Biblio
With the advancement of sensor electronic devices, wireless sensor networks have attracted more and more attention. Range query has become a significant part of sensor networks due to its availability and convenience. However, It is challenging to process range query while still protecting sensitive data from disclosure. Existing work mainly focuses on privacy- preserving range query, but neglects the damage of collusion attacks, probability attacks and differential attacks. In this paper, we propose a privacy- preserving, energy-efficient and multi-dimensional range query protocol called PERQ, which not only achieves data privacy, but also considers collusion attacks, probability attacks and differential attacks. Generalized distance-based and modular arithmetic range query mechanism are used. In addition, a novel cyclic modular verification scheme is proposed to verify the data integrity. Extensive theoretical analysis and experimental results confirm the high performance of PERQ in terms of energy efficiency, security and accountability requirements.
Currently, no major browser fully checks for TLS/SSL certificate revocations. This is largely due to the fact that the deployed mechanisms for disseminating revocations (CRLs, OCSP, OCSP Stapling, CRLSet, and OneCRL) are each either incomplete, insecure, inefficient, slow to update, not private, or some combination thereof. In this paper, we present CRLite, an efficient and easily-deployable system for proactively pushing all TLS certificate revocations to browsers. CRLite servers aggregate revocation information for all known, valid TLS certificates on the web, and store them in a space-efficient filter cascade data structure. Browsers periodically download and use this data to check for revocations of observed certificates in real-time. CRLite does not require any additional trust beyond the existing PKI, and it allows clients to adopt a fail-closed security posture even in the face of network errors or attacks that make revocation information temporarily unavailable. We present a prototype of name that processes TLS certificates gathered by Rapid7, the University of Michigan, and Google's Certificate Transparency on the server-side, with a Firefox extension on the client-side. Comparing CRLite to an idealized browser that performs correct CRL/OCSP checking, we show that CRLite reduces latency and eliminates privacy concerns. Moreover, CRLite has low bandwidth costs: it can represent all certificates with an initial download of 10 MB (less than 1 byte per revocation) followed by daily updates of 580 KB on average. Taken together, our results demonstrate that complete TLS/SSL revocation checking is within reach for all clients.
Integration of information technologies with the current power infrastructure promises something further than a smart grid: implementation of smart cities. Power efficient cities will be a significant step toward greener cities and a cleaner environment. However, the extensive use of information technologies in smart cities comes at a cost of reduced privacy. In particular, consumers' power profiles will be accessible by third parties seeking information over consumers' personal habits. In this paper, a methodology for enhancing privacy of electricity consumption patterns is proposed and tested. The proposed method exploits digital connectivity and predictive tools offered via smart grids to morph consumption patterns by grouping consumers via an optimization scheme. To that end, load anticipation, correlation and Theil coefficients are utilized synergistically with genetic algorithms to find an optimal assembly of consumers whose aggregated pattern hides individual consumption features. Results highlight the efficiency of the proposed method in enhancing privacy in the environment of smart cities.
The collection of high frequency metering data in the emerging smart grid gives rise to the concern of consumer privacy. Anonymization of metering data is one of the proposed approaches in the literature, which enables transmission of unmasked data while preserving the privacy of the sender. Distributed anonymization methods can reduce the dependency on service providers, thus promising more privacy for the consumers. However, the distributed communication among the end-users introduces overhead and requires methods to prevent external attacks. In this paper, we propose four variants of a distributed anonymization method for smart metering data privacy, referred to as the Collaborative Anonymity Set Formation (CASF) method. The performance overhead analysis and security analysis of the variants are done using NS-3 simulator and the Scyther tool, respectively. It is shown that the proposed scheme enhances the privacy preservation functionality of an existing anonymization scheme, while being robust against external attacks.
With the rapid development of smart grid, smart meters are deployed at energy consumers' premises to collect real-time usage data. Although such a communication model can help the control center of the energy producer to improve the efficiency and reliability of electricity delivery, it also leads to some security issues. For example, this real-time data involves the customers' privacy. Attackers may violate the privacy for house breaking, or they may tamper with the transmitted data for their own benefits. For this purpose, many data aggregation schemes are proposed for privacy preservation. However, rare of them cares about both the data aggregation and fine-grained access control to improve the data utility. In this paper, we proposes a data aggregation scheme based on attribute decision tree. Security analysis illustrates that our scheme can achieve the data integrity, data privacy preservation and fine- grained data access control. Experiment results show that our scheme are more efficient than existing schemes.
Recently, Jung et al. [1] proposed a data access privilege scheme and claimed that their scheme addresses data and identity privacy as well as multi-authority, and provides data access privilege for attribute-based encryption. In this paper, we show that this scheme, and also its former and latest versions (i.e. [2] and [3] respectively) suffer from a number of weaknesses in terms of finegrained access control, users and authorities collusion attack, user authorization, and user anonymity protection. We then propose our new scheme that overcomes these shortcomings. We also prove the security of our scheme against user collusion attacks, authority collusion attacks and chosen plaintext attacks. Lastly, we show that the efficiency of our scheme is comparable with existing related schemes.
The ubiquity of the Internet and email, have provided a mostly insecure communication medium for the consumer. During the last few decades, we have seen the development of several ways to secure email messages. However, these solutions are inflexible and difficult to use for encrypting email messages to protect security and privacy while communicating or collaborating via email. Under the current paradigm, the arduous process of setting up email encryption is non-intuitive for the average user. The complexity of the current practices has also yielded to incorrect developers' interpretation of architecture which has resulted in interoperability issues. As a result, the lack of simple and easy-to-use infrastructure in current practices means that the consumers still use plain text emails over insecure networks. In this paper, we introduce and describe a novel, holistic model with new techniques for protecting email messages. The architecture of our innovative model is simpler and easier to use than those currently employed. We use the simplified trust model, which can relieve users from having to perform many complex steps to achieve email security. Utilizing the new techniques presented in this paper can safeguard users' email from unauthorized access and protect their privacy. In addition, a simplified infrastructure enables developers to understand the architecture more readily eliminating interoperability.
With the growth of Internet in many different aspects of life, users are required to share private information more than ever. Hence, users need a privacy management tool that can enforce complex and customized privacy policies. In this paper, we propose a privacy management system that not only allows users to define complex privacy policies for data sharing actions, but also monitors users' behavior and relationships to generate realistic policies. In addition, the proposed system utilizes formal modeling and model-checking approach to prove that information disclosures are valid and privacy policies are consistent with one another.
Now a day's cloud technology is a new example of computing that pays attention to more computer user, government agencies and business. Cloud technology brought more advantages particularly in every-present services where everyone can have a right to access cloud computing services by internet. With use of cloud computing, there is no requirement for physical servers or hardware that will help the computer system of company, networks and internet services. One of center services offered by cloud technology is storing the data in remote storage space. In the last few years, storage of data has been realized as important problems in information technology. In cloud computing data storage technology, there are some set of significant policy issues that includes privacy issues, anonymity, security, government surveillance, telecommunication capacity, liability, reliability and among others. Although cloud technology provides a lot of benefits, security is the significant issues between customer and cloud. Normally cloud computing technology has more customers like as academia, enterprises, and normal users who have various incentives to go to cloud. If the clients of cloud are academia, security result on computing performance and for this types of clients cloud provider's needs to discover a method to combine performance and security. In this research paper the more significant issue is security but with diverse vision. High performance might be not as dangerous for them as academia. In our paper, we design an efficient secure and verifiable outsourcing protocol for outsourcing data. We develop extended QP problem protocol for storing and outsourcing a data securely. To achieve the data security correctness, we validate the result returned through the cloud by Karush\_Kuhn\_Tucker conditions that are sufficient and necessary for the most favorable solution.
The Internet of Things (IoT) is the latest Internet evolution that interconnects billions of devices, such as cameras, sensors, RFIDs, smart phones, wearable devices, ODBII dongles, etc. Federations of such IoT devices (or things) provides the information needed to solve many important problems that have been too difficult to harness before. Despite these great benefits, privacy in IoT remains a great concern, in particular when the number of things increases. This presses the need for the development of highly scalable and computationally efficient mechanisms to prevent unauthorised access and disclosure of sensitive information generated by things. In this paper, we address this need by proposing a lightweight, yet highly scalable, data obfuscation technique. For this purpose, a digital watermarking technique is used to control perturbation of sensitive data that enables legitimate users to de-obfuscate perturbed data. To enhance the scalability of our solution, we also introduce a contextualisation service that achieve real-time aggregation and filtering of IoT data for large number of designated users. We, then, assess the effectiveness of the proposed technique by considering a health-care scenario that involves data streamed from various wearable and stationary sensors capturing health data, such as heart-rate and blood pressure. An analysis of the experimental results that illustrate the unconstrained scalability of our technique concludes the paper.
With the rapid development of sophisticated attack techniques, individual security systems that base all of their decisions and actions of attack prevention and response on their own observations and knowledge become incompetent. To cope with this problem, collaborative security in which a set of security entities are coordinated to perform specific security actions is proposed in literature. In collaborative security schemes, multiple entities collaborate with each other by sharing threat evidence or analytics to make more effective decisions. Nevertheless, the anticipated information exchange raises privacy concerns, especially for those privacy-sensitive entities. In order to obtain a quantitative understanding of the fundamental tradeoff between the effectiveness of collaboration and the entities' privacy, a repeated two-layer single-leader multi-follower game is proposed in this work. Based on our game-theoretic analysis, the expected behaviors of both the attacker and the security entities are derived and the utility-privacy tradeoff curve is obtained. In addition, the existence of Nash equilibrium (NE) for the collaborative entities is proven, and an asynchronous dynamic update algorithm is proposed to compute the optimal collaboration strategies of the entities. Furthermore, the existence of Byzantine entities is considered and its influence is investigated. Finally, simulation results are presented to validate the analysis.
In Vehicular networks, privacy, especially the vehicles' location privacy is highly concerned. Several pseudonymous based privacy protection mechanisms have been established and standardized in the past few years by IEEE and ETSI. However, vehicular networks are still vulnerable to Sybil attack. In this paper, a Sybil attack detection method based on k-Nearest Neighbours (kNN) classification algorithm is proposed. In this method, vehicles are classified based on the similarity in their driving patterns. Furthermore, the kNN methods' high runtime complexity issue is also optimized. The simulation results show that our detection method can reach a high detection rate while keeping error rate low.
Mobile Healthcare Networks (MHN) continuouslycollect the patients' health data sensed by wearable devices, andanalyze the collected data pre-processed by servers combinedwith medical histories, such that disease diagnosis and treatmentare improved, and the heavy burden on the existing healthservices is released. However, the network is vulnerable to Sybilattacks, which would degrade network performance, disruptproceedings, manipulate data or cheat others maliciously. What'smore, the user is reluctant to leak identity privacy, so the identityprivacy preserving makes Sybil defenses more difficult. One ofthe best choices is mutually authenticating each other with noidentity information involved. Thus, we propose a fine-grainedauthentication scheme based on Attribute-Based Signature (ABS)using lattice assumption, where a signer is authorized by an at-tribute set instead of single identity string. This ABS scheme usesFiat-Shamir framework and supports flexible threshold signaturepredicates. Moreover, to anonymously guarantee integrity andavailability of health data in MHN, we design an anonymousanti-Sybil attack protocol based on our ABS scheme, so thatSybil attacks are prevented. As there is no linkability betweenidentities and services, the users' identity privacy is protected. Finally, we have analyzed the security and simulated the runningtime for our proposed ABS scheme.
The online portion of modern life is growing at an astonishing rate, with the consequence that more of the user's critical information is stored online. This poses an immediate threat to privacy and security of the user's data. This work will cover the increasing dangers and security risks of adware, adware injection, and malware injection. These programs increase in direct proportion to the number of users on the Internet. Each of these programs presents an imminent threat to a user's privacy and sensitive information, anytime they utilize the Internet. We will discuss how current ad blockers are not the actual solution to these threats, but rather a premise to our work. Current ad blocking tools can be discovered by the web servers which often requires suppression of the ad blocking tool. Suppressing the tool creates vulnerabilities in a user's system, but even when the tool is active their system is still susceptible to peril. It is possible, even when an ad blocking tool is functioning, for it to allow adware content through. Our solution to the contemporary threats is our tool, MalFire.
Wearable medical devices are playing more and more important roles in healthcare. Unlike the wired connection, the wireless connection between wearable devices and the remote servers are exceptionally vulnerable to malicious attacks, and poses threats to the safety and privacy of the patient health data. Therefore, wearable medical devices require the implementation of reliable measures to secure the wireless network communication. However, those devices usually have limited computational power that is not comparable with the desktop computer and thus, it is difficult to adopt the full-fledged security algorithm in software. In this study, we have developed an efficient authentication and encryption protocol for internetconnected wearable devices using the recognized standards of AES and SHA that can provide two-way authentication between wearable device and remote server and protection of patient privacy against various network threats. We have tested the feasibility of this protocol on the TI CC3200 Launchpad, an evaluation board of the CC3200, which is a Wi-Fi capable microcontroller designed for wearable devices and includes a hardware accelerated cryptography module for the implementation of the encryption algorithm. The microcontroller serves as the wearable device client and a Linux computer serves as the server. The embedded client software was written in ANSI C and the server software was written in Python.
Wearable devices for fitness tracking and health monitoring have gained considerable popularity and become one of the fastest growing smart devices market. More and more companies are offering integrated health and activity monitoring solutions for fitness trackers. Recently insurances are offering their customers better conditions for health and condition monitoring. However, the extensive sensitive information collected by tracking products and accessibility by third party service providers poses vital security and privacy challenges on the employed solutions. In this paper, we present our security analysis of a representative sample of current fitness tracking products on the market. In particular, we focus on malicious user setting that aims at injecting false data into the cloud-based services leading to erroneous data analytics. We show that none of these products can provide data integrity, authenticity and confidentiality.
Internet of Thing (IoT) provide services by linking the different platform devices. They have the limitation in providing intelligent service. The IoT devices are heterogeneous which includes wireless sensors to less resource constrained devices. These devices are prone to hardware/software and network attacks. If not properly secured, it may lead to security issues like privacy and confidentiality. To resolve the above problem, an Intelligent Security Framework for IoT Devices is proposed in this paper. The proposed method is made up of (1) the light weight Asymmetric cryptography for securing the End-To-End devices which protects the IoT service gateway and the low power sensor nodes and (2) implements Lattice-based cryptography for securing the Broker devices/Gateway and the cloud services. The proposed architecture implements Asymmetric Key Encryption to share session key between the nodes and then uses this session key for message transfer This protects the system from Distributed Denial of Service Attacks, eavesdropping and Quantum algorithm attacks. The proposed protocol uses the unique Device ID of the sensors to generate key pair to establish mutual authentication between Devices and Services. Finally, the Mutual authentication mechanism is implemented in the gateway.
Cloud services are widely used to virtualize the management and actuation of the real-world the Internet of Things (IoT). Due to the increasing privacy concerns regarding querying untrusted cloud servers, query anonymity has become a critical issue to all the stakeholders which are related to assessment of the dependability and security of the IoT system. The paper presents our study on the problem of query receiver-anonymity in the cloud-based IoT system, where the trade-off between the offered query-anonymity and the incurred communication is considered. The paper will investigate whether the accepted worst-case communication cost is sufficient to achieve a specific query anonymity or not. By way of extensive theoretical analysis, it shows that the bounds of worst-case communication cost is quadratically increased as the offered level of anonymity is increased, and they are quadratic in the network diameter for the opposite range. Extensive simulation is conducted to verify the analytical assertions.
Location-Based Service (LBS) becomes increasingly important for our daily life. However, the localization information in the air is vulnerable to various attacks, which result in serious privacy concerns. To overcome this problem, we formulate a multi-objective optimization problem with considering both the query probability and the practical dummy location region. A low complexity dummy location selection scheme is proposed. We first find several candidate dummy locations with similar query probabilities. Among these selected candidates, a cloaking area based algorithm is then offered to find K - 1 dummy locations to achieve K-anonymity. The intersected area between two dummy locations is also derived to assist to determine the total cloaking area. Security analysis verifies the effectiveness of our scheme against the passive and active adversaries. Compared with other methods, simulation results show that the proposed dummy location scheme can improve the privacy level and enlarge the cloaking area simultaneously.
Analytics in big data is maturing and moving towards mass adoption. The emergence of analytics increases the need for innovative tools and methodologies to protect data against privacy violation. Many data anonymization methods were proposed to provide some degree of privacy protection by applying data suppression and other distortion techniques. However, currently available methods suffer from poor scalability, performance and lack of framework standardization. Current anonymization methods are unable to cope with the massive size of data processing. Some of these methods were especially proposed for MapReduce framework to operate in Big Data. However, they still operate in conventional data management approaches. Therefore, there were no remarkable gains in the performance. We introduce a framework that can operate in MapReduce environment to benefit from its advantages, as well as from those in Hadoop ecosystems. Our framework provides a granular user's access that can be tuned to different authorization levels. The proposed solution provides a fine-grained alteration based on the user's authorization level to access MapReduce domain for analytics. Using well-developed role-based access control approaches, this framework is capable of assigning roles to users and map them to relevant data attributes.
More and more medical data are shared, which leads to disclosure of personal privacy information. Therefore, the construction of medical data privacy preserving publishing model is of great value: not only to make a non-correspondence between the released information and personal identity, but also to maintain the data utility after anonymity. However, there is an inherent contradiction between the anonymity and the data utility. In this paper, a Principal Component Analysis-Grey Relational Analysis (PCA-GRA) K anonymous algorithm is proposed to improve the data utility effectively under the premise of anonymity, in which the association between quasi-identifiers and the sensitive information is reckoned as a criterion to control the generalization hierarchy. Compared with the previous anonymity algorithms, results show that the proposed PCA-GRA K anonymous algorithm has achieved significant improvement in data utility from three aspects, namely information loss, feature maintenance and classification evaluation performance.
Collaborative Filtering (CF) is a successful technique that has been implemented in recommender systems and Privacy Preserving Collaborative Filtering (PPCF) aroused increasing concerns of the society. Current solutions mainly focus on cryptographic methods, obfuscation methods, perturbation methods and differential privacy methods. But these methods have some shortcomings, such as unnecessary computational cost, lower data quality and hard to calibrate the magnitude of noise. This paper proposes a (k, p, I)-anonymity method that improves the existing k-anonymity method in PPCF. The method works as follows: First, it applies Latent Factor Model (LFM) to reduce matrix sparsity. Then it improves Maximum Distance to Average Vector (MDAV) microaggregation algorithm based on importance partitioning to increase homogeneity among records in each group which can retain better data quality and (p, I)-diversity model where p is attacker's prior knowledge about users' ratings and I is the diversity among users in each group to improve the level of privacy preserving. Theoretical and experimental analyses show that our approach ensures a higher level of privacy preserving based on lower information loss.
Preserving privacy is extremely important in data publishing. The existing privacy-preserving models are mostly oriented to single sensitive attribute, can not be applied to multiple sensitive attributes situation. Moreover, they do not consider the semantic similarity between sensitive attribute values, and may be vulnerable to similarity attack. In this paper, we propose a (l, m, d)-anonymity model for multiple sensitive attributes similarity attack, where m is the dimension of the sensitive attributes. This model uses the semantic hierarchical tree to analyze and compute the semantic dissimilarity between sensitive attribute values, and each equivalence class must exist at least l sensitive attribute values that satisfy d-different on each dimension sensitive attribute. Meanwhile, in order to make the published data highly available, our model adopts the distance-based measurement method to divide the equivalence class. We carry out extensive experiments to certify the (1, m, d)-anonymity model can significantly reduce the probability of sensitive information leakage and protect individual privacy more effectively.
Cloud storage is vulnerable to advanced persistent threats (APTs), in which an attacker launches stealthy, continuous, well-funded and targeted attacks on storage devices. In this paper, cumulative prospect theory (CPT) is applied to study the interactions between a defender of cloud storage and an APT attacker when each of them makes subjective decisions to choose the scan interval and attack interval, respectively. Both the probability weighting effect and the framing effect are applied to model the deviation of subjective decisions of end-users from the objective decisions governed by expected utility theory, under uncertain attack durations. Cumulative decision weights are used to describe the probability weighting effect and the value distortion functions are used to represent the framing effect of subjective APT attackers and defenders in the CPT-based APT defense game, rather than discrete decision weights, as in earlier prospect theoretic study of APT defense. The Nash equilibria of the CPT-based APT defense game are derived, showing that a subjective attacker becomes risk-seeking if the frame of reference for evaluating the utility is large, and becomes risk-averse if the frame of reference for evaluating the utility is small.