Cybersecurity is an ever-changing field of research, with new forms of security threats appearing often. One increasingly common threat, surveillanceware, involves a malicious individual installing software on a victim’s mobile device enabling secret remote monitoring of the device’s activity. Using a new $1.2 million grant from the National Science Foundation researchers at the University of Florida will study surveillanceware and develop new AI-based defenses for it.
The project titled, “Countering Surveillanceware Using Deception-Based Generative Models and Systems Mechanisms,” will use AI techniques in combination with system security mechanisms to curtail the effects of surveillanceware. This project will help broaden cybersecurity research to include the concerns of vulnerable individuals and groups, such as survivors of domestic abuse, whose cybersecurity needs have often historically been neglected.
The UF research team is led by principal investigator Vincent Bindschaedler, Ph.D., an assistant professor in the Department of Computer & Information Science & Engineering (CISE), and co-principal investigator Kevin R. B. Butler, Ph.D., a professor in CISE and the associate director of the Florida Institute for Cybersecurity (FICS) Research.
“The system we envision is a deception-based system that uses artificial intelligence techniques, specifically deep generative models, to produce fake but plausible (“synthetic”) data,” Dr. Bindschaedler said. “The synthetic data will be fed to the surveillanceware instead of the victim’s real sensitive data. This will mitigate the privacy threat of surveillanceware actively monitoring the victim’s device, even when the surveillanceware itself cannot be uninstalled.”
These types of tracking software are often used in intimate relationships where abuse is common. For example, an abuser will install software on a victim’s cellphone that tracks the device’s location and enables remote monitoring of its activity.
“Within FICS Research, we seek to solve security problems that have real-world impact,” Dr. Butler said. “Being able to use the technical expertise of our researchers and students for societal benefit resonates with our core values and goals.”
The researchers state that there are also reports of this technology being used on journalists, political dissidents, and human rights activists by repressive regimes. Dr. Bindschaedler said once surveillanceware is installed on the victim’s device “it may be too late for defenses such as antivirus software that seeks to detect and enable removal of surveillanceware.”
“Past research has shown that in situations of domestic abuse, taking away an abuser’s means of control and surveillance can lead to an escalation of their negative behavior,” Dr. Butler said. “Therefore, uninstalling surveillanceware could potentially put survivors at further risk.”
Investigators plan to assemble a diverse team for the project and hope to collaborate with local organizations, such as domestic abuse shelters, and international partners, such as the Coalition Against Stalkerware.
Marketing & Communications Specialist
Herbert Wertheim College of Engineering