1,096 research outputs found
XRay: Enhancing the Web's Transparency with Differential Correlation
Today's Web services - such as Google, Amazon, and Facebook - leverage user
data for varied purposes, including personalizing recommendations, targeting
advertisements, and adjusting prices. At present, users have little insight
into how their data is being used. Hence, they cannot make informed choices
about the services they choose. To increase transparency, we developed XRay,
the first fine-grained, robust, and scalable personal data tracking system for
the Web. XRay predicts which data in an arbitrary Web account (such as emails,
searches, or viewed products) is being used to target which outputs (such as
ads, recommended products, or prices). XRay's core functions are service
agnostic and easy to instantiate for new services, and they can track data
within and across services. To make predictions independent of the audited
service, XRay relies on the following insight: by comparing outputs from
different accounts with similar, but not identical, subsets of data, one can
pinpoint targeting through correlation. We show both theoretically, and through
experiments on Gmail, Amazon, and YouTube, that XRay achieves high precision
and recall by correlating data from a surprisingly small number of extra
accounts.Comment: Extended version of a paper presented at the 23rd USENIX Security
Symposium (USENIX Security 14
A taxonomy of attacks and a survey of defence mechanisms for semantic social engineering attacks
Social engineering is used as an umbrella term for a broad spectrum of computer exploitations that employ a variety of attack vectors and strategies to psychologically manipulate a user. Semantic attacks are the specific type of social engineering attacks that bypass technical defences by actively manipulating object characteristics, such as platform or system applications, to deceive rather than directly attack the user. Commonly observed examples include obfuscated URLs, phishing emails, drive-by downloads, spoofed web- sites and scareware to name a few. This paper presents a taxonomy of semantic attacks, as well as a survey of applicable defences. By contrasting the threat landscape and the associated mitigation techniques in a single comparative matrix, we identify the areas where further research can be particularly beneficial
Facing off : facebook and higher education
A social and cultural expectation that Information Communication Technologies (ICT) should be ubiquitous within peoples\u27 daily lives is apparent. Connecting generational groups with a specific set of technological attributes also assumes the ways that particular groups of students should be able/do “naturally” use emergent mobile and social technologies. Moreover, the use of social networking technologies is evident in a number of ways within higher education (HE) pedagogies. As part of the suite of possibilities in Web 2.0, Facebook is used in a number of ways to support communications within and between institutions and their students as well as a mechanism for teaching and learning within specific units of study.The chapter commences with a broad discussion about social sharing software of Web 2.0, specifically Facebook, as a potential teaching and learning tool in HE contexts. We traverse recent exemplars and discourses surrounding the use of social technologies for the purposes of HE. It is clear from the literature that while there is much excitement at the possibilities that such technologies offer, there are increasing anxieties across institutional and individual practitioners, in regard to possible consequences of their use.Through autoethnographic methodology, this chapter showcases potentials and challenges of Facebook in HE. Through the use of constructed scenarios, the authors describe occurrences that necessitate increasing professional development and vigilance online. Some of the issues highlighted within this chapter include blurring of professional and personal life world boundaries, issues of identity theft and vandalism, cyberstalking and bullying, working in the public domain, and questions of virtual integrity
Spartan Daily, September 7, 1990
Volume 95, Issue 6https://scholarworks.sjsu.edu/spartandaily/8006/thumbnail.jp
Private and censorship-resistant communication over public networks
Society’s increasing reliance on digital communication networks is creating unprecedented opportunities for wholesale
surveillance and censorship. This thesis investigates the use of public networks such as the Internet to build
robust, private communication systems that can resist monitoring and attacks by powerful adversaries such as national
governments.
We sketch the design of a censorship-resistant communication system based on peer-to-peer Internet overlays in which
the participants only communicate directly with people they know and trust. This ‘friend-to-friend’ approach protects
the participants’ privacy, but it also presents two significant challenges. The first is that, as with any peer-to-peer
overlay, the users of the system must collectively provide the resources necessary for its operation; some users might
prefer to use the system without contributing resources equal to those they consume, and if many users do so, the
system may not be able to survive.
To address this challenge we present a new game theoretic model of the problem of encouraging cooperation between
selfish actors under conditions of scarcity, and develop a strategy for the game that provides rational incentives for
cooperation under a wide range of conditions.
The second challenge is that the structure of a friend-to-friend overlay may reveal the users’ social relationships to
an adversary monitoring the underlying network. To conceal their sensitive relationships from the adversary, the
users must be able to communicate indirectly across the overlay in a way that resists monitoring and attacks by other
participants.
We address this second challenge by developing two new routing protocols that robustly deliver messages across
networks with unknown topologies, without revealing the identities of the communication endpoints to intermediate
nodes or vice versa. The protocols make use of a novel unforgeable acknowledgement mechanism that proves that a
message has been delivered without identifying the source or destination of the message or the path by which it was
delivered. One of the routing protocols is shown to be robust to attacks by malicious participants, while the other
provides rational incentives for selfish participants to cooperate in forwarding messages
- …