CORDIS - EU research results

EnhaNcing seCurity And privacy in the Social wEb: a user centered approach for the protection of minors

Periodic Reporting for period 2 - ENCASE (EnhaNcing seCurity And privacy in the Social wEb: a user centered approach for the protection of minors)

Reporting period: 2018-01-01 to 2019-12-31

ENCASE aims at leveraging the latest advances in usable security and privacy in order to design and implement a user-centric architecture for the protection of minors from malicious actors in Online Social Networks (OSN).

The foundation of the research and innovation activities is a diligently planned inter-sectorial and interdisciplinary secondment program for Experienced Researchers (ER) and Early Stage Researchers (ESR) that fosters knowledge exchange. Our main focus is the empowerment of minors or their adult supervisors with cybersafety family advice tools that unveil malicious social web information or online actors and enable users to easily protect their sensitive content from unwarranted access by unscrupulous OSN users.

The main knowledge transfer & training objectives of the ENCASE project are: a) to foster industry-academia cooperation, aiming at creating a long-term inter-sectorial cooperation program in the area of security and privacy in OSNs with an emphasis on the protection of minors; b) to implement a dense program of exchanges of ERs and ESRs for the purpose of knowledge exchange and strengthening of collaboration among academia; and c) to conduct world-class interdisciplinary research in the intersection of user experience design, data mining and, and security and privacy.

The main research and innovation objectives of the ENCASE project are: a) to understand the security and privacy concerns of OSN; b) to research methods for performing user profiling, as well as sentiment and affective analysis in OSNs; c) to design algorithms and machine learning (ML) techniques that detect malicious behavior and fake activity in OSNs and warn the users or their custodians of when they are being or are about to be subjected to such online abuses while providing useful advice in a user friendly way on how to stay protected against such threats; and d) to design effective content protection mechanisms by employing watermarking, steganography, and advanced encryption techniques.
ENCASE has implemented an intelligent Cybersafety Family Advice suite for the protection of minors on online social networks. The first component of the ENCASE architecture is a browser extension responsible for notifying the user of imminent threats while proposing appropriate actions for the protection and avoidance of the threat faced by the user. The second component is the Intelligent Web-proxy which captures and analyzes all the user’s incoming and outgoing OSN traffic to block or protect traffic when malicious activity or sensitive content is detected. Last, the third component is the OSN data analytics software stack (back-end). The main purpose of the back-end is to generate and install classifiers in the Web-proxy for the detection of: a) bot/fake/troll user accounts; b) hateful or racist text and memes; c) sensitive pictures/data posted by the minor; d) sexual predators and cyberbullies; d) disturbing videos.

The consortium successfully disseminated and communicated its results, as evident by the numerous publications in top tier venues and the extensive international press coverage it has received by prestigious mainstream press, TV, and radio channels. It has also successfully delivered and is currently piloting the integrated software system. The ENCASE system augments the key capabilities of state-of-the-art parental control tools to tackle a broader spectrum of cybersafety challenges. Its Machine-Learning-based classifiers are constantly updated via new data and feedback from users so they can remain effective as threats evolve. At the same time, ENCASE's approach respects the privacy of adolescents and acts as a parental advice (rather than control) tool with a focus on encouraging discreet supervision.
ENCASE successfully implemented and is currently piloting the tangible results of the project (browser add-on, Intelligent Web-Proxy, and back-end) and is already exploiting parts of the implemented results via one start-up. The ENCASE system combines the key capabilities of state-of-the-art parental control tools, and moves beyond the state of the art by respecting the privacy of adolescents since it acts as a cybersafety family advice tool instead of a parental control tool which monitors and reports the actions of adolescents to their custodians. Notably, ENCASE maintains a back-end that is constantly updating its ML algorithms via new data and feedback from users to ensure the accuracy and effectiveness of threat detection. The research performed to detect suspicious activity was published in top tier venues and focuses on solutions that: a) respect human and societal aspects of security and privacy in the social web; b) can be realized in a practical setting; and c) can be commercially exploited.

ENCASE provided groundbreaking research which shed light on the existing threats in OSNs which resulted to regulators and policy makers publishing numerous reports mentioning and referring to the project’s results and research. In addition, ENCASE aims to change the way parental control companies make tools for the detection of suspicious activity in OSNs by proposing the use of advanced ML techniques. Moreover, the project established close collaboration and communication with other EU-funded projects in related calls in order to share knowledge and educate adolescents and their adult supervisors of the threats of using OSNs. To further spread awareness the project communicates its results and tries to involve numerous safe Internet initiatives like “Safe Internet”, “Better Internet for Kids”, “EU Kids Online”, etc. Finally, CUT participates in the Cypriot Cybersafety Strategy Task Force for Internet Safety and Security concerning children, teachers, and parents. The task force is formed by the Cypriot Office of Electronic Communications & Postal Regulations and the Ministry of Education.

Pilot activities in Schools: CUT leveraged its close collaboration with the Cyprus Pedagogical Institute and is currently piloting the Family Advice Suite in public and private schools. The pilots involve two public elementary schools, one private elementary, and one private high school. Each school is set to contribute 10-30 students in the role of minors, along with teachers and parents in the role of guardians. The feedback that is collected from the students, educators, and parents is sent to the Technical Management team of the Family Advice Suite in an effort to further improve the usability and accessibility of the tools.

Exploitation and Business Plan: CUT currently exploits the developed architecture and applications to pursue further research and create a spin-off in parental advice tools. UCL leverage ENCASE’s results related to the detection of fake activity with the creation of a start-up company named Astroscreen. AUTH and ROMA3 investigate ways to pursue further research and innovation on techniques for the detection and prediction of malicious online activity and on steganography and watermarking techniques. TID, LST, CYR and SGX are creating use cases to introduce the project’s innovation outcomes into new or enhanced products for their customer base.
ENCASE Architecture
Cross interaction among Work Packages diagram