发布求助
文献互助 智能选刊 最新文献

Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks最新文献

筛选
英文 中文
Physical layer location privacy issue in wireless small cell networks 无线小蜂窝网络中的物理层位置隐私问题
Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2015-06-22 DOI: 10.1145/2766498.2774990
Sadegh Farhang, Y. Hayel, Quanyan Zhu
{"title":"Physical layer location privacy issue in wireless small cell networks","authors":"Sadegh Farhang, Y. Hayel, Quanyan Zhu","doi":"10.1145/2766498.2774990","DOIUrl":"https://doi.org/10.1145/2766498.2774990","url":null,"abstract":"High data rates are essential for next-generation wireless networks to support a growing number of computing devices and networking services. Small cell base station (SCBS) (e.g., picocells, microcells, femtocells) technology is a cost-effective solution to address this issue. However, one challenging issue with the increasingly dense network is the need for a distributed and scalable access point association protocol. In addition, the reduced cell size makes it easy for an adversary to map out the geographical locations of the mobile users, and hence breaching their location privacy. To address these issues, we establish a game-theoretic framework to develop a privacy-preserving stable matching algorithm that captures the large scale and heterogeneity nature of 5G networks. We show that without the privacy-preserving mechanism, an attacker can infer the location of the users by observing wireless connections and the knowledge of physical-layer system parameters. The protocol presented in this work provides a decentralized differentially private association algorithm which guarantees privacy to a large number of users in the network. We evaluate our algorithm using case studies, and demonstrate the tradeoff between privacy and system-wide performance for different privacy requirements and a varying number of mobile users in the network. Our simulation results corroborate the result that the total number of mobile users should be lower than the overall network capacity to achieve desirable levels of privacy and QoS.","PeriodicalId":261845,"journal":{"name":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"128 48","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120820571","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Device-to-identity linking attack using targeted wi-fi geolocation spoofing 使用目标wi-fi地理位置欺骗的设备到身份链接攻击
Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2015-06-22 DOI: 10.1145/2766498.2766521
Célestin Matte, J. Achara, M. Cunche
{"title":"Device-to-identity linking attack using targeted wi-fi geolocation spoofing","authors":"Célestin Matte, J. Achara, M. Cunche","doi":"10.1145/2766498.2766521","DOIUrl":"https://doi.org/10.1145/2766498.2766521","url":null,"abstract":"Today, almost all mobile devices come equipped with Wi-Fi technology. Therefore, it is essential to thoroughly study the privacy risks associated with this technology. Recent works have shown that some Personally Identifiable Information (PII) can be obtained from the radio signals emitted by Wi-Fi equipped devices. However, most of the times, the identity of the subject of those pieces of information remains unknown and the Wi-Fi MAC address of the device is the only available identifier. In this paper, we show that it is possible for an attacker to get the identity of the subject. The attack presented in this paper leverages the geolocation information published on some geotagged services, such as Twitter, and exploits the fact that geolocation information obtained through Wi-Fi-based Positioning System (WPS) can be easily manipulated. We show that geolocation manipulation can be targeted to a single device, and in most cases, it is not necessary to jam real Wi-Fi access points (APs) to mount a successful attack on WPS.","PeriodicalId":261845,"journal":{"name":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121272611","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
SHIELD: a data verification framework for participatory sensing systems 盾:参与式传感系统的数据验证框架
Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2015-06-22 DOI: 10.1145/2766498.2766503
S. Gisdakis, Thanassis Giannetsos, Panos Papadimitratos
{"title":"SHIELD: a data verification framework for participatory sensing systems","authors":"S. Gisdakis, Thanassis Giannetsos, Panos Papadimitratos","doi":"10.1145/2766498.2766503","DOIUrl":"https://doi.org/10.1145/2766498.2766503","url":null,"abstract":"The openness of PS systems renders them vulnerable to malicious users that can pollute the measurement collection process, in an attempt to degrade the PS system data and, overall, its usefulness. Mitigating such adversarial behavior is hard. Cryptographic protection, authentication, authorization, and access control can help but they do not fully address the problem. Reports from faulty insiders (participants with credentials) can target the process intelligently, forcing the PS system to deviate from the actual sensed phenomenon. Filtering out those faulty reports is challenging, with practically no prior knowledge on the participants' trustworthiness, dynamically changing phenomena, and possibly large numbers of compromised devices. This paper proposes SHIELD, a novel data verification framework for PS systems that can complement any security architecture. SHIELD handles available, contradicting evidence, classifies efficiently incoming reports, and effectively separates and rejects those that are faulty. As a result, the deemed correct data can accurately represent the sensed phenomena, even when 45% of the reports are faulty, intelligently selected by coordinated adversaries and targeted optimally across the system's coverage area.","PeriodicalId":261845,"journal":{"name":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"28 16","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113971511","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 38
Study of compliance of Android location APIs with Geopriv Android定位api与Geopriv的兼容性研究
Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2015-06-22 DOI: 10.1145/2766498.2774989
Pradeep Podiyan, S. Butakov, P. Zavarsky
{"title":"Study of compliance of Android location APIs with Geopriv","authors":"Pradeep Podiyan, S. Butakov, P. Zavarsky","doi":"10.1145/2766498.2774989","DOIUrl":"https://doi.org/10.1145/2766498.2774989","url":null,"abstract":"This paper carefully examines the location APIs of Android OS as well as the Geopriv standard architecture to study measures that are being taken by Android OS to protect the location privacy of a user. Android offers various location APIs in its architecture for the app developers to work on location based services (LBS). The results of this evaluation will be compared with Geopriv standard architecture and its ways to enhance location information privacy on mobile platforms. The review of functionality of location APIs shows that Android has limited features such as Geofencing to have some extent of location privacy for a typical user. Only few of the recommendation in distribution segment of Geopriv with slightly different approach are similar to the protection mechanisms offered by location APIs in Android. The paper proposes general steps that can be taken to address location privacy issues on mobile devices.","PeriodicalId":261845,"journal":{"name":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130813201","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
DroidJust: automated functionality-aware privacy leakage analysis for Android applications DroidJust: Android应用程序的自动功能感知隐私泄露分析
Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2015-06-22 DOI: 10.1145/2766498.2766507
Xin Chen, Sencun Zhu
{"title":"DroidJust: automated functionality-aware privacy leakage analysis for Android applications","authors":"Xin Chen, Sencun Zhu","doi":"10.1145/2766498.2766507","DOIUrl":"https://doi.org/10.1145/2766498.2766507","url":null,"abstract":"Android applications (apps for short) can send out users' sensitive information against users' intention. Based on the stats from Genome and Mobile-Sandboxing, 55.8% and 59.7% Android malware families feature privacy leakage. Prior approaches to detecting privacy leakage on smartphones primarily focused on the discovery of sensitive information flows. However, Android apps also send out users' sensitive information for legitimate functions. Due to the fuzzy nature of the privacy leakage detection problem, we formulate it as a justification problem, which aims to justify if a sensitive information transmission in an app serves any purpose, either for intended functions of the app itself or for other related functions. This formulation makes the problem more distinct and objective, and therefore more feasible to solve than before. We propose DroidJust, an automated approach to justifying an app's sensitive information transmission by bridging the gap between the sensitive information transmission and application functions. We also implement a prototype of DroidJust and evaluate it with over 6000 Google Play apps and over 300 known malware collected from VirusTotal. Our experiments show that our tool can effectively and efficiently analyze Android apps w.r.t their sensitive information flows and functionalities, and can greatly assist in detecting privacy leakage.","PeriodicalId":261845,"journal":{"name":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"1128 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128798479","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 44
DroidEagle: seamless detection of visually similar Android apps DroidEagle:无缝检测视觉上相似的Android应用程序
Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2015-06-22 DOI: 10.1145/2766498.2766508
Mingshen Sun, Mengmeng Li, John C.S. Lui
{"title":"DroidEagle: seamless detection of visually similar Android apps","authors":"Mingshen Sun, Mengmeng Li, John C.S. Lui","doi":"10.1145/2766498.2766508","DOIUrl":"https://doi.org/10.1145/2766498.2766508","url":null,"abstract":"Repackaged malware and phishing malware consist 86% [35] of all Android malware, and they significantly affect the Android ecosystem. Previous work use disassembled Dalvik bytecode and hashing approaches to detect repackaged malware, but these approaches are vulnerable to obfuscation attacks and they demand large computational resources on mobile devices. In this work, we propose a novel methodology which uses the layout resources within an app to detect apps which are \"visually similar\", a common characteristic in repackaged apps and phishing malware. To detect visually similar apps, we design and implement DroidEagle which consists of two sub-systems: RepoEagle and HostEagle. RepoEagle is to perform large scale detection on apps repositories (e.g., apps markets), and HostEagle is a lightweight mobile app which can help users to quickly detect visually similar Android app upon download. We demonstrate the high accuracy and efficiency of DroidEagle: Within 3 hours RepoEagle can detect 1298 visually similar apps from 99 626 apps in a repository. In less than one second, HostEagle can help an Android user to determine whether a downloaded mobile app is a repackaged apps or a phishing malware. This is the first work which provides both speed and scalability in discovering repackaged apps and phishing malware in Android system.","PeriodicalId":261845,"journal":{"name":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121413142","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 69
AppWatcher: unveiling the underground market of trading mobile app reviews AppWatcher:揭示手机应用评论交易的地下市场
Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2015-06-22 DOI: 10.1145/2766498.2766510
Z. Xie, Sencun Zhu
{"title":"AppWatcher: unveiling the underground market of trading mobile app reviews","authors":"Z. Xie, Sencun Zhu","doi":"10.1145/2766498.2766510","DOIUrl":"https://doi.org/10.1145/2766498.2766510","url":null,"abstract":"Driven by huge monetary reward, some mobile application (app) developers turn to the underground market to buy positive reviews instead of doing legal advertisements. These promotion reviews are either directly posted in app stores like iTunes and Google Play, or published on some popular websites that have many app users. Until now, a clear understanding of this app promotion underground market is still lacking. In this work, we focus on unveiling this underground market and statistically analyzing the promotion incentives, characteristics of promoted apps and suspicious reviewers. To collect promoted apps, we built an automatic data collection system, AppWatcher, which monitored 52 paid review service providers for four months and crawled all the app metadata from their corresponding app stores. Finally, AppWatcher exposes 645 apps promoted in app stores and 29, 680 apps promoted in some popular websites. The current underground market is then reported from various perspectives (e.g., service price, app volume). We identified some interesting features of both promoted apps and suspicious reviewers, which are significantly different from those of randomly chosen apps. Finally, we built a simple tracer to narrow down the suspect list of promoted apps in the underground market.","PeriodicalId":261845,"journal":{"name":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129534755","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 47
A framework for evaluating pseudonym strategies in vehicular ad-hoc networks 车辆自组织网络中假名策略的评估框架
Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2015-06-22 DOI: 10.1145/2766498.2766520
David Förster, F. Kargl, Hans Löhr
{"title":"A framework for evaluating pseudonym strategies in vehicular ad-hoc networks","authors":"David Förster, F. Kargl, Hans Löhr","doi":"10.1145/2766498.2766520","DOIUrl":"https://doi.org/10.1145/2766498.2766520","url":null,"abstract":"The standard approach to privacy-friendly authentication in vehicular ad-hoc networks is the use of pseudonym certificates. The level of location privacy users can enjoy under the threat of an attacker depends on the attacker's coverage and strategy as well as on the users' strategy for changing their pseudonym certificates. With this paper, we propose a generic framework for evaluation and comparison of different pseudonym change strategies with respect to the privacy level they provide under the threat of a realistic, local, passive attacker. To illustrate the applicability of this framework, we propose a new tracking strategy that achieves unprecedented success in vehicle tracking and thus lowers the achievable location privacy significantly. We use this attacker as a means to evaluate different pseudonym change strategies and highlight the need for more research in this direction.","PeriodicalId":261845,"journal":{"name":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121430681","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Freedom of speech: thwarting jammers via a probabilistic approach 言论自由:通过概率方法挫败干扰者
Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2015-06-22 DOI: 10.1145/2766498.2766515
R. D. Pietro, G. Oligeri
{"title":"Freedom of speech: thwarting jammers via a probabilistic approach","authors":"R. D. Pietro, G. Oligeri","doi":"10.1145/2766498.2766515","DOIUrl":"https://doi.org/10.1145/2766498.2766515","url":null,"abstract":"In this paper, we introduce a lightweight, fully distributed, and probabilistic protocol---Freedom of Speech (FoS)---that assures the delivery of a message to be broadcast (to N nodes) notwithstanding the presence of a powerful jammer. FoS enjoys several features when compared to competing schemes: it requires each node to store just N symmetric pairwise keys; node joining and node eviction require just minimal intervention on the already operating nodes; and, it is highly efficient in terms of required computation and message exchange. We provide a thorough analysis on the number of communications required by FoS to broadcast a message. We show that FoS is comparable to the state of the art solution under a realistic scenario, while it enjoys unique properties such as an optimal network reconfiguration and low overhead as for both computation and storage Extensive simulations support our findings.","PeriodicalId":261845,"journal":{"name":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127820821","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Liveness verifications for citizen journalism videos 公民新闻视频的真实性验证
Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2015-06-22 DOI: 10.1145/2766498.2766502
Mahmudur Rahman, Mozhgan Azimpourkivi, Umut Topkara, Bogdan Carbunar
{"title":"Liveness verifications for citizen journalism videos","authors":"Mahmudur Rahman, Mozhgan Azimpourkivi, Umut Topkara, Bogdan Carbunar","doi":"10.1145/2766498.2766502","DOIUrl":"https://doi.org/10.1145/2766498.2766502","url":null,"abstract":"Citizen journalism videos increasingly complement or even replace the professional news coverage through direct reporting by event witnesses. This raises questions of the integrity and credibility of such videos. We introduce Vamos, the first user transparent video \"liveness\" verification solution based on video motion, that can be integrated into any mobile video capture application without requiring special user training. Vamos' algorithm not only accommodates the full range of camera movements, but also supports videos of arbitrary length. We develop strong attacks both by utilizing fully automated attackers and by employing trained human experts for creating fraudulent videos to thwart mobile video verification systems. We introduce the concept of video motion categories to annotate the camera and user motion characteristics of arbitrary videos. We share motion annotations of YouTube citizen journalism videos and of free-form video samples that we collected through a user study. We observe that the performance of Vamos differs across video motion categories. We report the expected performance of Vamos on the real citizen journalism video chunks, by projecting on the distribution of categories. Even though Vamos is based on motion, we observe a surprising and seemingly counter-intuitive resilience against attacks performed on relatively \"static\" video chunks, which turn out to contain hard-to-imitate involuntary movements. We show that the accuracy of Vamos on the task of verifying whole length videos exceeds 93% against the new attacks.","PeriodicalId":261845,"journal":{"name":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133406786","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信