Human Aspects

How does the average user cope with the threats they encounter while engaged in the most sensitive of all online activities, online banking? Online Safety for the Ages (OSA) examines generational differences in motivations to use risky online services and self-protective measures in the context of online banking. An influx of older adults attracted to the Internet by social media but at times unfamiliar with dealing with the hazards of online life, as well as younger users who are sometimes oblivious to those dangers, pose distinct challenges to the preservation of online safety.

As the use of Web applications has increased, malicious content and cyber attacks are rapidly increasing in both their frequency and their sophistication. For unwary users and their organizations, social media sites such as Tumblr, Facebook, MySpace, Twitter, and LinkedIn pose a variety of serious security risks and threats. Recent studies show that social media sites are more in use for delivering malware than were previously popular methods of email delivery. Because of this, many organizations are looking for ways to implement effective security policies.

The goal of this project is to investigate the reliability, robustness, and computationally efficiency of digital audio forensic methods under various adversarial conditions, e.g., lossy compression attack. We aim to identify and develop mathematical tools for modeling and characterizing of microphone nonlinearities (fingerprints), statistical methods for acoustic environment estimation, and system identification based framework for linking an acquisition device to the audio recording.

Considerable research in the field has been focused on developing new technologies to enhance privacy; encryption of personal data is often presented as a potential solution. Many of the technologies resulting from this research are not being effectively utilized because of issues rooted in human judgment under risk and uncertainty. The majority of existing models and products related to human judgement are based on a limited number of documented incidents and on questionable assumptions about user intent and behavior.

This research is developing methods that leverage a multitude of sensors embedded in hand-held and wearable devices (e.g., smart watches, smart glasses and brain-computer interfaces) for strong user authentication to smart phones. The current point-of-entry solutions, largely based on weak static credentials, such as passwords or PINs for authentication to smart phones are not sufficient because once such credentials are compromised (which is very likely given the many vulnerabilities of passwords), the attacker may gain unfettered access to the smart phone.