2016 Proceeding- General Chairs:
- Edgar Weippl,
- Stefan Katzenbeisser,
- Program Chair:
- Sabrina De Capitani di Vimercati
- Sponsor:
- sigsac
These proceedings contain the papers selected for presentation at the fifteenth ACM Workshop on Privacy in the Electronic Society (WPES 2016), held in association with the 23rd ACM Computer and Communications Security Conference (CCS 2016), October 24, 2016, in Vienna, Austria.
In response to the call for papers, 72 papers were submitted to the workshop. These papers were evaluated on the basis of their significance, novelty, and technical quality. Each paper was reviewed by at least three members of the Program Committee. The Program Committee meeting was held electronically. Of the submitted papers, the Program Committee accepted 14 full papers (resulting in an acceptance rate of 19.4%) and 6 short papers for presentation at the workshop.
Proceeding Downloads
An Efficient and Robust Social Network De-anonymization Attack
Releasing connection data from social networking services can pose a significant threat to user privacy. In our work, we consider structural social network de-anonymization attacks, which are used when a malicious party uses connections in a public or ...
Control versus Effort in Privacy Warnings for Webforms
Webforms are the primary way of collecting information online. However, some users may wish to limit the amount of personal information they provide and only fill out the minimum required for the transaction. With less than one third of websites marking ...
On Profile Linkability despite Anonymity in Social Media Systems
A number of works have recently shown that the privacy offered by pseudonymous identities on social media systems like Twitter or Reddit is threatened by cross-site identity linking attacks. Such attacks link the identities of the same user across ...
Disguised Chromium Browser: Robust Browser, Flash and Canvas Fingerprinting Protection
Browser fingerprinting is a widely used technique to uniquely identify web users and to track their online behavior. Until now, different tools have been proposed to protect the user against browser fingerprinting. However, these tools have usability ...
Predicting Mobile App Privacy Preferences with Psychographics
Using a multi-country data set of over 600 survey participants, we show that psychographics and various attributes of the mobile app context are predictive of user privacy preferences. In particular, we find that a user's decision-making style is ...
Generating Secret Keys from Biometric Body Impedance Measurements
Growing numbers of ubiquitous electronic devices and services motivate the need for effortless user authentication and identification. While biometrics are a natural means of achieving these goals, their use poses privacy risks, due mainly to the ...
That's the Way the Cookie Crumbles: Evaluating HTTPS Enforcing Mechanisms
Recent incidents have once again brought the topic of encryption to public discourse, while researchers continue to demonstrate attacks that highlight the difficulty of implementing encryption even without the presence of "backdoors". However, apart ...
Detecting Communities under Differential Privacy
Complex networks usually expose community structure with groups of nodes sharing many links with the other nodes in the same group and relatively few with the nodes of the rest. This feature captures valuable information about the organization and even ...
Poisoning the Well: Exploring the Great Firewall's Poisoned DNS Responses
One of the primary filtering methods that the Great Firewall of China (GFW) relies on is poisoning DNS responses for certain domains. When a DNS request is poisoned by the GFW, multiple DNS responses are received - both legitimate and poisoned ...
CPPL: Compact Privacy Policy Language
Recent technology shifts such as cloud computing, the Internet of Things, and big data lead to a significant transfer of sensitive data out of trusted edge networks. To counter resulting privacy concerns, we must ensure that this sensitive data is not ...
Vote to Link: Recovering from Misbehaving Anonymous Users
Service providers are often reluctant to support anonymous access, because this makes it hard to deal with misbehaving users. Anonymous blacklisting and reputation systems can help prevent misbehaving users from causing more damage. However, by the time ...
Scalable Revocation Scheme for Anonymous Credentials Based on n-times Unlinkable Proofs
We propose the first verifier-local revocation scheme for privacy-enhancing attribute-based credentials (PABCs) that is practically usable in large-scale applications, such as national eID cards, public transportation and physical access control ...
Automatic Assessment of Website Compliance to the European Cookie Law with CooLCheck
We study the problem of automatically assessing whether a website meets the requirements of the Cookie Law, in particular to check that when some tracking cookie is installed the user is asked to give consent to its use. We present a methodology based ...
UnlimitID: Privacy-Preserving Federated Identity Management using Algebraic MACs
UnlimitID is a method for enhancing the privacy of commodity OAuth and applications such as OpenID Connect, using anonymous attribute-based credentials based on algebraic Message Authentication Codes (aMACs). OAuth is one of the most widely used ...
(The Futility of) Data Privacy in Content-Centric Networking
Content-centric networking is an architecture designed to transfer named and addressable data from producers to consumers. Data retrieval is driven by a simple request and response protocol. A consumer issues a request for named data that is routed by ...
Elxa: Scalable Privacy-Preserving Plagiarism Detection
One of the most challenging issues facing academic conferences and educational institutions today is plagiarism detection. Typically, these entities wish to ensure that the work products submitted to them have not been plagiarized from another source (...
ABRA CADABRA: Magically Increasing Network Utilization in Tor by Avoiding Bottlenecks
Like many routing protocols, the Tor anonymity network has decentralized path selection, in that clients locally and independently choose paths. As a result, network resources may be left idle, leaving the system in a suboptimal state. This is referred ...
TASP: Towards Anonymity Sets that Persist
Anonymous communication systems are vulnerable to long term passive "intersection attacks". Not all users of an anonymous communication system will be online at the same time, this leaks some information about who is talking to who. A global passive ...
PriFi: A Low-Latency and Tracking-Resistant Protocol for Local-Area Anonymous Communication
- Ludovic Barman,
- Mahdi Zamani,
- Italo Dacosta,
- Joan Feigenbaum,
- Bryan Ford,
- Jean-Pierre Hubaux,
- David Wolinsky
Popular anonymity mechanisms such as Tor provide low communication latency but are vulnerable to traffic analysis attacks that can de-anonymize users. Moreover, known traffic-analysis-resistant techniques such as Dissent are impractical for use in ...
Privacy-Preserving Lawful Contact Chaining: [Preliminary Report]
How can government agencies acquire actionable, useful information about legitimate targets, while preserving the privacy of innocent parties and holding government agencies accountable? Towards understanding this crucial issue, we present the first ...
Index Terms
- Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society