Biblio

Third-party storage services pose the risk of integrity and confidentiality violations as the current storage policy enforcement mechanisms are spread across many layers in the system stack. To mitigate these security vulnerabilities, we present the design and implementation of Pesos, a Policy Enhanced Secure Object Store (Pesos) for untrusted third-party storage providers. Pesos allows clients to specify per-object security policies, concisely and separately from the storage stack, and enforces these policies by securely mediating the I/O in the persistence layer through a single unified enforcement layer. More broadly, Pesos exposes a rich set of storage policies ensuring the integrity, confidentiality, and access accounting for data storage through a declarative policy language. Pesos enforces these policies on untrusted commodity platforms by leveraging a combination of two trusted computing technologies: Intel SGX for trusted execution environment (TEE) and Kinetic Open Storage for trusted storage. We have implemented Pesos as a fully-functional storage system supporting many useful end-to-end storage features, and a range of effective performance optimizations. We evaluated Pesos using a range of micro-benchmarks, and real-world use cases. Our evaluation shows that Pesos incurs reasonable performance overheads for the enforcement of policies while keeping the trusted computing base (TCB) small.

Software Defined Network (SDN) is getting popularity both from academic and industry. Lot of researches have been made to combine SDN with future Internet paradigms to manage and control networks efficiently. SDN provides better management and control in a network through decoupling of data and control plane. Named Data Networking (NDN) is a future Internet technique with aim to replace IPv4 addressing problems. In NDN, communication between different nodes done on the basis of content names rather than IP addresses. Vehicular Ad-hoc Network (VANET) is a subtype of MANET which is also considered as a hot area for future applications. Different vehicles communicate with each other to form a network known as VANET. Communication between VANET can be done in two ways (i) Vehicle to Vehicle (V2V) (ii) Vehicle to Infrastructure (V2I). Combination of SDN and NDN techniques in future Internet can solve lot of problems which were hard to answer by considering a single technique. Security in VANET is always challenging due to unstable topology of VANET. In this paper, we merge future Internet techniques and propose a new scheme to answer timing attack problem in VANETs named as Timing Attack Prevention (TAP) protocol. Proposed scheme is evaluated through simulations which shows the superiority of proposed protocol regarding detection and mitigation of attacker vehicles as compared to normal timing attack scenario in NDN based VANET.

Hardware information flow analysis detects security vulnerabilities resulting from unintended design flaws, timing channels, and hardware Trojans. These information flow models are typically generated in a general way, which includes a significant amount of redundancy that is irrelevant to the specified security properties. In this work, we propose a property specific approach for information flow security. We create information flow models tailored to the properties to be verified by performing a property specific search to identify security critical paths. This helps find suspicious signals that require closer inspection and quickly eliminates portions of the design that are free of security violations. Our property specific trimming technique reduces the complexity of the security model; this accelerates security verification and restricts potential security violations to a smaller region which helps quickly pinpoint hardware security vulnerabilities.

The purpose of this research is to propose a new mathematical model, designed to evaluate the security of cryptosystems. This model is a mixture of ideas from two basic mathematical theories, information theory and game theory. The role of information theory is assigning the model with security criteria of the cryptosystems. The role of game theory was to produce the value of the game which is representing the outcome of these criteria, which finally refers to cryptosystem's security. The proposed model support an accurate and mathematical way to evaluate the security of cryptosystems by unifying the criteria resulted from information theory and produce a unique reasonable value.

Awareness and knowledge management are key components to achieve a high level of information security in organizations. However, practical evidence suggests that there are significant discrepancies between the typical elements of security awareness campaigns, the decisions made and goals set by top-level management, and routine operations carried out by systems administration personnel. This paper presents Vis4Sec, a process framework for the generation and distribution of stakeholder-specific visualizations of security metrics, which assists in closing the gap between theoretical and practical information security by respecting the different points of view of the involved security report audiences. An implementation for patch management on Linux servers, deployed at a large data center, is used as a running example.

Fuzzy extractors (Dodiset al., Eurocrypt 2004) turn a noisy secret into a stable, uniformly distributed key. Reusable fuzzy extractors remain secure when multiple keys are produced from a single noisy secret (Boyen, CCS 2004). Boyen showed information-theoretically secure reusable fuzzy extractors are subject to strong limitations. Simoens et al. (IEEE S&P, 2009) then showed deployed constructions suffer severe security breaks when reused. Canetti et al. (Eurocrypt 2016) used computational security to sidestep this problem, building a computationally secure reusable fuzzy extractor that corrects a sublinear fraction of errors. We introduce a generic approach to constructing reusable fuzzy extractors. We define a new primitive called a reusable pseudoentropic isometry that projects an input metric space to an output metric space. This projection preserves distance and entropy even if the same input is mapped to multiple output metric spaces. A reusable pseudoentropy isometry yields a reusable fuzzy extractor by 1) randomizing the noisy secret using the isometry and 2) applying a traditional fuzzy extractor to derive a secret key. We propose reusable pseudoentropic isometries for the set difference and Hamming metrics. The set difference construction is built from composable digital lockers (Canetti and Dakdouk, Eurocrypt 2008). For the Hamming metric, we show that the second construction of Canetti et al.(Eurocrypt 2016) can be seen as an instantiation of our framework. In both cases, the pseudoentropic isometry's reusability requires noisy secrets distributions to have entropy in each symbol of the alphabet. Our constructions yield the first reusable fuzzy extractors that correct a constant fraction of errors. We also implement our set difference solution and describe two use cases.

Thanks to its decentralized structure and immutability, blockchain technology has the potential to address relevant security and privacy challenges in the Internet of Things (IoT). In particular, by hosting and executing smart contracts, blockchain allows secure, flexible, and traceable message communication between IoT devices. The unique characteristics of IoT systems, such as heterogeneity and pervasiveness, however, pose challenges in designing smart contracts for such systems. In this paper, we study these challenges and propose a design approach for smart contracts used in IoT systems. The main goal of our design model is to enhance the development of IoT smart contracts based on the inherent pervasive attributes of IoT systems. In particular, the design model allows the smart contracts to encapsulate functionalities such as contractlevel communication between IoT devices, access to data-sources within contracts, and interoperability of heterogeneous IoT smart contracts. The essence of our approach is structuring the design of IoT smart contracts as self-contained software services, inspired by the microservice architecture model. The flexibility, scalability and modularity of this model make it an efficient approach for developing pervasive IoT smart contracts.

The Internet of Things (IoT) is an emerging technology, an extension of the traditional Internet which make everything is connected each other based on Radio Frequency Identification (RFID), Sensor, GPS or Machine to Machine technologies, etc. The security issues surrounding IoT have been of detrimental impact to its development and has consequently attracted research interest. However, there are very few approaches which assess the security of IoT from the perspective of an attacker. Penetration testing is widely used to evaluate traditional internet or systems security to date and it normally spends numerous cost and time. In this paper, we analyze the security problems of IoT and propose a penetration testing approach and its automation based on belief-desire-intention (BDI) model to evaluate the security of the IoT.

Personally Identifiable Information (PII) is information that can be used on its own or with other information to distinguish or trace an individual's identity. To investigate an application for PII tracking, a reverse engineer has to put considerable effort to reverse engineer an application and discover what an application does with PII. To automate this process and save reverse engineers substantial time and effort, we propose PIITracker which is a new and novel tool that can track PII automatically and capture if any processes are sending PII over the network. This is made possible by 1) whole-system dynamic information flow tracking 2) monitoring specific function and system calls. We analyzed 15 popular chat applications and browsers using PIITracker, and determined that 12 of these applications collect some form of PII.

This paper presents existing cryptographic technologies used by the IoT industry. Authors review security capabilities of existing IoT protocols such as LoRaWAN, IEE802.15.4, BLE and RF based. Authors also experiment with the cryptographic efficiency and energy consumption of existing cryptography algorithms, implemented on embedded systems. Authors evaluate the performance of 32bit single ARM cortex microprocessor, Atmel ATmega32u4 8-bit micro-controller and Parallella Xillix Zynq FPGA parallel co-processors. From the experimental results, authors signify the requirements of the next generation IoT security protocols and from their experimental results provide useful guidelines.

The paper deals with the implementation aspects of the bilinear pairing operation over an elliptic curve on constrained devices, such as smart cards, embedded devices, smart meters and similar devices. Although cryptographic constructions, such as group signatures, anonymous credentials or identity-based encryption schemes, often rely on the pairing operation, the implementation of such schemes into practical applications is not straightforward, in fact, it may become very difficult. In this paper, we show that the implementation is difficult not only due to the high computational complexity, but also due to the lack of cryptographic libraries and programming interfaces. In particular, we show how difficult it is to implement pairing-based schemes on constrained devices and show the performance of various libraries on different platforms. Furthermore, we show the performance estimates of fundamental cryptographic constructions, the group signatures. The purpose of this paper is to reduce the gap between the cryptographic designers and developers and give performance results that can be used for the estimation of the implementability and performance of novel, upcoming schemes.

The security level is very important in Bluetooth, because the network or devices using secure communication, are susceptible to many attacks against the transmitted data received through eavesdropping. The cryptosystem designers needs to know the complexity of the designed Bluetooth E0. And what the advantages given by any development performed on any known Bluetooth E0Encryption method. The most important criteria can be used in evaluation method is considered as an important aspect. This paper introduce a proposed fuzzy logic technique to evaluate the complexity of Bluetooth E0Encryption system by choosing two parameters, which are entropy and correlation rate, as inputs to proposed fuzzy logic based Evaluator, which can be applied with MATLAB system.

Public key infrastructure (PKI) is the foundation and core of network security construction. Blockchain (BC) has many technical characteristics, such as decentralization, impossibility of being tampered with and forged, which makes it have incomparable advantages in ensuring information credibility, security, traceability and other aspects of traditional technology. In this paper, a method of constructing PKI certificate system based on permissioned BC is proposed. The problems of multi-CA mutual trust, poor certificate configuration efficiency and single point failure in digital certificate system are solved by using the characteristics of BC distribution and non-tampering. At the same time, in order to solve the problem of identity privacy on BC, this paper proposes a privacy-aware PKI system based on permissioned BCs. This system is an anonymous digital certificate publishing scheme., which achieves the separation of user registration and authorization, and has the characteristics of anonymity and conditional traceability, so as to realize to protect user's identity privacy. The system meets the requirements of certificate security and anonymity, reduces the cost of CA construction, operation and maintenance in traditional PKI technology, and improves the efficiency of certificate application and configuration.

Collaborative smart services provide functionalities which exploit data collected from different sources to provide benefits to a community of users. Such data, however, might be privacy sensitive and their disclosure has to be avoided. In this paper, we present a distributed multi-tier framework intended for smart-environment management, based on usage control for policy evaluation and enforcement on devices belonging to different collaborating entities. The proposed framework exploits secure multi-party computation to evaluate policy conditions without disclosing actual value of evaluated attributes, to preserve privacy. As reference example, a smart-grid use case is presented.

In rural/remote areas, resource constrained smart micro-grid (RCSMG) architectures can offer a cost-effective power management and supply alternative to national power grid connections. RCSMG architectures handle communications over distributed lossy networks to minimize operation costs. However, the unreliable nature of lossy networks makes privacy an important consideration. Existing anonymisation works on data perturbation work mainly by distortion with additive noise. Apply these solutions to RCSMGs is problematic, because deliberate noise additions must be distinguishable both from system and adversarial generated noise. In this paper, we present a brief survey of privacy risks in RCSMGs centered on inference, and propose a method of mitigating these risks. The lesson here is that while RCSMGs give users more control over power management and distribution, good anonymisation is essential to protecting personal information on RCSMGs.

In the smart grid, residents' electricity usage needs to be periodically measured and reported for the purpose of better energy management. At the same time, real-time collection of residents' electricity consumption may unfavorably incur privacy leakage, which has motivated the research on privacy-preserving aggregation of electricity readings. Most previous studies either rely on a trusted third party (TTP) or suffer from expensive computation. In this paper, we first reveal the privacy flaws of a very recent scheme pursing privacy preservation without relying on the TTP. By presenting concrete attacks, we show that this scheme has failed to meet the design goals. Then, for better privacy protection, we construct a new scheme called PMDA, which utilizes Shamir's secret sharing to allow smart meters to negotiate aggregation parameters in the absence of a TTP. Using only lightweight cryptography, PMDA efficiently supports multi-functional aggregation of the electricity readings, and simultaneously preserves residents' privacy. Theoretical analysis is provided with regard to PMDA's security and efficiency. Moreover, experimental data obtained from a prototype indicates that our proposal is efficient and feasible for practical deployment.

In this paper, we propose a novel pseudo-random beamforming technique with beam selection for improving physical-layer security (PLS) in a downlink cellular network where consists of a base station (BS) with Ntantennas, NMSlegitimate mobile stations (MSs), and NEeavesdroppers. In the proposed technique, the BS generates multiple candidates of beamforming matrix each of which consists of orthogonal beamforming vectors in a pseudo-random manner. Each legitimate MS opportunistically feeds back the received signal-to-interference-and-noise ratio (SINR) value for all beamforming vectors to the BS. The BS transmits data to the legitimate MSs with the optimal beamforming matrix among multiple beam forming matrices that maximizes the secrecy sum-rate. Simulation results show that the proposed technique outperforms the conventional random beamforming technique in terms of the achievable secrecy sum-rate.

Post-quantum secure communication has attracted much interest in recent years. Known computationally secure post-quantum key agreement protocols are resource intensive for small devices. These devices may need to securely send frequent short messages, for example to report the measurement of a sensor. Secure communication using physical assumptions provides information-theoretic security (and so quantum-safe) with small computational over-head. Security and efficiency analysis of these systems however is asymptotic. In this poster we consider two secure message communication systems, and derive and compare their security and efficiency for finite length messages. Our results show that these systems indeed provide an attractive alternative for post-quantum security.

The interconnection of networks between several techno-socio-economic sectors such as energy, transport, and communication, questions the manageability and resilience of the digital society. System interdependencies alter the fundamental dynamics that govern isolated systems, which can unexpectedly trigger catastrophic instabilities such as cascading failures. This paper envisions a general-purpose, yet simple prototyping of self-management software systems that can turn system interdependencies from a cause of instability to an opportunity for higher resilience. Such prototyping proves to be challenging given the highly interdisciplinary scope of interdependent networks. Different system dynamics and organizational constraints such as the distributed nature of interdependent networks or the autonomy and authority of system operators over their controlled infrastructure perplex the design for a general prototyping approach, which earlier work has not yet addressed. This paper contributes such a modular design solution implemented as an open source software extension of SFINA, the Simulation Framework for Intelligent Network Adaptations. The applicability of the software artifact is demonstrated with the introduction of a novel self-healing mechanism for interdependent power networks, which optimizes power flow exchanges between a damaged and a healer network to mitigate power cascading failures. Results show a significant decrease in the damage spread by self-healing synergies, while the degree of interconnectivity between the power networks indicates a tradeoff between links survivability and load served. The contributions of this paper aspire to bring closer several research communities working on modeling and simulation of different domains with an economic and societal impact on the resilience of real-world interdependent networks.

Bitcoin mixing services improve anonymity by breaking the connection between Bitcoin addresses. In the darkweb environment, many illegal trades, such as in drugs or child pornography, avoid their transactions being traced by exploiting mixing services. Therefore, de-mixing algorithms are needed to identify illegal financial flows and to reduce criminal activity. Unfortunately, to the best of our knowledge, few studies on analyzing mixing services and de-anonymizing transactions have been proposed. In this paper, we conduct an in-depth analysis of real-world mixing services, and propose a de-mixing algorithm for Helix, one of the most widely used Bitcoin mixing services. The proposed algorithm de-anonymizes the relationship between the input and output addresses of mixing services by exploiting the static and dynamic parameters of mixing services. Our experiment showed that, we could identify the relationships between the input and output addresses of the Helix mixing service with a 99.14% accuracy rate.

Trusted computing is one of the main development trend in information security. However, there are still two limitations in existing trusted computing model. One is that the measurement process of the existing trusted computing model can be bypassed. Another is it lacks of effective runtime detection methods to protect the system, even the measurement process itself. In this paper, we introduce an active trusted model which can solve those two problems. Our active trusted computing model is comprised of two components: normal computation world and isolated security world. All the security tasks of active trusted computing model are assigned to the isolated security world. In this model, the static trusted measurement measures BIOS and operating system at the start-up of the computer system; and the dynamic trusted measurement measures the code segment, the data segment, and other critical structures actively and periodically at runtime. We have implemented a prototype of the active trusted computing model and done preliminary evaluation. Our experimental results show that this prototype can perform trusted computing on-the-fly effectively with an acceptable performance overhead.

Modern embedded computing devices are vulnerable against malware and software piracy due to insufficient security scrutiny and the complications of continuous patching. To detect malicious activity as well as protecting the integrity of executable software, it is necessary to monitor the operation of such devices. In this paper, we propose a disassembler based on power-based side-channel to analyze the real-time operation of embedded systems at instruction-level granularity. The proposed disassembler obtains templates from an original device (e.g., IoT home security system, smart thermostat, etc.) and utilizes machine learning algorithms to uniquely identify instructions executed on the device. The feature selection using Kullback-Leibler (KL) divergence and the dimensional reduction using PCA in the time-frequency domain are proposed to increase the identification accuracy. Moreover, a hierarchical classification framework is proposed to reduce the computational complexity associated with large instruction sets. In addition, covariate shifts caused by different environmental measurements and device-to-device variations are minimized by our covariate shift adaptation technique. We implement this disassembler on an AVR 8-bit microcontroller. Experimental results demonstrate that our proposed disassembler can recognize test instructions including register names with a success rate no lower than 99.03% with quadratic discriminant analysis (QDA).

Software agents represent an assured computing paradigm that tends to emerge to be an elegant technology to solve present day problems. The eminent Scientific Community has proved us with the usage or implementation of software agent's usage approach that simplifies the proposed solution in various types to solve the traditional computing problems arise. The proof of the same is implemented in several applications that exist based on this area of technology where the software agents have maximum benefits but on the same hand absence of the suitable security mechanisms that endures for systems that are based on representation of barriers exists in the paradigm with respect to present day industry. As the application proposing present security mechanisms is not a trivial one as the agent based system builders or developers who are not often security experts as they subsequently do not count on the area of expertise. This paper presents a novel approach for protecting the infrastructure for solving the issues considered to be malicious host in mobile agent system by implementing a secure protocol to migrate agents from host to host relying in various elements based on the enhanced Trusted Platforms Modules (TPM) for processing data. We use enhanced extension to the Java Agent Development framework (JADE) in our proposed system and a migrating protocol is used to validate the proposed framework (AVASPA).

Autonomous systems (ASes) on the Internet increasingly rely on Internet Exchange Points (IXPs) for peering. A single IXP may interconnect several 100s or 1000s of participants (ASes) all of which might peer with each other through BGP sessions. IXPs have addressed this scaling challenge through the use of route servers. However, route servers require participants to trust the IXP and reveal their policies, a drastic change from the accepted norm where all policies are kept private. In this paper we look at techniques to build route servers which provide the same functionality as existing route servers without requiring participants to reveal their policies thus preserving the status quo and enabling wider adoption of IXPs. Prior work has looked at secure multiparty computation (SMPC) as a means of implementing such route servers however this affects performance and reduces policy flexibility. In this paper we take a different tack and build on trusted execution environments (TEEs) such as Intel SGX to keep policies private and flexible. We present results from an initial route server implementation that runs under Intel SGX and show that our approach has 20x better performance than SMPC based approaches. Furthermore, we demonstrate that the additional privacy provided by our approach comes at minimal cost and our implementation is at worse 2.1x slower than a current route server implementation (and in some situations up to 2x faster).

As we are living in the era of big data, high volumes of wide varieties of data which may be of different veracity (e.g., precise data, imprecise and uncertain data) are easily generated or collected at a high velocity in many real-life applications. Embedded in these big data is valuable knowledge and useful information, which can be discovered by big data science solutions. As a popular data science task, frequent pattern mining aims to discover implicit, previously unknown and potentially useful information and valuable knowledge in terms of sets of frequently co-occurring merchandise items and/or events. Many of the existing frequent pattern mining algorithms use a transaction-centric mining approach to find frequent patterns from precise data. However, there are situations in which an item-centric mining approach is more appropriate, and there are also situations in which data are imprecise and uncertain. Hence, in this paper, we present an item-centric algorithm for mining frequent patterns from big uncertain data. In recent years, big data have been gaining the attention from the research community as driven by relevant technological innovations (e.g., clouds) and novel paradigms (e.g., social networks). As big data are typically published online to support knowledge management and fruition processes, these big data are usually handled by multiple owners with possible secure multi-part computation issues. Thus, privacy and security of big data has become a fundamental problem in this research context. In this paper, we present, not only an item-centric algorithm for mining frequent patterns from big uncertain data, but also a privacy-preserving algorithm. In other words, we present- in this paper-a privacy-preserving item-centric algorithm for mining frequent patterns from big uncertain data. Results of our analytical and empirical evaluation show the effectiveness of our algorithm in mining frequent patterns from big uncertain data in a privacy-preserving manner.