Sextortion: The Hybrid Cyber-Sex Crime

Sextortion is an increasingly prevalent internet crime, but it is not well-defined or understood. As new technology makes the challenge of combatting sextortion even more difficult, regulators should consider using a broad definition of sextortion to capture the myriad of ways that criminals are extorting victim with their sexual images. This recent development discusses the pervasiveness and methods of the crime, particularly in the context of technology, and the need for federal government action and legislation to promote public awareness of this disturbingly prevalent cyber-sex crime. This article recommends a sextortion attack plan that would involve: (1) enactment of a federal sextortion crime that properly classifies sextortion as a sex crime, (2) federally regulating and negotiating with internet companies to take greater responsibility for sextortion occurring on internet platforms, (3) establishing a non-profit clearinghouse under the federal statute to collect data and provide resources to both victims and law enforcement, and (4) using information gathered from the clearinghouse to create an effective sextortion awareness campaign

Interdependent and Multi-Subject Privacy: Threats, Analysis and Protection

In Alan Westin's generally accepted definition of privacy, he describes it as an individual's right 'to control, edit, manage, and delete information about them[selves] and decide when, how, and to what extent information is communicated to others.' Therefore, privacy is an individual and independent human right. The great Mahatma Gandhi once said that 'interdependence is and ought to be as much the ideal of man as selfsufficiency. Man is a social being.' To ensure this independent right to inherently social beings, it will be difficult, if not impossible. This is especially true as today's world is highly interconnected, technology evolves rapidly, data sharing is increasingly abundant, and regulations do not provide sufficient guidance in the realm of interdependency. In this thesis, we explore the topic of interdependent privacy from an adversarial point of view by exposing threats, as well as from an end-user point of view, by exploring awareness, preferences and privacy protection needs. First, we quantify the effect of co-locations on location privacy, considering an adversary such as a social-network operator that has access to this information: Not only can a user be localized due to her reported locations and mobility patterns, but also due to those of her friends (and the friends of her friends and so on). We formalize this problem and propose effective inference algorithms that substantially reduce the complexity of localization attacks that make use of co-locations. Our results show that an adversary can effectively incorporate co-locations in attacks to substantially reduce users' location privacy; this exposes a real and severe threat. Second, we investigate the interplay between the privacy risks and the social benefits of users when sharing (co-)locations on OSNs. We propose a game-theoretic framework for analyzing users' strategic behaviors. We conduct a survey of Facebook users and quantify their benefits of sharing vs. viewing information and their preference for privacy vs. benefits. Our survey exposes deficits in users' awareness of privacy risks in OSNs. Our results further show how users' individual preferences influence, sometimes in a negative way, each other's decisions. Third, we consider various types of interdependent and multi-subject data (photo, colocation, genome, etc.) that often have privacy implications for data subjects other than the uploader, yet can be shared without their consent or awareness. We propose a system for sharing such data in a consensual and privacy-preserving manner. We implement it in the case of photos, by relying on image-processing and cryptographic techniques, as well as on a two-tier architecture. We conduct a survey of Facebook users; it indicates that there is interest in such a system, and that users have increasing privacy concerns due to prejudice or discrimination that they have been or could still easily be exposed to. In conclusion, this thesis provides new insights on users' privacy in the context of interdependence and constitutes a step towards the design of novel privacy-protection mechanisms. It should be seen as a warning message for service providers and regulatory institutions: Unless the interdependent aspects of privacy are considered, this fundamental human right can never be guaranteed

PROACTIVE BIOMETRIC-ENABLED FORENSIC IMPRINTING SYSTEM

Insider threats are a significant security issue. The last decade has witnessed countless instances of data loss and exposure in which leaked data have become publicly available and easily accessible. Losing or disclosing sensitive data or confidential information may cause substantial financial and reputational damage to a company. Therefore, preventing or responding to such incidents has become a challenging task. Whilst more recent research has focused explicitly on the problem of insider misuse, it has tended to concentrate on the information itself—either through its protection or approaches to detecting leakage. Although digital forensics has become a de facto standard in the investigation of criminal activities, a fundamental problem is not being able to associate a specific person with particular electronic evidence, especially when stolen credentials and the Trojan defence are two commonly cited arguments. Thus, it is apparent that there is an urgent requirement to develop a more innovative and robust technique that can more inextricably link the use of information (e.g., images and documents) to the users who access and use them. Therefore, this research project investigates the role that transparent and multimodal biometrics could play in providing this link by leveraging individuals’ biometric information for the attribution of insider misuse identification. This thesis examines the existing literature in the domain of data loss prevention, detection, and proactive digital forensics, which includes traceability techniques. The aim is to develop the current state of the art, having identified a gap in the literature, which this research has attempted to investigate and provide a possible solution. Although most of the existing methods and tools used by investigators to conduct examinations of digital crime help significantly in collecting, analysing and presenting digital evidence, essential to this process is that investigators establish a link between the notable/stolen digital object and the identity of the individual who used it; as opposed to merely using an electronic record or a log that indicates that the user interacted with the object in question (evidence). Therefore, the proposed approach in this study seeks to provide a novel technique that enables capturing individual’s biometric identifiers/signals (e.g. face or keystroke dynamics) and embedding them into the digital objects users are interacting with. This is achieved by developing two modes—a centralised or decentralised manner. The centralised approach stores the mapped information alongside digital object identifiers in a centralised storage repository; the decentralised approach seeks to overcome the need for centralised storage by embedding all the necessary information within the digital object itself. Moreover, no explicit biometric information is stored, as only the correlation that points to those locations within the imprinted object is preserved. Comprehensive experiments conducted to assess the proposed approach show that it is highly possible to establish this correlation even when the original version of the examined object has undergone significant modification. In many scenarios, such as changing or removing part of an image or document, including words and sentences, it was possible to extract and reconstruct the correlated biometric information from a modified object with a high success rate. A reconstruction of the feature vector from unmodified images was possible using the generated imprints with 100% accuracy. This was achieved easily by reversing the imprinting processes. Under a modification attack, in which the imprinted object is manipulated, at least one imprinted feature vector was successfully retrieved from an average of 97 out of 100 images, even when the modification percentage was as high as 80%. For the decentralised approach, the initial experimental results showed that it was possible to retrieve the embedded biometric signals successfully, even when the file (i.e., image) had had 75% of its original status modified. The research has proposed and validated a number of approaches to the embedding of biometric data within digital objects to enable successful user attribution of information leakage attacks.Embassy of Saudi Arabia in Londo

Investigating Obfuscation as a Tool to Enhance Photo Privacy on Social Networks Sites

Photos which contain rich visual information can be a source of privacy issues. Some privacy issues associated with photos include identification of people, inference attacks, location disclosure, and sensitive information leakage. However, photo privacy is often hard to achieve because the content in the photos is both what makes them valuable to viewers, and what causes privacy concerns. Photo sharing often occurs via Social Network Sites (SNSs). Photo privacy is difficult to achieve via SNSs due to two main reasons: first, SNSs seldom notify users of the sensitive content in their photos that might cause privacy leakage; second, the recipient control tools available on SNSs are not effective. The only solution that existing SNSs (e.g., Facebook, Flickr) provide is control over who receives a photo. This solution allows users to withhold the entire photo from certain viewers while sharing it with other viewers. The idea is that if viewers cannot see a photo, then privacy risk is minimized. However, withholding or self-censoring photos is not always the solution people want. In some cases, people want to be able to share photos, or parts of photos, even when they have privacy concerns about the photo. To provide better online photo privacy protection options for users, we leverage a behavioral theory of privacy that identifies and focuses on two key elements that influence privacy -- information content and information recipient. This theory provides a vocabulary for discussing key aspects of privacy and helps us organize our research to focus on the two key parameters through a series of studies. In my thesis, I describe five studies I have conducted. First, I focus on the content parameter to identify what portions of an image are considered sensitive and therefore are candidates to be obscured to increase privacy. I provide a taxonomy of content sensitivity that can help designers of photo-privacy mechanisms understand what categories of content users consider sensitive. Then, focusing on the recipient parameter, I describe how elements of the taxonomy are associated with users\u27 sharing preferences for different categories of recipients (e.g., colleagues vs. family members). Second, focusing on controlling photo content disclosure, I invented privacy-enhancing obfuscations and evaluated their effectiveness against human recognition and studied how they affect the viewing experience. Third, after discovering that avatar and inpainting are two promising obfuscation methods, I studied whether they were robust when de-identifying both familiar and unfamiliar people since viewers are likely to know the people in OSN photos. Additionally, I quantified the prevalence of self-reported photo self-censorship and discovered that privacy-preserving obfuscations might be useful for combating photo self-censorship. Gaining sufficient knowledge from the studies above, I proposed a privacy-enhanced photo-sharing interface that helps users identify the potential sensitive content and provides obfuscation options. To evaluate the interface, I compared the proposed obfuscation approach with the other two approaches – a control condition that mimics the current Facebook photo-sharing interface and an interface that provides a privacy warning about potentially sensitive content. The results show that our proposed system performs better over the other two in terms of reducing perceived privacy risks, increasing willingness to share, and enhancing usability. Overall, our research will benefit privacy researchers, online social network designers, policymakers, computer vision researchers, and anyone who has or wants to share photos online

Abusive and Offensive Online Communications: A Scoping Report

No abstract available

Cyber crime and telecommunications law

Cyber crime is a new and emerging area of concern for technology professionals, business leaders, and heads of government. This research takes a look at the individuals behind these crimes in order to develop a profile and determine emerging trends. Classical Sociological theory is detailed and its ability to apply to modern cyber crime is explained. Interviews were conducted with five professionals in the field in order to gain a wide range of differing experiences and emerging trends. The most important cyber crime laws in the United States Code were broken down into their elements and explained in a way that technology and business professionals, without a legal background, can understand. Seven case studies were then conducted to find the facts of the crime, the statutes which were violated, the outcome, and analysis. The research concludes with a final analysis section which outlines the findings of this research

Cyberbullying in educational context

Kustenmacher and Seiwert (2004) explain a man’s inclination to resort to technology in his interaction with the environment and society. Thus, the solution to the negative consequences of Cyberbullying in a technologically dominated society is represented by technology as part of the technological paradox (Tugui, 2009), in which man has a dual role, both slave and master, in the interaction with it. In this respect, it is noted that, notably after 2010, there have been many attempts to involve artificial intelligence (AI) to recognize, identify, limit or avoid the manifestation of aggressive behaviours of the CBB type. For an overview of the use of artificial intelligence in solving various problems related to CBB, we extracted works from the Scopus database that respond to the criterion of the existence of the words “cyberbullying” and “artificial intelligence” in the Title, Keywords and Abstract. These articles were the subject of the content analysis of the title and, subsequently, only those that are identified as a solution in the process of recognizing, identifying, limiting or avoiding the manifestation of CBB were kept in the following Table where we have these data synthesized and organized by years

Efficient Protocols for Multi-Party Computation

Secure Multi-Party Computation (MPC) allows a group of parties to compute a join function on their inputs without revealing any information beyond the result of the computation. We demonstrate secure function evaluation protocols for branching programs, where the communication complexity is linear in the size of the inputs, and polynomial in the security parameter. Our result is based on the circular security of the Paillier\u27s encryption scheme. Our work followed the breakthrough results by Boyle et al. [9; 11]. They presented a Homomorphic Secret Sharing scheme which allows the non-interactive computation of Branching Programs over shares of the secret inputs. Their protocol is based on the Decisional Diffie-Hellman Assumption. Additionally, we offer a verification technique to directly check correctness of the actual computation, rather than the absence of a potential error as in [9]. This results in fewer repetitions of the overall computation for a given error bound. We also use Paillier’s encryption as the underlying scheme of publicly perceptual hashing. Perceptual hashing allows the computation of a robust fingerprint of media files, such that the fingerprint can be used to detect the same object even if it has been modified in per- ceptually non-significant ways (e.g., compression). The robustness of such functions relies on the use of secret keys both during the computation and the detection phase. We present examples of publicly evaluatable perceptual hash functions which allow a user to compute the perceptual hash of an image using a public key, while only the detection algorithm will use the secret key. Our technique can be used to encourage users to submit intimate images to blacklist databases to stop those images from ever being posted online – indeed using a publicly evaluatable perceptual hash function the user can privately submit the fingerprint, without ever revealing the image. We present formal definitions for the security of perceptual hash, a general theoretical result that uses Fully Homomorphic Encryption, and a specific construction using Paillier’s encryption. For the latter we show via extensive implementation tests that the cryptographic overhead can be made minimal, resulting in a very efficient construction

New French Horror: The Emergence of the Horror Genre in Contemporary French Cinema

There is a strong and well-documented tradition of French Fantastic Cinema, from Georges Méliès, the surrealists, and Jean Cocteau, to the films of Jean Rollin, Luc Besson and Jean-Pierre Jeunet. Despite this tradition, however, it has been agreed that there is no genuine Horror genre tradition. Recently, however, we have witnessed a surge of horror films produced in France, such as Promenons-nous dans les bois (Deep in the Woods, 2000), Un Jeu d’enfants (2001), Maléfique (2002), Haute tension (Switchblade Romance, 2003), Calvaire (The Ordeal, 2004), Ils (Them, 2006), Sheitan (Satan, 2006), Frontière(s) (Frontier(s), 2007), À l’intérieur (Inside, 2007) and Martyrs (2008). This research project will analyse these new French horror films, all made in the last twenty years and ask about the antecedents of this new genre, what impact they have made on French cinema and their relations to other international forms (the US, European, Asian, etc.). The rationale of this research thesis is to analyse this group of films all made since the early 2000s, to investigate the trends, conditions, or incentives for the horror genre to emerge during this time, and to examine the trajectory of the horror genre within French cinema, what antecedents were in place for the genre to emerge, and the influence of other national horror cinemas. To what extent does this latest generation of French filmmakers look to American horror films and American filmmakers as their inspiration? As well as critically analysing the works in the context of a cohesive genre, utilising various concepts and methodologies most associated with the genre (abjection, the uncanny, trauma theory, body horror), this thesis will examine the causes and influences on this emergence and the popular, critical, and academic reaction and impact of the genre in France and internationally