COIP—Continuous, Operable, Impartial, and Privacy-Aware Identity Validity Estimation for OSN Profiles

Bahri, Leila; Carminati, Barbara; Ferrari, Elena

doi:10.1145/3014338

Cited by 6 publications

(9 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…if a sender introduces him/herself as a recruiter, the signature should match it). For the company names, we used GlobalTrade website 4 and randomly chose 12 companies and their field of work to use in our grammar. A total of 100 emails were created and we randomly chose two of them for this study.…”

Section: Natural Language Generation and Dadamentioning

confidence: 99%

“…Researchers proposed several methods that can be used to steal information from users of social networks. Identity theft attack [4,9,34] and social engineering attack [35] are two types of these attacks. These attacks are variants of traditional security threats that leverage social networks as a new medium.…”

Section: Attacks On Social Networkmentioning

confidence: 99%

“…https://www.glassdoor.com/index.htm 2 https://www.indeed.com/ 3 http://www.419scam.org/419representative.htm4 https://www.globaltrade.net/global/Sales-and-Distribution/expert-serviceprovider.html…”

mentioning

confidence: 99%

See 2 more Smart Citations

Scam Augmentation and Customization: Identifying Vulnerable Users and Arming Defenders

Baki

Verma

Gnawali

2020

Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

Why do "classical" attacks such as phishing, IRS scams, etc., still succeed? How do attackers increase their chances of success? How do people reason about scams and frauds they face daily? More research is needed on these questions, which is the focus of this paper. We take a well-known attack, viz. company representative fraud, and study several parameters that bear on its effectiveness with a between-subjects study. We also study the effectiveness of a coherent language generation technique in producing phishing emails. We give ample room for the participants to demonstrate their reasoning and strategies. Unfortunately, our experiment indicates that participants are inadequately prepared for dealing with even the company representative fraud. Participants also could not differentiate between offers written by human or generated semi-automatically. Moreover, our results show attackers can easily increase their success rate by adding some basic information about the sender, so defenders should focus more on such attacks. We also observed that participants who paid attention to more clues were better in distinguishing legitimate messages from phishing, hence training regimes should check for reasoning strategies, not just who did not click on a link or download an attachment. Thus, insights from our work can help defenders in developing better strategies to evaluate their defenses and also in devising more effective training strategies. CCS CONCEPTS • Security and privacy → Phishing; Usability in security and privacy; • Human-centered computing → User studies.

show abstract

Section: Natural Language Generation and Dadamentioning

confidence: 99%

Section: Attacks On Social Networkmentioning

confidence: 99%

See 1 more Smart Citation

Scam Augmentation and Customization: Identifying Vulnerable Users and Arming Defenders

Baki

Verma

Gnawali

2020

Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

show abstract

“…This has been studied from different perspectives, with both automated and human‐assisted techniques, but the focus has generally been on formulating the sybil defense mechanism as a classification problem of OSN accounts as either honest or sybil (Kansara & Shekokar, ). More recently, another body of works has proposed a new formulation based on the evaluation and validation of OSN accounts, based on how consistent they look with respect to the majority of the profiles in the OSN (Bahri, Carminati, & Ferrari, , ; Soliman, Bahri, Carminati, Ferrari, & Girdzijauskas, ). To provide a high level view of this landscape, with also a summary of pointers to related works in the literature, we provide Figure as a reference starting point for comprehending the existing techniques.…”

Section: Knowledge‐based Defense Mechanismsmentioning

confidence: 99%

“…This is basically due to the fact that people tend to connect and socialize with those who are similar to them, building as such a notion of community-level social identity (Bahri et al, 2014). As an extension to the work of Bahri et al (2014), Bahri et al (2016) presents a privacy preserving version of this proposed identity validation system based on correlated attributes. The privacy issue comes from the fact that raters (i.e., members of the community who evaluate the correlated attributes) have access to parts of the profiles that are being evaluated.…”

Section: Osn Identity Validation Approachmentioning

confidence: 99%

Knowledge‐based approaches for identity management in online social networks

Bahri¹,

Carminati²,

Ferrari³

2018

WIREs Data Min & Knowl

Self Cite

View full text Add to dashboard Cite

When we meet a new person, we start by introducing ourselves. We share our names, and other information about our jobs, cities, family status, and so on. This is how socializing and social interactions can start: we first need to identify each other. Identification is a cornerstone in establishing social contacts. We identify ourselves and others by a set of civil (e.g., name, nationality, ID number, gender) and social (e.g., music taste, hobbies, religion) characteristics. This seamlessly carried out identification process in face‐to‐face interactions is challenged in the virtual realms of socializing, such as in online social network (OSN) platforms. New identities (i.e., online profiles) could be created without being subject to any level of verification, making it easy to create fake information and forge fake identities. This has led to a massive proliferation of accounts that represent fake identities (i.e., not mapping to physically existing entities), and that poison the online socializing environment with fake information and malicious behavior (e.g., child abuse, information stealing). Within this milieu, users in OSNs are left unarmed against the challenging task of identifying the real person behind the screen. OSN providers and research bodies have dedicated considerable effort to the study of the behavior and features of fake OSN identities, trying to find ways to detect them. Some other research initiatives have explored possible techniques to enable identity validation in OSNs. Both kinds of approach rely on extracting knowledge from the OSN, and exploiting it to achieve identification management in their realms. We provide a review of the most prominent works in the literature. We define the problem, provide a taxonomy of related attacks, and discuss the available solutions and approaches for knowledge‐based identity management in OSNs. This article is categorized under: Fundamental Concepts of Data and Knowledge > Human Centricity and User Interaction Application Areas> Internet and Web‐Based Applications Application Areas> Society and Culture

show abstract

Big Data Security and Privacy

Bertino

Ferrari

2017

Studies in Big Data

View full text Add to dashboard Cite

COIP—Continuous, Operable, Impartial, and Privacy-Aware Identity Validity Estimation for OSN Profiles

Cited by 6 publications

References 39 publications

Scam Augmentation and Customization: Identifying Vulnerable Users and Arming Defenders

Scam Augmentation and Customization: Identifying Vulnerable Users and Arming Defenders

Knowledge‐based approaches for identity management in online social networks

Big Data Security and Privacy

Contact Info

Product

Resources

About