Usable Privacy and Security and Mobile Social Services Jason Hong

Slides:



Advertisements
Similar presentations
Lightspeed Filtering Mark Shrimpton Schools Broadband Team EiS.
Advertisements

Protecting children online  How can you protect your child online?  Are you aware of the dangers?  Do you know what you can put in place to protect.
Kevin Workman CSC /04/12. Week 7 and 8 Internet regulation is basically restricting access to certain information. Examples of Internet regulation.
1 CANTINA : A Content-Based Approach to Detecting Phishing Web Sites WWW Yue Zhang, Jason Hong, and Lorrie Cranor.
PHAD- A Phishing Avoidance and Detection Tool Using Invisible Digital Watermarking By Sonali Batra Web 2.0 Security and Privacy 2014.
What is the Internet? Internet: The Internet, in simplest terms, is the large group of millions of computers around the world that are all connected to.
Assignment: Improving search rank – search engine optimization Read the following post carefully.
CANTINA: A Content-Based Approach to Detecting Phishing Web Sites Yue Zhang University of Pittsburgh Jason I. Hong, Lorrie F. Cranor Carnegie Mellon University.
User Interfaces and Algorithms for Fighting Phishing Jason I. Hong Carnegie Mellon University.
Jason Hong, PhD Carnegie Mellon University Wombat Security Technologies Teaching Johnny Not to Fall for Phish.
User Interfaces and Algorithms for Fighting Phishing Jason I. Hong Carnegie Mellon University.
Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems The Internet, the Web, and Electronic Commerce Chapter 2.
Privacy and Security in the Location-enhanced World Wide Web UC Berkeley Intel / UW UW Intel UC Berkeley Jason Hong Gaetano Boriello James Landay David.
Usable Privacy and Security: Protecting People from Online Phishing Scams Alessandro Acquisti Lorrie Cranor Julie Downs Jason Hong Norman Sadeh Carnegie.
User Interfaces and Algorithms for Fighting Phishing Jason I. Hong Carnegie Mellon University.
Usable Privacy and Security: Trust, Phishing, and Pervasive Computing Jason I. Hong Carnegie Mellon University.
User Interfaces and Algorithms for Fighting Phishing Jason I. Hong Carnegie Mellon University.
User- Controllable Privacy and Security for Pervasive Computing Jason I. Hong Carnegie Mellon University.
Usable Privacy and Security: Trust, Phishing, and Pervasive Computing Jason I. Hong Carnegie Mellon University.
Four Two Rants on Mobile Computing Jason I. Hong Feb Carnegie Mellon University Intel Ultra-Mobile Devices Workshop.
Usable Privacy and Security Jason I. Hong Carnegie Mellon University.
Norman SecureSurf Protect your users when surfing the Internet.
Tang Hall Primary School E - Safety Support for parents.
Digital Literacy. Productivity Programs Digital Literacy Courses and Topics Computer Basics Security and Privacy Internet and Web Basics Digital Lifestyle.
Web 2.0: Concepts and Applications 2 Publishing Online.
Human-Computer Interaction Breakout Clare-Marie Karat, Charles Wiecha Wanda Dunn, Jason Hong, Bonnie John, Bob Kraut, Brad Myers, Norman Sadeh.
Protecting your Family From the dark places on the Internet Going beyond the standard PC Filter, and dealing with the multiple devices that access the.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
Mobile and Location-Based Services Jason I. Hong May
STAY SAFE ONLINE. STAY SAFE ONLINE! PLEASE MAKE SURE YOU LOGIN AT THE CORRECT BANK URL / ADDRESS 1.NEVER LOGIN VIA LINKS 2.NEVER REVEAL YOUR PIN.
GONE PHISHING ECE 4112 Final Lab Project Group #19 Enid Brown & Linda Larmore.
User Interfaces and Algorithms for Fighting Phishing Jason I. Hong Carnegie Mellon University.
The Future of Information Security Awareness Kelley Archer: Facilitator - Director Information Security, AIMIA Inc. Aaron Cohen: Managing Partner, MAD.
1 ITGS - introduction A computer may have: a direct connection to a net (cable); or remote access (modem). Connect network to other network through: cables.
What is the Internet? Internet: The Internet, in simplest terms, is the large group of millions of computers around the world that are all connected to.
The Internet {By Quinn Franklin 10BB}. What is the Internet? O The internet is an international network that links computers worldwide to eachother. O.
Staying Safe Online Aberdeen Grammar School. Things to do online Keep in touch with friends and family using , twitter and social networking sites.
What is the Internet? Internet: The Internet, in simplest terms, is the large group of millions of computers around the world that are all connected to.
PUBLISHING ONLINE Chapter 2. Overview Blogs and wikis are two Web 2.0 tools that allow users to publish content online Blogs function as online journals.
 Facebook  Twitter  MySpace  Windows LiveSpace.
Digital Landscape Summary GhanaKenyaNigeria Population: million43.8 million million Internet Users: 4.14 (16.34 % penetration)21.2 million.
11 CANTINA: A Content- Based Approach to Detecting Phishing Web Sites Reporter: Gia-Nan Gao Advisor: Chin-Laung Lei 2010/6/7.
Web Categorization Crawler Mohammed Agabaria Adam Shobash Supervisor: Victor Kulikov Winter 2009/10 Design & Architecture Dec
Introduction To Internet
CS 235: User Interface Design October 15 Class Meeting Department of Computer Science San Jose State University Fall 2014 Instructor: Ron Mak
Anti-Phishing Approaches Lifeng Hu
Chapter 8 Browsing and Searching the Web. Browsing and Searching the Web FAQs: – What’s a Web page? – What’s a URL? – How does a browser work? – How do.
E-Safety E-safety relates to the education of using new technology responsibly and safely focusing on raising awareness of the core messages of safe content,
Prof. Jason Hong, Carnegie Mellon University Rapid End-User Programming and Visualization for the Web IDA Session CS Study Panel 24 April 2008.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
CSC 104 December 13,2012. Internet Regulation: States that it is about restricting or controlling certain pieces of information. This consisting of censorship.
By Gianluca Stringhini, Christopher Kruegel and Giovanni Vigna Presented By Awrad Mohammed Ali 1.
Mobile and Location-Based Services Jason I. Hong Product Design and Usability April
Human-Computer Interaction at CMU Jodi Forlizzi Jason Hong.
3.4 Internet Strand 3 Sara Liquori. 3.4 Internet  A global computer network providing a variety of information and communication facilities, consisting.
C MU U sable P rivacy and S ecurity Laboratory Protecting People from Phishing: The Design and Evaluation of an Embedded Training.
Frontline Enterprise Security
Online Safety Parent Workshop Windsor Community Primary School December 10 th 2015.
Activity 4 Protecting Ourselves. Keeping Safe There are lots of different ways we can be at risk on the Internet. How can we protect ourselves and keep.
DIGITAL ADVERTISING Standard 4. THE ROLE OF DIGITAL ADVERTISING IS TO INCREASE SALES OR IMPROVE BRAND AWARENESS.
By Jessica Parkinson. Mobile phones have allowed our generation to connect with others all over the world. However, the potential threats are numerous,
Family Connection Collaborative Webs A Tool for Creating and Managing Web sites.
HART RESEARCH ASSOTESCIA Key findings from telephone survey of parents of children who access the Internet, conducted for Who Needs Parental Controls?
Component 4: Introduction to Information and Computer Science Unit 7: Networks & Networking Lecture 1 This material was developed by Oregon Health & Science.
and Internet Explorer.  The transmission of messages and files via a computer network  Messages can consist of simple text or can contain attachments,
Raising Digitally Literate Citizens Curbar Primary School March 2016.
IS1500: Introduction to Web Development
CANTINA: A Content-Based Approach to Detecting Phishing Web Sites
Teaching you NOT to fall for Phish
COMPUTER NETWORKS AND THE INTERNET Chapter 6
Presentation transcript:

Usable Privacy and Security and Mobile Social Services Jason Hong

My Two Areas of Interest Usable Privacy and Security –“Give end-users security controls they can understand and privacy they can control for the dynamic, pervasive computing environments of the future.” - CRA –Anti-phishing Mobile Social Computing –Using sensing, wireless networking, and mobile devices to facilitate awareness, communication, and coordination –Mobile phones

Everyday Privacy and Security Problem

This entire process known as phishing

Phishing is a Plague on the Internet Estimated 3.5 million people have fallen for phishing Estimated $350m-$2b direct losses a year 9255 unique phishing sites reported in June 2006 Easier (and safer) to phish than rob a bank

Project: Supporting Trust Decisions Goal: help people make better online trust decisions –Currently focusing on anti-phishing Large multi-disciplinary team project at CMU –Six faculty, five PhD students, undergrads, staff –Computer science, human-computer interaction, public policy, social and decision sciences, CERT

Our Multi-Pronged Approach Human side –Interviews to understand decision-making –PhishGuru embedded training –Anti-Phishing Phil game –Understanding effectiveness of browser warnings Computer side –PILFER anti-phishing filter –CANTINA web anti-phishing algorithm

Usable Privacy and Security Supporting Trust Decisions

Results of Evaluation Have to fall for phishing to be effective? How well do people retain knowledge after a week? Correctness

Results of Evaluation Have to fall for phishing to be effective? How well do people retain knowledge after a week? Correctness

Anti-Phishing Phil

PILFER Anti-Phishing Filter Example heuristics combined in SVM –IP addresses in link ( –Age of linked-to domains (younger domains likely phishing) –Number of domain names in links –Number of dots in URLs –SpamAssassin rating

Robust Hyperlinks Developed by Phelps and Wilensky to solve “404 not found” problem Key idea was to add a lexical signature to URLs that could be fed to a search engine if URL failed –Ex. How to generate signature? –Found that TF-IDF was fairly effective Informal evaluation found five words was sufficient for most web pages

Adapting TF-IDF for Anti-Phishing Can same basic approach be used for anti-phishing? –Scammers often directly copy web pages –With Google search engine, fake should have low page rank FakeReal

Evaluating CANTINA

My Two Areas of Interest Usable Privacy and Security –“Give end-users security controls they can understand and privacy they can control for the dynamic, pervasive computing environments of the future.” - CRA –Anti-phishing Mobile Social Computing –Using sensing, wireless networking, and mobile devices to facilitate awareness, communication, and coordination –Mobile phones

Mobile Social Computing New ways for people to organize and coordinate with one another –Smart Mobs –Gawker Stalker

Mobile Social Computing New ways for people to organize and coordinate with one another –Smart Mobs –Gawker Stalker –MySpace Mobile

Mobile Social Computing IMBuddy Facilitate coordination and communication by letting people request contextual information via IM –Interruptibility (via SUBTLE toolkit) –Location (via Place Lab WiFi positioning) –Active window Balance privacy with utility Few privacy concerns –Safe defaults –Often wanted to share more Currently developing Facebook widget

Mobile Social Computing inTouch System to facilitate awareness and communication for small groups –Dual-career families Real-time info about people Faster messaging using contextual information –Location, calendar, traffic, etc

Mobile Social Computing Whisper Social Event Service Help people with events when mobile –Find nearby social events –Notify friends of social events –Organize friends to go to events

Research Style Observe & understand how people actually use tech Design and implement systems Evaluate systems with users Iterate

Jason Hong Newell Simon Hall 2504D

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.