Biblio

Intelligent gadgets for example smartphones, tablet phones, and personal digital assistants play an increasingly important part in our lives and have become indispensable in our everyday routines. As a result, the market for mobile apps tends to grow at a rapid rate, and mobile app utilization has long eclipsed that of desktop software. The applications based on these smartphones are becoming vulnerable due to the use of open-source operating systems in these smart devices. These applications are vulnerable to smartphones because of memory leaks; they can steal personal data, hack our smartphones, and monitor our private activity, giving anyone significant financial loss. Because of these issues, smartphone security plays a vital role in our daily lives. The Play Store contains unrated applications which any unprofessional developer can develop, and these applications do not pass through the rigorous process of testing and analysis of code leaks. The existing developed system does not include a stringent procedure to examine and investigate source code to detect such vulnerabilities among mobile applications. This paper presented a dynamic analysis-based robust system for Source Code Analysis of Mobile Applications for Privacy Leaks using a machine learning algorithm. Furthermore, our framework is called Source Code Analysis of Mobile Applications (SCA-MA), which combines DynaLog and our machine learning-based classifier for Source Code Analysis of Mobile Applications. Our dataset will contain around 20000 applications to test and analyze vulnerabilities. We will perform dynamic analysis and separate the classification of vulnerable applications and safe applications. Our results show that we can detect vulnerabilities through our proposed system while reviewing code and provide better results than other existing frameworks. We have evaluated our large dataset with the pervasive way so we can detect even small privacy leak which can harm our app. Finally, we have compared results with existing methods, and framework performance is better than other methods.

With the development of location technology, location-based services greatly facilitate people's life . However, due to the location information contains a large amount of user sensitive informations, the servicer in location-based services published location data also be subject to the risk of privacy disclosure. In particular, it is more easy to lead to privacy leaks without considering the attacker's semantic background knowledge while the publish sparse location data. So, we proposed semantic k-anonymity privacy protection method to against above problem in this paper. In this method, we first proposed multi-user compressing sensing method to reconstruct the missing location data . To balance the availability and privacy requirment of anonymity set, We use semantic translation and multi-view fusion to selected non-sensitive data to join anonymous set. Experiment results on two real world datasets demonstrate that our solution improve the quality of privacy protection to against semantic attacks.

The widespread adoption of social networking and cloud computing has transformed today's Internet to a trove of personal information. As a consequence, data breaches are expected to increase in gravity and occurrence. To counteract unintended data disclosure, a great deal of effort has been dedicated in devising methods for uncovering privacy leaks. Existing solutions, however, have not addressed the time- and data-intensive nature of leak detection. The shift from hardware-specific implementation to software-based solutions is the core idea behind the concept of Network Function Virtualization (NFV). On the other hand, the Software Defined Networking (SDN) paradigm is characterized by the decoupling of the forwarding and control planes. In this paper, an SDN/NFV-enabled architecture is proposed for improving the efficiency of leak detection systems. Employing a previously developed identification strategy, Personally Identifiable Information detector (PIID) and load balancer VNFs are packaged and deployed in OpenStack through an NFV MANO. Meanwhile, SDN controllers permit the load balancer to dynamically redistribute traffic among the PIID instances. In a physical testbed, tests are conducted to evaluate the proposed architecture. Experimental results indicate that the proportions of forwarding and parsing on total overhead is influenced by the traffic intensity. Furthermore, an NFV-enabled system with scalability features was found to outperform a non-virtualized implementation in terms of latency (85.1%), packet loss (98.3%) and throughput (8.41%).

Despite recent regulations and growing user awareness, undesired browser tracking is increasing. In addition to cookies, browser fingerprinting is a stateless technique that exploits a device's configuration for tracking purposes. In particular, browser fingerprinting builds on attributes made available from Javascript and HTTP headers to create a unique and stable fingerprint. For example, browser plugins have been heavily exploited by state-of-the-art browser fingerprinters as a rich source of entropy. However, as browser vendors abandon plugins in favor of extensions, fingerprinters will adapt. We present FP-TESTER, an approach to automatically test the effectiveness of browser fingerprinting countermeasure extensions. We implement a testing toolkit to be used by developers to reduce browser fingerprintability. While countermeasures aim to hinder tracking by changing or blocking attributes, they may easily introduce subtle side-effects that make browsers more identifiable, rendering the extensions counterproductive. FP-TESTER reports on the side-effects introduced by the countermeasure, as well as how they impact tracking duration from a fingerprinter's point-of-view. To the best of our knowledge, FP-TESTER is the first tool to assist developers in fighting browser fingerprinting and reducing the exposure of end-users to such privacy leaks.