Deception Tactics and Counterfeit Deception in Online Environments

With widespread globalization happening at an alarming speed, the manufacturing and copying of goods has become a matter of routine for counterfeiters. The Internet has provided a new advantage for counterfeiters - the opportunity to sell goods without prior consumer inspection. Leveraging this opportunity, deceitful purveyors of imitation goods engage in unethical practices such as selling counterfeit goods presenting them as genuine. We propose that there are two categories of counterfeit deception mechanisms online: product level information and seller level information. In order to successfully deceive prospective buyers, sellers conceal the signals that identify the offering as a fake, and present themselves as legitimate business entities. In this research-in-progress paper, we outline several propositions to guide future research in this area. We are currently conducting an empirical study to test these propositions

What Am I Reading?: Article-style Native Advertisements in Canadian Newspapers

Native ads are ubiquitous in the North American digital news context. Their form, content and presentational style are practically indistinguishable from regular news editorials, and thus are often mistaken for informative content by newsreaders. This advertising practice is deceptive, in that it exploits loopholes in human digital literacy. Despite this, it is flourishing as a lucrative digital news advertising format. This paper documents and compares the 2018 Canadian news editorial writing and advertising practices in an effort to highlight their similarities and differences for potential automatic detection and categorization. We collected 10 native ads and 10 editorial pieces from 4 Canadian newspapers. The 80 analyzed articles consisted of 40 native ads content-matched to editorials in the same newspaper. The individually-matched pairs and overall practices in the 2 groups were content-analyzed and compared. Native ads did not differ much from editorial articles in content but were likely to be surrounded by different types of advertising. In addition, advertisement labelling practices were inconsistent across national papers. We call for increased efforts in regulation and automatic detection of convert advertising by a more nuanced categorization and their more explicit labeling in the digital news

Inside Out: Detecting Learners' Confusion to Improve Interactive Digital Learning Environments

Confusion is an emotion that is likely to occur while learning complex information. This emotion can be beneficial to learners in that it can foster engagement, leading to deeper understanding. However, if learners fail to resolve confusion, its effect can be detrimental to learning. Such detrimental learning experiences are particularly concerning within digital learning environments (DLEs), where a teacher is not physically present to monitor learner engagement and adapt the learning experience accordingly. However, with better information about a learner's emotion and behavior, it is possible to improve the design of interactive DLEs (IDLEs) not only in promoting productive confusion but also in preventing overwhelming confusion. This article reviews different methodological approaches for detecting confusion, such as self-report and behavioral and physiological measures, and discusses their implications within the theoretical framework of a zone of optimal confusion. The specificities of several methodologies and their potential application in IDLEs are discussed

Securing cloud-hosted applications using active defense with rule-based adaptations

Security cloud-based applications is a dynamic problem since modern attacks are always evolving in their sophistication and disruption impact. Active defense is a state-of-the-art paradigm where proactive or reactive cybersecurity strategies are used to augment passive defense policies (e.g., firewalls). It involves using knowledge of the adversary to create of dynamic policy measures to secure resources and outsmart adversaries to make cyber-attacks difficult to execute. Using intelligent threat detection systems based on machine learning and active defense solutions implemented via cloud resource adaptations, we can slowdown attacks and derail attackers at an early stage so that they cannot proceed with their plots, while also increasing the probability that they will expose their presence or reveal their attack vectors. In this MS Thesis, we demonstrate the concept and benefits of active defense in securing cloud-based applications through rule-based adaptations on distributed resources. Specifically, we propose two novel active defense strategies to mitigate impact of security anomaly events within: (a) social virtual reality learning environment (VRLE), and (b) healthcare data sharing environment (HDSE). Our first strategy involves a "rule-based 3QS-adaptation framework" that performs risk and cost aware trade-off analysis to control cybersickness due to performance/security anomaly events during a VRLE session. VRLEs provide immersive experience to users with increased accessibility to remote learning, thus a breach of security in critical VRLE application domains (e.g., healthcare, military training, manufacturing) can disrupt functionality and induce cybersickness. Our framework implementation in a real-world social VRLE viz., vSocial monitors performance/security anomaly events in network data. In the event of an anomaly, the framework features rule-based adaptations that are triggered by using various decision metrics. Based on our experimental results, we demonstrate the effectiveness of our rulebased 3QS-adaptation framework in reducing cybersickness levels, while maintaining application functionality. Our second strategy involves a "defense by pretense methodology" that uses real-time attack detection and creates cyber deception for HDSE applications. Healthcare data consumers (e.g., clinicians and researchers) require access to massive, protected datasets, thus loss of assurance/auditability of critical data such as Electronic Health Records (EHR) can severely impact loss of privacy of patient's data and the reputation of the healthcare organizations. Our cyber deception utilizes elastic capacity provisioning via use of rule-based adaptation to provision Quarantine Virtual Machines (QVMs) that handle redirected attacker's traffic and increase threat intelligence collection. We evaluate our defense by pretense design by creating an experimental Amazon Web Services (AWS) testbed hosting a real-world OHDSI setup for protected health data analytics/sharing with electronic health record data (SynPUF) and publications data (CORD-19) related to COVID-19. Our experiment results show how we can successfully detect targeted attacks such as e.g., DDoS and create redirection of attack sources to QVMs.Includes bibliographical references

Machine Analysis of Facial Expressions

No abstract

Intelligent Detection and Recovery from Cyberattacks for Small and Medium-Sized Enterprises

Cyberattacks threaten continuously computer security in companies. These attacks evolve everyday, being more and more sophisticated and robust. In addition, they take advantage of security breaches in organizations and companies, both public and private. Small and Medium-sized Enterprises (SME), due to their structure and economic characteristics, are particularly damaged when a cyberattack takes place. Although organizations and companies put lots of efforts in implementing security solutions, they are not always effective. This is specially relevant for SMEs, which do not have enough economic resources to introduce such solutions. Thus, there is a need of providing SMEs with affordable, intelligent security systems with the ability of detecting and recovering from the most detrimental attacks. In this paper, we propose an intelligent cybersecurity platform, which has been designed with the objective of helping SMEs to make their systems and network more secure. The aim of this platform is to provide a solution optimizing detection and recovery from attacks. To do this, we propose the application of proactive security techniques in combination with both Machine Learning (ML) and blockchain. Our proposal is enclosed in the IASEC project, which allows providing security in each of the phases of an attack. Like this, we help SMEs in prevention, avoiding systems and network from being attacked; detection, identifying when there is something potentially harmful for the systems; containment, trying to stop the effects of an attack; and response, helping to recover the systems to a normal state

Determination of the Trainability of Deception Detection Cues

The Air Force and the rest of the Department of Defense rely on valid information to make National Security decisions. The veracity of the information used to make those decisions can dramatically affect which course of action our military will take. Therefore, it is important that our leaders be able to recognize if they are being deceived. This study examines the results of training five categories of deception cues to 190 Air Force Officers. The officers were tested to determine their baseline deception detection abilities, then trained on the deception cues, Arousal, Emotion, Cognitive Effort, Communicator Tactics, and Memory Processes, then retested to determine how much information they retained. The results of this study show that there is a return on the investment in training deception detection for at least four of the deception cues