17 matches found
Don't Trust Us: A Privacy-By-Design Android Malware Detection Pipeline
Android malware detection increasingly relies on collecting and processing sensitive user data, including device identifiers, network artifacts, and runtime traces, while privacy is too often treated as a secondary concern. Existing privacy-aware approaches typically enforce privacy after data...
UNSEEN: A Cross-Stack LLM Unlearning Defense against AR-LLM Social Engineering Attacks
Emerging AR-LLM-based Social Engineering attack e.g., SEAR is at the edge of posing great threats to real-world social life. In such AR-LLM-SE attack, the attacker can leverage AR Augmented Reality glass to capture the image and vocal information of the target, using the LLM to identify the targe...
How Microsoft builds privacy and security to work hand-in-hand
The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...
How Microsoft builds privacy and security to work hand-in-hand
The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...
ChamaleoNet: Programmable Passive Probe for Enhanced Visibility on Erroneous Traffic
Traffic visibility remains a key component for management and security operations. Observing unsolicited and erroneous traffic, such as unanswered traffic or errors, is fundamental to detect misconfiguration, temporary failures or attacks. ChamaleoNet transforms any production network into a...
PrivTru: a Privacy-By-Design Data Trustee Minimizing Information Leakage
Data trustees serve as intermediaries that facilitate secure data sharing between independent parties. This paper offers a technical perspective on Data trustees, guided by privacy-by-design principles. We introduce PrivTru, an instantiation of a data trustee that provably achieves optimal privac...
Privacy-Preserving Analytics for Smart Meter (AMI) Data: a Hybrid Approach to Comply with CPUC Privacy Regulations
Advanced Metering Infrastructure AMI data from smart electric and gas meters enables valuable insights for utilities and consumers, but also raises significant privacy concerns. In California, regulatory decisions CPUC D.11-07-056 and D.11-08-045 mandate strict privacy protections for customer...
Privacy Challenges in Image Processing Applications
As image processing systems proliferate, privacy concerns intensify given the sensitive personal information contained in images. This paper examines privacy challenges in image processing and surveys emerging privacy-preserving techniques including differential privacy, secure multiparty...
Securing the Future of IVR: AI-Driven Innovation with Agile Security, Data Regulation, and Ethical AI Integration
The rapid digitalization of communication systems has elevated Interactive Voice Response IVR technologies to become critical interfaces for customer engagement. With Artificial Intelligence AI now driving these platforms, ensuring secure, compliant, and ethically designed development practices i...
Intelligent Detection of Non-Essential IoT Traffic on the Home Gateway
The rapid expansion of Internet of Things IoT devices, particularly in smart home environments, has introduced considerable security and privacy concerns due to their persistent connectivity and interaction with cloud services. Despite advancements in IoT security, effective privacy measures rema...
Why strong security solutions are critical to privacy protection
The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Voice of the Community blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Ann Cavoukian,...
Why strong security solutions are critical to privacy protection
The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Voice of the Community blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Ann Cavoukian,...
Privacy-by-design… not by accident
The concept of privacy-by-design was actually devised almost 30 years ago by Ann Cavoukian, PhD, former Ontario Information and Privacy Commissioner. If youre reading a blog about privacy, chances are good you have at least a passing familiarity with Dr. Cavoukians seminal contribution to the...
Tracking People by their MAC Addresses
Yet another article on the privacy risks of static MAC addresses and always-on Bluetooth connections. This one is about wireless headphones. The good news is that product vendors are fixing this: Several of the headphones which could be tracked over time are for sale in electronics stores, but...
GDPR Is Here: How GDPR Readiness Can Boost Your Business
Most discussions about the EU’s General Data Protection Regulation GDPR have naturally focused on best practices for achieving compliance and avoiding penalties. With GDPR now a reality for all companies that store and process personal data of EU residents, an often overlooked aspect has been the...
Critical Actions to Finalize Your GDPR Compliance Program
Starting May 25, 2018, enforcement begins for the new EU General Data Protection Regulation GDPR and its heightened principles and requirements regarding data privacy, data processing, and data security. The newly revised regulation applies to organizations doing business in the European Union or...
For GDPR Readiness, You Need Visibility into Your IT Assets
The looming deadline for complying with the EU’s General Data Protection Regulation GDPR is shining the spotlight on a foundational InfoSec best practice: A comprehensive IT asset inventory. The reason: GDPR places strict requirements on the way a business handles the personally identifiable...