Assessing the cyber-trustworthiness of human-as-a-sensor reports from mobile devices

The Human-as-a-Sensor (HaaS) paradigm, where it is human users rather than automated sensor systems that detect and report events or incidents has gained considerable traction over the last decades, especially as Internet-connected smartphones have helped develop an information sharing culture in society. In the law enforcement and civil protection space, HaaS is typically used to harvest information that enhances situational awareness regarding physical hazards, crimes and evolving emergencies. The trustworthiness of this information is typically studied in relation to the trustworthiness of the human sensors. However, malicious modification, prevention or delay of reports can also be the result of cyber or cyber-physical security breaches affecting the mobile devices and network infrastructure used to deliver HaaS reports. Examples of these can be denial of service attacks, where the timely delivery of reports is important, and location spoofing attacks, where the accuracy of the location of an incident is important. The aim of this paper is to introduce this cyber-trustworthiness aspect in HaaS and propose a mechanism for scoring reports in terms of their cyber-trustworthiness based on features of the mobile device that are monitored in real-time. Our initial results show that this is a promising line of work that can enhance the reliability of HaaS.

[1]  Cam Macdonell Ushahidi: a crisis mapping system , 2015, CSOC.

[2]  Sadie Creese,et al.  Accepting Information with a Pinch of Salt: Handling Untrusted Information Sources , 2011, STM.

[3]  Sanggeun Song,et al.  The Effective Ransomware Prevention Technique Using Process Monitoring on Android Platform , 2016, Mob. Inf. Syst..

[4]  Muhammad Al-Qurishi,et al.  A Credibility Analysis System for Assessing Information on Twitter , 2018, IEEE Transactions on Dependable and Secure Computing.

[5]  David P. Farrington,et al.  Does neighborhood watch reduce crime? A systematic review and meta-analysis , 2007 .

[6]  Jie Yin,et al.  ESA: emergency situation awareness via microbloggers , 2012, CIKM.

[7]  Sibel Adali,et al.  Measuring behavioral trust in social networks , 2010, 2010 IEEE International Conference on Intelligence and Security Informatics.

[8]  Charalampos Z. Patrikakis,et al.  TRILLION: Trusted, Citizen - LEA Collaboration Over Social Networks , 2015, e-Democracy.

[9]  Sadie Creese,et al.  Two sides of the coin: measuring and communicating the trustworthiness of online information , 2014, Journal of Trust Management.

[10]  Jason R. C. Nurse,et al.  Information Quality and Trustworthiness: A Topical State−of−the−Art Review , 2011 .

[11]  Shivakant Mishra,et al.  Location based power analysis to detect malicious code in smartphones , 2011, SPSM '11.

[12]  L. Xue,et al.  Design and implementation of a malware detection system based on network behavior , 2015, Secur. Commun. Networks.

[13]  George Loukas,et al.  You Are Probably Not the Weakest Link: Towards Practical Prediction of Susceptibility to Semantic Social Engineering Attacks , 2016, IEEE Access.

[14]  RYAN HEARTFIELD,et al.  A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks , 2015, ACM Comput. Surv..

[15]  Jie Yin,et al.  Emergency situation awareness from twitter for crisis management , 2012, WWW.

[16]  Yutaka Matsuo,et al.  Earthquake shakes Twitter users: real-time event detection by social sensors , 2010, WWW '10.

[17]  Georgios Loukas,et al.  Protection Against Denial of Service Attacks: A Survey , 2010, Comput. J..

[18]  George Loukas,et al.  Cyber-Physical Attacks: A Growing Invisible Threat , 2015 .

[19]  Yuval Elovici,et al.  “Andromaly”: a behavioral malware detection framework for android devices , 2012, Journal of Intelligent Information Systems.

[20]  Charalampos Z. Patrikakis,et al.  Wear it and share it: Wearables and security , 2017 .

[21]  Wei Shen,et al.  Improving Traffic Prediction with Tweet Semantics , 2013, IJCAI.

[22]  George Loukas,et al.  Evaluating the reliability of users as human sensors of social media security threats , 2016, 2016 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (CyberSA).

[23]  Shivakant Mishra,et al.  Time and Location Power Based Malicious Code Detection Techniques for Smartphones , 2013, 2014 IEEE 13th International Symposium on Network Computing and Applications.

[24]  Chih-Jen Lin,et al.  Asymptotic Behaviors of Support Vector Machines with Gaussian Kernel , 2003, Neural Computation.

[25]  Eric Medvet,et al.  Acquiring and Analyzing App Metrics for Effective Mobile Malware Detection , 2016, IWSPA@CODASPY.