De-Anonymization Attack Anatomy and Analysis of Ohio Nursing Workforce Data Anonymization

Miracle, Jacob M.

January 2016

No description available.

Computer Engineering

Computer Science

Information Technology

Information Science

Anonymization

Semantic Web

Privacy

De-Anonymization Attacks

Record Linkage Attacks

Ohio Nursing Workforce

Privacy Attack Survey

Information Privacy

Anonymous Data

Privacy Breach

Unexpected Reflection Collection

Walker, Jessica E.

15 December 2009

No description available.

Fine Arts

art

video

photograph

Internet

privacy

craigslist.com

REALIZING INFORMATION ESCROWS AND EFFICIENT KEY-MANAGEMENT USING THRESHOLD CRYPTOGRAPHY

Easwar V Mangipudi (13169733)

29 July 2022

<p>In this thesis, we address two applications of threshold cryptography — designing information escrows and key-distribution in cryptocurrency systems. We design escrow mechanisms in two-party and multi-party scenarios such that any unauthorized revelation of<br> data results in the loss of cryptocurrency by the dishonest party. Later, we discuss user mental models in adopting cryptocurrency wallets and propose a protocol to efficiently provide cryptographic keys to the users in large-user systems. An information escrow refers to users storing their data at a custodian such that it can be revealed later. In the case of unauthorized leakage of this data by the custodian (receiver of data), taking legal actions is expensive, time consuming and also difficult owing to difficulty in establishing the responsibility. We address this by automatically penalizing the custodian through the loss of cryptocurrency in case of leakage. Initially, we consider a two party scenario where a sender forwards multimedia data to a receiver; we propose the Pepal protocol<br> where any total or partial leakage of data penalizes the receiver. To avoid single point of failure at the receiver in a two-party system, we extend the protocol to a multi-party system where a group of agents offer the escrow as a service. However, this introduces a collusion scenario among the rational agents leading to premature and undetectable unlocking of the data. Addressing this, we propose a collusion-deterrent escrow (CDE) protocol where any collusion among the agents is penalized. We show that the provably secure protocol deters collusion in game-theoretic terms by dis-incentivising it among the rational agents. In the second part of this work, we investigate the mental models of cryptocurrency wallet users in choosing single-device or multi-device wallets along with their preferences. We investigate the user-preferred default (threshold) settings for the key distribution in the wallets. We then propose the D-KODE protocol, an efficient key-generation mechanism for<br> cryptocurrency systems where either the payee or payer may not have the cryptographic setup but wish to transact. The protocol utilizes a practical black-box secret sharing scheme along with a distributed almost key-homomorphic PRF to achieve the threshold key distribution.</p>

Cryptography

Key Distribution

game theory mechanism

cryptography applications

privacy protection.

Security and Privacy Issues of Mobile Cyber-physical Systems

Shang, Jiacheng

January 2020

Cyber-physical systems (CPS) refer to a group of systems that combine the real physical world with cyber components. Traditionally, the applications of CPS in research and the real world mainly include smart power grid, autonomous automobile systems, and robotics systems. In recent years, due to the fast development of pervasive computing, sensor manufacturing, and artificial intelligence technologies, mobile cyber-physical systems that extend the application domains of traditional cyber-physical systems have become increasingly popular. In mobile cyber-physical systems, devices have rich features, such as significant computational resources, multiple communication radios, various sensor modules, and high-level programming languages. These features enable us to build more powerful and convenient applications and systems for mobile users. At the same time, such information can also be leveraged by attackers to design new types of attacks. The security and privacy issues can exist in any application of mobile CPS. In terms of defense systems, we focus on three important topics: voice liveness detection, face forgery detection, and securing PIN-based authentication. In terms of attack systems, we study the location privacy in augmented reality (AR) applications. We first investigate the voice replay attacks on smartphones. Voice input is becoming an important interface on smartphones since it can provide better user experience compared with traditional typing-based input methods. However, because the human voice is often exposed to the public, attackers can easily steal victims' voices and replay it to victims' devices to issue malicious commands. To defend the smartphone from voice replay attacks, we propose a novel liveness detection system, which can determine whether the incoming voice is from a live person or a loudspeaker. The key idea is that voices are produced and finalized at multiple positions in human vocal systems, while the audio signals from loudspeakers are from one position. By using two microphones on the smartphone to record the voice at two positions and measure their relationship, the proposed system can defend against voice replay attacks with a high success rate. Besides smartphones, voice replay attacks are also feasible on AR headsets. However, due to the special hardware positions, the current voice liveness detection system designed for smartphones cannot be deployed on AR headsets. To address this issue, we propose a novel voice liveness detection system for AR headsets. The key insight is that the human voice can propagate through the internal body. By attaching a contact microphone around the user's temple, we can collect the internal body voice. A voice is determined from a live person as long as the collected internal body voice has a strong relationship with the mouth voice. Since the contact microphone is cheap, tiny, and thin, it can be embedded in current AR headsets with minimal additional cost. Next, we propose a system to detect the fake face in real-time video chat. Recent developments in deep learning-based forgery techniques largely improved the ability of forgery attackers. With the help of face reenactment techniques, attackers can transfer their facial expressions to another person's face to create fake facial videos in real-time with very high quality. In our system, we find that the face of a live person can reflect the screen light, and this reflected light can be captured by the web camera. Moreover, current face forgery techniques cannot generate such light change with acceptable quality. Therefore, we can measure the correlation and similarity of the luminance changes between the screen light and the face-reflected light to detect the liveness of the face. We also study to leverage IoT devices to enhance the privacy of some daily operations. We find that the widely used personal identification number (PIN) is not secure and can be attacked in many ways. In some scenarios, it is hard to prevent attackers from obtaining the victim's PIN. Therefore, we propose a novel system to secure the PIN input procedure even if the victim's PIN has been leaked. The basic idea is that different people have different PIN input behavior even for the same PIN. Even though attackers can monitor the victim's PIN input behaviors and imitate it afterward, the biological differences among each person's hands still exist and can be used to differentiate them. To capture both PIN input behavior and the biological features, we install a tiny light sensor at the center of the PIN pad to transfer the information into a light signal. By extracting useful features from multiple domains, we can determine whether the PIN input is from the same person with high accuracy. Besides designing new defense systems, we also show that sensory data and side-channel information can be leveraged to launch new types of attacks. We conduct a study on the network traffic of location-based AR applications. We find that it is feasible to infer the real-time location of a user using the short-time network traffic if the downloading jobs are related to the current location. By carefully deploying fake AR contents at some locations, our attack system can infer the location of the user with high accuracy by processing noisy network traffic data. / Computer and Information Science

Computer Science

Attack

Mobile Cyber-physical System

Privacy

Security

Security and Privacy Issues in Social Information-Assisted Application Design

Chang, Wei

January 2016

In recent years, social networks and their related theories and applications attract widespread attentions in computer science. Many applications are designed by exploring the social information among users, such as social peer-to-peer systems, mobile cloud, and online recommendation systems. Most of the existing works only focus on how to use social information but ignore the fact that social information itself may cause severe security and privacy problems. In this dissertation, we first present some social information-assisted application systems that we have designed, and then, we present several social information-involved privacy and security risks and their countermeasures. Generally speaking, the design procedure of any social information-assisted application involves three tasks: publishing, accessing, and using social information. However, all of these tasks contain privacy and security issues. Social information can be published from a centralized system or a distributed one. For the centralized scheme, the social information is directly published from online social networking systems, such as Facebook or Twitter. However, we found that the data of a social network essentially is a time-evolving graph. Most of the existing approaches fail to preserve users' identity privacy once a malicious attacker has the external knowledge about the victim's time-varying behaviors. For avoiding the new privacy issue, we propose a time-based anonymization scheme. For the distributed social information-sharing scheme, each user's information is propagated from friend to friend's friends, and so on. We design a new scheme to gradually enhance the privacy protection along a propagation path, in the meanwhile, maximally preserve the overall utility of the user's data. From a data accessing aspect, social information can be used by malicious users for launching new attacks. In this dissertation, we find a friendship-based privacy disclosure attack, and a corresponding defense approach is designed. Location-based service has been widely adopted. In order to preserve location privacy, users usually turn off the corresponding applications when visiting sensitive locations. However, once social relationships are known, attackers are able to infer these hidden locations, which disclose users' location privacy. For preserving the location privacy, we design a fake location-based approach, which efficiently disorders the social-geographic relationships among users. From the data usage aspect, social information and its related data may come from users. A system may lose functioning if some malicious users inject plenty of fake information. Mobile clouds and Friend Locator are two typical systems, which are vulnerable to the fake information-related attacks. Mobile clouds explore the idle computing resources of surrounding devices by recruiting nearby friends to participate in the same task. However, malicious users may inject wrong friendships information to mess up the system. When visiting a new place, Friend Locator provides navigation services for participators by creating a map based their trajectories. The functioning of the system is based on the trust among participators. Once a user's device is controlled by attackers, all other users may receive wrong navigation. For defending these attacks, we provide different countermeasure. / Computer and Information Science

Computer Science

Attack

Privacy

Security

Social Information

System Design and Evaluation

FOREGROUND AND SCENE STRUCTURE PRESERVED VISUAL PRIVACY PROTECTION USING DEPTH INFORMATION

Elezovikj, Semir

January 2014

We propose the use of depth-information to protect privacy in person-aware visual systems while preserving important foreground subjects and scene structures. We aim to preserve the identity of foreground subjects while hiding superfluous details in the background that may contain sensitive information. We achieve this goal by using depth information and relevant human detection mechanisms provided by the Kinect sensor. In particular, for an input color and depth image pair, we first create a sensitivity map which favors background regions (where privacy should be preserved) and low depth-gradient pixels (which often relates a lot to scene structure but little to identity). We then combine this per-pixel sensitivity map with an inhomogeneous image obscuration process for privacy protection. We tested the proposed method using data involving different scenarios including various illumination conditions, various number of subjects, different context, etc. The experiments demonstrate the quality of preserving the identity of humans and edges obtained from the depth information while obscuring privacy intrusive information in the background. / Computer and Information Science

Computer Science

Inhomogeneous Diffusion

Sensitivity Map

Visual Privacy Protection

ESSAYS IN INFORMATION PRIVACY: DEFINING & ANALYZING ONLINE EQUIVOCATION

Graff, Irene

January 2018

As quickly as individuals engage in new ways to share personal information online, their concerns over privacy are increasing. Online engagement is not just “to share or not to share,” but a continuum of the disclosure. To remain engaged online and to avoid privacy exposure, individuals sometimes omit or provide inaccurate information. This process is defined as online equivocation. Drawing on privacy calculus research, this study investigates how individuals use online equivocation to lower privacy concerns in mobile computing, essentially reducing the costs of online disclosure. Several studies are used to explain and analyze online equivocation and draw out the implications for theory, firms, society, and individuals. To achieve this a qualitative questionnaire was distributed among 547 individuals across the United States asking subjects to report whether they had provided inaccurate data online in privacy-concerned situations and to detail the various strategies used. The results indicate that online equivocation can be categorized into five distinct strategies organized on a continuum of level of effort: omission, abbreviation, substitution, combined substitution, and alternative persona. A follow-up questionnaire was completed with 582 respondents that showed individuals use one more online equivocation strategy in the majority of personal information sharing. This result provides a framework for further study of online equivocation. A third and final survey tested a new conceptual model constructed from the results of the previous questionnaires to examine the effects of online equivocation on privacy concerns, collecting 2,947 responses. The final survey analysis found that individuals employed online equivocation strategies to help reduce privacy concerns in mobile computing and contributed to privacy calculus theory, contending that individuals will make a cost-benefit analysis regarding whether to disclose inaccurate personal information to reduce privacy concerns. However, the research shows that the behavior of online equivocation positively effects mobile privacy concerns, implying that the more that individuals online equivocate, the more likely they are to be concerned about privacy. Overall, the study shows that online equivocation is a fairly common strategy, leading to high percentages of inaccurate data collected by businesses. Inaccurate personal information from consumers can misinform companies and lead to incorrect business decisions, affecting the nature of the products or services offered. Firms aiming to compete online depend on the quality of the information they collect from consumers and may view understanding this phenomenon as strategically crucial to competitiveness. / Business Administration/Strategic Management

Business Administration

Lying

Mobile Computing

Online Equivocation

Privacy Concerns

Designing Effective Security and Privacy Schemes for Wireless Mobile Devices

Wu, Longfei

January 2017

The growing ubiquity of modern wireless and mobile electronic devices has brought our daily lives with more convenience and fun. Today's smartphones are equipped with a variety of sensors and wireless communication technologies, which can support not only the basic functions like phone call and web browsing, but also advanced functions like mobile pay, biometric security, fitness monitoring, etc. Internet-of-Things (IoT) is another category of popular wireless devices that are networked to collect and exchange data. For example, the smart appliances are increasingly deployed to serve in home and office environments, such as smart thermostat, smart bulb, and smart meter. Additionally, implantable medical devices (IMD) is the typical type of modern wireless devices that are implanted within human body for diagnostic, monitoring, and therapeutic purposes. However, these modern wireless and mobile devices are not well protected compared with traditional personal computers (PCs), due to the intrinsic limitations in computation power, battery capacity, etc. In this dissertation, we first present the security and privacy vulnerabilities we discovered. Then, we present our designs to address these issues and enhance the security of smartphones, IoT devices, and IMDs. For smartphone security, we investigate the mobile phishing attacks, mobile clickjacking attacks and mobile camera-based attacks. Phishing attacks aim to steal private information such as credentials. We propose a novel anti-phishing scheme MobiFish, which can detect both phishing webpages and phishing applications (apps). The key idea is to check the consistency between the claimed identity and the actual identity of a webpage/app. The claimed identity can be extracted from the screenshot of login user interface (UI) using the optical character recognition (OCR) technique, while the actual identity is indicated by the secondary-level domain name of the Uniform Resource Locator (URL) to which the credentials are submitted. Clickjacking attacks intend to hijack user inputs and re-route them to other UIs that are not supposed to receive them. To defend such attacks, a lightweight and independent detection service is integrated into the Android operating system. Our solution requires no user or app developer effort, and is compatible with existing commercial apps. Camera-based attacks on smartphone can secretly capture photos or videos without the phone user's knowledge. One advanced attack we discovered records the user's eye movements when entering passwords. We found that it is possible to recover simple passwords from the video containing user eye movements. Next, we propose an out-of-band two-factor authentication scheme for indoor IoT devices (e.g., smart appliances) based on the Blockchain infrastructure. Since smart home environment consists of multiple IoT devices that may share their sensed data to better serve the user, when one IoT device is being accessed, our design utilizes another device to conduct a secondary authentication over an out-of-band channel (light, acoustic, etc.), to detect if the access requestor is a malicious external device. Unlike smartphones and IoT devices, IMDs have the most limited computation and battery resources. We devise a novel smartphone-assisted access control scheme in which the patient's smartphone is used to delegate the heavy computations for authentication and authorization. The communications between the smartphone and the IMD programmer are conducted through an audio cable, which can resist the wireless eavesdropping and other active attacks. / Computer and Information Science

Computer Science

Implantable Medical Devices

Internet-of-things

Privacy

Security

Smartphone

Secure and efficient query processing in outsourced databases

Bogatov, Dmytro

16 September 2022

As organizations struggle with processing vast amounts of information, outsourcing sensitive data to third parties becomes a necessity. Various cryptographic techniques are used in outsourced database systems to ensure data privacy while allowing for efficient querying. This thesis proposes a definition and components of a new secure and efficient outsourced database system, which answers various types of queries, with different privacy guarantees in different security models. This work starts with the survey of five order-preserving and order-revealing encryption schemes that can be used directly in many database indices, such as the B+ tree, and five range query protocols with various tradeoffs in terms of security and efficiency. The survey systematizes the state-of-the-art range query solutions in a snapshot adversary setting and offers some non-obvious observations regarding the efficiency of the constructions. The thesis then proceeds with Epsolute - an efficient range query engine in a persistent adversary model. In Epsolute, security is achieved in a setting with a much stronger adversary where she can continuously observe everything on the server, and leaking even the result size can enable a reconstruction attack. Epsolute proposes a definition, construction, analysis, and experimental evaluation of a system that provably hides both access pattern and communication volume while remaining efficient. The dissertation concludes with k-anon - a secure similarity search engine in a snapshot adversary model. The work presents a construction in which the security of kNN queries is achieved similarly to OPE / ORE solutions - encrypting the input with an approximate Distance Comparison Preserving Encryption scheme so that the inputs, the points in a hyperspace, are perturbed, but the query algorithm still produces accurate results. Analyzing the solution, we run a series of experiments to observe the tradeoff between search accuracy and attack effectiveness. We use TREC datasets and queries for the search, and track the rank quality metrics such as MRR and nDCG. For the attacks, we build an LSTM model that trains on the correlation between a sentence and its embedding and then predicts words from the embedding. We conclude on viability and practicality of the solution.

Computer science

Differential privacy

ORAM

ORE

Secure range queries

The social significance of home networking : public surveillance and social management

Wilson, Kevin G., 1952-

January 1985

No description available.

Minicomputers.

Social control.

Privacy, Right of.