A Survey on Securing Personally Identifiable Information on Smartphones

With an ever-increasing footprint, already topping 3 billion devices, smartphones have become a huge cybersecurity concern. The portability of smartphones makes them convenient for users to access and store personally identifiable information (PII); this also makes them a popular target for hackers. This survey shares practical insights derived from analyzing 16 real-life case studies that exemplify: the vulnerabilities that leave smartphones open to cybersecurity attacks; the mechanisms and attack vectors typically used to steal PII from smartphones; the potential impact of PII breaches upon all parties involved; and recommended defenses to help prevent future PII losses. The contribution of this research is recommending proactive measures to dramatically decrease the frequency of PII loss involving smartphones

Shopping for privacy: Purchase details leaked to PayPal

status: publishe

Cybersecurity in travel based on the opinions of university students engaging in tourism

Cybersecurity is a critical, yet often overlooked aspect of travelling domestically and abroad. Several issues connected with cybersecurity, such as the possibility of network-based attacks while connected to public wireless networks as well as matters connected with physical security of carried devices arise when travelling and are exacerbated with repeated border crossings or stays in several accommodation facilities. This study focuses on gauging the types of security precautions university students take when engaging in tourism and providing recommendations based on the collected data and responses taken from participants of the study. In the investigation, an analysis of source materials was used in conjunction with a diagnostic survey distributed among university students in Poland. In the study, the research hypothesis of “Among the surveyed students, most are at least partially security-conscious, but the majority fail to implement adequate measures of improving data confidentiality and availability on their personal devices while travelling” has been put forward.Cybersecurity is a critical, yet often overlooked aspect of travelling domestically and abroad. Several issues connected with cybersecurity, such as the possibility of network-based attacks while connected to public wireless networks as well as matters connected with physical security of carried devices arise when travelling and are exacerbated with repeated border crossings or stays in several accommodation facilities. This study focuses on gauging the types of security precautions university students take when engaging in tourism and providing recommendations based on the collected data and responses taken from participants of the study. In the investigation, an analysis of source materials was used in conjunction with a diagnostic survey distributed among university students in Poland. In the study, the research hypothesis of “Among the surveyed students, most are at least partially security-conscious, but the majority fail to implement adequate measures of improving data confidentiality and availability on their personal devices while travelling” has been put forward

Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning

Deep Learning has recently become hugely popular in machine learning, providing significant improvements in classification accuracy in the presence of highly-structured and large databases. Researchers have also considered privacy implications of deep learning. Models are typically trained in a centralized manner with all the data being processed by the same training algorithm. If the data is a collection of users' private data, including habits, personal pictures, geographical positions, interests, and more, the centralized server will have access to sensitive information that could potentially be mishandled. To tackle this problem, collaborative deep learning models have recently been proposed where parties locally train their deep learning structures and only share a subset of the parameters in the attempt to keep their respective training sets private. Parameters can also be obfuscated via differential privacy (DP) to make information extraction even more challenging, as proposed by Shokri and Shmatikov at CCS'15. Unfortunately, we show that any privacy-preserving collaborative deep learning is susceptible to a powerful attack that we devise in this paper. In particular, we show that a distributed, federated, or decentralized deep learning approach is fundamentally broken and does not protect the training sets of honest participants. The attack we developed exploits the real-time nature of the learning process that allows the adversary to train a Generative Adversarial Network (GAN) that generates prototypical samples of the targeted training set that was meant to be private (the samples generated by the GAN are intended to come from the same distribution as the training data). Interestingly, we show that record-level DP applied to the shared parameters of the model, as suggested in previous work, is ineffective (i.e., record-level DP is not designed to address our attack).Comment: ACM CCS'17, 16 pages, 18 figure

Leaking the secret: women's attitudes toward menstruation and menstrual-tracker mobile apps

2016 Summer.Includes bibliographical references.This study explored how menstrual-tracker mobile apps have characteristics that reflect menstruation as a taboo in the U.S. culture. Objectification theory and gender schema theory provided a conceptual and overarching framework to explore how the U.S. sociocultural context may play a role in the development of norms and assumptions surrounding menstruation, and in turn, menstrual-tracker mobile apps reflecting society’s norms and assumptions about menstruation as a taboo. Feminist theory is discussed as well, as it shed light on the development of the androcentric view toward menstruation in the United States, and it kindled the researcher’s interest in conducting this study. A dearth of literature exists about menstrual-tracker mobile apps as cultural products, and an online survey was conducted among a convenience sample of female undergraduate millennials (n = 258) to investigate if a correlation exists between their attitudes toward menstruation as a taboo and menstrual-tracker mobile apps’ security features, body control features, and discussion features. The analysis of the data revealed that female undergraduate millennials’ attitudes toward menstruation as a taboo in this study correlated to their attitudes toward security features and discussion features but not body control features on menstrual-tracker mobile apps

Millennials and ICT—Findings from the Technology 4 Young Adults (T4YA) project: An Exploratory Study

Information communication technology (ICT) is becoming a pivotal element in the twenty-first century, and while there has been substantial work conducted to understand ICT use by older adults, there is a paucity of knowledge relating to ICT use and behavior by Millennials. The Technology 4 Young Adults (T4YA) study opens the discussion to the barriers and enablers of ICT by Millennials in their day-to-day activities. Eight participants aged 18–33 years were recruited, and open-ended questions were posed to the focus groups participants. A total of three focus groups were conducted, two focus groups were conducted in Pontefract (West Yorkshire, England) and one focus group was conducted in Swansea (West Glamorgan, Wales); all focus groups were recorded and transcribed verbatim. Primary themes included: hardware, privacy issues/concerns, confidence, usability/functionality, day-to-day activities, and content/sharing of information. Day-to-day activities were undertaken primarily on smartphones, such as online banking and shopping, while privacy and trust concerns was a conversation thread throughout the discussions. Further work is needed with larger sample sizes, taking a multi-methods approach to extract quantitative data to underpin qualitative data analysis and frameworks. This exploratory study intersects at the fields of social sciences and human–computer interaction