Biblio

The field of Big Data is expanding at an alarming rate since its inception in 2012. The excessive use of Social Networking Sites, collection of Data from Sensors for analysis and prediction of future events, improvement in Customer Satisfaction on Online S hopping portals by monitoring their past behavior and providing them information, items and offers of their interest instantaneously, etc had led to this rise in the field of Big Data. This huge amount of data, if analyzed and processed properly, can lead to decisions and outcomes that would be of great values and benefits to organizations and individuals. Security of Data and Privacy of User is of keen interest and high importance for individuals, industry and academia. Everyone ensure that their Sensitive information must be kept away from unauthorized access and their assets must be kept safe from security breaches. Privacy and Security are also equally important for Big Data and here, it is typical and complex to ensure the Privacy and Security, as the amount of data is enormous. One possible option to effectively and efficiently handle, process and analyze the Big Data is to make use of Machine Learning techniques. Machine Learning techniques are straightforward; applying them on Big Data requires resolution of various issues and is a challenging task, as the size of Data is too big. This paper provides a brief introduction to Big Data, the importance of Security and Privacy in Big Data and the various challenges that are required to overcome for applying the Machine Learning techniques on Big Data.

Various studies have been performed to explore the feasibility of detection of web-based attacks by machine learning techniques. False-positive and false-negative results have been reported as a major issue to be addressed to make machine learning-based detection and prevention of web-based attacks reliable and trustworthy. In our research, we tried to identify and address the root cause of the false-positive and false-negative results. In our experiment, we used the CSIC 2010 HTTP dataset, which contains the generated traffic targeted to an e-commerce web application. Our experimental results demonstrate that applying the proposed fine-tuned feature set extraction results in improved detection and classification of web-based attacks for all tested machine learning algorithms. The performance of the machine learning algorithm in the detection of attacks was evaluated by the Precision, Recall, Accuracy, and F-measure metrics. Among three tested algorithms, the J48 decision tree algorithm provided the highest True Positive rate, Precision, and Recall.

The growth of IoT devices during the last decade has led to the development of smart ecosystems, such as smart homes, prone to cyberattacks. Traditional security methodologies support to some extend the requirement for preserving privacy and security of such deployments, but their centralized nature in conjunction with low computational capabilities of smart home gateways make such approaches not efficient. Last achievements on blockchain technologies allowed the use of such decentralized architectures to support cybersecurity defence mechanisms. In this work, a blockchain framework is presented to support the cybersecurity mechanisms of smart homes installations, focusing on the immutability of users and devices that constitute such environments. The proposed methodology provides also the appropriate smart contracts support for ensuring the integrity of the smart home gateway and IoT devices, as well as the dynamic and immutable management of blocked malicious IPs. The framework has been deployed on a real smart home environment demonstrating its applicability and efficiency.

The trend of rapid development of mobile technologies has highlighted new challenges and threats regarding the information security by the using cookies in mobile learning (m-learning) systems. In order to overcome these challenges and threats, this paper has identified two main objectives. First, to give a review of most common types to cookies and second, to consider the challenges and threats regarding cookies with aspects that are directly related to issues of security and privacy. With these objectives is possible to bridge security gaps in m-learning systems. Moreover, the identified potential challenges and threats are discussed with the given proposals of pragmatic solutions for their mitigating or reducing. The findings of this research may help students to rise security awareness and security behavior in m-learning systems, and to better understand on-going security challenges and threats in m-learning systems.

Mobile browsers have become one of the main mediators of our online activities. However, as web pages continue to increase in size and streaming media on-the-go has become commonplace, mobile data plan constraints remain a significant concern for users. As a result, data-saving features can be a differentiating factor when selecting a mobile browser. In this paper, we present a comprehensive exploration of the security and privacy threat that data-saving functionality presents to users. We conduct the first analysis of Android's data-saving browser (DSB) ecosystem across multiple dimensions, including the characteristics of the various browsers' infrastructure, their application and protocol-level behavior, and their effect on users' browsing experience. Our research unequivocally demonstrates that enabling data-saving functionality in major browsers results in significant degradation of the user's security posture by introducing severe vulnerabilities that are not otherwise present in the browser during normal operation. In summary, our experiments show that enabling data savings exposes users to (i) proxy servers running outdated software, (ii) man-in-the-middle attacks due to problematic validation of TLS certificates, (iii) weakened TLS cipher suite selection, (iv) lack of support of security headers like HSTS, and (v) a higher likelihood of being labelled as bots. While the discovered issues can be addressed, we argue that data-saving functionality presents inherent risks in an increasingly-encrypted Web, and users should be alerted of the critical savings-vs-security trade-off that they implicitly accept every time they enable such functionality.

Fuzzing has been widely adopted as an effective techniques to detect vulnerabilities in softwares. However, existing fuzzers suffer from the problems of generating excessive test inputs that either cannot pass input validation or are ineffective in exploring unvisited regions in the program under test (PUT). To tackle these problems, we propose a greybox fuzzer called MuFuzzer based on AFL, which incorporates two heuristics that optimize seed selection and automatically extract input formatting information from the PUT to increase the chance of generating valid test inputs, respectively. In particular, the first heuristic collects the branch coverage and execution information during a fuzz session, and utilizes such information to guide fuzzing tools in selecting seeds that are fast to execute, small in size, and more importantly, more likely to explore new behaviors of the PUT for subsequent fuzzing activities. The second heuristic automatically identifies string comparison operations that the PUT uses for input validation, and establishes a dictionary with string constants from these operations to help fuzzers generate test inputs that have higher chances to pass input validation. We have evaluated the performance of MuFuzzer, in terms of code coverage and bug detection, using a set of realistic programs and the LAVA-M test bench. Experiment results demonstrate that MuFuzzer is able to achieve higher code coverage and better or comparative bug detection performance than state-of-the-art fuzzers.

Recently, several practical attacks raised serious concerns over the security of searchable encryption. The attacks have brought emphasis on forward privacy, which is the key concept behind solutions to the adaptive leakage-exploiting attacks, and will very likely to become a must-have property of all new searchable encryption schemes. For a long time, forward privacy implies inefficiency and thus most existing searchable encryption schemes do not support it. Very recently, Bost (CCS 2016) showed that forward privacy can be obtained without inducing a large communication overhead. However, Bost's scheme is constructed with a relatively inefficient public key cryptographic primitive, and has poor I/O performance. Both of the deficiencies significantly hinder the practical efficiency of the scheme, and prevent it from scaling to large data settings. To address the problems, we first present FAST, which achieves forward privacy and the same communication efficiency as Bost's scheme, but uses only symmetric cryptographic primitives. We then present FASTIO, which retains all good properties of FAST, and further improves I/O efficiency. We implemented the two schemes and compared their performance with Bost's scheme. The experiment results show that both our schemes are highly efficient.

Data sharing through the cloud is flourishing with the development of cloud computing technology. The new wave of technology will also give rise to new security challenges, particularly the data confidentiality in cloud-based sharing applications. Searchable encryption is considered as one of the most promising solutions for balancing data confidentiality and usability. However, most existing searchable encryption schemes cannot simultaneously satisfy requirements for both high search efficiency and strong security due to lack of some must-have properties, such as parallel search and forward security. To address this problem, we propose a variant searchable encryption with parallelism and forward privacy, namely the parallel and forward private searchable public-key encryption (PFP-SPE). PFP-SPE scheme achieves both the parallelism and forward privacy at the expense of slightly higher storage costs. PFP-SPE has similar search efficiency with that of some searchable symmetric encryption schemes but no key distribution problem. The security analysis and the performance evaluation on a real-world dataset demonstrate that the proposed scheme is suitable for practical application.

As the integration of the Internet of Vehicles and social networks, vehicular social networks (VSN) not only improves the efficiency and reliability of vehicular communication environment, but also provide more comprehensive social services for users. However, with the emergence of advanced communication and computing technologies, more and more data can be fast and conveniently collected from heterogeneous devices, and VSN has to meet new security challenges such as data security and privacy protection. Searchable encryption (SE) as a promising cryptographic primitive is devoted to data confidentiality without sacrificing data searchability. However, most existing schemes are vulnerable to the adaptive leakage-exploiting attacks or can not meet the efficiency requirements of practical applications, especially the searchable public-key encryption schemes (SPE). To achieve secure and efficient keyword search in VSN, we design a new blockchain-based searchable public-key encryption scheme with forward and backward privacy (BSPEFB). BSPEFB is a decentralized searchable public-key encryption scheme since the central search cloud server is replaced by the smart contract. Meanwhile, BSPEFB supports forward and backward privacy to achieve privacy protection. Finally, we implement a prototype of our basic construction and demonstrate the practicability of the proposed scheme in applications.

Compressive sensing (CS) is beneficial for unmanned reconnaissance systems to obtain high-quality images with limited resources. The existing prediction methods for block-based compressive sensing of images can be regarded as the particular coefficients of weighted predictive coding. To find better prediction coefficients for BCS, this paper proposes two weighted prediction methods. The first method converts the prediction model of measurements into a prediction model of image blocks. The prediction weights are obtained by training the prediction model of image blocks offline, which avoiding the influence of the sampling rates on the prediction model of measurements. Another method is to calculate the prediction coefficients adaptively based on the average energy of measurements, which can adjust the weights based on the measurements. Compared with existing methods, the proposed prediction methods for BCS of images can further improve the reconstruction image quality.

This paper examines the influence of quantization on the compressive sensing theory applied to the nonuniformly sampled nonsparse signals with reduced set of randomly positioned measurements. The error of the reconstruction will be generalized to exact expected squared error expression. The aim is to connect the generalized random sampling strategy with the quantization effect, finding the resulting error of the reconstruction. Small sampling deviations correspond to the imprecisions of the sampling strategy, while completely random sampling schemes causes large sampling deviations. Numerical examples provide an agreement between the statistical results and theoretical values.

This paper proposes a Time Difference of Arrival (TDoA) based method for the localization of Radio Frequency (RF) emitters working at different carriers, by using wideband spectrum sensors exploiting compressive sampling. The proposed measurement method is based on four or more RF receivers, with known Cartesian positions, performing non uniform sampling on the received signal. By means of simulations, the method has been compared against a localization method adopting RF receivers performing uniform sampling at Nyquist rate. The obtained preliminary results demonstrate that the method is capable of localizing two RF emitters achieving the same results obtained with uniform sampling, with a compression ratio up to CR = 20.

Compressive Sensing (CS) is a promising technology for the acquisition of signals. The number of measurements is reduced by using CS which is needed to obtain the signals in some basis that are compressible or sparse. The compressible or sparse nature of the signals can be obtained by transforming the signals in some domain. Depending on the signals sparsity signals are sampled below the Nyquist sampling criteria by using CS. An optimization problem needs to be solved for the recovery of the original signal. Very few studies have been reported about the reconstruction of the signals. Therefore, in this paper, the reconstruction algorithms are elaborated systematically for sparse signal recovery in CS. The discussion of various reconstruction algorithms in made in this paper will help the readers in order to understand these algorithms efficiently.

We propose a photonic compressive sampling scheme based on multimode fiber for radio spectrum sensing, which shows high accuracy and stability, and low complexity and cost. Pulse overlapping is utilized for a fast detection. © 2020 The Author(s).

The deep learning-based compressive Sensing (CS) has shown substantial improved performance and in run-time reduction with signal sampling and reconstruction. In most cases, moreover, these techniques suffer from disrupting artefacts or high-frequency contents at low sampling ratios. Similarly, this occurs in the multi-resolution sampling method, which further collects more components with lower frequencies. A promising innovation combining CS with convolutionary neural network has eliminated the sparsity constraint yet recovery persists slow. We propose a Deep wavelet based compressive sensing with multi-resolution framework provides better improvement in reconstruction as well as run time. The proposed model demonstrates outstanding quality on test functions over previous approaches.

Data sampling is critical process for energy constrained Wireless Sensor Networks. In this article, we proposed a Predictive Data Recovery Compressive Sensing (PDR-CS) procedure for data sampling. PDR-CS samples data measurements from the monitoring field on the basis of spatial and temporal correlation and sparse measurements recovered at the Sink. Our proposed algorithm, PDR-CS extends the iterative re-weighted -ℓ1(IRW - ℓ1) minimization and regularization on the top of Spatio-temporal compressibility for enhancing accuracy of signal recovery and reducing the energy consumption. The simulation study shows that from the less number of samples are enough to recover the signal. And also compared with the other compressive sensing procedures, PDR-CS works with less time.

The work we present is a comparative study based on an experimental approach to the mechanical and thermal properties of different local clay-based building materials with the incorporation of agricultural waste in Chad. These local building materials have been used since ancient times by the low-income population. They were the subject of a detailed characterization of their mechanical and thermal parameters. The objective is to obtain lightweight materials with good thermomechanical performance and which can contribute to improving thermal comfort, energy-saving, and security in social housing in Chad while reducing the cost of investment. Several clay-based samples with increasing incorporation of 0 to 8% of agricultural waste (cow dung or millet pod) were made. We used appropriate experimental methods for porous materials (the hydraulic press for mechanical tests and the box method for thermal tests). In this article, we have highlighted the values and variations of the mechanical compressive resistances, thermal conductivities, and thermal resistances of test pieces made with these materials. Knowing the mechanical and thermal characteristics, we also carried out a thermomechanical study. The thermal data made it possible to make Dynamic Thermal Simulations (STD) of the buildings thanks to the Pléiades + COMFIE software. The results obtained show that the use of these materials in a building presents good mechanical and thermal performance with low consumption of electrical energy for better thermal comfort of the occupants. Thus agricultural waste can be recovered thanks to its integration into building materials based on clay.

Compressive sensing (CS) is regarded as one of the promising solutions for IoT data encryption as it achieves simultaneous sampling, compression, and encryption. Theoretical work in the literature has proved that CS provides computational secrecy. It also provides asymptotic perfect secrecy for Gaussian sensing matrix with constraints on input signal. In this paper, we design an attack decoding algorithm based on block compressed sensing decoding algorithm to perform ciphertext-only attack on real-life time series IoT data. It shows that it is possible to retrieve vital information in the plaintext under some conditions. Furthermore, it is also applied to a State-of-the Art CS-based encryption scheme for smart grid, and the power profile is reconstructed using ciphertext-only attack. Additionally, the statistical analysis of Gaussian and Binomial measurements is conducted to investigate the randomness provided by them.

The paper proposes a new measurement method for impairments identification in wireline channels (i.e. wire cables) by exploiting a Compressive Sampling (CS)-based technique. The method consists of two-phases: (i) acquisition and reconstruction of the channel impulse response in the nominal working condition and (ii) analysis of the channel state to detect any physical anomaly/discontinuity like deterioration (e.g. aging due to harsh environment) or unauthorized side channel attacks (e.g. taps). The first results demonstrate that the proposed method is capable of estimating the channel impairments with an accuracy that could allow the classification of the main channel impairments. The proposed method could be used to develop low-cost instrumentation for continuous monitoring of the physical layer of data networks and to improve their hardware security.

After several years of research on onion routing, Camenisch and Lysyanskaya, in an attempt at rigorous analysis, defined an ideal functionality in the universal composability model, together with properties that protocols have to meet to achieve provable security. A whole family of systems based their security proofs on this work. However, analyzing HORNET and Sphinx, two instances from this family, we show that this proof strategy is broken. We discover a previously unknown vulnerability that breaks anonymity completely, and explain a known one. Both should not exist if privacy is proven correctly.In this work, we analyze and fix the proof strategy used for this family of systems. After proving the efficacy of the ideal functionality, we show how the original properties are flawed and suggest improved, effective properties in their place. Finally, we discover another common mistake in the proofs. We demonstrate how to avoid it by showing our improved properties for one protocol, thus partially fixing the family of provably secure onion routing protocols.

Problems related to privacy and cyber-attacks have increased in recent years as a result of the rapid development of cloud computing. This work concerns secure cloud computing services on a blockchain platform, called cloud@blockchain, which benefit from the anonymity and immutability of blockchain. Two functions- anonymous file sharing and inspections to find illegally uploaded files- on cloud@blockchain are designed. On cloud@blockchain, cloud users can access data through smart contracts, and recognize all users within the application layer. The performance of three architectures- a pure blockchain, a hybrid blockchain with cache and a traditional database in accessing data is analyzed. The results reveal the superiority of the hybrid blockchain with the cache over the pure blockchain and the traditional database, which it outperforms by 500% and 53.19%, respectively.

Self-sovereign identities provide user autonomy and immutability to individual identities and full control to their identity owners. The immutability and control are possible by implementing identities in a decentralized manner on blockchains that are specially designed for identity operations such as Hyperledger Indy. As with any type of identity, self-sovereign identities too deal with Personally Identifiable Information (PII) of the identity holders and comes with the usual risks of privacy and security. This study examined certain scenarios of personal data disclosure via credential exchanges between such identities and risks of man-in-the-middle attacks in the blockchain based identity system Hyperledger Indy. On the basis of the findings, the paper proposes the following enhancements: 1) A novel attribute sensitivity score model for self-sovereign identity agents to ascertain the sensitivity of attributes shared in credential exchanges 2) A method of mitigating man-in-the-middle attacks between peer self-sovereign identities and 3) A novel quantitative model for determining a credential issuer's reputation based on the number of issued credentials in a window period, which is then utilized to calculate an overall confidence level score for the issuer.

We consider information leakage to the user in private information retrieval (PIR) systems. Information leakage can be measured in terms of individual message leakage or total leakage. Individual message leakage, or simply individual leakage, is defined as the amount of information that the user can obtain on any individual message that is not being requested, and the total leakage is defined as the amount of information that the user can obtain about all the other messages except the one being requested. In this work, we characterize the tradeoff between the minimum download cost and the individual leakage, and that for the total leakage, respectively. Coding schemes are proposed to achieve these optimal tradeoffs, which are also shown to be optimal in terms of the message size. We further characterize the optimal tradeoff between the minimum amount of common randomness and the total leakage. Moreover, we show that under individual leakage, common randomness is in fact unnecessary when there are more than two messages.

To contest the rapidly developing cyber-attacks, numerous collaborative security schemes, in which multiple security entities can exchange their observations and other relevant data to achieve more effective security decisions, are proposed and developed in the literature. However, the security-related information shared among the security entities may contain some sensitive information and such information exchange can raise privacy concerns, especially when these entities belong to different organizations. With such consideration, the interplay between the attacker and the collaborative entities is formulated as Quantitative Information Flow (QIF) games, in which the QIF theory is adapted to measure the collaboration gain and the privacy loss of the entities in the information sharing process. In particular, three games are considered, each corresponding to one possible scenario of interest in practice. Based on the game-theoretic analysis, the expected behaviors of both the attacker and the security entities are obtained. In addition, the simulation results are presented to validate the analysis.

This paper considers the transmission of confidential data over wireless channels. Based on an information-theoretic formulation of the problem, in which two legitimates partners communicate over a quasi-static fading channel and an eavesdropper observes their transmissions through a second independent quasi-static fading channel, the important role of fading is characterized in terms of average secure communication rates and outage probability. Based on the insights from this analysis, a practical secure communication protocol is developed, which uses a four-step procedure to ensure wireless information-theoretic security: (i) common randomness via opportunistic transmission, (ii) message reconciliation, (iii) common key generation via privacy amplification, and (iv) message protection with a secret key. A reconciliation procedure based on multilevel coding and optimized low-density parity-check (LDPC) codes is introduced, which allows to achieve communication rates close to the fundamental security limits in several relevant instances. Finally, a set of metrics for assessing average secure key generation rates is established, and it is shown that the protocol is effective in secure key renewal-even in the presence of imperfect channel state information.