Applications of attention economics in studying equilibria in social networking

Within social networking services, users construct their personal social networks by creating asymmetric or symmetric social links. They usually follow friends and selected professional users, such as celebrities and news agencies. On such platforms, attentions are used as currency to consume the information. The economic theory that deals with this situation of excessive information and scarce attention is called attention economics and it parallels standard economic theory although there are some interesting points of difference. In this dissertation, we use attention economic method to analyze interactions on social media. We statically and dynamically analyze a huge social graph with a manually classified set of professional users. The results show that the in-degree of professional users does not fit to power-law distribution. Conversely, the maximum number of professional users in one category for each user shows power-law property. We analyze the reasons of these phenomena wherein we consider questions of supply and demand, the game among professional users, the game among common and professional users, and the marginal utility of common users. The result of supply and demand determines the proportion of professional users in different subjects and the games strongly influence the profession users' interaction patterns. The marginal utility is the direct reason for users to follow and unfollow others. Finally, game theory from economics is applied to analyze the malicious URL attack on social media. Unlike other cyberspace, it is hard to directly publish malware or phishing page on social media. The attackers publish some bad-content URLs on social media, and lure users to click them with the URLs leading the users to the malicious page. These malicious URLs become the major gateway to further cyber-attacks on these platforms. We have shown that even with perfect and real-time detection algorithms, malicious URLs can easily snag many visitors, if they are checked by the system only once. We propose some countermeasures. Our research on the use of attention economics has demonstrated its significance for the study of social networks

Pharming: análise dogmático-penal, em especial enquanto forma de lesão do património

Dissertação de mestrado em Direito e InformáticaA par dos constantes avanços tecnológico, que destroem barreiras antes entendidas por inultrapassáveis, surgem novas e sofisticadas possibilidades de perpetrar crimes através da Internet e por acesso a sistemas informáticos: a chamada Criminalidade Informática. De facto, são inúmeros os ataques que podem ser cometidos por esta via sem que o homem-médio possa estar a par de todos eles a fim de os conseguir combater efetivamente. Um desses ataques, cada vez com maior ocorrência, é o pharming, avanço em relação ao já mais conhecido phishing e que surgiu como forma a ultrapassar certos entraves inerentes a este último, trazendo assim uma maior perigosidade e dificuldade em apurar a correspondente responsabilidade. Porém, a principal lacuna está ainda em perceber com certeza os limites jurídico-penais de enquadramento, o que pode gerar nos nossos tribunais injustiças e dificuldades de tratamento, dados os contornos demasiado técnicoinformáticos que as mais ponderadas conclusões pressupõem. Por isso, visa este trabalho delimitar com rigor o enquadramento jurídicopenal a que se deve reconduzir tal fenómeno, pela previsibilidade de que a sua ocorrência seja cada vez mais frequente e também porque os nosso tribunais se pronunciaram até então apenas numa perspetiva civilística, imperando a necessidade de uma visão de natureza penal.Being aware of constant technological advances which destroy barriers before faced as unbreakable, nowadays we are faced with new and sophisticated possibilities of perpetrating crimes through the Internet by accessing computer systems: commonly called as Cybercrime. In fact, the atacks that can be commited through this way are so many that common-men can not be aware and defeat all of them effectively. Pharming is one of those atacks that have occurred more often – in order to overtake some obstacles well-knowned from phishing – and so it means a bigger threat that brings further challeges to find out legal responsability. Although, the main gap is to fully understand the criminal boundaries of frameworking due to pharming’s profile has such technical and informatical peculiarities that must be understood to take the most balanced conclusions. We have it in mind because these doubts could guide our courts to injustices and treatment difficulties. As such, the main goal of this work is to define precisely the legal framework: in first place because it is predictable the frequent occurence of this phenomenon in our society, and secondly due to the urgency of a correct criminal vision by our courts that has only pronounced themselves in a civilian perspective until now

Hameçonnage bancaire : un cadre d’analyse et de réduction de risque de victimisation

RÉSUMÉ : La fraude bancaire, tout particulièrement celle qui implique l’hameçonnage, reste un enjeu majeur de la relation qu’entretiennent les banques avec leurs clients. Les statistiques croissantes sur les montants dérobés des comptes des victimes et la multiplicité des contremesures, des organismes nationaux et des coalitions multinationales d’entreprises qui luttent contre ce fléau en sont deux indicateurs de l’étendue du phénomène. Ce constat nous a amenés à aborder dans cette thèse, les questions des facteurs de risque de victimisation et des améliorations à apporter aux contremesures afin d’en diminuer les impacts. A été étudiée en premier, la question de savoir quels sont les éléments nécessaires et suffisants à la définition de la victimisation par hameçonnage bancaire. Nous avons répondu à cette question en proposant un ensemble cohérent de quatre éléments sur lesquels doit s’appuyer toute définition de la victimisation par hameçonnage bancaire, notamment, l’action posée, l’objet utilisé, les présumés victimes et la nature des préjudices subis par lesdites victimes. Sur la base de ces éléments, nous avons défini trois formes de victimisation : la tentative d’hameçonnage, l’infection et la fraude. Prenant appui sur ces trois formes de victimisation, nous avons développé un modèle de régression logistique pour analyser les données d’une vaste enquête canadienne (Enquête ESG, 2009) sur la victimisation en ligne afin d’identifier et classer hiérarchiquement les facteurs clés de risque de tentative d’hameçonnage, d’infection et de fraude (cf. Tableau 5.1). Il en ressort que les comportements à risque en ligne, de même que le manque de formation de base en sécurité et de sensibilisation aux menaces sont les catégories ayant le plus d’importance dans l’explication de la victimisation par tentative d’hameçonnage et par infection. Quant aux facteurs qui contribuent à la fraude (retrait de l’argent des comptes des victimes), les données de l’enquête ESG 2009 ne permettant pas d’étudier le processus de monétisation - manque de données sur le marché noir des renseignements volés -, nous avons développé un modèle théorique pour étudier les comportements de deux acteurs de ce marché noir : le fraudeur et la mule. Pour ce faire, nous avons appliqué la théorie du choix rationnel développée en économie. Aussi, les fonctions d’utilité classique de type CRRA (Constant Relative Risk Aversion) et de type CARA (Constant Absolute Risk Aversion) ont été utilisées pour étudier le comportement du fraudeur vis-à-vis du risque. Enfin, pour tester notre modèle théorique, nous avons exploité des données colligées des forums clandestins. Les résultats de simulation de ce modèle révèlent que six facteurs ont une influence, à des degrés divers, sur le processus de monétisation. Il y a le revenu anticipé du fraudeur, l’intensité du niveau des mesures de sécurité mises en place par les banques, la commission versée à la mule, le prix du renseignement, la richesse initiale du fraudeur et la probabilité de se faire arrêter. Afin d’évaluer la pertinence de notre modèle théorique pour répondre à notre question de recherche sur les facteurs clés de risque de victimisation, une enquête basée sur un échantillon par choix raisonné a été menée auprès de dix-sept experts en sécurité informatique. Les résultats de cette enquête confirment que deux des six facteurs déterminés par notre modèle théorique ont une grande importance dans le processus de monétisation. Il s’agit du revenu anticipé du fraudeur et du niveau de mesures mises en place par les banques. Deux autres facteurs que nous n’avons pas mesurés dans notre modèle, faute de données et de métriques, ont été retenus par les experts comme étant des facteurs ayant des effets prépondérants sur la décision de monétiser ou non un renseignement volé : la qualité du renseignement et le temps écoulé entre le vol du renseignement et le retrait de l’argent du compte de la victime. Dans la même enquête, nous avons demandé aux experts de proposer des améliorations à apporter aux contremesures actuelles afin de réduire les risques de victimisation inhérents aux facteurs que nous avons déterminés. L’analyse des réponses des experts a permis d’adresser vingt-cinq recommandations aux pouvoirs publics, à l’utilisateur final, aux entreprises, aux développeurs de solutions de sécurité et aux organismes qui luttent contre l’hameçonnage bancaire. Le modèle micro-économique que nous avons proposé est la principale contribution théorique de cette recherche. Quant à la principale contribution pratique, elle a été de proposer, en se basant sur les avis des experts, des améliorations à apporter aux contremesures actuelles afin de réduire, le cas échéant, le risque d’hameçonnage bancaire. Cette recherche a toutefois quelques limites, notamment l’asymétrie d’information dans un marché noir de renseignements bancaires et le nombre limité des experts de l’enquête. Il serait intéressant à l’avenir de prendre en compte l’asymétrie d’information dans l’analyse du marché noir et de valider le modèle conçu avec plus de données empiriques colligées des forums, des banques et auprès des experts en sécurité informatique.----------ABSTRACT : Banking Fraud, specifically one which involves phishing, remains a major issue in the Relationship that banks maintain with their clients. The rising statistics on the amounts stolen from victims’ accounts as well as the multiplicity of countermeasures, the national organisations and the coalition of multinational businesses that fight against the plague, are two indicators of the extent of this phenomenon. This observation led us to examine in this thesis, the questions of victimisation risk factors and the improvements that can be made to countermeasures in order to diminish the impacts of phishing. We first examined the question of determining the necessary and sufficient elements required to define victimisation by banking phishing. We have answered this question by proposing a coherent ensemble of four elements on which any definition of victimisation by banking phishing must repose. These include the action, the objects used, the presumed victims and the nature of the prejudices suffered by said victims. On account of these elements, we have defined three forms of victimisation: phishing attempts, infection and fraud. On the basis of three forms of victimisation, we have developed a logistic regression model to analyse the data from an extensive Canadian investigation into online victimisation; in order to identify and hierarchically classify the key risk factors of phishing attempt, infection and fraud (Table 5.1). It appears that risky online behaviours, as well as the lack of basic training in security and threat sensitisation are the most important categories in the explanation of victimisation by attempt at phishing and by infection. As it related to factors that contribute to fraud (money withdrawal from victims’ accounts), the data from the ESG 2009 investigation does not allow for a study of the monetisation process – lack of data on the black market of stolen information. We have developed a theoretical model to study the behaviours of two players in the black market: the fraudster and the mule. To carry this out, we applied the rational choice theory developed in economics. Also, the classical utility functions of the CRRA (Constant Relative Risk Aversion) and CARA (Constant Absolute Risk Aversion) varieties are used to study the behaviour of the fraudster vis-à-vis risk. Finally, to test our theoretical model, we took advantage of the data gathered from clandestine sites. The results of the simulation of this model revealed that six factors influence, to different extents, the monetisation process. There is the anticipated revenue by the fraudster, the intensity of the level of security put in place by the banks, the commission paid to the mule, the price of the information, the initial wealth of the fraudster and the probability of getting caught. To evaluate the pertinence of our theoretical model in answering our research question on the key risk factors of victimisation, an investigation based on the rational choice sample has been performed among seventeen experts in information security. The results of this investigation confirmed that two out of six factors determined by our theoretical model have significant influence on the monetisation process. These include the anticipated revenue by the fraudster and the level of measures put in place by banks. Two other factors that we have not measured in our model, due to a lack of data and metrics, have been retained by the experts as factors having dominating effects on the decision to monetise or not stolen information: the quality of the information and the time elapsed since the theft as well as the withdrawal of money from the account by the victim. In the same investigation, we have asked experts to suggest improvements that can be made to the actual countermeasures in order to reduce the inherent victimisation risks that we have determined. The analysis of the experts’ responses has enabled us to provide twenty-five recommendations to authorities, the final user, businesses, security solutions developers and organisations that fight against banking phishing

A Novel Framework for Improving Cyber Security Management and Awareness for Home Users

A wide and increasing range of different technologies, devices, platforms, applications and services are being used every day by home users. In parallel, home users are also experiencing a range of different online threats and attacks. Indeed, home users are increasingly being targeted as they lack the knowledge and awareness about potential threats and how to protect themselves. The increase in technologies and platforms also increases the burden upon a user to understand how to apply security across the differing technologies, operating systems and applications. This results in managing the security across their technology portfolio increasingly more troublesome and time-consuming. Thus, it is apparent that a more innovative, convenient and usable security management solution is vital. This thesis investigates current online awareness tools and reviews studies which try to enhance cybersecurity awareness and education among the home users. It is evident from the analysis that most of the studies which have made efforts in proposing “one-fits-all” solutions do not have the ability to provide the users with a tailored awareness content based on a number of criteria such as the current needs, prior knowledge, and security priorities for each user. The thesis proposes an approach for improving security management and awareness for home users by providing them with a customised security awareness. A design science research methodology has been used for understanding the current problem, creating and developing an artefact which can enhance security management and awareness for home users. A number of security controls and requirements were identified which need to be managed and monitored for different technologies and services. In addition, the research designed several preliminary interfaces which can show the main components and aspects in the proposed solution based on HCI principles. A participant-based study was undertaken to get feedback on the initial design requirements and interfaces. A survey of 434 digital device users was undertaken and reveal result that there is a positive correlation between the security concern, knowledge and management amongst home users towards different security aspects. Positive feedback and some valuable comments were received about the preliminary interface designs in terms of the usability and functionality aspects. This builds into a final design phase which proposes a novel architecture for enhancing security management and awareness for home users. The proposed framework is capable of creating and assigning different security policies for different digital devices. These assigned policies are monitored, checked and managed in order to review the user’s compliance with the assigned policies and provide bespoke security awareness. In addition. A mockup design was developed to simulate the proposed framework to show different interactions with different components and sections in order to visualise the main concepts and the functions which might be performed when it is deployed in a real environment. Ultimately, two separate focus group discussions, involving experts and end-users have been conducted in order to provide a comprehensive evaluation of the identified research problem, the feasibility and the effectiveness of the proposed approach. The overall feedback of the two discussions can be considered as positive, constructive and encouraging. The experts agreed that the identified research problem is very important and a real problem. In addition, the participants agreed that the proposed framework is feasible and effective in improving security management and awareness for home users. The outcomes have also shown a reasonable level of satisfaction from the participants towards different components and aspects of the proposed design.Saudi governmen