Automated Crowdturfing Attacks and Defenses in Online Review Systems

Malicious crowdsourcing forums are gaining traction as sources of spreading misinformation online, but are limited by the costs of hiring and managing human workers. In this paper, we identify a new class of attacks that leverage deep learning language models (Recurrent Neural Networks or RNNs) to automate the generation of fake online reviews for products and services. Not only are these attacks cheap and therefore more scalable, but they can control rate of content output to eliminate the signature burstiness that makes crowdsourced campaigns easy to detect. Using Yelp reviews as an example platform, we show how a two phased review generation and customization attack can produce reviews that are indistinguishable by state-of-the-art statistical detectors. We conduct a survey-based user study to show these reviews not only evade human detection, but also score high on "usefulness" metrics by users. Finally, we develop novel automated defenses against these attacks, by leveraging the lossy transformation introduced by the RNN training and generation cycle. We consider countermeasures against our mechanisms, show that they produce unattractive cost-benefit tradeoffs for attackers, and that they can be further curtailed by simple constraints imposed by online service providers

Protecting Voice Controlled Systems Using Sound Source Identification Based on Acoustic Cues

Over the last few years, a rapidly increasing number of Internet-of-Things (IoT) systems that adopt voice as the primary user input have emerged. These systems have been shown to be vulnerable to various types of voice spoofing attacks. Existing defense techniques can usually only protect from a specific type of attack or require an additional authentication step that involves another device. Such defense strategies are either not strong enough or lower the usability of the system. Based on the fact that legitimate voice commands should only come from humans rather than a playback device, we propose a novel defense strategy that is able to detect the sound source of a voice command based on its acoustic features. The proposed defense strategy does not require any information other than the voice command itself and can protect a system from multiple types of spoofing attacks. Our proof-of-concept experiments verify the feasibility and effectiveness of this defense strategy.Comment: Proceedings of the 27th International Conference on Computer Communications and Networks (ICCCN), Hangzhou, China, July-August 2018. arXiv admin note: text overlap with arXiv:1803.0915

Doublespeak and the War on Terrorism

Five years have passed since the catastrophic terrorist attacks of September 11, 2001. Those attacks ushered in the war on terror. Since some high-ranking government officials and pundits are now referring to the war on terror as the "Long War" or "World War III," because its duration is not clear, now is an appropriate time to take a few steps back and examine the disturbing new vocabulary that has emerged from this conflict. One of the central insights of George Orwell's classic novel Nineteen Eighty-Four concerned the manipulative use of language, which he called "newspeak" and "doublethink," and which we now call "doublespeak" and "Orwellian." Orwell was alarmed by government propaganda and the seemingly rampant use of euphemisms and halftruths -- and he conveyed his discomfort with such tactics to generations of readers by using vivid examples in his novel. Despite our general awareness of the tactic, government officials routinely use doublespeak to expand, or at least maintain, their power. The purpose of this paper is not to criticize any particular policy initiative. Reasonable people can honestly disagree about what needs to be done to combat the terrorists who are bent on killing Americans. However, a conscientious discussion of our policy options must begin with a clear understanding of what our government is actually doing and what it is really proposing to do next. The aim here is to enhance the understanding of both policymakers and the interested lay public by exposing doublespeak