One of the most extensively utilized mechanisms for person authentication is a system built using biometric‐based authentication. However, many applications use biometric authentication devices that do not support any device authentication mechanisms. As a result, a counterfeit scanning device may be substituted for the genuine one. Non‐authentic biometric authentication devices may perform some additive / subtractive or malicious functions. This paper proposes a technique for establishing trust in biometric authentication devices. The device authentication procedure is essential to build trust in biometric authentication devices such that non‐genuine biometric authentication devices are not used, which may compromise the loss of authentication factor and its replay when the genuine user is not getting authenticated. The protocol uses strong cryptographic mechanisms to authenticate the biometric authentication device with the application server and includes mechanisms for protection against the tampering of biometric templates and to prevent replay attacks. We also perform a formal verification using BAN logic to demonstrate that the proposed protocol meets the defined objectives. The proposed protocol can be used with any biometric authentication device to achieve the same objectives.
{"title":"A protocol to establish trust on biometric authentication devices","authors":"U. Kiran, R. Moona, S. Biswas","doi":"10.1002/spy2.305","DOIUrl":"https://doi.org/10.1002/spy2.305","url":null,"abstract":"One of the most extensively utilized mechanisms for person authentication is a system built using biometric‐based authentication. However, many applications use biometric authentication devices that do not support any device authentication mechanisms. As a result, a counterfeit scanning device may be substituted for the genuine one. Non‐authentic biometric authentication devices may perform some additive / subtractive or malicious functions. This paper proposes a technique for establishing trust in biometric authentication devices. The device authentication procedure is essential to build trust in biometric authentication devices such that non‐genuine biometric authentication devices are not used, which may compromise the loss of authentication factor and its replay when the genuine user is not getting authenticated. The protocol uses strong cryptographic mechanisms to authenticate the biometric authentication device with the application server and includes mechanisms for protection against the tampering of biometric templates and to prevent replay attacks. We also perform a formal verification using BAN logic to demonstrate that the proposed protocol meets the defined objectives. The proposed protocol can be used with any biometric authentication device to achieve the same objectives.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-03-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45228255","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Issue Information","authors":"","doi":"10.1111/phpr.12889","DOIUrl":"https://doi.org/10.1111/phpr.12889","url":null,"abstract":"","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45624728","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Issue Information","authors":"","doi":"10.1002/spy2.242","DOIUrl":"https://doi.org/10.1002/spy2.242","url":null,"abstract":"","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47603588","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Unsub Zia, M. McCartney, B. Scotney, Jorge Martínez, Ali Sajjad
The strength of cryptographic keys rely on the random number generators (RNGs) to produce random seed values. Unfortunately there are not many RNGs options suitable for Internet of Things (IoTs) scenario, due to limited processing resources and bulk quantity of IoT data that needs to be secured. In this article, we studied sawtooth map which is a chaotic map. However, when implemented on a computer, the sawtooth map results on a non‐chaotic orbit due to the finite precision of computation. This can be avoided if we use the sawtooth map as the local map in a coupled map lattice (CML) system. We explore such coupled map systems for randomness through entropy and statistical analysis. Based on the results, we propose a lightweight hybrid pseudo random number generator (PRNG) based on sawtooth based CML system and SPONGENT hashing. The proposed PRNG is thoroughly tested against statistical attacks, entropy analysis, key space analysis and compared with existing state of the art solutions. The results provide evidence that the proposed PRNG produces random numbers that could produce sufficiently strong cryptographic keys for resource constrained IoT devices.
{"title":"A resource efficient pseudo random number generator based on sawtooth maps for Internet of Things","authors":"Unsub Zia, M. McCartney, B. Scotney, Jorge Martínez, Ali Sajjad","doi":"10.1002/spy2.304","DOIUrl":"https://doi.org/10.1002/spy2.304","url":null,"abstract":"The strength of cryptographic keys rely on the random number generators (RNGs) to produce random seed values. Unfortunately there are not many RNGs options suitable for Internet of Things (IoTs) scenario, due to limited processing resources and bulk quantity of IoT data that needs to be secured. In this article, we studied sawtooth map which is a chaotic map. However, when implemented on a computer, the sawtooth map results on a non‐chaotic orbit due to the finite precision of computation. This can be avoided if we use the sawtooth map as the local map in a coupled map lattice (CML) system. We explore such coupled map systems for randomness through entropy and statistical analysis. Based on the results, we propose a lightweight hybrid pseudo random number generator (PRNG) based on sawtooth based CML system and SPONGENT hashing. The proposed PRNG is thoroughly tested against statistical attacks, entropy analysis, key space analysis and compared with existing state of the art solutions. The results provide evidence that the proposed PRNG produces random numbers that could produce sufficiently strong cryptographic keys for resource constrained IoT devices.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-02-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41910894","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The replication of biological systems by mechanical and electronic devices is referred to as bionics. The bionics industry has grown along four primary application areas, in addition to hearing, vision, orthopedics, and a small, dispersed group of implants that enhance cardiac and neurological functions. The SARS‐CoV‐2 virus is the infectious disease known as coronavirus disease (COVID‐19). The virus‐infected people require assistance to better understand the situation caused by COVID‐19 and to bring some easy, efficient, and effective solutions. One of the solutions mentioned for the early stages involves wearable sensors with temperature sensors for early Covid‐19 identification and photos delivered to an AI‐enabled smartphone, robotic sensor, or robot itself. In severe situations, lung X‐ray images are captured by robotic and remote sensors, and the lungs are given the right medication to finish off the virus. The paper presents the study on the overview, applications of artificial intelligence, and deep learning from the bionics point of view. Deep learning and machine learning will be used for reducing the Covid‐19 outbreak. Wearable sensors provide important data by having temperature‐embedded sensors in several physical devices that reveal details about the environment and body that are connected. Covid‐19 probability prediction is aided by smartphones with artificial intelligence and machine learning capabilities. Case history, doctor notes, chest X‐ray reports, details on the sites of breakouts, and other criteria can help forecast the severity of Covid‐19 when it is in its severe phases and direct the administration of medication to a specific area of the lungs.
{"title":"Study on early accurate diagnosis and treatment of COVID‐19 with smart phone tracking using bionics","authors":"Shweta Gupta, Adesh Kumar","doi":"10.1002/spy2.303","DOIUrl":"https://doi.org/10.1002/spy2.303","url":null,"abstract":"The replication of biological systems by mechanical and electronic devices is referred to as bionics. The bionics industry has grown along four primary application areas, in addition to hearing, vision, orthopedics, and a small, dispersed group of implants that enhance cardiac and neurological functions. The SARS‐CoV‐2 virus is the infectious disease known as coronavirus disease (COVID‐19). The virus‐infected people require assistance to better understand the situation caused by COVID‐19 and to bring some easy, efficient, and effective solutions. One of the solutions mentioned for the early stages involves wearable sensors with temperature sensors for early Covid‐19 identification and photos delivered to an AI‐enabled smartphone, robotic sensor, or robot itself. In severe situations, lung X‐ray images are captured by robotic and remote sensors, and the lungs are given the right medication to finish off the virus. The paper presents the study on the overview, applications of artificial intelligence, and deep learning from the bionics point of view. Deep learning and machine learning will be used for reducing the Covid‐19 outbreak. Wearable sensors provide important data by having temperature‐embedded sensors in several physical devices that reveal details about the environment and body that are connected. Covid‐19 probability prediction is aided by smartphones with artificial intelligence and machine learning capabilities. Case history, doctor notes, chest X‐ray reports, details on the sites of breakouts, and other criteria can help forecast the severity of Covid‐19 when it is in its severe phases and direct the administration of medication to a specific area of the lungs.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-02-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49317062","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Clickjacking is a fast‐growing threat for users online. Here, an attacker program shows a user‐interface (UI) which is entirely out of context, by concealing a very sensitive UI element and rendering it in such a way that it is not visible (transparent) to the end user. The user is then tricked into clicking on the hidden element. By exploiting cameras and publishing unwanted messages, these attacks have the potential to do significant harm. Many websites still lack server‐side minimum security (eg, X‐Frame‐Options header, Content‐Security‐Policy Header, etc) and are hence susceptible to clickjacking. Additionally, client‐side defense methods fare poorly and are ineffective against advanced clickjacking attack types. This paper focuses on dealing with the detection of a possibility of a website being clickjacked. It also predicts the Level of Security of a website against a clickjacking attack and the possible security countermeasures that could be taken to avoid a clickjacking attack on the website. Testing this approach on various websites has proved effective in detecting whether or not a website is vulnerable to clickjacking.
{"title":"Detecting and predicting countermeasures against clickjacking","authors":"Aryaman Nenavath, Srinivas Naik, Satyanarayana Vollala, Ruhul Amin","doi":"10.1002/spy2.302","DOIUrl":"https://doi.org/10.1002/spy2.302","url":null,"abstract":"Clickjacking is a fast‐growing threat for users online. Here, an attacker program shows a user‐interface (UI) which is entirely out of context, by concealing a very sensitive UI element and rendering it in such a way that it is not visible (transparent) to the end user. The user is then tricked into clicking on the hidden element. By exploiting cameras and publishing unwanted messages, these attacks have the potential to do significant harm. Many websites still lack server‐side minimum security (eg, X‐Frame‐Options header, Content‐Security‐Policy Header, etc) and are hence susceptible to clickjacking. Additionally, client‐side defense methods fare poorly and are ineffective against advanced clickjacking attack types. This paper focuses on dealing with the detection of a possibility of a website being clickjacked. It also predicts the Level of Security of a website against a clickjacking attack and the possible security countermeasures that could be taken to avoid a clickjacking attack on the website. Testing this approach on various websites has proved effective in detecting whether or not a website is vulnerable to clickjacking.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50980586","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In the healthcare sector, medical records contain sensitive information about patients, so guaranteeing the confidentiality and integrity of it is essential. To improve the security of it, blockchain technology is being utilized. The blockchain is a type of distributed ledger and it keeps data securely while also generating trust without the need of third party. It has data storage constraint and Merkle tree preserves data integrity but it is inefficient when searching transactions within it. Hence this paper describes InterPlanetary File System (IPFS) based storage and modified bloom tree data structure which is a hybridization of bloom filter and Merkle tree for efficient searching. To protect data privacy, initially it encrypts medical records using ciphertext policy‐attribute based encryption and then the data stored on IPFS returns a hash value. To diminish the false positive rate (FPR), the hash returned by IPFS is stored in two parts of the bloom filter. The first part stores the data by using “k” non‐cryptographic hash function and second part stores the transformed data with the same hash function. The bloom tree is created using Merkle proof for verification of medical record in blockchain. The experiments show that the proposed method reduces the FPR rate and searching complexity is O(log2).
{"title":"Design of efficient storage and retrieval of medical records in blockchain based on InterPlanetary File System and modified bloom tree","authors":"S. Sathiya Devi, Arumugam Bhuvaneswari","doi":"10.1002/spy2.301","DOIUrl":"https://doi.org/10.1002/spy2.301","url":null,"abstract":"In the healthcare sector, medical records contain sensitive information about patients, so guaranteeing the confidentiality and integrity of it is essential. To improve the security of it, blockchain technology is being utilized. The blockchain is a type of distributed ledger and it keeps data securely while also generating trust without the need of third party. It has data storage constraint and Merkle tree preserves data integrity but it is inefficient when searching transactions within it. Hence this paper describes InterPlanetary File System (IPFS) based storage and modified bloom tree data structure which is a hybridization of bloom filter and Merkle tree for efficient searching. To protect data privacy, initially it encrypts medical records using ciphertext policy‐attribute based encryption and then the data stored on IPFS returns a hash value. To diminish the false positive rate (FPR), the hash returned by IPFS is stored in two parts of the bloom filter. The first part stores the data by using “k” non‐cryptographic hash function and second part stores the transformed data with the same hash function. The bloom tree is created using Merkle proof for verification of medical record in blockchain. The experiments show that the proposed method reduces the FPR rate and searching complexity is O(log2).","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48859696","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the expansion of internet of things (IoT), the IP‐based network architecture has been difficult to support the development of IoT. Content‐centric mobile networking (CCMN) models are based on naming the content to get rid of address‐space scarcity, caching the content at intermediate nodes to provide efficient data delivery, which can solve the development bottleneck of IoT. The in‐network caching is a key factor to enable practical deployments of CCMN. And it is also subject to serious security threats of cache pollution attacks (CPA), which can tamper the distribution of content and reduce the advantages of built‐in cache. In addition, the identity and trust mechanism of mobile devices are also important factors hindering the deployment of CCMN. However, existing caching security mechanisms cannot be applied directly, because the features of the built‐in cache, including ubiquity, mobility, and heterogeneity, bring new challenges on designing the caching security mechanism against CPA. In this article, we propose a lightweight CPA detection and defense approach for CCMN. We first model the attack and defense process of CPA as a dynamic game, which can optimize the performance of the attack detection. Then, we adopt popularity analysis to detect CPA, and accurately estimate the current network and attack state by a logical regression algorithm. Our design can also intelligently maintain the identity and trust mechanism. Finally, we design a punishment mechanism to deal with the attackers. Extensive simulations demonstrate that our approach can detect CPA efficiently, mitigate the impact of CPA effectively. Our game model can reduce the impact of locality‐disruption attack and false‐locality attack by 60% and 30%, respectively, compared with the state‐of‐the‐art methods. When the game reaches Nash equilibrium, our model can reduce the impact of CPA on cache hit ratio by 55% on average.
{"title":"An efficient caching security approach for content‐centric mobile networks in internet of things systems","authors":"Zhuang Du, M. Obaidat, Guowei Wu, K. Hsiao","doi":"10.1002/spy2.294","DOIUrl":"https://doi.org/10.1002/spy2.294","url":null,"abstract":"With the expansion of internet of things (IoT), the IP‐based network architecture has been difficult to support the development of IoT. Content‐centric mobile networking (CCMN) models are based on naming the content to get rid of address‐space scarcity, caching the content at intermediate nodes to provide efficient data delivery, which can solve the development bottleneck of IoT. The in‐network caching is a key factor to enable practical deployments of CCMN. And it is also subject to serious security threats of cache pollution attacks (CPA), which can tamper the distribution of content and reduce the advantages of built‐in cache. In addition, the identity and trust mechanism of mobile devices are also important factors hindering the deployment of CCMN. However, existing caching security mechanisms cannot be applied directly, because the features of the built‐in cache, including ubiquity, mobility, and heterogeneity, bring new challenges on designing the caching security mechanism against CPA. In this article, we propose a lightweight CPA detection and defense approach for CCMN. We first model the attack and defense process of CPA as a dynamic game, which can optimize the performance of the attack detection. Then, we adopt popularity analysis to detect CPA, and accurately estimate the current network and attack state by a logical regression algorithm. Our design can also intelligently maintain the identity and trust mechanism. Finally, we design a punishment mechanism to deal with the attackers. Extensive simulations demonstrate that our approach can detect CPA efficiently, mitigate the impact of CPA effectively. Our game model can reduce the impact of locality‐disruption attack and false‐locality attack by 60% and 30%, respectively, compared with the state‐of‐the‐art methods. When the game reaches Nash equilibrium, our model can reduce the impact of CPA on cache hit ratio by 55% on average.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44179277","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ibifubara Iganibo, Massimiliano Albanese, M. Mosko, Eric Bier, Alejandro E. Brito
For more than a decade, the notion of attack surface has been used to define the set of vulnerable assets that an adversary may exploit to penetrate a system, and various metrics have been developed to quantify the extent of a system's attack surface. However, most approaches to tackle this problem have failed to consider the complex interdependencies that exist between the many components of a distributed system, its vulnerabilities, and its configuration parameters. In our work, building upon previous research on vulnerability metrics and on graphical models to capture such interdependencies, we propose a novel approach to evaluate the potential risk associated with exposed vulnerabilities by studying how the effect of each vulnerability exploit propagates through chains of dependencies. Our analysis goes beyond the scope of traditional attack surface metrics, and considers the depth and implications of potential attacks, leading to the definition of a new family of metrics, which we refer to as attack volume metrics. We present experimental results illustrating how the proposed metric scales for graphs of realistic sizes, and illustrate its application to real‐world testbeds.
{"title":"An attack volume metric","authors":"Ibifubara Iganibo, Massimiliano Albanese, M. Mosko, Eric Bier, Alejandro E. Brito","doi":"10.1002/spy2.298","DOIUrl":"https://doi.org/10.1002/spy2.298","url":null,"abstract":"For more than a decade, the notion of attack surface has been used to define the set of vulnerable assets that an adversary may exploit to penetrate a system, and various metrics have been developed to quantify the extent of a system's attack surface. However, most approaches to tackle this problem have failed to consider the complex interdependencies that exist between the many components of a distributed system, its vulnerabilities, and its configuration parameters. In our work, building upon previous research on vulnerability metrics and on graphical models to capture such interdependencies, we propose a novel approach to evaluate the potential risk associated with exposed vulnerabilities by studying how the effect of each vulnerability exploit propagates through chains of dependencies. Our analysis goes beyond the scope of traditional attack surface metrics, and considers the depth and implications of potential attacks, leading to the definition of a new family of metrics, which we refer to as attack volume metrics. We present experimental results illustrating how the proposed metric scales for graphs of realistic sizes, and illustrate its application to real‐world testbeds.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42561957","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The Onion Router (Tor) is a sophisticated web browser accompanied by an encrypted network that enables online anonymity, protecting people's privacy. Adopted by many as a counter‐surveillance mitigation around the world, legitimate users of Tor include the military, journalists, whistle‐blowers, and citizens from authoritarian regimes. This article shows that the data protection offered by Tor is consistently associated to criminal and anti‐social uses by the media. This research looks at the British press representation of Tor conducting a thematic analysis of articles published by six newspapers between 2008 and 2017. This analysis connects the press coverage to three theoretical approaches: moral panics, technological ambivalence, and liberation technology. This research demonstrates through three case studies that the media reproduces theoretical discussions about new technologies on Tor's portrayal, presenting cases with only positive, only negatives and both positive and negative uses. However, examples of optimistic views of Tor are rare, and the press coverage focuses mainly on the criminal uses, especially crypto markets and child pornography. Overall, the British press ignores a culture of surveillance and spreads a discourse of fear through a recurrent connection of Tor to horrifying uses, undermining any potential positive outcomes.
{"title":"An onion with layers of hope and fear: A cross‐case analysis of the media representation of Tor Network reflecting theoretical perspectives of new technologies","authors":"Thaís Sardá","doi":"10.1002/spy2.296","DOIUrl":"https://doi.org/10.1002/spy2.296","url":null,"abstract":"The Onion Router (Tor) is a sophisticated web browser accompanied by an encrypted network that enables online anonymity, protecting people's privacy. Adopted by many as a counter‐surveillance mitigation around the world, legitimate users of Tor include the military, journalists, whistle‐blowers, and citizens from authoritarian regimes. This article shows that the data protection offered by Tor is consistently associated to criminal and anti‐social uses by the media. This research looks at the British press representation of Tor conducting a thematic analysis of articles published by six newspapers between 2008 and 2017. This analysis connects the press coverage to three theoretical approaches: moral panics, technological ambivalence, and liberation technology. This research demonstrates through three case studies that the media reproduces theoretical discussions about new technologies on Tor's portrayal, presenting cases with only positive, only negatives and both positive and negative uses. However, examples of optimistic views of Tor are rare, and the press coverage focuses mainly on the criminal uses, especially crypto markets and child pornography. Overall, the British press ignores a culture of surveillance and spreads a discourse of fear through a recurrent connection of Tor to horrifying uses, undermining any potential positive outcomes.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-01-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41639276","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: