Familiarity with Internet threats: Beyond awareness

The degree of familiarity with threats is considered as a predictor of Internet attitudes and security behaviors. Cross-sectional data were collected from 323 student participants about their familiarity about 16 different Internet threats. All participants were presented with definitions of threats and then asked to state how familiar they were with each. Their responses were then used to identify the extent to which threat familiarity differed among the sample. Three different clusters were identified. One set of participants were relatively knowledgeable about all threats. Cluster 1 was therefore labeled experts (n = 92). Clusters 2 (n = 112) and 3 (n = 92) showed very different patterns as familiarity appeared to depend on the novelty of the threat (with one cluster showing more familiarity with well-known threats and the other more familiarity with new threats). Participants who were experts were more likely to engage in computer security behaviors than the other two groups. Mediation analysis showed that time spent on the Internet and the length of Internet experience were significant predictors of familiarity, and both were significant indirect predictors of computer security use (suggesting a relationship fully mediated by familiarity). Our paper makes several important contribution. First, the research reflects a systematic effort to investigate the relationship between the familiarity and engagement of online security activities. Second, we provide evidence that familiarity is a mediator between Internet use and security behaviors – making this a baseline variable to consider in terms of training on future threat-oriented interventions aimed at changing security behavior. This study also provides implications for practitioners to improve user familiarity of security risks

Using Visualizations to Enhance Users' Understanding of App Activities on Android Devices

The ever-increasing number of third-party applications developed for Android devices has resulted in a growing interest in the secondary activities that these applications perform and how they affect a user’s privacy. Unfortunately, users continue to install these applications without any concrete knowledge of the breadth of these activities; hence, they have little insight into the sensitive information and resources accessed by these applications. In this paper, we explore users’ perception and reaction when presented with a visual analysis of Android applications activities and their security implications. This study uses interactive visual schemas to communicate the effect of applications activities in order to support users with more understandable information about the risks they face from such applications. Through findings from a user-based experiment, we demonstrate that when visuals diagrams about application activities are presented to users, they became more aware and sensitive to the privacy intrusiveness of certain applications. This awareness and sensitivity stems from the fact that some of these applications were accessing a significant number of resources and sensitive information, and transferring data out of the devices, even when they arguably had little reason to do so

Android Application Security Scanning Process

This chapter presents the security scanning process for Android applications. The aim is to guide researchers and developers to the core phases/steps required to analyze Android applications, check their trustworthiness, and protect Android users and their devices from being victims to different malware attacks. The scanning process is comprehensive, explaining the main phases and how they are conducted including (a) the download of the apps themselves; (b) Android application package (APK) reverse engineering; (c) app feature extraction, considering both static and dynamic analysis; (d) dataset creation and/or utilization; and (e) data analysis and data mining that result in producing detection systems, classification systems, and ranking systems. Furthermore, this chapter highlights the app features, evaluation metrics, mechanisms and tools, and datasets that are frequently used during the app’s security scanning process

Socio-Technical Aspects of Security Analysis

This thesis seeks to establish a semi-automatic methodology for security analysis when users are considered part of the system. The thesis explores this challenge, which we refer to as ‘socio-technical security analysis’. We consider that a socio-technical vulnerability is the conjunction of a human behaviour, the factors that foster the occurrence of this behaviour, and a system. Therefore, the aim of the thesis is to investigate which human-related factors should be considered in system security, and how to incorporate these identified factors into an analysis framework. Finding a way to systematically detect, in a system, the socio-technical vulnerabilities that can stem from insecure human behaviours, along with the factors that influence users into engaging in these behaviours is a long journey that we can summarise in three research questions: 1. How can we detect a socio-technical vulnerability in a system? 2. How can we identify in the interactions between a system and its users, the human behaviours that can harm this system’s security? 3. How can we identify the factors that foster human behaviours that are harmful to a system’s security? A review of works that aim at bringing social sciences findings into security analysis reveals that there is no unified way to do it. Identifying the points where users can harm a system’s security, and clarifying what factors can foster an insecure behaviour is a complex matter. Hypotheses can arise about the usability of the system, aspects pertaining to the user or the organisational context but there is no way to find and test them all. Further, there is currently no way to systematically integrate the results regarding hypotheses we tested in a security analysis. Thus, we identify two objectives related to these methodological challenges that this thesis aims at fulfilling in its contributions: 1. What form should a framework that intends to identify harmful behaviours for security, and to investigate the factors that foster their occurrence take? 2. What form should a semi-automatic, or tool-assisted methodology for the security analysis of socio-technical systems take? The thesis provides partial answers to the questions. First it defines a methodological framework called STEAL that provides a common ground for an interdisciplinary approach to security analysis. STEAL supports the interaction between computer scientists and social scientists by providing a common reference model to describe a system with its human and non-human components, potential attacks and defences, and the surrounding context. We validate STEAL in a two experimental studies, showing the role of the context and graphical cues in Wi-Fi networks’ security. Then the thesis complements STEAL with a Root Cause Analysis (RCA) methodology for security inspired from the ones used in safety. This methodology, called S·CREAM aims at being more systematic than the research methods that can be used with STEAL (surveys for instance) and at providing reusable findings for analysing security. To do so, S·CREAM provides a retrospective analysis to identify the factors that can explain the success of past attacks and a methodology to compile these factors in a form that allows for the consideration of their potential effects on a system’s security, given an attacker Threat Model. The thesis also illustrates how we developed a tool—the S·CREAM assistant— that supports the methodology with an extensible knowledge base and computer-supported reasoning

Assuring Safety and Security

Large technological systems produce new capabilities that allow innovative solutions to social, engineering and environmental problems. This trend is especially important in the safety-critical systems (SCS) domain where we simultaneously aim to do more with the systems whilst reducing the harm they might cause. Even with the increased uncertainty created by these opportunities, SCS still need to be assured against safety and security risk and, in many cases, certified before use. A large number of approaches and standards have emerged, however there remain challenges related to technical risk such as identifying inter-domain risk interactions, developing safety-security causal models, and understanding the impact of new risk information. In addition, there are socio-technical challenges that undermine technical risk activities and act as a barrier to co-assurance, these include insufficient processes for risk acceptance, unclear responsibilities, and a lack of legal, regulatory and organisational structure to support safety-security alignment. A new approach is required. The Safety-Security Assurance Framework (SSAF) is proposed here as a candidate solution. SSAF is based on the new paradigm of independent co-assurance, that is, keeping the disciplines separate but having synchronisation points where required information is exchanged. SSAF is comprised of three parts - the Conceptual Model defines the underlying philosophy, and the Technical Risk Model (TRM) and Socio-Technical Model (STM) consist of processes and models for technical risk and socio-technical aspects of co-assurance. Findings from a partial evaluation of SSAF using case studies reveal that the approach has some utility in creating inter-domain relationship models and identifying socio-technical gaps for co-assurance. The original contribution to knowledge presented in this thesis is the novel approach to co-assurance that uses synchronisation points, explicit representation of a technical risk argument that argues over interaction risks, and a confidence argument that explicitly considers co-assurance socio-technical factors

A Large-Scale Evaluation of Privacy Practices of Public WiFi Captive Portals

Open access WiFi hotspots are widely deployed in many public places, including restaurants, parks, coffee shops, shopping malls, trains, airports, hotels, and libraries. While these hotspots provide an attractive option to stay connected, they may pose security and privacy risks to users. Several past studies focused on privacy leakage from browsing the internet or using mobile apps in an open hotspot, due to the nature of these hotspots, and the use of HTTP, as opposed to HTTPS for connections between the user device and the web service. The US Federal Trade Commission (FTC) acknowledges those risks and advises public WiFi users to take reasonable measures while using such networks. To complement previous efforts in analyzing security and privacy risks of using public WiFi hotspots, we design two comprehensive frameworks. The first framework (CPInspector) is designed to analyze the tracking behaviors and privacy leakage on public WiFi captive portals—where users typically agree to the hotspot’s terms or sometimes register before being allowed to access the internet. CPInspector performs a wide range of web tracking measurements on public WiFi captive portals for both Windows and Android; we must physically visit each hotspot and run the CPInspector on the hotspot captive portal. We also inspect the personal data collection practices of those hotspots and the security measures adopted to protect users’ information. Hotspots pose some unique risks due to their access to the users’ foot traffic, browsing habits, the device MAC address, and in certain cases, personal information such as name, email address, social media profile, location and employment history. Using CPInspector, we initially conducted a comprehensive privacy analysis of 80 public WiFi hotspot locations in Montreal, Canada. Our analysis reveals the collection of a significant amount of privacy-sensitive personal data through the use of social login (e.g., Facebook and Google) and registration forms, and many instances of tracking activities, sometimes even before the user accepts the hotspot’s privacy and terms of service policies. We also analyzed 98 hotspot locations in Montreal for ad injection, but we did not observe any content modification attempts. Next, we expanded our study to hotspots from other cities in Canada, Europe, and the US. We conducted a high-level comparative analysis of tracking behaviors of those hotspots (in total, 192 public WiFi hotspot locations; including Montreal hotspots). We conclude that some of our findings are indeed applicable to a larger geographical area, including the use of third-party trackers on captive portals and sharing the harvested data with third-party entities using third-party captive portals. We use the second framework to analyze hotspots privacy policies and terms-of-use documentation which also discloses the service provider’s data and privacy practices. We augment our policy analysis using our collected hotspots’ datasets to validate selected privacy aspects of the public WiFi. We evaluated a sample of 16 privacy policy and TOS documents from hotspots that appear to be most risky in Montreal, Canada. Our analysis reveals many instances where the hotspot may appear to conform to privacy best practices according to its documentation but fail to implement necessary technical measures

Analysis and Design of Privacy-Enhancing Information Sharing Systems

Recent technological advancements have enabled the collection of large amounts of personal data of individuals at an ever-increasing rate. Service providers, organisations and governments can collect or otherwise acquire rich information about individuals’ everyday lives and habits from big data-silos, enabling profiling and micro-targeting such as in political elections. Therefore, it is important to analyse systems that allow the collection and information sharing between users and to design secure and privacy enhancing solutions. This thesis contains two parts. The aim of the first part is to investigate in detail the effects of the collateral information collection of third-party applications on Facebook. The aim of the second part is to analyse in detail the security and privacy issues of car sharing systems and to design a secure and privacy-preserving solution. In the first part, we present a detailed multi-faceted study on the collateral information collection privacy issues of Facebook applications; providers of third-party applications on Facebook exploit the interdependency between users and their friends. The goal is to (i) study the existence of the problem, (ii) investigate whether Facebook users are concerned about the issue, quantify its (iii) likelihood and (iv) impact of collateral information collection affecting users, (v) identify whether collateral information collection is an issue for the protection of the personal data of Facebook users under the legal framework, and (vi) we propose solutions that aim to solve the problem of collateral information collection. In order to investigate the views of the users, we designed a questionnaire and collected the responses of participants. Employing real data from the Facebook third-party applications ecosystem, we compute the likelihood of collateral information collection affecting users and quantify its significance evaluating the amount of attributes collected by such applications. To investigate whether collateral information collection is an issue in terms of users’ privacy we analysed the legal framework in light of the General Data Protection Regulation. To provide countermeasures, we propose a privacy dashboard extension that implements privacy scoring computations to enhance transparency towards collateral information collection

Design and cryptographic security analysis of e-voting protocols

Electronic voting (e-voting) systems are used in numerous countries for political elections, but also for less critical elections within clubs and associations, and hence affect the lives of millions of people. It is therefore important to ensure that single voters' choices remain private, and to be able to verify that an election result coincides with the voters' intention. Unfortunately, for most e-voting systems employed in real elections, these fundamental security and privacy properties cannot be guaranteed, so that in particular the legitimacy of such political elections is challenged. This demonstrates the importance of employing e-voting systems that are rootedly designed to guarantee the required security. However, it turned out to be highly challenging to construct secure yet practical e-voting systems since one always has to find a balance between the (possibly conflicting) requirements of the given kind of election. In the first two chapters of the thesis' main part, we present two practical e-voting systems which are both meant for low-risk and non-political elections, e.g., within clubs or associations. We have implemented both systems to demonstrate their practicability. The first system, called sElect, is designed to be as simple as possible while still guaranteeing a good level of security. The second system, called Ordinos, provides a superior level of privacy as it only reveals the most necessary information about the election outcome, e.g., solely the winner's name but nothing else. We will rigorously analyze the security of sElect and Ordinos. To do this, we formally define the required security properties and then mathematically prove that sElect and Ordinos achieve them. In the third chapter of the thesis' main part, we provide substantial work on the fundamental notion of verifiability of e-voting systems. We analyze and compare all formal verifiability definitions from the literature regarding how meaningful, expressive, or general they are

Telecommunication Systems

This book is based on both industrial and academic research efforts in which a number of recent advancements and rare insights into telecommunication systems are well presented. The volume is organized into four parts: "Telecommunication Protocol, Optimization, and Security Frameworks", "Next-Generation Optical Access Technologies", "Convergence of Wireless-Optical Networks" and "Advanced Relay and Antenna Systems for Smart Networks." Chapters within these parts are self-contained and cross-referenced to facilitate further study