A Review on Resemblance of User Profiles in Social Networks using Similarity Measures

Online Social Networking is increasing at a fast rate. There are lots of profiles of the users and there is too much resemblance between the user profiles which can help recruiter’s to select the best candidates for the Job Profile. Now, each similarity measure has its own applicability and best suited to a particular type of attribute values and if these measures are collectively combined then it can help us to find the best resemblance among the user profile ,the result of which matches to the actual result. In this paper, the discussion of the past studies is done and how our research is proposing a framework for finding the resemblance is being discussed.

Digital Deception: Generative Artificial Intelligence in Social Engineering and Phishing

The advancement of Artificial Intelligence (AI) and Machine Learning (ML) has profound implications for both the utility and security of our digital interactions. This paper investigates the transformative role of Generative AI in Social Engineering (SE) attacks. We conduct a systematic review of social engineering and AI capabilities and use a theory of social engineering to identify three pillars where Generative AI amplifies the impact of SE attacks: Realistic Content Creation, Advanced Targeting and Personalization, and Automated Attack Infrastructure. We integrate these elements into a conceptual model designed to investigate the complex nature of AI-driven SE attacks - the Generative AI Social Engineering Framework. We further explore human implications and potential countermeasures to mitigate these risks. Our study aims to foster a deeper understanding of the risks, human implications, and countermeasures associated with this emerging paradigm, thereby contributing to a more secure and trustworthy human-computer interaction.Comment: Submitted to CHI 202

Mitigating Colluding Attacks in Online Social Networks and Crowdsourcing Platforms

Online Social Networks (OSNs) have created new ways for people to communicate, and for companies to engage their customers -- with these new avenues for communication come new vulnerabilities that can be exploited by attackers. This dissertation aims to investigate two attack models: Identity Clone Attacks (ICA) and Reconnaissance Attacks (RA). During an ICA, attackers impersonate users in a network and attempt to infiltrate social circles and extract confidential information. In an RA, attackers gather information on a target\u27s resources, employees, and relationships with other entities over public venues such as OSNs and company websites. This was made easier for the RA to be efficient because well-known social networks, such as Facebook, have a policy to force people to use their real identities for their accounts. The goal of our research is to provide mechanisms to defend against colluding attackers in the presence of ICA and RA collusion attacks. In this work, we consider a scenario not addressed by previous works, wherein multiple attackers collude against the network, and propose defense mechanisms for such an attack. We take into account the asymmetric nature of social networks and include the case where colluders could add or modify some attributes of their clones. We also consider the case where attackers send few friend requests to uncover their targets. To detect fake reviews and uncovering colluders in crowdsourcing, we propose a semantic similarity measurement between reviews and a community detection algorithm to overcome the non-adversarial attack. ICA in a colluding attack may become stronger and more sophisticated than in a single attack. We introduce a token-based comparison and a friend list structure-matching approach, resulting in stronger identifiers even in the presence of attackers who could add or modify some attributes on the clone. We also propose a stronger RA collusion mechanism in which colluders build their own legitimacy by considering asymmetric relationships among users and, while having partial information of the networks, avoid recreating social circles around their targets. Finally, we propose a defense mechanism against colluding RA which uses the weakest person (e.g., the potential victim willing to accept friend requests) to reach their target

Plataforma de serviços para monitorização da cadeia de valor do pescado

Traceability in the food value chain is a topic of interest due to the advantages it brings to both the consumers, producers and regulatory authorities. This thesis describes my contributions during the design and implementation of a microservice based middleware for the Portuguese fish value chain considering current practices in the industry and the requirements of the stakeholders involved in the project, with the goal of integrating all the traceability information available from each operator to provide customers with the full story of the products they purchase. During this project I assumed many roles such as development, operations and even some security allowing me to improve my skills in all these fields and experimenting with the latest cloud native technologies such as containers and with DevOps practices.A rastreabilidade na cadeia de valor alimentar é um tema de interesse pelas vantagens que traz aos consumidores, produtores e autoridades reguladoras. Esta dissertação descreve as minhas contribuições durante a conceção e implementação de um middleware baseado em micro-serviços para a cadeia de valor do pescado portuguesa considerando as práticas atuais da indústria e os requisitos das partes interessadas envolvidas no projeto, com o objetivo de integrar toda a informação de rastreabilidade disponível de cada um dos operadores para fornecer aos clientes a história completa dos produtos que adquirem. Durante este projeto, assumi muitas funções, como desenvolvimento, operações e até mesmo alguma segurança, o que me permitiu melhorar as minhas capacidades em todos essas disciplinas e experimentar as mais recentes tecnologias nativas da nuvem, como contentores e práticas de DevOps.Mestrado em Engenharia Informátic

The Threat of Offensive AI to Organizations

AI has provided us with the ability to automate tasks, extract information from vast amounts of data, and synthesize media that is nearly indistinguishable from the real thing. However, positive tools can also be used for negative purposes. In particular, cyber adversaries can use AI to enhance their attacks and expand their campaigns. Although offensive AI has been discussed in the past, there is a need to analyze and understand the threat in the context of organizations. For example, how does an AI-capable adversary impact the cyber kill chain? Does AI benefit the attacker more than the defender? What are the most significant AI threats facing organizations today and what will be their impact on the future? In this study, we explore the threat of offensive AI on organizations. First, we present the background and discuss how AI changes the adversary’s methods, strategies, goals, and overall attack model. Then, through a literature review, we identify 32 offensive AI capabilities which adversaries can use to enhance their attacks. Finally, through a panel survey spanning industry, government and academia, we rank the AI threats and provide insights on the adversaries

An Analysis and Validation of an Online Photographic Identity Exposure Evaluation System

The rapid growth in volume over the last decade of personal photos placed online due to the advent of social media has made users highly susceptible to malicious forms of attack. A system was proposed and constructed using Open Source technologies capable of acquiring the necessary data to conduct a measurement of online photographic exposure to aid in assessing a user\u27s digital privacy. The system\u27s effectiveness at providing feedback on the level of exposure was tested by using a controlled set of three subjects. Each subject provided three training photos each that simulated what would be easily ascertainable from social media profiles, online professional portfolios, or public photography. The system was able to successfully biometrically identify 23 images out of ~14,000 that related to one of the respective candidates. This validates the system as an automated threat and vetting tool for online photographic privacy. VeriLook 5.4 one-to-many matching grossly underperformed on the images gathered with a mere 21% at best true acceptance rate. The scoring algorithm used herein to evaluate each candidate\u27s online photographic exposure was proven to be effective. The system developed was able to show that a candidate\u27s assumption of their digital footprint size is not always correct. Additional testing of the scoring algorithm is recommended before a conclusion can be made with about its universal accuracy