ABSTRACT
As the number of MS Teams, Zoom, and Google Meet users increases with online education, so do the privacy and security vulnerabilities. This study aims to investigate the privacy, security, and usability aspects of few tools that are frequently used for educational purposes by Bangladeshi universities. Consumer security, privacy, and usability are also concerns when it comes to online-based software. This study assesses the most commonly used tools that are used for online education based on three important factors: privacy, security, and usability. Assessment factors concerning the privacy, security, and usability aspects are initially identified. Afterwards, each of the applications was assessed and ranked by comparing their characteristics, functionalities, and terms and conditions (T&C) in contradiction of those factors. In addition, for the purpose of additional validation, a survey was carried out with 57 university students who were enrolled at one of several private universities in Bangladesh. Microsoft Teams, Zoom, and Google Meet have been ranked based on an evaluation of their security, privacy, and usability features, which was accomplished through the use of a knowledge base and a user survey. © 2022 IEEE.
ABSTRACT
Covert communication channels are a concept in which a policy-breaking method is used in order to covertly transmit data from inside an organization to an external or accessible point. VoIP and Video systems are exposed to such attacks on different layers, such as the underlying real-time transport protocol (RTP) which uses Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) packet streams to punch a hole through Network address translation (NAT). This paper presents different innovative attack methods utilizing covert communication and RTP channels to spread malware or to create a data leak channel between different organizations. The demonstrated attacks are based on a UDP punch hole created using Skype peer-to-peer video conferencing communication. The different attack methods were successfully able to transmit a small text file in an undetectable manner by observing the communication channel, and without causing interruption to the audio/video channels or creating a noticeable disturbance to the quality. While these attacks are hard to detect by the eye, we show that applying classical Machine Learning algorithms to detect these covert channels on statistical features sampled from the communication channel is effective for one type of attack.
ABSTRACT
In recent years, natural disasters have been raging around the world, among which COVID-19, a public health pandemic, is still spreading all over the world. Emergency material distribution (EMD) in rescue work is facing serious challenges in the term of coordination, efficiency, traceability, identification, credibility, and security, privacy, and transparency. To address the issues, this paper develops a framework based on blockchain technology so that the operation information of EMD can be safely and promptly transmitted to the blockchain system. The scheme could achieve to query, track and record the operation status of emergency material collection, vehicle scheduling, inventory management, relief material allocation and others in real time. By using this framework, a case study on medical rescue materials distribution for COVID-19 is provided to illustrate how blockchain technology and Internet of Things (IoT) technology can be effective. The research provides insights on using the disruptive blockchain technology to effectively coordinate the deployment of emergency supplies, vehicles and personnel, and improve the transparency and credibility of rescue work to minimize the losses caused by disasters. © 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
ABSTRACT
Many religious communities are going online to save costs and reach a large audience to spread their religious beliefs. Since the COVID-19 pandemic, such online transitions have accelerated, primarily to maintain the existence and continuity of religious communities. However, online religious services (e.g., websites and mobile apps) open the door to privacy and security issues that result from tracking and leakage of personal/sensitive information. While web privacy in popular sites (e.g., commercial and social media sites) is widely studied, privacy and security issues of religious online services have not been systematically studied. In this paper, we perform privacy and security measurements in religious websites and Android apps: 62,373 unique websites and 1454 Android apps, pertaining to major religions (e.g., Christianity, Buddhism, Islam, Hinduism). We identified the use of commercial trackers on religious websites—e.g., 32% of religious websites and 78% of religious Android apps host Google trackers. Session replay services (FullStory, Yandex, Inspectlet, Lucky Orange) on 198 religious sites sent sensitive information to third parties. Religious sites (14) and apps (7) sent sensitive information in clear text. Besides privacy issues, we also identify sites with potential security issues: 19 religious sites were vulnerable to various security issues;and 69 religious websites and 29 Android apps were flagged by VirusTotal as malicious. We hope our findings will raise awareness of privacy and security issues in online religious services. © 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
ABSTRACT
Internet Service Provider (ISP) has been a critical aspect during the COVID-19 pandemic especially in developing countries such as Indonesia. The purpose of this study was to determine factors affecting customer loyalty to ISP in Indonesia during the COVID-19 pandemic by utilizing a structural equation modeling (SEM) approach. There were 252 respondents who voluntarily answered an online questionnaire which consisted of 49 questions that covered several factors such as Customer Service Performance (CSP), Internet Quality (IQ), Router Quality (RQ), Payment Method (PM), Internet Package (IP), Security & Privacy (SP), Promotion (P), COVID-19 impact (CV), Customer Satisfaction (CS), and Customer Loyalty (CL). SEM showed that IQ was found to have the highest effect on CS which subsequently led to CL, followed by SP, CSP, RQ, and PM. This study is one of the first studies that explored customer loyalty to Internet Service Providers during the COVID-19 pandemic. The SEM construct can be applied and extended to enhance customer satisfaction on ISP particularly in developing countries. © 2022 IEEE.
ABSTRACT
Undoubtedly COVID-19 is one of the most disruptive pandemics in recent history, adversely affecting individuals, societies, and economies through severe limitations imposed on activities involving gatherings and travel. Among many tools envisioned in battling such pandemics are immunity passports allowing vaccinated or immune individuals to bypass the restrictive measures. However, this proposal also raises many security, privacy, and ethical issues. Due to the sensitive medical records, companies and recreation centres do not have direct access to the COIVD vaccine database;on the other hand, the vaccine results are easily forgeable. One solution is public access to the vaccination database, which is not acceptable for privacy reasons. Our solution securely combines the vaccination results with the user's biometric authentication result to generate a binary result, such that 0 means this person either not authenticated or not vaccinated, and 1 means this person is vaccinated and authenticated so he/she may use an intended service. Our scheme is based on Secure MultiParty Computations (MPC) and preserves both the privacy of the biometric query and the database. At the same time, it also prevents the inquiring service provider from learning about the vaccination result. © 2021 IEEE.
ABSTRACT
The ongoing Covid-19 pandemic has made it challenging for large scale data collection, in particular for Convolutional Neural Network (CNN)-based computer vision systems. Additionally, there are numerous circumstances where security, privacy, and limitations pertaining to the accessibility of the required equipment make it arduous to validate computer vision systems with real-world datasets. In this paper, we investigated the possibilities of using synthetic datasets, generated from Virtual Environments (VE) for training and validation of CNN models. We present two use cases where the above-mentioned circumstances play a vital role in preparing the datasets and validating the model with large-scale datasets. By developing and leveraging a three-dimensional Digital Twin (DT), we produce large scale datasets for validating social distancing in workspaces;and in the context of semi-autonomous vehicles, we evaluate how a CNN-based object detection model would perform in an Indian road scenario. © 2021 ACM.