2 research outputs found
Effectiveness and Compliance to Social Distancing During COVID-19
In the absence of pharmaceutical interventions to curb the spread of
COVID-19, countries relied on a number of nonpharmaceutical interventions to
fight the first wave of the pandemic. The most prevalent one has been
stay-at-home orders, whose the goal is to limit the physical contact between
people, which consequently will reduce the number of secondary infections
generated. In this work, we use a detailed set of mobility data to evaluate the
impact that these interventions had on alleviating the spread of the virus in
the US as measured through the COVID-19-related deaths. To establish this
impact, we use the notion of Granger causality between two time-series. We show
that there is a unidirectional Granger causality, from the median percentage of
time spent daily at home to the daily number of COVID-19-related deaths with a
lag of 2 weeks. We further analyze the mobility patterns at the census block
level to identify which parts of the population might encounter difficulties in
adhering and complying with social distancing measures. This information is
important, since it can consequently drive interventions that aim at helping
these parts of the population
On the Privacy and Integrity Risks of Contact-Tracing Applications
Smartphone-based contact-tracing applications are at the epicenter of the
global fight against the Covid-19 pandemic. While governments and healthcare
agencies are eager to mandate the deployment of such applications en-masse,
they face increasing scrutiny from the popular press, security companies, and
human rights watch agencies that fear the exploitation of these technologies as
surveillance tools. Finding the optimal balance between community safety and
privacy has been a challenge, and strategies to address these concerns have
varied among countries. This paper describes two important attacks that affect
a broad swath of contact-tracing applications. The first, referred to as
contact-isolation attack, is a user-privacy attack that can be used to identify
potentially infected patients in your neighborhood. The second is a
contact-pollution attack that affects the integrity of contact tracing
applications by causing them to produce a high volume of false-positive alerts.
We developed prototype implementations and evaluated both attacks in the
context of the DP-3T application framework, but these vulnerabilities affect a
much broader class of applications. We found that both attacks are feasible and
realizable with a minimal attacker work factor. We further conducted an impact
assessment of these attacks by using a simulation study and measurements from
the SafeGraph database. Our results indicate that attacks launched from a
modest number (on the order of 10,000) of monitoring points can effectively
decloak between 5-40\% of infected users in a major metropolis, such as
Houston