#PrettyFlyForAWiFi

Drones are becoming increasingly popular for hobbyists and recreational use. But with this surge in popularity comes increased risk to privacy as the technology makes it easy to spy on people in otherwise-private environments, such as an individual’s home. An attacker can fly a drone over fences and walls to observe the inside of a house, without having physical access. Existing drone detection systems require specialist hardware and expensive deployment efforts, making them inaccessible to the general public. In this work, we present a drone detection system that requires minimal prior configuration and uses inexpensive commercial off-the-shelf hardware to detect drones that are carrying out privacy invasion attacks. We use a model of the attack structure to derive statistical metrics for movement and proximity that are then applied to received communications between a drone and its controller. We test our system in real-world experiments with two popular consumer drone models mounting privacy invasion attacks using a range of flight patterns. We are able both to detect the presence of a drone and to identify which phase of the privacy attack was in progress while being resistant to false positives from other mobile transmitters. For line-of-sight approaches using our kurtosis-based method, we are able to detect all drones at a distance of 6 m, with the majority of approaches detected at 25 m or farther from the target window without suffering false positives for stationary or mobile non-drone transmitters.

(p+, α, t)-Anonymity Technique Against Privacy Attacks

Privacy preservation is a major concern in current technology where enormous amounts of data are being collected and published for carrying out analysis. These data may contain sensitive information related to individual who owns them. If the data is published in their original form, they may lead to privacy disclosure which threats privacy requirements. Hence, the data should be anonymized before publishing so that it becomes challenging for intruders to obtain sensitive information by means of any privacy attack model. There are popular data anonymization techniques such as k-anonymity, l-diversity, p-sensitive k-anonymity, (l, m, d) anonymity, and t-closeness, which are vulnerable to different privacy attacks discussed in this paper. The proposed technique called (p+, α, t)-anonymity aims to anonymize the data in such a way that even though intruder has sufficient background knowledge on the target individual he will not be able to infer anything and breach private information. The anonymized data also provide sufficient data utility by allowing various data analytics to be performed.

Modelling Memory for Individual Re-identification in Decentralised Mobile Contact Tracing Applications

In 2020 the coronavirus outbreak changed the lives of people worldwide. After an initial time period in which it was unclear how to battle the virus, social distancing has been recognised globally as an effective method to mitigate the disease spread. This called for technological tools such as Mobile Contact Tracing Applications (MCTA), which are used to digitally trace contacts among people, and in case a positive case is found, people with the application installed which had been in contact will be notified. De-centralised MCTA may suffer from a novel kind of privacy attack, based on the memory of the human beings, which upon notification of the application can identify who is the positive individual responsible for the notification. Our results show that it is indeed possible to identify positive people among the group of contacts of a human being, and this is even easier when the sociability of the positive individual is low. In practice, our simulation results show that identification can be made with an accuracy of more than 90% depending on the scenario. We also provide three mitigation strategies which can be implemented in de-centralised MCTA and analyse which of the three are more effective in limiting this novel kind of attack.

Industry 5.0: Ethereum blockchain technology based DApp smart contract

<abstract> <p>The use of advanced technologies has increased drastically to maintain any sensitive records related to education, health, or finance. It helps to protect the data from unauthorized access by attackers. However, all the existing advanced technologies face some issues because of their uncertainties. These technologies have some lapses to provide privacy, attack-free, transparency, reliability, and flexibility. These characteristics are essential while managing any sensitive data like educational certificates or medical certificates. Hence, we designed an Industry 5.0 based blockchain application to manage medical certificates using Remix Ethereum blockchain in this paper. This application also employs a distributed application (DApp) that uses a test RPC-based Ethereum blockchain and user expert system as a knowledge agent. The main strength of this work is the maintenance of existing certificates over a blockchain with the creation of new certificates that use logistic Map encryption cipher on existing medical certificates while uploading into the blockchain. This application helps to quickly analyze the birth, death, and sick rate as per certain features like location and year.</p> </abstract>