10,784 research outputs found
Mitigating Location Privacy Attacks on Mobile Devices using Dynamic App Sandboxing
We present the design, implementation and evaluation of a system, called
MATRIX, developed to protect the privacy of mobile device users from location
inference and sensor side-channel attacks. MATRIX gives users control and
visibility over location and sensor (e.g., Accelerometers and Gyroscopes)
accesses by mobile apps. It implements a PrivoScope service that audits all
location and sensor accesses by apps on the device and generates real-time
notifications and graphs for visualizing these accesses; and a Synthetic
Location service to enable users to provide obfuscated or synthetic location
trajectories or sensor traces to apps they find useful, but do not trust with
their private information. The services are designed to be extensible and easy
for users, hiding all of the underlying complexity from them. MATRIX also
implements a Location Provider component that generates realistic
privacy-preserving synthetic identities and trajectories for users by
incorporating traffic information using historical data from Google Maps
Directions API, and accelerations using statistical information from user
driving experiments. The random traffic patterns are generated by
modeling/solving user schedule using a randomized linear program and
modeling/solving for user driving behavior using a quadratic program. We
extensively evaluated MATRIX using user studies, popular location-driven apps
and machine learning techniques, and demonstrate that it is portable to most
Android devices globally, is reliable, has low-overhead, and generates
synthetic trajectories that are difficult to differentiate from real mobility
trajectories by an adversary
Holistic Collaborative Privacy Framework for Users' Privacy in Social Recommender Service
The current business model for existing recommender services is centered
around the availability of users' personal data at their side whereas consumers
have to trust that the recommender service providers will not use their data in
a malicious way. With the increasing number of cases for privacy breaches,
different countries and corporations have issued privacy laws and regulations
to define the best practices for the protection of personal information. The
data protection directive 95/46/EC and the privacy principles established by
the Organization for Economic Cooperation and Development (OECD) are examples
of such regulation frameworks. In this paper, we assert that utilizing
third-party recommender services to generate accurate referrals are feasible,
while preserving the privacy of the users' sensitive information which will be
residing on a clear form only on his/her own device. As a result, each user who
benefits from the third-party recommender service will have absolute control
over what to release from his/her own preferences. We proposed a collaborative
privacy middleware that executes a two stage concealment process within a
distributed data collection protocol in order to attain this claim.
Additionally, the proposed solution complies with one of the common privacy
regulation frameworks for fair information practice in a natural and functional
way -which is OECD privacy principles. The approach presented in this paper is
easily integrated into the current business model as it is implemented using a
middleware that runs at the end-users side and utilizes the social nature of
content distribution services to implement a topological data collection
protocol
Trustware: A Device-based Protocol for Verifying Client Legitimacy
Online services commonly attempt to verify the legitimacy of users with
CAPTCHAs. However, CAPTCHAs are annoying for users, often difficult for users
to solve, and can be defeated using cheap labor or, increasingly, with improved
algorithms. We propose a new protocol for clients to prove their legitimacy,
allowing the client's devices to vouch for the client. The client's devices,
and those in close proximity, provide a one-time passcode that is verified by
the device manufacturer. This verification proves that the client has physical
access to expensive and trusted devices, vouching for the client's legitimacy
Framework for Wireless Network Security using Quantum Cryptography
Data that is transient over an unsecured wireless network is always
susceptible to being intercepted by anyone within the range of the wireless
signal. Hence providing secure communication to keep the user information and
devices safe when connected wirelessly has become one of the major concerns.
Quantum cryptography provides a solution towards absolute communication
security over the network by encoding information as polarized photons, which
can be sent through the air. This paper explores on the aspect of application
of quantum cryptography in wireless networks. In this paper we present a
methodology for integrating quantum cryptography and security of IEEE 802.11
wireless networks in terms of distribution of the encryption keys.Comment: 17 pages, 11 figure
White Paper on Critical and Massive Machine Type Communication Towards 6G
The society as a whole, and many vertical sectors in particular, is becoming
increasingly digitalized. Machine Type Communication (MTC), encompassing its
massive and critical aspects, and ubiquitous wireless connectivity are among
the main enablers of such digitization at large. The recently introduced 5G New
Radio is natively designed to support both aspects of MTC to promote the
digital transformation of the society. However, it is evident that some of the
more demanding requirements cannot be fully supported by 5G networks.
Alongside, further development of the society towards 2030 will give rise to
new and more stringent requirements on wireless connectivity in general, and
MTC in particular. Driven by the societal trends towards 2030, the next
generation (6G) will be an agile and efficient convergent network serving a set
of diverse service classes and a wide range of key performance indicators
(KPI). This white paper explores the main drivers and requirements of an
MTC-optimized 6G network, and discusses the following six key research
questions:
- Will the main KPIs of 5G continue to be the dominant KPIs in 6G; or will
there emerge new key metrics?
- How to deliver different E2E service mandates with different KPI
requirements considering joint-optimization at the physical up to the
application layer?
- What are the key enablers towards designing ultra-low power receivers and
highly efficient sleep modes?
- How to tackle a disruptive rather than incremental joint design of a
massively scalable waveform and medium access policy for global MTC
connectivity?
- How to support new service classes characterizing mission-critical and
dependable MTC in 6G?
- What are the potential enablers of long term, lightweight and flexible
privacy and security schemes considering MTC device requirements?Comment: White paper by http://www.6GFlagship.co
Keeping the Smart Home Private with Smart(er) IoT Traffic Shaping
The proliferation of smart home Internet of Things (IoT) devices presents
unprecedented challenges for preserving privacy within the home. In this paper,
we demonstrate that a passive network observer (e.g., an Internet service
provider) can infer private in-home activities by analyzing Internet traffic
from commercially available smart home devices even when the devices use
end-to-end transport-layer encryption. We evaluate common approaches for
defending against these types of traffic analysis attacks, including firewalls,
virtual private networks, and independent link padding, and find that none
sufficiently conceal user activities with reasonable data overhead. We develop
a new defense, "stochastic traffic padding" (STP), that makes it difficult for
a passive network adversary to reliably distinguish genuine user activities
from generated traffic patterns designed to look like user interactions. Our
analysis provides a theoretical bound on an adversary's ability to accurately
detect genuine user activities as a function of the amount of additional cover
traffic generated by the defense technique.Comment: 21 pages, 9 figures, 4 tables. This article draws heavily from
arXiv:1705.06805, arXiv:1705.06809, and arXiv:1708.05044. Camera-ready
versio
Learning Differentially Private Recurrent Language Models
We demonstrate that it is possible to train large recurrent language models
with user-level differential privacy guarantees with only a negligible cost in
predictive accuracy. Our work builds on recent advances in the training of deep
networks on user-partitioned data and privacy accounting for stochastic
gradient descent. In particular, we add user-level privacy protection to the
federated averaging algorithm, which makes "large step" updates from user-level
data. Our work demonstrates that given a dataset with a sufficiently large
number of users (a requirement easily met by even small internet-scale
datasets), achieving differential privacy comes at the cost of increased
computation, rather than in decreased utility as in most prior work. We find
that our private LSTM language models are quantitatively and qualitatively
similar to un-noised models when trained on a large dataset.Comment: Camera-ready ICLR 2018 version, minor edits from previou
Key Generation and Certification using Multilayer Perceptron in Wireless communication(KGCMLP)
In this paper, a key generation and certification technique using multilayer
perceptron (KGCMLP) has been proposed in wireless communication of
data/information. In this proposed KGCMLP technique both sender and receiver
uses an identical multilayer perceptrons. Both perceptrons are start
synchronization by exchanging some control frames. During synchronization
process message integrity test and synchronization test has been carried out.
Only the synchronization test does not guarantee the security for this reason
key certification phase also been introduced in KGCMLP technique. After Key
generation and certification procedure synchronized identical weight vector
forms the key for encryption/decryption. Parametric tests have been done and
results are compared with some existing classical techniques, which show
comparable results for the proposed technique.Comment: 17 pages, International Journal of Security, Privacy and Trust
Management (IJSPTM), Vol. 1, No 5, October 2012. arXiv admin note:
substantial text overlap with arXiv:1208.2334; and text overlap with
arXiv:0711.2411 by other author
Recommended from our members
Mundane is the New Radical: The Resurgence of Energy Megaprojects and Implications for the Global South [Opinion]
- …