Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Privacy-Invasive Software
Responsible organisation
2010 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

As computers are increasingly more integrated into our daily lives we become more dependent on software. This situation is exploited by villainous actors on the Internet that distribute malicious software in search for fast financial gains on the expense of deceived computer users. As a result, computer users need more accurate and aiding mechanisms to assist them when separating legitimate software from its unwanted counterparts. However, such separations are complicated due to a greyzone of software that exists between legitimate and purely malicious software. The software in this greyzone often vaguely labeled spyware. This work introduce both user-aiding mechanisms and an attempt to clarify the greyzone by introducing the concept of privacy-invasive software (PIS) as a category of software that ignores the users’ right to be left alone. Such software is distributed with a specific intent (often of commercial nature), which negatively affect the users to various degree. PIS is therefore classified with respect to the degree of informed consent and the amount of negative consequences for the users. To mitigate the effects from PIS, two novel mechanisms for safeguarding user consent during software installation are introduced; a collaborative software reputation system; and an automated End User License Agreement (EULA) classification. In the software reputation system, users collaborate by sharing experiences of previously used software programs, allowing new users to rely on the collective experience when installing software. The EULA classification generalizes patterns from a set of both legitimate and questionable software EULAs, so that computer users can automatically classify previously unknown EULAs as belonging to legitimate software or not. Both techniques increase user awareness about software program behavior, which allow users to make more informed decisions concerning software installations, which arguably reduces the threat from PIS. We present experimental results showing the ability of a set of machine learning algorithms ability to perform automated EULA classification. In addition, we also present a prototype implementation of a software reputation system, together with simulation results of the large-scale use of the system.

Place, publisher, year, edition, pages
Karlskrona: Blekinge Institute of Technology , 2010.
Series
Blekinge Institute of Technology Doctoral Dissertation Series, ISSN 1653-2090 ; 2
National Category
Computer Science
Identifiers
URN: urn:nbn:se:bth-00459Local ID: oai:bth.se:forskinfo6CDBBEAAE64FA8C4C12576DA00380637ISBN: 978-91-7295-177-8 (print)OAI: oai:DiVA.org:bth-00459DiVA: diva2:835533
Available from: 2012-09-18 Created: 2010-03-02 Last updated: 2015-06-30Bibliographically approved

Open Access in DiVA

fulltext(3126 kB)1154 downloads
File information
File name FULLTEXT01.pdfFile size 3126 kBChecksum SHA-512
876ac7358501b3ba81ca493dc780c4cc599316e9449c8e803b585191d490329d48d6d8eada43d63a8ef75ee4ee29c67fdc2ce7822254d4c73bc058d390f2c964
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Boldt, Martin
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 1154 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 200 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf