Usable Privacy and Security and Mobile Social Services - PowerPoint PPT Presentation

About This Presentation
Title:

Usable Privacy and Security and Mobile Social Services

Description:

MySpace Mobile. Mobile Social Computing. IMBuddy ... Help people with events when mobile. Find nearby social events. Notify friends of social events ... – PowerPoint PPT presentation

Number of Views:127
Avg rating:3.0/5.0
Slides: 32
Provided by: jason203
Learn more at: http://www.cs.cmu.edu
Category:

less

Transcript and Presenter's Notes

Title: Usable Privacy and Security and Mobile Social Services


1
Usable Privacy and Security andMobile Social
Services
  • Jason Hong
  • jasonh_at_cs.cmu.edu

2
My Two Areas of Interest
  • Usable Privacy and Security
  • Give end-users security controls they can
    understand and privacy they can control for the
    dynamic, pervasive computing environments of the
    future. - CRA
  • Anti-phishing
  • Mobile Social Computing
  • Using sensing, wireless networking, and mobile
    devices to facilitate awareness, communication,
    and coordination
  • Mobile phones

3
Everyday Privacy and Security Problem
4
This entire process known as phishing
5
Phishing is a Plague on the Internet
  • Estimated 3.5 million people have fallen for
    phishing
  • Estimated 350m-2b direct losses a year
  • 9255 unique phishing sites reported in June 2006
  • Easier (and safer) to phish than rob a bank

6
Project Supporting Trust Decisions
  • Goal help people make better online trust
    decisions
  • Currently focusing on anti-phishing
  • Large multi-disciplinary team project at CMU
  • Six faculty, five PhD students, undergrads, staff
  • Computer science, human-computer interaction,
    public policy, social and decision sciences, CERT

7
Our Multi-Pronged Approach
  • Human side
  • Interviews to understand decision-making
  • PhishGuru embedded training
  • Anti-Phishing Phil game
  • Understanding effectiveness of browser warnings
  • Computer side
  • PILFER email anti-phishing filter
  • CANTINA web anti-phishing algorithm

8
Usable Privacy and SecuritySupporting Trust
Decisions
9
Results of Evaluation
  • Have to fall for phishing email to be effective?
  • How well do people retain knowledge after a week?

Correctness
10
Results of Evaluation
  • Have to fall for phishing email to be effective?
  • How well do people retain knowledge after a week?

Correctness
11
Anti-Phishing Phil
12
(No Transcript)
13
(No Transcript)
14
(No Transcript)
15
(No Transcript)
16
(No Transcript)
17
(No Transcript)
18
(No Transcript)
19
PILFER Email Anti-Phishing Filter
  • Example heuristics combined in SVM
  • IP addresses in link (http//128.23.34.45/blah)
  • Age of linked-to domains (younger domains likely
    phishing)
  • Number of domain names in links
  • Number of dots in URLs
  • SpamAssassin rating

20
Robust Hyperlinks
  • Developed by Phelps and Wilensky to solve 404
    not found problem
  • Key idea was to add a lexical signature to URLs
    that could be fed to a search engine if URL
    failed
  • Ex. http//abc.com/page.html?sigword1word2...
    word5
  • How to generate signature?
  • Found that TF-IDF was fairly effective
  • Informal evaluation found five words was
    sufficient for most web pages

21
Adapting TF-IDF for Anti-Phishing
  • Can same basic approach be used for
    anti-phishing?
  • Scammers often directly copy web pages
  • With Google search engine, fake should have low
    page rank

Fake
Real
22
Evaluating CANTINA
23
My Two Areas of Interest
  • Usable Privacy and Security
  • Give end-users security controls they can
    understand and privacy they can control for the
    dynamic, pervasive computing environments of the
    future. - CRA
  • Anti-phishing
  • Mobile Social Computing
  • Using sensing, wireless networking, and mobile
    devices to facilitate awareness, communication,
    and coordination
  • Mobile phones

24
Mobile Social Computing
  • New ways for people to organize and coordinate
    with one another
  • Smart Mobs
  • Gawker Stalker

25
(No Transcript)
26
Mobile Social Computing
  • New ways for people to organize and coordinate
    with one another
  • Smart Mobs
  • Gawker Stalker
  • MySpace Mobile

27
Mobile Social ComputingIMBuddy
  • Facilitate coordination and communication by
    letting people request contextual information via
    IM
  • Interruptibility (via SUBTLE toolkit)
  • Location (via Place Lab WiFi positioning)
  • Active window
  • Balance privacy with utility
  • Few privacy concerns
  • Safe defaults
  • Often wanted to share more
  • Currently developingFacebook widget

28
Mobile Social ComputinginTouch
  • System to facilitate awareness andcommunication
    for small groups
  • Dual-career families
  • Real-time info about people
  • Faster messaging using contextual information
  • Location, calendar, traffic, etc

29
Mobile Social ComputingWhisper Social Event
Service
  • Help people with events when mobile
  • Find nearby social events
  • Notify friends of social events
  • Organize friends to go to events

30
Research Style
  • Observe understand how people actually use tech
  • Design and implement systems
  • Evaluate systems with users
  • Iterate

31
  • Jason Hong jasonh_at_cs.cmu.edu
  • Newell Simon Hall 2504D

http//www.cs.cmu.edu/jasonh/advice.html
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Usable Privacy and Security and Mobile Social Services" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!