35,830 research outputs found
Detecting ADS-B Spoofing Attacks using Deep Neural Networks
The Automatic Dependent Surveillance-Broadcast (ADS-B) system is a key
component of the Next Generation Air Transportation System (NextGen) that
manages the increasingly congested airspace. It provides accurate aircraft
localization and efficient air traffic management and also improves the safety
of billions of current and future passengers. While the benefits of ADS-B are
well known, the lack of basic security measures like encryption and
authentication introduces various exploitable security vulnerabilities. One
practical threat is the ADS-B spoofing attack that targets the ADS-B ground
station, in which the ground-based or aircraft-based attacker manipulates the
International Civil Aviation Organization (ICAO) address (a unique identifier
for each aircraft) in the ADS-B messages to fake the appearance of non-existent
aircraft or masquerade as a trusted aircraft. As a result, this attack can
confuse the pilots or the air traffic control personnel and cause dangerous
maneuvers. In this paper, we introduce SODA - a two-stage Deep Neural Network
(DNN)-based spoofing detector for ADS-B that consists of a message classifier
and an aircraft classifier. It allows a ground station to examine each incoming
message based on the PHY-layer features (e.g., IQ samples and phases) and flag
suspicious messages. Our experimental results show that SODA detects
ground-based spoofing attacks with a probability of 99.34%, while having a very
small false alarm rate (i.e., 0.43%). It outperforms other machine learning
techniques such as XGBoost, Logistic Regression, and Support Vector Machine. It
further identifies individual aircraft with an average F-score of 96.68% and an
accuracy of 96.66%, with a significant improvement over the state-of-the-art
detector.Comment: Accepted to IEEE CNS 201
InShopnito: an advanced yet privacy-friendly mobile shopping application
Mobile Shopping Applications (MSAs) are rapidly gaining popularity. They enhance the shopping experience, by offering customized recommendations or incorporating customer loyalty programs. Although MSAs are quite effective at attracting new customers and binding existing ones to a retailer's services, existing MSAs have several shortcomings. The data collection practices involved in MSAs and the lack of transparency thereof are important concerns for many customers. This paper presents inShopnito, a privacy-preserving mobile shopping application. All transactions made in inShopnito are unlinkable and anonymous. However, the system still offers the expected features from a modern MSA. Customers can take part in loyalty programs and earn or spend loyalty points and electronic vouchers. Furthermore, the MSA can suggest personalized recommendations even though the retailer cannot construct rich customer profiles. These profiles are managed on the smartphone and can be partially disclosed in order to get better, customized recommendations. Finally, we present an implementation called inShopnito, of which the security and performance is analyzed. In doing so, we show that it is possible to have a privacy-preserving MSA without having to sacrifice practicality
PriPeARL: A Framework for Privacy-Preserving Analytics and Reporting at LinkedIn
Preserving privacy of users is a key requirement of web-scale analytics and
reporting applications, and has witnessed a renewed focus in light of recent
data breaches and new regulations such as GDPR. We focus on the problem of
computing robust, reliable analytics in a privacy-preserving manner, while
satisfying product requirements. We present PriPeARL, a framework for
privacy-preserving analytics and reporting, inspired by differential privacy.
We describe the overall design and architecture, and the key modeling
components, focusing on the unique challenges associated with privacy,
coverage, utility, and consistency. We perform an experimental study in the
context of ads analytics and reporting at LinkedIn, thereby demonstrating the
tradeoffs between privacy and utility needs, and the applicability of
privacy-preserving mechanisms to real-world data. We also highlight the lessons
learned from the production deployment of our system at LinkedIn.Comment: Conference information: ACM International Conference on Information
and Knowledge Management (CIKM 2018
- …