Visible to the public International Conferences: PST 2015, Izmir, Turkey

SoS Newsletter- Advanced Book Block


SoS Logo

International Conferences:

PST 2015

Izmir, Turkey

The 2015 13th Annual Conference on Privacy, Security and Trust (PST) was held 21-23 July 2015 in Izmir, Turkey. This year’s topics included access control, modelling, privacy, social networks, and trust. 

Debnath, Mitu Kumar; Samet, Saeed; Vidyasankar, Krishnamurthy, “A Secure Revocable Personal Health Record System with Policy-Based Fine-Grained Access Control,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 109–116, 21–23 July 2015. doi:10.1109/PST.2015.7232961
Abstract: Collaborative sharing of information is becoming much more needed technique to achieve complex goals in today’s fast-paced tech-dominant world. In our context, Personal Health Record (PHR) system has become a popular research area for sharing patient information very quickly among health professionals. PHR systems store and process sensitive information, which should have proper security mechanisms to protect data. Thus, access control mechanisms of the PHR should be well-defined. Secondly, PHRs should be stored in encrypted form. Therefore, cryptographic schemes offering a more suitable solution for enforcing access policies based on user attributes are needed. Attribute-based encryption can resolve these problems. We have proposed a framework with fine-grained access control mechanism that protects PHRs against service providers, and malicious users. We have used the Ciphertext Policy Attribute Based Encryption system as an efficient cryptographic technique, enhancing security and privacy of the system, as well as enabling access revocation in a hierarchical scheme. The Web Services and APIs for the proposed framework have been developed and implemented, along with an Android mobile application for the system.
Keywords: Access control; Data privacy; Encryption; Medical services; Servers; Attribute Revocation; Attribute-Based Encryption; Fine-Grained Access Control; Patient-centric Data Privacy; Personal Health Records (ID#: 15-6772)


Anandan, Balamurugan; Clifton, Chris, “Laplace Noise Generation for Two-Party Computational Differential Privacy,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 54–61, 21–23 July 2015. doi:10.1109/PST.2015.7232954
Abstract: Computing a differentially private function using secure function evaluation prevents private information leakage both in the process, and from information present in the function output. However, the very secrecy provided by secure function evaluation poses new challenges if any of the parties are malicious. We first show how to build a two party differentially private secure protocol in the presence of malicious adversaries. We then relax the utility requirement of computational differential privacy to reduce computational cost, still giving security with rational adversaries. Finally, we provide a modified two-party computational differential privacy definition and show correctness and security guarantees in the rational setting.
Keywords: Computational modeling; Encryption; Hamming distance; Noise; Privacy; Protocols (ID#: 15-6773)


Vanderlei de Arruda, Tiago; Venturini, Yeda Regina; Sakata, Tiemi Christine, “Performance Evaluation of ECC Scalar Multiplication Using Parallel Modular Algorithms on Mobile Devices,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 153–156, 21–23 July 2015. doi:10.1109/PST.2015.7232967
Abstract: Mobile devices, such as smartphones, allow people around the world to access a huge amount of online applications anywhere and anytime. Elliptic Curve Cryptography (ECC) algorithm can be used in mobile devices to trust the access to these applications. Scalar multiplication is the main and most expensive operation in ECC and its cost is directly related to the size of the key used. It is composed of a lot of modular arithmetic operations (addition, subtraction, squaring, multiplication and inversion), defined by the coordinate system used. Using the short Weierstrass Jacobian coordinate system, the modular multiplication and squaring are the most costly operations performed in our experiments. In this paper we analyze the performance of scalar multiplication using a variety of sequential and parallel modular multiplication algorithms with standardized NIST curves. To predict the timings for highorder curves, it is used a 1536-bit pairing-friendly curve available on RELIC. Experiments were performed on a SabreLite IMX6Quad board with a quad-core ARM cortex A9 (ARMv7 architecture) processor, which allows the analysis of these scalar multiplications on a mobile device architecture. Results show that Bipartite 2th timings were faster than the sequential ones for 1536-bit curves. Bipartite timings were strictly close to the best sequential timing for 521 bits, indicating that for a not too much longer key, parallel algorithms’ timings are capable to overcome the sequential ones.
Keywords: Algorithm design and analysis; Elliptic curve cryptography; Elliptic curves; Mobile handsets; Parallel algorithms; Timing (ID#: 15-6774)


Abidi, Balkis; Ben Yahia, Sadok, “An Adaptive Algorithm for Multivariate Data-Oriented Microaggregation,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 70–76, 21–23 July 2015. doi:10.1109/PST.2015.7232956
Abstract: Microaggregation for Statistical Disclosure Control (SDC) has been shown to be an efficient method to hamper individual identification. Indeed, micro data are wrapped in such a way that can be published and mined without providing any private information that can be linked to specific individuals. In this respect, a microaggregation method would seek to lower the information loss resulting from this replacement process. The challenge is how to minimize the information loss during the microaggregation process. In this paper, we introduce a new algorithm, called AdMicro-FSOM for the multivariate microaggregation task. The main thrust of this algorithm stands in its handling fuzzy partition into a microaggregation method. The extensive carried out experiments show the obtention of low information loss, even when handling noisy data. In addition, the obtained results sharply outperform those obtained by the pioneering algorithms of the dedicated literature.
Keywords: Algorithm design and analysis; Clustering algorithms; Data privacy; Noise measurement; Partitioning algorithms; Sorting; Training data (ID#: 15-6775)


Kiraz, Mehmet Sabir; Sertkaya, Isa; Uzunkol, Osmanbey, “An Efficient ID-Based Message Recoverable Privacy-Preserving Auditing Scheme,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 117–124, 21–23 July 2015. doi:10.1109/PST.2015.7232962
Abstract: One of the most important benefits of public cloud storage is outsourcing of management and maintenance with easy accessibility and retrievability over the internet. However, outsourcing data on the cloud brings new challenges such as integrity verification and privacy of data. More concretely, once the users outsource their data on the cloud they have no longer physical control over the data and this leads to the integrity protection issue. Hence, it is crucial to guarantee proof of data storage and integrity of the outsourced data. Several pairing-based auditing solutions have been proposed utilizing the Boneh-Lynn-Shacham (BLS) short signatures. They basically provide a desirable and efficient property of non-repudiation protocols. In this work, we propose the first ID-based privacy-preserving public auditing scheme with message recoverable signatures. Because of message recoverable auditing scheme, the message itself is implicitly included during the verification step that was not possible in previously proposed auditing schemes. Furthermore, we point out that the algorithm suites of existing schemes is either insecure or very inefficient due to the choice of the underlying bilinear map and its baseline parameter selections. We show that our scheme is more efficient than the recently proposed auditing schemes based on BLS like short signatures.
Keywords: Cloud computing; Data privacy; Elliptic curves; Memory; Protocols; Security; Servers; Data storage; bilinear maps; message recoverable signatures; privacy preserving; public auditability (ID#: 15-6776)


Kikuchi, Hiroaki; Takahashi, Katsumi, “Zipf Distribution Model for Quantifying Risk of Re-Identification from Trajectory Data,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 14–21, 21–23 July 2015. doi:10.1109/PST.2015.7232949
Abstract: In this paper, we proposes a new mathematical model for evaluating a given anonymized dataset that needs to be reidentified. Many anonymization algorithms have been proposed in the area called privacy-preserving data publishing (PPDP), but, no anonymization algorithms are suitable for all scenarios because many factors are involved. In order to address the issues of anonymization, we propose a new mathematical model based on the Zipf distribution. Our model is simple, but it fits well with the real distribution of trajectory data. We demonstrate the primary property of our model and we extend it to a more complex environment. Using our model, we define the theoretical bound for reidentification, which yields the appropriate optimal level for anonymization.
Keywords: Data models; Data privacy; Mathematical model; Probability distribution; Sociology; Statistics; Trajectory; Zipf distribution; anonymity; k-anonymity; re-identified risk (ID#: 15-6777)


Domingo-Ferrer, Josep; Ricci, Sara; Soria-Comas, Jordi, “Disclosure Risk Assessment via Record Linkage by a Maximum-Knowledge Attacker,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 28–35, 21–23 July 2015. doi:10.1109/PST.2015.7232951
Abstract: Before releasing an anonymized data set, the data protector must know how safe the data set is, that is, how much disclosure risk is incurred by the release. If no privacy model is used to select specific privacy guarantees prior to anonymization, posterior disclosure risk assessment must be performed based on the anonymized data set and, if the result is not satisfactory, anonymization must be repeated with stricter privacy parameters. Even if a privacy model is used, it may still be advisable to empirically evaluate disclosure on the anonymized data set, especially if the privacy model parameters have been relaxed to improve data utility. Record linkage is a general methodology to posterior disclosure risk assessment, whereby the data protector attempts to recreate the attacker’s re-identification scenario. An important limitation of record linkage is that it usually requires the data protector to make restrictive assumptions on the attacker’s background knowledge. To overcome this limitation, we present a maximum-knowledge attacker model and then we specify and compare several record linkage tests for such a worst-case attacker. Our tests are based on comparing the distribution of linkage distances between the original and the anonymized data set with the distribution of distances between one of the two previous data sets and one random data set. The more similar the distributions, the more plausibly deniable are record linkages claimed by an attacker. Because attaining zero disclosure risk for all records is too costly in terms of utility, a less demanding alternative is presented whose goal is to reduce the maximum per-record disclosure risk.
Keywords: Couplings; Data models; Data privacy; Dictionaries; Noise; Privacy; Risk management (ID#: 15-6778)


Oh, Seongyeol; Yang, Joon-Sung; Bianchi, Andrea; Kim, Hyoungshick, “Devil in a Box: Installing Backdoors in Electronic Door Locks,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 139–144, 21–23 July 2015. doi:10.1109/PST.2015.7232965
Abstract: Electronic door locks must be carefully designed to allow valid users to open (or close) a door and prevent unauthorized people from opening (or closing) the door. However, lock manufacturers have often ignored the fact that door locks can be modified by attackers in the real world. In this paper, we demonstrate that the most popular electronic door locks can easily be compromised by inserting a malicious hardware backdoor to perform unauthorized operations on the door locks. Attackers can replay a valid DC voltage pulse to open (or close) the door in an unauthorized manner or capture the user’s personal identification number (PIN) used for the door lock.
Keywords: Batteries; Bluetooth; Central Processing Unit; Consumer electronics; Solenoids; Voltage measurement; Wires (ID#: 15-6779)


Soeder, Brian; Barber, K. Suzanne, “A Model for Calculating User-Identity Trustworthiness in Online Transactions,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 177–185, 21–23 July 2015. doi:10.1109/PST.2015.7232971
Abstract: Online transactions require a fundamental relationship between users and resource providers (e.g., retailers, banks, social media networks) built on trust; both users and providers must believe the person or organization they are interacting with is who they say they are. Yet with each passing year, major data breaches and other identity-related cybercrimes become a daily way of life, and existing methods of user identity authentication are lacking. Furthermore, much research on identity trustworthiness focuses on the user’s perspective, whereas resource providers receive less attention. Therefore, the current research investigated how providers can increase the likelihood their users’ identities are trustworthy. Leveraging concepts from existing research, the user-provider trust relationship is modeled with different transaction contexts and attributes of identity. The model was analyzed for two aspects of user-identity trustworthiness — reliability and authenticity — with a significant set of actual user identities obtained from the U.S. Department of Homeland Security. Overall, this research finds that resource providers can significantly increase confidence in user-identity trustworthiness by simply collecting a limited amount of user-identity attributes.
Keywords: Authentication; Computational modeling; Context; Industries; Mathematical model; Protocols; Reliability; authenticity; Identity; reliability; trust (ID#: 15-6780)


Zarras, Apostolis; Papadogiannakis, Antonis; Ioannidis, Sotiris; Holz, Thorsten, “Revealing the Relationship Network Behind Link Spam,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 101–108, 21–23 July 2015. doi:10.1109/PST.2015.7232960
Abstract: Accessing the large volume of information that is available on the Web is more important than ever before. Search engines are the primary means to help users find the content they need. To suggest the most closely related and the most popular web pages for a user’s query, search engines assign a ranking to each web page, which typically increases with the number and ranking of other websites that link to this page. However, link spammers have developed several techniques to exploit this algorithm and improve the ranking of their web pages. These techniques are commonly based on underground forums for collaborative link exchange; building a relationship network among spammers to favor their web pages in search engine results. In this study, we provide a systematic analysis of the spam link exchange performed through 15 Search Engine Optimization (SEO) forums. We design a system, which is able to capture the activity of link spammers in SEO forums, identify spam link exchange, and visualize the link spam ecosystem. The outcomes of this study shed light on a different aspect of link spamming that is the collaboration among spammers.
Keywords: Crawlers; Ecosystems; Search engines; Uniform resource locators; Unsolicited electronic mail; Web pages (ID#: 15-6781)


Papp, Dorottya; Ma, Zhendong; Buttyan, Levente, “Embedded Systems Security: Threats, Vulnerabilities, and Attack Taxonomy,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 145–152, 21–23 July 2015. doi:10.1109/PST.2015.7232966
Abstract: Embedded systems are the driving force for technological development in many domains such as automotive, healthcare, and industrial control in the emerging post-PC era. As more and more computational and networked devices are integrated into all aspects of our lives in a pervasive and “invisible” way, security becomes critical for the dependability of all smart or intelligent systems built upon these embedded systems. In this paper, we conduct a systematic review of the existing threats and vulnerabilities in embedded systems based on public available data. Moreover, based on the information, we derive an attack taxonomy for embedded systems. We envision that the findings in this paper provide a valuable insight of the threat landscape facing embedded systems. The knowledge can be used for a better understanding and the identification of security risks in system analysis and design.
Keywords: Authentication; Cryptography; Embedded systems; Protocols; Taxonomy (ID#: 15-6782)


Jafer, Yasser; Matwin, Stan; Sokolova, Marina, “A Framework for a Privacy-Aware Feature Selection Evaluation Measure,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 62–69, 21–23 July 2015. doi:10.1109/PST.2015.7232955
Abstract: Feature selection is based on the notion that redundant and/or irrelevant variables bring no additional information about the data classes and can be considered noise for the predictor. As a result, the total feature set of a dataset could be minimized to only few features containing maximum discrimination information about the class. Classification accuracy is used as the evaluation measure in guiding the feature selection process. At the same time, such measure does not take into account the privacy of the resulting dataset. In this work, we incorporate privacy considerations into the very evaluation measure that is used to evaluate and select feature subsets. We consider privacy “during” the feature selection process and as such introduce a two-dimensional measure in automatic feature selection that takes into account both objectives of privacy and efficacy (e.g. accuracy) simultaneously and provides the data user with the flexibility of trading-off one for another.
Keywords: Accuracy; DH-HEMTs; Data privacy; Noise; Privacy; Programmable logic arrays; Classification; Data Mining; Evaluation Measure; Feature Selection; Wrappers (ID#: 15-6783)


Cho, Junsung; Cho, Geumhwan; Kim, Hyoungshick, “Keyboard or Keylogger?: A Security Analysis of Third-Party Keyboards on Android,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 173–176, 21–23 July 2015. doi:10.1109/PST.2015.7232970
Abstract: Use of third-party keyboards makes Android more flexible and customizable. However, we demonstrate their potential security risks by implementing a proof-of-concept keylogger that can effectively steal users’ sensitive keystrokes with 81 popular websites (out of 100 tested websites). We also empirically analyzed the security behaviors of 139 keyboard applications that were available on Google Play. Our study results show that the majority of existing keyboard applications (84 out of 139) could be potentially misused as malicious keyloggers. To avoid such keylogging attacks, we discuss possible defense mechanisms.
Keywords: Androids; Google; Humanoid robots; Internet; Keyboards; Malware (ID#: 15-6784)


Falcone, Rino; Sapienza, Alessandro; Castelfranchi, Cristiano, “Recommendation of Categories in an Agents World: The Role of (not) Local Communicative Environments,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 7–13, 21–23 July 2015. doi:10.1109/PST.2015.7232948
Abstract: Due to Internet and social media web, the world as we know it is deeply changing integrating two different aspects of the social interaction: the one that develop in the real world and the one that develop in web society. In this paper we focus on the importance of generalized knowledge (agents’ categories) in order to understand how much it is crucial in these two worlds. The cognitive advantage of generalized knowledge can be synthesized in this claim: “It allows us to know a lot about something/somebody we do not directly know”. At a social level this means that I can know a lot of things on people that I never met; it is social “prejudice” with its good side and fundamental contribution to social exchange. In this study we will analyse and present some differences between the social relationships in the two worlds and how they influence categories’ reputation. On this basis, we will experimentally inquire the role played by categories’ reputation with respect to the reputation and opinion on single agents: when it is better to rely on the first ones and when are more reliable the second ones. We will consider these simulations for both the two kind of world, investigating how the parameters defining the specific environment (number of agents, their interactions, transfer of reputation, and so on) determine the use of categories” reputation and trying to understand how the role played by categories will be important in the new digital worlds.
Keywords: Context; Dogs; Organizations; Reliability; Sociology; Statistics; Uncertainty; cognitive analysis; social simulations; trust (ID#: 15-6785)


Wuller, Stefan; Meyer, Ulrike; Forg, Fabian; Wetzel, Susanne, “Privacy-Preserving Conditional Random Selection,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 44–53, 21–23 July 2015. doi:10.1109/PST.2015.7232953
Abstract: In this paper, we introduce a new primitive — referred to as conditional random selection. This new primitive allows the random selection of a data record from the subset of data records that meet a specified condition. We present a new privacy-preserving protocol that implements the new primitive and is secure in the semi-honest model. At its core, it uses newly developed protocols for oblivious shuffling, oblivious swapping, and privacy-preserving less than comparison on binary values with shared output. We show the relevance of conditional random selection in various application scenarios.
Keywords: Complexity theory; Computational modeling; Encryption; Protocols; Silicon (ID#: 15-6786)


Jemel, Meriam; Ben Azzouna, Nadia; Ghedira, Khaled, “ECA Rules for Controlling Authorisation Plan to Satisfy Dynamic Constraints,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 133–138, 21–23 July 2015. doi:10.1109/PST.2015.7232964
Abstract: The workflow satisfiability problem has been studied by researchers in the security community using various approaches. The goal is to ensure that the user/role is authorised to execute the current task and that this permission doesn't prevent the remaining tasks in the workflow instance to be achieved. A valid authorisation plan consists in affecting authorised roles and users to workflow tasks in such a way that all the authorisation constraints are satisfied. Previous works are interested in workflow satisfiability problem by considering intra-instance constraints, i.e. constraints which are applied to a single instance. However, inter-instance constraints which are specified over multiple workflow instances are also paramount to mitigate the security frauds. In this paper, we present how ECA (Event-Condition-Action) paradigm and agent technology can be exploited to control authorisation plan in order to meet dynamic constraints, namely intra-instance and inter-instance constraints. We present a specification of a set of ECA rules that aim to achieve this goal. A prototype implementation of our proposed approach is also provided in this paper.
Keywords: Authorization; Complexity theory; Context; Engines; Planning; Receivers (ID#: 15-6787)


Boender, Jaap; Primiero, Giuseppe; Raimondi, Franco, “Minimizing Transitive Trust Threats in Software Management Systems,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 191–198, 21–23 July 2015. doi:10.1109/PST.2015.7232973
Abstract: We consider security threats in software installation processes, posed by transitively trusted dependencies between packages from distinct repositories. To analyse them, we present SecureNDC, a Coq implemented calculus using an explicit trust function to bridge repository access and software package installation rights. Thereby, we resolve a version of the minimum install problem under trust conditions on repositories.
Keywords: Calculus; Context; Lead; Libraries; Security; Software packages (ID#: 15-6788)


Fujita, Masahiro; Jensen, Christian D.; Arimura, Shiori; Ikeya, Yuki; Nishigaki, Masakatsu, “Physical Trust-Based Persistent Authentication,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 186–190, 21–23 July 2015. doi:10.1109/PST.2015.7232972
Abstract: Recently companies have applied two-factor user authentication. Persistent Authentication is one of the interesting authentication mechanisms to establish security and usability of two-factor authentication systems. However, there is room to improve its feasibility and usability. In this paper, we propose a new type of persistent authentication, called Persistent Authentication Based On physical Trust (PABOT). PABOT uses a context of “physical trust relationship” that is built by visual contact between users, and thus can offer a persistent authentication mechanism with better usability and higher feasibility.
Keywords: Authentication; Companies; Sensors; Servers; Usability; Visualization; persistent authentication; physical trust; user authentication; visual contact (ID#: 15-6789)


Chen, Liang; Edwards, Peter; Nelson, John D.; Norman, Timothy J., “An Access Control Model for Protecting Provenance Graphs,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 125–132, 21–23 July 2015. doi:10.1109/PST.2015.7232963
Abstract: Securing provenance has recently become an important research topic, resulting in a number of models for protecting access to provenance. Existing work has focused on graph transformation mechanisms that supply a user with a provenance view that satisfies both access control policies and validity constraints of provenance. However, it is not always possible to satisfy both of them simultaneously, because these two conditions are often inconsistent which require sophisticated conflict resolution strategies to be put in place. In this paper we develop a new access control model tailored for provenance. In particular, we explicitly take into account validity constraints of provenance when specifying certain parts of provenance to which access is restricted. Hence, a provenance view that is granted to a user by our authorisation mechanism would automatically satisfy the validity constraints. Moreover, we propose algorithms that allow provenance owners to deploy fine-grained access control for their provenance data.
Keywords: Authorization; Computers; Data models; Object recognition; Transforms (ID#: 15-6790)


Hallgren, Per; Ochoa, Martin; Sabelfeld, Andrei, “InnerCircle: A Parallelizable Decentralized Privacy-Preserving Location Proximity Protocol,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 1–6, 21–23 July 2015. doi:10.1109/PST.2015.7232947
Abstract: Location Based Services (LBS) are becoming increasingly popular. Users enjoy a wide range of services from tracking a lost phone to querying for nearby restaurants or nearby tweets. However, many users are concerned about sharing their location. A major challenge is achieving the privacy of LBS without hampering the utility. This paper focuses on the problem of location proximity, where principals are willing to reveal whether they are within a certain distance from each other. Yet the principals are privacy-sensitive, not willing to reveal any further information about their locations, nor the distance. We propose InnerCircle, a novel secure multi-party computation protocol for location privacy, based on partially homomorphic encryption. The protocol achieves precise fully privacy-preserving location proximity without a trusted third party in a single round trip. We prove that the protocol is secure in the semi-honest adversary model of Secure Multi-party Computation, and thus guarantees the desired privacy properties. We present the results of practical experiments of three instances of the protocol using different encryption schemes. We show that, thanks to its parallelizability, the protocol scales well to practical applications.
Keywords: Approximation methods; Encryption; Privacy; Protocols; Public key (ID#: 15-6791)


Alzahrani, Abdullah J.; Ghorbani, Ali A., “Real-Time Signature-Based Detection Approach for SMS Botnet,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 157–164, 21–23 July 2015. doi:10.1109/PST.2015.7232968
Abstract: As an open platform for mobile electronic devices, Android is experiencing a steady growth in the number of published applications (apps). Features of the Android platform have caught the attention of malicious users who have targeted the Short Message Service (SMS) to abuse its permissions. Various types of attack, referred to as botnets, can be executed without the user’s knowledge by taking advantage of SMS messages, such as sending text message spam, transferring all command and control (C&C) instructions, launching denial-of-service (DoS) attacks, sending premium-rate SMS messages, or distributing malicious applications via URLs embedded in text messages. In this paper, we propose a real-time signature-based detection mechanism to combat SMS botnets, in which we first apply pattern-matching detection approaches for incoming and outgoing SMS text messages, and then use rule-based techniques to label unknown SMS messages as suspicious or normal. This approach was evaluated using over 12,000 test messages. It was able to detect all 747 malicious SMS messages in the dataset (100% detection rate with no false negatives). It also flagged 351 SMS messages as suspicious.
Keywords: Feature extraction; Malware; Mobile communication; Pattern matching; Smart phones; Android; Botnet Detection; Mobile Malware; SMS (ID#: 15-6792)


Dewan, Prateek; Kumaraguru, Ponnurangam, “Towards Automatic Real Time Identification of Malicious Posts on Facebook,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 85–92, 21–23 July 2015. doi:10.1109/PST.2015.7232958
Abstract: Online Social Networks (OSNs) witness a rise in user activity whenever a news-making event takes place. Cyber criminals exploit this spur in user-engagement levels to spread malicious content that compromises system reputation, causes financial losses and degrades user experience. In this paper, we characterized a dataset of 4.4 million public posts generated on Facebook during 17 news-making events (natural calamities, terror attacks, etc.) and identified 11,217 malicious posts containing URLs. We found that most of the malicious content which is currently evading Facebook’s detection techniques originated from third party and web applications, while more than half of all legitimate content originated from mobile applications. We also observed greater participation of Facebook pages in generating malicious content as compared to legitimate content. We proposed an extensive feature set based on entity profile, textual content, metadata, and URL features to automatically identify malicious content on Facebook in real time. This feature set was used to train multiple machine learning models and achieved an accuracy of 86.9%. We performed experiments to show that past techniques for spam campaign detection identified less than half the number of malicious posts as compared to our model. This model was used to create a REST API and a browser plug-in to identify malicious Facebook posts in real time.
Keywords: Facebook; Malware; Real-time systems; Twitter; Uniform resource locators (ID#: 15-6793)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.