8,962 research outputs found
A look into the information your smartphone leaks
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Some smartphone applications (apps) pose a risk to users’ personal information. Events of apps leaking information stored in smartphones illustrate the danger that they present. In this paper, we investigate the amount of personal information leaked during the installation and use of apps when accessing the Internet. We have opted for the implementation of a Man-in-the-Middle proxy to intercept the network traffic generated by 20 popular free apps installed on different smartphones of distinctive vendors. This work describes the technical considerations and requirements for the deployment of the monitoring WiFi network employed during the conducted experiments. The presented results show that numerous mobile and personal unique identifiers, along with personal information are leaked by several of the evaluated apps, commonly during the installation process
Automated Big Text Security Classification
In recent years, traditional cybersecurity safeguards have proven ineffective
against insider threats. Famous cases of sensitive information leaks caused by
insiders, including the WikiLeaks release of diplomatic cables and the Edward
Snowden incident, have greatly harmed the U.S. government's relationship with
other governments and with its own citizens. Data Leak Prevention (DLP) is a
solution for detecting and preventing information leaks from within an
organization's network. However, state-of-art DLP detection models are only
able to detect very limited types of sensitive information, and research in the
field has been hindered due to the lack of available sensitive texts. Many
researchers have focused on document-based detection with artificially labeled
"confidential documents" for which security labels are assigned to the entire
document, when in reality only a portion of the document is sensitive. This
type of whole-document based security labeling increases the chances of
preventing authorized users from accessing non-sensitive information within
sensitive documents. In this paper, we introduce Automated Classification
Enabled by Security Similarity (ACESS), a new and innovative detection model
that penetrates the complexity of big text security classification/detection.
To analyze the ACESS system, we constructed a novel dataset, containing
formerly classified paragraphs from diplomatic cables made public by the
WikiLeaks organization. To our knowledge this paper is the first to analyze a
dataset that contains actual formerly sensitive information annotated at
paragraph granularity.Comment: Pre-print of Best Paper Award IEEE Intelligence and Security
Informatics (ISI) 2016 Manuscrip
How does intellectual capital align with cyber security?
Purpose – To position the preservation and protection of intellectual capital as a cyber security concern. We outline the security requirements of intellectual capital to help Boards of Directors and executive management teams to understand their responsibilities and accountabilities in this respect.Design/Methodology/Approach – The research methodology is desk research. In other words, we gathered facts and existing research publications that helped us to define key terms, to formulate arguments to convince BoDs of the need to secure their intellectual capital, and to outline actions to be taken by BoDs to do so.Findings – Intellectual capital, as a valuable business resource, is related to information, knowledge and cyber security. Hence, preservation thereof is also related to cyber security governance, and merits attention from boards of directors.Implications – This paper clarifies boards of directors’ intellectual capital governance responsibilities, which encompass information, knowledge and cyber security governance.Social Implications – If boards of directors know how to embrace their intellectual capital governance responsibilities, this will help to ensure that such intellectual capital is preserved and secured.Practical Implications – We hope that boards of directors will benefit from our clarifications, and especially from the positioning of intellectual capital in cyber space.Originality/Value – This paper extends a previous paper published by Von Solms and Von Solms (2018), which clarified the key terms of information and cyber security, and the governance thereof. The originality and value is the focus on the securing of intellectual capital, a topic that has not yet received a great deal of attention from cyber security researchers
Honey Sheets: What Happens to Leaked Google Spreadsheets?
Cloud-based documents are inherently valuable, due to the volume and nature
of sensitive personal and business content stored in them. Despite the
importance of such documents to Internet users, there are still large gaps in
the understanding of what cybercriminals do when they illicitly get access to
them by for example compromising the account credentials they are associated
with. In this paper, we present a system able to monitor user activity on
Google spreadsheets. We populated 5 Google spreadsheets with fake bank account
details and fake funds transfer links. Each spreadsheet was configured to
report details of accesses and clicks on links back to us. To study how people
interact with these spreadsheets in case they are leaked, we posted unique
links pointing to the spreadsheets on a popular paste site. We then monitored
activity in the accounts for 72 days, and observed 165 accesses in total. We
were able to observe interesting modifications to these spreadsheets performed
by illicit accesses. For instance, we observed deletion of some fake bank
account information, in addition to insults and warnings that some visitors
entered in some of the spreadsheets. Our preliminary results show that our
system can be used to shed light on cybercriminal behavior with regards to
leaked online documents
Generalizing Permissive-Upgrade in Dynamic Information Flow Analysis
Preventing implicit information flows by dynamic program analysis requires
coarse approximations that result in false positives, because a dynamic monitor
sees only the executed trace of the program. One widely deployed method is the
no-sensitive-upgrade check, which terminates a program whenever a variable's
taint is upgraded (made more sensitive) due to a control dependence on tainted
data. Although sound, this method is restrictive, e.g., it terminates the
program even if the upgraded variable is never used subsequently. To counter
this, Austin and Flanagan introduced the permissive-upgrade check, which allows
a variable upgrade due to control dependence, but marks the variable
"partially-leaked". The program is stopped later if it tries to use the
partially-leaked variable. Permissive-upgrade handles the dead-variable
assignment problem and remains sound. However, Austin and Flanagan develop
permissive-upgrade only for a two-point (low-high) security lattice and
indicate a generalization to pointwise products of such lattices. In this
paper, we develop a non-trivial and non-obvious generalization of
permissive-upgrade to arbitrary lattices. The key difficulty lies in finding a
suitable notion of partial leaks that is both sound and permissive and in
developing a suitable definition of memory equivalence that allows an inductive
proof of soundness
Kernel Memory Leakage Detection for Intrusion Detection Systems (IDS)
Data leakage from kernel memory occurs when the memory block is not released back to the kernel after the memory block is unoccupied. The data leaked is arbitrary and confidential data such as, encryption key and password may leak out. Meltdown and Spectre are methods from side channel attacks that takes advantage of this data leakage to gain confidential data (Graz University of Technology, 2018). This study is on how kernel memory leakage can be read as kernel memory is a protected memory area that even the root account of an operating system is unable to access (Ning, Qing, & Li, 2006). Reading kernel memory leakage is only a part of the solution to mitigate Meltdown and Spectre. To provide a solution, the leaked data from kernel memory must be of use to an Intruder Detection System (IDS) for alerts to determine if there is a possible attack on kernel memory to attain confidential data. As a result, kmemleak is used as a module created to provide a way to detect possible kernel memory leaks that is similar to a tracing garbage collector(gc) (The kernel development community, n.d.)
- …