Reciprocity attacks

Zhu, Feng; Carpenter, Sandra; Kulkarni, Ajinkya; Kolimi, Swapna

doi:10.1145/2078827.2078839

Cited by 8 publications

(2 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Because reciprocity largely depends on user interactions with the system, it naturally focuses on usability, and has different tradeoff with security for different context models. Therefore, any reciprocity schemes must be designed, implemented, and validated judiciously to defend against reciprocity attacks [70].…”

Section: Trustworthiness Requirementsmentioning

confidence: 99%

Usable Security for ML Systems in Mental Health: A Framework

Jiang¹,

Senge²

2020

Preprint

View full text Add to dashboard Cite

While the applications and demands of Machine learning (ML) systems in mental health are growing, there is little discussion nor consensus regarding a uniquely challenging aspect: building security methods and requirements into these ML systems, and keep the ML system usable for end-users. This question of usable security is very important, because the lack of consideration in either security or usability would hinder large-scale user adoption and active usage of ML systems in mental health applications.In this short paper, we introduce a framework of four pillars, and a set of desired properties which can be used to systematically guide and evaluate security-related designs, implementations, and deployments of ML systems for mental health. We aim to weave together threads from different domains, incorporate existing views, and propose new principles and requirements, in an effort to lay out a clear framework where criteria and expectations are established, and are used to make security mechanisms usable for endusers of those ML systems in mental health. Together with this framework, we present several concrete scenarios where different usable security cases and profiles in ML-systems in mental health applications are examined and evaluated.

show abstract

Section: Trustworthiness Requirementsmentioning

confidence: 99%

Usable Security for ML Systems in Mental Health: A Framework

Jiang¹,

Senge²

2020

Preprint

View full text Add to dashboard Cite

show abstract

“…Zhu et al [11] study how an attacker manages to influence the human to take the wrong decision and acquire his private information. They simulate a scenario where an attacker plays successfully the norm of reciprocity (mutual messages exchange with the user) with the victims who are shopping online with mobile devices.…”

Section: Related Workmentioning

confidence: 99%

A Conceptual Framework to Study Socio-Technical Security

Ferreira

Huynen

Koenig

et al. 2014

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

Learning Decision Trees from Synthetic Data Models for Human Security Behaviour

Carmichael

Morisset

2018

Software Engineering and Formal Methods

View full text Add to dashboard Cite

In general, in order to predict the impact of human behaviour on the security of an organisation, one can either build a classifier from actual traces observed within the organisation, or build a formal model, integrating known existing behavioural elements. Whereas the former approach can be costly and time-consuming, and it can be complicated to select the best classifier, it can be equally complicated to select the right parameters for a concrete setting in the latter approach. In this paper, we propose a methodical assessment of decision trees to predict the impact of human behaviour on the security of an organisation, by learning them from different sets of traces generated by a formal probabilistic model we designed. We believe this approach can help a security practitioner understand which features to consider before observing real traces from an organisation, and understand the relationship between the complexity of the behaviour model and the accuracy of the decision tree. In particular, we highlight the impact of the norm and messenger effects, which are well-known influencers, and therefore the crucial importance to capture observations made by the agents. We demonstrate this approach with a case study around tailgating. A key result from this work shows that probabilistic behaviour and influences reduce the effectiveness of decision trees and, importantly, they impact a model differently with regards to error rate, precision and recall.

show abstract

Reciprocity attacks

Cited by 8 publications

References 27 publications

Usable Security for ML Systems in Mental Health: A Framework

Usable Security for ML Systems in Mental Health: A Framework

A Conceptual Framework to Study Socio-Technical Security

Learning Decision Trees from Synthetic Data Models for Human Security Behaviour

Contact Info

Product

Resources

About