Behavioral Profiling: Tool That Can Shatter Online Anonymity

Researchers from GREYC research lab have engineered a behavioral profiling program that distinguishes different individuals through their keystrokes. Whether it’s your typing speed, consistency or frequency of making systematic typing errors, this technique obliquely shatters online anonymity. Though arguable benign data, it is crucial in identifying behavior and matching it to the right person. To further threaten your onlineanonymity, this technique easily pick up usernames and passwords when you visit membership-based websites; in essence, invading your privacy.

Online AnonymityWorking in close collaboration, behavioral biometrics and behavioral profiling precisely draft your online portfolio, making it easier to keep tabs on you as soon as you start typing and speaking online from a certain location; your facial features are analyzed as well. Whereas behavioral biometrics are based on subtle nuances in your typing patterns, voice, location and special features, behavioral profiling track your online presence after having analyzed your behavior. Each needs the other to accomplish what many loath; shatter your online anonymity without remorse. No one is in the clear when it comes to behavioral profiling.

Though it may appear relatively harmless when being collected by a single website, imagine the level of privacy breach involved when multiple websites, all big names in the industry and collectively owned by one entity, collect crucial information without the user’s content. These multiple sites act as information databases and when matched up and compared, your profile will be created within no time and with little or no gaps. The researchers at GREYC lab are using JavaScript or a profiling app to collect biometric data, especially keystrokes. The amount of time between your keystrokes is also noted and aids in creating your profile, further compromising your online anonymity.

If it’s perfectly normal for you to omit spacing your words, this technique developed by researchers will associate this behavioral trait with you more so if you frequent the same websites at a particular time of the day. Each time you add new information to these websites; this tool will gobble up the information, update it in your profile and continue mapping your different characteristics. Online anonymity, though bolstered by numerous passwords and sign-in options, will soon be an open book. Data mining entities are on the rise and some have already been bold enough to deny these claims even when evidence is presented.

Data MiningThe GREYC lab researchers have portrayed consistency in the results brought forth by their algorithm. Your keystrokes are not a rigid structure and from time to time, there will be considerable differences. Even then, the graphs used in identifying your online presence remain largely uniform, distinguishing you from anyone else whose behavioral traits seem to match yours. Just like fingerprints were and still are used for identification, this evolved to DNA and now keystrokes are beckoning to be the leading identifier online; the possibilities which this technology can unleash are limitless, especially in the cybercrimes units. Online anonymity may have been assured by private window browsing’ or application of passwords a few years ago but think again; the playing field has drastically changed and is no longer level.

Internet Security Vulnerability In Facebook Discovered

A potential security flaw has been discovered on popular social networking site Facebook, apparently hackers can access any user’s account provided they registered with their phone number and not email. The vulnerability was first discovered by software engineer Reza Moaiandin, it’s an Internet security loophole which allows hackers to access an individual’s user profile, photos and location data which can be harvested to perform other wrongs against the victim.

Facebook

All it takes for the Internet security breach to work is a phone number and a few simple number-generation algorithms, which anyone with basic IT skills can perform with ease. While doing his research, Moaiandin managed to generate 1000s of positive matches which after being fed into the Facebook API system, gave him unlimited access to multiple accounts without the owners ever knowing what happened.

He blames the Internet security issue on Facebook’s default “Who Can Find Me?” setting, which allows anyone to find another person’s profile by using a mobile number only. This setting is characteristically left accessible to everybody on the net even strangers, so felons with number generating software can find it easier to gobble up swathes of random user details without getting detected. Those who have accounts with this site are advised to be vigilant and make appropriate changes on their settings every so often; it shall help in guaranteeing Internet security each time you log into your profile.

Internet Security Vulnerability

While some details about a person are already being accessible to the public, the most worrying trend is the ability to directly link an individual to their phone number. This may lead to identity theft and harassment, and as for celebrities the crooks may engage in trolling and posting negative messages on walls to dent their image. Writing on his company’s blog, Reza says that he discovered the vulnerability by mistake and that if used by hackers it can harvest “millions” of innocent people’s details. Moaiandin has already brought the Internet security flaw to Facebook’s attention in April. One Facebook representative said that they don’t actually consider it an Internet security flaw, but that settings are also in place on each user’s account to gauge and mitigate any form of abuse.