There is a great concern about the potential for people to leak private information on social networks. There are many anecdotal examples of this, but few quantitative studies. This research explores the activity of sharing mobile numbers on OSNs, in particular via public posts. In this work, we understand the characteristics and risks of mobile numbers sharing behaviour on OSNs either via profile or public posts and focus on Indian mobile numbers. We collected 76,347 unique mobile numbers posted by 85,905 users on Twitter and Facebook and analyzed 2,997 numbers, prefixed with +91. We observed that most users shared their own mobile numbers to spread urgent information; and to market products, IT facilities and escort business. Fewer females users shared mobile numbers on Online Social Networks. Users utilized other social networking platforms and third party applications like Twitterfeed and TweetDeck, to post mobile numbers on multiple OSNs. In contradiction to the user's perception of numbers spreading quickly on OSN, we observed that except for emergency, most numbers did not diffuse deep. To assess risks associated with mobile numbers exposed on OSNs, we used numbers to gain sensitive information about their owners (e.g. name, Voter ID) by collating publicly available data from OSNs, Truecaller, Open government data repository (OCEAN). On using the numbers on WhatApp, we obtained a myriad of sensitive details (relationship status, BBM pins, travel plans) of the mobile number owner. We communicated the observed risks to the owners by calling them on their mobile number. Few users were surprised to know about the online presence of their number, while few users intentionally posted it online for business purposes [http://precog.iiitd.edu.in/Publications_files/cosn039s-jain.pdf]. We observed that 38.3% of users who were unaware of the online presence of their number have posted their number themselves on the social network. With these observations, we highlight that there is a need to monitor leakage of mobile numbers via profile and public posts. To the best of our knowledge, this is the first exploratory study to critically investigate the exposure of Indian mobile numbers on OSNs.
Full Report: http://arxiv.org/abs/1312.3441
Smartphone's usage and their applications become
popular in our society, nowadays. One of the most influential
applications in our social life is the instant messaging application.
LINE messenger is one of the popular instant messaging
applications around Asian country. LINE has about 60 – 70
percent active users per month from 144 million accounts in
Japan, Taiwan, Thailand, and Indonesia. Like most other instant
messengers, LINE services are able to keep their user's personal
files such as text chats, pictures or photos, and video. These files
have the valuables and specific information about the user. In the
law enforcement, this kind of information can be an authentic
evidence to solve crime cases. In this paper will show the ability
of a forensic tool in acquisition digital evidence on Android
device. The work is separated into two tests, the application
analysis acquisition, and full content acquisition. The digital
evidence also has been identified, such as text chats, pictures, the
name of the sender and the recipient, and the chat time
(timestamp).
Retrieving Hidden Friends a Collusion Privacy Attack against Online Friend Se...ijtsrd
Online Social Networks OSNs are providing a diversity of application for human users to network through families, friends and even strangers. One of such application, friend search engine, allows the universal public to inquiry individual client friend lists and has been gaining popularity recently. Proper design, this application may incorrectly disclose client private relationship information. Existing work has a privacy perpetuation clarification that can effectively boost OSNs' sociability while protecting users' friendship privacy against attacks launched by individual malicious requestors. In this project proposed an advanced collusion attack, where a victim user's friendship privacy can be compromise from side to side a series of cautiously designed queries coordinately launched by multiple malicious requestors. The result of the proposed collusion attack is validate through synthetic and real world social network data sets. The project on the advanced collusion attacks will help us design a more vigorous and securer friend search engine on OSNs in the near future. R. Brintha | H. Parveen Bagum "Retrieving Hidden Friends a Collusion Privacy Attack against Online Friend Search Engine" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-4 , June 2020, URL: https://www.ijtsrd.com/papers/ijtsrd31687.pdf Paper Url :https://www.ijtsrd.com/computer-science/world-wide-web/31687/retrieving-hidden-friends-a-collusion-privacy-attack-against-online-friend-search-engine/r-brintha
Using Geographical Location as an Authentication Factor to Enhance mCommerce ...CSCJournals
Smartphones are increasingly used to perform mCommerce applications whilst on the move. 50% of all Smartphone owners in the U.S. used their Smartphone for banking transactions in the first quarter of 2011. This is an increase of nearly 100% compared to the year before. Current techniques used to remotely authenticate the client to the service provider in an mCommerce application are based on “static” authentication factors like passwords or tokens. The fact that the client is on the move, whilst using these mCommerce applications is not considered or used to enhance the authentication security. This paper is concerned with including client’s geographical location as an important authentication factor to enhance security of mCommerce applications, especially those requiring robust client authentication. Techniques to integrate location as an authentication factor as well as techniques to generation location-based cryptographic keys are reviewed and discussed. This paper further outlines restrictions of location as an authentication factor and gives recommendations about correct usage of client’s location information for mCommerce application’s authentication on Smartphones.
A Study of the Mobile Phone Impact on Under Graduate Students Based on Statis...ijtsrd
Now a days mobile phones have become an indispensable tool as communication plays a key role in all the aspects of life. It has become an essential accessory carried by everybody not only because they make it easy to keep in touch with people but because of the various facilities they offer especially the internet. The charm of mobile phone is more among young generation and the increasing use may result in dependence. Aim was to study the usage pattern and dependence of mobile phones among college students. A cross sectional study conducted among 200 UG students and studied the pattern of usage of mobile phones, common problems encountered and its dependence using a questionnaire. Using Statistical tools we anyalised the data and our study shows Samsung mobile brand is more popular among the studens and they are mostly preferred the Idea’ Sim card company students. The proportion of students in urban area are spend maximum time as compared to rural area for use of mobile phone, mostly students use mobile phones for calling and Internet. Prakash S. Chougule | Suresh T. Salunkhe | Suresh V. Patil | Prathmesh P. Jadhav "A Study of the Mobile Phone Impact on Under Graduate Students Based on Statistical Tools" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-2 , February 2021, URL: https://www.ijtsrd.com/papers/ijtsrd38570.pdf Paper Url: https://www.ijtsrd.com/other-scientific-research-area/applied-mathamatics/38570/a-study-of-the-mobile-phone-impact-on-under-graduate-students-based-on-statistical-tools/prakash-s-chougule
Smart detection of offensive words in social media using the soundex algorith...IJECEIAES
Offensive posts in the social media that are inappropriate for a specific age, level of maturity, or impression are quite often destined more to unadult than adult participants. Nowadays, the growth in the number of the masked offensive words in the social media is one of the ethically challenging problems. Thus, there has been growing interest in development of methods that can automatically detect posts with such words. This study aimed at developing a method that can detect the masked offensive words in which partial alteration of the word may trick the conventional monitoring systems when being posted on social media. The proposed method progresses in a series of phases that can be broken down into a pre-processing phase, which includes filtering, tokenization, and stemming; offensive word extraction phase, which relies on using the soundex algorithm and permuterm index; and a post-processing phase that classifies the users’ posts in order to highlight the offensive content. Accordingly, the method detects the masked offensive words in the written text, thus forbidding certain types of offensive words from being published. Results of evaluation of performance of the proposed method indicate a 99% accuracy of detection of offensive words.
Smartphone's usage and their applications become
popular in our society, nowadays. One of the most influential
applications in our social life is the instant messaging application.
LINE messenger is one of the popular instant messaging
applications around Asian country. LINE has about 60 – 70
percent active users per month from 144 million accounts in
Japan, Taiwan, Thailand, and Indonesia. Like most other instant
messengers, LINE services are able to keep their user's personal
files such as text chats, pictures or photos, and video. These files
have the valuables and specific information about the user. In the
law enforcement, this kind of information can be an authentic
evidence to solve crime cases. In this paper will show the ability
of a forensic tool in acquisition digital evidence on Android
device. The work is separated into two tests, the application
analysis acquisition, and full content acquisition. The digital
evidence also has been identified, such as text chats, pictures, the
name of the sender and the recipient, and the chat time
(timestamp).
Retrieving Hidden Friends a Collusion Privacy Attack against Online Friend Se...ijtsrd
Online Social Networks OSNs are providing a diversity of application for human users to network through families, friends and even strangers. One of such application, friend search engine, allows the universal public to inquiry individual client friend lists and has been gaining popularity recently. Proper design, this application may incorrectly disclose client private relationship information. Existing work has a privacy perpetuation clarification that can effectively boost OSNs' sociability while protecting users' friendship privacy against attacks launched by individual malicious requestors. In this project proposed an advanced collusion attack, where a victim user's friendship privacy can be compromise from side to side a series of cautiously designed queries coordinately launched by multiple malicious requestors. The result of the proposed collusion attack is validate through synthetic and real world social network data sets. The project on the advanced collusion attacks will help us design a more vigorous and securer friend search engine on OSNs in the near future. R. Brintha | H. Parveen Bagum "Retrieving Hidden Friends a Collusion Privacy Attack against Online Friend Search Engine" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-4 , June 2020, URL: https://www.ijtsrd.com/papers/ijtsrd31687.pdf Paper Url :https://www.ijtsrd.com/computer-science/world-wide-web/31687/retrieving-hidden-friends-a-collusion-privacy-attack-against-online-friend-search-engine/r-brintha
Using Geographical Location as an Authentication Factor to Enhance mCommerce ...CSCJournals
Smartphones are increasingly used to perform mCommerce applications whilst on the move. 50% of all Smartphone owners in the U.S. used their Smartphone for banking transactions in the first quarter of 2011. This is an increase of nearly 100% compared to the year before. Current techniques used to remotely authenticate the client to the service provider in an mCommerce application are based on “static” authentication factors like passwords or tokens. The fact that the client is on the move, whilst using these mCommerce applications is not considered or used to enhance the authentication security. This paper is concerned with including client’s geographical location as an important authentication factor to enhance security of mCommerce applications, especially those requiring robust client authentication. Techniques to integrate location as an authentication factor as well as techniques to generation location-based cryptographic keys are reviewed and discussed. This paper further outlines restrictions of location as an authentication factor and gives recommendations about correct usage of client’s location information for mCommerce application’s authentication on Smartphones.
A Study of the Mobile Phone Impact on Under Graduate Students Based on Statis...ijtsrd
Now a days mobile phones have become an indispensable tool as communication plays a key role in all the aspects of life. It has become an essential accessory carried by everybody not only because they make it easy to keep in touch with people but because of the various facilities they offer especially the internet. The charm of mobile phone is more among young generation and the increasing use may result in dependence. Aim was to study the usage pattern and dependence of mobile phones among college students. A cross sectional study conducted among 200 UG students and studied the pattern of usage of mobile phones, common problems encountered and its dependence using a questionnaire. Using Statistical tools we anyalised the data and our study shows Samsung mobile brand is more popular among the studens and they are mostly preferred the Idea’ Sim card company students. The proportion of students in urban area are spend maximum time as compared to rural area for use of mobile phone, mostly students use mobile phones for calling and Internet. Prakash S. Chougule | Suresh T. Salunkhe | Suresh V. Patil | Prathmesh P. Jadhav "A Study of the Mobile Phone Impact on Under Graduate Students Based on Statistical Tools" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-2 , February 2021, URL: https://www.ijtsrd.com/papers/ijtsrd38570.pdf Paper Url: https://www.ijtsrd.com/other-scientific-research-area/applied-mathamatics/38570/a-study-of-the-mobile-phone-impact-on-under-graduate-students-based-on-statistical-tools/prakash-s-chougule
Smart detection of offensive words in social media using the soundex algorith...IJECEIAES
Offensive posts in the social media that are inappropriate for a specific age, level of maturity, or impression are quite often destined more to unadult than adult participants. Nowadays, the growth in the number of the masked offensive words in the social media is one of the ethically challenging problems. Thus, there has been growing interest in development of methods that can automatically detect posts with such words. This study aimed at developing a method that can detect the masked offensive words in which partial alteration of the word may trick the conventional monitoring systems when being posted on social media. The proposed method progresses in a series of phases that can be broken down into a pre-processing phase, which includes filtering, tokenization, and stemming; offensive word extraction phase, which relies on using the soundex algorithm and permuterm index; and a post-processing phase that classifies the users’ posts in order to highlight the offensive content. Accordingly, the method detects the masked offensive words in the written text, thus forbidding certain types of offensive words from being published. Results of evaluation of performance of the proposed method indicate a 99% accuracy of detection of offensive words.
PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEYIJNSA Journal
Email is a channel of communication which is considered to be a confidential medium of communication for exchange of information among individuals and organisations. The confidentiality consideration about e-mail is no longer the case as attackers send malicious emails to users to deceive them into disclosing their private personal information such as username, password, and bank card details, etc. In search of a solution to combat phishing cybercrime attacks, different approaches have been developed. However, the traditional exiting solutions have been limited in assisting email users to identify phishing emails from legitimate ones. This paper reveals the different email and website phishing solutions in phishing attack detection. It first provides a literature analysis of different existing phishing mitigation approaches. It then provides a discussion on the limitations of the techniques, before concluding with an explorationin to how phishing detection can be improved.
Social network has become so popular with overwhelming high rate of growth, due to this popularity the online social networks is facing the issues of spamming, which has leads to unsubstantial economic loss to this menace of spam and spammers activities. It has leads to uncontrollable dissemination of viruses and malwares, promotional ads, phishing, and scams. spam activities has enter a new dangerous dimension, the spammers have step up their games and tactics online social networks, it consumes large amounts of network bandwidth leading to less revenue and significant economic loss to both private and public sectors. From the previous scholars work on spammer classification taxonomy, various machine learning techniques have been extensively used to detect spam activities and spammers in online social networks. There are various classifier that are learn over content-based features extracted from the user's interactions and profiles to label them as spam/spammers or legitimate. But recently, new network structural bench mark features have been proposed for spammer detection task, but their importance using structural bench mark learning methods has not been extensively evaluated yet. In this research work, we evaluate the the metric performance of some structural bench mark learning methods using scientific and strategic approach based attributes extracted from an interaction network for the task of spammer detection in online social network.
Worldwide, a large number of people interact with each other by means of online chatting. There has been a significant rise in the number of platforms, both social and professional, such as WhatsApp, Facebook, and Twitter, which allow people to share their experiences, views and knowledge with others. Sadly
enough, with online communication getting embedded into our daily communication, incivility and misbehaviour has taken on many nuances from professional misbehaviour to professional decay. Generally flaming starts with the exchange of rude messages and comments, which in turn triggers to higher scale of flaming. To prevent online communication from getting downgraded, it is essential to keep away the hostile users from communication platforms. This paper presents a Security Detection Model and a tool which checks and prevents online flaming. It detects the presence of flaming while chatting or posting blogs, and censors swear words as well as blocks the users from flaming.
Truecaller helps you find a person behind an unknown number. Report and block spam calls. Everything from just a single app. Truecaller is one of the most innovative app a smartphone can ever have!
This presentation was presented at Droidcon Stockholm 2015:
Synopsis:
We are all living in the age of data and we should make our decisions according to the data collected. Every user who downloaded our app is unique and valuable for this reason we should know him/her better in order to improve his/her live and provide a 5 star user experience.
In this talk we will discuss data driven development approach at Truecaller. We’ll dive into product metrics and analytics as well as tools and techniques, see how collecting and reading data in the right way can help you to improve your product, engage users and increase monetization.
This presentation aims to create awareness of the value of data driven development and provides some tips for starting to take advantage of it. Everyone involved in the mobile application world could find it interesting, from indie-developers to product owners of B2B and SaaS projects.
Presented by:
Sergio Cucinella
Dmitry Avchukhov
How Qatar uses WhatsApp, Snapchat and other social mediaMOTC Qatar
Insights from a new study into how people in Qatar use social media. Produced by ictQATAR's Rassed team the research looks not just what social media people in Qatar use, but also how and why they use it.
Produced in partnership with Ipsos Qatar, the study features conclusions from interviews conducted with 1,000 residents (500 Qataris and 500 non-Qataris) during September-October 2014.
Covering eight different social media services - ranging from older more established networks like Facebook, Instagram and Twitter to newer entrants like Snapchat, WhatsApp and Path – the study provides unique insights into how Qatar uses social media at the end of 2014.
Project report on 'customer satisfaction towards whatsapp'Chirag Patel
marketing research on "WhatsApp Inc." for general understanding of the marketing research. However in particular my emphasis was on to fulfill the objective of research and to find out and to explore the analyses of primary data.
This Project Report is to measure the Satisfaction level of WhatsApp Messenger; customer satisfaction is a measure of how products and services supplied by a company meet customer expectation. Customer satisfaction is critical if a company is to register high sales profits.
Deterring Sybil Attack in Online Communication System via Peer-to-peer Audio ...Eswar Publications
In recent time the use of communication gadgets (mobile phones, laptop, desktop etc.) and service for online communication between two parties over a long distance has become sine-qua-non. Some criminal minded people are using this online communication method to deceive their prey via proxy communication where individual claiming to be discussing is not really the one. In this paper, we focus on prevention of identity impersonation attacks in an Online Communication System. Peer-peer Audio Visual Communication System is design to enhance security through online communication system by revealing the identity of the communicators and records the communication if necessary. Embedded application system was design for mobile and desktop devices for audio
visual charting using modern IT devices.
Smartphone Forensic Investigation Process ModelCSCJournals
Law practitioners are in an uninterrupted battle with criminals in the application of computer/digital technologies, and these days the advancement in the use of Smartphones and social media has exponentially increased this risk. Thus it requires the development of a sound methodology to investigate Smartphones in a well defined and secured way. Computer fraud and digital crimes are growing rapidly and only very few cases result in confidence. Nowadays Smartphones accounts for the major portion as a source of digital criminal evidence. This paper tries to enlighten the development of the digital forensics process model for Smartphones, compares digital forensic methodologies, and finally proposes a systematic Smartphone forensic investigation process model. This model adapt most of the previous methodologies with rectifying shortcomings and proposes few more steps which are necessary to be considered to move with the advancement in technology. This paper present an overview of previous forensic strategies and the difficulties now being faced by the particular domain. The proposed model explores the different processes involved in the forensic investigation of a Smartphone in the form of an fourteen- stage model. The Smartphone forensic investigation process model (SPFIPM) has been developed with the aim of guiding the a effective way to investigate a Smartphone with more area of finding the potential evidence.
Paper presented at the International Conference on Using ICT, Social Media and Mobile Technologies to Foster Self-Organisation in Urban and Neighbourhood Governance. Delft, Netherlands. 16 May 2013
PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEYIJNSA Journal
Email is a channel of communication which is considered to be a confidential medium of communication for exchange of information among individuals and organisations. The confidentiality consideration about e-mail is no longer the case as attackers send malicious emails to users to deceive them into disclosing their private personal information such as username, password, and bank card details, etc. In search of a solution to combat phishing cybercrime attacks, different approaches have been developed. However, the traditional exiting solutions have been limited in assisting email users to identify phishing emails from legitimate ones. This paper reveals the different email and website phishing solutions in phishing attack detection. It first provides a literature analysis of different existing phishing mitigation approaches. It then provides a discussion on the limitations of the techniques, before concluding with an explorationin to how phishing detection can be improved.
Social network has become so popular with overwhelming high rate of growth, due to this popularity the online social networks is facing the issues of spamming, which has leads to unsubstantial economic loss to this menace of spam and spammers activities. It has leads to uncontrollable dissemination of viruses and malwares, promotional ads, phishing, and scams. spam activities has enter a new dangerous dimension, the spammers have step up their games and tactics online social networks, it consumes large amounts of network bandwidth leading to less revenue and significant economic loss to both private and public sectors. From the previous scholars work on spammer classification taxonomy, various machine learning techniques have been extensively used to detect spam activities and spammers in online social networks. There are various classifier that are learn over content-based features extracted from the user's interactions and profiles to label them as spam/spammers or legitimate. But recently, new network structural bench mark features have been proposed for spammer detection task, but their importance using structural bench mark learning methods has not been extensively evaluated yet. In this research work, we evaluate the the metric performance of some structural bench mark learning methods using scientific and strategic approach based attributes extracted from an interaction network for the task of spammer detection in online social network.
Worldwide, a large number of people interact with each other by means of online chatting. There has been a significant rise in the number of platforms, both social and professional, such as WhatsApp, Facebook, and Twitter, which allow people to share their experiences, views and knowledge with others. Sadly
enough, with online communication getting embedded into our daily communication, incivility and misbehaviour has taken on many nuances from professional misbehaviour to professional decay. Generally flaming starts with the exchange of rude messages and comments, which in turn triggers to higher scale of flaming. To prevent online communication from getting downgraded, it is essential to keep away the hostile users from communication platforms. This paper presents a Security Detection Model and a tool which checks and prevents online flaming. It detects the presence of flaming while chatting or posting blogs, and censors swear words as well as blocks the users from flaming.
Truecaller helps you find a person behind an unknown number. Report and block spam calls. Everything from just a single app. Truecaller is one of the most innovative app a smartphone can ever have!
This presentation was presented at Droidcon Stockholm 2015:
Synopsis:
We are all living in the age of data and we should make our decisions according to the data collected. Every user who downloaded our app is unique and valuable for this reason we should know him/her better in order to improve his/her live and provide a 5 star user experience.
In this talk we will discuss data driven development approach at Truecaller. We’ll dive into product metrics and analytics as well as tools and techniques, see how collecting and reading data in the right way can help you to improve your product, engage users and increase monetization.
This presentation aims to create awareness of the value of data driven development and provides some tips for starting to take advantage of it. Everyone involved in the mobile application world could find it interesting, from indie-developers to product owners of B2B and SaaS projects.
Presented by:
Sergio Cucinella
Dmitry Avchukhov
How Qatar uses WhatsApp, Snapchat and other social mediaMOTC Qatar
Insights from a new study into how people in Qatar use social media. Produced by ictQATAR's Rassed team the research looks not just what social media people in Qatar use, but also how and why they use it.
Produced in partnership with Ipsos Qatar, the study features conclusions from interviews conducted with 1,000 residents (500 Qataris and 500 non-Qataris) during September-October 2014.
Covering eight different social media services - ranging from older more established networks like Facebook, Instagram and Twitter to newer entrants like Snapchat, WhatsApp and Path – the study provides unique insights into how Qatar uses social media at the end of 2014.
Project report on 'customer satisfaction towards whatsapp'Chirag Patel
marketing research on "WhatsApp Inc." for general understanding of the marketing research. However in particular my emphasis was on to fulfill the objective of research and to find out and to explore the analyses of primary data.
This Project Report is to measure the Satisfaction level of WhatsApp Messenger; customer satisfaction is a measure of how products and services supplied by a company meet customer expectation. Customer satisfaction is critical if a company is to register high sales profits.
Deterring Sybil Attack in Online Communication System via Peer-to-peer Audio ...Eswar Publications
In recent time the use of communication gadgets (mobile phones, laptop, desktop etc.) and service for online communication between two parties over a long distance has become sine-qua-non. Some criminal minded people are using this online communication method to deceive their prey via proxy communication where individual claiming to be discussing is not really the one. In this paper, we focus on prevention of identity impersonation attacks in an Online Communication System. Peer-peer Audio Visual Communication System is design to enhance security through online communication system by revealing the identity of the communicators and records the communication if necessary. Embedded application system was design for mobile and desktop devices for audio
visual charting using modern IT devices.
Smartphone Forensic Investigation Process ModelCSCJournals
Law practitioners are in an uninterrupted battle with criminals in the application of computer/digital technologies, and these days the advancement in the use of Smartphones and social media has exponentially increased this risk. Thus it requires the development of a sound methodology to investigate Smartphones in a well defined and secured way. Computer fraud and digital crimes are growing rapidly and only very few cases result in confidence. Nowadays Smartphones accounts for the major portion as a source of digital criminal evidence. This paper tries to enlighten the development of the digital forensics process model for Smartphones, compares digital forensic methodologies, and finally proposes a systematic Smartphone forensic investigation process model. This model adapt most of the previous methodologies with rectifying shortcomings and proposes few more steps which are necessary to be considered to move with the advancement in technology. This paper present an overview of previous forensic strategies and the difficulties now being faced by the particular domain. The proposed model explores the different processes involved in the forensic investigation of a Smartphone in the form of an fourteen- stage model. The Smartphone forensic investigation process model (SPFIPM) has been developed with the aim of guiding the a effective way to investigate a Smartphone with more area of finding the potential evidence.
Paper presented at the International Conference on Using ICT, Social Media and Mobile Technologies to Foster Self-Organisation in Urban and Neighbourhood Governance. Delft, Netherlands. 16 May 2013
The advancement of Information Technology has hastened the ability to disseminate information across the globe. In particular, the recent trends in ‘Social Networking’ have led to a spark in personally sensitive information being published on the World Wide Web. While such socially active websites are creative tools for expressing one’s personality it also entails serious privacy concerns. Thus, Social Networking websites could be termed a double edged sword. It is important for the law to keep abreast of these developments in technology. The purpose of this paper is to demonstrate the limits of extending existing laws to battle privacy intrusions in the Internet especially in the context of social networking. It is suggested that privacy specific legislation is the most appropriate means of protecting online privacy. In doing so it is important to maintain a balance between the competing right of expression, the failure of which may hinder the reaping of benefits offered by Internet technology
Globally, the extensive use of smartphone devices has led to an increase in storage and transmission of enormous volumes of data that could be potentially be used as digital evidence in a forensic investigation. Digital evidence can sometimes be difficult to extract from these devices given the various versions and models of smartphone devices in the market. Forensic analysis of smartphones to extract digital evidence can be carried out in many ways, however, prior knowledge of smartphone forensic tools is paramount to a successful forensic investigation. In this paper, the authors outline challenges, limitations and reliability issues faced when using smartphone device forensic tools and accompanied forensic techniques. The main objective of this paper is intended to be consciousness-raising than suggesting best practices to these forensic work challenges.
State of Social Media in India | August 2013Nabeel Adeni
At a recently held South Asia Summit on Social Media for Digital Empowerment, I was invited to speak on Social Media, in the Indian context.
I put together this presentation for my session.
Would love to have any feedback, suggestions or ideas in this regard.
Collusion-resistant multiparty data sharing in social networksIJECEIAES
The number of users on online social networks (OSNs) has grown tremendously over the past few years, with sites like Facebook amassing over a billion users. With the popularity of OSNs, the increase in privacy risk from the large volume of sensitive and private data is inevitable. While there are many features for access control for an individual user, most OSNs still need concrete mechanisms to preserve the privacy of data shared between multiple users. The proposed method uses metrics such as identity leakage (IL) and strength of interaction (SoI) to fine-tune the scenarios that use privacy risk and sharing loss to identify and resolve conflicts. In addition to conflict resolution, bot detection is also done to mitigate collusion attacks. The final decision to share the data item is then ascertained based on whether it passes the threshold condition for the above metrics.
A women secure mobile app for emergency usage (go safe app)eSAT Journals
Abstract Many unfortunate incidents have been taking place . Problems may come from any direction such as walking on the road after the
work, going to super market or many other reasons for which they go alone. People at home are not sure of their return safely. In
order to overcome such problems the GO SAFE (security app) mobile based application is not only necessary to use but also
plays a pivotal role with android software. The usage of smart phones equipped with GPS navigation unit have increased rapidly.
The “GO SAFE” application is mainly developed to safeguard. By clicking on the buttons (power & volume button) alert message
is sent. Application communicates the user’s location to the registered contacts in the form of message. Thus, it acts like a sentinel
following behind the person till the user feels she is safe. Also, the registered contacts and GPS location are saved from time to
time in a database.
Keywords: Apps, Android, Mobile, Safety. Etc…
Identify, Inspect and Intervene Multimodal Fake NewsIIIT Hyderabad
Fake news refers to intentionally and verifiably false stories created to manipulate people’s perceptions of reality.
The concept of fake news is not new and has marked its presence dating back to AD 1475, affecting the citizens of Italy on eastern Sunday to the COVID-19 pandemic in 2020. Fake news has gained traction among audiences, created a buzz online, and faced repercussions offline. For instance, intruding hyperbolized fake articles into political campaigns or health and climate studies is havoc. In addition, the proliferation of fabricated stories has played a crucial role in inflaming or suppressing a social event. In conclusion, fake news is destructive and can lead to hatred against religion, politics, celebrities or organizations, resulting in riots/protests or even death.
The massive growth in the proliferation of fake news online might result from numerous technological advancements. Fake news seems to be the permanent reality, with social media being a primary conduit for its creation and dissemination. Despite the difficulty in identifying, tracking, and controlling unreliable content, there must be an effort to halt its expansion. Our research endeavors contribute to tackling various aspects of fake news, encompassing identification, inspection, and intervention. The premise of our thesis is firmly placed at the point where we analyze multiple facets of user-generated content produced online in the form of text and visuals to investigate the field of fake news.
First, we focus on devising different methods to Identify, a.k.a. detect fake news online, by extracting different feature sets from the given information. By designing foundational detection mechanisms, our work accelerates research innovations. Second, our research closely Inspects the fake stories from two perspectives. First, from the information point of view, one can inspect fabricated content to identify the patterns of false reports disseminating over the web, the modality used to create the fabricated content and the platform used for dissemination. Next, from the model point of view, we inspect detection mechanisms used in prior work and their generalizability to other datasets. The thesis also suggests Intervention techniques to help internet users broaden their comprehension of fake news. We discuss potential practical implications for social media platform owners and policymakers.
Data Science for Social Good: #MentalHealth #CodeMix #LegalNLP #AISafetyIIIT Hyderabad
Discuss work on using technology for Judiciary, Lawyers, etc. Analyse social media data, music listening habits for mental health. Bias and Safety in AI Systems.
Papers are available at https://precog.iiit.ac.in/pages/publications.html
Beyond the Surface: A Computational Exploration of Linguistic AmbiguityIIIT Hyderabad
We investigate two specific forms of linguistic ambiguities - polysemy, which is the multiplicity of meanings for a specific word, and tautology, which are seemingly uninformative and ambiguous phrases used in conversations. Both phenomena are widely-known manifestations of linguistic ambiguity at the lexical and pragmatic level, respectively.
The first part of the thesis focuses on addressing this challenge by proposing a new method for quantifying the degree of polysemy in words, which refers to the number of distinct meanings that a word can have. The proposed approach is a novel, unsupervised framework to compute and estimate polysemy scores for words in multiple languages, infusing syntactic knowledge in the form of dependency structures. The proposed framework is tested on curated datasets controlling for different sense distributions of words in three typologically diverse languages - English, French, and Spanish. The framework leverages contextual language models and syntactic structures to empirically support the widely held theoretical linguistic notion that syntax is intricately linked to ambiguity/polysemy.
The second part of the thesis explores how language models handle colloquial tautologies, a type of redundancy commonly used in conversational speech. We first present a dataset of colloquial tautologies and evaluate several state-of-the-art language models on this dataset using perplexity scores. We conduct probing experiments while controlling for the noun type, context and form of tautologies. The results reveal that BERT and GPT2 perform better with modal forms and human nouns, which aligns with previous literature and human intuition.
Data Science for Social Good: #LegalNLP #AlgorithmicBias...IIIT Hyderabad
Talk describes legal NLP idea discusses the following papers:
HLDC: Hindi Legal Documents Corpus https://precog.iiit.ac.in/pubs/HLDC_ACL_2022.pdf
Drug consumption: https://precog.iiit.ac.in/pubs/Effect_oF_Feedback_on_Drug_Consumption_Disclosures_on_Social_Media___ICWSM2023___16Sept1730hrs.pdf
Don’t Wait: Write
Importance of outline
Have Shepherds to review
Writing a Good Literature Review
Having a good title
Writing a Good Introduction
Active voice
Latex tips
Writing Rebuttal
I discussed our work on #LegalAI #CodeMixing #FakeNews #Elections and other cool projects that we are currently working on at https://precog.iiit.ac.in/
Modeling Online User Interactions and their Offline effects on Socio-Technica...IIIT Hyderabad
Do online interactions trigger reactions back in the offline world? How can these reactions be detected and quantified? Specifically, what insights can be extracted for users, platform owners, and policymakers to minimize the potential harm of such reactions?
Society functions based on the complex interactions between individuals, communities, and organizations. The advent of the Internet has enabled these interactions to move online. A website or an application that facilitates the digitization of social interactions is called a socio-technical platform. For instance, individuals converse with each other via direct messaging applications (e.g., WhatsApp, Telegram), share thoughts, and gather feedback from communities (e.g., Reddit, Twitter, Youtube). Trade of goods occurs via e-commerce (e.g., Flipkart, Amazon) and online marketplaces (e.g., Google Play store). At times interactions happening in the online world, trigger reactions in the offline world, which we call overflow. Such overflows can have either a positive or negative impact. Socio-technical platforms save every interaction and associated metadata, providing a unique opportunity to analyze rich data at scale. Discover interaction patterns, detect and quantify overflow of interactions, and extract insights for users and policymakers.
This report aims to study the interactions by keeping the individual as the focal point. We focus on two broad forms of interactions - i) the effect online community feedback can have on individual offline actions and ii) organizations leveraging individual customers' online presence to optimize business processes. In the first part, we work on two scenarios - (a) How does community feedback affect an individual future drug consumption frequency in a drug community forum? and (b) What changes does an individual undergo immediately after getting sudden popularity in Online social media? What actions help in maintaining popularity for longer? In the second part, we leverage online information about a customer to improve the prediction of Return-to-Origin in the e-commerce platform.
Development of Stress Induction and Detection System to Study its Effect on B...IIIT Hyderabad
Stress has become a significant mental health problem of the 21st century. The number of people suffering from stress is increasing rapidly. Thus, easy-to-use, inexpensive, and accurate biomarkers are needed to detect stress during its inception. Early detection of stress-related diseases allows people to access healthcare services. This thesis focuses on the development of stress stimuli and the detection of stress induced by these stimuli. Identifying brain regions affected while exposing the subject to these stressful stimuli has also been done. Three different stimuli, viz. videos, gamified application, and a game, are investigated to study their effect as stress induction stimuli. To this end, in this thesis, a system is proposed to classify participants into stressed and non-stressed categories using machine learning, deep learning, and statistical techniques. The statistical significance between stressed and non-stressed was found using Higuchi Fractal Dimensions (HFD) feature extracted from EEG. This feature also helped identify the brain’s most affected region due to stress. Another outcome of this thesis is the extra annotation of the ground truth which further helps to validate the participant’s experience under the influence of stressful stimuli. This annotation was performed by evaluating participant performance under time pressure. In addition, a technique based on in-game analytics is presented to complement the betterment of self-reported data. Further, another dimension utilizing signatures from WiFi Media Access Control (MAC) layer traffic is presented to detect stress indicators in a device-agnostic way.
A Framework for Automatic Question Answering in Indian LanguagesIIIT Hyderabad
The distribution of research efforts done in the field of Natural Language
Processing (NLP) has not been uniform across all natural languages. It has
been observed that there is a significant gap between the development of
NLP tools in Indic languages (indic-NLP), and in European languages. We
aim to explore different directions to develop an automatic question answering system for Indic languages. We built a FAQ-retrieval based chatbot for
healthcare workers and young mothers of India. It supported Hindi language in either Devanagri script or Roman script. We observed that, in our
FAQ database, if there exists a question similar to the query asked by the
user, then the developed chatbot is able to find a relevant Question-Answer
pair (QnA) among its top-3 suggestions 70% of the time. We also observed
that performance of our chatbot is dependent on the diversity in the FAQ
database. Since database creation requires substantial manual efforts, we decided to explore other ways to curate knowledge from raw text irrespective
of domain.
We developed an Open Information Extraction (OIE) tool for Indic languages. During the preprocessing, chunking of text is performed with our
fine-tuned chunker, and the phrase-level dependency tree was constructed
using the predicted chunks. In order to generate triples, various rules were
handcrafted using the dependency relations in Indic languages. Our method
performed better than other multilingual OIE tools on manual and automatic evaluations. The contextual embeddings used in this work does not
take syntactic structure of sentence into consideration. Hence, we devised
an architecture that takes the dependency tree of the sentence into consideration to calculate Dependency-aware Transformer (DaT) embeddings.
Since the dependency tree is also a graph, we used Graph Convolution
Network (GCN) to incorporate the dependency information into the contextual embeddings, thus producing DaT embeddings. We used a hate-speech
detection task to evaluate the effectiveness of DaT embeddings. Our future
plan is to evaluate the applicability of DaT embeddings for the task of chunking. Moreover, the broader aim for the future is to develop an end-to-end
pronoun resolution model to improve the quality of triples and DaT embeddings. We also aim to explore the applicability of all our works to solve the
problem of long-context question answering.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Call Me MayBe: Understanding Nature and Risks of Sharing Mobile Numbers on Online Social Networks
1. Call Me MayBe:
Understanding Nature and Risks of
Sharing Mobile Numbers on Online Social
Networks
Prachi Jain
M.Tech. Thesis Defense
14th November 2013
Committee:
Dr. Ponnurangam Kumaraguru, IIIT-Delhi (Chair)
Dr. Alessandra Sala, Alcatel Lucent (Bell Labs), Dublin
Dr. Amarjeet Singh, IIIT-Delhi
2. Problem Statement
Characterize mobile number sharing behavior on
Online Social Networks.
Examine risk of collation of mobile number’s
owner data from multiple online public data
sources.
Propose a systematic approach for risk
communication.
2
3. Achievements
Paper:
Call Me MayBe: Understanding Nature
and Risks of Sharing Mobile Numbers on
Online Social Networks, Conference
on Online Social Networks (COSN) 2013
Poster:
Flash of Two Worlds, Security and
Privacy Symposium (SPS) 2013
3
7. Research Motivation
46% of Internet users post original (self created)
content on internet.
User Generated Content (UGC) has high similarity with
offline interactions of user.
Concerns on (un)intentional mention of sensitive
information on OSN profile.
Mobile phone number is an example of identifiable
information with which a real-world entity can be
associated uniquely, in most cases.
7
8. How many of you have posted
mobile numbers on Online Social
Networks?
How many of you have seen
mobile numbers being posted on
Online Social Networks?
8
14. Characterize mobile number
sharing behavior on Online
Social Networks
Focus on Indian Mobile Numbers
“India has the fastest growing telecom
market in the world.“
Focus on two most popular social
networks – Facebook & Twitter
14
18. Personally Identifiable Information
(PII)
An attribute that itself or in combination of other
attributes can connect an online user account
with a real world entity.
Email address (Balduzzi et al, 2010)
Phone numbers (Magno et al, 2012; Jain et al, 2013)
18
19. Indian Mobile Number format
10 digit number, start with 7 / 8 / 9
Country code: +91 ( Example: +91 9123456789 )
Trunk Code: 0 ( Example: 0 9123456789 )
No standard
way of sharing mobile numbers on OSN!
+91- 9123456789
91.91.23.456.789
+91- 91-2345-6789 (91)23.456.789
0 9123456789
(91234)56789
19
21. Literature review
Identity information disclosure on OSNs.
Consequences of identity information disclosure on
OSNs.
Communicating the risk of identity information
disclosure.
21
22. 1. Identity information disclosure
on OSNs
Zheleva et al, 2009
Group membership
Balduzzi et al, 2010
Email address
Burger et al, 2011
Gender
Dey et al, 2012
Age
Magno et al, 2012;
Chen et al, 2012;
Jain et al, 2013
Phone numbers
No quantitative study on mobile numbers sharing
behavior on OSN.
22
23. 1. Identity information disclosure
on OSNs
Chen et al, 2012
Observed 2% Facebook users (in their dataset) share
their mobile number as a profile attribute.
Magno et al, 2012
Observed users share their mobile number as profile
attribute on Google+
Single Indian males share most mobile numbers
We dive deeper to understand characteristics of exposed
mobile numbers on Facebook and Twitter posts and user
descriptions.
23
24. 2. Consequences of identity
information disclosure on OSNs
Jagatic et al, 2007
Social phishing
Chen et al, 2012 Mao et al, 2011
Linkage attack
Privacy attack
Krishnamurthy et al, 2012
Auxiliary information collected from online sources might help in
connecting an online profile with an offline entity.
We explore if Indian mobile numbers leaked from OSNs
can be used to gain a wider profile by linking it with
e-government data and truecaller.
24
25. 2. Consequences of identity
information disclosure on OSNs
Schrittwieser et al, 2012
Mobile numbers can be used
to exploit smart phone
messaging services.
Address book resolution
Impersonation, SMS spam,
Phone number enumeration
attack, Status message forgery
attack
Cheng et al, 2013
Address book resolution
Randomly picked mobile
numbers used to integrate
accounts on WeChat and
MiTalk.
Aggregate information
about users in China.
25
26. 2. Consequences of identity
information disclosure on OSNs
We link exposed Indian mobile numbers on
Facebook and Twitter profile with their
WhatsApp profiles.
We study comprehensiveness of additional
information obtained.
26
27. 3. Communicating the risk of
identity information disclosure
Krishnamurthy et al, 2012
Privacy leaks could be prevented by alerting the users
about information sharing vulnerabilities.
We communicate the risk to a set of users by calling them
with the help of an IVR system.
We also study their reactions.
27
30. System architecture
Facebook
Graph
API
Public users /
posts
with mobile
numbers
Category
+91
Regex
patterns
Category 0
Category
void
call ring
Mobile
number
validation
Keyword
Selection
contact
Indian
Mobile
Number
Database
Category
void
Twitter
Stream
API
Keyword selection
Public Bio/Tweets
with mobile
numbers
Regex
patterns
Category 0
Category
+91
Data collection
Data validation
30
31. System architecture
Facebook
Graph
API
Public users /
posts
with mobile
numbers
Category
+91
Regex
patterns
Category 0
Category
void
call ring
Mobile
number
validation
Keyword
Selection
contact
Indian
Mobile
Number
Database
Category
void
Twitter
Stream
API
Keyword selection
Public Bio/Tweets
with mobile
numbers
Regex
patterns
Category 0
Category
+91
Data collection
Data validation
31
32. Data statistics
Twitter:
12th October 2012 – 20th October 2013
Facebook:
16th November 2012 – 20th April 2013
Numbers
Category +91
Category 0
Category void
Twitter Facebook Twitter Facebook Twitter
Mobile
885
Numbers
2,191
User
profiles
2,663
1,074
100%
14,909 8,873
85%
17,913 9,028
Total
Facebook Twitter Facebook
25,566 25,294
41,360 36,358
85%
31,149 25,406
49,817 36,588
32
35. Ownership analysis: Methodology
Owner posted
the number
Post
Has 1st
person
pronoun
Frequent
action
words
Bio /
Name
Y
Y
Has 2nd / 3rd
person
pronoun
N
Phrasal
search
Y
Non-owner posted
the number
35
36. Ownership Analysis: Results
Social Network Mechanism
Mobile
Numbers
Total
Twitter:
Owner
Bio
155
291/885 (33%)
Tweet
136
Non-owner
Tweet
18
18/885 (0.02%)
Facebook:
Owner
Post
468
485/2191 (22%)
Name
17
Non-owner
Message
25
25/2191
(0.01%)
Users share their own mobile numbers on OSNs!
36
38. Source analysis: Results
Which applications are used
Which applications are used
to share mobile numbers on
to share mobile numbers on
Twitter?
Facebook?
32% numbers on Twitter
were pushed from
Facebook
5%
Facebook
mobile
Facebook for
iPhones
Photos
1%
Facebook
11%
32%
Twitterfeed
12%
8%
Google
26%
LinkedIn
26%
TweetDeck
14%
50%
15%
Facebook for
Android
HootSuite
Twitterfeed
Users posted same mobile numbers on multiple OSNs !
38
40. Topographical analysis:
Methodology
Indian Mobile number
XXXX - NNNNNN
Network operator
Subscriber number
Telecom Zone/Circle
Metro
(High density)
A Circle
(Largest
population coverage)
B Circle
C Circle
(Smallest
population coverage)
(Source: http://www.trai.gov.in)
40
41. Topographical analysis: Results
Telecom Circle
Category
# of Mobile Numbers
Delhi
Metropolitan 582
Mumbai
Metropolitan 312
Karnataka
“A” Circle
233
Punjab
“B” Circle
226
Rajasthan
“B” Circle
171
Andhra Pradesh
“A” Circle
164
Kerala
“B” Circle
158
Maharashtra
“A” Circle
140
Gujarat
“A” Circle
135
Tamil Nadu
“A” Circle
102
Users of metropolitan cities in India actively posted mobile
numbers on OSNs !
41
45. Context Analysis: Results
Twitter Tag Cloud
Facebook Tag Cloud
Emergency,
marketing, escort
and entertainment
business are major
context on OSNs !
45
47. Risk of Collation: Experiment 1
Methodology
Mobile
Number
Penetration rate:
Store in Phone
Address Book
Install and
open
WhatsApp
Status
userexposed
prate =
usertotal
= 1,071 / 3,076
= 34.8 %
Last Seen
time
47
49. Risk of Collation: Experiment 2
OCEAN:
Open
Government
Data
Repository
Details
User 1
User 2
Mobile
Number
+9198xxxx5485
+9199xxxx2708
Full Name
xxxxxx Jeswani
x Gambhir
Age
53
23
Gender
Male
Father’s
Name
x x Jeswani
Address
***, Mig Flats, *-block,
xxxxx Vihar Phase-I
8 Delhi
Male
Users
xx Gambhir
Identified
Uniquely
***, xxxx Bagh,
Delhi
ID
Driving License:
DL/04/xxx/222668
Voter ID:
NLNxxx5696
Shared by
Owner?
Yes
No
49
52. Result:
Callee
Decision
Tree
0.35 (867)
Call the
Number
0.65 (1625)
Call not
picked
Call picked
0.61 (988)
Listen
message
Disconnect
the Call
0.48 (479)
0.52 (509)
Listen Options
0.21 (107)
FORM 1
0.39 (637)
Didn’t know
0.23 (47)
Leave
Feedback
Disconnect
the Call
0.20
(102)
0.59 (300)
Posted
purposefully
Disconnect
the Call
0.77 (60)
Disconnect
the Call
1.0 (47)
Disconnect
the Call
52
53. Feedback
“Thank you for information, I have deleted, I will not
post my number online.”
“I want to know how to remove my number and I don't
know, I haven't put my number purposely but if it is
there, where exactly it is there I would also like to know
that. Please get in touch with me asap. Thank you!”
“It is a very nice process that you are doing and making
people aware about online frauds and telephone
number frauds but your system is basically calling
business houses”
53
54. Understanding user’s
response: Ownership analysis
Ownership analysis on posts from users who said that
they did not know that their number can be leaked (IVR
option 1)
38.3% (41/107) of mobile numbers were posted
publicly by their owners.
Inability of users to manage their privacy settings.
OR
Inadvertent disclosure of personal information (mobile
number)
54
56. Interview questions
Interviewed 8 people whom we uniquely
identified.
To validate the information we had about them.
Inquire if they posted mobile number on OSN.
If yes than why?
If no then we informed them about the profile revealing
their number. And asked if they knew the person.
Will they remove the number and Why?
Feedback?
56
57. Interview results
# of callee
True positive (Valid information) 5/8
False positive
1/8
Denied to get interviewed
1/8
Did not pick
1/8
57
58. Interview Response
Suspected if we got the information via
offline sources.
Called their service provider to confirm
what bad we can do with this information
about them.
58
59. Interview Response
Posted mobile number to be in touch with friends
and relatives.
Expressed concerns of getting calls from
unwanted people.
Posted mobile number to promote a small scale
business.
Inquired and suggested some countermeasures.
59
61. Take Aways
Users share their own mobile numbers on OSNs.
Users post same mobile numbers on multiple OSNs.
Females are conservative while sharing mobile numbers on
OSNs.
A publically shared mobile number can expose sensitive details
(age, ID, family details and full address) of its owner, from
multiple sources.
We should communicate the risks of sharing mobile numbers
online, to their owners.
Few users were unaware of the online presence of their number.
61
62. Future work
Build a generic technological,
people and process oriented
solutions to forewarn users and
raise awareness towards risks of
exposing mobile numbers on
OSNs.
62
64. Publications and poster
Prachi Jain, Paridhi Jain, Ponnurangam
Kumaraguru. Call Me MayBe: Understanding
Nature and Risks of Sharing Mobile Numbers on
Online Social Networks. ACM Conference on Online
Social Networks (COSN) 2013
Prachi Jain, Ponnurangam Kumaraguru. Flash of
Two Worlds. Security and Privacy Symposium (SPS)
2013
64
65. References
1.
Paul 2010, Broken promises of privacy: Responding to the surprising
failure of anonymization. UCLA Law Review, 57:1701, 2010.
2.
Prachi Jain, Paridhi Jain, and Ponnurangam Kumaraguru. Call me maybe:
understanding the nature and risks of sharing mobile numbers on online
social networks. In Proceedings of the first ACM conference on Online
social networks, pages 101-106. ACM, 2013.
3.
Gabriel Magno, Giovanni Comarela, Diego Saez-Trumper, Meeyoung Cha,
and Virgilio Almeida. New kid on the block: Exploring the google+ social
graph. In Proceedings of the 2012 ACM conference on Internet
measurement conference, pages 159-170. ACM, 2012.
4.
Latanya Sweeney. k-anonymity: A model for protecting privacy.
International Journal of Uncertainty, Fuzziness and Knowledge-Based
Systems, 10(05):557-570, 2002.
5.
Marco Balduzzi, Christian Platzer, Thorsten Holz, Engin Kirda, Davide
Balzarotti, and Christopher Kruegel. Abusing social networks for
automated user proling. In Recent Advances in Intrusion Detection, pages
422-441. Springer, 2010.
65
66. References
6.
Ratan Dey, Cong Tang, Keith Ross, and Nitesh Saxena. Estimating age privacy
leakage in online social networks. In INFOCOM, 2012 Proceedings IEEE, pages
2836-2840. IEEE, 2012.
7.
John D Burger, John Henderson, George Kim, and Guido Zarrella.
Discriminating gender on twitter. In Proceedings of the Conference on
Empirical Methods in Natural Language Processing, pages 1301-1309.
Association for Computational Linguistics, 2011.
8.
Tom N Jagatic, Nathaniel A Johnson, Markus Jakobsson, and Filippo Menczer.
Social phishing. Communications of the ACM, 50(10):94-100, 2007.
9.
Terence Chen, Mohamed Ali Kaafar, Arik Friedman, and Roksana Boreli. Is
more always merrier?: a deep dive into online social footprints. In
Proceedings of the 2012 ACM workshop on Workshop on online social
networks, pages 67-72. ACM, 2012.
10. Huina Mao, Xin Shuai, and Apu Kapadia. Loose tweets: an analysis of privacy
leaks on twitter. In Proceedings of the 10th annual ACM workshop on Privacy
in the electronic society, pages 1-12. ACM, 2011.
66
67. References
11. Sebastian Schrittwieser, Peter Fruhwirt, Peter Kieseberg, Manuel Leithner,
Martin Mulazzani, Markus Huber, and Edgar Weippl. Guess whos texting you?
evaluating the security of smartphone messaging applications. In
Proceedings of the 19th Annual Symposium on Network and Distributed
System Security, 2012.
12. Yao Cheng, Lingyun Ying, Sibei Jiao, Purui Su, and Dengguo Feng. Bind your
phone number with caution: automated user proling through address book
matching on smartphone. In Proceedings of the 8th ACM SIGSAC symposium
on Information, computer and communications security, pages 335-340.
ACM, 2013.
13. Balachander Krishnamurthy. Privacy and online social networks: Can colorless
green ideas sleep furiously? IEEE Security & Privacy, 11(3):14-20, 2013.
14. Zeynep Tufekci. Can you see me now? audience and disclosure regulation in
online social network sites. Bulletin of Science, Technology & Society,
28(1):20-36, 2008.
67