2,218 research outputs found
Do Not Advertise: The Current Fight Against Unsolicited Advertisements
Have you ever received a phone call from a telemarketer during dinner? Do e-mails entitled Protect Your Computer Against Viruses for $9.95 or GET A FREE PASS TO THOUSANDS OF XXX SITES annoy you? Are you tired of watching advertisements that continue after the posted start time for a movie? Many Americans are irritated with the amount of daily interruptions caused by the current lack of advertising regulations. In some instances, the advertisers shift their marketing costs to unwilling e-mail users or moviegoers. This article focuses on unsolicited communications and potential solutions to the seemingly endless problem of spam
Technical report and user guide: the 2010 EU kids online survey
This technical report describes the design and implementation of the EU Kids Online survey of 9-16 year old internet using children and their parents in 25 countries European countries
Adversarial behaviours knowledge area
The technological advancements witnessed by our society in recent decades have brought
improvements in our quality of life, but they have also created a number of opportunities for
attackers to cause harm. Before the Internet revolution, most crime and malicious activity
generally required a victim and a perpetrator to come into physical contact, and this limited
the reach that malicious parties had. Technology has removed the need for physical contact
to perform many types of crime, and now attackers can reach victims anywhere in the world, as long as they are connected to the Internet. This has revolutionised the characteristics of crime and warfare, allowing operations that would not have been possible before. In this document, we provide an overview of the malicious operations that are happening on the Internet today. We first provide a taxonomy of malicious activities based on the attacker’s motivations and capabilities, and then move on to the technological and human elements that adversaries require to run a successful operation. We then discuss a number of frameworks that have been proposed to model malicious operations. Since adversarial behaviours are not a purely technical topic, we draw from research in a number of fields (computer science, criminology, war studies). While doing this, we discuss how these frameworks can be used by researchers and practitioners to develop effective mitigations against malicious online operations.Published versio
Web Tracking: Mechanisms, Implications, and Defenses
This articles surveys the existing literature on the methods currently used
by web services to track the user online as well as their purposes,
implications, and possible user's defenses. A significant majority of reviewed
articles and web resources are from years 2012-2014. Privacy seems to be the
Achilles' heel of today's web. Web services make continuous efforts to obtain
as much information as they can about the things we search, the sites we visit,
the people with who we contact, and the products we buy. Tracking is usually
performed for commercial purposes. We present 5 main groups of methods used for
user tracking, which are based on sessions, client storage, client cache,
fingerprinting, or yet other approaches. A special focus is placed on
mechanisms that use web caches, operational caches, and fingerprinting, as they
are usually very rich in terms of using various creative methodologies. We also
show how the users can be identified on the web and associated with their real
names, e-mail addresses, phone numbers, or even street addresses. We show why
tracking is being used and its possible implications for the users (price
discrimination, assessing financial credibility, determining insurance
coverage, government surveillance, and identity theft). For each of the
tracking methods, we present possible defenses. Apart from describing the
methods and tools used for keeping the personal data away from being tracked,
we also present several tools that were used for research purposes - their main
goal is to discover how and by which entity the users are being tracked on
their desktop computers or smartphones, provide this information to the users,
and visualize it in an accessible and easy to follow way. Finally, we present
the currently proposed future approaches to track the user and show that they
can potentially pose significant threats to the users' privacy.Comment: 29 pages, 212 reference
An Exploratory Study of a User\u27s Facebook Security and Privacy Settings
There are many potential security risks with social networking sites and the individuals who use them. These sites have been adopted by people of all ages worldwide, empowering new opportunities for the presentation of the self-learning, construction of a wide circle of relationships, and the management of privacy and intimacy. This study analyses the effect of social networking security practices, more specifically Facebook and its security and privacy settings. We identify four hypotheses: The more important Facebook users believe security is an important factor in choosing a social network, the more often they will change their security settings, the more important protection against ID theft is for Facebook users, the more frequently they will change their privacy settings, Facebook users who have left their security on a default setting have more frequently fallen victim to a virus or malware attack, and users of Facebook who have their privacy set to a custom setting are less likely to receive an attack on their profile
Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences
In this survey, we first briefly review the current state of cyber attacks,
highlighting significant recent changes in how and why such attacks are
performed. We then investigate the mechanics of malware command and control
(C2) establishment: we provide a comprehensive review of the techniques used by
attackers to set up such a channel and to hide its presence from the attacked
parties and the security tools they use. We then switch to the defensive side
of the problem, and review approaches that have been proposed for the detection
and disruption of C2 channels. We also map such techniques to widely-adopted
security controls, emphasizing gaps or limitations (and success stories) in
current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages.
Listing abstract compressed from version appearing in repor
- …