Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Privacy-preserving (4)
- Attribute-based encryption (3)
- Authentication (3)
- Blockchain (3)
- Efficiency (3)
-
- Privacy (3)
- Cloud computing (2)
- Cryptocurrency (2)
- Encryption (2)
- Searchable encryption (2)
- 2D/3D (1)
- Access control (1)
- Adaptive boosting (AdaBoost) (1)
- Additive secret sharing (1)
- Android Security (1)
- Android security (1)
- Anonymity (1)
- Attribute update (1)
- Attribute-based Key Exchange (1)
- Attribution (1)
- Auditing error (1)
- Authenticated key exchange (1)
- Authentication protocol flaws (1)
- Automated program analysis (1)
- BAN logic (1)
- Backscatter data (1)
- Batch authentication (1)
- Bitcoin (1)
- CCA security (1)
- Capacity expansion (1)
Articles 1 - 30 of 51
Full-Text Articles in Physical Sciences and Mathematics
Compositional Verification Of Heap-Manipulating Programs Through Property-Guided Learning, Long H. Pham, Jun Sun, Quang Loc Le
Compositional Verification Of Heap-Manipulating Programs Through Property-Guided Learning, Long H. Pham, Jun Sun, Quang Loc Le
Research Collection School Of Computing and Information Systems
Analyzing and verifying heap-manipulating programs automatically is challenging. A key for fighting the complexity is to develop compositional methods. For instance, many existing verifiers for heap-manipulating programs require user-provided specification for each function in the program in order to decompose the verification problem. The requirement, however, often hinders the users from applying such tools. To overcome the issue, we propose to automatically learn heap-related program invariants in a property-guided way for each function call. The invariants are learned based on the memory graphs observed during test execution and improved through memory graph mutation. We implemented a prototype of our approach …
The Information Disclosure Trilemma: Privacy, Attribution And Dependency, Ping Fan Ke
The Information Disclosure Trilemma: Privacy, Attribution And Dependency, Ping Fan Ke
Research Collection School Of Computing and Information Systems
Information disclosure has been an important mechanism to increase transparency and welfare in various contexts, from rating a restaurant to whistleblowing the wrongdoing of government agencies. Yet, the author often needs to be sacrificed during information disclosure process – an anonymous disclosure will forgo the reputation and compensation whereas an identifiable disclosure will face the threat of retaliation. On the other hand, the adoption of privacy-enhancing technologies (PETs) lessens the tradeoff between privacy and attribution while introducing dependency and potential threats. This study will develop the desirable design principles and possible threats of an information disclosure system, and discuss how …
An Empirical Study Of Sms One-Time Password Authentication In Android Apps, Siqi Ma, Runhan Feng, Juanru Li, Yang Liu, Surya Nepal, Elisa Bertino, Robert H. Deng, Zhuo Ma, Sanjay Jha
An Empirical Study Of Sms One-Time Password Authentication In Android Apps, Siqi Ma, Runhan Feng, Juanru Li, Yang Liu, Surya Nepal, Elisa Bertino, Robert H. Deng, Zhuo Ma, Sanjay Jha
Research Collection School Of Computing and Information Systems
A great quantity of user passwords nowadays has been leaked through security breaches of user accounts. To enhance the security of the Password Authentication Protocol (PAP) in such circumstance, Android app developers often implement a complementary One-Time Password (OTP) authentication by utilizing the short message service (SMS). Unfortunately, SMS is not specially designed as a secure service and thus an SMS One-Time Password is vulnerable to many attacks. To check whether a wide variety of currently used SMS OTP authentication protocols in Android apps are properly implemented, this paper presents an empirical study against them. We first derive a set …
Appmod: Helping Older Adults Manage Mobile Security With Online Social Help, Zhiyuan Wan, Lingfeng Bao, Debin Gao, Eran Toch, Xin Xia, Tamir Mendel, David Lo
Appmod: Helping Older Adults Manage Mobile Security With Online Social Help, Zhiyuan Wan, Lingfeng Bao, Debin Gao, Eran Toch, Xin Xia, Tamir Mendel, David Lo
Research Collection School Of Computing and Information Systems
The rapid adoption of Smartphone devices has caused increasing security and privacy risks and breaches. Catching up with ever-evolving contemporary smartphone technology challenges leads older adults (aged 50+) to reduce or to abandon their use of mobile technology. To tackle this problem, we present AppMoD, a community-based approach that allows delegation of security and privacy decisions a trusted social connection, such as a family member or a close friend. The trusted social connection can assist in the appropriate decision or make it on behalf of the user. We implement the approach as an Android app and describe the results of …
Strongly Leakage Resilient Authenticated Key Exchange, Revisited, Guomin Yang, Rongmao Chen, Yi Mu, Willy Susilo, Guo Fuchun, Jie Li
Strongly Leakage Resilient Authenticated Key Exchange, Revisited, Guomin Yang, Rongmao Chen, Yi Mu, Willy Susilo, Guo Fuchun, Jie Li
Research Collection School Of Computing and Information Systems
Authenticated Key Exchange (AKE) protocols allow two (or multiple) parties to authenticate each other and agree on a common secret key, which is essential for establishing a secure communication channel over a public network. AKE protocols form a central component in many network security standards such as IPSec, TLS/SSL, and SSH. However, it has been demonstrated that many standardized AKE protocols are vulnerable to side-channel and key leakage attacks. In order to defend against such attacks, leakage resilient (LR-) AKE protocols have been proposed in the literature. Nevertheless, most of the existing LR-AKE protocols only focused on the resistance to …
Learning-Guided Network Fuzzing For Testing Cyber-Physical System Defences, Yuqi Chen, Chris Poskitt, Jun Sun, Sridhar Adepu, Fan Zhang
Learning-Guided Network Fuzzing For Testing Cyber-Physical System Defences, Yuqi Chen, Chris Poskitt, Jun Sun, Sridhar Adepu, Fan Zhang
Research Collection School Of Computing and Information Systems
The threat of attack faced by cyber-physical systems (CPSs), especially when they play a critical role in automating public infrastructure, has motivated research into a wide variety of attack defence mechanisms. Assessing their effectiveness is challenging, however, as realistic sets of attacks to test them against are not always available. In this paper, we propose smart fuzzing, an automated, machine learning guided technique for systematically finding 'test suites' of CPS network attacks, without requiring any knowledge of the system's control programs or physical processes. Our approach uses predictive machine learning models and metaheuristic search algorithms to guide the fuzzing of …
Data Security Issues In Deep Learning: Attacks, Countermeasures, And Opportunities, Guowen Xu, Hongwei Li, Hao Ren, Kan Yang, Robert H. Deng
Data Security Issues In Deep Learning: Attacks, Countermeasures, And Opportunities, Guowen Xu, Hongwei Li, Hao Ren, Kan Yang, Robert H. Deng
Research Collection School Of Computing and Information Systems
Benefiting from the advancement of algorithms in massive data and powerful computing resources, deep learning has been explored in a wide variety of fields and produced unparalleled performance results. It plays a vital role in daily applications and is also subtly changing the rules, habits, and behaviors of society. However, inevitably, data-based learning strategies are bound to cause potential security and privacy threats, and arouse public as well as government concerns about its promotion to the real world. In this article, we mainly focus on data security issues in deep learning. We first investigate the potential threats of deep learning …
Concolic Testing Heap-Manipulating Programs, Long H. Pham, Quang Loc Le, Quoc-Sang Phan, Jun Sun
Concolic Testing Heap-Manipulating Programs, Long H. Pham, Quang Loc Le, Quoc-Sang Phan, Jun Sun
Research Collection School Of Computing and Information Systems
Concolic testing is a test generation technique which works effectively by integrating random testing generation and symbolic execution. Existing concolic testing engines focus on numeric programs. Heap-manipulating programs make extensive use of complex heap objects like trees and lists. Testing such programs is challenging due to multiple reasons. Firstly, test inputs for such program are required to satisfy non-trivial constraints which must be specified precisely. Secondly, precisely encoding and solving path conditions in such programs are challenging and often expensive. In this work, we propose the first concolic testing engine called CSF for heap-manipulating programs based on separation logic. CSF …
Esdra: An Efficient And Secure Distributed Remote Attestation Scheme For Iot Swarms, Boyu Kuang, Anmin Fu, Shui Yu, Guomin Yang, Mang Su, Yuqing Zhang
Esdra: An Efficient And Secure Distributed Remote Attestation Scheme For Iot Swarms, Boyu Kuang, Anmin Fu, Shui Yu, Guomin Yang, Mang Su, Yuqing Zhang
Research Collection School Of Computing and Information Systems
An Internet of Things (IoT) system generally contains thousands of heterogeneous devices which often operate in swarms-large, dynamic, and self-organizing networks. Remote attestation is an important cornerstone for the security of these IoT swarms, as it ensures the software integrity of swarm devices and protects them from attacks. However, current attestation schemes suffer from single point of failure verifier. In this paper, we propose an Efficient and Secure Distributed Remote Attestation (ESDRA) scheme for IoT swarms. We present the first many-to-one attestation scheme for device swarms, which reduces the possibility of single point of failure verifier. Moreover, we utilize distributed …
Enhancing Symbolic Execution Of Heap-Based Programs With Separation Logic For Test Input Generation, Long H. Pham, Quang Loc Le, Quoc-Sang Phan, Jun Sun, Shengchao Qin
Enhancing Symbolic Execution Of Heap-Based Programs With Separation Logic For Test Input Generation, Long H. Pham, Quang Loc Le, Quoc-Sang Phan, Jun Sun, Shengchao Qin
Research Collection School Of Computing and Information Systems
Symbolic execution is a well established method for test input generation. Despite of having achieved tremendous success over numerical domains, existing symbolic execution techniques for heap-based programs are limited due to the lack of a succinct and precise description for symbolic values over unbounded heaps. In this work, we present a new symbolic execution method for heap-based programs based on separation logic. The essence of our proposal is context-sensitive lazy initialization, a novel approach for efficient test input generation. Our approach differs from existing approaches in two ways. Firstly, our approach is based on separation logic, which allows us to …
Finding Flaws From Password Authentication Code In Android Apps, Siqi Ma, Elisa Bertino, Surya Nepal, Jianru Li, Ostry Diethelm, Robert H. Deng, Sanjay Jha
Finding Flaws From Password Authentication Code In Android Apps, Siqi Ma, Elisa Bertino, Surya Nepal, Jianru Li, Ostry Diethelm, Robert H. Deng, Sanjay Jha
Research Collection School Of Computing and Information Systems
Password authentication is widely used to validate users’ identities because it is convenient to use, easy for users to remember, and simple to implement. The password authentication protocol transmits passwords in plaintext, which makes the authentication vulnerable to eavesdropping and replay attacks, and several protocols have been proposed to protect against this. However, we find that secure password authentication protocols are often implemented incorrectly in Android applications (apps). To detect the implementation flaws in password authentication code, we propose GLACIATE, a fully automated tool combining machine learning and program analysis. Instead of creating detection templates/rules manually, GLACIATE automatically and accurately …
A Lattice-Based Linkable Ring Signature Supporting Stealth Addresses, Zhen Liu, Khoa Nguyen, Guomin Yang, Huaxiong Wang, Duncan S. Wong
A Lattice-Based Linkable Ring Signature Supporting Stealth Addresses, Zhen Liu, Khoa Nguyen, Guomin Yang, Huaxiong Wang, Duncan S. Wong
Research Collection School Of Computing and Information Systems
First proposed in CryptoNote, a collection of popular privacy-centric cryptocurrencies have employed Linkable Ring Signature and a corresponding Key Derivation Mechanism (KeyDerM) for keeping the payer and payee of a transaction anonymous and unlinkable. The KeyDerM is used for generating a fresh signing key and the corresponding public key, referred to as a stealth address, for the transaction payee. The stealth address will then be used in the linkable ring signature next time when the payee spends the coin. However, in all existing works, including Monero, the privacy model only considers the two cryptographic primitives separately. In addition, to be …
Efficient Oblivious Transfer With Membership Verification, Weiwei Liu, Dazhi Sun, Yangguang Tian
Efficient Oblivious Transfer With Membership Verification, Weiwei Liu, Dazhi Sun, Yangguang Tian
Research Collection School Of Computing and Information Systems
In this article, we introduce a new concept of oblivious transfer with membership verification that allows any legitimate group users to obtain services from a service provider in an oblivious manner. We present two oblivious transfer with membership verification schemes, differing in design. In the first scheme, a trusted group manager issues credentials for a pre-determined group of users so that the group of users with a valid group credential can obtain services from the service provider, while the choices made by group users remain oblivious to the service provider. The second scheme avoids the trusted group manager, which allows …
Puncturable Proxy Re-Encryption Supporting To Group Messaging Service, Tran Viet Xuan Phuong, Willy Susilo, Jongkil Kim, Guomin Yang, Dongxi Liu
Puncturable Proxy Re-Encryption Supporting To Group Messaging Service, Tran Viet Xuan Phuong, Willy Susilo, Jongkil Kim, Guomin Yang, Dongxi Liu
Research Collection School Of Computing and Information Systems
This work envisions a new encryption primitive for many-to-many paradigms such as group messaging systems. Previously, puncturable encryption (PE) was introduced to provide forward security for asynchronous messaging services. However, existing PE schemes were proposed only for one-to-one communication, and causes a significant overhead for a group messaging system. In fact, the group communication over PE can only be achieved by encrypting a message multiple times for each receiver by the sender’s device, which is usually suitable to restricted resources such as mobile phones or sensor devices. Our new suggested scheme enables to re-encrypt ciphertexts of puncturable encryption by a …
Automatic Generation Of Non-Intrusive Updates For Third-Party Libraries In Android Applications, Yue Duan, Lian Gao, Jie Hu, Heng Yin
Automatic Generation Of Non-Intrusive Updates For Third-Party Libraries In Android Applications, Yue Duan, Lian Gao, Jie Hu, Heng Yin
Research Collection School Of Computing and Information Systems
Third-Party libraries, which are ubiquitous in Android apps,have exposed great security threats to end users as they rarelyget timely updates from the app developers, leaving manysecurity vulnerabilities unpatched. This issue is due to thefact that manually updating libraries can be technically nontrivialand time-consuming for app developers. In this paper,we propose a technique that performs automatic generationof non-intrusive updates for third-party libraries in Androidapps. Given an Android app with an outdated library and anewer version of the library, we automatically update the oldlibrary in a way that is guaranteed to be fully backward compatibleand imposes zero impact to the library’s interactionswith …
Be Sensitive And Collaborative: Analyzing Impact Of Coverage Metrics In Greybox Fuzzing, Jinghan Wang, Yue Duan, Wei Song, Heng Yin, Chengyu Song
Be Sensitive And Collaborative: Analyzing Impact Of Coverage Metrics In Greybox Fuzzing, Jinghan Wang, Yue Duan, Wei Song, Heng Yin, Chengyu Song
Research Collection School Of Computing and Information Systems
Coverage-guided greybox fuzzing has become one of the most common techniques for finding software bugs. Coverage metric, which decides how a fuzzer selects new seeds, is an essential parameter of fuzzing and can significantly affect the results. While there are many existing works on the effectiveness of different coverage metrics on software testing, little is known about how different coverage metrics could actually affect the fuzzing results in practice. More importantly, it is unclear whether there exists one coverage metric that is superior to all the other metrics. In this paper, we report the first systematic study on the impact …
Lightweight Fine-Grained Search Over Encrypted Data In Fog Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Jian Weng, Hongwei Li, Hui Li
Lightweight Fine-Grained Search Over Encrypted Data In Fog Computing, Yinbin Miao, Jianfeng Ma, Ximeng Liu, Jian Weng, Hongwei Li, Hui Li
Research Collection School Of Computing and Information Systems
Fog computing, as an extension of cloud computing, outsources the encrypted sensitive data to multiple fog nodes on the edge of Internet of Things (IoT) to decrease latency and network congestion. However, the existing ciphertext retrieval schemes rarely focus on the fog computing environment and most of them still impose high computational and storage overhead on resource-limited end users. In this paper, we first present a Lightweight Fine-Grained ciphertexts Search (LFGS) system in fog computing by extending Ciphertext-Policy Attribute-Based Encryption (CP-ABE) and Searchable Encryption (SE) technologies, which can achieve fine-grained access control and keyword search simultaneously. The LFGS can shift …
Latent Error Prediction And Fault Localization For Microservice Applications By Learning From System Trace Logs, Xiang Zhou, Xin Peng, Tao Xie, Jun Sun, Chao Ji, Dewei Liu, Qilin Xiang, Chuan He
Latent Error Prediction And Fault Localization For Microservice Applications By Learning From System Trace Logs, Xiang Zhou, Xin Peng, Tao Xie, Jun Sun, Chao Ji, Dewei Liu, Qilin Xiang, Chuan He
Research Collection School Of Computing and Information Systems
In the production environment, a large part of microservice failures are related to the complex and dynamic interactions and runtime environments, such as those related to multiple instances, environmental configurations, and asynchronous interactions of microservices. Due to the complexity and dynamism of these failures, it is often hard to reproduce and diagnose them in testing environments. It is desirable yet still challenging that these failures can be detected and the faults can be located at runtime of the production environment to allow developers to resolve them efficiently. To address this challenge, in this paper, we propose MEPFL, an approach of …
A Secure Iot Cloud Storage System With Fine-Grained Access Control And Decryption Key Exposure Resistance, Shengmin Xu, Guomin Yang, Yi Mu, Ximeng Liu
A Secure Iot Cloud Storage System With Fine-Grained Access Control And Decryption Key Exposure Resistance, Shengmin Xu, Guomin Yang, Yi Mu, Ximeng Liu
Research Collection School Of Computing and Information Systems
Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be well addressed in order to allow the wide adoption of the approach. To protect data confidentiality, attribute-based cryptosystems have been proposed to provide fine-grained access control over encrypted data in loT cloud. Unfortunately, the existing attributed-based solutions are still insufficient in addressing some challenging security problems, especially when dealing with compromised or leaked user …
Control-Flow Carrying Code, Yan Lin, Debin Gao
Control-Flow Carrying Code, Yan Lin, Debin Gao
Research Collection School Of Computing and Information Systems
Control-Flow Integrity (CFI) is an effective approach in mitigating control-flow hijacking attacks including code-reuse attacks. Most conventional CFI techniques use memory page protection mechanism, Data Execution Prevention (DEP), as an underlying basis. For instance, CFI defenses use read-only address tables to avoid metadata corruption. However, this assumption has shown to be invalid with advanced attacking techniques, such as Data-Oriented Programming, data race, and Rowhammer attacks. In addition, there are scenarios in which DEP is unavailable, e.g., bare-metal systems and applications with dynamically generated code. We present the design and implementation of Control-Flow Carrying Code (C3), a new CFI enforcement without …
Dynopvm: Vm-Based Software Obfuscation With Dynamic Opcode Mapping, Xiaoyang Cheng, Yan Lin, Debin Gao
Dynopvm: Vm-Based Software Obfuscation With Dynamic Opcode Mapping, Xiaoyang Cheng, Yan Lin, Debin Gao
Research Collection School Of Computing and Information Systems
VM-based software obfuscation has emerged as an effective technique for program obfuscation. Despite various attempts in improving its effectiveness and security, existing VM-based software obfuscators use potentially multiple but static secret mappings between virtual and native opcodes to hide the underlying instructions. In this paper, we present an attack using frequency analysis to effectively recover the secret mapping to compromise the protection, and then propose a novel VM-based obfuscator in which each basic block uses a dynamic and control-flow-aware mapping between the virtual and native instructions. We show that our proposed VM-based obfuscator not only renders the frequency analysis attack …
The Wiener Attack On Rsa Revisited: A Quest For The Exact Bound, Willy Susilo, Joseph Tonien, Guomin Yang
The Wiener Attack On Rsa Revisited: A Quest For The Exact Bound, Willy Susilo, Joseph Tonien, Guomin Yang
Research Collection School Of Computing and Information Systems
Since Wiener pointed out that the RSA can be broken if the private exponent d is relatively small compared to the modulus N (using the continued fraction technique), it has been a general belief that the Wiener attack works for. On the contrary, in this work, we give an example where the Wiener attack fails with, thus, showing that the bound is not accurate as it has been thought of. By using the classical Legendre Theorem on continued fractions, in 1999 Boneh provided the first rigorous proof which showed that the Wiener attack works for. However, the question remains whether …
The Chilling Effect Of Enforcement Of Computer Misuse: Evidences From Online Hacker Forums, Qiu-Hong Wang, Rui-Bin Geng, Seung Hyun Kim
The Chilling Effect Of Enforcement Of Computer Misuse: Evidences From Online Hacker Forums, Qiu-Hong Wang, Rui-Bin Geng, Seung Hyun Kim
Research Collection School Of Computing and Information Systems
To reduce the availability of hacking tools for violators in committing cybersecurity offences, many countries have enacted the legislation to criminalize the production, distribution and possession of computer misuse tools with offensive intent. However, the dual-use nature of cybersecurity technology increases the difficulty in the legal process to recognize computer misuse tools and predict their harmful outcome, which leads to unintended impacts of the enforcement on the provision of techniques valuable for information security defence. Leveraging an external shock in online hacker forums, this study examines the potential impacts of the enforcement of computer misuse on users' contribution to information …
Towards Understanding Android System Vulnerabilities: Techniques And Insights, Daoyuan Wu, Debin Gao, Eric K. T. Cheng, Yichen Cao, Jintao Jiang, Robert H. Deng
Towards Understanding Android System Vulnerabilities: Techniques And Insights, Daoyuan Wu, Debin Gao, Eric K. T. Cheng, Yichen Cao, Jintao Jiang, Robert H. Deng
Research Collection School Of Computing and Information Systems
As a common platform for pervasive devices, Android has been targeted by numerous attacks that exploit vulnerabilities in its apps and the operating system. Compared to app vulnerabilities, systemlevel vulnerabilities in Android, however, were much less explored in the literature. In this paper, we perform the first systematic study of Android system vulnerabilities by comprehensively analyzing all 2,179 vulnerabilities on the Android Security Bulletin program over about three years since its initiation in August 2015. To this end, we propose an automatic analysis framework, upon a hierarchical database structure, to crawl, parse, clean, and analyze vulnerability reports and their publicly …
Securing Messaging Services Through Efficient Signcryption With Designated Equality Test, Yujue Wang, Hwee Hwa Pang, Robert H. Deng, Yong Ding, Qianhong Wu, Bo Qin
Securing Messaging Services Through Efficient Signcryption With Designated Equality Test, Yujue Wang, Hwee Hwa Pang, Robert H. Deng, Yong Ding, Qianhong Wu, Bo Qin
Research Collection School Of Computing and Information Systems
To address security and privacy issues in messaging services, we present a public key signcryption scheme with designated equality test on ciphertexts (PKS-DET) in this paper. The scheme enables a sender to simultaneously encrypt and sign (signcrypt) messages, and to designate a tester to perform equality test on ciphertexts, i.e., to determine whether two ciphertexts signcrypt the same underlying plaintext message. We introduce the PKS-DET framework, present a concrete construction and formally prove its security against three types of adversaries, representing two security requirements on message confidentiality against outsiders and the designated tester, respectively, and a requirement on message unforgeability …
Oblidc: An Sgx-Based Oblivious Distributed Computing Framework With Formal Proof, Pengfei Wu, Qingni Shen, Robert H. Deng, Ximeng Liu, Yinghui Zhang, Zhonghai Wu
Oblidc: An Sgx-Based Oblivious Distributed Computing Framework With Formal Proof, Pengfei Wu, Qingni Shen, Robert H. Deng, Ximeng Liu, Yinghui Zhang, Zhonghai Wu
Research Collection School Of Computing and Information Systems
Data privacy is becoming one of the most critical concerns in cloud computing. Several proposals based on Intel SGX such as VC3 and M2R have been introduced in the literature to protect data privacy during job execution in the cloud. However, a comprehensive formal proof of their security guarantees is still lacking. In this paper, we propose ObliDC, a general UC-secure SGX-based oblivious distributed computing framework. First, we model the life-cycle of a distributed computing job as data-flow graphs. Under the assumption of malicious, adaptive adversaries in the cloud, we then formally define data privacy of a distributed computing job …
A Closer Look Tells More: A Facial Distortion Based Liveness Detection For Face Authentication, Yan Li, Zilong Wang, Yingjiu Li, Robert H. Deng, Binbin Chen, Weizhi Meng, Hui Li
A Closer Look Tells More: A Facial Distortion Based Liveness Detection For Face Authentication, Yan Li, Zilong Wang, Yingjiu Li, Robert H. Deng, Binbin Chen, Weizhi Meng, Hui Li
Research Collection School Of Computing and Information Systems
Face authentication is vulnerable to media-based virtual face forgery (MVFF) where adversaries display photos/videos or 3D virtual face models of victims to spoof face authentication systems. In this paper, we propose a liveness detection mechanism, called FaceCloseup, to protect the face authentication on mobile devices. FaceCloseup detects MVFF-based attacks by analyzing the distortion of face regions in a user's closeup facial videos captured by built-in camera on mobile device. It can detect MVFF-based attacks with an accuracy of 99.48%.
Splitsecond: Flexible Privilege Separation Of Android Apps, Jehyun Lee, Akshaya Venkateswara Venkateswara Raja, Debin Gao
Splitsecond: Flexible Privilege Separation Of Android Apps, Jehyun Lee, Akshaya Venkateswara Venkateswara Raja, Debin Gao
Research Collection School Of Computing and Information Systems
Android applications have been attractive targets to attackers due to the large number of users and the sensitive information they possess. After the success of the first step of an attack exploiting a software vulnerability, the consequential damage is primarily determined by the criticality and the amount of Android permissions that a victim application has. As a countermeasure, process separation techniques that isolate potentially vulnerable components — usually native libraries — from the critical data and permissions, have been proposed. However, existing techniques offer little flexibility in the separation, e.g., with all native code being placed into one process without …
Pruneable Sharding-Based Blockchain Protocol, Xiaoqin Feng, Jianfeng Ma, Yinbin Miao, Qian Meng, Ximeng Liu, Qi Jiang, Hui Li
Pruneable Sharding-Based Blockchain Protocol, Xiaoqin Feng, Jianfeng Ma, Yinbin Miao, Qian Meng, Ximeng Liu, Qi Jiang, Hui Li
Research Collection School Of Computing and Information Systems
As a distributed ledger technology, the block-chain has gained much attention from both the industrical and academical fields, but most of the existing blockchain protocols still have the cubical dilatation problem. Although the latest Rollerchain has mitigated this issue by changing the blockheader's contents, the low efficiency, severe capacity expansion and non-scalability problems still hinder the adoption of Rollerchain in practice. To this end, we present the pruneable sharding-based blockchain protocol by utilizing the sharding technique and PBFT(Practical Byzantine Fault Tolerance) algorithm in the improved Rollerchain, which has high efficiency, slow cubical dilatation, small capacity expansion and high scalability. Moreover, …
A Scalable Approach To Joint Cyber Insurance And Security-As-A-Service Provisioning In Cloud Computing, Jonathan David Chase, Dusit Niyato, Ping Wang, Sivadon Chaisiri, Ryan K. L. Ko
A Scalable Approach To Joint Cyber Insurance And Security-As-A-Service Provisioning In Cloud Computing, Jonathan David Chase, Dusit Niyato, Ping Wang, Sivadon Chaisiri, Ryan K. L. Ko
Research Collection School Of Computing and Information Systems
As computing services are increasingly cloud-based, corporations are investing in cloud-based security measures. The Security-as-a-Service (SECaaS) paradigm allows customers to outsource security to the cloud, through the payment of a subscription fee. However, no security system is bulletproof, and even one successful attack can result in the loss of data and revenue worth millions of dollars. To guard against this eventuality, customers may also purchase cyber insurance to receive recompense in the case of loss. To achieve cost effectiveness, it is necessary to balance provisioning of security and insurance, even when future costs and risks are uncertain. To this end, …