Visible to the public Biblio

Filters: Keyword is mobile privacy  [Clear All Filters]
2021-08-17
Jin, Kun, Liu, Chaoyue, Xia, Cathy.  2020.  OTDA: a Unsupervised Optimal Transport framework with Discriminant Analysis for Keystroke Inference. 2020 IEEE Conference on Communications and Network Security (CNS). :1—9.
Keystroke Inference has been a hot topic since it poses a severe threat to our privacy from typing. Existing learning-based Keystroke Inference suffers the domain adaptation problem because the training data (from attacker) and the test data (from victim) are generally collected in different environments. Recently, Optimal Transport (OT) is applied to address this problem, but suffers the “ground metric” limitation. In this work, we propose a novel method, OTDA, by incorporating Discriminant Analysis into OT through an iterative learning process to address the ground metric limitation. By embedding OTDA into a vibration-based Keystroke Inference platform, we conduct extensive studies about domain adaptation with different factors, such as people, keyboard position, etc.. Our experiment results show that OTDA can achieve significant performance improvement on classification accuracy, i.e., outperforming baseline by 15% to 30%, state-of-the-art OT and other domain adaptation methods by 10% to 20%.
2018-02-28
Krupp, B., Sridhar, N., Zhao, W..  2017.  SPE: Security and Privacy Enhancement Framework for Mobile Devices. IEEE Transactions on Dependable and Secure Computing. 14:433–446.

In this paper, we present a security and privacy enhancement (SPE) framework for unmodified mobile operating systems. SPE introduces a new layer between the application and the operating system and does not require a device be jailbroken or utilize a custom operating system. We utilize an existing ontology designed for enforcing security and privacy policies on mobile devices to build a policy that is customizable. Based on this policy, SPE provides enhancements to native controls that currently exist on the platform for privacy and security sensitive components. SPE allows access to these components in a way that allows the framework to ensure the application is truthful in its declared intent and ensure that the user's policy is enforced. In our evaluation we verify the correctness of the framework and the computing impact on the device. Additionally, we discovered security and privacy issues in several open source applications by utilizing the SPE Framework. From our findings, if SPE is adopted by mobile operating systems producers, it would provide consumers and businesses the additional privacy and security controls they demand and allow users to be more aware of security and privacy issues with applications on their devices.