Undermining User Privacy on Mobile Devices Using AI

Over the past years, literature has shown that attacks exploiting the microarchitecture of modern processors pose a serious threat to the privacy of mobile phone users. This is because applications leave distinct footprints in the processor, which can be used by malware to infer user activities. In this work, we show that these inference attacks are considerably more practical when combined with advanced AI techniques. In particular, we focus on profiling the activity in the last-level cache (LLC) of ARM processors. We employ a simple Prime+Probe based monitoring technique to obtain cache traces, which we classify with Deep Learning methods including Convolutional Neural Networks. We demonstrate our approach on an off-the-shelf Android phone by launching a successful attack from an unprivileged, zeropermission App in well under a minute. The App thereby detects running applications with an accuracy of 98% and reveals opened websites and streaming videos by monitoring the LLC for at most 6 seconds. This is possible, since Deep Learning compensates measurement disturbances stemming from the inherently noisy LLC monitoring and unfavorable cache characteristics such as random line replacement policies. In summary, our results show that thanks to advanced AI techniques, inference attacks are becoming alarmingly easy to implement and execute in practice. This once more calls for countermeasures that confine microarchitectural leakage and protect mobile phone applications, especially those valuing the privacy of their users

Levels and Variations of Violation in Rape.

This chapter investigates the variations in crime scene behaviour revealed in a sample of victim statements in cases of stranger sexual assault. Building on previous findings by Canter and Heritage (1990), and Canter (1994), it was hypothesised that there existed a scale of differing levels of violation by the offender. This scale, based upon actions in the offence, ranged from personal violation, through to physical violation and finally, at the most extreme level, sexual violation. Offences could also be differentiated at the personal and physical levels in terms of hostile, controlling, stealing or involving thematic emphases to the criminal’s actions. To test these hypotheses, crime scene data from the first detected offences of 112 British rapists were analysed using a multi-dimensional scaling procedure to explore the relationships amongst crime scene actions. The results provided empirical support for the four action themes as different expressions of various intensities of violation. The implications that these findings have for the investigation of stranger sexual assault and treatment of victims are discussed

Shall I post this now? Optimized, delay-based privacy protection in social networks

The final publication is available at Springer via http://dx.doi.org/10.1007/s10115-016-1010-4Despite the several advantages commonly attributed to social networks such as easiness and immediacy to communicate with acquaintances and friends, significant privacy threats provoked by unexperienced or even irresponsible users recklessly publishing sensitive material are also noticeable. Yet, a different, but equally significant privacy risk might arise from social networks profiling the online activity of their users based on the timestamp of the interactions between the former and the latter. In order to thwart this last type of commonly neglected attacks, this paper proposes an optimized deferral mechanism for messages in online social networks. Such solution suggests intelligently delaying certain messages posted by end users in social networks in a way that the observed online activity profile generated by the attacker does not reveal any time-based sensitive information, while preserving the usability of the system. Experimental results as well as a proposed architecture implementing this approach demonstrate the suitability and feasibility of our mechanism.Peer ReviewedPostprint (author's final draft

Camera Surveillance as a Measure of Counterterrorism?

Camera surveillance has recently gained prominence in policy proposals on combating terrorism. We evaluate this instrument of counterterrorism as resting on the premise of a deterrence effect. Based on comparative arguments and previous evidence on crime, we expect camera surveillance to have a relatively smaller deterrent effect on terrorism than on other forms of crime. In particular, we emphasize opportunities for substitution (i.e., displacement effects), the interaction with media attention aspired to by terrorists, the limits of real-time interventions, the crowding-out of social surveillance, the risk of misguided profiling, and politico-economic concerns regarding the misuse of the technology.Camera surveillance, closed-circuit television (CCTV), public security, deterrence, terrorism