Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 24 of 24
Full-Text Articles in Physical Sciences and Mathematics
Attribute-Hiding Fuzzy Encryption For Privacy-Preserving Data Evaluation, Zhenhua Chen, Luqi Huang, Guomin Yang, Willy Susilo, Xingbing Fu, Xingxing Jia
Attribute-Hiding Fuzzy Encryption For Privacy-Preserving Data Evaluation, Zhenhua Chen, Luqi Huang, Guomin Yang, Willy Susilo, Xingbing Fu, Xingxing Jia
Research Collection School Of Computing and Information Systems
Privacy-preserving data evaluation is one of the prominent research topics in the big data era. In many data evaluation applications that involve sensitive information, such as the medical records of patients in a medical system, protecting data privacy during the data evaluation process has become an essential requirement. Aiming at solving this problem, numerous fuzzy encryption systems for different similarity metrics have been proposed in literature. Unfortunately, the existing fuzzy encryption systems either fail to achieve attribute-hiding or achieve it, but are impractical. In this paper, we propose a new fuzzy encryption scheme for privacy-preserving data evaluation based on overlap …
Stealthy Backdoor Attack For Code Models, Zhou Yang, Bowen Xu, Jie M. Zhang, Hong Jin Kang, Jieke Shi, Junda He, David Lo
Stealthy Backdoor Attack For Code Models, Zhou Yang, Bowen Xu, Jie M. Zhang, Hong Jin Kang, Jieke Shi, Junda He, David Lo
Research Collection School Of Computing and Information Systems
Code models, such as CodeBERT and CodeT5, offer general-purpose representations of code and play a vital role in supporting downstream automated software engineering tasks. Most recently, code models were revealed to be vulnerable to backdoor attacks. A code model that is backdoor-attacked can behave normally on clean examples but will produce pre-defined malicious outputs on examples injected with that activate the backdoors. Existing backdoor attacks on code models use unstealthy and easy-to-detect triggers. This paper aims to investigate the vulnerability of code models with backdoor attacks. To this end, we propose A (dversarial eature as daptive Back). A achieves stealthiness …
Privacy-Preserving Bloom Filter-Based Keyword Search Over Large Encrypted Cloud Data, Yanrong Liang, Jianfeng Ma, Yinbin Miao, Da Kuang, Xiangdong Meng, Robert H. Deng
Privacy-Preserving Bloom Filter-Based Keyword Search Over Large Encrypted Cloud Data, Yanrong Liang, Jianfeng Ma, Yinbin Miao, Da Kuang, Xiangdong Meng, Robert H. Deng
Research Collection School Of Computing and Information Systems
To achieve the search over encrypted data in cloud server, Searchable Encryption (SE) has attracted extensive attention from both academic and industrial fields. The existing Bloom filter-based SE schemes can achieve similarity search, but will generally incur high false positive rates, and even leak the privacy of values in Bloom filters (BF). To solve the above problems, we first propose a basic Privacy-preserving Bloom filter-based Keyword Search scheme using the Circular Shift and Coalesce-Bloom Filter (CSC-BF) and Symmetric-key Hidden Vector Encryption (SHVE) technology (namely PBKS), which can achieve effective search while protecting the values in BFs. Then, we design a …
Decentralized Multimedia Data Sharing In Iov: A Learning-Based Equilibrium Of Supply And Demand, Jiani Fan, Minrui Xu, Jiale Guo, Lwin Khin Shar, Jiawen Kang, Dusit Niyato, Kwok-Yan Lam
Decentralized Multimedia Data Sharing In Iov: A Learning-Based Equilibrium Of Supply And Demand, Jiani Fan, Minrui Xu, Jiale Guo, Lwin Khin Shar, Jiawen Kang, Dusit Niyato, Kwok-Yan Lam
Research Collection School Of Computing and Information Systems
The Internet of Vehicles (IoV) has great potential to transform transportation systems by enhancing road safety, reducing traffic congestion, and improving user experience through onboard infotainment applications. Decentralized data sharing can improve security, privacy, reliability, and facilitate infotainment data sharing in IoVs. However, decentralized data sharing may not achieve the expected efficiency if there are IoV users who only want to consume the shared data but are not willing to contribute their own data to the community, resulting in incomplete information observed by other vehicles and infrastructure, which can introduce additional transmission latency. Therefore, in this paper, by modeling the …
Ranked Keyword Search Over Encrypted Cloud Data Through Machine Learning Method, Yinbin Miao, Wei Zheng, Xiaohua Jia, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng
Ranked Keyword Search Over Encrypted Cloud Data Through Machine Learning Method, Yinbin Miao, Wei Zheng, Xiaohua Jia, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng
Research Collection School Of Computing and Information Systems
Ranked keyword search over encrypted data has been extensively studied in cloud computing as it enables data users to find the most relevant results quickly. However, existing ranked multi-keyword search solutions cannot achieve efficient ciphertext search and dynamic updates with forward security simultaneously. To solve the above problems, we first present a basic Machine Learning-based Ranked Keyword Search (ML-RKS) scheme in the static setting by using the k-means clustering algorithm and a balanced binary tree. ML-RKS reduces the search complexity without sacrificing the search accuracy, but is still vulnerable to forward security threats when applied in the dynamic setting. Then, …
Verifytl: Secure And Verifiable Collaborative Transfer Learning, Zhuoran Ma, Jianfeng Ma, Yinbin Miao, Ximeng Liu, Wei Zheng, Kim-Kwang Raymond Choo, Robert H. Deng
Verifytl: Secure And Verifiable Collaborative Transfer Learning, Zhuoran Ma, Jianfeng Ma, Yinbin Miao, Ximeng Liu, Wei Zheng, Kim-Kwang Raymond Choo, Robert H. Deng
Research Collection School Of Computing and Information Systems
Getting access to labeled datasets in certain sensitive application domains can be challenging. Hence, one may resort to transfer learning to transfer knowledge learned from a source domain with sufficient labeled data to a target domain with limited labeled data. However, most existing transfer learning techniques only focus on one-way transfer which may not benefit the source domain. In addition, there is the risk of a malicious adversary corrupting a number of domains, which can consequently result in inaccurate prediction or privacy leakage. In this paper, we construct a secure and Verif iable collaborative T ransfer L earning scheme, VerifyTL, …
Reks: Role-Based Encrypted Keyword Search With Enhanced Access Control For Outsourced Cloud Data, Yibin Miao, Feng Li, Xiaohua Jia, Huaxiong Wang, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng
Reks: Role-Based Encrypted Keyword Search With Enhanced Access Control For Outsourced Cloud Data, Yibin Miao, Feng Li, Xiaohua Jia, Huaxiong Wang, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng
Research Collection School Of Computing and Information Systems
Keyword-based search over encrypted data is an important technique to achieve both data confidentiality and utilization in cloud outsourcing services. While commonly used access control mechanisms, such as identity-based encryption and attribute-based encryption, do not generally scale well for hierarchical access permissions. To solve this problem, we propose a Role-based Encrypted Keyword Search (REKS) scheme by using the role-based access control and broadcast encryption. Specifically, REKS allows owners to deploy hierarchical access control by allowing users with parent roles to have access permissions from child roles. Using REKS, we further facilitate token generation preprocessing and efficient user management, thereby significantly …
An Exploratory Study Of Social Support Systems To Help Older Adults In Managing Mobile Safety, Tamir Mendel, Debin Gao, David Lo, Eran Toch
An Exploratory Study Of Social Support Systems To Help Older Adults In Managing Mobile Safety, Tamir Mendel, Debin Gao, David Lo, Eran Toch
Research Collection School Of Computing and Information Systems
Older adults face increased safety challenges, such as targeted online fraud and phishing, contributing to the growing technological divide between them and younger adults. Social support from family and friends is often the primary way older adults receive help, but it may also lead to reliance on others. We have conducted an exploratory study to investigate older adults' attitudes and experiences related to mobile social support technologies for mobile safety. We interviewed 18 older adults about their existing support and used the think-aloud method to gather data about a prototype for providing social support during mobile safety challenges. Our findings …
Privacy Preserving Search Services Against Online Attack, Yi Zhao, Jianting Nian, Kaitai Liang, Yanqi Zhao, Liqun Chen, Bo Yang
Privacy Preserving Search Services Against Online Attack, Yi Zhao, Jianting Nian, Kaitai Liang, Yanqi Zhao, Liqun Chen, Bo Yang
Research Collection School Of Computing and Information Systems
Searchable functionality is provided in many online services such as mail services or outsourced data storage. To protect users privacy, data in these services is usually stored after being encrypted using searchable encryption. This enables the data user to securely search encrypted data from a remote server without leaking data and query information. Public key encryption with keyword search is one of the research branches of searchable encryption; this provides privacy-preserving searchable functionality for applications such as encrypted email systems. However, it has an inherent vulnerability in that the information of a query may be leaked using a keyword guessing …
Secure Smart Health With Privacy-Aware Aggregate Authentication And Access Control In Internet Of Things, Yinghui Zhang, Robert H. Deng, Gang Han, Dong Zheng
Secure Smart Health With Privacy-Aware Aggregate Authentication And Access Control In Internet Of Things, Yinghui Zhang, Robert H. Deng, Gang Han, Dong Zheng
Research Collection School Of Computing and Information Systems
With the rapid technological advancements in the Internet of Things (IoT), wireless communication and cloud computing, smart health is expected to enable comprehensive and qualified healthcare services. It is important to ensure security and efficiency in smart health. However, existing smart health systems still have challenging issues, such as aggregate authentication, fine-grained access control and privacy protection. In this paper, we address these issues by introducing SSH, a Secure Smart Health system with privacy-aware aggregate authentication and access control in IoT. In SSH, privacy-aware aggregate authentication is enabled by an anonymous certificateless aggregate signature scheme, in which users' identity information …
Breathprint: Breathing Acoustics-Based User Authentication, Jagmohan Chauhan, Yining Hu, Suranga Sereviratne, Archan Misra, Aruna Sereviratne, Youngki Lee
Breathprint: Breathing Acoustics-Based User Authentication, Jagmohan Chauhan, Yining Hu, Suranga Sereviratne, Archan Misra, Aruna Sereviratne, Youngki Lee
Research Collection School Of Computing and Information Systems
We propose BreathPrint, a new behavioural biometric signature based on audio features derived from an individual's commonplace breathing gestures. Specifically, BreathPrint uses the audio signatures associated with the three individual gestures: sniff, normal, and deep breathing, which are sufficiently different across individuals. Using these three breathing gestures, we develop the processing pipeline that identifies users via the microphone sensor on smartphones and wearable devices. In BreathPrint, a user performs breathing gestures while holding the device very close to their nose. Using off-the-shelf hardware, we experimentally evaluate the BreathPrint prototype with 10 users, observed over seven days. We show that users …
A Survey On Future Internet Security Architectures, Wenxiu Ding, Zheng Yan, Robert H. Deng
A Survey On Future Internet Security Architectures, Wenxiu Ding, Zheng Yan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Current host-centric Internet Protocol (IP) networks are facing unprecedented challenges, such as network attacks and the exhaustion of IP addresses. Motivated by emerging demands for security, mobility, and distributed networking, many research projects have been initiated to design the future Internet from a clean slate. In order to obtain a thorough knowledge of security in future Internet architecture, we review a number of well-known projects, including named data networking, Content Aware Searching Retrieval and sTreaming, MobilityFirst Future Internet Architecture Project (MobilityFirst), eXpressive Internet Architecture, and scalability, control, and isolation on next-generation network. These projects aim to move away from the …
Mobipot: Understanding Mobile Telephony Threats With Honeycards, Marco Balduzzi, Payas Gupta, Lion Gu, Debin Gao, Mustaque Ahamad
Mobipot: Understanding Mobile Telephony Threats With Honeycards, Marco Balduzzi, Payas Gupta, Lion Gu, Debin Gao, Mustaque Ahamad
Research Collection School Of Computing and Information Systems
Over the past decade, the number of mobile phones has increased dramatically, overtaking the world population in October 2014. In developing countries like India and China, mobile subscribers outnumber traditional landline users and account for over 90% of the active population. At the same time, convergence of telephony with the Internet with technologies like VoIP makes it possible to reach a large number of telephone users at a low or no cost via voice calls or SMS (short message service) messages. As a consequence, cybercriminals are abusing the telephony channel to launch attacks, e.g., scams that offer fraudulent services and …
On Robust Image Spam Filtering Via Comprehensive Visual Modeling, Jialie Shen, Deng, Robert H., Zhiyong Cheng, Liqiang Nie, Shuicheng Yan
On Robust Image Spam Filtering Via Comprehensive Visual Modeling, Jialie Shen, Deng, Robert H., Zhiyong Cheng, Liqiang Nie, Shuicheng Yan
Research Collection School Of Computing and Information Systems
The Internet has brought about fundamental changes in the way peoples generate and exchange media information. Over the last decade, unsolicited message images (image spams) have become one of the most serious problems for Internet service providers (ISPs), business firms and general end users. In this paper, we report a novel system called RoBoTs (Robust BoosTrap based spam detector) to support accurate and robust image spam filtering. The system is developed based on multiple visual properties extracted from different levels of granularity, aiming to capture more discriminative contents for effective spam image identification. In addition, a resampling based learning framework …
From Physical Security To Cybersecurity, Arunesh Sinha, Thanh H. Nguyen, Debarun Kar, Matthew Brown, Milind Tambe, Albert Xin Jiang
From Physical Security To Cybersecurity, Arunesh Sinha, Thanh H. Nguyen, Debarun Kar, Matthew Brown, Milind Tambe, Albert Xin Jiang
Research Collection School Of Computing and Information Systems
Security is a critical concern around the world. In many domains from cybersecurity to sustainability, limited security resources prevent complete security coverage at all times. Instead, these limited resources must be scheduled (or allocated or deployed), while simultaneously taking into account the importance of different targets, the responses of the adversaries to the security posture, and the potential uncertainties in adversary payoffs and observations, etc. Computational game theory can help generate such security schedules. Indeed, casting the problem as a Stackelberg game, we have developed new algorithms that are now deployed over multiple years in multiple applications for scheduling of …
Analysis And Improvement On A Biometric-Based Remote User Authentication Scheme Using Smart Cards, Fengtong Wen, Willy Susilo, Guomin Yang
Analysis And Improvement On A Biometric-Based Remote User Authentication Scheme Using Smart Cards, Fengtong Wen, Willy Susilo, Guomin Yang
Research Collection School Of Computing and Information Systems
In a recent paper (BioMed Research International, 2013/491289), Khan et al. proposed an improved biometrics-based remote user authentication scheme with user anonymity. The scheme is believed to be secure against password guessing attack, user impersonation attack, server masquerading attack, and provide user anonymity, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Khan et al.’s scheme, and demonstrate that their scheme doesn’t provide user anonymity. This also renders that their scheme is insecure against other attacks, such as off-line password guessing attack, user impersonation attacks. Subsequently, we propose a …
A Secure And Effective Anonymous User Authentication Scheme For Roaming Service In Global Mobility Networks, Fengtong Wen, Willy Susilo, Guomin Yang
A Secure And Effective Anonymous User Authentication Scheme For Roaming Service In Global Mobility Networks, Fengtong Wen, Willy Susilo, Guomin Yang
Research Collection School Of Computing and Information Systems
In global mobility networks, anonymous user authentication is an essential task for enabling roaming service. In a recent paper, Jiang et al. proposed a smart card based anonymous user authentication scheme for roaming service in global mobility networks. This scheme can protect user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Jiang et al.’s scheme, and show that the scheme is in fact insecure against the stolen-verifier attack and replay attack. Then, we …
Defeating Sql Injection, Lwin Khin Shar, Hee Beng Kuan Tan
Defeating Sql Injection, Lwin Khin Shar, Hee Beng Kuan Tan
Research Collection School Of Computing and Information Systems
The best strategy for combating SQL injection, which has emerged as the most widespread website security risk, calls for integrating defensive coding practices with both vulnerability detection and runtime attack prevention methods.
Revisiting Unpredictability-Based Rfid Privacy Models, Junzuo Lai, Robert Huijie Deng, Yingjiu Li
Revisiting Unpredictability-Based Rfid Privacy Models, Junzuo Lai, Robert Huijie Deng, Yingjiu Li
Research Collection School Of Computing and Information Systems
Recently, there have been several attempts in establishing formal RFID privacy models in the literature. These models mainly fall into two categories: one based on the notion of indistinguishability of two RFID tags, denoted as ind-privacy, and the other based on the unpredictability of the output of an RFID protocol, denoted as unp-privacy. Very recently, at CCS’09, Ma et al. proposed a modified unp-privacy model, referred to as unp ′-privacy. In this paper, we first revisit the existing RFID privacy models and point out their limitations. We then propose a new RFID privacy model, denoted as …
A Study Of Content Authentication In Proxy-Enabled Multimedia Delivery Systems: Model, Techniques, And Applications, Robert H. Deng, Yanjiang Yang
A Study Of Content Authentication In Proxy-Enabled Multimedia Delivery Systems: Model, Techniques, And Applications, Robert H. Deng, Yanjiang Yang
Research Collection School Of Computing and Information Systems
Compared with the direct server-user approach, the server-proxy-user architecture for multimedia delivery promises significantly improved system scalability. The introduction of the intermediary transcoding proxies between content servers and end users in this architecture, however, brings unprecedented challenges to content security. In this article, we present a systematic study on the end-to-end content authentication problem in the server-proxy-user context, where intermediary proxies transcode multimedia content dynamically. We present a formal model for the authentication problem, propose a concrete construction for authenticating generic data modality and formally prove its security. We then apply the generic construction to authenticating specific multimedia formats, for …
Beyond Output Voting: Detecting Compromised Replicas Using Hmm-Based Behavioral Distance, Debin Gao, Michael K. Reiter, Dawn Song
Beyond Output Voting: Detecting Compromised Replicas Using Hmm-Based Behavioral Distance, Debin Gao, Michael K. Reiter, Dawn Song
Research Collection School Of Computing and Information Systems
Many host-based anomaly detection techniques have been proposed to detect code-injection attacks on servers. The vast majority, however, are susceptible to "mimicry" attacks in which the injected code masquerades as the original server software, including returning the correct service responses, while conducting its attack. "Behavioral distance," by which two diverse replicas processing the same inputs are continually monitored to detect divergence in their low-level (system-call) behaviors and hence potentially the compromise of one of them, has been proposed for detecting mimicry attacks. In this paper, we present a novel approach to behavioral distance measurement using a new type of hidden …
A Block Oriented Fingerprinting Scheme In Relational Database, Siyuan Liu, Shuhong Wang, Robert H. Deng, Weizhong Shao
A Block Oriented Fingerprinting Scheme In Relational Database, Siyuan Liu, Shuhong Wang, Robert H. Deng, Weizhong Shao
Research Collection School Of Computing and Information Systems
The need for protecting rights over relational data is of ever increasing concern. There have recently been some pioneering works in this area. In this paper, we propose an effective fingerprinting scheme based on the idea of block method in the area of multimedia fingerprinting. The scheme ensures that certain bit positions of the data contain specific values. The bit positions are determined by the keys known only to the owner of the data and different buyers of the database have different bit positions and different specific values for those bit positions. The detection of the fingerprint can be completed …
Security Analysis And Improvement Of Return Routability Protocol, Ying Qiu, Jianying Zhou, Robert H. Deng
Security Analysis And Improvement Of Return Routability Protocol, Ying Qiu, Jianying Zhou, Robert H. Deng
Research Collection School Of Computing and Information Systems
Mobile communication plays a more and more important role in computer networks. How to authenticate a new connecting address belonging to a said mobile node is one of the key issues in mobile networks. This paper analyzes the Return Routability (RR) protocol and proposes an improved security solution for the RR protocol without changing its architecture. With the improvement, three types of redirect attacks can be prevented.
Making The Key Agreement Protocol In Mobile Ad Hoc Network More Efficient, Gang Yao, Kui Ren, Feng Bao, Robert H. Deng, Dengguo Feng
Making The Key Agreement Protocol In Mobile Ad Hoc Network More Efficient, Gang Yao, Kui Ren, Feng Bao, Robert H. Deng, Dengguo Feng
Research Collection School Of Computing and Information Systems
Mobile ad hoc networks offer convenient infrastructureless communications over the shared wireless channel. However, the nature of mobile ad hoc networks makes them vulnerable to security attacks, such as passive eavesdropping over the wireless channel and denial of service attacks by malicious nodes. To ensure the security, several cryptography protocols are implemented. Due to the resource scarcity in mobile ad hoc networks, the protocols must be communication efficient and need as less computational power as possible. Broadcast communication is an important operation for many application in mobile ad hoc networks. To securely broadcast a message, all the members in the …