Detecting Privacy Threats with Machine Learning: A Design Framework for Identifying Side-Channel Risks of Illegitimate User Profiling

Raja Hasnain Anwar, Yi Zou, Muhammad Taqi Raza

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Privacy leakage has become prevalent and severe with the increasing adoption of the internet of things (IoT), artificial intelligence (AI), and blockchain technologies. Such data-intensive systems are vulnerable to side-channel attacks in which hackers can extract sensitive information from a digital device without actively manipulating the target system. Nevertheless, there is a scarcity of IS research on how businesses can effectively detect and safeguard against side-channel attacks. This study adopts the design science paradigm and lays the groundwork for systematic inquiry into the assessment of privacy risks related to side-channels. In this paper, we a) highlight the privacy threats posed by side-channel attacks, b) propose a machine learning-driven design framework to identify side-channel privacy risks, and c) contribute to the literature on privacy analytics using machine learning techniques. We demonstrate a use case of the proposed framework with a text classification model that uses keystroke timings as side-channel.

Original languageEnglish (US)
Title of host publication29th Annual Americas Conference on Information Systems, AMCIS 2023
PublisherAssociation for Information Systems
ISBN (Electronic)9781713893592
StatePublished - 2023
Event29th Annual Americas Conference on Information Systems: Diving into Uncharted Waters, AMCIS 2023 - Panama City, Panama
Duration: Aug 10 2023Aug 12 2023

Publication series

Name29th Annual Americas Conference on Information Systems, AMCIS 2023

Conference

Conference29th Annual Americas Conference on Information Systems: Diving into Uncharted Waters, AMCIS 2023
Country/TerritoryPanama
CityPanama City
Period8/10/238/12/23

Keywords

  • Design science
  • machine learning
  • privacy analytics
  • side-channel attacks

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Library and Information Sciences
  • Information Systems

Cite this