How to Steer Users Away from Unsafe Content

Online social networks have brought along much convenience to our daily lives. On the other hand, they also provide platforms for the rapid propagation of unsafe content. Providing easy-to-use ways for ordinary users to avoid unsafe content online is an open issue. In this thesis, we mainly study two schemes that are based on social navigation to identify unsafe content. The first one is crowdsourcing, which has two main drawbacks: (a) a time lag before unsafe content is flagged as such, and (b) the difficulty of dealing with subjective perceptions of 'inappropriateness''. We propose a machine learning approach to address the time lag problem and get a promising result. This approach could be used to complement crowdsourcing. We also study the notion of 'groupsourcing'': taking advantage of information from people in a user's social circles about potentially unsafe content. Groupsourcing can both address the time lag problem and identify inappropriate content. To test its effectiveness, we have implemented FAR, which allows savvy Facebook users to warn their friends about potentially unsafe content, and conducted a controlled laboratory study. The results show that groupsourced signals can complement other types of signals and compensate for their weaknesses by countering viral spreading of unsafe content in a more timely fashion. The current version of FAR, consisting of a Facebook application and a Firefox browser extension is publicly available for use

Truthful Online Double Auctions for Mobile Crowdsourcing:An On-demand Service Strategy

Double auctions play a pivotal role in stimulating active participation of a large number of users comprising both task requesters and workers in mobile crowdsourcing. However, most existing studies have concentrated on designing offline two-sided auction mechanisms and supporting single-type tasks and fixed auction service models. Such works ignore the need of dynamic services and are unsuitable for large-scale crowdsourcing markets with extremely diverse demands (i.e., types and urgency degrees of tasks required by different requesters) and supplies (i.e., task skills and online durations of different workers). In this paper, we consider a practical crowdsourcing application with an on-demand service strategy. Especially, we innovatively design three online service models, namely online single-bid single-task (OSS), online single-bid multiple-task (OSM) and online multiple-bid multiple-task (OMM) models to accommodate diversified tasks and bidding demands for different users. Furthermore, to effectively allocate tasks and facilitate bidding, we propose a truthful online double auction mechanism for each service model based on the McAfee double auction. By doing so, each user can flexibly select auction service models and corresponding auction mechanisms according to their current interested tasks and online duration. To illustrate this, we present a three-demand example to explain the effectiveness of our on-demand service strategy in realistic crowdsourcing applications. Moreover, we theoretically prove that our mechanisms satisfy truthfulness, individual rationality, budget balance and consumer sovereignty. Through extensive simulations, we show that our mechanisms can accommodate the various demands of different users and improve social utility including platform utility and average user utility. IEE

Privacy Intelligence: A Survey on Image Sharing on Online Social Networks

Image sharing on online social networks (OSNs) has become an indispensable part of daily social activities, but it has also led to an increased risk of privacy invasion. The recent image leaks from popular OSN services and the abuse of personal photos using advanced algorithms (e.g. DeepFake) have prompted the public to rethink individual privacy needs when sharing images on OSNs. However, OSN image sharing itself is relatively complicated, and systems currently in place to manage privacy in practice are labor-intensive yet fail to provide personalized, accurate and flexible privacy protection. As a result, an more intelligent environment for privacy-friendly OSN image sharing is in demand. To fill the gap, we contribute a systematic survey of 'privacy intelligence' solutions that target modern privacy issues related to OSN image sharing. Specifically, we present a high-level analysis framework based on the entire lifecycle of OSN image sharing to address the various privacy issues and solutions facing this interdisciplinary field. The framework is divided into three main stages: local management, online management and social experience. At each stage, we identify typical sharing-related user behaviors, the privacy issues generated by those behaviors, and review representative intelligent solutions. The resulting analysis describes an intelligent privacy-enhancing chain for closed-loop privacy management. We also discuss the challenges and future directions existing at each stage, as well as in publicly available datasets.Comment: 32 pages, 9 figures. Under revie

Advancing Fine-Grained Emotion Recognition in Short Text

Advanced emotion recognition in text is essential for developing intelligent affective applications, which can recognize, react upon, and analyze users' emotions. Our particular motivation for solving this problem lies in large-scale analysis of social media data, such as those generated by Twitter users. Summarizing users' emotions can enable better understandings of their reactions, interests, and motivations. We thus narrow the problem to emotion recognition in short text, particularly tweets. Another driving factor of our work is to enable discovering emotional experiences at a detailed, fine-grained level. While many researchers focus on recognizing a small number of basic emotion categories, humans experience a larger variety of distinct emotions. We aim to recognize as many as 20 emotion categories from the Geneva Emotion Wheel. Our goal is to study how to build such fine-grained emotion recognition systems. We start by surveying prior approaches to building emotion classifiers. The main body of this thesis studies two of them in detail: crowdsourcing and distant supervision. Based on them, we design fine-grained domain-specific systems to recognize users' reactions to sporting events captured on Twitter and address multiple challenges that arise in that process. Crowdsourcing allows extracting affective commonsense knowledge by asking hundreds of workers for manual annotation. The challenge is in collecting informative and truthful annotations. To address it, we design a human computation task that elicits both emotion category labels and emotion indicators (i.e. words or phrases indicative of labeled emotions). We also develop a methodology to build an emotion lexicon using such data. Our experiments show that the proposed crowdsourcing method can successfully generate a domain-specific emotion lexicon. Additionally, we suggest how to teach and motivate non-expert annotators. We show that including a tutorial and using carefully formulated reward descriptions can effectively improve annotation quality. Distant supervision consists of building emotion classifiers from data that are automatically labeled using some heuristics. This thesis studies heuristics that apply emotion lexicons of limited quality, for example due to missing or erroneous term-emotion associations. We show the viability of such an approach to obtain domain-specific classifiers having substantially better quality of recognition than the initial lexicon-based ones. Our experiments reveal that treating the emotion imbalance in training data and incorporating pseudo-neutral documents is crucial for such improvement. This method can be applied to building emotion classifiers across different domains using limited input resources and thus requiring minimal effort. Another challenge for lexicon-based emotion recognition is to reduce the error introduced by linguistic modifiers such as negation and modality. We design a data analysis method that allows modeling the specific effects of the studied modifiers, both in terms of shifting emotion categories and changing confidence in emotion presence. We show that the effects of modifiers vary across the emotion categories, which indicates the importance of treating such effects at a more fine-grained level to improve classification quality. Finally, the thesis concludes with our recommendations on how to address the examined general challenges of building a fine-grained textual emotion recognition system

Flexible Hardware-based Security-aware Mechanisms and Architectures

For decades, software security has been the primary focus in securing our computing platforms. Hardware was always assumed trusted, and inherently served as the foundation, and thus the root of trust, of our systems. This has been further leveraged in developing hardware-based dedicated security extensions and architectures to protect software from attacks exploiting software vulnerabilities such as memory corruption. However, the recent outbreak of microarchitectural attacks has shaken these long-established trust assumptions in hardware entirely, thereby threatening the security of all of our computing platforms and bringing hardware and microarchitectural security under scrutiny. These attacks have undeniably revealed the grave consequences of hardware/microarchitecture security flaws to the entire platform security, and how they can even subvert the security guarantees promised by dedicated security architectures. Furthermore, they shed light on the sophisticated challenges particular to hardware/microarchitectural security; it is more critical (and more challenging) to extensively analyze the hardware for security flaws prior to production, since hardware, unlike software, cannot be patched/updated once fabricated. Hardware cannot reliably serve as the root of trust anymore, unless we develop and adopt new design paradigms where security is proactively addressed and scrutinized across the full stack of our computing platforms, at all hardware design and implementation layers. Furthermore, novel flexible security-aware design mechanisms are required to be incorporated in processor microarchitecture and hardware-assisted security architectures, that can practically address the inherent conflict between performance and security by allowing that the trade-off is configured to adapt to the desired requirements. In this thesis, we investigate the prospects and implications at the intersection of hardware and security that emerge across the full stack of our computing platforms and System-on-Chips (SoCs). On one front, we investigate how we can leverage hardware and its advantages, in contrast to software, to build more efficient and effective security extensions that serve security architectures, e.g., by providing execution attestation and enforcement, to protect the software from attacks exploiting software vulnerabilities. We further propose that they are microarchitecturally configured at runtime to provide different types of security services, thus adapting flexibly to different deployment requirements. On another front, we investigate how we can protect these hardware-assisted security architectures and extensions themselves from microarchitectural and software attacks that exploit design flaws that originate in the hardware, e.g., insecure resource sharing in SoCs. More particularly, we focus in this thesis on cache-based side-channel attacks, where we propose sophisticated cache designs, that fundamentally mitigate these attacks, while still preserving performance by enabling that the performance security trade-off is configured by design. We also investigate how these can be incorporated into flexible and customizable security architectures, thus complementing them to further support a wide spectrum of emerging applications with different performance/security requirements. Lastly, we inspect our computing platforms further beneath the design layer, by scrutinizing how the actual implementation of these mechanisms is yet another potential attack surface. We explore how the security of hardware designs and implementations is currently analyzed prior to fabrication, while shedding light on how state-of-the-art hardware security analysis techniques are fundamentally limited, and the potential for improved and scalable approaches

Location Privacy-Preserving Strategies for Secondary Spectrum Use

The scarcity of wireless spectrum resources and the overwhelming demand for wireless broadband resources have prompted industry, government agencies and academia within the wireless communities to develop and come up with effective solutions that can make additional spectrum available for broadband data. As part of these ongoing efforts, cognitive radio networks (CRNs) have emerged as an essential technology for enabling and promoting dynamic spectrum access and sharing, a paradigm primarily aimed at addressing the spectrum scarcity and shortage challenges by permitting and enabling unlicensed or secondary users (SUs) to freely search, locate and exploit unused licensed spectrum opportunities. Despite their great potentials for improving spectrum utilization efficiency and for addressing the spectrum shortage problem, CRNs suffer from serious location privacy issues, which essentially tend to disclose the location information of the SUs to other system entities during their usage of these open spectrum opportunities. Knowing that their whereabouts may be exposed, SUs can be discouraged from joining and participating in the CRNs, potentially hindering the adoption and deployment of this technology. In this thesis, we propose frameworks that are suitable for CRNs, but also preserve the location privacy information of these SU s. More specifically, 1. We propose location privacy-preserving protocols that protect the location privacy of SUs in cooperative sensing-based CRNs while allowing the SUs to perform their spectrum sensing tasks reliably and effectively. Our proposed protocols allow also the detection of malicious user activities through the adoption of reputation mechanisms. 2. We propose location privacy-preserving approaches that provide information-theoretic privacy to SU s’ location in database-driven CRNs through the exploitation of the structured nature of spectrum databases and the fact that database-driven CRNs, by design, rely on multiple spectrum databases. 3. We propose a trustworthy framework for new generation of spectrum access systems in the 3.5 GHz band that not only protects SUs’ privacy, but also ensures that they comply with the unique system requirements, while allowing the detection of misbehaving users