Biblio

Cloud is the perfect way to hold our data every day. Yet the confidentiality of our data is a big concern in the handling of cloud data. Data integrity, authentication and confidentiality are basic security threats in the cloud. Cryptography techniques and Third Party Auditor (TPA) are very useful to impose the integrity and confidentiality of data. In this paper, a system is proposed Enhancing data protection that is housed in cloud computing. The suggested solution uses the RSA algorithm and the AES algorithm to encrypt user data. The hybridization of these two algorithms allows better data protection before it is stored in the cloud. Secure hash algorithm 512 is used to compute the Hash Message Authentication Code (HMAC). A stable audit program is also introduced for Third Party Auditor (TPA) use. The suggested algorithm is applied in python programming and tested in a simple sample format. It is checked that the proposed algorithm functions well to guarantee greater data protection.

Security of cloud storage and sharing is concerned for years since a semi-trusted party, Cloud Server Provider (CSP), has access to user data on cloud server that may leak users' private data without constraint. Intuitively, an efficient solution of protecting cloud data is to encrypt it before uploading to the cloud server. However, a new requirement, data sharing, makes it difficult to manage secret keys among data owners and target users. Therefore conditional proxy broadcast re-encryption technology (CPBRE) is proposed in recent years to provide data encryption and sharing approaches for cloud environment. It enables a data owner to upload encrypted data to the cloud server and a third party proxy can re-encrypted cloud data under certain condition to a new ciphertext so that target users can decrypt re-encrypted data using their own private key. But few CPBRE schemes are applicable for a dynamic cloud environment. In this paper, we propose a new dynamic conditional proxy broadcast reencryption scheme that can be dynamic in system user setting and target user group. The initialization phase does not require a fixed system user setup so that users can join or leave the system in any time. And data owner can dynamically change the group of user he wants to share data with. We also provide security analysis which proves our scheme to be secure against CSP, and performance analysis shows that our scheme exceeds other schemes in terms of functionality and resource cost.

Internet application providers now have more incentive than ever to collect user data, which greatly increases the risk of user privacy violations due to the emerging of deep neural networks. In this paper, we propose TensorClog-a poisoning attack technique that is designed for privacy protection against deep neural networks. TensorClog has three properties with each of them serving a privacy protection purpose: 1) training on TensorClog poisoned data results in lower inference accuracy, reducing the incentive of abusive data collection; 2) training on TensorClog poisoned data converges to a larger loss, which prevents the neural network from learning the privacy; and 3) TensorClog regularizes the perturbation to remain a high structure similarity, so that the poisoning does not affect the actual content in the data. Applying our TensorClog poisoning technique to CIFAR-10 dataset results in an increase in both converged training loss and test error by 300% and 272%, respectively. It manages to maintain data's human perception with a high SSIM index of 0.9905. More experiments including different limited information attack scenarios and a real-world application transferred from pre-trained ImageNet models are presented to further evaluate TensorClog's effectiveness in more complex situations.

Cloud storage service makes it very convenient for people to access and share data. At the same time, the confidentiality and privacy of user data is also facing great challenges. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) scheme is widely considered to be the most suitable security access control technology for cloud storage environment. Aiming at the problem of privacy leakage caused by single-cloud CP-ABE which is commonly adopted in the current schemes, this paper proposes a privacy-preserving CP-ABE access control scheme using multi-cloud architecture. By improving the traditional CP-ABE algorithm and introducing a proxy to cut the user's private key, it can ensure that only a part of the user attribute set can be obtained by a single cloud, which effectively protects the privacy of user attributes. Meanwhile, the intermediate logical structure of the access policy tree is stored in proxy, and only the leaf node information is stored in the ciphertext, which effectively protects the privacy of the access policy. Security analysis shows that our scheme is effective against replay and man-in-the-middle attacks, as well as user collusion attack. Experimental results also demonstrates that the multi-cloud CP-ABE does not significantly increase the overhead of storage and encryption compared to the single cloud scheme, but the access control overhead decreases as the number of clouds increases. When the access policy is expressed with a AND gate structure, the decryption overhead is obviously less than that of a single cloud environment.

Given two strings: pattern p of length m and text t of length n. The string matching problem is to find all (or some) occurrences of the pattern p in the text t. We introduce a new simple data structure, called index arrays, and design fast privacy-preserving matching algorithm for string matching. The motivation behind introducing index arrays is determined by the need for pattern matching on distributed cloud-based datasets with semi-trusted cloud providers. It is intended to use encrypted index arrays both to improve performance and protect confidentiality and privacy of user data.

Most centralized systems allow data access to its cloud user if a cloud user has a certain set of satisfying attributes. Presently, one method to compete such policies is to use an authorized cloud server to maintain the user data and have access control over it. At times, when one of the servers keeping data is compromised, the security of the user data is compromised. For getting access control, maintaining data security and obtaining precise computing results, the data owners have to keep attribute-based security to encrypt the stored data. During the delegation of data on cloud, the cloud servers may be tampered by the counterfeit cipher-text. Furthermore, the authorized users may be cheated by retorting them that they are unauthorized. Largely the encryption control access attribute policies are complex. In this paper, we present Cipher-text Policy Attribute-Based Encryption for maintaining complex access control over encrypted data with verifiable customizable authorization. The proposed technique provides data confidentiality to the encrypted data even if the storage server is comprised. Moreover, our method is highly secured against collusion attacks. In advance, performance evaluation of the proposed system is elaborated with implementation of the same.

Deep web, a hidden and encrypted network that crawls beneath the surface web today has become a social hub for various criminals who carry out their crime through the cyber space and all the crime is being conducted and hosted on the Deep Web. This research paper is an effort to bring forth various techniques and ways in which an internet user can be safe online and protect his privacy through anonymity. Understanding how user's data and private information is phished and what are the risks of sharing personal information on social media.

Ransomware is a growing threat that encrypts auser's files and holds the decryption key until a ransom ispaid by the victim. This type of malware is responsible fortens of millions of dollars in extortion annually. Worse still, developing new variants is trivial, facilitating the evasion of manyantivirus and intrusion detection systems. In this work, we presentCryptoDrop, an early-warning detection system that alerts a userduring suspicious file activity. Using a set of behavior indicators, CryptoDrop can halt a process that appears to be tampering witha large amount of the user's data. Furthermore, by combininga set of indicators common to ransomware, the system can beparameterized for rapid detection with low false positives. Ourexperimental analysis of CryptoDrop stops ransomware fromexecuting with a median loss of only 10 files (out of nearly5,100 available files). Our results show that careful analysis ofransomware behavior can produce an effective detection systemthat significantly mitigates the amount of victim data loss.