Towards Data Protection Compliance

Privacy and data protection are fundamental issues nowadays for every organization. This paper calls for the development of methods, techniques and infrastructure to allow the deployment of privacy-aware IT systems, in which humans are integral part of the organizational processes and accountable for their possible misconduct. In particular, we discuss the challenges to be addressed in order to improve organizations privacy practices, as well as the approach to ensure compliance with legal requirements and increasing efficiency

Focal Spot, Spring 2003

https://digitalcommons.wustl.edu/focal_spot_archives/1093/thumbnail.jp

Isis: protecting children in online social networks

The aim of the Isis project is to develop an ethics-centred monitoring framework and tools for supporting law enforcement agencies in policing online social networks for the purpose of protecting children. The project is developing natural language analysis techniques to help identify child sex offenders from chat logs and monitoring mechanisms that can be noninvasively attached to file sharing systems for identifying the distributors of child abuse media. The ethical issues associated with such monitoring activities are studied through consultations with representatives from stakeholder communities and fed back into the development of the framework and tools. The project results are to be used and evaluated by specialist international law enforcement agencies as part of their own policing activities

CryptoKnight:generating and modelling compiled cryptographic primitives

Cryptovirological augmentations present an immediate, incomparable threat. Over the last decade, the substantial proliferation of crypto-ransomware has had widespread consequences for consumers and organisations alike. Established preventive measures perform well, however, the problem has not ceased. Reverse engineering potentially malicious software is a cumbersome task due to platform eccentricities and obfuscated transmutation mechanisms, hence requiring smarter, more efficient detection strategies. The following manuscript presents a novel approach for the classification of cryptographic primitives in compiled binary executables using deep learning. The model blueprint, a Dynamic Convolutional Neural Network (DCNN), is fittingly configured to learn from variable-length control flow diagnostics output from a dynamic trace. To rival the size and variability of equivalent datasets, and to adequately train our model without risking adverse exposure, a methodology for the procedural generation of synthetic cryptographic binaries is defined, using core primitives from OpenSSL with multivariate obfuscation, to draw a vastly scalable distribution. The library, CryptoKnight, rendered an algorithmic pool of AES, RC4, Blowfish, MD5 and RSA to synthesise combinable variants which automatically fed into its core model. Converging at 96% accuracy, CryptoKnight was successfully able to classify the sample pool with minimal loss and correctly identified the algorithm in a real-world crypto-ransomware applicatio

Covid-19 and tracing methodologies: A lesson for the future society

As the new coronavirus (SARS-CoV-2) surged across the globe, new technical solutions have supported policy makers and health authorities to plan and modulate containment measures. The introduction of these solutions provoked a large debate which has focused on risks for privacy and data protection. In this paper we offer an analysis of the available technical approaches and provide new arguments to move beyond the ongoing discussions. In particular, we argue that the past debate missed the opportunity to highlight the societal aspects of privacy and to stimulate a broader reflection on the actions needed to serve the good of society. With this paper, as well as providing an accessible review of the technical and legal aspects of the proposed solutions, we aim to offer new stimuli to reconsider contact tracing and its role in helping countries navigate the current pandemic

Cyber security fear appeals:unexpectedly complicated

Cyber security researchers are starting to experiment with fear appeals, with a wide variety of designs and reported efficaciousness. This makes it hard to derive recommendations for designing and deploying these interventions. We thus reviewed the wider fear appeal literature to arrive at a set of guidelines to assist cyber security researchers. Our review revealed a degree of dissent about whether or not fear appeals are indeed helpful and advisable. Our review also revealed a wide range of fear appeal experimental designs, in both cyber and other domains, which confirms the need for some standardized guidelines to inform practice in this respect. We propose a protocol for carrying out fear appeal experiments, and we review a sample of cyber security fear appeal studies, via this lens, to provide a snapshot of the current state of play. We hope the proposed experimental protocol will prove helpful to those who wish to engage in future cyber security fear appeal research

Exploratory Analysis of Internet of Things (IoT) in Healthcare: A Topic Modeling Approach

The rapid integration of the physical and cyber worlds through the Internet of Things, or IoTs, is transforming our lives in ways that we could not have imagined even five years ago. Although they are still in their infancy, IoTs have already made a significant impact, particularly in the healthcare domain. The purpose of this study is to unravel key themes latent in the sparse but growing academic literature on the application of IoTs in healthcare. Specifically, we performed topic modeling and identified five dominant clusters of research, namely, privacy and security, wireless network technologies, applications, data, and smart health and cloud. Our results show that research in healthcare IoT has mainly focused on the technical aspects with little attention to social concerns. In addition to categorizing and discussing the topics identified, the paper provides directions for future researc

5G Smart and innovative Healthcare services: opportunities, challenges and prospective solutions

Due to its abilities to boost productivity, reduce costs and enhance user experiences, smart healthcare is widely recognised as a potential solution to reduce pressures on existing health systems. Since the new era of 5G will unite enhanced connectivity, improved cloud-based storage and interconnection of an array of devices and services, a massive boost in the digital transformation of healthcare is expected. In this transformation process, healthcare services such as medical diagnosis, treatment and remote surgery will be facilitated by a range of technologies such as Internet of Things, Robotics and Artificial Intelligence, among others, that will advance further under 5G. Moreover, real-time health services will become a reality and will offer people with quality care and improved experiences. On the other hand, different challenges can hinder the proliferation of 5G smart and innovative healthcare solutions, including security and heterogeneous devices. This chapter presents how 5G will boost digital transformation of healthcare through delivery and consumption of smart and innovative healthcare services, while probing into key hurdles in the process as well as prospective solutions