Visible to the public 6th International Conference on New Technologies, Mobility & Security (NTMS) - Dubai

SoS Newsletter- Advanced Book Block

Dubai


The 2014 6th International Conference on New Technologies, Mobility and Security (NTMS) was held March 30 --April 2, 2014 in Dubai. This conference addresses advances in new technologies, solutions for mobility and tools and techniques for information security. The concentration is on the development of smart sensor systems and sensor networks for smart cities. An emphasis is placed on integration of distributed sensors together with the optimization algorithms to achieve this goal. In the security track, twenty three security-related research papers were presented addressing a range of issues in the areas of business process application security, security assurance and assessment, social networking security, privacy and anonymity, cloud computing security, intrusion and malware detection, digital forensics and cryptography.

  • Al Barghouthy, N.B.; Marrington, A., "A Comparison of Forensic Acquisition Techniques for Android Devices: A Case Study Investigation of Orweb Browsing Sessions," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on,., pp.1,4, March 30 2014-April 2 2014 doi: 10.1109/NTMS.2014.6813993 The issue of whether to "root" a small scale digital device in order to be able to execute acquisition tools with kernel-level privileges is a vexing one. In the early research literature about Android forensics, and in the commercial forensic tools alike, the common wisdom was that "rooting" the device modified its memory only minimally, and enabled more complete acquisition of digital evidence, and thus was, on balance, an acceptable procedure. This wisdom has been subsequently challenged, and alternative approaches to complete acquisition without "rooting" the device have been proposed. In this work, we address the issue of forensic acquisition techniques for Android devices through a case study we conducted to reconstruct browser sessions carried out using the Orweb private web browser. Orweb is an Android browser which uses Onion Routing to anonymize web traffic, and which records no browsing history. Physical and logical examinations were performed on both rooted and non-rooted Samsung Galaxy S2 smartphones running Android 4.1.1. The results indicate that for investigations of Orweb browsing history, there is no advantage to rooting the device. We conclude that, at least for similar investigations, rooting the device is unnecessary and thus should be avoided.
    Keywords: Android (operating system) ;Internet; digital forensics; online front-ends; smart phones; Android 4.1.1;Android browser; Android devices; Android forensics; Onion Routing; Orweb browsing sessions;Orweb private Web browser; Web traffic anonymization; browser session reconstruction; browsing history; device rooting; digital evidence acquisition; forensic acquisition techniques; forensic tools; kernel-level privilege; nonrooted Samsung Galaxy S2 smartphone; small scale digital device; Androids; Browsers; Forensics; Humanoid robots; Random access memory; Smart phones; Workstations (ID#:14-3241)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6813993&isnumber=6813963
  • Hammi, B.; Khatoun, R.; Doyen, G., "A Factorial Space for a System-Based Detection of Botcloud Activity," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1,5, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6813996 Today, beyond a legitimate usage, the numerous advantages of cloud computing are exploited by attackers, and Botnets supporting DDoS attacks are among the greatest beneficiaries of this malicious use. Such a phenomena is a major issue since it strongly increases the power of distributed massive attacks while involving the responsibility of cloud service providers that do not own appropriate solutions. In this paper, we present an original approach that enables a source-based de- tection of UDP-flood DDoS attacks based on a distributed system behavior analysis. Based on a principal component analysis, our contribution consists in: (1) defining the involvement of system metrics in a botcoud's behavior, (2) showing the invariability of the factorial space that defines a botcloud activity and (3) among several legitimate activities, using this factorial space to enable a botcloud detection.
    Keywords: cloud computing; computer network security; distributed processing; principal component analysis; transport protocols; UDP-flood DDoS attacks; botcloud activity; botcloud detection; botcoud behavior; botnets; cloud computing; cloud service provider; distributed massive attacks; distributed system behavior analysis; factorial space; legitimate activity; legitimate usage; malicious use; principal component analysis; source-based detection; system metrics; system-based detection; Cloud computing; Collaboration; Computer crime; Intrusion detection; Measurement; Monitoring; Principal component analysis (ID#:14-3242)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6813996&isnumber=6813963
  • Hatzivasilis, G.; Papaefstathiou, I.; Manifavas, C.; Papadakis, N., "A Reasoning System for Composition Verification and Security Validation," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, no., pp. 1, 4, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814001 The procedure to prove that a system-of-systems is composable and secure is a very difficult task. Formal methods are mathematically-based techniques used for the specification, development and verification of software and hardware systems. This paper presents a model-based framework for dynamic embedded system composition and security evaluation. Event Calculus is applied for modeling the security behavior of a dynamic system and calculating its security level with the progress in time. The framework includes two main functionalities: composition validation and derivation of security and performance metrics and properties. Starting from an initial system state and given a series of further composition events, the framework derives the final system state as well as its security and performance metrics and properties. We implement the proposed framework in an epistemic reasoner, the rule engine JESS with an extension of DECKT for the reasoning process and the JAVA programming language.
    Keywords: Java; embedded systems; formal specification; formal verification; reasoning about programs; security of data; software metrics; temporal logic; DECKT; JAVA programming language; composition validation; composition verification; dynamic embedded system composition; epistemic reasoner; event calculus; formal methods; model-based framework; performance metrics; reasoning system; rule engine JESS; security evaluation; security validation; system specification ;system-of-systems; Cognition; Computational modeling; Embedded systems; Measurement; Protocols; Security; Unified modeling language (ID#:14-3243)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814001&isnumber=6813963
  • Al Sharif, S.; Al Ali, M.; Salem, N.; Iqbal, F.; El Barachi, M.; Alfandi, O., "An Approach for the Validation of File Recovery Functions in Digital Forensics' Software Tools," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1, 6, March 30 2014-April 2 2014 doi: 10.1109/NTMS.2014.6814005 Recovering lost and deleted information from computer storage media for the purpose of forensic investigation is one of the essential steps in digital forensics. There are several dozens of commercial and open source digital analysis tools dedicated for this purpose. The challenge is to identify the tool that best fits in a specific case of investigation. To measure the file recovering functionality, we have developed a validation approach for comparing five popular forensic tools: Encase, Recover my files, Recuva, Blade, and FTK. These tools were examined in a fixed scenario to show the differences and capabilities in recovering files after deletion, quick format and full format of a USB stick. Experimental results on selected commercial and open source tools demonstrate effectiveness of proposed approach.
    Keywords: digital forensics; file organisation; Blade; Encase; FTK; Recover my files; Recuva; USB stick; computer storage media; digital forensics software tool; file recovery function; forensic tools; open source digital analysis tool; Blades; Computers; Digital forensics; Media; Recycling; Universal Serial Bus (ID#:14-3244)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814005&isnumber=6813963
  • Juvonen, A.; Hamalainen, T., "An Efficient Network Log Anomaly Detection System Using Random Projection Dimensionality Reduction," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1, 5, March 30 2014-April 2 2014 doi: 10.1109/NTMS.2014.6814006 Network traffic is increasing all the time and network services are becoming more complex and vulnerable. To protect these networks, intrusion detection systems are used. Signature-based intrusion detection cannot find previously unknown attacks, which is why anomaly detection is needed. However, many new systems are slow and complicated. We propose a log anomaly detection framework which aims to facilitate quick anomaly detection and also provide visualizations of the network traffic structure. The system preprocesses network logs into a numerical data matrix, reduces the dimensionality of this matrix using random projection and uses Mahalanobis distance to find outliers and calculate an anomaly score for each data point. Log lines that are too different are flagged as anomalies. The system is tested with real-world network data, and actual intrusion attempts are found. In addition, visualizations are created to represent the structure of the network data. We also perform computational time evaluation to ensure the performance is feasible. The system is fast, finds intrusion attempts and does not need clean training data.
    Keywords: digital signatures; security of data; telecommunication traffic; Mahalanobis distance; anomaly score; data point; intrusion attempts; intrusion detection systems; log lines; network data structure; network log anomaly detection system; network services; network traffic structure; numerical data matrix; random projection dimensionality reduction; real-world network data; signature-based intrusion detection; Data mining; Data visualization; Feature extraction; Intrusion detection; Principal component analysis; Real-time systems (ID#:14-3245)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814006&isnumber=6813963
  • Binsalleeh, H.; Kara, A.M.; Youssef, A.; Debbabi, M., "Characterization of Covert Channels in DNS," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1, 5, March 30 2014-April 2, 2014. doi: 10.1109/NTMS.2014.6814008 Malware families utilize different protocols to establish their covert communication networks. It is also the case that sometimes they utilize protocols which are least expected to be used for transferring data, e.g., Domain Name System (DNS). Even though the DNS protocol is designed to be a translation service between domain names and IP addresses, it leaves some open doors to establish covert channels in DNS, which is widely known as DNS tunneling. In this paper, we characterize the malicious payload distribution channels in DNS. Our proposed solution characterizes these channels based on the DNS query and response messages patterns. We performed an extensive analysis of malware datasets for one year. Our experiments indicate that our system can successfully determine different patterns of the DNS traffic of malware families.
    Keywords: {cryptographic protocols; invasive software; DNS protocol; DNS traffic; DNS tunneling; IP addresses; communication networks; covert channel characterization; domain name system; malicious payload distribution channels; malware datasets; malware families; message patterns; translation service; Command and control systems; Malware; Payloads; Protocols; Servers; Tunneling (ID#:14-3246)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814008&isnumber=6813963
  • Bovet, G.; Hennebert, J., "Distributed Semantic Discovery for Web-of-Things Enabled Smart Buildings," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1,5, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814015 Nowadays, our surrounding environment is more and more scattered with various types of sensors. Due to their intrinsic properties and representation formats, they form small islands isolated from each other. In order to increase interoperability and release their full capabilities, we propose to represent devices descriptions including data and service invocation with a common model allowing to compose mashups of heterogeneous sensors. Pushing this paradigm further, we also propose to augment service descriptions with a discovery protocol easing automatic assimilation of knowledge. In this work, we describe the architecture supporting what can be called a Semantic Sensor Web-of-Things. As proof of concept, we apply our proposal to the domain of smart buildings, composing a novel ontology covering heterogeneous sensing, actuation and service invocation. Our architecture also emphasizes on the energetic aspect and is optimized for constrained environments.
    Keywords: {Internet of Things; Web services; home automation; ontologies (artificial intelligence);open systems; software architecture; wireless sensor networks; actuator; data invocation; distributed semantic discovery protocols; interoperability; intrinsic properties; knowledge automatic assimilation; ontology covering heterogeneous sensor; semantic sensor Web of Things; service invocation; smart building; Ontologies; Resource description framework; Semantics; Sensors; Smart buildings; Web services (ID#:14-3247)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814015&isnumber=6813963
  • Dassouki, K.; Safa, H.; Hijazi, A., "End to End Mechanism to Protect Sip from Signaling Attacks," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1, 5, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814017 SIP is among the most popular Voice over IP signaling protocols. Its deployment in live scenarios showed vulnerability to attacks defined as signaling attacks. These attacks are used to tear down a session or manipulate its parameters. In this paper we present a security mechanism that protects SIP sessions against such attacks. The mechanism uses SIP fingerprint to authenticate messages, in order to prevent spoofing. We validate our mechanism using Openssl and Sipp and show that it is light and robust.
    Keywords: Internet telephony; message authentication; signaling protocols; Openssl; SIP fingerprint; SIP sessions; Sipp; live scenarios; message authentication; security mechanism; signaling attacks; voice over IP signaling protocols; Cryptography; Fingerprint recognition; IP networks; Internet telephony; Protocols; Servers (ID#:14-3248)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814017&isnumber=6813963
  • Fachkha, C.; Bou-Harb, E.; Debbabi, M., "Fingerprinting Internet DNS Amplification DDoS Activities," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1,5, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814019 This work proposes a novel approach to infer and characterize Internet-scale DNS amplification DDoS attacks by leveraging the darknet space. Complementary to the pioneer work on inferring Distributed Denial of Service (DDoS) using darknet, this work shows that we can extract DDoS activities without relying on backscattered analysis. The aim of this work is to extract cyber security intelligence related to DNS Amplification DDoS activities such as detection period, attack duration, intensity, packet size, rate and geo- location in addition to various network-layer and flow-based insights. To achieve this task, the proposed approach exploits certain DDoS parameters to detect the attacks. We empirically evaluate the proposed approach using 720 GB of real darknet data collected from a /13 address space during a recent three months period. Our analysis reveals that the approach was successful in inferring significant DNS amplification DDoS activities including the recent prominent attack that targeted one of the largest anti-spam organizations. Moreover, the analysis disclosed the mechanism of such DNS amplification DDoS attacks. Further, the results uncover high-speed and stealthy attempts that were never previously documented. The case study of the largest DDoS attack in history lead to a better understanding of the nature and scale of this threat and can generate inferences that could contribute in detecting, preventing, assessing, mitigating and even attributing of DNS amplification DDoS activities.
    Keywords: {Internet; computer network security; Internet-scale DNS amplification DDoS attacks; anti-spam organizations; attack duration; backscattered analysis; cyber security intelligence; darknet space; detection period; distributed denial of service; fingerprinting Internet DNS amplification DDoS activities; geolocation; network-layer; packet size; storage capacity 720 Gbit; Computer crime; Grippers; IP networks; Internet; Monitoring; Sensors (ID#:14-3249)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814019&isnumber=6813963
  • Turkoglu, C.; Cagdas, S.; Celebi, A.; Erturk, S., "Hardware Design of Anembedded Real-Time Acoustic Source Location Detector," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1,4, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814022 This paper presents an embedded system that detects the 3 dimensional location of an acoustic source using a multiple microphone constellation. The system consists of a field programmable gate array (FPGA)that is used as main processing unit and the necessary peripherals. The sound signals are captured using multiple microphones that are connected to the embedded system using XLR connectors. The analog sound signals are first amplified using programmable gain amplifiers (PGAs) and then digitized before they are provided to the FPGA. The FPGA carries out the computations necessary for the algorithms to detect the acoustic source location in real-time. The system can be used for consumer electronics applications as well as security and defense applications.
    Keywords: acoustic signal detection; acoustic signal processing; audio signal processing; embedded systems; microphones; FPGA; PGAs; XLR connectors; analog sound signals; anembedded real-time acoustic source location detector; consumer electronics; embedded system; field programmable gate array; hardware design; multiple microphone constellation; programmable gain amplifiers; three dimensional location; Acoustics; Electronics packaging; Field programmable gate arrays; Hardware; Microphones; Position measurement; Synchronization (ID#:14-3250)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814022&isnumber=6813963
  • Varadarajan, P.; Crosby, G., "Implementing IPsec in Wireless Sensor Networks," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1,5, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814024 There is an increasing need for wireless sensor networks (WSNs) to be more tightly integrated with the Internet. Several real world deployment of stand-alone wireless sensor networks exists. A number of solutions have been proposed to address the security threats in these WSNs. However, integrating WSNs with the Internet in such a way as to ensure a secure End-to-End (E2E) communication path between IPv6 enabled sensor networks and the Internet remains an open research issue. In this paper, the 6LoWPAN adaptation layer was extended to support both IPsec's Authentication Header (AH) and Encapsulation Security Payload (ESP). Thus, the communication endpoints in WSNs are able to communicate securely using encryption and authentication. The proposed AH and ESP compressed headers performance are evaluated via test-bed implementation in 6LoWPAN for IPv6 communications on IEEE 802.15.4 networks. The results confirm the possibility of implementing E2E security in IPv6 enabled WSNs to create a smooth transition between WSNs and the Internet. This can potentially play a big role in the emerging "Internet of Things" paradigm.
    Keywords: IP networks; Internet; Zigbee; computer network security; cryptography; wireless sensor networks;6LoWPAN adaptation layer;AH;E2E security; ESP compressed header performance; IEEE 802.15.4 networks; IPsec authentication header;IPv6 enabled sensor networks; Internet; Internet of Things paradigm; WSNs; communication endpoints; encapsulation security payload; encryption; end-to-end communication path; security threats; stand-alone wireless sensor networks; Authentication; IEEE 802.15 Standards; IP networks; Internet; Payloads; Wireless sensor networks (ID#:14-3251)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814024&isnumber=6813963
  • Boukhtouta, A.; Lakhdari, N.-E.; Debbabi, M., "Inferring Malware Family through Application Protocol Sequences Signature," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1,5, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814026 The dazzling emergence of cyber-threats exert today's cyberspace, which needs practical and efficient capabilities for malware traffic detection. In this paper, we propose an extension to an initial research effort, namely, towards fingerprinting malicious traffic by putting an emphasis on the attribution of maliciousness to malware families. The proposed technique in the previous work establishes a synergy between automatic dynamic analysis of malware and machine learning to fingerprint badness in network traffic. Machine learning algorithms are used with features that exploit only high-level properties of traffic packets (e.g. packet headers). Besides, the detection of malicious packets, we want to enhance fingerprinting capability with the identification of malware families responsible in the generation of malicious packets. The identification of the underlying malware family is derived from a sequence of application protocols, which is used as a signature to the family in question. Furthermore, our results show that our technique achieves promising malware family identification rate with low false positives.
    Keywords: computer network security; invasive software; learning (artificial intelligence);application protocol sequences signature; cyber-threats; machine learning algorithm; malicious packets detection; malware automatic dynamic analysis; malware traffic detection; network traffic; Cryptography; Databases; Engines; Feeds; Malware; Protocols (ID#:14-3252)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814026&isnumber=6813963
  • Gritzalis, D.; Stavrou, V.; Kandias, M.; Stergiopoulos, G., "Insider Threat: Enhancing BPM through Social Media," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1, 6, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814027 Modern business environments have a constant need to increase their productivity, reduce costs and offer competitive products and services. This can be achieved via modeling their business processes. Yet, even in light of modelling's widespread success, one can argue that it lacks built-in security mechanisms able to detect and fight threats that may manifest throughout the process. Academic research has proposed a variety of different solutions which focus on different kinds of threat. In this paper we focus on insider threat, i.e. insiders participating in an organization's business process, who, depending on their motives, may cause severe harm to the organization. We examine existing security approaches to tackle down the aforementioned threat in enterprise business processes. We discuss their pros and cons and propose a monitoring approach that aims at mitigating the insider threat. This approach enhances business process monitoring tools with information evaluated from Social Media. It exams the online behavior of users and pinpoints potential insiders with critical roles in the organization's processes. We conclude with some observations on the monitoring results (i.e. psychometric evaluations from the social media analysis) concerning privacy violations and argue that deployment of such systems should be only allowed on exceptional cases, such as protecting critical infrastructures.
    Keywords: business data processing; organisational aspects; process monitoring; social networking (online);BPM enhancement; built-in security mechanism; business process monitoring tools; cost reduction; enterprise business processes; insider threat; organization business process management; privacy violations; social media; Media; Monitoring; Organizations; Privacy; Security; Unified modeling language (ID#:14-3253)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814027&isnumber=6813963
  • Azab, M., "Multidimensional Diversity Employment for Software Behavior Encryption," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, no., pp.1, 5, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814033 Modern cyber systems and their integration with the infrastructure has a clear effect on the productivity and quality of life immensely. Their involvement in our daily life elevate the need for means to insure their resilience against attacks and failure. One major threat is the software monoculture. Latest research work demonstrated the danger of software monoculture and presented diversity to reduce the attack surface. In this paper, we propose ChameleonSoft, a multidimensional software diversity employment to, in effect, induce spatiotemporal software behavior encryption and a moving target defense. ChameleonSoft introduces a loosely coupled, online programmable software-execution foundation separating logic, state and physical resources. The elastic construction of the foundation enabled ChameleonSoft to define running software as a set of behaviorally-mutated functionally-equivalent code variants. ChameleonSoft intelligently Shuffle, at runtime, these variants while changing their physical location inducing untraceable confusion and diffusion enough to encrypt the execution behavior of the running software. ChameleonSoft is also equipped with an autonomic failure recovery mechanism for enhanced resilience. In order to test the applicability of the proposed approach, we present a prototype of the ChameleonSoft Behavior Encryption (CBE) and recovery mechanisms. Further, using analysis and simulation, we study the performance and security aspects of the proposed system. This study aims to assess the provisioned level of security by measuring the avalanche effect percentage and the induced confusion and diffusion levels to evaluate the strength of the CBE mechanism. Further, we compute the computational cost of security provisioning and enhancing system resilience.
    Keywords: computational complexity; cryptography; multidimensional systems; software fault tolerance; system recovery; CBE mechanism; ChameleonSoft Behavior Encryption; ChameleonSoft recovery mechanisms; autonomic failure recovery mechanism; avalanche effect percentage; behaviorally-mutated functionally-equivalent code variants; computational cost; confusion levels; diffusion levels; moving target defense; multidimensional software diversity employment; online programmable software-execution foundation separating logic; security level; security provisioning; software monoculture; spatiotemporal software behavior encryption; system resilience; Employment; Encryption; Resilience; Runtime; Software; Spatiotemporal phenomena (ID#:14-3254)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814033&isnumber=6813963
  • Mauri, G.; Verticale, G., "On the Tradeoff between Performance and User Privacy in Information Centric Networking," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1,5, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814040 Widespread use of caching provides advantages for users and providers, such as reduced network latency, higher content availability, bandwidth reduction and server load balancing. In Information Centric Networking, the attention is shifted from users to content, which is addressed by its name and not by its location. Moreover, the content objects are stored as close as possible to the customers. Therefore, the cache has a central role for the improvement of the network performance but this is strictly related to the caching policy used. However, this comes at the price of increased tracing of users communication and users behavior to define an optimal caching policy. A malicious node could exploit such information to compromise the privacy of users. In this work, we compare different caching policies and we take the first steps for defining the tradeoff between caching performance and user privacy guarantee. In particular, we provide a way to implement prefetching and we define some bounds for the users' privacy in this context.
    Keywords: cache storage; perturbation techniques; caching policy; content centric networking; data perturbation; information centric networking; named-data networking; network latency; prefetching; privacy; server load balancing; user's ranking; Computational modeling; Data privacy; Delays; Games; Prefetching; Privacy; Vectors (ID#:14-3255)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814040&isnumber=6813963
  • Abu-Ella, O.; Elmusrati, M., "Partial Constrained Group Decoding: A New Interference Mitigation Technique for the Next Generation Networks," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1,5, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814042 This paper investigates performance of the constrained partial group decoding (CPGD) technique in interference channel (IC) environment. It demonstrates the CPGD capability to manage and mitigate interference comparing with other interference mitigation schemes which are based on interference alignment strategy; this comparison is carried out for MIMO interference channel. Numerical results show that CPGD achieves one of the highest capacities comparing to other considered schemes. As well, evaluation of bit error rate (BER) using very long low density parity-check (LDPC) codes demonstrates the competency of the CPGD which significantly outperforms the other techniques. This makes the CPGD a promising scheme for interference mitigation for the next generation of wireless communication systems; especially, if we take into account that CPGD is only based on receive-side processing; and that means, there is no need for any overwhelming feedback in such a system. Also, and more importantly, if we keep in mind the reduction of its required computational complexity, due to its complexity controlling feature, i.e., by it's flexibility to limit the group size of the jointly decoded users, comparing with the huge computational complexity of the iterative multi- user detection (MUD) schemes, as interference alignment approach.
    Keywords: MIMO communication; decoding; interference suppression; parity check codes; radiofrequency interference; MIMO interference channel ;bit error rate; constrained partial group decoding; interference alignment strategy; interference channel environment; interference mitigation technique; next generation network; partial constrained group decoding; receive side processing; very long low density parity check codes; Bit error rate; Interference channels; MIMO; Receivers; Signal to noise ratio; Transmitters (ID#:14-3256)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814042&isnumber=6813963
  • Petrlic, R.; Sorge, C., "Privacy-Preserving Digital Rights Management based on Attribute-based Encryption," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1, 5, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814044 We present a privacy-preserving multiparty DRM scheme that does not need a trusted third party. Users anonymously buy content from content providers and anonymously execute it at content execution centers. The executions are unlinkable to each other. The license check is performed as part of the used ciphertext-policy attribute-based encryption (CP-ABE) and, thus, access control is cryptographically enforced. The problem of authorization proof towards the key center in an ABE scheme is solved by a combination with anonymous payments.
    Keywords: cryptography; digital rights management; ABE scheme; access control; anonymous payments; attribute-based encryption; authorization proof; ciphertext-policy attribute-based encryption; privacy-preserving digital rights management; privacy-preserving multiparty DRM scheme; Cloud computing; Encryption; Licenses; Privacy; Protocols (ID#:14-3257)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814044&isnumber=6813963
  • Hmood, A.; Fung, B.C.M.; Iqbal, F., "Privacy-Preserving Medical Reports Publishing for Cluster Analysis," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1,8, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814045 Health data mining is an emerging research direction. High-quality health data mining results rely on having access to high-quality patient information. Yet, releasing patient-specific medical reports may potentially reveal sensitive information of the individual patients. In this paper, we study the problem of anonymizing medical reports and present a solution to anonymize a collection of medical reports while preserving the information utility of the medical reports for the purpose of cluster analysis. Experimental results show that our proposed approach can the impact of anonymization on the cluster quality is minor, suggesting that the feasibility of simultaneously preserving both information utility and privacy in anonymous medical reports.
    Keywords: data mining; data privacy; electronic health records; pattern clustering; cluster analysis; health data mining; information utility; medical report anonymization; patient-specific medical reports; privacy-preserving medical reports publishing; Clustering algorithms; Data privacy; Diseases; Information retrieval; Medical diagnostic imaging; Privacy (ID#:14-3258)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814045&isnumber=6813963
  • Dimitriou, T., "Secure and Scalable Aggregation in the Smart Grid," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1, 5, March 30 2014-April 2 2014 doi: 10.1109/NTMS.2014.6814048 In this work, we describe two decentralized protocols that can be used to securely aggregate the electricity measurements made by n smart meters. The first protocol is a very lightweight one, it uses only symmetric cryptographic primitives and provides security against honest-but-curious adversaries. The second one is public-key based and its focus in on the malicious adversarial model; malicious entities not only try to learn the private measurements of smart meters but can also disrupt protocol execution. Both protocols do not rely on centralized entities or trusted third parties to operate and they are highly scalable since every smart meter has to interact with only a few other meters. Both are very efficient in practice requiring only O(1) work and memory overhead per meter, thus making these protocols fit for real-life smart grid deployments.
    Keywords: power system security; smart meters; smart power grids; decentralized protocols; electricity measurements; malicious adversarial model; malicious entities; scalable aggregation; smart grid; smart meters; symmetric cryptographic primitives; trusted third parties; Encryption; Protocols; Public key; Silicon; Smart grids (ID#:14-3259)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814048&isnumber=6813963
  • Kabbani, B.; Laborde, R.; Barrere, F.; Benzekri, A., "Specification and Enforcement of Dynamic Authorization Policies Oriented by Situations," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1,6, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814050 Nowadays, accessing communication networks and systems faces multitude applications with large-scale requirements dimensions. Mobility -roaming services in particular- during urgent situations exacerbate the access control issues. Dynamic authorization then is required. However, traditional access control fails to ensure policies to be dynamic. Instead, we propose to externalize the dynamic behavior management of networks and systems through situations. Situations modularize the policy into groups of rules and orient decisions. Our solution limits policy updates and hence authorization inconsistencies. The authorization system is built upon the XACML architecture coupled with a complex event- processing engine to handle the concept of situations. Situation- oriented attribute based policies are defined statically allowing static verification and validation.
    Keywords: authorisation; XACML architecture; access control; dynamic authorization policies; mobility roaming services; Authorization; Computer architecture; Context; Engines; Medical services (ID#:14-3260)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814050&isnumber=6813963
  • Albino Pereira, A.; Bosco M.Sobral, J.; Merkle Westphall, C., "Towards Scalability for Federated Identity Systems for Cloud-Based Environments," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, pp.1,5, March 30 2014-April 2 2014. doi: 10.1109/NTMS.2014.6814055 As multi-tenant authorization and federated identity management systems for cloud computing matures, the provisioning of services using this paradigm allows maximum efficiency on business that requires access control. However, regarding scalability support, mainly horizontal, some characteristics of those approaches based on central authentication protocols are problematic. The objective of this work is to address these issues by providing an adapted sticky-session mechanism for a Shibboleth architecture using CAS. This alternative, compared with the recommended shared memory approach, shown improved efficiency and less overall infrastructure complexity.
    Keywords: authorisation; cloud computing; cryptographic protocols; CAS; Shibboleth architecture; central authentication protocols; central authentication service; cloud based environments; cloud computing; federated identity management systems; federated identity system scalability; multitenant authorization; sticky session mechanism; Authentication; Cloud computing; Proposals; Scalability; Servers; Virtual machining (ID#:14-3261)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6814055&isnumber=6813963

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.