Agents • Monitoring Agents - Incoming/Outgoing Traffic & Unusual Local Activity • Filtering Agents - Filters (Blocks) Unwanted Activity • Masking Agents - Masks Identify (Hides or Falsifies) • Tracking Agents - Track & Identify Unknown Sources • Information Agents - Explains Activities to Users • Proactive Agents - Build User Profiles of Attackers; Report Violations; Alter Code of Intrusive Agents; Search & Destroy AI M Artificial Intelligence Management and Development Corporation VAN Functionality: Ensuring Good “Underworld” Etiquette? • Monitoring, Intercepting & Controlling Cookie Traffic • Monitoring Automatic Version Personal Info to Company Sites Checkers Sending – (e.g. usage statistics correlated with software Serial No.) • Blocking Unwanted Transmission of Personal Info – (e.g. credit card numbers, email address) • Stripping Browser Type, Platform & OS Info Sent With Every Request for Web Page • Blocking Banner Ads; Automatic Closing of Pop-Up Ads AI M Artificial Intelligence Management and Development Corporation Current Level of Development: Monitoring Agents • Internet Traffic Can Be Intercepted Either: – leaving an application & passing to the OS – leaving the OS & passing to network • Both Require Low-Level Drivers to Intercept Data AI M Artificial Intelligence Management and Development Corporation Current Level of Development: Monitoring Agents (continued…) • Look Up IP Addresses Automatically Using “whois” • Determine Usage Stats Being Collected, by RealPlayer • Port Number Look-Up (65K+ Ports): Identify Type of Traffic Using Ports & Build a DataBase • Identify Information Sent Out Without Asking User – – – – AI M cookies software update requests AOL messenger activity usage stats Artificial Intelligence Management and Development Corporation Current Level of Development: Monitoring Agents (continued…) • Outside Attempts to Access System • Personal Info Being Sent Out – e.g. credit card numbers; email addresses; passwords • System Info Sent Out While Web Browsing – e.g. browser type, operating system, type of computer • Monitor Email to... – identify common Internet hoaxes & scams – compile statistics on incoming messages for future use AI M Artificial Intelligence Management and Development Corporation Support Technology • NetTraffic & WinpCap - Monitors Low-Level Event Traffic on PC • Current Open Source Code from Politecnico di Torino – http://winpcap.polito.it/ • Original UNIX Pcap Developed at Berkeley • Higher-Level Functionality is Needed to Interpret & Use That Information AI M Artificial Intelligence Management and Development Corporation User Requirements • Protection Only - Don’t Bother Me With Details • Track Activities (At Least in the Beginning) • See Explanations of Activity; ID Sources; Report Intrusions & Misuse of Information • Be Proactive Realtive to Intruders AI M Artificial Intelligence Management and Development Corporation “User” Models • For Actual User (Encrypted) • For Several Masked Versions of Own User • For “Friends” of Own User • For Tracked (Potentially Malicious) Sources AI M Artificial Intelligence Management and Development Corporation Possibility of Agent Wars • Disseminate Info Other Agents Created To Block • Misrepresent Themselves For Nefarious Purposes • Hack Other Agents to Prevent Them from Achieving Competing Goals AI M Artificial Intelligence Management and Development Corporation The Future of “Underworld” Internet Computing • “Underworld” of the Internet - The “Wild West” • Few Rules and Little Explicit “Consideration of Others,” as We Defined as the Source of Good Etiquette • Helplessness of Average User to Protect Themselves From This “Underworld” Activity Will Help Drive Etiquette • Our Goal: Agents to Help Ensure You Are “Taken Into Consideration,” in this New World of Ubiquitous Internet Computing AI M Artificial Intelligence Management and Development Corporation
