发布求助
文献互助 智能选刊 最新文献

Proceedings of the 13th Workshop on Privacy in the Electronic Society最新文献

筛选
英文 中文
Privacy Detective: Detecting Private Information and Collective Privacy Behavior in a Large Social Network 隐私侦探:大型社交网络中隐私信息和集体隐私行为的检测
Proceedings of the 13th Workshop on Privacy in the Electronic Society Pub Date : 2014-11-03 DOI: 10.1145/2665943.2665958
Aylin Caliskan, J. Walsh, R. Greenstadt
{"title":"Privacy Detective: Detecting Private Information and Collective Privacy Behavior in a Large Social Network","authors":"Aylin Caliskan, J. Walsh, R. Greenstadt","doi":"10.1145/2665943.2665958","DOIUrl":"https://doi.org/10.1145/2665943.2665958","url":null,"abstract":"Detecting the presence and amount of private information being shared in online media is the first step towards analyzing information revealing habits of users in social networks and a useful method for researchers to study aggregate privacy behavior. In this work, we aim to find out if text contains private content by using our novel learning based approach `privacy detective' that combines topic modeling, named entity recognition, privacy ontology, sentiment analysis, and text normalization to represent privacy features. Privacy detective investigates a broader range of privacy concerns compared to previous approaches that focus on keyword searching or profile related properties. We collected 500,000 tweets from 100,000 Twitter users along with other information such as tweet linkages and follower relationships. We reach 95.45% accuracy in a two-class task classifying Twitter users who do not reveal much private information and Twitter users who share sensitive information. We score timelines according to three privacy levels after having Amazon Mechanical Turk (AMT) workers annotate collected tweets according to privacy categories. Supervised machine learning classification results on these annotations reach 69.63% accuracy on a three-class task. Inter-annotator agreement on timeline privacy scores between various AMT workers and our classifiers fall under the same positive agreement level. Additionally, we show that a user's privacy level is correlated with her friends' privacy scores and also with the privacy scores of people mentioned in her text but not with the number of her followers. As such, privacy in social networks appear to be socially constructed, which can have great implications for privacy enhancing technologies and educational interventions.","PeriodicalId":408627,"journal":{"name":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124783611","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 81
Adaptive Conflict Resolution Mechanism for Multi-party Privacy Management in Social Media 社交媒体中多方隐私管理的自适应冲突解决机制
Proceedings of the 13th Workshop on Privacy in the Electronic Society Pub Date : 2014-11-03 DOI: 10.1145/2665943.2665964
J. Such, N. Criado
{"title":"Adaptive Conflict Resolution Mechanism for Multi-party Privacy Management in Social Media","authors":"J. Such, N. Criado","doi":"10.1145/2665943.2665964","DOIUrl":"https://doi.org/10.1145/2665943.2665964","url":null,"abstract":"The lack of multi-party privacy management support in current mainstream Social Media infrastructures makes users unable to appropriately control to whom co-owned items are shared. Computational mechanisms that are able to merge the privacy preferences of multiple users into a single policy for these kind of items can help solve this problem. As privacy preferences may conflict, these mechanisms need to consider how users' would actually reach an agreement in order to propose acceptable solutions to the conflicts. We propose the first computational mechanism to resolve conflicts for multi-party privacy management in Social Media that adapts to different situations that may motivate different users' concessions and agreements.","PeriodicalId":408627,"journal":{"name":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","volume":"385 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126035569","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
What Deters Jane from Preventing Identification and Tracking on the Web? 是什么阻止了简在网络上阻止身份识别和跟踪?
Proceedings of the 13th Workshop on Privacy in the Electronic Society Pub Date : 2014-11-03 DOI: 10.1145/2665943.2665963
Fatemeh Shirazi, M. Volkamer
{"title":"What Deters Jane from Preventing Identification and Tracking on the Web?","authors":"Fatemeh Shirazi, M. Volkamer","doi":"10.1145/2665943.2665963","DOIUrl":"https://doi.org/10.1145/2665943.2665963","url":null,"abstract":"Recent revelations about surveillance by several institutions and de-identification can be expected to have increased public awareness of identification- and tracking-related privacy threats. It is reasonable to expect that the general public has started using corresponding privacy protection mechanisms. Our goal with this research was to determine whether they actually do this. If not, we wanted to explore possible explanations for not uptaken such privacy-protecting countermeasures. We interviewed 20 (mainly lay) people and found that our interviewees did not proactively try to prevent being identified and tracked. We identified seven different types of explanations. Including a number of misconceptions which might explain this puzzling level of apathy. The participants demonstrated confusion between different kinds of sensitive data; and displayed a confusion between the semantics of `privacy' and `security'. The findings also indicate that security being compromised, resulting in losing money for example, is more concrete and more easily brought to mind than privacy-related problems. In terms of the consequences of surveillance, the most commonly cited outcome is the receipt of personalized advertisements, which many consider beneficial. Potentially negative impacts of identification and tracking is often assumed to not occur to them. Our interviews also pointed out a gap between passive and active knowledge about identification and tracking techniques, their impact on privacy and countermeasures against them.","PeriodicalId":408627,"journal":{"name":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126169393","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
Privacy-Preserving Whole Genome Sequence Processing through Proxy-Aided ORAM 基于代理辅助ORAM的隐私保护全基因组序列处理
Proceedings of the 13th Workshop on Privacy in the Electronic Society Pub Date : 2014-11-03 DOI: 10.1145/2665943.2665962
Nikolaos P. Karvelas, Andreas Peter, S. Katzenbeisser, Erik Tews, K. Hamacher
{"title":"Privacy-Preserving Whole Genome Sequence Processing through Proxy-Aided ORAM","authors":"Nikolaos P. Karvelas, Andreas Peter, S. Katzenbeisser, Erik Tews, K. Hamacher","doi":"10.1145/2665943.2665962","DOIUrl":"https://doi.org/10.1145/2665943.2665962","url":null,"abstract":"Widespread use and low prices of genomic sequencing bring us into the area of personalized medicine and biostatistics of large cohorts. As the processed genomic data is highly sensitive, Privacy-Enhancing Technologies for genomic data need to be developed. In this work, we present a novel and flexible mechanism for the private processing of whole genomic sequences which is flexible enough to support any query. The basic underlying idea is to store DNA in several small encrypted blocks, use ORAM mechanisms to access the desired blocks in an oblivious manner, and finally run secure two-party protocols to privately compute the desired functionality on the retrieved encrypted blocks. Our construction keeps all sensitive information hidden and reveals only the end result to the legitimate party. Our main technical contribution is the design of a new ORAM that allows for access rights delegation while not requiring the data owner to be online to reshuffle the database. We validate the practicability of our approach through experimental studies.","PeriodicalId":408627,"journal":{"name":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122124269","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 35
Pretty Bad Privacy: Pitfalls of DNS Encryption 相当糟糕的隐私:DNS加密的陷阱
Proceedings of the 13th Workshop on Privacy in the Electronic Society Pub Date : 2014-11-03 DOI: 10.1145/2665943.2665959
Haya Schulmann
{"title":"Pretty Bad Privacy: Pitfalls of DNS Encryption","authors":"Haya Schulmann","doi":"10.1145/2665943.2665959","DOIUrl":"https://doi.org/10.1145/2665943.2665959","url":null,"abstract":"As awareness for privacy of Domain Name System (DNS) is increasing, a number of mechanisms for encryption of DNS packets were proposed. We study the prominent defences, focusing on the privacy guarantees, interoperability with the DNS infrastructure, and the efficiency overhead. In particular: •We explore dependencies in DNS and show techniques that utilise side channel leaks, due to transitive trust, allowing to infer information about the target domain in an encrypted DNS packet. •We examine common DNS servers configurations and show that the proposals are expected to encounter deployment obstacles with (at least) 38% of 50K-top Alexa domains and (at least) 12% of the top-level domains (TLDs), and will disrupt the DNS functionality and availability for clients. •We show that due to the non-interoperability with the caches, the proposals for end-to-end encryption may have a prohibitive traffic overhead on the name servers. Our work indicates that further study may be required to adjust the proposals to stand up to their security guarantees, and to make them suitable for the common servers' configurations in the DNS infrastructure. Our study is based on collection and analysis of the DNS traffic of 50K-top Alexa domains and 568 TLDs.","PeriodicalId":408627,"journal":{"name":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","volume":"205 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132976782","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 43
Privacy-PAC: Privacy-Enhanced Physical Access Control Privacy-PAC:隐私增强物理访问控制
Proceedings of the 13th Workshop on Privacy in the Electronic Society Pub Date : 2014-11-03 DOI: 10.1145/2665943.2665969
J. Hajny, Petr Dzurenda, L. Malina
{"title":"Privacy-PAC: Privacy-Enhanced Physical Access Control","authors":"J. Hajny, Petr Dzurenda, L. Malina","doi":"10.1145/2665943.2665969","DOIUrl":"https://doi.org/10.1145/2665943.2665969","url":null,"abstract":"The cryptographic privacy-enhancing technologies were originally designed to improve the privacy and digital identity protection in electronic applications, such as cloud services, private Internet databases or communication systems. However, the access to buildings can be controlled in a privacy-respecting way too. In this paper, we introduce the privacy-enhanced physical access control system (Privacy-PAC) based on cryptographic attribute-based authentication protocols. Using the Privacy-PAC, it is possible to control the physical access to restricted areas while respecting the privacy of users. Besides the cryptographic design, we also describe the implementation results on the platforms of smart phones and an embedded verification terminal.","PeriodicalId":408627,"journal":{"name":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130034963","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Glove: A Bespoke Website Fingerprinting Defense 手套:一个定制的网站指纹防御
Proceedings of the 13th Workshop on Privacy in the Electronic Society Pub Date : 2014-11-03 DOI: 10.1145/2665943.2665950
Rishab Nithyanand, Xiang Cai, Rob Johnson
{"title":"Glove: A Bespoke Website Fingerprinting Defense","authors":"Rishab Nithyanand, Xiang Cai, Rob Johnson","doi":"10.1145/2665943.2665950","DOIUrl":"https://doi.org/10.1145/2665943.2665950","url":null,"abstract":"Website fingerprinting attacks have recently emerged as a serious threat against web browsing privacy mechanisms, such as SSL, Tor, and encrypting tunnels. Researchers have proposed numerous attacks and defenses, and the Tor project currently includes both network- and browser-level defenses against these attacks, but published defenses have high overhead, poor security, or both. In this paper we present preliminary results of {Glove}, a new SSH based defense. Glove is based on the observation that current defenses are expensive not because website traces are different, but because the defense, operating blindly, does not know how to add cover traffic and therefore, puts it everywhere. Instead, Glove uses existing knowledge of a websites traces to add cover traffic conservatively while maintaining high levels of security. Further, Glove satisfies the information theoretic definitions of security defined in prior work -- i.e., it is resistant to any fingerprinting adversary. Our simulations show that Glove performs better than all currently proposed SSH based defenses in terms of the security-overhead trade-off.","PeriodicalId":408627,"journal":{"name":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117337627","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 80
CS-BuFLO: A Congestion Sensitive Website Fingerprinting Defense CS-BuFLO:一个对拥塞敏感的网站指纹防御
Proceedings of the 13th Workshop on Privacy in the Electronic Society Pub Date : 2014-11-03 DOI: 10.1145/2665943.2665949
Xiang Cai, Rishab Nithyanand, Rob Johnson
{"title":"CS-BuFLO: A Congestion Sensitive Website Fingerprinting Defense","authors":"Xiang Cai, Rishab Nithyanand, Rob Johnson","doi":"10.1145/2665943.2665949","DOIUrl":"https://doi.org/10.1145/2665943.2665949","url":null,"abstract":"Website fingerprinting attacks enable an adversary to infer which website a victim is visiting, even if the victim uses an encrypting proxy, such as Tor. Previous work has shown that all proposed defenses against website fingerprinting attacks are ineffective. This paper advances the study of website fingerprinting defenses by first laying out the complete specifications of the CS-BuFlo scheme outlined by Cai, et al. CS-BuFlo, which is based on the BuFlo defense proposed by Dyer, et al., was not fully-specified by Cai, et al, but has nonetheless attracted the attention of the Tor developers. Next, a full working implementation of CS-BuFlo is provided. Finally, a thorough evaluation of CS-BuFlo is performed using empirical data (rather than data from simulations). Our experiments find that CS-BuFlo has high overhead (around 2.3-2.8x) but can get 6times closer to the bandwidth/security trade-off lower bound than Tor or SSH.","PeriodicalId":408627,"journal":{"name":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132570567","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 149
Secure Evaluation Protocol for Personalized Medicine 个性化医疗安全评估协议
Proceedings of the 13th Workshop on Privacy in the Electronic Society Pub Date : 2014-11-03 DOI: 10.1145/2665943.2665967
Mentari Djatmiko, Arik Friedman, R. Boreli, Felix Lawrence, Brian Thorne, Stephen Hardy
{"title":"Secure Evaluation Protocol for Personalized Medicine","authors":"Mentari Djatmiko, Arik Friedman, R. Boreli, Felix Lawrence, Brian Thorne, Stephen Hardy","doi":"10.1145/2665943.2665967","DOIUrl":"https://doi.org/10.1145/2665943.2665967","url":null,"abstract":"The increasing availability and use of genome data for applications like personalized medicine have created opportunities for the improved diagnosis and treatment of various medical conditions. However, it has a potential to be used for discrimination, thereby presenting a set of serious challenges in privacy and security. We propose a secure evaluation algorithm to compute genomic tests that are based on a linear combination of genome data values (we use the Warfarin dosing algorithm as a representative example). Our proposal relies on a combination of partially homomorphic Paillier encryption and private information retrieval. We implement a prototype system that includes the Paillier encryption part of our protocol. Our initial evaluation demonstrates a good potential for real time use in a physician-patient scenario, with a response time of around 200ms in a Wi-Fi communications environment.","PeriodicalId":408627,"journal":{"name":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134427484","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
ProfileGuard: Privacy Preserving Obfuscation for Mobile User Profiles ProfileGuard:隐私保护混淆的移动用户配置文件
Proceedings of the 13th Workshop on Privacy in the Electronic Society Pub Date : 2014-11-03 DOI: 10.1145/2665943.2665961
Imdad Ullah, R. Boreli, S. Kanhere, Sanjay Chawla
{"title":"ProfileGuard: Privacy Preserving Obfuscation for Mobile User Profiles","authors":"Imdad Ullah, R. Boreli, S. Kanhere, Sanjay Chawla","doi":"10.1145/2665943.2665961","DOIUrl":"https://doi.org/10.1145/2665943.2665961","url":null,"abstract":"Analytics companies have become an integral part of the mobile advertising industry, enabling successful user targeting via user profiles, derived from the mobile apps installed by specific users. This poses a threat to privacy of such users, when apps indicating sensitive information, e.g., a gaming app showing a gambling problem, are the basis for profiling. In this paper, we propose a ProfileGuard, novel app-based obfuscation mechanism to remove the dominance (prevalence amongst the interest categories present in a user profile) of selected private user profile interest categories. We show, based on extensive experimental evaluation using 2700 Android apps during a 9 month test campaign, that the best trade-off between the level of effort required by the obfuscating system and the resulting privacy protection can be achieved by choosing the obfuscating apps based on similarity with user's existing apps (while ensuring that the selected apps belong to a non-private category). We implement a POC ProfileGuard app to demonstrate the feasibility of an automated obfuscation mechanism. We also provide insights into the broad Google AdMob profiling rules, showing that there is a deterministic mapping of individual apps to profile interests, that profiles based on multiple apps represent a union of individual app profiles and that there is a minimum level of activity necessary for AdMob to build a stable user profile. Finally, we show the resulting effect of obfuscation on the received ads, demonstrating that modifying user profiles to include a richer set of interests results in correspondingly more diverse received ads.","PeriodicalId":408627,"journal":{"name":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133593559","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信