[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] emergent security properties

To: Roland Dobbins <rdobbins@xxxxxxxxx>
Subject: Re: [Full-disclosure] emergent security properties
From: Peter Swire <peter@xxxxxxxxxxxxxx>
Date: Tue, 26 Dec 2006 20:53:46 -0700

<div>In terms of complexity/size helping security, there may be
additional categories:</div>
<div>&nbsp;</div>
<div>1.&nbsp; Anomaly detection might be part of a broader category of
knowledge-based approaches that work better at large scale.&nbsp; For
instance, expert systems to detect credit card fraud or identity theft
detection tend to work better as the amount of data increases.</div>
<div>&nbsp;</div>
<div>2.&nbsp; A more controversial improvement with scale comes from
"data mining," however folks want to define that.&nbsp; It's a long
debate about when data mining works or is just marketing hype for
putting more hay on the haystack.&nbsp; But more data gives the
possibility of more knowledge.</div>
<div>&nbsp;</div>
<div>3.&nbsp; The open source approach to security believes that having
many eyes on a vulnerability increases the likelihood of detecting and
then creating a patch for the vulnerability.&nbsp; So security may
improve when there are many eyes looking at vulnerabilities.&nbsp;
(This last point suggests that a Full Disclosure list, for instance,
might&nbsp;improve security as the size of the system increases.)</div>
<div>&nbsp;</div>
<div>Peter<BR><BR>Prof. Peter Swire<BR>C. William O'Neill Professor of
Law<BR>Moritz College of Law of the<BR>Ohio State University<BR>Senior
Fellow, Center for American Progress<BR>(240) 994-4142, <A
href="http://www.peterswire.net/";>www.peterswire.net</A><BR></div>
<DIV id=wmMessageComp name="wmMessageComp"><BR><BR>
<BLOCKQUOTE style="PADDING-LEFT: 8px; MARGIN-LEFT: 8px; BORDER-LEFT:
blue 2px solid">-------- Original Message --------<BR>Subject: Re:
[Full-disclosure] emergent security properties<BR>From: Roland Dobbins
&lt;rdobbins@xxxxxxxxx&gt;<BR>Date: Tue, December 26, 2006 8:32
pm<BR>To: full-disclosure@xxxxxxxxxxxxxxxxx<BR><BR>On Dec 26, 2006, at
4:19 PM, coderman wrote:<BR><BR>&gt; the only example that comes to
mind is distributed / collaborative<BR>&gt; anomaly detection systems
which become more robust with a larger<BR>&gt; number of entities and
interactions to observe.<BR></BLOCKQUOTE></DIV>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] SQID v0.2 - SQL Injection Digger.
Next by Date: Re: [Full-disclosure] [WEB SECURITY] Re: comparing information security to other industries
Previous by thread: Re: [Full-disclosure] emergent security properties
Next by thread: [Full-disclosure] Security contact at McAfee
Index(es):
- Date
- Thread