Protect User Privacy Research Articles

Improving mobile security: A study on android malware detection using LOF

Abstract The ubiquity of smartphones in our daily lives has made them attractive targets for malicious actors seeking to compromise user data and device functionality. Android malware detection has become imperative to protect user privacy and device integrity. This paper presents a focused study on leveraging the Local Outlier Factor (LOF) method for Android malware detection using the DREBIN dataset. Our research addresses the need for accurate and efficient Android malware detection. We explore the LOF method, an anomaly-based detection technique, to assess its effectiveness in distinguishing malicious applications from benign ones within the Android ecosystem. Rigorous experiments using the extensive DREBIN dataset reveal LOF's superiority in accuracy, precision, recall, and False Positive Rate (FPR). We introduce additional metrics like Area Under the Curve (AUC), Matthews Correlation Coefficient (MCC), and True Negative Rate (TNR) to comprehensively evaluate LOF. Our findings highlight LOF's ability to balance false positives and false negatives, making it an ideal choice for Android malware detection. We emphasize the importance of representative datasets, such as DREBIN, for validation. In conclusion, this research positions LOF as a reliable tool for Android malware detection, offering robust protection against emerging threats. As mobile technology evolves, our study encourages further exploration of advanced techniques and real-world deployment scenarios.

DDPG-AdaptConfig: A deep reinforcement learning framework for adaptive device selection and training configuration in heterogeneity federated learning

Federated Learning (FL) is a distributed machine learning approach that protects user privacy by collaboratively training shared models across devices without sharing their raw personal data. Despite its advantages, FL faces issues of increased convergence time and decreased accuracy due to the heterogeneity of data and systems across devices. Existing methods for solving these issues using reinforcement learning often ignore the adaptive configuration of local training hyperparameters to suit varying data characteristics and system resources. Moreover, they frequently overlook the heterogeneous information contained within local model parameters. To address these problems, we propose the DDPG-AdaptConfig framework based on Deep Deterministic Policy Gradient (DDPG) for adaptive device selection and local training hyperparameters configuration in FL to speed up convergence and ensure high model accuracy. Additionally, we develop a new actor network that integrates the transformer mechanism to extract heterogeneous information from model parameters, which assists in device selection and hyperparameters configuration. Furthermore, we introduce a clustering-based aggregation strategy to accommodate heterogeneity and prevent performance declines. Experimental results show that our DDPG-AdaptConfig achieves significant improvements over existing baselines.

Online and offline delivery qualities: O2O satisfaction and loyalty through technology acceptance model

This study presents an in-depth examination of customer satisfaction dynamics within the rapidly growing O2O food delivery (OFD) sector. Recognizing the exponential market growth and the gradual rise in consumer complaints, we seek to address the gaps in current academic research that tends to overlook the distinction between online and offline service experiences, as well as the psychological foundations of technology adoption. We propose a series of hypotheses grounded in a comprehensive theoretical framework that distinguishes between online and offline dimensions of consumer satisfaction and explores their interrelation by incorporating the technology acceptance model (TAM). We posit that, regarding online satisfaction, the quality of food information, the quality delivery tracking service, and user privacy protection functions from OFD applications hold positive significance for online customer satisfaction. Additionally, considering offline satisfaction, we assert that delivery quality and environment of the delivery service (i.e., delivery scape) contribute positively to offline customer satisfaction. We adopt trust transfer theory to hypothesize a positive relationship between online and offline satisfaction to comprehend a continuous flow in how consumer satisfaction develops. The paper also examines the pathway by which online satisfaction influences consumer loyalty through TAM. By investigating the dynamics regarding these relationships, this study contributes to offering valuable insights that could enhance OFD users’ satisfaction and their loyalty.

Large-scale agile security practices in software engineering

Purpose Security in large-scale agile is a crucial aspect that should be carefully addressed to ensure the protection of sensitive data, systems and user privacy. This study aims to identify and characterize the security practices that can be applied in managing large-scale agile projects. Design/methodology/approach A qualitative study is carried out through 18 interviews with 6 software development companies based in Portugal. Professionals who play the roles of Product Owner, Scrum Master and Scrum Member were interviewed. A thematic analysis was applied to identify deductive and inductive security practices. Findings The findings identified a total of 15 security practices, of which 8 are deductive themes and 7 are inductive. Most common security practices in large-scale agile include penetration testing, sensitive data management, automated testing, threat modeling and the implementation of a DevSecOps approach. Originality/value The results of this study extend the knowledge about large-scale security practices and offer relevant practical contributions for organizations that are migrating to large-scale agile environments. By incorporating security practices at every stage of the agile development lifecycle and fostering a security-conscious culture, organizations can effectively address security challenges in large-scale agile environments.

Examining the Integrity of Apple’s Privacy Labels: GDPR Compliance and Unnecessary Data Collection in iOS Apps

This study investigates the effectiveness of Apple’s privacy labels, introduced in iOS 14, in promoting transparency around app data collection practices with respect to the GDPR. Specifically, we address two key research questions: (1) What special categories of personal data, as regulated by the GDPR, are collected and used by apps, and for which purposes? (2) What disparities exist between app-stated permissions and the apparent unnecessary data gathering across various categories in the iOS App Store? By analyzing a comprehensive dataset of 541,662 iOS apps, we identify common practices related to prevalent use of sensitive and special categories of personal data, revealing widespread instances of unnecessary data collection, misuse, and potential GDPR violations. Furthermore, our analysis uncovers significant inconsistencies between the permissions stated by apps and the actual data they gather, highlighting a critical gap in user privacy protection within the iOS ecosystem. These findings underscore the need for stricter regulatory oversight of app stores and the necessity of effective privacy notices to build accountability and trust and ensure transparency. This study offers actionable insights for regulators, app developers, and users towards creating secure and transparent digital ecosystems.

Enhancing Privacy on Online Social Networs: A comparative study of encryption techniques

The ability to connect with people all over the world and share private information has made online social networks (OSNs) indispensable to contemporary communication. Because of the serious privacy and security concerns that come with their fast growth, protecting user data is of the utmost importance. In order to improve OSN privacy, this study examines several encryption techniques. It discusses symmetric encryption (ECC and RSA) and synthetic encryption (AES) as well as hybrid methods that combine the two types of encryption. Using examples from well-known sites such as LinkedIn, Facebook, and Twitter, the research assesses the efficacy and practicality of various strategies. Key management, performance implications, and user experience maintenance are some of the challenges that are addressed while adopting comprehensive encryption. To further improve privacy protection in OSNs, the paper delves into upcoming developments in encryption technology, such as decentralized encryption approaches and algorithms that are resistant to quantum computing. In order to better understand how to improve OSN security, this article will provide a thorough examination of encryption's function in protecting user privacy.

VADER-RF: a novel scheme for protecting user privacy on android devices

VADER-RF: a novel scheme for protecting user privacy on android devices

Privacy protection of communication networks using fully homomorphic encryption based on network slicing and attributes

At present, social networks have become an indispensable medium in people's daily life and work. However, concerns about personal privacy leakage and identity information theft have also emerged. Therefore, a communication network system based on network slicing is constructed to strengthen the protection of communication network privacy. The chameleon hash algorithm is used to optimize attribute-based encryption and enhance the privacy protection of communication networks. On the basis of optimizing the combination of attribute encryption and homomorphic encryption,, a communication network privacy protection method using homomorphic encryption for network slicing and attribute is designed. The results show that the designed network energy consumption is low, the average energy consumption calculation is reduced by 8.69%, and the average energy consumption calculation is reduced by 14.3%. During data transmission, the throughput of the designed network can reach about 700 Mbps at each stage, which has a high efficiency.. The above results demonstrate that the designed communication network provides effective privacy protection. Encrypted data can be decrypted and tracked in the event of any security incident. This is to protect user privacy and provide strong technical support for communication network security.

Ethical perspectives on metaverse technologies for libraries

Purpose This paper aims to explore the ethical perspectives surrounding adopting metaverse technologies in libraries. It focuses on critical areas such as privacy, security, intellectual property, accessibility and equity, providing insights into the challenges and opportunities these technologies present for library services. Design/methodology/approach This study uses a theoretical analysis of existing literature and ethical frameworks related to digital privacy, intellectual property and digital inclusion. Drawing on prominent theories and guidelines, this paper examines how libraries can navigate the ethical implications of integrating metaverse technologies into their services. Findings Integrating metaverse technologies into libraries presents significant ethical challenges, including protecting user privacy and security, managing intellectual property rights and ensuring equitable access and inclusion. Libraries must develop comprehensive ethical guidelines, invest in robust data protection measures and advocate for digital inclusion to address these challenges effectively. Originality/value This paper comprehensively analyzes the ethical implications of metaverse technologies in libraries, highlighting the need for tailored ethical guidelines and practices. It contributes to the ongoing discourse on digital ethics in library services and offers a framework for libraries to responsibly navigate the complexities of virtual environments.

Research on the Privacy Paradox Behavior in WeChat Moments Based on Grounded Theory

As an important content sharing platform in social life, WeChat Moments has gradually shown a cold phenomenon, reflecting the characteristics of users privacy paradox behavior in posting Moments. In this context, there is a gap between users attitudes toward privacy on social media and their actual behaviors. This study collected data on the privacy paradox behavior of 20 users through semi-structured interviews and used NVivo12 software based on the three-level coding framework of grounded theory to discuss the factors influencing privacy paradox behavior in WeChat Moments users and to construct a model of influencing factors for privacy paradox behavior. The study found that social factors, user factors, platform factors, and situational factors all have a significant impact on the privacy paradox behavior of Moments users. The platform still needs to optimize user privacy protection functions and enhance users awareness of personal information protection.

Analysis of Wireless Security and Networks using COPRAS Method

The wireless networks have become integral to our daily lives, powering everything from smart phones to smart home devices. However, alongside their benefits, wireless networks also bring forth significant security challenges. Wireless networks, unlike traditional wired networks, transmit data over the airwaves, making them susceptible to various forms of unauthorized access and data breaches. Ensuring the security of these networks is crucial to safeguard sensitive information, protect user privacy, and prevent cyber-attacks. The significance of research in wireless security and networks lies in the critical role that wireless technologies play in our interconnected world. As wireless networks become increasingly prevalent in various sectors, including communication, commerce, healthcare, transportation, and more, ensuring their security becomes paramount. Research in wireless security and networks contributes to the advancement of secure and reliable wireless technologies, protecting users' privacy, data, and overall well-being in an increasingly connected world. The COPRAS-G method requires identifying selection criteria, evaluating information related to these criteria, and developing methods to evaluate Meeting the participant's needs Criteria for doing in order to assess the overall performance of the surrogate. Decision analysis involves a Decision Maker (DM) Situation to do consider a particular set of alternatives and select one among several alternatives, usually with conflicting criteria. For this reason, the developed complexity proportionality assessment (COPRAS) method can be used. A genetic algorithm; Particle Swarm Optimization (PSO), Ant Colony Optimization (ACO), Differential Evolution (DE). Detection Accuracy, Resource Efficiency; Implementation Complexity; Time-to-Deployment. From the result Differential Evolution (DE) is got the first rank whereas is Ant Colony Optimization (ACO) is having the lowest rank

User Privacy Protection via Windows Registry Hooking and Runtime Encryption.

The Windows registry contains a plethora of information in a hierarchical database. It includes system-wide settings, user preferences, installed programs, and recently accessed files and maintains timestamps that can be used to construct a detailed timeline of user activities. However, these data are unencrypted and thus vulnerable to exploitation by malicious actors who gain access to this repository. To address this security and privacy concern, we propose a novel approach that efficiently encrypts and decrypts sensitive registry data in real time. Our developed proof-of-concept program intercepts interactions between the registry's application programming interfaces (APIs) and other Windows applications using an advanced hooking technique. This enables the proposed system to be transparent to users without requiring any changes to the operating system or installed software. Our approach also implements the data protection API (DPAPI) developed by Microsoft to securely manage each user's encryption key. Ultimately, our research provides an enhanced security and privacy framework for the Windows registry, effectively fortifying the registry against security and privacy threats while maintaining its accessibility to legitimate users and applications.

CRSFL: Cluster-based Resource-aware Split Federated Learning for Continuous Authentication

In the ever-changing world of technology, continuous authentication and comprehensive access management are essential during user interactions with a device. Split Learning (SL) and Federated Learning (FL) have recently emerged as promising technologies for training a decentralized Machine Learning (ML) model. With the increasing use of smartphones and Internet of Things (IoT) devices, these distributed technologies enable users with limited resources to complete neural network model training with server assistance and collaboratively combine knowledge between different nodes. In this study, we propose combining these technologies to address the continuous authentication challenge while protecting user privacy and limiting device resource usage. However, the model’s training is slowed due to SL sequential training and resource differences between IoT devices with different specifications. Therefore, we use a cluster-based approach to group devices with similar capabilities to mitigate the impact of slow devices while filtering out the devices incapable of training the model. In addition, we address the efficiency and robustness of training ML models by using SL and FL techniques to train the clients simultaneously while analyzing the overhead burden of the process. Following clustering, we select the best set of clients to participate in training through a Genetic Algorithm (GA) optimized on a carefully designed list of objectives. The performance of our proposed framework is compared to baseline methods, and the advantages are demonstrated using a real-life UMDAA-02-FD face detection dataset. The results show that CRSFL, our proposed approach, maintains high accuracy and reduces the overhead burden in continuous authentication scenarios while preserving user privacy.

Cybersecurity in Onion Routing Environments: Strategies to Thwart Cyber Threats

Onion routing networks, or darknets, enable anonymous communication, protecting user privacy and attracting cybercriminals. This paper analyzes cybercrime in these networks, including drug trafficking, fraud, and hacking. The challenges seen in the detection and mitigation of these crimes arising as the result of strong anonymity and explore countermeasures such as law enforcement, technological solutions, and policy interventions have been discussed, as also highlighting of the limitations of current measures and proposals for future research, with emphasis on the need for interdisciplinary approaches combining technical, legal, and social perspectives.

Current Trends on Advancement in Smart Textile Device Engineering

AbstractSmart textiles represent a revolutionary approach to wearable technology with applications ranging from healthcare to energy harvesting. This review paper explores the importance of textile technologies and highlights their potential to revolutionize consumer electronics. Conventional technologies are sometimes heavy, and lack comfort and flexibility, but smart textiles seamlessly integrate into everyday clothing, improving wearability and user experience. The article emphasizes the need for sustainable sourcing and environmentally friendly production methods, as well as responsible manufacturing and disposal practices. Manufacturing techniques such as wet spinning, melt spinning, electrostatic spinning, weaving, knitting, and printing are detailed and shed light on their role in incorporating electronics into textiles. Several applications of textile‐based devices are being explored, including biochemical sensing, temperature monitoring, energy harvesting, energy storage, and smart displays. Each application demonstrates the versatility and potential of smart textiles in different areas. Despite optimistic progress, challenges remain, from improving energy efficiency to protecting user privacy and data security. The review analyzes these problems and suggests future improvements, including interdisciplinary collaboration to find new solutions. Finally, an overview of the current state of smart textiles provides the future of this technology. It serves as an in‐depth reference for academics and readers interested in understanding recent advances and discoveries in textile technologies, highlighting the importance of this rapidly growing industry.

PP-LEM: Efficient and Privacy-Preserving Clearance Mechanism for Local Energy Markets

In this paper, we propose a novel Privacy-Preserving clearance mechanism for Local Energy Markets (PP-LEM), designed for computational efficiency and social welfare. PP-LEM incorporates a novel competitive game-theoretical clearance mechanism, modelled as a Stackelberg Game. Based on this mechanism, a privacy-preserving market model is developed using a partially homomorphic cryptosystem, allowing buyers’ reaction function calculations to be executed over encrypted data without exposing sensitive information of both buyers and sellers. The comprehensive performance evaluation demonstrates that PP-LEM is highly effective in delivering an incentive clearance mechanism with computational efficiency, enabling it to clear the market for 200 users within the order of seconds while concurrently protecting user privacy. Compared to the state of the art, PP-LEM achieves improved computational efficiency without compromising social welfare while still providing user privacy protection.

New Media User Privacy Protection Mechanism Based on Differential Privacy and Data Anonymization

With the rapid development of new media, user privacy issues have become increasingly important. New media platforms, such as TikTok, Twitter, and WhatsApp, process vast amounts of user data daily, including personal information, behavioral data, and social relationships. The extensive collection and use of this data present numerous privacy protection challenges. Many users are not fully aware of how their data is collected and used when using new media platforms, lacking informed consent regarding data collection. Consequently, relying on users to take proactive privacy measures to prevent the disclosure of critical information is difficult to achieve. To address this issue, this paper proposes a privacy protection mechanism that combines differential privacy and data anonymization. The mechanism protects query results through differential privacy techniques and hides user identity information using data anonymization techniques, thereby ensuring user privacy during data analysis and processing. This paper conducts necessary experimental analysis on the proposed method, and the results demonstrate its usability and effectiveness.

Computation Offloading with Privacy-Preserving in Multi-Access Edge Computing: A Multi-Agent Deep Reinforcement Learning Approach

The rapid development of mobile communication technologies and Internet of Things (IoT) devices has introduced new challenges for multi-access edge computing (MEC). A key issue is how to efficiently manage MEC resources and determine the optimal offloading strategy between edge servers and user devices, while also protecting user privacy and thereby improving the Quality of Service (QoS). To address this issue, this paper investigates a privacy-preserving computation offloading scheme, designed to maximize QoS by comprehensively considering privacy protection, delay, energy consumption, and the task discard rate of user devices. We first formalize the privacy issue by introducing the concept of privacy entropy. Then, based on quantified indicators, a multi-objective optimization problem is established. To find an optimal solution to this problem, this paper proposes a computation offloading algorithm based on the Twin delayed deep deterministic policy gradient (TD3-SN-PER), which integrates clipped double-Q learning, prioritized experience replay, and state normalization techniques. Finally, the proposed method is evaluated through simulation analysis. The experimental results demonstrate that our approach can effectively balance multiple performance metrics to achieve optimal QoS.

Application of energy combined thermal comfort in intelligent building management in complex environments

The efficient operation of heating ventilation and air conditioning systems relies on advanced control strategies. However, current control methods are often limited by issues such as uncertain system parameter information and spatial coupling constraints related to the supply rate of the air supply fan. To this end, an energy joint thermal comfort management method for complex environments in multiple regions is proposed. The long-term total cost minimization of the system is established, and then the Lyapunov optimization technology is used to design the distributed control algorithm. Simulation validation shows that the proposed method reduces the energy cost by an average of 11.24% compared to other methods with a thermal discomfort cost coefficient of 0. The average temperature deviation in the area is improved by 0.15 °C and 0.68 °C, respectively. The method saves more than 10% of the total energy cost under different thermal perturbations with an average total temperature deviation of 0.04 °C. The results indicate that the proposed energy joint thermal comfort management method can flexibly balance energy costs and user thermal comfort without knowing any prior information of system parameters, which can also greatly protect user privacy information. This method has application value in the control of heating ventilation and air conditioning systems in complex environments such as commercial buildings.

Privacy-preserving method for sensitive partitions of electricity consumption data based on hybrid differential privacy and k-anonymity

Abstract With the development of smart grid, traditional privacy protection methods are no longer sufficient to cope with the mining and analysing of users’ electricity consumption data, which can easily lead to the leakage of users’ privacy. In this paper, for the challenge of privacy protection of user electricity data in smart grid, we propose a privacy protection method for sensitive partition of electricity data based on hybrid differential privacy and k-anonymity technique, which identifies pattern-specific quasi-identifiers by random forest technique and divides the data into privacy-invasive and non-privacy-invasive partitions, and adopts the Laplacian noise addition (numerical quasi-identifiers) and data generalisation (sub-types of quasi-identifiers) techniques to achieve differential privacy protection for different partitions. Finally, it is experimentally verified that the method performs better in terms of information reduction accuracy and execution time, effectively striking a balance between protecting user privacy and maintaining data utility.