DOCSLIB.ORG

Exploring Privacy Risks in Information Networks

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Exploring Privacy Risks in Information Networks Blekinge Institute of Technology Licentiate Series No 2004:11 ISSN 1650-2140 ISBN 91-7295-051-X Exploring Privacy Risks in Information Networks Andreas Jacobsson Department of Interaction and System Design School of Engineering Blekinge Institute of Technology Sweden Blekinge Institute of Technology Licentiate Series No. 2004:11 ISSN 1650-2140 ISBN 91-7295-051-X Published by Blekinge Institute of Technology © 2004 Andreas Jacobsson Cover picture “Son of Man” (1964) by René Magritte © With permission from “BUS - Bildkonst Upphovsrätt i Sverige” Printed in Sweden Kaserntryckeriet, Karlskrona 2004 To Jess This thesis is submitted to the Faculty of Technology at Blekinge Institute of Technology, in partial fulfillment of the requirements for the degree of Licentiate of Technology in Computer Science. Contact Information Andreas Jacobsson Department of Interaction and System Design School of Engineering Blekinge Institute of Technology PO Box 520 SE-372 25 Ronneby SWEDEN E-mail: [email protected] Abstract Exploring privacy risks in information networks is analysing the dangers and hazards that are related to personal information about users of a network. It is about investigating the dynamics and complexities of a setting where humans are served by technology in order to exploit the network for their own good. In the information network, malicious activities are motivated by commercial factors in that the attacks to privacy are happening, not in the name of national security, but in the name of the free market together with technological advancements. Based on the assumption of Machiavellian Intelligence, we have modelled our analyses by way of concepts such as Arms Race, Tragedy of the Commons, and the Red Queen effect. In a number of experiments on spam, adware, and spyware, we have found that they match the characteristics of privacy-invasive software, i.e., software that ignores users’ right to decide what, how and when information about themselves is disseminated by others. Spam messages and adware programs suggest a hazard in that they exploit the lives of millions and millions of users with unsolicited commercial and/or political content. Although, in reality spam and adware are rather benign forms of a privacy risks, since they, e.g., do not collect and/or transmit user data to third parties. Spyware programs are more serious forms of privacy risks. These programs are usually bundled with, e.g., file-sharing tools that allow a spyware to secretly infiltrate computers in order to collect and dis- tribute, e.g., personal information and data about the computer to profit-driven third parties on the Internet. In return, adware and spam displaying customised advertisements and offers may be distributed to vast amounts of users. Spyware programs also have the capability of retrieving malicious code, which can make the spyware act like a virus when the file-sharing tools are distributed in-between the users of a network. In conclusion, spam, spyware and virulent programs invade user privacy. However, our experiments also indicate that privacy-invasive software inflicts the security, stability and capacity of computerised systems and networks. Furthermore, we propose a description of the risk environment in information networks, where network contaminants (such as spam, spyware and virulent programs) are put in a context (information ecosystem) and dynamically modelled by their characteristics both individually and as a group. We show that network contamination may be a serious threat to the future prosperity of an information ecosystem. It is therefore strongly recommended to network owners and designers to respect the privacy rights of individuals. Privacy risks have the potential to overthrow the positive aspects of belonging to an information network. In a sound information network the flow of personal information is balanced with the advantages of belonging to the network. With an understanding of the privacy risk environment, there is a good starting-point for recognising and preventing intrusions into matters of a personal nature. In reflect, mitigating privacy risks contributes to a secure and efficient use of infor- mation networks. i ii Acknowledgements First and foremost, I would like to extend my sincere gratitude to my supervisor and collaborator, Dr. Bengt Carlsson, for creative support and guidance throughout this work. I would also like to thank my examiner Professor Rune Gustavsson, and my secondary supervisors Dr. Anders Hederstierna and Dr. Stefan Johansson for all the work that they have put down in helping me to form this thesis. The persons giving me the opportunity to commence doctoral studies also deserve many thanks, in particular Dr. Stefan Östholm who was the one that gave me the offer to become a Ph.D. student, Professor Rune Gustavsson and Dr. Anders Hederstierna for eager support during the first phase of my work, and Dr. Michael Mattsson who sorted out all the administrative things and presented me to the value of creative thinking. Thanks to Professor Paul Davidsson who gradually has introduced me to the nature of critical review, and who always is an invaluable source of knowledge, and to Dr. Mikael Svahnberg for helping me understand all the tiny details about life as a Ph.D. student. I would also like to thank my colleague and friend Martin Boldt, co- author to some of the work included in this thesis, for his in-depth technical knowledge and overall positive attitude. I would like to express my gratitude to my colleagues and friends who all have contributed to this journey with loads of laughters, creative feedback and sugges- tions for recreational activities. It is probably impossible to mention you all with- out accidentally leaving someone out, so I rest my case by saying thanks. You know who your are. As always, I am grateful to my parents, Lena and Clas, for everlasting support and love, and for teaching me the value of humour and hard work. Special thanks also go to my sister Lotta, her husband Niklas and their amazing children Oscar, Jacob and Anna for cool comments and for being true sources of inspiration. Finally, I am especially indebted to my Jessica for tremendous support, loving understanding and endless encouragement. Without you this thesis would not have existed at all. Thanks for being so great! Ronneby, fall of 2004. Andreas Jacobsson iii iv Contents Part I Setting the Scene 1 CHAPTER 1 Introduction..................................................................3 Thesis Structure ............................................................................ 5 Included Publications..................................................................... 5 CHAPTER 2 Research Approach .......................................................7 Research Questions ....................................................................... 7 Research Method........................................................................... 9 Definitions ...................................................................................10 Results and Contribution ...............................................................14 Future Work.................................................................................17 Concluding Remarks .....................................................................17 CHAPTER 3 Concepts and Related Work .........................................19 Privacy ........................................................................................19 Information Networks ...................................................................26 Concluding Remarks .....................................................................32 References...................................................................................33 Part II Publications 37 PAPER 1 Privacy and Unsolicited Commercial E-Mail ....................39 Introduction.................................................................................39 E-Mail Marketing ..........................................................................40 Privacy and Spam.........................................................................45 Discussion Concerning Privacy and Spam .......................................49 Conclusions..................................................................................50 References...................................................................................51 PAPER 2 Privacy and Spam: Empirical Studies of Unsolicited Commercial E-Mail.......................................................53 Introduction.................................................................................53 Spam Experiments........................................................................55 Discussion....................................................................................60 Conclusions..................................................................................62 References...................................................................................63 v PAPER 3 Privacy-Invasive Software in File-Sharing Tools .............65 Introduction.................................................................................65 Privacy-Invasive Programs and their Implications............................67 Experiment Design .......................................................................69 Experiment Results and Analysis....................................................72 Discussion....................................................................................75
Load more

Recommended publications
  • Data-Driven Grasp Synthesis - a Survey Jeannette Bohg, Member, IEEE, Antonio Morales, Member, IEEE, Tamim Asfour, Member, IEEE, Danica Kragic Member, IEEE
    TRANSACTIONS ON ROBOTICS 1 Data-Driven Grasp Synthesis - A Survey Jeannette Bohg, Member, IEEE, Antonio Morales, Member, IEEE, Tamim Asfour, Member, IEEE, Danica Kragic Member, IEEE specific metric. This process is usually based on some existing Abstract—We review the work on data-driven grasp synthesis grasp experience that can be a heuristic or is generated in and the methodologies for sampling and ranking candidate simulation or on a real robot. Kamon et al. [5] refer to this grasps. We divide the approaches into three groups based on whether they synthesize grasps for known, familiar or unknown as the comparative and Shimoga [2] as the knowledge-based objects. This structure allows us to identify common object rep- approach. Here, a grasp is commonly parameterized by [6, 7]: resentations and perceptual processes that facilitate the employed • the grasping point on the object with which the tool center data-driven grasp synthesis technique. In the case of known point (TCP) should be aligned, objects, we concentrate on the approaches that are based on • the approach vector which describes the 3D angle that object recognition and pose estimation. In the case of familiar objects, the techniques use some form of a similarity matching the robot hand approaches the grasping point with, to a set of previously encountered objects. Finally, for the • the wrist orientation of the robotic hand and approaches dealing with unknown objects, the core part is the • an initial finger configuration extraction of specific features that are indicative of good grasps. Data-driven approaches differ in how the set of grasp candi- Our survey provides an overview of the different methodologies dates is sampled, how the grasp quality is estimated and how and discusses open problems in the area of robot grasping.
    [Show full text]
  • Automatic Classifying of Mac OS X Samples
    Automatic Classifying of Mac OS X Samples Spencer Hsieh, Pin Wu and Haoping Liu Trend Micro Inc., Taiwan TREND MICRO LEGAL DISCLAIMER The information provided herein is for general information Contents and educational purposes only. It is not intended and should not be construed to constitute legal advice. The information contained herein may not be applicable to all situations and may not reflect the most current situation. Nothing contained herein should be relied on or acted 4 upon without the benefit of legal advice based on the particular facts and circumstances presented and nothing Introduction herein should be construed otherwise. Trend Micro reserves the right to modify the contents of this document at any time without prior notice. Translations of any material into other languages are intended solely as a convenience. Translation accuracy 6 is not guaranteed nor implied. If any questions arise related to the accuracy of a translation, please refer to Mac OS X Samples Dataset the original language official version of the document. Any discrepancies or differences created in the translation are not binding and have no legal effect for compliance or enforcement purposes. 10 Although Trend Micro uses reasonable efforts to include accurate and up-to-date information herein, Trend Micro makes no warranties or representations of any kind as Classification of Mach-O Files to its accuracy, currency, or completeness. You agree that access to and use of and reliance on this document and the content thereof is at your own risk. Trend Micro disclaims all warranties of any kind, express or implied. 11 Neither Trend Micro nor any party involved in creating, producing, or delivering this document shall be liable for any consequence, loss, or damage, including direct, Malware Families indirect, special, consequential, loss of business profits, or special damages, whatsoever arising out of access to, use of, or inability to use, or in connection with the use of this document, or any errors or omissions in the content 15 thereof.
    [Show full text]
  • Analyzing Android Adware
    San Jose State University SJSU ScholarWorks Master's Projects Master's Theses and Graduate Research Spring 2018 Analyzing Android Adware Supraja Suresh San Jose State University Follow this and additional works at: https://scholarworks.sjsu.edu/etd_projects Part of the Computer Sciences Commons Recommended Citation Suresh, Supraja, "Analyzing Android Adware" (2018). Master's Projects. 621. DOI: https://doi.org/10.31979/etd.7xqe-kdft https://scholarworks.sjsu.edu/etd_projects/621 This Master's Project is brought to you for free and open access by the Master's Theses and Graduate Research at SJSU ScholarWorks. It has been accepted for inclusion in Master's Projects by an authorized administrator of SJSU ScholarWorks. For more information, please contact [email protected]. Analyzing Android Adware A Project Presented to The Faculty of the Department of Computer Science San Jose State University In Partial Fulfillment of the Requirements for the Degree Master of Science by Supraja Suresh May 2018 ○c 2018 Supraja Suresh ALL RIGHTS RESERVED The Designated Project Committee Approves the Project Titled Analyzing Android Adware by Supraja Suresh APPROVED FOR THE DEPARTMENTS OF COMPUTER SCIENCE SAN JOSE STATE UNIVERSITY May 2018 Dr. Mark Stamp Department of Computer Science Dr. Katerina Potika Department of Computer Science Fabio Di Troia Department of Mathematics ABSTRACT Analyzing Android Adware by Supraja Suresh Most Android smartphone apps are free; in order to generate revenue, the app developers embed ad libraries so that advertisements are displayed when the app is being used. Billions of dollars are lost annually due to ad fraud. In this research, we propose a machine learning based scheme to detect Android adware based on static and dynamic features.
    [Show full text]
  • Malware - the Silent Killer
    Malware - The Silent Killer by Cost Effective Computers Malware Introduction by Brian Flynn Malware is malicious software that is loaded on your computer. This help guide was designed to give you an overview of what Malware is, how you get it, and how to get rid of it. Though every effort has been made to ensure the accuracy of the information contained in this document, the information is in no way warranted, neither explicitly or implicitly. As with all computer related information, make a point to stay current with what is happening. That is the only way to protect your hardware and your data. Contents I Table of Contents Part I Introduction 2 Part II Liability 2 Part III Desktop Malware 3 1 Desktop Malware....... ............................................................................................................................ 3 2 File Sharing Apps....... ............................................................................................................................ 4 3 Utilities ................................................................................................................................... 4 4 Games ................................................................................................................................... 5 5 Miscellaneous.. ................................................................................................................................. 5 6 Task Bar Icons... ...............................................................................................................................
    [Show full text]
  • Hostscan 4.8.01064 Antimalware and Firewall Support Charts
    HostScan 4.8.01064 Antimalware and Firewall Support Charts 10/1/19 © 2019 Cisco and/or its affiliates. All rights reserved. This document is Cisco public. Page 1 of 76 Contents HostScan Version 4.8.01064 Antimalware and Firewall Support Charts ............................................................................... 3 Antimalware and Firewall Attributes Supported by HostScan .................................................................................................. 3 OPSWAT Version Information ................................................................................................................................................. 5 Cisco AnyConnect HostScan Antimalware Compliance Module v4.3.890.0 for Windows .................................................. 5 Cisco AnyConnect HostScan Firewall Compliance Module v4.3.890.0 for Windows ........................................................ 44 Cisco AnyConnect HostScan Antimalware Compliance Module v4.3.824.0 for macos .................................................... 65 Cisco AnyConnect HostScan Firewall Compliance Module v4.3.824.0 for macOS ........................................................... 71 Cisco AnyConnect HostScan Antimalware Compliance Module v4.3.730.0 for Linux ...................................................... 73 Cisco AnyConnect HostScan Firewall Compliance Module v4.3.730.0 for Linux .............................................................. 76 ©201 9 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
    [Show full text]
  • A Systematic Empirical Analysis of Unwanted Software Abuse, Prevalence, Distribution, and Economics
    UNIVERSIDAD POLITECNICA´ DE MADRID ESCUELA TECNICA´ SUPERIOR DE INGENIEROS INFORMATICOS´ A Systematic Empirical Analysis of Unwanted Software Abuse, Prevalence, Distribution, and Economics PH.D THESIS Platon Pantelis Kotzias Copyright c 2019 by Platon Pantelis Kotzias iv DEPARTAMENTAMENTO DE LENGUAJES Y SISTEMAS INFORMATICOS´ E INGENIERIA DE SOFTWARE ESCUELA TECNICA´ SUPERIOR DE INGENIEROS INFORMATICOS´ A Systematic Empirical Analysis of Unwanted Software Abuse, Prevalence, Distribution, and Economics SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF: Doctor of Philosophy in Software, Systems and Computing Author: Platon Pantelis Kotzias Advisor: Dr. Juan Caballero April 2019 Chair/Presidente: Marc Dasier, Professor and Department Head, EURECOM, France Secretary/Secretario: Dario Fiore, Assistant Research Professor, IMDEA Software Institute, Spain Member/Vocal: Narseo Vallina-Rodriguez, Assistant Research Professor, IMDEA Networks Institute, Spain Member/Vocal: Juan Tapiador, Associate Professor, Universidad Carlos III, Spain Member/Vocal: Igor Santos, Associate Research Professor, Universidad de Deusto, Spain Abstract of the Dissertation Potentially unwanted programs (PUP) are a category of undesirable software that, while not outright malicious, can pose significant risks to users’ security and privacy. There exist indications that PUP prominence has quickly increased over the last years, but the prevalence of PUP on both consumer and enterprise hosts remains unknown. Moreover, many important aspects of PUP such as distribution vectors, code signing abuse, and economics also remain unknown. In this thesis, we empirically and sys- tematically analyze in both breadth and depth PUP abuse, prevalence, distribution, and economics. We make the following four contributions. First, we perform a systematic study on the abuse of Windows Authenticode code signing by PUP and malware.
    [Show full text]
  • Common Threats to Cyber Security Part 1 of 2
    Common Threats to Cyber Security Part 1 of 2 Table of Contents Malware .......................................................................................................................................... 2 Viruses ............................................................................................................................................. 3 Worms ............................................................................................................................................. 4 Downloaders ................................................................................................................................... 6 Attack Scripts .................................................................................................................................. 8 Botnet ........................................................................................................................................... 10 IRCBotnet Example ....................................................................................................................... 12 Trojans (Backdoor) ........................................................................................................................ 14 Denial of Service ........................................................................................................................... 18 Rootkits ......................................................................................................................................... 20 Notices .........................................................................................................................................
    [Show full text]
  • Identifying and Defining Relationships: Techniques for Improving Student Systemic Thinking
    AC 2011-897: IDENTIFYING AND DEFINING RELATIONSHIPS: TECH- NIQUES FOR IMPROVING STUDENT SYSTEMIC THINKING Cecelia M. Wigal, University of Tennessee, Chattanooga Cecelia M. Wigal received her Ph.D. in 1998 from Northwestern University and is presently a Professor of Engineering and Assistant Dean of the College of Engineering and Computer Science at the University of Tennessee at Chattanooga (UTC). Her primary areas of interest and expertise include complex process and system analysis, process improvement analysis, and information system analysis with respect to usability and effectiveness. Dr. Wigal is also interested in engineering education reform to address present and future student and national and international needs. c American Society for Engineering Education, 2011 Identifying and Defining Relationships: Techniques for Improving Student Systemic Thinking Abstract ABET, Inc. is looking for graduating undergraduate engineering students who are systems thinkers. However, genuine systems thinking is contrary to the traditional practice of using linear thinking to help solve design problems often used by students and many practitioners. Linear thinking has a tendency to compartmentalize solution options and minimize recognition of relationships between solutions and their elements. Systems thinking, however, has the ability to define the whole system, including its environment, objectives, and parts (subsystems), both static and dynamic, by their relationships. The work discussed here describes two means of introducing freshman engineering students to thinking systemically or holistically when understanding and defining problems. Specifically, the modeling techniques of Rich Pictures and an instructor generated modified IDEF0 model are discussed. These techniques have roles in many applications. In this case they are discussed in regards to their application to the design process.
    [Show full text]
  • Rethinking Security
    RETHINKING SECURITY Fighting Known, Unknown and Advanced Threats kaspersky.com/business “Merchants, he said, are either not running REAL DANGERS antivirus on the servers managing point- of-sale devices or they’re not being updated AND THE REPORTED regularly. The end result in Home Depot’s DEMISE OF ANTIVIRUS case could be the largest retail data breach in U.S. history, dwarfing even Target.” 1 Regardless of its size or industry, your business is in real danger of becoming a victim of ~ Pat Belcher of Invincea cybercrime. This fact is indisputable. Open a newspaper, log onto the Internet, watch TV news or listen to President Obama’s recent State of the Union address and you’ll hear about another widespread breach. You are not paranoid when you think that your financial data, corporate intelligence and reputation are at risk. They are and it’s getting worse. Somewhat more controversial, though, are opinions about the best methods to defend against these perils. The same news sources that deliver frightening stories about costly data breaches question whether or not anti-malware or antivirus (AV) is dead, as reported in these articles from PC World, The Wall Street Journal and Fortune magazine. Reports about the death by irrelevancy of anti-malware technology miss the point. Smart cybersecurity today must include advanced anti-malware at its core. It takes multiple layers of cutting edge technology to form the most effective line of cyberdefense. This eBook explores the features that make AV a critical component of an effective cybersecurity strategy to fight all hazards targeting businesses today — including known, unknown and advanced cyberthreats.
    [Show full text]
  • Spyhunter 2017
    Anti -Virus Comparative Enigma Software SpyHunter 4 Malware Security Suite Language: English April 2017 Last Revision: 29th May 2017 www.av-comparatives.org Commissioned by Enigma Software Commissioned by Enigma Software - 1 - Enigma Software - SpyHunter – April 2017 www.av-comparatives.org Table of Contents Enigma Software SpyHunter 3 Installing the product 4 Using the program 7 Summary 12 Test Procedure 10 Ratings 11 Results 12 Commissioned by Enigma Software - 2 - Enigma Software - SpyHunter – April 2017 www.av-comparatives.org Enigma Software SpyHunter 4 This report was commissioned by Enigma Software. We have reviewed SpyHunter 4.25.6.4782 by Enigma Software, and tested its malware removal capabilities using the latest build and updates available at time of testing. Which versions of Windows does it work with? Windows XP, Vista, 7, 8, 8.1, 10 Where can I find more information about the product? http://www.enigmasoftware.com/products/spyhunter/ Commissioned by Enigma Software - 3 - Enigma Software - SpyHunter – April 2017 www.av-comparatives.org Summary We found SpyHunter to be an easy-to-use and effective tool for cleaning up malware infections. Installing the program, running scans and removing any malware infections found are all very straightforward tasks that could be performed by non-expert users. The program achieved a creditable score in our malware removal test, and we consider the DNS Settings feature to be very useful, as it helps to prevent changes to the DNS configuration by malware. We feel that SpyHunter could be a valuable addition to any computer user’s security arsenal, if used in addition to a full antivirus program with real-time protection.
    [Show full text]
  • Automated Malware Analysis Report For
    ID: 330706 Sample Name: RFQ0270004296- PR0720001831-Grasp Trading Pvt. Ltd.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 14:51:31 Date: 15/12/2020 Version: 31.0.0 Red Diamond Table of Contents Table of Contents 2 Analysis Report RFQ0270004296-PR0720001831-Grasp Trading Pvt. Ltd.doc 4 Overview 4 General Information 4 Detection 4 Signatures 4 Classification 4 Startup 4 Malware Configuration 4 Yara Overview 4 Sigma Overview 4 Signature Overview 4 AV Detection: 5 Mitre Att&ck Matrix 5 Behavior Graph 5 Screenshots 6 Thumbnails 6 Antivirus, Machine Learning and Genetic Malware Detection 7 Initial Sample 7 Dropped Files 7 Unpacked PE Files 7 Domains 7 URLs 7 Domains and IPs 9 Contacted Domains 9 URLs from Memory and Binaries 9 Contacted IPs 12 General Information 12 Simulations 13 Behavior and APIs 13 Joe Sandbox View / Context 13 IPs 14 Domains 14 ASN 14 JA3 Fingerprints 14 Dropped Files 14 Created / dropped Files 14 Static File Info 16 General 16 File Icon 17 Static RTF Info 17 Objects 17 Network Behavior 17 UDP Packets 17 Code Manipulations 18 Statistics 18 System Behavior 18 Analysis Process: WINWORD.EXE PID: 896 Parent PID: 792 18 General 18 File Activities 18 File Created 18 File Deleted 19 Registry Activities 19 Key Created 19 Key Value Created 19 Copyright null 2020 Page 2 of 23 Key Value Modified 21 Disassembly 23 Copyright null 2020 Page 3 of 23 Analysis Report RFQ0270004296-PR0720001831-Grasp …Trading Pvt. Ltd.doc Overview General Information Detection Signatures Classification Sample RFQ0270004296- Name: PR0720001831-Grasp Muullltttiii AAVV SSccaannnneerrr ddeettteecctttiiioonn fffoorrr ssuubbm… Trading Pvt.
    [Show full text]
  • GRASP Patterns
    GRASP Patterns David Duncan November 16, 2012 Introduction • GRASP (General Responsibility Assignment Software Patterns) is an acronym created by Craig Larman to encompass nine object‐oriented design principles related to creating responsibilities for classes • These principles can also be viewed as design patterns and offer benefits similar to the classic “Gang of Four” patterns • GRASP is an attempt to document what expert designers probably know intuitively • All nine GRASP patterns will be presented and briefly discussed What is GRASP? • GRASP = General Responsibility Assignment Software Patterns (or Principles) • A collection of general objected‐oriented design patterns related to assigning defining objects • Originally described as a collection by Craig Larman in Applying UML and Patterns: An Introduction to Object‐Oriented Analysis and Design, 1st edition, in 1997. Context (1 of 2) • The third edition of Applying UML and Patterns is the most current edition, published in 2005, and is by far the source most drawn upon for this material • Larman assumes the development of some type of analysis artifacts prior to the use of GRASP – Of particular note, a domain model is used • A domain model describes the subject domain without describing the software implementation • It may look similar to a UML class diagram, but there is a major difference between domain objects and software objects Context (2 of 2) • Otherwise, assumptions are broad: primarily, the practitioner is using some type of sensible and iterative process – Larman chooses
    [Show full text]