What Does The Crowd Say About You? Evaluating Aggregation-based Location Privacy

Information about people’s movements and the locations they visit enables an increasing number of mobility analytics applications, e.g., in the context of urban and transportation planning, In this setting, rather than collecting or sharing raw data, entities often use aggregation as a privacy protection mechanism, aiming to hide individual users’ location traces. Furthermore, to bound information leakage from the aggregates, they can perturb the input of the aggregation or its output to ensure that these are differentially private. In this paper, we set to evaluate the impact of releasing aggregate location time-series on the privacy of individuals contributing to the aggregation. We introduce a framework allowing us to reason about privacy against an adversary attempting to predict users’ locations or recover their mobility patterns. We formalize these attacks as inference problems, and discuss a few strategies to model the adversary’s prior knowledge based on the information she may have access to. We then use the framework to quantify the privacy loss stemming from aggregate location data, with and without the protection of differential privacy, using two real-world mobility datasets. We find that aggregates do leak information about individuals’ punctual locations and mobility profiles. The density of the observations, as well as timing, play important roles, e.g., regular patterns during peak hours are better protected than sporadic movements. Finally, our evaluation shows that both output and input perturbation offer little additional protection, unless they introduce large amounts of noise ultimately destroying the utility of the data

Consequences of variation in predator attack for the evolution of the selfish herd

There is a strong body of evidence that patterns of collective behaviour in grouping animals are governed by interactions between small numbers of individuals within the group. These findings contrast with study of the ‘selfish herd’, where increasingly complex individual-level movement rules have been proposed to explain the rapid increase in aggregation observed when prey groups are startled by or detect a predator. While individuals using simple rules take into account the position of only a few neighbours, those using complex rules incorporate multiple neighbours, and their relative distance, to determine their movement direction. Here, we simulate the evolution of selfish herd behaviour to assess the conditions under which simple and complex movement rules might evolve, explicitly testing predictions arising from previous work. We find that complex rules outperform simple ones under a range of predator attack strategies, but that simple rules can fix in populations particularly when they are already in the majority, suggesting strong positive frequency dependence in rule success. In addition, we explore whether a movement rule derived from studies of collective behaviour (where individuals use the position of seven neighbours to determine movement direction) performs as successfully as more complex rules, finding again positive frequency dependence in rule success, and a particular role for predator attack strategy (from within or outside the group)

The Influence of Signaling Conspecific and Heterospecific Neighbors on Eavesdropper Pressure

The study of tradeoffs between the attraction of mates and the attraction of eavesdropping predators and parasites has generally focused on a single species of prey, signaling in isolation. In nature, however, animals often signal from mixed-species aggregations, where interactions with heterospecific group members may be an important mechanism modulating tradeoffs between sexual and natural selection, and thus driving signal evolution. Although studies have shown that conspecific signalers can influence eavesdropper pressure on mating signals, the effects of signaling heterospecifics on eavesdropper pressure, and on the balance between natural and sexual selection, are likely to be different. Here, we review the role of neighboring signalers in mediating changes in eavesdropper pressure, and present a simple model that explores how selection imposed by eavesdropping enemies varies as a function of a signaling aggregation\u27s species composition, the attractiveness of aggregation members to eavesdroppers, and the eavesdroppers\u27 preferences for different member types. This approach can be used to model mixed-species signaling aggregations, as well as same-species aggregations, including those with non-signaling individuals, such as satellites or females. We discuss the implications of our model for the evolution of signal structure, signaling behavior, mixed-species aggregations, and community dynamics

Assessment of Source Code Obfuscation Techniques

Obfuscation techniques are a general category of software protections widely adopted to prevent malicious tampering of the code by making applications more difficult to understand and thus harder to modify. Obfuscation techniques are divided in code and data obfuscation, depending on the protected asset. While preliminary empirical studies have been conducted to determine the impact of code obfuscation, our work aims at assessing the effectiveness and efficiency in preventing attacks of a specific data obfuscation technique - VarMerge. We conducted an experiment with student participants performing two attack tasks on clear and obfuscated versions of two applications written in C. The experiment showed a significant effect of data obfuscation on both the time required to complete and the successful attack efficiency. An application with VarMerge reduces by six times the number of successful attacks per unit of time. This outcome provides a practical clue that can be used when applying software protections based on data obfuscation.Comment: Post-print, SCAM 201

AMISEC: Leveraging Redundancy and Adaptability to Secure AmI Applications

Security in Ambient Intelligence (AmI) poses too many challenges due to the inherently insecure nature of wireless sensor nodes. However, there are two characteristics of these environments that can be used effectively to prevent, detect, and confine attacks: redundancy and continuous adaptation. In this article we propose a global strategy and a system architecture to cope with security issues in AmI applications at different levels. Unlike in previous approaches, we assume an individual wireless node is vulnerable. We present an agent-based architecture with supporting services that is proven to be adequate to detect and confine common attacks. Decisions at different levels are supported by a trust-based framework with good and bad reputation feedback while maintaining resistance to bad-mouthing attacks. We also propose a set of services that can be used to handle identification, authentication, and authorization in intelligent ambients. The resulting approach takes into account practical issues, such as resource limitation, bandwidth optimization, and scalability