Change search
Refine search result
12 1 - 50 of 53
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Ahlstrand, Jim
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science. Telenor Sverige AB, Sweden..
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Borg, Anton
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Grahn, Håkan
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Preliminary Results on the use of Artificial Intelligence for Managing Customer Life Cycles2023In: 35th Annual Workshop of the Swedish Artificial Intelligence Society SAIS 2023 / [ed] Håkan Grahn, Anton Borg and Martin Boldt, Linköping University Electronic Press, 2023, p. 68-76Conference paper (Refereed)
    Abstract [en]

    During the last decade we have witnessed how artificial intelligence (AI) have changed businesses all over the world. The customer life cycle framework is widely used in businesses and AI plays a role in each stage. However,implementing and generating value from AI in the customerlife cycle is not always simple. When evaluating the AI against business impact and value it is critical to consider both themodel performance and the policy outcome. Proper analysis of AI-derived policies must not be overlooked in order to ensure ethical and trustworthy AI. This paper presents a comprehensive analysis of the literature on AI in customer lifecycles (CLV) from an industry perspective. The study included 31 of 224 analyzed peer-reviewed articles from Scopus search result. The results show a significant research gap regardingoutcome evaluations of AI implementations in practice. This paper proposes that policy evaluation is an important tool in the AI pipeline and empathizes the significance of validating bothpolicy outputs and outcomes to ensure reliable and trustworthy AI.

    Download full text (pdf)
    fulltext
  • 2.
    Arvidsson, Victor
    et al.
    Blekinge Institute of Technology. student.
    Al-Mashahedi, Ahmad
    Blekinge Institute of Technology. student.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Evaluation of Defense Methods Against the One-Pixel Attack on Deep Neural Networks2023In: 35th Annual Workshop of the Swedish Artificial Intelligence Society SAIS 2023 / [ed] Håkan Grahn, Anton Borg and Martin Boldt, Linköping University Electronic Press, 2023, p. 49-57Conference paper (Refereed)
    Abstract [en]

    The one-pixel attack is an image attack method for creating adversarial instances with minimal perturbations, i.e., pixel modification. The attack method makes the adversarial instances difficult to detect as it only manipulates a single pixel in the image. In this paper, we study four different defense approaches against adversarial attacks, and more specifically the one-pixel attack, over three different models. The defense methods used are: data augmentation, spatial smoothing, and Gaussian data augmentation used during both training and testing. The empirical experiments involve the following three models: all convolutional network (CNN), network in network (NiN), and the convolutional neural network VGG16. Experiments were executed and the results show that Gaussian data augmentation performs quite poorly when applied during the prediction phase. When used during the training phase, we see a reduction in the number of instances that could be perturbed by the NiN model. However, the CNN model shows an overall significantly worse performance compared to no defense technique. Spatial smoothing shows an ability to reduce the effectiveness of the one-pixel attack, and it is on average able to defend against half of the adversarial examples. Data augmentation also shows promising results, reducing the number of successfully perturbed images for both the CNN and NiN models. However, data augmentation leads to slightly worse overall model performance for the NiN and VGG16 models. Interestingly, it significantly improves the performance for the CNN model. We conclude that the most suitable defense is dependent on the model used. For the CNN model, our results indicate that a combination of data augmentation and spatial smoothing is a suitable defense setup. For the NiN and VGG16 models, a combination of Gaussian data augmentation together with spatial smoothing is more promising. Finally, the experiments indicate that applying Gaussian noise during the prediction phase is not a workable defense against the one-pixel attack. ©2023, Copyright held by the authors   

    Download full text (pdf)
    fulltext
  • 3. Baca, Dejan
    et al.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Carlsson, Bengt
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Jacobsson, Andreas
    A Novel Security-Enhanced Agile Software Development Process Applied in an Industrial Setting2015In: Proceedings 10th International Conference on Availability, Reliability and Security ARES 2015, IEEE Computer Society Digital Library, 2015Conference paper (Refereed)
    Abstract [en]

    A security-enhanced agile software development process, SEAP, is introduced in the development of a mobile money transfer system at Ericsson Corp. A specific characteristic of SEAP is that it includes a security group consisting of four different competences, i.e., security manager, security architect, security master and penetration tester. Another significant feature of SEAP is an integrated risk analysis process. In analyzing risks in the development of the mobile money transfer system, a general finding was that SEAP either solves risks that were previously postponed or solves a larger proportion of the risks in a timely manner. The previous software development process, i.e., the baseline process of the comparison outlined in this paper, required 2.7 employee hours spent for every risk identified in the analysis process compared to, on the average, 1.5 hours for the SEAP. The baseline development process left 50% of the risks unattended in the software version being developed, while SEAP reduced that figure to 22%. Furthermore, SEAP increased the proportion of risks that were corrected from 12.5% to 67.1%, i.e., more than a five times increment. This is important, since an early correction may avoid severe attacks in the future. The security competence in SEAP accounts for 5% of the personnel cost in the mobile money transfer system project. As a comparison, the corresponding figure, i.e., for security, was 1% in the previous development process.

  • 4. Boldt, Martin
    Privacy-Invasive Software2010Doctoral thesis, comprehensive summary (Other academic)
    Abstract [en]

    As computers are increasingly more integrated into our daily lives we become more dependent on software. This situation is exploited by villainous actors on the Internet that distribute malicious software in search for fast financial gains on the expense of deceived computer users. As a result, computer users need more accurate and aiding mechanisms to assist them when separating legitimate software from its unwanted counterparts. However, such separations are complicated due to a greyzone of software that exists between legitimate and purely malicious software. The software in this greyzone often vaguely labeled spyware. This work introduce both user-aiding mechanisms and an attempt to clarify the greyzone by introducing the concept of privacy-invasive software (PIS) as a category of software that ignores the users’ right to be left alone. Such software is distributed with a specific intent (often of commercial nature), which negatively affect the users to various degree. PIS is therefore classified with respect to the degree of informed consent and the amount of negative consequences for the users. To mitigate the effects from PIS, two novel mechanisms for safeguarding user consent during software installation are introduced; a collaborative software reputation system; and an automated End User License Agreement (EULA) classification. In the software reputation system, users collaborate by sharing experiences of previously used software programs, allowing new users to rely on the collective experience when installing software. The EULA classification generalizes patterns from a set of both legitimate and questionable software EULAs, so that computer users can automatically classify previously unknown EULAs as belonging to legitimate software or not. Both techniques increase user awareness about software program behavior, which allow users to make more informed decisions concerning software installations, which arguably reduces the threat from PIS. We present experimental results showing the ability of a set of machine learning algorithms ability to perform automated EULA classification. In addition, we also present a prototype implementation of a software reputation system, together with simulation results of the large-scale use of the system.

    Download full text (pdf)
    FULLTEXT01
  • 5. Boldt, Martin
    Privacy-Invasive Software: Exploring Effects and Countermeasures2007Licentiate thesis, comprehensive summary (Other academic)
    Abstract [en]

    As computers are increasingly more integrated into our daily lives, we need aiding mechanisms for separating legitimate software from their unwanted counterparts. We use the term Privacy-Invasive Software (PIS) to refer to such illegitimate software, sometimes loosely labelled as spyware. In this thesis, we include an introduction to PIS, and how it differs from both legitimate and traditionally malicious software. We also present empirical measurements indicating the effects that PIS have on infected computers and networks. An important contribution of this work is a classification of PIS in which we target both the level of user consent, as well as the degree of user consequences associated with PIS. These consequences, affecting both users and their computers, form a global problem that deteriorates a vast number of users’ computer experiences today. As a way to hinder, or at least mitigate, this development we argue for more user-oriented countermeasures that focus on informing users about the behaviour and consequences associated with using a particular software. In addition to current reactive countermeasures, we also need preventive tools dealing with the threat of PIS before it enters users’ computers. Collaborative reputation systems present an interesting way forward towards such preventive and user-oriented countermeasures against PIS. Moving the software reputations from old channels (such as computer magazines or friends’ recommendations) into an instantly fast reputation system would be beneficial for the users when distinguishing unwanted software from legitimate. It is important that such a reputation system is designed to address antagonistic intentions from both individual users and groups thereof, so that users could depend on the reputations. This would allow users to reach more informed decisions by taking the reported consequences into account when deciding whether they want a specific software to enter their computer or not.

    Download full text (pdf)
    FULLTEXT01
  • 6.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Utökad samverkan bortom våra traditionella studentprojekt2023Report (Other (popular science, discussion, etc.))
    Abstract [sv]

    Denna presentation handlar om ett samverkansinitiativ för studenterna på Civilingenjörsprogrammet i AI och Maskininlärning tillsammans med regionala aktörer inom privat och offentlig sektor. Syftet är att genom samverkan mellan våra studenter och företag/myndigheter i Blekinge nå en rad synergieffekter för såväl studenterna som BTH och de medverkande regionala aktörerna. Nyckeln till framgång är få studenter och företag-/myndigheter att diskutera konkreta AI-case med varandra.

    Download full text (pdf)
    Utökad samverkan Martin Boldt BP2023
    Download full text (pdf)
    Utökad samverkan presentation BP2023
  • 7.
    Boldt, Martin
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Boeva, Veselka
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Borg, Anton
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Multi-expert estimations of burglars' risk exposure and level of pre-crime preparation using coded crime scene data: Work in progress2018In: Proceedings - 2018 European Intelligence and Security Informatics Conference, EISIC 2018 / [ed] Brynielsson, J, Institute of Electrical and Electronics Engineers Inc. , 2018, p. 77-80Conference paper (Refereed)
    Abstract [en]

    Law enforcement agencies strive to link crimes perpetrated by the same offenders into crime series in order to improve investigation efficiency. Such crime linkage can be done using both physical traces (e.g., DNA or fingerprints) or 'soft evidence' in the form of offenders' modus operandi (MO), i.e. their behaviors during crimes. However, physical traces are only present for a fraction of crimes, unlike behavioral evidence. This work-in-progress paper presents a method for aggregating multiple criminal profilers' ratings of offenders' behavioral characteristics based on feature-rich crime scene descriptions. The method calculates consensus ratings from individual experts' ratings, which then are used as a basis for classification algorithms. The classification algorithms can automatically generalize offenders' behavioral characteristics from cues in the crime scene data. Models trained on the consensus rating are evaluated against models trained on individual profiler's ratings. Thus, whether the consensus model shows improved performance over individual models. © 2018 IEEE.

  • 8.
    Boldt, Martin
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Borg, Anton
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    A statistical method for detecting significant temporal hotspots using LISA statistics2017In: Proceedings - 2017 European Intelligence and Security Informatics Conference, EISIC 2017, IEEE Computer Society, 2017, p. 123-126Conference paper (Refereed)
    Abstract [en]

    This work presents a method for detecting statisticallysignificant temporal hotspots, i.e. the date and time of events,which is useful for improved planning of response activities.Temporal hotspots are calculated using Local Indicators ofSpatial Association (LISA) statistics. The temporal data is ina 7x24 matrix that represents a temporal resolution of weekdaysand hours-in-the-day. Swedish residential burglary events areused in this work for testing the temporal hotspot detectionapproach. Although, the presented method is also useful forother events as long as they contain temporal information, e.g.attack attempts recorded by intrusion detection systems. Byusing the method for detecting significant temporal hotspotsit is possible for domain-experts to gain knowledge about thetemporal distribution of the events, and also to learn at whichtimes mitigating actions could be implemented.

    Download full text (pdf)
    fulltext
  • 9.
    Boldt, Martin
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Borg, Anton
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Evaluating Temporal Analysis Methods UsingResidential Burglary Data2016In: ISPRS International Journal of Geo-Information, Special Issue on Frontiers in Spatial and Spatiotemporal Crime Analytics, ISSN 2220-9964, Vol. 5, no 9, p. 1-22Article in journal (Refereed)
    Abstract [en]

    Law enforcement agencies, as well as researchers rely on temporal analysis methods in many crime analyses, e.g., spatio-temporal analyses. A number of temporal analysis methods are being used, but a structured comparison in different configurations is yet to be done. This study aims to fill this research gap by comparing the accuracy of five existing, and one novel, temporal analysis methods in approximating offense times for residential burglaries that often lack precise time information. The temporal analysis methods are evaluated in eight different configurations with varying temporal resolution, as well as the amount of data (number of crimes) available during analysis. A dataset of all Swedish residential burglaries reported between 2010 and 2014 is used (N = 103,029). From that dataset, a subset of burglaries with known precise offense times is used for evaluation. The accuracy of the temporal analysis methods in approximating the distribution of burglaries with known precise offense times is investigated. The aoristic and the novel aoristic_ext method perform significantly better than three of the traditional methods. Experiments show that the novel aoristic_ext method was most suitable for estimating crime frequencies in the day-of-the-year temporal resolution when reduced numbers of crimes were available during analysis. In the other configurations investigated, the aoristic method showed the best results. The results also show the potential from temporal analysis methods in approximating the temporal distributions of residential burglaries in situations when limited data are available.

    Download full text (pdf)
    fulltext
  • 10. Boldt, Martin
    et al.
    Borg, Anton
    Carlsson, Bengt
    On the Simulation of a Software Reputation System2010Conference paper (Refereed)
    Abstract [en]

    Today, there are difficulties finding all malicious programs due to juridical restrictions and deficits concerning the anti-malicious programs. Also, a "grey-zone" of questionable programs exists, hard for different protection programs to handle and almost impossible for a single user to judge. A software reputation system consisting of expert, average and novice users are proposed as a complement to let anti-malware programs or dedicated human experts decide about questionable programs. A simulation of the factors involved is accomplished by varying the user groups involved, modifying each user's individual trust factor, specifying an upper trust factor limit and accounting for previous rating influence. As a proposed result, a balanced, well-informed rating of judged programs appears, i.e. a balance between quickly reaching a well-informed decision and not giving a single voter too much power.

  • 11.
    Boldt, Martin
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Borg, Anton
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Ickin, Selim
    Ericsson Research, SWE.
    Gustafsson, Jörgen
    Ericsson Research, SWE.
    Anomaly detection of event sequences using multiple temporal resolutions and Markov chains2020In: Knowledge and Information Systems, ISSN 0219-1377, E-ISSN 0219-3116, Vol. 62, p. 669-686Article in journal (Refereed)
    Abstract [en]

    Streaming data services, such as video-on-demand, are getting increasingly more popular, and they are expected to account for more than 80% of all Internet traffic in 2020. In this context, it is important for streaming service providers to detect deviations in service requests due to issues or changing end-user behaviors in order to ensure that end-users experience high quality in the provided service. Therefore, in this study we investigate to what extent sequence-based Markov models can be used for anomaly detection by means of the end-users’ control sequences in the video streams, i.e., event sequences such as play, pause, resume and stop. This anomaly detection approach is further investigated over three different temporal resolutions in the data, more specifically: 1 h, 1 day and 3 days. The proposed anomaly detection approach supports anomaly detection in ongoing streaming sessions as it recalculates the probability for a specific session to be anomalous for each new streaming control event that is received. Two experiments are used for measuring the potential of the approach, which gives promising results in terms of precision, recall, F 1 -score and Jaccard index when compared to k-means clustering of the sessions. © 2019, The Author(s).

    Download full text (pdf)
    fulltext
  • 12.
    Boldt, Martin
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Borg, Anton
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Melander, Ulf
    En strukturerad metod för registrering och automatisk analys av brott2014In: The Past, the Present and the Future of Police Research: Proceedings from the fifth Nordic Police Research seminar / [ed] Rolf Granér och Ola Kronkvist, 2014Conference paper (Refereed)
    Abstract [sv]

    I detta artikel beskrivs en metod som används i polisregionerna Syd, Väst och Stockholm1 för att samla in strukturerade brottsplatsuppgifter från bostadsinbrott, samt hur den insamlade informationen kan analyseras med automatiska metoder som kan assistera brottssamordnare i deras arbete. Dessa automatiserade analyser kan användas som filtrerings- eller selekteringsverktyg för bostadsinbrott och därmed effektivisera och underlätta arbetet. Vidare kan metoden användas för att avgöra sannolikheten att två brott är utförda av samma gärningsman, vilket kan hjälpa polisen att identifiera serier av brott. Detta är möjligt då gärningsmän tenderar att begå brott på ett snarlikt sätt och det är möjligt, baserat på strukturerade brottsplatsuppgifter, att automatiskt hitta dessa mönster. I kapitlet presenteras och utvärderas en prototyp på ett IT-baserat beslutsstödsystem samt två automatiska metoder för brottssamordning.

    Download full text (pdf)
    fulltext
  • 13.
    Boldt, Martin
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Borg, Anton
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Svensson, Martin
    Blekinge Institute of Technology, Faculty of Engineering, Department of Industrial Economics.
    Hildeby, Jonas
    Polisen, SWE.
    Predicting burglars' risk exposure and level of pre-crime preparation using crime scene data2018In: Intelligent Data Analysis, ISSN 1088-467X, E-ISSN 1571-4128, Vol. 22, no 1, p. 167-190, article id IDA 322-3210Article in journal (Refereed)
    Abstract [en]

    Objectives: The present study aims to extend current research on how offenders’ modus operandi (MO) can be used in crime linkage, by investigating the possibility to automatically estimate offenders’ risk exposure and level of pre-crime preparation for residential burglaries. Such estimations can assist law enforcement agencies when linking crimes into series and thus provide a more comprehensive understanding of offenders and targets, based on the combined knowledge and evidence collected from different crime scenes. Methods: Two criminal profilers manually rated offenders’ risk exposure and level of pre-crime preparation for 50 burglaries each. In an experiment we then analyzed to what extent 16 machine-learning algorithms could generalize both offenders’ risk exposure and preparation scores from the criminal profilers’ ratings onto 15,598 residential burglaries. All included burglaries contain structured and feature-rich crime descriptions which learning algorithms can use to generalize offenders’ risk and preparation scores from.Results: Two models created by Naïve Bayes-based algorithms showed best performance with an AUC of 0.79 and 0.77 for estimating offenders' risk and preparation scores respectively. These algorithms were significantly better than most, but not all, algorithms. Both scores showed promising distinctiveness between linked series, as well as consistency for crimes within series compared to randomly sampled crimes.Conclusions: Estimating offenders' risk exposure and pre-crime preparation  can complement traditional MO characteristics in the crime linkage process. The estimations are also indicative to function for cross-category crimes that otherwise lack comparable MO. Future work could focus on increasing the number of manually rated offenses as well as fine-tuning the Naïve Bayes algorithm to increase its estimation performance.

  • 14. Boldt, Martin
    et al.
    Carlsson, Bengt
    Analysing Countermeasures Against Privacy-Invasive Software2006Conference paper (Refereed)
    Abstract [en]

    User privacy is widely affected by the occurrence of privacy-invasive software (PIS) on the Internet. Various forms of countermeasures try to mitigate the negative effects caused by PIS. We use a computer forensic tool to evaluate an anti-spyware tool, with respect to found PIS over a four years period. Within the anti-spyware tool PIS was slowly identified, caused classification problems, and formely classified PIS were sometimes excluded. Background information on both PIS and countermeasure techniques are also presented, followed by discussions on legal disputes between developers of PIS and vendors of countermeasures. © 2006 IEEE.

  • 15. Boldt, Martin
    et al.
    Carlsson, Bengt
    Analysing Privacy-Invasive Software Countermeasures2006Conference paper (Refereed)
  • 16. Boldt, Martin
    et al.
    Carlsson, Bengt
    Confidentiality Aspects within Road User Charging Systems: the Swedish Case2008Conference paper (Refereed)
    Abstract [en]

    In this paper we analyze how a proposed Swedish Road User Charging (RUC) system for differentiated distance based taxation affects the corporate confidentiality of haulers. Each hauler needs to equip all their vehicles with an On-Board Unit (OBU) that continuously send position readings back to a central server, which then is used to calculate the taxation. The fact that the system gather, process, and store information about where the vehicles travel introduce threats to the haulers’ corporate confidentiality, e.g. if the position data leak to competitors. We describe threats to various parts of the RUC system, together with protective measures. In the end of the paper we discuss the impact on corporate confidentiality if such a RUC system is introduced, e.g. how would the leakage of position data affect transports conveying sensitive goods such as medical drugs or consumer electronics.

    Download full text (pdf)
    FULLTEXT01
  • 17. Boldt, Martin
    et al.
    Carlsson, Bengt
    Privacy-Invasive Software and Preventive Mechanisms2007In: Malware: An Introduction / [ed] Jain, Ravi K., ICFAI Press , 2007Chapter in book (Other academic)
  • 18. Boldt, Martin
    et al.
    Carlsson, Bengt
    Privacy-Invasive Software and Preventive Mechanisms2006Conference paper (Refereed)
  • 19. Boldt, Martin
    et al.
    Carlsson, Bengt
    Jacobsson, Andreas
    Exploring Spyware Effects2004Conference paper (Refereed)
    Abstract [en]

    In this paper, we discuss various types of spyware programs, their behaviour, how they typically infect computers, and the propagation of new varieties of spyware programs. In two experiments, we investigate the occurrence and impact of spyware programs found in popular P2P applications. Based on the findings from the empirical investigations, we try to lift the perspective to a more general view on spyware deriving from the theory of (virtual) network effects. In a model, we categorize in what ways spyware might decrease the utility of belonging to a large virtual network. Here, the baseline is that spyware programs intrude systems and networks, but since they profit from user data they also intrude user privacy. In the model, the intrusions are classified as moderate, severe or disastrous. We found that spyware has the potential to overthrow the positive aspects of belonging to a large network, and network owners should therefore be very careful about permitting such programs in applications and on networks.

    Download full text (pdf)
    FULLTEXT01
  • 20. Boldt, Martin
    et al.
    Carlsson, Bengt
    Jacobsson, Andreas
    Exploring Spyware Effects2007In: Spyware: An Insight / [ed] Jain, Ravi K., Hyderabad: ICFAI University Press , 2007, p. 39-58Chapter in book (Other academic)
  • 21. Boldt, Martin
    et al.
    Carlsson, Bengt
    Larsson, Tobias
    Lindén, Niklas
    Preventing Privacy-Invasive Software using Online Reputations2008Conference paper (Refereed)
    Abstract [en]

    Privacy-invasive software, loosely labeled spyware, is an increasingly common problem for today’s computer users, one to which there is no absolute cure. Most of the privacy-invasive software are positioned in a legal gray zone, as the user accepts the malicious behaviour when agreeing to the End User License Agreement. This paper proposes the use of a specialized reputation system to gather and share information regarding software behaviour between community users. A client application helps guide the user at the point of executing software on the local computer, displaying other users’ feedback about the expected behaviour of the software. We discuss important aspects to consider when constructing such a system, and propose possible solutions. Based on the observations made, we implemented a client/server based proof-of-concept tool, which allowed us to demonstrate how such a system would work. We also compare this solution to other, more conventional, protection methods such as anti-virus and anti-spyware software.

    Download full text (pdf)
    FULLTEXT01
  • 22. Boldt, Martin
    et al.
    Carlsson, Bengt
    Martinsson, Roy
    Software Vulnerability Assessment: Version Extraction and Verification2007Conference paper (Refereed)
  • 23.
    Boldt, Martin
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Ickin, Selim
    Ericsson Research, SWE.
    Borg, Anton
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Kulyk, Valentin
    Ericsson Research, SWE.
    Gustafsson, Jörgen
    Ericsson Research, SWE.
    Alarm prediction in cellular base stations using data-driven methods2021In: IEEE Transactions on Network and Service Management, ISSN 1932-4537, E-ISSN 1932-4537, Vol. 18, no 2, p. 1925-1933Article in journal (Refereed)
    Abstract [en]

    The importance of cellular networks continuously increases as we assume ubiquitous connectivity in our daily lives. As a result, the underlying core telecom systems have very high reliability and availability requirements, that are sometimes hard to meet. This study presents a proactive approach that could aid satisfying these high requirements on reliability and availability by predicting future base station alarms. A data set containing 231 internal performance measures from cellular (4G) base stations is correlated with a data set containing base station alarms. Next, two experiments are used to investigate (i) the alarm prediction performance of six machine learning models, and (ii) how different predict-ahead times (ranging from 10 min to 48 hours) affect the predictive performance. A 10-fold cross validation evaluation approach and statistical analysis suggested that the Random Forest models showed best performance. Further, the results indicate the feasibility of predicting severe alarms one hour in advance with a precision of 0.812 (±0.022, 95 % CI), recall of 0.619 (±0.027) and F1-score of 0.702 (±0.022). A model interpretation package, ELI5, was used to identify the most influential features in order to gain model insight. Overall, the results are promising and indicate the potential of an early-warning system that enables a proactive means for achieving high reliability and availability requirements. IEEE

  • 24.
    Boldt, Martin
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    jacobsson, andreas
    Malmö University, SWE.
    Baca, Dejan
    Fidesmo AB, SWE.
    Carlsson, Bengt
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Introducing a novel security-enhanced agile software development process2017In: International Journal of Secure Software Engineering, ISSN 1947-3036, E-ISSN 1947-3044, ISSN 1947-3036, Vol. 8, no 2Article in journal (Refereed)
    Abstract [en]

    In this paper, a novel security-enhanced agile software development process, SEAP, is introduced. It has been designed, tested, and implemented at Ericsson AB, specifically in the development of a mobile money transfer system. Two important features of SEAP are 1) that it includes additional security competences, and 2) that it includes the continuous conduction of an integrated risk analysis for identifying potential threats. As a general finding of implementing SEAP in software development, the developers solve a large proportion of the risks in a timely, yet cost-efficient manner. The default agile software development process at Ericsson AB, i.e. where SEAP was not included, required significantly more employee hours spent for every risk identified compared to when integrating SEAP. The default development process left 50.0% of the risks unattended in the software version that was released, while the application of SEAP reduced that figure to 22.5%. Furthermore, SEAP increased the proportion of risks that were corrected from 12.5% to 67.9%, a more than five times increment.

    Download full text (pdf)
    fulltext
  • 25.
    Boldt, Martin
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Jacobsson, Andreas
    Carlsson, Bengt
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    On the risk exposure of smart home automation systems2014In: Proceedings 2014 International Conferenceon Future Internet of Things and Cloud, IEEE Computer Society Digital Library, 2014Conference paper (Refereed)
    Abstract [en]

    A recent study has shown that more than every fourth person in Sweden feels that they have poor knowledge and control over their energy use, and that four out of ten would like to be more aware and to have better control over their consumption [5]. A solution is to provide the householders with feedback on their energy consumption, for instance, through a smart home automation system [10]. Studies have shown that householders can reduce energy consumption with up to 20% when gaining such feedback [5] [10]. Home automation is a prime example of a smart environment built on various types of cyber-physical systems generating volumes of diverse, heterogeneous, complex, and distributed data from a multitude of applications and sensors. Thereby, home automation is also an example of an Internet of Things (IoT) scenario, where a communication network extends the present Internet by including everyday items and sensors [22]. Home automation is attracting more and more attention from commercial actors, such as, energy suppliers, infrastructure providers, and third party software and hardware vendors [8] [10]. Among the non-commercial stake-holders, there are various governmental institutions, municipalities, as well as, end-users.

  • 26. Boldt, Martin
    et al.
    Jacobsson, Andreas
    Lavesson, Niklas
    Davidsson, Paul
    Automated Spyware Detection Using End User License Agreements2008Conference paper (Refereed)
    Abstract [en]

    The amount of spyware increases rapidly over the Internet and it is usually hard for the average user to know if a software application hosts spyware. This paper investigates the hypothesis that it is possible to detect from the End User License Agreement (EULA) whether its associated software hosts spyware or not. We generated a data set by collecting 100 applications with EULAs and classifying each EULA as either good or bad. An experiment was conducted, in which 15 popular default-configured mining algorithms were applied on the data set. The results show that 13 algorithms are significantly better than random guessing, thus we conclude that the hypothesis can be accepted. Moreover, 2 algorithms also perform significantly better than the current state-of-the-art EULA analysis method. Based on these results, we present a novel tool that can be used to prevent the installation of spyware.

    Download full text (pdf)
    FULLTEXT01
  • 27.
    Boldt, Martin
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Rekanar, Kaavya
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Analysis and text classification of privacy policies from rogue and top-100 fortune global companies2019In: International Journal of Information Security and Privacy, ISSN 1930-1650, E-ISSN 1930-1669, Vol. 13, no 2, p. 47-66Article in journal (Refereed)
    Abstract [en]

    In the present article, the authors investigate to what extent supervised binary classification can be used to distinguish between legitimate and rogue privacy policies posted on web pages. 15 classification algorithms are evaluated using a data set that consists of 100 privacy policies from legitimate websites (belonging to companies that top the Fortune Global 500 list) as well as 67 policies from rogue websites. A manual analysis of all policy content was performed and clear statistical differences in terms of both length and adherence to seven general privacy principles are found. Privacy policies from legitimate companies have a 98% adherence to the seven privacy principles, which is significantly higher than the 45% associated with rogue companies. Out of the 15 evaluated classification algorithms, Naïve Bayes Multinomial is the most suitable candidate to solve the problem at hand. Its models show the best performance, with an AUC measure of 0.90 (0.08), which outperforms most of the other candidates in the statistical tests used. Copyright © 2019, IGI Global.

  • 28. Boldt, Martin
    et al.
    Wieslander, Johan
    Carlsson, Bengt
    Investigating spyware on the internet2003Conference paper (Refereed)
  • 29.
    Borg, Anton
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Ahlstrand, Jim
    Telenor AB, SWE.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Improving Corporate Support by Predicting Customer e-Mail Response Time: Experimental Evaluation and a Practical Use Case2021In: Enterprise Information Systems / [ed] Filipe J., Śmiałek M., Brodsky A., Hammoudi S., Springer Science and Business Media Deutschland GmbH , 2021, p. 100-121Conference paper (Refereed)
    Abstract [en]

    Customer satisfaction is an important aspect for any corporations customer support process. One important factor keeping the time customers’ wait for a reply at acceptable levels. By utilizing learning models based on the Random Forest Algorithm, the extent to which it is possible to predict e-Mail time-to-respond is investigated. This is investigated both for customers, but also for customer support agents. The former focusing on how long until customers reply, and the latter focusing on how long until a customer receives an answer. The models are trained on a data set consisting of 51, 682 customer support e-Mails. The e-Mails covers various topics from a large telecom operator. The models are able to predict the time-to-respond for customer support agents with an AUC of 0.90, and for customers with an AUC of 0.85. These results indicate that it is possible to predict the TTR for both groups. The approach were also implemented in an initial trial in a live environment. How the predictions can be applied to improve communication efficiency, e.g. by anticipating the staff needs in customer support, is discussed in more detail in the paper. Further, insights gained from an initial implementation are provided. © 2021, Springer Nature Switzerland AG.

  • 30.
    Borg, Anton
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Ahlstrand, Jim
    Telenor AB, SWE.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Predicting e-mail response time in corporate customer support2020In: ICEIS 2020 - Proceedings of the 22nd International Conference on Enterprise Information Systems, SciTePress , 2020, p. 305-314Conference paper (Refereed)
    Abstract [en]

    Maintaining high degree of customer satisfaction is important for any corporation, which involves the customer support process. One important factor in this work is to keep customers' wait time for a reply at levels that are acceptable to them. In this study we investigate to what extent models trained by the Random Forest learning algorithm can be used to predict e-mail time-to-respond time for both customer support agents as well as customers. The data set includes 51,682 customer support e-mails of various topics from a large telecom operator. The results indicate that it is possible to predict the time-to-respond for both customer support agents (AUC of 0.90) as well as for customers (AUC of 0.85). These results indicate that the approach can be used to improve communication efficiency, e.g. by anticipating the staff needs in customer support, but also indicating when a response is expected to take a longer time than usual. Copyright © 2020 by SCITEPRESS - Science and Technology Publications, Lda. All rights reserved.

    Download full text (pdf)
    Predicting e-Mail Response Time in Corporate Customer Support
  • 31.
    Borg, Anton
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Clustering Residential Burglaries Using Modus Operandi and Spatiotemporal Information2016In: International Journal of Information Technology & Decision Making, ISSN 0219-6220, E-ISSN 1793-6845, Vol. 15, no 1, p. 23-42Article in journal (Refereed)
    Abstract [en]

    To identify series of residential burglaries, detecting linked crimes performed by the same constellations of criminals is necessary. Comparison of crime reports today is difficult as crime reports traditionally have been written as unstructured text and often lack a common information-basis. Based on a novel process for collecting structured crime scene information, the present study investigates the use of clustering algorithms to group similar crime reports based on combined crime characteristics from the structured form. Clustering quality is measured using Connectivity and Silhouette index (SI), stability using Jaccard index, and accuracy is measured using Rand index (RI) and a Series Rand index (SRI). The performance of clustering using combined characteristics was compared with spatial characteristic. The results suggest that the combined characteristics perform better or similar to the spatial characteristic. In terms of practical significance, the presented clustering approach is capable of clustering cases using a broader decision basis.

  • 32.
    Borg, Anton
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Using VADER sentiment and SVM for predicting customer response sentiment2020In: Expert systems with applications, ISSN 0957-4174, E-ISSN 1873-6793, Vol. 162, article id 113746Article in journal (Refereed)
    Abstract [en]

    Customer support is important to corporate operations, which involves dealing with disgruntled customer and content customers that can have different requirements. As such, it is important to quickly extract the sentiment of support errands. In this study we investigate sentiment analysis in customer support for a large Swedish Telecom corporation. The data set consists of 168,010 e-mails divided into 69,900 conversation threads without any sentiment information available. Therefore, VADER sentiment is used together with a Swedish sentiment lexicon in order to provide initial labeling of the e-mails. The e-mail content and sentiment labels are then used to train two Support Vector Machine models in extracting/classifying the sentiment of e-mails. Further, the ability to predict sentiment of not-yet-seen e-mail responses is investigated. Experimental results show that the LinearSVM model was able to extract sentiment with a mean F1-score of 0.834 and mean AUC of 0.896. Moreover, the LinearSVM algorithm was also able to predict the sentiment of an e-mail one step ahead in the thread (based on the text in the an already sent e-mail) with a mean F1-score of 0.688 and the mean AUC of 0.805. The results indicate a predictable pattern in e-mail conversation that enables predicting the sentiment of a not-yet-seen e-mail. This can be used e.g. to prepare particular actions for customers that are likely to have a negative response. It can also provide feedback on possible sentiment reactions to customer support e-mails. © 2020 Elsevier Ltd

  • 33. Borg, Anton
    et al.
    Boldt, Martin
    Carlsson, Bengt
    Simulating malicious users in a software reputation system2011In: Communications in Computer and Information Science, Springer , 2011, Vol. 186, p. 147-156Conference paper (Refereed)
    Abstract [en]

    Today, computer users have trouble in separating malicious and legitimate software. Traditional countermeasures such as anti-virus tools mainly protect against truly malicious programs, but the situation is complicated due to a "grey-zone" of questionable programs that are difficult to classify. We therefore suggest a software reputation system (SRS) to help computer users in separating legitimate software from its counterparts. In this paper we simulate the usage of a SRS to investigate the effects that malicious users have on the system. Our results show that malicious users will have little impact on the overall system, if kept within 10% of the population. However, a coordinated attack against a selected subset of the applications may distort the reputation of these applications. The results also show that there are ways to detect attack attempts in an early stage. Our conclusion is that a SRS could be used as a decision support system to protect against questionable software.

  • 34.
    Borg, Anton
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Eliasson, Johan
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Detecting Crime Series Based on Route Estimation and Behavioral Similarity2017In: 2017 EUROPEAN INTELLIGENCE AND SECURITY INFORMATICS CONFERENCE (EISIC) / [ed] Brynielsson, J, IEEE , 2017, p. 1-8Conference paper (Refereed)
    Abstract [en]

    A majority of crimes are committed by a minority of offenders. Previous research has provided some support for the theory that serial offenders leave behavioral traces on the crime scene which could be used to link crimes to serial offenders. The aim of this work is to investigate to what extent it is possible to use geographic route estimations and behavioral data to detect serial offenders. Experiments were conducted using behavioral data from authentic burglary reports to investigate if it was possible to find crime routes with high similarity. Further, the use of burglary reports from serial offenders to investigate to what extent it was possible to detect serial offender crime routes. The result show that crime series with the same offender on average had a higher behavioral similarity than random crime series. Sets of crimes with high similarity, but without a known offender would be interesting for law enforcement to investigate further. The algorithm is also evaluated on 9 crime series containing a maximum of 20 crimes per series. The results suggest that it is possible to detect crime series with high similarity using analysis of both geographic routes and behavioral data recorded at crime scenes.

  • 35.
    Borg, Anton
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Eliasson, Johan
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Detecting Crime Series Based on Route Estimationand Behavioral Similarity2017Conference paper (Refereed)
    Abstract [en]

    A majority of crimes are committed by a minority of offenders. Previous research has provided some support for the theory that serial offenders leave behavioral traces on the crime scene which could be used to link crimes to serial offenders. The aim of this work is to investigate to what extent it is possible to use geographic route estimations and behavioral data to detect serial offenders. Experiments were conducted using behavioral data from authentic burglary reports to investigate if it was possible to find crime routes with high similarity. Further, the use of burglary reports from serial offenders to investigate to what extent it was possible to detect serial offender crime routes. The result show that crime series with the same offender on average had a higher behavioral similarity than random crime series. Sets of crimes with high similarity, but without a known offender would be interesting for law enforcement to investigate further. The algorithm is also evaluated on 9 crime series containing a maximum of 20 crimes per series. The results suggest that it is possible to detect crime series with high similarity using analysis of both geographic routes and behavioral data recorded at crime scenes.

  • 36. Borg, Anton
    et al.
    Boldt, Martin
    Lavesson, Niklas
    Informed Software Installation through License Agreement Categorization2011Conference paper (Refereed)
    Abstract [en]

    Spyware detection can be achieved by using machinelearning techniques that identify patterns in the End User License Agreements (EULAs) presented by application installers. However, solutions have required manual input from the user with varying degrees of accuracy. We have implemented an automatic prototype for extraction and classification and used it to generate a large data set of EULAs. This data set is used to compare four different machine learning algorithms when classifying EULAs. Furthermore, the effect of feature selection is investigated and for the top two algorithms, we investigate optimizing the performance using parameter tuning. Our conclusion is that feature selection and performance tuning are of limited use in this context, providing limited performance gains. However, both the Bagging and the Random Forest algorithms show promising results, with Bagging reaching an AUC measure of 0.997 and a False Negative Rate of 0.062. This shows the applicability of License Agreement Categorization for realizing informed software installation.

    Download full text (pdf)
    FULLTEXT01
  • 37.
    Borg, Anton
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Lavesson, Niklas
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Melander, Ulf
    Boeva, Veselka
    Detecting serial residential burglaries using clustering2014In: Expert Systems with Applications, ISSN 0957-4174 , Vol. 41, no 11, p. 5252-5266Article in journal (Refereed)
    Abstract [en]

    According to the Swedish National Council for Crime Prevention, law enforcement agencies solved approximately three to five percent of the reported residential burglaries in 2012. Internationally, studies suggest that a large proportion of crimes are committed by a minority of offenders. Law enforcement agencies, consequently, are required to detect series of crimes, or linked crimes. Comparison of crime reports today is difficult as no systematic or structured way of reporting crimes exists, and no ability to search multiple crime reports exist. This study presents a systematic data collection method for residential burglaries. A decision support system for comparing and analysing residential burglaries is also presented. The decision support system consists of an advanced search tool and a plugin-based analytical framework. In order to find similar crimes, law enforcement officers have to review a large amount of crimes. The potential use of the cut-clustering algorithm to group crimes to reduce the amount of crimes to review for residential burglary analysis based on characteristics is investigated. The characteristics used are modus operandi, residential characteristics, stolen goods, spatial similarity, or temporal similarity. Clustering quality is measured using the modularity index and accuracy is measured using the rand index. The clustering solution with the best quality performance score were residential characteristics, spatial proximity, and modus operandi, suggesting that the choice of which characteristic to use when grouping crimes can positively affect the end result. The results suggest that a high quality clustering solution performs significantly better than a random guesser. In terms of practical significance, the presented clustering approach is capable of reduce the amounts of cases to review while keeping most connected cases. While the approach might miss some connections, it is also capable of suggesting new connections. The results also suggest that while crime series clustering is feasible, further investigation is needed.

  • 38.
    Borg, Anton
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Rosander, Oliver
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science. student.
    Ahlstrand, Jim
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science. student.
    E-mail classification with machine learning and word embeddings for improved customer support2021In: Neural Computing & Applications, ISSN 0941-0643, E-ISSN 1433-3058, Vol. 33, no 6, p. 1881-1902Article in journal (Refereed)
    Abstract [en]

    Classifying e-mails into distinct labels can have a great impact on customer support. By using machine learning to label e-mails, the system can set up queues containing e-mails of a specific category. This enables support personnel to handle request quicker and more easily by selecting a queue that match their expertise. This study aims to improve a manually defined rule-based algorithm, currently implemented at a large telecom company, by using machine learning. The proposed model should have higher F1-score and classification rate. Integrating or migrating from a manually defined rule-based model to a machine learning model should also reduce the administrative and maintenance work. It should also make the model more flexible. By using the frameworks, TensorFlow, Scikit-learn and Gensim, the authors conduct a number of experiments to test the performance of several common machine learning algorithms, text-representations, word embeddings to investigate how they work together. A long short-term memory network showed best classification performance with an F1-score of 0.91. The authors conclude that long short-term memory networks outperform other non-sequential models such as support vector machines and AdaBoost when predicting labels for e-mails. Further, the study also presents a Web-based interface that were implemented around the LSTM network, which can classify e-mails into 33 different labels. © 2020, The Author(s).

    Download full text (pdf)
    fulltext
  • 39.
    Borg, Anton
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Svensson, Johan
    Telenor Sverige AB, SWE.
    Using conformal prediction for multi-label document classification in e-Mail support systems2019In: ADVANCES AND TRENDS IN ARTIFICIAL INTELLIGENCE: FROM THEORY TO PRACTICE / [ed] Wotawa, F; Friedrich, G; Pill, I; KoitzHristov, R; Ali, M, Springer Verlag , 2019, Vol. 11536, p. 308-322Conference paper (Refereed)
    Abstract [en]

    For any corporation the interaction with its customers is an important business process. This is especially the case for resolving various business-related issues that customers encounter. Classifying the type of such customer service e-mails to provide improved customer service is thus important. The classification of e-mails makes it possible to direct them to the most suitable handler within customer service. We have investigated the following two aspects of customer e-mail classification within a large Swedish corporation. First, whether a multi-label classifier can be introduced that performs similarly to an already existing multi-class classifier. Second, whether conformal prediction can be used to quantify the certainty of the predictions without loss in classification performance. Experiments were used to investigate these aspects using several evaluation metrics. The results show that for most evaluation metrics, there is no significant difference between multi-class and multi-label classifiers, except for Hamming loss where the multi-label approach performed with a lower loss. Further, the use of conformal prediction did not introduce any significant difference in classification performance for neither the multi-class nor the multi-label approach. As such, the results indicate that conformal prediction is a useful addition that quantifies the certainty of predictions without negative effects on the classification performance, which in turn allows detection of statistically significant predictions. © Springer Nature Switzerland AG 2019.

  • 40. Carlsson, Bengt
    et al.
    Boldt, Martin
    Security Analysis of the Swedish Road User Charging System2008Conference paper (Refereed)
    Abstract [en]

    A security analysis based on probabilities, consequences and costs resulted in a priority ranking for physical, logical and human threats for the proposed Swedish road user charging system using a smartcard solution. Countermeasures are described as top prioritized, highly prioritized, average prioritized and low prioritized and compared to operational errors. Logical countermeasures like encryption and local buffering are most cost efficient to implement and different human threats are most difficult to deal with. In the end a security solution based on dynamical safety mechanisms is suggested.

    Download full text (pdf)
    FULLTEXT01
  • 41.
    Erlandsson, Fredrik
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Boldt, Martin
    Blekinge Institute of Technology, School of Computing.
    Johnson, Henric
    Blekinge Institute of Technology, School of Computing.
    Privacy threats related to user profiling in online social networks2012Conference paper (Refereed)
    Abstract [en]

    The popularity of Online Social Networks (OSNs) has increased the visibility of users profiles and interactions performed between users. In this paper we structure different privacy threats related to OSNs and describe six different types of privacy threats. One of these threats, named public information harvesting, is previously not documented so we therefore present it in further detail by also presenting the results from a proof-of-concept implementation of that threat. The basis of the attack is gathering of user interactions from various open groups on Facebook which then is transformed into a social interaction graph. Since the data gathered from the OSN originates from open groups it could be executed by any third-party connected to the Internet independently of the users' privacy settings. In addition to presenting the different privacy threats we also we propose a range of different protection techniques.

  • 42.
    Erlandsson, Fredrik
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Bródka, Piotr
    Wrocław University of Science and Technology, POL.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Johnson, Henric
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Do We Really Need To Catch Them All?: A New User-Guided Social Media Crawling Method2017In: Entropy, E-ISSN 1099-4300, Vol. 19, no 12, article id 686Article in journal (Refereed)
    Abstract [en]

    With the growing use of popular social media services like Facebook and Twitter it is hard to collect all content from the networks without access to the core infrastructure or paying for it. Thus, if all content cannot be collected one must consider which data are of most importance.In this work we present a novel User-Guided Social Media Crawling method (USMC) that is able to collect data from social media, utilizing the wisdom of the crowd to decide the order in which user generated content should be collected, to cover as many user interactions as possible. USMC is validated by crawling 160 Facebook public pages, containing 368 million users and 1.3 billion interactions, and it is compared with two other crawling methods. The results show that it is possible to cover approximately 75% of the interactions on a Facebook page by sampling just 20% of its posts, and at the same time reduce the crawling time by 53%.What is more, the social network constructed from the 20% sample has more than 75% of the users and edges compared to the social network created from all posts, and has very similar degree distribution.

    Download full text (pdf)
    fulltext
  • 43.
    Erlandsson, Fredrik
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Nia, Roozbeh
    Boldt, Martin
    Blekinge Institute of Technology, School of Computing.
    Johnson, Henric
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Wu, S. Felix
    Crawling Online Social Networks2015In: SECOND EUROPEAN NETWORK INTELLIGENCE CONFERENCE (ENIC 2015), IEEE Computer Society, 2015, p. 9-16Conference paper (Refereed)
    Abstract [en]

    Researchers put in tremendous amount of time and effort in order to crawl the information from online social networks. With the variety and the vast amount of information shared on online social networks today, different crawlers have been designed to capture several types of information. We have developed a novel crawler called SINCE. This crawler differs significantly from other existing crawlers in terms of efficiency and crawling depth. We are getting all interactions related to every single post. In addition, are we able to understand interaction dynamics, enabling support for making informed decisions on what content to re-crawl in order to get the most recent snapshot of interactions. Finally we evaluate our crawler against other existing crawlers in terms of completeness and efficiency. Over the last years we have crawled public communities on Facebook, resulting in over 500 million unique Facebook users, 50 million posts, 500 million comments and over 6 billion likes.

    Download full text (pdf)
    fulltext
  • 44.
    Jacobsson, Andreas
    et al.
    Malmo Univ, Dept Comp Sci, S-20505 Malmo, Sweden..
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    Carlsson, Bengt
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
    A risk analysis of a smart home automation system2016In: Future generations computer systems, ISSN 0167-739X, E-ISSN 1872-7115, Vol. 56, p. 719-733Article in journal (Refereed)
    Abstract [en]

    Enforcing security in Internet of Things environments has been identified as one of the top barriers for realizing the vision of smart, energy-efficient homes and buildings. In this context, understanding the risks related to the use and potential misuse of information about homes, partners, and end-users, as well as, forming methods for integrating security-enhancing measures in the design is not straightforward and thus requires substantial investigation. A risk analysis applied on a smart home automation system developed in a research project involving leading industrial actors has been conducted. Out of 32 examined risks, 9 were classified as low and 4 as high, i.e., most of the identified risks were deemed as moderate. The risks classified as high were either related to the human factor or to the software components of the system. The results indicate that with the implementation of standard security features, new, as well as, current risks can be minimized to acceptable levels albeit that the most serious risks, i.e., those derived from the human factor, need more careful consideration, as they are inherently complex to handle. A discussion of the implications of the risk analysis results points to the need for a more general model of security and privacy included in the design phase of smart homes. With such a model of security and privacy in design in place, it will contribute to enforcing system security and enhancing user privacy in smart homes, and thus helping to further realize the potential in such loT environments. (C) 2015 Elsevier B.V. All rights reserved.

  • 45. Jacobsson, Andreas
    et al.
    Boldt, Martin
    Carlsson, Bengt
    Privacy-Invasive Software in Filesharing2004Conference paper (Refereed)
    Abstract [en]

    Personal privacy is affected by the occurrence of adware and spyware in peer-topeer tools. In an experiment, we investigated five file-sharing tools and found that they all contained ad-/spyware programs, and, that these hidden components communicated with several servers on the Internet. Although there was no exchange of files by way of the file-sharing tools, they generated a significant amount of network traffic. Amongst the retrieved ad-/spyware components that communicated with the Internet, we discovered that privacy-invasive information such as, e.g., user data and Internet browsing history was transmitted. In effect, ad-/spyware activity in file-sharing tools creates serious problems not only to user privacy and security, but also to network and system performance. The increasing presence of hidden and bundled ad /spyware programs are therefore not beneficial for the development of a secure and stable use of the Internet.

    Download full text (pdf)
    FULLTEXT01
  • 46. Lavesson, Niklas
    et al.
    Boldt, Martin
    Davidsson, Paul
    Jacobsson, Andreas
    Learning to detect spyware using end user license agreements2011In: Knowledge and Information Systems, ISSN 0219-1377, Vol. 26, no 2, p. 285-307Article in journal (Refereed)
    Abstract [en]

    The amount of software that hosts spyware has increased dramatically. To avoid legal repercussions, the vendors need to inform users about inclusion of spyware via end user license agreements (EULAs) during the installation of an application. However, this information is intentionally written in a way that is hard for users to comprehend. We investigate how to automatically discriminate between legitimate software and spyware associated software by mining EULAs. For this purpose, we compile a data set consisting of 996 EULAs out of which 9.6% are associated to spyware. We compare the performance of 17 learning algorithms with that of a baseline algorithm on two data sets based on a bag-of-words and a meta data model. The majority of learning algorithms significantly outperform the baseline regardless of which data representation is used. However, a non-parametric test indicates that bag-of-words is more suitable than the meta model. Our conclusion is that automatic EULA classification can be applied to assist users in making informed decisions about whether to install an application without having read the EULA. We therefore outline the design of a spyware prevention tool and suggest how to select suitable learning algorithms for the tool by using a multi-criteria evaluation approach.

    Download full text (pdf)
    FULLTEXT01
  • 47. Lavesson, Niklas
    et al.
    Davidsson, Paul
    Boldt, Martin
    Jacobsson, Andreas
    Spyware Prevention by Classifying End User License Agreements2008In: New Challenges in Applied Intelligence Technologies / [ed] Nguyen, Ngoc Thanh; Katarzyniak, Radoslaw, Berlin / Heidelberg: Springer , 2008, p. 373-382Chapter in book (Refereed)
    Abstract [en]

    We investigate the hypothesis that it is possible to detect from the End User License Agreement (EULA) if the associated software hosts spyware. We apply 15 learning algorithms on a data set consisting of 100 applications with classified EULAs. The results show that 13 algorithms are significantly more accurate than random guessing. Thus,we conclude that the hypothesis can be accepted. Based on the results, we present a novel tool that can be used to prevent spyware by automatically halting application installers and classifying the EULA, giving users the opportunity to make an informed choice about whether to continue with the installation. We discuss positive and negative aspects of this prevention approach and suggest a method for evaluating candidate algorithms for a future implementation.

    Download full text (pdf)
    FULLTEXT01
  • 48. Lavesson, Niklas
    et al.
    Davidsson, Paul
    Boldt, Martin
    Jacobsson, Andreas
    Spyware Prevention by Classifying End User License Agreements2008Conference paper (Refereed)
    Abstract [en]

    We investigate the hypothesis that it is possible to detect from the End User License Agreement (EULA) if the associated software hosts spyware. We apply 15 learning algorithms on a, data set consisting of 100 applications with classified EULAs. The results show that 13 algorithms are significantly more accurate than random guessing. Thus, we conclude that the hypothesis can be accepted. Based on the results, we present a novel tool that can be used to prevent spyware by automatically halting application installers and classifying the EULA, giving users the opportunity to make an informed choice about whether to continue with the installation. We discuss positive and negative aspects of this prevention approach and suggest a method for evaluating candidate algorithms for a future implementation.

  • 49.
    Lewenhagen, Kenneth
    et al.
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Borg, Anton
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Gerell, Manne
    Malmö University, SWE.
    Dahlen, Johan
    Region South Swedish Police, SWE.
    An Interdisciplinary Web-based Framework for Data-driven Placement Analysis of CCTV Cameras2021In: Proceedings of the 2021 Swedish Workshop on Data Science, SweDS 2021, Institute of Electrical and Electronics Engineers Inc. , 2021Conference paper (Refereed)
    Abstract [en]

    This paper describes work in progress of an interdisciplinary research project that focuses on the placement and analysis of public close-circuit television (CCTV) cameras using data-driven analysis of crime data. A novel web-based prototype that acts as a framework for the camera placement analysis with regards to historical crime occurrence is presented. The web-based prototype enables various analyses involving public CCTV cameras e.g., to determine suitable locations for both stationary CCTV cameras as well as temporary cameras that are moved around after a few months to address crime seasonality. The framework also opens up for other analyses, e.g. automatically highlighting crimes that are carried out closed by at least one camera. The research also investigates to what extent it is possible to generate estimates on the amount of detail captured by a camera given the distance to the crime light conditions. The research project includes interdisciplinary competences from various areas such as criminology, computer and data science as well as the Swedish Police. © 2021 IEEE.

    Download full text (pdf)
    fulltext
  • 50.
    Moraes, Ana Luiza Dallora
    et al.
    Blekinge Institute of Technology, Faculty of Engineering, Department of Health.
    Kvist, Ola
    Karolinska University Hospital, SWE.
    Sanmartin Berglund, Johan
    Blekinge Institute of Technology, Faculty of Engineering, Department of Health.
    Ruiz, Sandra Diaz
    Karolinska University Hospital, SWE.
    Boldt, Martin
    Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
    Flodmark, Carl-Erik
    Lund University, SWE.
    Anderberg, Peter
    Blekinge Institute of Technology, Faculty of Engineering, Department of Health.
    Chronological Age Assessment in Young Individuals Using Bone Age Assessment Staging and Nonradiological Aspects: Machine Learning Multifactorial Approach2020In: JMIR Medical Informatics, E-ISSN 2291-9694, Vol. 8, no 9, article id e18846Article in journal (Refereed)
    Abstract [en]

    Background: Bone age assessment (BAA) is used in numerous pediatric clinical settings, as well as in legal settings when entities need an estimate of chronological age (CA) when valid documents are lacking. The latter case presents itself as critical since the law is harsher for adults and granted rights along with imputability changes drastically if the individual is a minor. Traditional BAA methods suffer from drawbacks such as exposure of minors to radiation, do not consider factors that might affect the bone age and they mostly focus on a single region. Given the critical scenarios in which BAA can affect the lives of young individuals it is important to focus on the drawbacks of the traditional methods and investigate the potential of estimating CA through BAA.

    Objective: This paper aims to investigate CA estimation through BAA in young individuals of 14 to 21 years with machine learning methods, addressing the drawbacks in the research using magnetic resonance imaging (MRI), assessment of multiple ROIs and other factors that may affect the bone age.

    Methods: MRI examinations of the radius, distal tibia, proximal tibia, distal femur and calcaneus were carried out on 465 males and 473 females subjects (14-21 years). Measures of weight and height were taken from the subjects and a questionnaire was given for additional information (self-assessed Tanner Scale, physical activity level, parents' origin, type of residence during upbringing). Two pediatric radiologists assessed, independently, the MRI images as to their stage of bone development (blinded to age, gender and each other). All the gathered information was used in training machine learning models for chronological age estimation and minor versus adults classification (threshold of 18 years). Different machine learning methods were investigated.

    Results: The minor versus adults classification produced accuracies of 90% and 84%, for male and female subjects, respectively, with high recalls for the classification of minors. The chronological age estimation for the eight age groups (14-21 years) achieved mean absolute errors of 0.95 years and 1.24 years for male and female subjects, respectively. However, for the latter lower error occurred only for the ages of 14 and 15.

    Conclusions: This paper proposed to investigate the CA estimation through BAA using machine learning methods in two ways: minor versus adults classification and CA estimation in eight age groups (14-21 years), while addressing the drawbacks in the research on BAA. The first achieved good results, however, for the second case BAA showed not precise enough for the classification.

    Download full text (pdf)
    fulltext
12 1 - 50 of 53
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf