882 research outputs found
The Dark Side(-Channel) of Mobile Devices: A Survey on Network Traffic Analysis
In recent years, mobile devices (e.g., smartphones and tablets) have met an
increasing commercial success and have become a fundamental element of the
everyday life for billions of people all around the world. Mobile devices are
used not only for traditional communication activities (e.g., voice calls and
messages) but also for more advanced tasks made possible by an enormous amount
of multi-purpose applications (e.g., finance, gaming, and shopping). As a
result, those devices generate a significant network traffic (a consistent part
of the overall Internet traffic). For this reason, the research community has
been investigating security and privacy issues that are related to the network
traffic generated by mobile devices, which could be analyzed to obtain
information useful for a variety of goals (ranging from device security and
network optimization, to fine-grained user profiling).
In this paper, we review the works that contributed to the state of the art
of network traffic analysis targeting mobile devices. In particular, we present
a systematic classification of the works in the literature according to three
criteria: (i) the goal of the analysis; (ii) the point where the network
traffic is captured; and (iii) the targeted mobile platforms. In this survey,
we consider points of capturing such as Wi-Fi Access Points, software
simulation, and inside real mobile devices or emulators. For the surveyed
works, we review and compare analysis techniques, validation methods, and
achieved results. We also discuss possible countermeasures, challenges and
possible directions for future research on mobile traffic analysis and other
emerging domains (e.g., Internet of Things). We believe our survey will be a
reference work for researchers and practitioners in this research field.Comment: 55 page
A Critical Analysis Of The State-Of-The-Art On Automated Detection Of Deceptive Behavior In Social Media
Recently, a large body of research has been devoted to examine the user behavioral patterns and the business implications of social media. However, relatively little research has been conducted regarding users’ deceptive activities in social media; these deceptive activities may hinder the effective application of the data collected from social media to perform e-marketing and initiate business transformation in general. One of the main contributions of this paper is the critical analysis of the possible forms of deceptive behavior in social media and the state-of-the-art technologies for automated deception detection in social media. Based on the proposed taxonomy of major deception types, the assumptions, advantages, and disadvantages of the popular deception detection methods are analyzed. Our critical analysis shows that deceptive behavior may evolve over time, and so making it difficult for the existing methods to effectively detect social media spam. Accordingly, another main contribution of this paper is the design and development of a generic framework to combat dynamic deceptive activities in social media. The managerial implication of our research is that business managers or marketers will develop better insights about the possible deceptive behavior in social media before they tap into social media to collect and generate market intelligence. Moreover, they can apply the proposed adaptive deception detection framework to more effectively combat the ever increasing and evolving deceptive activities in social medi
Secure mobile multiagent systems in virtual marketplaces : a case study on comparison shopping
The growth of the Internet has deeply influenced our daily lives as well as our commercial structures. Agents and multiagent systems will play a major role in the further development of Internet-based applications like virtual marketplaces. However, there is an increasing awareness of the security problems involved. These systems will not be successful until their problems are solved. This report examines comparison shopping, a virtual marketplace scenario and an application domain for a mobile multiagent system, with respect to its security issues. The interests of the participants in the scenario, merchants and clients, are investigated. Potential security threats are identified and security objectives counteracting those threats are established. These objectives are refined into building blocks a secure multiagent system should provide. The building blocks are transformed into features of agents and executing platforms. Originating from this analysis, solutions for the actual implementation of these building blocks are suggested. It is pointed out under which assumptions it is possible to achieve the security goals, if at all
Anti-Fraud Schema System for Identification and Prevention of Fraud Behaviors in E-Commerce Services
This study aims to determine the best practices and provide a model of the technical solutions that can effectively and systematically limit fraudulent transactions of online orders in e-commerce services, using the methods of analytical mining and case studies. Based on a process of fraud prevention and detection performed in the e-business Dangdang, Inc., a leading online retailer in China, twelve identifying features of fraudulent order data were extracted and compiled into a feature matrix. Logistic regression with this matrix was then used to build a model to judge if an order was fraudulent. The model was tested using various order data with machine learning techniques to meet the requirements of being effective, correct, adaptive, and persistent. Then an online detection and prevention schema was established and the hypothesis of so-called Behavior Pattern Change Assumption (BPCA) was proven. The results show the model can detect 94% of fraudulent orders. The Anti-fraud Schema System established for Dangdang is shown to be the best model for the determination and prevention of fraudulent behaviors in the e-commerce services
Machine learning and deep learning
Today, intelligent systems that offer artificial intelligence capabilities
often rely on machine learning. Machine learning describes the capacity of
systems to learn from problem-specific training data to automate the process of
analytical model building and solve associated tasks. Deep learning is a
machine learning concept based on artificial neural networks. For many
applications, deep learning models outperform shallow machine learning models
and traditional data analysis approaches. In this article, we summarize the
fundamentals of machine learning and deep learning to generate a broader
understanding of the methodical underpinning of current intelligent systems. In
particular, we provide a conceptual distinction between relevant terms and
concepts, explain the process of automated analytical model building through
machine learning and deep learning, and discuss the challenges that arise when
implementing such intelligent systems in the field of electronic markets and
networked business. These naturally go beyond technological aspects and
highlight issues in human-machine interaction and artificial intelligence
servitization.Comment: Published online first in Electronic Market
Understanding the difference in malicious activity between Surface Web and Dark Web
The world has seen a dramatic increase in illegal activities on the Internet. Prior research has investigated different types of cybercrime, especially in the Surface Web, which is the portion of the content on the World Wide Web that popular engines may index. At the same time, evidence suggests cybercriminals are moving their operations to the Dark Web. This portion is not indexed by conventional search engines and is accessed through network overlays such as The Onion Router network. Since the Dark Web provides anonymity, cybercriminals use this environment to avoid getting caught or blocked, which represents a significant challenge for researchers. This research project investigates the modus operandi of cybercriminals on the Surface Web and the Dark Web to understand how cybercrime unfolds in different layers of the Web. Honeypots, specialised crawlers and extraction tools are used to analyse different types of online crimes. In addition, quantitative analysis is performed to establish comparisons between the two Web environments. This thesis is comprised of three studies. The first examines the use of stolen account credentials leaked in different outlets on the Surface and Dark Web to understand how cybercriminals interact with stolen credentials in the wild. In the second study, malvertising is analysed from the user's perspective to understand whether using different technologies to access the Web could influence the probability of malware infection. In the final study, underground forums on the Surface and Dark Web are analysed to observe differences in trading patterns in both environments. Understanding how criminals operate in different Web layers is essential to developing policies and countermeasures to prevent cybercrime more efficiently
- …