21,837 research outputs found
Potential mass surveillance and privacy violations in proximity-based social applications
Proximity-based social applications let users interact with people that are
currently close to them, by revealing some information about their preferences
and whereabouts. This information is acquired through passive geo-localisation
and used to build a sense of serendipitous discovery of people, places and
interests. Unfortunately, while this class of applications opens different
interactions possibilities for people in urban settings, obtaining access to
certain identity information could lead a possible privacy attacker to identify
and follow a user in their movements in a specific period of time. The same
information shared through the platform could also help an attacker to link the
victim's online profiles to physical identities. We analyse a set of popular
dating application that shares users relative distances within a certain radius
and show how, by using the information shared on these platforms, it is
possible to formalise a multilateration attack, able to identify the user
actual position. The same attack can also be used to follow a user in all their
movements within a certain period of time, therefore identifying their habits
and Points of Interest across the city. Furthermore we introduce a social
attack which uses common Facebook likes to profile a person and finally
identify their real identity
Recommended from our members
Trafficking in Persons: U.S. Policy and Issues for Congress
[Excerpt] This report focuses on international and domestic human trafficking and U.S. policy responses, with particular emphasis on the TVPA and its subsequent reauthorizations. The report begins with a description of key TIP-related definitions and an overview of the human trafficking problem. It follows with an overview of major foreign policy responses to international human trafficking. The report then focuses on responses to trafficking into and within the United States, examining relief for trafficking victims in the United States and discussing U.S. law enforcement efforts to combat domestic trafficking. The report concludes with an overview of current anti-trafficking legislation and an analysis of policy issues
Recommended from our members
Border Security: Understanding Threats at U.S. Borders
[Excerpt] The United States confronts a wide array of threats at U.S. borders, ranging from terrorists who may have weapons of mass destruction, to transnational criminals smuggling drugs or counterfeit goods, to unauthorized migrants intending to live and work in the United States. Given this diversity of threats, how may Congress and the Department of Homeland Security (DHS) set border security priorities and allocate scarce enforcement resources?
In general, DHS’s answer to this question is organized around risk management, a process that involves risk assessment and the allocation of resources based on a cost-benefit analysis. This report focuses on the first part of this process by identifying border threats and describing a framework for understanding risks at U.S. borders. DHS employs models to classify threats as relatively high- or low-risk for certain planning and budgeting exercises and to implement certain border security programs. Members of Congress may wish to use similar models to evaluate the costs and benefits of potential border security policies and to allocate border enforcement resources. This report discusses some of the issues involved in modeling border-related threats
Literature Overview - Privacy in Online Social Networks
In recent years, Online Social Networks (OSNs) have become an important\ud
part of daily life for many. Users build explicit networks to represent their\ud
social relationships, either existing or new. Users also often upload and share a plethora of information related to their personal lives. The potential privacy risks of such behavior are often underestimated or ignored. For example, users often disclose personal information to a larger audience than intended. Users may even post information about others without their consent. A lack of experience and awareness in users, as well as proper tools and design of the OSNs, perpetuate the situation. This paper aims to provide insight into such privacy issues and looks at OSNs, their associated privacy risks, and existing research into solutions. The final goal is to help identify the research directions for the Kindred Spirits project
User's Privacy in Recommendation Systems Applying Online Social Network Data, A Survey and Taxonomy
Recommender systems have become an integral part of many social networks and
extract knowledge from a user's personal and sensitive data both explicitly,
with the user's knowledge, and implicitly. This trend has created major privacy
concerns as users are mostly unaware of what data and how much data is being
used and how securely it is used. In this context, several works have been done
to address privacy concerns for usage in online social network data and by
recommender systems. This paper surveys the main privacy concerns, measurements
and privacy-preserving techniques used in large-scale online social networks
and recommender systems. It is based on historical works on security,
privacy-preserving, statistical modeling, and datasets to provide an overview
of the technical difficulties and problems associated with privacy preserving
in online social networks.Comment: 26 pages, IET book chapter on big data recommender system
AMISEC: Leveraging Redundancy and Adaptability to Secure AmI Applications
Security in Ambient Intelligence (AmI) poses too many challenges due to the inherently insecure nature of wireless sensor nodes. However, there are two characteristics of these environments that can be used effectively to prevent, detect, and confine attacks: redundancy and continuous adaptation. In this article we propose a global strategy and a system architecture to cope with security issues in AmI applications at different levels. Unlike in previous approaches, we assume an individual wireless node is vulnerable. We present an agent-based architecture with supporting services that is proven to be adequate to detect and confine common attacks. Decisions at different levels are supported by a trust-based framework with good and bad reputation feedback while maintaining resistance to bad-mouthing attacks. We also propose a set of services that can be used to handle identification, authentication, and authorization in intelligent ambients. The resulting approach takes into account practical issues, such as resource limitation, bandwidth optimization, and scalability
A Survey of the Economics of Security
This report assesses the literature on the inter-relations between the economy and security with particular focus on terrorism and the "human drivers of insecurity" to identify both available knowledge and crucial research gaps. In addition, the report surveys the European research capacity in the field of security economics. The study is based on a thorough literature survey of the newly emerging field of security economics, using a variety of electronic catalogues and search engines as sources. The study reveals that it is not just terror attacks but also security measures of private and public agents responding to the threat of terrorism that incur significant repercussions for the economy, often with trans-national consequences. Impacts vary with the maturity of an economy; appropriate ex ante and ex post policies are critical to contain the damage of terrorism. Given the dynamic nature of human-induced insecurity, policies should place emphasis on "systemic resilience". Gaps in the economic security literature include insufficient knowledge of the behaviour of terrorists and their targets. Furthermore, the global impacts of terror attacks and especially of security measures require more analysis. Future research requires a more rigorous conceptual framework, methodological improvements and, above all, better data. In comparison to the United States, the current research capacity in security economics in Europe is weak. On the one hand, there is significant research potential in the field of security economics within the European Union in the shape of several high quality researchers. On the other hand, the existing research infrastructure and institutional barriers both inhibit this potential from being developed academically and for policy advice. Establishing a European network of security economists and funding a European centre for security economics could contribute to remedy this situation.
An Economic Analysis of Privacy Protection and Statistical Accuracy as Social Choices
Statistical agencies face a dual mandate to publish accurate statistics while protecting respondent privacy. Increasing privacy protection requires decreased accuracy. Recognizing this as a resource allocation problem, we propose an economic solution: operate where the marginal cost of increasing privacy equals the marginal benefit. Our model of production, from computer science, assumes data are published using an efficient differentially private algorithm. Optimal choice weighs the demand for accurate statistics against the demand for privacy. Examples from U.S. statistical programs show how our framework can guide decision-making. Further progress requires a better understanding of willingness-to-pay for privacy and statistical accuracy
- …