Visible to the public Biblio

Filters: Author is Zhan, Justin  [Clear All Filters]
2020-03-23
Aguilar, Eryn, Dancel, Jevis, Mamaud, Deysaree, Pirosch, Dorothy, Tavacoli, Farin, Zhan, Felix, Pearce, Robbie, Novack, Margaret, Keehu, Hokunani, Lowe, Benjamin et al..  2019.  Highly Parallel Seedless Random Number Generation from Arbitrary Thread Schedule Reconstruction. 2019 IEEE International Conference on Big Knowledge (ICBK). :1–8.
Security is a universal concern across a multitude of sectors involved in the transfer and storage of computerized data. In the realm of cryptography, random number generators (RNGs) are integral to the creation of encryption keys that protect private data, and the production of uniform probability outcomes is a revenue source for certain enterprises (most notably the casino industry). Arbitrary thread schedule reconstruction of compare-and-swap operations is used to generate input traces for the Blum-Elias algorithm as a method for constructing random sequences, provided the compare-and-swap operations avoid cache locality. Threads accessing shared memory at the memory controller is a true random source which can be polled indirectly through our algorithm with unlimited parallelism. A theoretical and experimental analysis of the observation and reconstruction algorithm are considered. The quality of the random number generator is experimentally analyzed using two standard test suites, DieHarder and ENT, on three data sets.
2017-10-18
Selim, Haysam, Tayeb, Shahab, Kim, Yoohwan, Zhan, Justin, Pirouz, Matin.  2016.  Vulnerability Analysis of Iframe Attacks on Websites. Proceedings of the The 3rd Multidisciplinary International Social Networks Conference on SocialInformatics 2016, Data Science 2016. :45:1–45:6.

Clickjacking attacks are emerging threats to websites of different sizes and shapes. They are particularly used by threat agents to get more likes and/or followers in Online Social Networks (OSNs). This paper reviews the clickjacking attacks and the classic solutions to tackle various forms of those attacks. Different approaches of Cross-Site Scripting attacks are implemented in this study to study the attack tools and methods. Various iFrame attacks have been developed to tamper with the integrity of the website interactions at the application layer. By visually demonstrating the attacks such as Cross-Site scripting (XSS) and Cross-Site Request Forgery (CSRF), users will be able to have a better understanding of such attacks in their formulation and the risks associated with them.

2017-05-18
Lin, Jerry Chun-Wei, Liu, Qiankun, Fournier-Viger, Philippe, Hong, Tzung-Pei, Zhan, Justin, Voznak, Miroslav.  2016.  An Efficient Anonymous System for Transaction Data. Proceedings of the The 3rd Multidisciplinary International Social Networks Conference on SocialInformatics 2016, Data Science 2016. :28:1–28:6.

k-anonymity is an efficient way to anonymize the relational data to protect privacy against re-identification attacks. For the purpose of k-anonymity on transaction data, each item is considered as the quasi-identifier attribute, thus increasing high dimension problem as well as the computational complexity and information loss for anonymity. In this paper, an efficient anonymity system is designed to not only anonymize transaction data with lower information loss but also reduce the computational complexity for anonymity. An extensive experiment is carried to show the efficiency of the designed approach compared to the state-of-the-art algorithms for anonymity in terms of runtime and information loss. Experimental results indicate that the proposed anonymous system outperforms the compared algorithms in all respects.