Preventing Privacy-Invasive Software using Online Reputations
Blekinge Institute of Technology, School of Engineering, Department of Systems and Software Engineering2008 (English)Conference paper (Refereed) Published
Privacy-invasive software, loosely labeled spyware, is an increasingly common problem for today’s computer users, one to which there is no absolute cure. Most of the privacy-invasive software are positioned in a legal gray zone, as the user accepts the malicious behaviour when agreeing to the End User License Agreement. This paper proposes the use of a specialized reputation system to gather and share information regarding software behaviour between community users. A client application helps guide the user at the point of executing software on the local computer, displaying other users’ feedback about the expected behaviour of the software. We discuss important aspects to consider when constructing such a system, and propose possible solutions. Based on the observations made, we implemented a client/server based proof-of-concept tool, which allowed us to demonstrate how such a system would work. We also compare this solution to other, more conventional, protection methods such as anti-virus and anti-spyware software.
Place, publisher, year, edition, pages
Vienna: Springer Verlag , 2008.
Information security, malware prevention, reputation systems
IdentifiersURN: urn:nbn:se:bth-8663Local ID: oai:bth.se:forskinfo6F6C856FEED43FE1C12573CA003BEFD6ISBN: 978-3-540-75247-9OAI: oai:DiVA.org:bth-8663DiVA: diva2:836411
VLDB Workshop on Secure Data Management (SDM'07)