Biblio

In the 2010s, there has been significant interest in developing methods, such as searchable encryption for exact matching and order-preserving/-revealing encryption for range search, to perform search on encrypted data. However, the symmetric searchable encryption method has been steadily used not only in databases but also in full-text search engine because of its quick performance and high security against intruders and system administrators. Contrarily, order-preserving/-revealing encryption is rarely employed in practice: almost all related schemes suffer from inference attacks, and some schemes are secure but impractical because they require exponential storage size or communication complexity. In this study, we define the new security models based on order-revealing encryption (ORE) for performing range search, and explain that previous techniques are not satisfied with our weak security model. We present two generic constructions of ORE using the searchable encryption method. Our constructions offer practical performance such as the storage size of O(nb) and computation complexity of O(n2), where the plaintext space is a set of n-bit binaries and b denotes the block size of the ciphertext generated via searchable encryption. The first construction gives the comparison result to the server, and the security considers a weak security model. The second construction hides the comparison result from the server, and only the secret-key owner can recover it.

Early detection of new kinds of malware always plays an important role in defending the network systems. Especially, if intelligent protection systems could themselves detect an existence of new malware types in their system, even with a very small number of malware samples, it must be a huge benefit for the organization as well as the social since it help preventing the spreading of that kind of malware. To deal with learning from few samples, term ``one-shot learning'' or ``fewshot learning'' was introduced, and mostly used in computer vision to recognize images, handwriting, etc. An approach introduced in this paper takes advantage of One-shot learning algorithms in solving the malware classification problem by using Memory Augmented Neural Network in combination with malware's API calls sequence, which is a very valuable source of information for identifying malware behavior. In addition, it also use some advantages of the development in Natural Language Processing field such as word2vec, etc. to convert those API sequences to numeric vectors before feeding to the one-shot learning network. The results confirm very good accuracies compared to the other traditional methods.

EPC Gen2 tags are working as international RFID standards for the use in the supply chain worldwide, such tags are computationally weak devices and unable to perform even basic symmetric-key cryptographic operations. For this reason, to implement robust and secure pseudo-random number generators (PRNG) is a challenging issue for low-cost Radio-frequency identification (RFID) tags. In this paper, we study the security of LFSR-based PRNG implemented on EPC Gen2 tags and exploit LFSR-based PRNG to provide a better constructions. We provide a cryptanalysis against the J3Gen which is LFSR-based PRNG and proposed by Sugei et al. [1], [2] for EPC Gen2 tags using distinguish attack and make observations on its input using NIST randomness test. We also test the PRNG in EPC Gen2 RFID Tags by using the NIST SP800-22. As a counter-measure, we propose two modified models based on the security analysis results. We show that our results perform better than J3Gen in terms of computational and statistical property.