Biblio

Biometric matching involves storing and processing sensitive user information. Maintaining the privacy of this data is thus a major challenge, and homomorphic encryption offers a possible solution. We propose a privacy-preserving biometrics-based authentication protocol based on fully homomorphic en-cryption, where the biometric sample for a user is gathered by a local device but matched against a biometric template by a remote server operating solely on encrypted data. The design ensures that 1) the user's sensitive biometric data remains private, and 2) the user and client device are securely authenticated to the server. A proof-of-concept implementation building on the TFHE library is also presented, which includes the underlying basic operations needed to execute the biometric matching. Performance results from the implementation show how complex it is to make FHE practical in this context, but it appears that, with implementation optimisations and improvements, the protocol could be used for real-world applications.

Biometric data is prone to attacks and threats from hackers who are professionals in cyber-crimes. Therefore, securing the data is very essential. Steganographic approach, which is a process of concealing data, is proposed as a solution to this. Biometrics are hidden inside other biometrics for safe storage and secure transmission. Also, it is designed to be robust against attacks, and cannot be detected easily. The intention of this paper is to highlight a method of hiding one image in another image by using mid position value(mpv) technique. Here we have to choose the secret biometric on which Arnold transform will be applied resulting in a scrambled version of the secret biometric. This will be enveloped inside cover image which results in a stego-image. Lastly, hidden secret biometric will be decoded from this stego image, which will first result in a scrambled secret biometric. Inverse Arnold Transform will be applied on this to finally result in the decoded secret biometric. The paper further explains the working and processes in detail.

Nowadays, face recognition is used everywhere in all fields. Though the face recognition is used for security purposes there is also chance in hacking the faces which is used for face recognition. For enhancing the face security, encryption and decryption technique is used. Face cognizance has been engaged in more than a few security-connected purposes such as supervision, e-passport, and etc… The significant use of biometric raises vital private concerns, in precise if the biometric same method is carried out at a central or unfrosted servers, and calls for implementation of Privacy improving technologies. For privacy concerns the encoding and decoding is used. For achieving the result we are using the Open Computer Vision (OpenCV) tool. With the help of this tool we are going to cipher the face and decode the face with advanced encryption standards techniques. OpenCV is the tool used in this project

The process of Big data storage has become challenging due to the expansion of extensive data; data providers will offer encrypted data and upload to Big data. However, the data exchange mechanism is unable to accommodate encrypted data. Particularly when a large number of users share the scalable data, the scalability becomes extremely limited. Using a contemporary privacy protection system to solve this issue and ensure the security of encrypted data, as well as partially homomorphic re-encryption and decryption (PHRED). This scheme has the flexibility to share data by ensuring user's privacy with partially trusted Big Data. It can access to strong unforgeable scheme it make the transmuted cipher text have public and private key verification combined identity based Augmented Homomorphic Re Encryption Decryption(AHRED) on paillier crypto System with Laplacian noise filter the performance of the data provider for privacy preserving big data.

Fully homomorphic encryption (FHE) provides effective security assurance for privacy computing in cloud environments. But the existing FHE schemes are generally faced with challenges including using single-bit encryption and large ciphertext noise, which greatly affects the encryption efficiency and practicability. In this paper, a low-noise FHE scheme supporting multi-bit encryption is proposed based on the HAO scheme. The new scheme redesigns the encryption method without changing the system parameters and expands the plaintext space to support the encryption of integer matrices. In the process of noise reduction, we introduce a PNR method and use the subGaussian distribution theory to analyze the ciphertext noise. The security and the efficiency analysis show that the improved scheme can resist the chosen plaintext attack and effectively reduce the noise expansion rate. Comparative experiments show that the scheme has high encryption efficiency and is suitable for the privacy-preserving computation of integer matrices.

Recent work on intrusion-tolerance has shown that resilience to sophisticated network attacks requires system replicas to be deployed across at least three geographically distributed sites. While commodity data centers offer an attractive solution for hosting these sites due to low cost and management overhead, their use raises significant confidentiality concerns: system operators may not want private data or proprietary algorithms exposed to servers outside their direct control. We present a new model for Byzantine Fault Tolerant replicated systems that moves toward “intrusion tolerance as a service”. Under this model, application logic and data are only exposed to servers hosted on the system operator's premises. Additional offsite servers hosted in data centers can support the needed resilience without executing application logic or accessing unencrypted state. We have implemented this approach in the open-source Spire system, and our evaluation shows that the performance overhead of providing confidentiality can be less than 4% in terms of latency.

The Internet-of-Things (IoT) paradigm at large continues to be compromised, hindering the privacy, dependability, security, and safety of our nations. While the operational security communities (i.e., CERTS, SOCs, CSIRT, etc.) continue to develop capabilities for monitoring cyberspace, tools which are IoT-centric remain at its infancy. To this end, we address this gap by innovating an actionable Cyber Threat Intelligence (CTI) feed related to Internet-scale infected IoT devices. The feed analyzes, in near real-time, 3.6TB of daily streaming passive measurements ( ≈ 1M pps) by applying a custom-developed learning methodology to distinguish between compromised IoT devices and non-IoT nodes, in addition to labeling the type and vendor. The feed is augmented with third party information to provide contextual information. We report on the operation, analysis, and shortcomings of the feed executed during an initial deployment period. We make the CTI feed available for ingestion through a public, authenticated API and a front-end platform.

Cloud Computing is a favored choice of any IT organization in the current context since that provides flexibility and pay-per-use service to the users. Moreover, due to its open and inclusive architecture which is accessible to attackers. Security and privacy are a big roadblock to its success. For any IT organization, intrusion detection systems are essential to the detection and endurance of effective detection system against attacker aggressive attacks. To recognize minor occurrences and become significant breaches, a fully managed intrusion detection system is required. The most prevalent approach for intrusion detection on the cloud is the Intrusion Detection System (IDS). This research introduces a cloud-based deep learning-LSTM IDS model and evaluates it to a hybrid Stacked Contractive Auto Encoder (SCAE) + Support Vector Machine (SVM) IDS model. Deep learning algorithms like basic machine learning can be built to conduct attack detection and classification simultaneously. Also examine the detection methodologies used by certain existing intrusion detection systems. On two well-known Intrusion Detection datasets (KDD Cup 99 and NSL-KDD), our strategy outperforms current methods in terms of accurate detection.

In the crowdsourced testing system, due to the openness of crowdsourced testing platform and other factors, the security of crowdsourced testing intellectual property cannot be effectively protected. We proposed an attribute-based double encryption scheme, combined with the blockchain technology, to achieve the data access control method of the code to be tested. It can meet the privacy protection and traceability of specific intellectual property in the crowdsourced testing environment. Through the experimental verification, the access control method is feasible, and the performance test is good, which can meet the normal business requirements.

This paper describes the process of developing data visualisations to enhance a commercial software platform for combating insider threat, whose existing UI, while perfectly functional, was limited in its ability to allow analysts to easily spot the patterns and outliers that visualisation naturally reveals. We describe the design and development process, proceeding from initial tasks/requirements gathering, understanding the platform’s data formats, the rationale behind the visualisations’ design, and then refining the prototype through gathering feedback from representative domain experts who are also current users of the software. Through a number of example scenarios, we show that the visualisation can support the identified tasks and aid analysts in discovering and understanding potentially risky insider activity within a large user base.

Internal attacks are one of the biggest cybersecurity issues to companies and businesses. Despite the implemented perimeter security systems, the risk of adversely affecting the security and privacy of the organization’s information remains very high. Actually, the detection of such a threat is known to be a very complicated problem, presenting many challenges to the research community. In this paper, we investigate the effectiveness and usefulness of using Autoencoder and Variational Autoencoder deep learning algorithms to automatically defend against insider threats, without human intervention. The performance evaluation of the proposed models is done on the public CERT dataset (CERT r4.2) that contains both benign and malicious activities generated from 1000 simulated users. The comparison results with other models show that the Variational Autoencoder neural network provides the best overall performance with a higher detection accuracy and a reasonable false positive rate.

Insider threats are the cyber attacks from the trusted entities within an organization. An insider attack is hard to detect as it may not leave a footprint and potentially cause huge damage to organizations. Anomaly detection is the most common approach for insider threat detection. Lack of real-world data and the skewed class distribution in the datasets makes insider threat analysis an understudied research area. In this paper, we propose a Conditional Generative Adversarial Network (CGAN) to enrich under-represented minority class samples to provide meaningful and diverse data for anomaly detection from the original malicious scenarios. Comprehensive experiments performed on benchmark dataset demonstrates the effectiveness of using CGAN augmented data, and the capability of multi-class anomaly detection for insider activity analysis. Moreover, the method is compared with other existing methods against different parameters and performance metrics.

This research concerns the detection of unauthorised access within hospital networks through the real-time analysis of audit logs. Privacy is a primary concern amongst patients due to the rising adoption of Electronic Patient Record (EPR) systems. There is growing evidence to suggest that patients may withhold information from healthcare providers due to lack of Trust in the security of EPRs. Yet, patient record data must be available to healthcare providers at the point of care. Ensuring privacy and confidentiality of that data is challenging. Roles within healthcare organisations are dynamic and relying on access control is not sufficient. Through proactive monitoring of audit logs, unauthorised accesses can be detected and presented to an analyst for review. Advanced data analytics and visualisation techniques can be used to aid the analysis of big data within EPR audit logs to identify and highlight pertinent data points. Employing a human-in-the-loop model ensures that suspicious activity is appropriately investigated and the data analytics is continuously improving. This paper presents a system that employs a Human-in-the-Loop Machine Learning (HILML) algorithm, in addition to a density-based local outlier detection model. The system is able to detect 145 anomalous behaviours in an unlabelled dataset of 1,007,727 audit logs. This equates to 0.014% of the EPR accesses being labelled as anomalous in a specialist Liverpool (UK) hospital.

Personalized IoT adapt their behavior based on contextual information, such as user behavior and location. Unfortunately, the fact that personalized IoT adapt to user context opens a side-channel that leaks private information about the user. To that end, we start by studying the extent to which a malicious eavesdropper can monitor the actions taken by an IoT system and extract user's private information. In particular, we show two concrete instantiations (in the context of mobile phones and smart homes) of a new category of spyware which we refer to as Context-Aware Adaptation Based Spyware (SpyCon). Experimental evaluations show that the developed SpyCon can predict users' daily behavior with an accuracy of 90.3%. Being a new spyware with no known prior signature or behavior, traditional spyware detection that is based on code signature or system behavior are not adequate to detect SpyCon. We discuss possible detection and mitigation mechanisms that can hinder the effect of SpyCon.

Performing a live digital forensics investigation on a running system is challenging due to the time pressure under which decisions have to be made. Newly proliferating and frequently applied types of malware (e.g., fileless malware) increase the need to conduct digital forensic investigations in real-time. In the course of these investigations, forensic experts are confronted with a wide range of different forensic tools. The decision, which of those are suitable for the current situation, is often based on the cyber forensics experts’ experience. Currently, there is no reliable automated solution to support this decision-making. Therefore, we derive requirements for visually supporting the decision-making process for live forensic investigations and introduce a research prototype that provides visual guidance for cyber forensic experts during a live digital forensics investigation. Our prototype collects relevant core information for live digital forensics and provides visual representations for connections between occurring events, developments over time, and detailed information on specific events. To show the applicability of our approach, we analyze an exemplary use case using the prototype and demonstrate the support through our approach.

Homomorphic Encryption is one of the most promising techniques to deal with privacy concerns, which is raised by remote deep learning paradigm, and maintain high classification accuracy. However, homomorphic encryption-based solutions are characterized by high overhead in terms of both computation and communication, which limits their adoption in pervasive health monitoring applications with constrained client-side devices. In this paper, we propose PReDIHERO, an improved privacy-preserving solution for remote deep learning inferences based on homomorphic encryption. The proposed solution applies a reversible obfuscation technique that successfully protects sensitive information, and enhances the client-side overhead compared to the conventional homomorphic encryption approach. The solution tackles three main heavyweight client-side tasks, namely, encryption and transmission of private data, refreshing encrypted data, and outsourcing computation of activation functions. The efficiency of the client-side is evaluated on a healthcare dataset and compared to a conventional homomorphic encryption approach. The evaluation results show that PReDIHERO requires increasingly less time and storage in comparison to conventional solutions when inferences are requested. At two hundreds inferences, the improvement ratio could reach more than 30 times in terms of computation overhead, and more than 8 times in terms of communication overhead. The same behavior is observed in sequential data and batch inferences, as we record an improvement ratio of more than 100 times in terms of computation overhead, and more than 20 times in terms of communication overhead.

Autonomous vehicles (AVs) offer a wide range of promising benefits by reducing traffic accidents, environmental pollution, traffic congestion and land usage etc. However, to reap the intended benefits of AVs, it is inevitable that this technology should be trusted and accepted by the public. The consumer's substantial trust upon AVs will lead to its widespread adoption in the real-life. It is well understood that the preservation of strong security and privacy features influence a consumer's trust on a product in a positive manner. In this paper, we introduce a novel concept of digital labels for AVs to increase consumers awareness and trust regarding the security level of their vehicle. We present an architecture called Cybersecurity Box (CSBox) that leverages digital labels to display and inform consumers and passengers about cybersecurity status of the AV in use. The introduction of cybersecurity digital labels on the dashboard of AVs would attempt to increase the trust level of consumers and passengers on this promising technology.

To meet the application need of dynamic visualization VR display of 3D time-varying field, this paper designed an immersive visualization VR system of 3D time-varying field based on the Unity 3D framework. To reduce visual confusion caused by 3D time-varying field flow line drawing and improve the quality and efficiency of visualization rendering drawing, deep learning was used to extract features from the mesoscale vortex of the 3D time-varying field. Moreover, the 3D flow line dynamic visualization drawing was implemented through the Unity Visual Effect Graph particle system.

Construction of immersive architectural wisdom guiding environment based on virtual reality is studied in this paper. Emerging development of the computer smart systems have provided the engineers a novel solution for the platform construction. Network virtualization is currently the most unclear and controversial concept in the industry regarding the definition of virtualization subdivisions. To improve the current study, we use the VR system to implement the platform. The wisdom guiding environment is built through the virtual data modelling and the interactive connections. The platform is implemented through the software. The test on the data analysis accuracy and the interface optimization is conducted.

Recent advancements of spatial audio technologies to enhance human’s emotional and immersive experiences are gathering attention. Many studies are clarifying the neural mechanisms of acoustic spatial perception; however, they are limited to the evaluation of mechanisms using basic sound stimuli. Therefore, it remains challenging to evaluate the experience of actual music contents and to verify the effects of higher-order neurophysiological responses including a sense of immersive and realistic experience. To investigate the effects of spatial audio experience, we verified the psychophysiological responses of immersive spatial audio experience using sound field synthesis (SFS) technology. Specifically, we evaluated alpha power as the central nervous system activity, heart rate/heart rate variability and skin conductance as the autonomic nervous system activity during an acoustic experience of an actual music content by comparing stereo and SFS conditions. As a result, statistically significant differences (p \textbackslashtextless 0.05) were detected in the changes in alpha wave power, high frequency wave power of heart rate variability (HF), and skin conductance level (SCL) among the conditions. The results of the SFS condition showed enhanced the changes in alpha power in the frontal and parietal regions, suggesting enhancement of emotional experience. The results of the SFS condition also suggested that close objects are grouped and perceived on the basis of the spatial proximity of sounds in the presence of multiple sound sources. It is demonstrating that the potential use of SFS technology can enhance emotional and immersive experiences by spatial acoustic expression.

The project uses 3D immersive technology to innovatively apply virtual reality technology to the monitoring field, and proposes the concept and technical route of remote 3D immersive intelligent control. A design scheme of a three-dimensional immersive remote somatosensory intelligent controller is proposed, which is applied to the remote three-dimensional immersive control of a crawler mobile robot, and the test and analysis of the principle prototype are completed.

This work presents a system which allows image data and extracted features from a real-world location to be captured and modelled in a Virtual Reality (VR) environment combined with Augmented Situated Visualizations (ASV) overlaid and registered in a virtual environment. Combining these technologies with techniques from Data Science and Artificial Intelligence (AI)(such as image analysis and 3D reconstruction) allows the creation of a setting where remote locations can be modelled and interacted with from anywhere in the world. This Enhanced Photorealistic Immersive (EPI) system is highly adaptable to a wide range of use cases and users as it can be utilized to model and interact with any environment which can be captured as image data (such as training for operation in hazardous environments, accessibility solutions for exploration of historical/tourism locations and collaborative learning environments). A use case example focused on a structural examination of railway tunnels along with a pilot study is presented, which can demonstrate the usefulness of the EPI system.

At present, the limitation of intangible cultural experience lies in the lack of long-term immersive cultural experience for users. In order to solve this problem, this study divides the process from the perspective of Freudian psychology and combines the theoretical research on intangible cultural heritage and flow experience to get the preliminary research direction. Then, based on the existing interactive experience cases of intangible cultural heritage, a set of method model of immersive interactive experience of intangible cultural heritage based on flow theory is summarized through user interviews in this research. Finally, through data verification, the model is proved to be correct. In addition, this study offers some important insights into differences between primary users and experienced users, and proposed specific guiding suggestions for immersive interactive experience design of intangible cultural heritage based on flow theory in the future.

With the advancement of portable head-mounted displays, interest in educational application of immersive spherical video-based virtual reality (SVVR) has been emerging. However, it remains unclear regarding the effects of immersive SVVR on cognitive and affective outcomes. In this study, we retrieved 58 learning outcomes from 16 studies. A meta-analysis was performed using the random effects model to calculate the effect size. Several important moderators were also examined such as control group treatment, learning outcome type, interaction functionality, content instruction, learning domain, and learner's stage. The results show that immersive SVVR is more effective than other instructional conditions with a medium effect size. The key findings of the moderator analysis are that immersive SVVR has a greater impact on affective outcomes, as well as under the conditions that learning system provides interaction functionality or integrates with content instruction before virtual exploratory learning.

Stress-related disorders are increasing because of work load, forces in teamwork, surroundings pressures and health related conditions. Thus, to avoid people living under heavy stress and develop more severe stress-related disorders, different internet and applications of stress management interventions are offered. Mobile applications with self-assessed health, burnout-scores and well-being are commonly used as outcome measures. Few studies have used sickleave to compare effects of stress interventions. A new approach is to use nature and garden in a multimodal stress management context. This study aimed to explore the effects of immersive and non-immersive games application by using nature theme virtual stress therapy in reducing stress level. Two weeks’ of experiments had involved 18 participants. Nine (9) of them were invited to join the first experiment which focused on immersive virtual reality (VR) experience. Their Blood Volume Pulse with Heart Rate (BVP+HR) and Skin Conductance (SC) were recorded using BioGraph Infiniti Biofeedback System that comes with three (3) sensors attached to the fingers. The second experiment were joined by another nine (9) participants. This experiment was testing on non-immersive desktop control experience. The same protocol measurements were taken which are BVP+HR and SC. Participants were given the experience to feel and get carried into the virtual nature as a therapy so that they will reduce stress. The result of this study points to whether immersive or non-immersive VR display using nature theme virtual therapy would reduce individuals stress level. After conducted series of experiments, results showed that both immersive and non-immersive VR display reduced stress level. However, participants were satisfied of using the immersive version as it provided a 360 degree of viewing, immersed experiences and feeling engaged. Thus, this showed and proved that applications developed with nature theme affect successfully reduce stress level no matter it is put in immersive or non-immersive display.