Oops! It appears that you have disabled your Javascript. In order for you to see this page as it is meant to appear, we ask that you please re-enable your Javascript!

Author: Tuan Sinung

Paper Review 20: Comprehensive Experimental Analyses of Automotive Attack Surfaces

A. Contribution Problem addressed by the paper Remote attack and mitigation on specific model of modern computerized cars. Solution proposed in the paper. Why is it better than previous work? Exploiting vulnerability in the firmware. Previous works only consider internal attack surface which require physical access to the cars. This paper proves the possibility of remote external surface attack. The major results. After gaining access, attacker can have complete control over the car. B. Basic idea and approach. How does the solution work? At first, we need physical contact with the device to extract the firmware. Then we can reverse-engineer...

Read More

Paper Review 19: Bloom Cookies: Web Search Personalization without User Tracking

A. Contribution Problem addressed by the paper Preserving privacy while maintaining personalization result on web search. Solution proposed in the paper. Why is it better than previous work? Obfuscating user profile using bloom filter and bloom cookies. Previous works consider generalization and noise addition. Generalization usually has disadvantage of personalization loss. Noise addition usually has disadvantage of higher communication cost and needs trusted noise dictionary. The major results. Tested on small dataset (1,300 users) with excellent trade off over previous methods. Personalization Loss Linkable Users Generalization 24 % 44.1 % Noise Addition 1.1 % 20.0 % Bloom Cookies 3.3...

Read More

Paper Review 18: I Do Not Know What You Visited Last Summer: Protecting Users from Third-party Web Tracking with TrackingFree Browser

A. Contribution Problem addressed by the paper Preventing a tracking server from identifying private information of the user while preserving personalization functionality. Solution proposed in the paper. Why is it better than previous work? Previous works either disable setting tracking identifiers or blacklist third party requests to certain servers. However, neither of them can completely block stateful web tracking. This paper proposes TrackingFree, the first anti-tracking browser by mitigating unique identifiers. Instead of disabling those unique identifiers, TrackingFree isolates them into different browser principals so that the identifiers still exist but are not unique among different web sites. The...

Read More

Paper Review 17: SurroundWeb: Mitigating Privacy Concerns in a 3D Web Browser

A. Contribution Problem addressed by the paper Balancing functionality and privacy in a novel 3D browser that can project site’s contents into user’s room. Solution proposed in the paper. Why is it better than previous work? This paper presents SurroundWeb, the first 3D web browser that enables web applications to project web content into a room in a manner that follows the principle of least privilege. Latest previous works research in security focuses solely on restricting application access to sensitive sensor data, while previous HCI research generally focuses on application rendering capabilities without considering their privacy implications. SurroundWeb bridges the...

Read More

Paper Review 16: You Are What You Like Information Leakage Through Users’ Interests

A. Contribution Problem addressed by the paper Proving the possibility of information leakage from Facebook users’ interest. Solution proposed in the paper. Why is it better than previous work? The authors proposed inferring users’ undisclosed (private) attributes using the public attributes of other users sharing similar interests. Most of previous works use the information of friendships or group belongings in order to achieve these goals. By contrast, this paper only relies on users’ interests. This paper provides a new approach based on semantic knowledge in order to demonstrate information leakage through user interests. Moreover, all previous works relied on private datasets...

Read More


Enter your email address to receive notifications of new posts by email.

Join 4 other subscribers


sinunk @ Github

Show my repositories


Pin It on Pinterest