Defending against Sybil Devices in Crowdsourced Mapping Services

Real-time crowdsourced maps such as Waze provide timely updates on traffic, congestion, accidents and points of interest. In this paper, we demonstrate how lack of strong location authentication allows creation of software-based {\em Sybil devices} that expose crowdsourced map systems to a variety of security and privacy attacks. Our experiments show that a single Sybil device with limited resources can cause havoc on Waze, reporting false congestion and accidents and automatically rerouting user traffic. More importantly, we describe techniques to generate Sybil devices at scale, creating armies of virtual vehicles capable of remotely tracking precise movements for large user populations while avoiding detection. We propose a new approach to defend against Sybil devices based on {\em co-location edges}, authenticated records that attest to the one-time physical co-location of a pair of devices. Over time, co-location edges combine to form large {\em proximity graphs} that attest to physical interactions between devices, allowing scalable detection of virtual vehicles. We demonstrate the efficacy of this approach using large-scale simulations, and discuss how they can be used to dramatically reduce the impact of attacks against crowdsourced mapping services.Comment: Measure and integratio

Quality of Information in Mobile Crowdsensing: Survey and Research Challenges

Smartphones have become the most pervasive devices in people's lives, and are clearly transforming the way we live and perceive technology. Today's smartphones benefit from almost ubiquitous Internet connectivity and come equipped with a plethora of inexpensive yet powerful embedded sensors, such as accelerometer, gyroscope, microphone, and camera. This unique combination has enabled revolutionary applications based on the mobile crowdsensing paradigm, such as real-time road traffic monitoring, air and noise pollution, crime control, and wildlife monitoring, just to name a few. Differently from prior sensing paradigms, humans are now the primary actors of the sensing process, since they become fundamental in retrieving reliable and up-to-date information about the event being monitored. As humans may behave unreliably or maliciously, assessing and guaranteeing Quality of Information (QoI) becomes more important than ever. In this paper, we provide a new framework for defining and enforcing the QoI in mobile crowdsensing, and analyze in depth the current state-of-the-art on the topic. We also outline novel research challenges, along with possible directions of future work.Comment: To appear in ACM Transactions on Sensor Networks (TOSN

Engineering Crowdsourced Stream Processing Systems

A crowdsourced stream processing system (CSP) is a system that incorporates crowdsourced tasks in the processing of a data stream. This can be seen as enabling crowdsourcing work to be applied on a sample of large-scale data at high speed, or equivalently, enabling stream processing to employ human intelligence. It also leads to a substantial expansion of the capabilities of data processing systems. Engineering a CSP system requires the combination of human and machine computation elements. From a general systems theory perspective, this means taking into account inherited as well as emerging properties from both these elements. In this paper, we position CSP systems within a broader taxonomy, outline a series of design principles and evaluation metrics, present an extensible framework for their design, and describe several design patterns. We showcase the capabilities of CSP systems by performing a case study that applies our proposed framework to the design and analysis of a real system (AIDR) that classifies social media messages during time-critical crisis events. Results show that compared to a pure stream processing system, AIDR can achieve a higher data classification accuracy, while compared to a pure crowdsourcing solution, the system makes better use of human workers by requiring much less manual work effort

A survey of the use of crowdsourcing in software engineering

The term 'crowdsourcing' was initially introduced in 2006 to describe an emerging distributed problem-solving model by online workers. Since then it has been widely studied and practiced to support software engineering. In this paper we provide a comprehensive survey of the use of crowdsourcing in software engineering, seeking to cover all literature on this topic. We first review the definitions of crowdsourcing and derive our definition of Crowdsourcing Software Engineering together with its taxonomy. Then we summarise industrial crowdsourcing practice in software engineering and corresponding case studies. We further analyse the software engineering domains, tasks and applications for crowdsourcing and the platforms and stakeholders involved in realising Crowdsourced Software Engineering solutions. We conclude by exposing trends, open issues and opportunities for future research on Crowdsourced Software Engineering

In Pursuit of Aviation Cybersecurity: Experiences and Lessons From a Competitive Approach

The passive and independent localization of aircraft has been the subject of much cyberphysical security research. We designed a multistage open competition focusing on the offline batch localization problem using opportunistic data sources. We discuss setup, results, and lessons learned

WHEN IS CROWDSOURCING ADVANTAGEOUS? THE CASE OF CROWDSOURCED SOFTWARE TESTING

Crowdsourcing describes a novel mode of value creation in which organizations broadcast tasks that have been previously performed in-house to a large magnitude of Internet users that perform these tasks. Although the concept has gained maturity and has proven to be an alternative way of problem-solving, an organizational cost-benefit perspective has largely been neglected by existing research. More specifically, it remains unclear when crowdsourcing is advantageous in comparison to alterna-tive governance structures such as in-house production. Drawing on crowdsourcing literature and transaction action cost theory, we present two case studies from the domain of crowdsourced software testing. We systematically analyze two organizations that applied crowdtesting to test a mobile appli-cation. As both organizations tested the application via crowdtesting and their traditional in-house testing, we are able to relate the effectiveness of crowdtesting and the associated costs to the effective-ness and costs of in-house testing. We find that crowdtesting is comparable in terms of testing quality and costs, but provides large advantages in terms of speed, heterogeneity of testers and user feedback as added value. We contribute to the crowdsourcing literature by providing first empirical evidence about the instances in which crowdsourcing is an advantageous way of problem solving

Enhancing Geospatial Preparedness for Disaster Management through the work of development organisations

A thesis submitted in partial fulfillment of the requirements for the degree of Doctor in Information Management, specialization in Geographic Information SystemsDepending on the complexity of a disaster and the local capacities, international organizations and multidisciplinary response teams might be involved in the response. Geographic Information Systems (GIS) are used for coordination and information sharing. However, geospatial preparedness is necessary: reliable up to date geodata, tools, and people with the knowledge to use those tools. In least-developed countries the lack of geospatial preparedness, particularly geospatial pre-disaster information, hinders disaster response. In those places, the United Nations Office for the Coordination of Humanitarian Affairs creates a framework for cooperation with the Coordinated Data Scramble Initiative where Information Management Officers (IMOs) from different organisations are supported by volunteers and technical communities to provide ad-hoc datasets and infrastructure to use GIS. Nevertheless, long-term solutions are needed. Before the disaster, Non-Governmental Organizations (NGOs) might already be using GIS to implement development projects. Based on the theoretical concept of disaster management and development as a learning circle, this investigation proposes the engagement of development NGOS working in disaster-prone areas to enhance geospatial preparedness. The research was based on a multi-method approach including the study of the body of literature, authoritative reports, and repositories and databases, monitorization of the tools used during responses to real emergencies, and semi-structured interviews to IMOs. Finally, the study concluded with an online survey with a worldwide sample of more than 200 development NGOs. The result show that disaster response requires reliable and up to date geodata which is not always the case. Humanitarian missions often rely on OpenStreetMap as a source of information to overcome this limitation. Therefore, improving OpenStreetMap would improve geospatial preparedness. Many development NGOs use digital geographic information, mostly open-data. They could indeed improve geospatial preparedness allowing community empowerment while conveying relevant pre-disaster datasets to the humanitarian missions. This bottom-up approach would allow for the inclusion of information relevant to the community in the disaster response decision-making process. There is, however, a limitation; most of these development NGOs are not familiar with the platform used by the humanitarian community (i.e., OpenStreetMap). Therefore, the sustainability of this synergic approach requires further harmonization between development and humanitarian organizations working for the wellbeing of the same communitie

Integrating Spatial Data Infrastructures (SDIs) with Volunteered Geographic Information (VGI) creating a Global GIS platform

Spatial Data Infrastructures (SDIs) are a special category of data hubs that involve technological and human resources and follow well defined legal and technical procedures to collect, store, manage and distribute spatial data. INSPIRE is the EU’s authoritative SDI in which each Member State provides access to their spatial data across a wide spectrum of data themes to support policy-making. In contrast, Volunteered Geographic Information (VGI) is one type of user-generated geographic information (GI) where volunteers use the web and mobile devices to create, assemble and disseminate spatial information. There are similarities and differences between SDIs and VGI, as well as advantages and disadvantages to both. Thus, the integration of these two data sources will enhance what is offered to end users to facilitate decision-making. This idea of integration is in its early stages, because several key issues need to be considered and resolved first. Therefore, this chapter discusses the challenges of integrating VGI with INSPIRE and outlines a generic framework for a global integrated GIS platform, similar in concept to Digital Earth and Virtual Geographic Environments (VGEs), as a realistic scenario for advancements in the short term