Biblio

Ciphertext policy attribute based encryption (CP-ABE) can provide high finegrained access control for cloud storage. However, it needs to solve problems such as property privacy protection, ciphertext search and data update in the application process. Therefore, based on CP-ABE scheme, this paper proposes a dynamically updatable searchable encryption cloud storage (DUSECS) scheme. Using the characteristics of homomorphic encryption, the encrypted data is compared to achieve efficient hiding policy. Meanwhile, adopting linked list structure, the DUSECS scheme realizes the dynamic data update and integrity detection, and the search encryption against keyword guessing attacks is achieved by combining homomorphic encryption with aggregation algorithm. The analysis of security and performance shows that the scheme is secure and efficient.

The recent development of distribution-level phasor measurement units, a.k.a. micro-PMUs, has been an important step towards achieving situational awareness in power distribution networks. The challenge however is to transform the large amount of data that is generated by micro-PMUs to actionable information and then match the information to use cases with practical value to system operators. This open problem is addressed in this paper. First, we introduce a novel data-driven event detection technique to pick out valuable portion of data from extremely large raw micro-PMU data. Subsequently, a datadriven event classifier is developed to effectively classify power quality events. Importantly, we use field expert knowledge and utility records to conduct an extensive data-driven event labeling. Moreover, certain aspects from event detection analysis are adopted as additional features to be fed into the classifier model. In this regard, a multi-class support vector machine (multi-SVM) classifier is trained and tested over 15 days of real-world data from two micro-PMUs on a distribution feeder in Riverside, CA. In total, we analyze 1.2 billion measurement points, and 10,700 events. The effectiveness of the developed event classifier is compared with prevalent multi-class classification methods, including k-nearest neighbor method as well as decision-tree method. Importantly, two real-world use-cases are presented for the proposed data analytics tools, including remote asset monitoring and distribution-level oscillation analysis.

Mobile Device Security is an important factor as all the user's sensitive information is stored on the mobile device. The problem of mobile devices getting lost or stolen has only been increasing. There are various systems which provide Online Mobile Device Security which require internet to perform their required functions. Our proposed system SMS Based Offline Mobile Device Security System provides mobile device users with a wide range of security features that help protect the mobile device from theft and also acts as an assistant that helps the users in any problems they may face in their day-to-day lives. The project aims to develop a mobile security system that will allow the user to manipulate his mobile device from any other device through SMS which can be used to get contact information from the user's mobile device remotely, help find the phone by maximizing the volume and playing a tone, trace the current location of the mobile device, get the IMEI No of the device, lock the device, send a message that will be converted to speech and played on the user's mobile device, call forwarding, message forwarding and various other features. It also has an additional security feature that will detect a sim card change and send the new SIM card mobile no to the recovery mobile numbers specified during initial setup automatically. Hence, the user will be able to manipulate his phone even after the SIM card has been changed. Therefore, the SMS-Based Offline Mobile Device Security System provides much more security for the mobile device than the existing online device security methods.

Cloud computing dominates the information communication and technology landscape despite the presence of lingering security issues such as the interdependency problem. The latter is a co-residence conundrum where the attacker successfully compromises his target virtual machine by first exploiting the weakest (in terms of security) virtual machine that is hosted in the same server. To tackle this issue, we propose a novel virtual machine allocation policy that is based on the attacker's efficiency and coverage. By default, our allocation policy considers all legitimate users as attackers and then proceeds to host the users' virtual machines to the server where their efficiency and/or coverage are the smallest. Our simulation results show that our proposal performs better than the existing allocation policies that were proposed to tackle the same issue, by reducing the attacker's possibilities to zero and by using between 30 - 48% less hosts.

Nearest neighbor search, a classic way of identifying similar data, can be applied to various areas, including database, machine learning, natural language processing, software engineering, etc. Secure nearest neighbor search aims to find nearest neighbors to a given query point over encrypted data without accessing data in plaintext. It provides privacy protection to datasets when nearest neighbor queries need to be operated by an untrusted party (e.g., a public server). While different solutions have been proposed to support nearest neighbor queries on encrypted data, these existing solutions still encounter critical drawbacks either in efficiency or privacy. In light of the limitations in the current literature, we propose a novel approximate nearest neighbor search solution, referred to as Sparser, by leveraging a combination of space-filling curves, perturbation, and Order-Preserving Encryption. The advantages of Sparser are twofold, strengthening privacy and improving efficiency. Specifically, Sparser pre-processes plaintext data with space-filling curves and perturbation, such that data is sparse, which mitigates leakage abuse attacks and renders stronger privacy. In addition to privacy enhancement, Sparser can efficiently find approximate nearest neighbors over encrypted data with logarithmic time. Through extensive experiments over real-world datasets, we demonstrate that Sparser can achieve strong privacy protection under leakage abuse attacks and minimize search time.

Many portable imaging devices use the operation of "trunc" (rounding towards zero) instead of rounding as the final quantizer for computing DCT coefficients during JPEG compression. We show that this has rather profound consequences for steganography and its detection. In particular, side-informed steganography needs to be redesigned due to the different nature of the rounding error. The steganographic algorithm J-UNIWARD becomes vulnerable to steganalysis with the JPEG rich model and needs to be adjusted for this source. Steganalysis detectors need to be retrained since a steganalyst unaware of the existence of the trunc quantizer will experience 100% false alarm.

We define discounted differential privacy, as an alternative to (conventional) differential privacy, to investigate privacy of evolving datasets, containing time series over an unbounded horizon. We use privacy loss as a measure of the amount of information leaked by the reports at a certain fixed time. We observe that privacy losses are weighted equally across time in the definition of differential privacy, and therefore the magnitude of privacy-preserving additive noise must grow without bound to ensure differential privacy over an infinite horizon. Motivated by the discounted utility theory within the economics literature, we use exponential and hyperbolic discounting of privacy losses across time to relax the definition of differential privacy under continual observations. This implies that privacy losses in distant past are less important than the current ones to an individual. We use discounted differential privacy to investigate privacy of evolving datasets using additive Laplace noise and show that the magnitude of the additive noise can remain bounded under discounted differential privacy. We illustrate the quality of privacy-preserving mechanisms satisfying discounted differential privacy on smart-meter measurement time-series of real households, made publicly available by Ausgrid (an Australian electricity distribution company).

By exploiting the simultaneous particle-conserving and particle-nonconserving phonon-photon interactions in an optomechanical array, we find a topologically protected edge state for phonons that can be parametrically amplified when all the bulk states remain stable.

The number of organizations adopting the Data Warehouse (DW) technology along with data analytics in order to improve the effectiveness of their decision-making processes is permanently increasing. Despite the efforts invested, the DW design remains a great challenge research domain. More accurately, the design quality of the DW depends on several aspects; among them, the requirement-gathering phase is a critical and complex task. In this context, we propose a Natural language (NL) NL-template based design approach, which is twofold; firstly, it facilitates the involvement of decision-makers in the early step of the DW design; indeed, using NL is a good and natural means to encourage the decision-makers to express their requirements as query-like English sentences. Secondly, our approach aims to generate a DW multidimensional schema from a set of gathered requirements (as OLAP: On-Line-Analytical-Processing queries, written according to the NL suggested templates). This approach articulates around: (i) two NL-templates for specifying multidimensional components, and (ii) a set of five heuristic rules for extracting the multidimensional concepts from requirements. Really, we are developing a software prototype that accepts the decision-makers' requirements then automatically identifies the multidimensional components of the DW model.

Reported vulnerabilities have grown significantly over the recent years, with SQL injection (SQLi) being one of the most prominent, especially in web applications. For these, such increase can be explained by the integration of multiple software parts (e.g., various plugins and modules), often developed by different organizations, composing thus web application variants. Machine Learning has the potential to be a great ally on finding vulnerabilities, aiding experts by reducing the search space or even by classifying programs on their own. However, previous work usually does not consider SQLi or utilizes techniques hard to scale. Moreover, there is a clear gap in vulnerability detection with machine learning for PHP, the most popular server-side language for web applications. This paper presents a Deep Learning model able to classify PHP slices as vulnerable (or not) to SQLi. As slices can belong to any variant, we propose the use of an intermediate language to represent the slices and interpret them as text, resorting to well-studied Natural Language Processing (NLP) techniques. Preliminary results of the use of the model show that it can discover SQLi, helping programmers and precluding attacks that would eventually cost a lot to repair.

In light of the progress achieved by the technology sector in the areas of internet speed and cloud services development, and in addition to other advantages provided by the cloud such as reliability and easy access from anywhere and anytime, most data owners find an opportunity to take advantage of the cloud to store data. However, data owners find a challenge that was and is still facing them in the field of outsourcing, which is protecting sensitive data from leakage. Researchers found that partitioning data into partitions, based on data sensitivity, can be used to protect data from leakage and to increase performance by storing the partition, which contains sensitive data in an encrypted form. In this paper, we review the methods used in designing partitions and dividing data approaches. A hybrid data partitioning approach is proposed to improve these techniques. We consider the frequency attack types used to guess the sensitive data and the most important properties that must be available in order for the encryption to be strong against frequency attacks.

As a key technology in cognitive radio, cooperative spectrum sensing has been paid more and more attention. In cooperative spectrum sensing, multi-user cooperative spectrum sensing can effectively alleviate the performance degradation caused by multipath effect and shadow fading, and improve the spectrum utilization. However, as there may be malicious users in the cooperative sensing users, sending forged false messages to the fusion center or neighbor nodes to mislead them to make wrong judgments, which will greatly reduce the spectrum utilization. To solve this problem, this paper proposes an intelligent anti spectrum sensing data falsification (SSDF) attack algorithm using trust-based non consensus message passing algorithm. In this scheme, only one perception is needed, and the historical propagation path of each message is taken as the basis to calculate the reputation of each cognitive user. Every time a node receives different messages from the same cognitive user, there must be malicious users in its propagation path. We reward the nodes that appear more times in different paths with reputation value, and punish the nodes that appear less. Finally, the real value of the tampered message is restored according to the calculated reputation value. The MATLAB results show that the proposed scheme has a high recovery rate for messages and can identify malicious users in the network at the same time.

Trustworthiness is a soft-security feature that evaluates the correct behavior of nodes in a network. More specifically, this feature tries to answer the following question: how much should we trust in a certain node? To determine the trustworthiness of a node, our approach focuses on two reputation indicators: the self-data trust, which evaluates the data generated by the node itself taking into account its historical data; and the peer-data trust, which utilizes the nearest nodes' data. In this paper, we show how these two indicators can be calculated using the Gaussian Overlap and Pearson correlation. This paper includes a validation of our trustworthiness approach using real data from unofficial and official weather stations in Portugal. This is a representative scenario of the current situation in many other areas, with different entities providing different kinds of data using autonomous sensors in a continuous way over the networks.

Many blockchain applications use decentralized oracles to trustlessly retrieve external information as those platforms are agnostic to real-world information. Some existing decentralized oracle protocols make use of majority-voting schemes to determine the outcomes and/or rewards to participants. In these cases, the awards (or penalties) grow linearly to the participant stakes, therefore voters are indifferent between voting through a single or multiple identities. Furthermore, the voters receive a reward only when they agree with the majority outcome, a tactic that may lead to herd behavior. This paper proposes an oracle protocol based on peer prediction mechanisms with non-linear staking rules. In the proposed approach, instead of being rewarded when agreeing with a majority outcome, a voter receives awards when their report achieves a relatively high score based on a peer prediction scoring scheme. The scoring scheme is designed to be incentive compatible so that the maximized expected score is achieved only with honest reporting. A non-linear stake scaling rule is proposed to discourage Sybil attacks. This paper also provides a theoretical analysis and guidelines for implementation as reference.

Currently the use and production of multimedia data such as digital images have increased due to its wide use within smart devices and open networks. Although this has some advantages, it has generated several issues related to the infraction of intellectual property. Digital image watermarking is a promissory solution to solve these issues. Considering the need to develop mechanisms to improve the information security as well as protect the intellectual property of the digital images, in this paper we propose a novel visible-imperceptible watermarking based on reversible data hiding with contrast enhancement. In this way, a watermark logo is embedded in the spatial domain of the original image imperceptibly, so that the logo is revealed applying reversible data hiding increasing the contrast of the watermarked image and the same time concealing a great amount of data bits, which are extracted and the watermarked image restored to its original conditions using the reversible functionality. Experimental results show the effectiveness of the proposed algorithm. A performance comparison with the current state-of-the-art is provided.

This study focuses on identifying the factors contributing to a sense of personal responsibility that could improve understanding of insecure cybersecurity behavior and guide research toward more effective messaging targeting non-adopting populations. Towards that, we ran a 2(account type) x2(usage scenario) x2(message type) between-group study with 237 United States adult participants on Amazon MTurk, and investigated how the non-adopting population allocates blame, and under what circumstances they blame the end user among the parties who hold responsibility: the software companies holding data, the attackers exposing data, and others. We find users primarily hold service providers accountable for breaches but they feel the same companies should not enforce stronger security policies on users. Results indicate that people do hold end users accountable for their behavior in the event of a breach, especially when the users' behavior affects others. Implications of our findings in risk communication is discussed in the paper.

The increasing complexity of modern computing devices has rendered security architectures vulnerable to recent side-channel and transient-execution attacks. We discuss the most relevant defenses as well as their drawbacks and how to overcome them for next-generation secure processor design.

Application programs are a possible source of attacks to databases as attackers might exploit vulnerabilities in a privileged database application. They can perform code injection or code-reuse attack in order to steal sensitive data. However, as such attacks very often result in changes in the program's behavior, program monitoring techniques represent an effective defense to detect on-going attacks. One such technique is monitoring the library/system calls that the application program issues while running. In this paper, we propose AD-PROM, an Anomaly Detection system that aims at protecting relational database systems against malicious/compromised applications PROgraMs aiming at stealing data. AD-PROM tracks calls executed by application programs on data extracted from a database. The system operates in two phases. The first phase statically and dynamically analyzes the behavior of the application in order to build profiles representing the application's normal behavior. AD-PROM analyzes the control and data flow of the application program (i.e., static analysis), and builds a hidden Markov model trained by the program traces (i.e., dynamic analysis). During the second phase, the program execution is monitored in order to detect anomalies that may represent data leakage attempts. We have implemented AD-PROM and carried experimental activities to assess its performance. The results showed that our system is highly accurate in detecting changes in the application programs' behaviors and has very low false positive rates.

Nowadays, STEM (science, technology, engineering and mathematics) have never been treated so seriously before. Artificial Intelligence (AI) has played an important role currently in STEM. Under the 2020 COVID-19 pandemic crisis, coronavirus disease across over the world we are living in. Every government seek advices from scientist before making their strategic plan. Most of countries collect data from hospitals (and care home and so on in the society), carried out data analysis, using formula to make some AI models, to predict the potential development patterns, in order to make their government strategy. AI security become essential. If a security attack make the pattern wrong, the model is not a true prediction, that could result in thousands life loss. The potential consequence of this non-accurate forecast would be even worse. Therefore, take security into account during the forecast AI modelling, step-by-step data governance, will be significant. Cyber security should be applied during this kind of prediction process using AI deep learning technology and so on. Some in-depth discussion will follow.AI security impact is a principle concern in the world. It is also significant for both nature science and social science researchers to consider in the future. In particular, because many services are running on online devices, security defenses are essential. The results should have properly data governance with security. AI security strategy should be up to the top priority to influence governments and their citizens in the world. AI security will help governments' strategy makers to work reasonably balancing between technologies, socially and politics. In this paper, strategy related challenges of AI and Security will be discussed, along with suggestions AI cyber security and politics trade-off consideration from an initial planning stage to its near future further development.

In the context of insiders, preventive security measures have a high likelihood of failing because insiders ought to have sufficient privileges to perform their jobs. Instead, in this paper, we propose to treat the insider threat by a detective measure that holds an insider accountable in case of violations. However, to enable accountability, we need to create causal models that support reasoning about the causality of a violation. Current security models (e.g., attack trees) do not allow that. Still, they are a useful source for creating causal models. In this paper, we discuss the value added by causal models in the security context. Then, we capture the interaction between attack trees and causal models by proposing an automated approach to extract the latter from the former. Our approach considers insider-specific attack classes such as collusion attacks and causal-model-specific properties like preemption relations. We present an evaluation of the resulting causal models’ validity and effectiveness, in addition to the efficiency of the extraction process.
 

Power system security assessment and enhancement in grids with high penetration of renewables is critical for pragmatic power system planning. Static Security Assessment (SSA) is a fast response tool to assess system stability margins following considerable contingencies assuming post fault system reaches a steady state. This paper presents a contingency ranking methodology using static security indices to rank credible contingencies considering severity. A Modified IEEE 9 bus system integrating renewables was used to test the approach. The static security indices used independently provides accurate results in identifying severe contingencies but further assessment is needed to provide an accurate picture of static security assessment in an increased time frame of the steady state. The indices driven for static security assessment could accurately capture and rank contingencies with renewable sources but due to intermittency of the renewable source various contingency ranking lists are generated. This implies that using indices in future grids without consideration on intermittent nature of renewables will make it difficult for the grid operator to identify severe contingencies and assist the power system operator to make operational decisions. This makes it necessary to integrate the behaviour of renewables in security indices for practical application in real time security assessment.

Code randomization is considered as the basis of mitigation against code reuse attacks, fundamentally supporting some recent proposals such as execute-only memory (XOM) that aims at dynamic return-oriented programming (ROP) attacks. However, existing code randomization methods are hard to achieve a good balance between high-randomization entropy and semantic consistency. In particular, they always ignore code semantic consistency, incurring performance loss and incompatibility with current security schemes, e.g., control flow integrity (CFI). In this paper, we present an enhanced code randomization method termed as HCRESC, which can improve the randomization entropy significantly, meanwhile ensure the semantic consistency between variants and the original code. HCRESC reschedules instructions within the range of functions rather than basic blocks, thus producing more variants of the original code and preserving the code's semantic. We implement HCRESC on Linux platform of x86-64 architecture and demonstrate that HCRESC can increase the randomization entropy of x86-64 code over than 120% compared with existing methods while ensuring control flow and size of the code unaltered.

Intel has recently offered third-party attestation services, called Data Center Attestation Primitives (DCAP), for a data center to create its own attestation infrastructure. These services address the availability concerns and improve the performance as compared to the remote attestation based on Enhanced Privacy ID (EPID). Practical developments, such as Hyperledger Avalon, have already planned to support DCAP in their roadmap. However, the lack of formal proof for DCAP leads to security concerns. To fill this gap, we propose an automated, rigorous, and sound formal approach to specify and verify the remote at-testation based on Intel SGX DCAP under the assumption that there are no side-channel attacks and no vulnerabilities inside the enclave. In the proposed approach, the data center configuration and operational policies are specified to generate the symbolic model, and security goals are specified as security properties to produce verification results. The evaluation of non-Quoting Verification Enclave-based DCAP indicates that the confidentiality of secrets and integrity of data is preserved against a Dolev-Yao adversary in this technology. We also present a few of the many inconsistencies found in the existing literature on Intel SGX DCAP during formal specification.

As we notice the increasing adoption of Cellular IoT solutions (smart-home, e-health, among others), there are still some security aspects that can be improved as these devices can suffer various types of attacks that can have a high-impact over our daily lives. In order to avoid this, we present a multi-front security solution that consists on a federated cross-layered authentication mechanism, as well as a machine learning platform with anomaly detection techniques for data traffic analysis as a way to study devices' behavior so it can preemptively detect attacks and minimize their impact. In this paper, we also present a proof-of-concept to illustrate the proposed solution and showcase its feasibility, as well as the discussion of future iterations that will occur for this work.

The Android application market will conduct various security analysis on each application to predict its potential harm before put it online. Since almost all the static analysis tools can only detect malicious behaviors in the Java layer, more and more malwares try to avoid static analysis by taking the malicious codes to the Native layer. To provide a solution for the above situation, there's a new research aspect proposed in this paper and defined as Inter-language Static Analysis. As all the involved technologies are introduced, the current research results of them will be captured in this paper, such as static analysis in Java layer, binary analysis in Native layer, Java-Native penetration technology, etc.