Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Discipline
-
- Information Security (28)
- Software Engineering (16)
- Databases and Information Systems (8)
- Artificial Intelligence and Robotics (6)
- OS and Networks (6)
-
- Social and Behavioral Sciences (6)
- Business (4)
- Engineering (4)
- Asian Studies (3)
- International and Area Studies (3)
- Computer Engineering (2)
- Medicine and Health Sciences (2)
- Operations Research, Systems Engineering and Industrial Engineering (2)
- Programming Languages and Compilers (2)
- Sales and Merchandising (2)
- Data Storage Systems (1)
- Digital Communications and Networking (1)
- E-Commerce (1)
- Education (1)
- Gerontology (1)
- Graphics and Human Computer Interfaces (1)
- Health Information Technology (1)
- Higher Education (1)
- Library and Information Science (1)
- Numerical Analysis and Scientific Computing (1)
- Public Affairs, Public Policy and Public Administration (1)
- Sociology (1)
- Theory and Algorithms (1)
- Publication Year
- Publication
- Publication Type
Articles 31 - 50 of 50
Full-Text Articles in Physical Sciences and Mathematics
Analysis And Improvement On A Biometric-Based Remote User Authentication Scheme Using Smart Cards, Fengtong Wen, Willy Susilo, Guomin Yang
Analysis And Improvement On A Biometric-Based Remote User Authentication Scheme Using Smart Cards, Fengtong Wen, Willy Susilo, Guomin Yang
Research Collection School Of Computing and Information Systems
In a recent paper (BioMed Research International, 2013/491289), Khan et al. proposed an improved biometrics-based remote user authentication scheme with user anonymity. The scheme is believed to be secure against password guessing attack, user impersonation attack, server masquerading attack, and provide user anonymity, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Khan et al.’s scheme, and demonstrate that their scheme doesn’t provide user anonymity. This also renders that their scheme is insecure against other attacks, such as off-line password guessing attack, user impersonation attacks. Subsequently, we propose a …
Ciphercard: A Token-Based Approach Against Camera-Based Shoulder Surfing Attacks On Common Touchscreen Devices, Teddy Seyed, Xing-Dong Yang, Anthony Tang, Saul Greenberg, Jiawei Gu, Bin Zhu, Xiang Ciao
Ciphercard: A Token-Based Approach Against Camera-Based Shoulder Surfing Attacks On Common Touchscreen Devices, Teddy Seyed, Xing-Dong Yang, Anthony Tang, Saul Greenberg, Jiawei Gu, Bin Zhu, Xiang Ciao
Research Collection School Of Computing and Information Systems
We present CipherCard, a physical token that defends against shoulder-surfing attacks on user authentication on capacitive touchscreen devices. When CipherCard is placed over a touchscreen’s pin-pad, it remaps a user’s touch point on the physical token to a different location on the pin-pad. It hence translates a visible user password into a different system password received by a touchscreen, but is hidden from observers as well as the user. CipherCard enhances authentication security through Two-Factor Authentication (TFA), in that both the correct user password and a specific card are needed for successful authentication. We explore the design space of CipherCard, …
Singapore Management University Establishes A New Research Centre On Secure Mobile Computing Technologies And Solutions, Singapore Management University
Singapore Management University Establishes A New Research Centre On Secure Mobile Computing Technologies And Solutions, Singapore Management University
SMU Press Releases
The Singapore Management University (SMU) has announced today the establishment of a new centre of research excellence that focuses on mobile computing security. Funded by Singapore’s National Research Foundation (NRF), the Secure Mobile Centre is developing efficient and scalable technologies and solutions that strengthen the security of mobile computing systems, applications and services. The Secure Mobile Centre is led by a team of five faculty members from SMU’s School of Information Systems who specialise in information security and trust: Professor Robert DENG (Centre Director), Professor PANG Hwee Hwa, Associate Professor LI Yingjiu, Associate Professor DING Xuhua and Assistant Professor Debin …
Streets: Game-Theoretic Traffic Patrolling With Exploration And Exploitation, Matthew Brown, Sandhya Saisubramanian, Pradeep Varakantham, Milind Tambe
Streets: Game-Theoretic Traffic Patrolling With Exploration And Exploitation, Matthew Brown, Sandhya Saisubramanian, Pradeep Varakantham, Milind Tambe
Research Collection School Of Computing and Information Systems
To dissuade reckless driving and mitigate accidents, cities deploy resources to patrol roads. In this paper, we present STREETS, an application developed for the city of Singapore, which models the problem of computing randomized traffic patrol strategies as a defenderattacker Stackelberg game. Previous work on Stackelberg security games has focused extensively on counterterrorism settings. STREETS moves beyond counterterrorism and represents the first use of Stackelberg games for traffic patrolling, in the process providing a novel algorithm for solving such games that addresses three major challenges in modeling and scale-up. First, there exists a high degree of unpredictability in travel times …
Machine Learning In Wireless Sensor Networks: Algorithms, Strategies, And Applications, Mohammad Abu Alsheikh, Shaowei Lin, Dusit Niyato, Hwee-Pink Tan
Machine Learning In Wireless Sensor Networks: Algorithms, Strategies, And Applications, Mohammad Abu Alsheikh, Shaowei Lin, Dusit Niyato, Hwee-Pink Tan
Research Collection School Of Computing and Information Systems
Wireless sensor networks (WSNs) monitor dynamic environments that change rapidly over time. This dynamic behavior is either caused by external factors or initiated by the system designers themselves. To adapt to such conditions, sensor networks often adopt machine learning techniques to eliminate the need for unnecessary redesign. Machine learning also inspires many practical solutions that maximize resource utilization and prolong the lifespan of the network. In this paper, we present an extensive literature review over the period 2002-2013 of machine learning methods that were used to address common issues in WSNs. The advantages and disadvantages of each proposed algorithm are …
A Secure And Effective Anonymous User Authentication Scheme For Roaming Service In Global Mobility Networks, Fengtong Wen, Willy Susilo, Guomin Yang
A Secure And Effective Anonymous User Authentication Scheme For Roaming Service In Global Mobility Networks, Fengtong Wen, Willy Susilo, Guomin Yang
Research Collection School Of Computing and Information Systems
In global mobility networks, anonymous user authentication is an essential task for enabling roaming service. In a recent paper, Jiang et al. proposed a smart card based anonymous user authentication scheme for roaming service in global mobility networks. This scheme can protect user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Jiang et al.’s scheme, and show that the scheme is in fact insecure against the stolen-verifier attack and replay attack. Then, we …
Securearray: Improving Wifi Security With Fine-Grained Physical-Layer, Jie Xiong, Kyle Jamieson
Securearray: Improving Wifi Security With Fine-Grained Physical-Layer, Jie Xiong, Kyle Jamieson
Research Collection School Of Computing and Information Systems
Despite the important role that WiFi networks play in home and enterprise networks they are relatively weak from a security standpoint. With easily available directional antennas, attackers can be physically located off-site, yet compromise WiFi security protocols such as WEP, WPA, and even to some extent WPA2 through a range of exploits specific to those protocols, or simply by running dictionary and human-factors attacks on users' poorly-chosen passwords. This presents a security risk to the entire home or enterprise network. To mitigate this ongoing problem, we propose SecureArray, a system designed to operate alongside existing wireless security protocols, adding defense …
Raising The Game: Applying Theory And Analytics To Real-World Threats, Singapore Management University
Raising The Game: Applying Theory And Analytics To Real-World Threats, Singapore Management University
Perspectives@SMU
Safety and security are, on many levels, essential priorities for governments, businesses and individuals. While an increase of defence and security budgets may bring some assurance of peaceful times to come, it seems the world has no lack of insane perpetrators who can still somehow evade, breach, ambush, assail and attack as they please. Enter the “Bayesian Stackelberg Game”, a game theory model that can, and has been applied rather successfully to the allocation of security resources in the United States by Prof Milind Tambe, University of Southern California.
Exploiting Human Factors In User Authentication, Payas Gupta
Exploiting Human Factors In User Authentication, Payas Gupta
Dissertations and Theses Collection (Open Access)
Our overarching issue in security is the human factor – and dealing with it is perhaps one of the biggest challenges we face today. Human factor is often described as the weakest part of a security system and users are often described as the weakest link in the security chain. In this thesis, we focus on two problems which are caused by human factors in user authentication and propose respective solutions. a) Secrecy information inference attack – publicly available information can be used to infer some secrecy information about the user. b) Coercion attack – where an attacker forces a …
Reputation As Public Policy For Internet Security: A Field Study, Qian Tang, Leigh L. Linden, John S. Quarterman, Andrew Whinston
Reputation As Public Policy For Internet Security: A Field Study, Qian Tang, Leigh L. Linden, John S. Quarterman, Andrew Whinston
Research Collection School Of Computing and Information Systems
Cybersecurity is a national priority in this big data era. Because of the lack of incentives and the existence of negative externality, companies often underinvest in addressing security risks and accidents, despite government and industry recommendations. In the present article, we propose a method that utilizes reputation through information disclosure to motivate companies to behave pro-socially, improving their Internet security. Using outbound spam as a proxy for Internet security, we conducted a quasiexperimental field study for eight countries through SpamRankings.net. This outgoingspam-based study shows that information disclosure on outgoing spam can help reduce outgoing spam, approximately by 16 percent. This …
Defeating Sql Injection, Lwin Khin Shar, Hee Beng Kuan Tan
Defeating Sql Injection, Lwin Khin Shar, Hee Beng Kuan Tan
Research Collection School Of Computing and Information Systems
The best strategy for combating SQL injection, which has emerged as the most widespread website security risk, calls for integrating defensive coding practices with both vulnerability detection and runtime attack prevention methods.
Event Study Method For Validating Agent-Based Trading Simulations, Shih-Fen Cheng
Event Study Method For Validating Agent-Based Trading Simulations, Shih-Fen Cheng
Research Collection School Of Computing and Information Systems
In this paper, we introduce how one can validate an event-centric trading simulation platform that is built with multi-agent technology. The issue of validation is extremely important for agent-based simulations, but unfortunately, so far there is no one universal method that would work in all domains. The primary contribution of this paper is a novel combination of event-centric simulation design and event study approach for market dynamics generation and validation. In our event-centric design, the simulation is progressed by announcing news events that affect market prices. Upon receiving these events, event-aware software agents would adjust their views on the market …
Revisiting Unpredictability-Based Rfid Privacy Models, Junzuo Lai, Robert Huijie Deng, Yingjiu Li
Revisiting Unpredictability-Based Rfid Privacy Models, Junzuo Lai, Robert Huijie Deng, Yingjiu Li
Research Collection School Of Computing and Information Systems
Recently, there have been several attempts in establishing formal RFID privacy models in the literature. These models mainly fall into two categories: one based on the notion of indistinguishability of two RFID tags, denoted as ind-privacy, and the other based on the unpredictability of the output of an RFID protocol, denoted as unp-privacy. Very recently, at CCS’09, Ma et al. proposed a modified unp-privacy model, referred to as unp ′-privacy. In this paper, we first revisit the existing RFID privacy models and point out their limitations. We then propose a new RFID privacy model, denoted as …
Security And Performance Analysis For Rfid Protocols, Bing Liang
Security And Performance Analysis For Rfid Protocols, Bing Liang
Dissertations and Theses Collection (Open Access)
Radio Frequency Identification (RFID) is an advanced object identification technology that has already been applied in various industries. However, the insecure nature of the communication channel between readers and tags makes RFID systems vulnerable to various kinds of attacks. In recent years, many new methods have been proposed to improve the security of RFID systems, such as disabling tags, agent management and establishing cryptographic protocols. Among them, we focus on the last approach, which is more economic and convenient in certain cases. The first part of our work is to categorize typical existing RFID protocols according to their security levels. …
A Study Of Content Authentication In Proxy-Enabled Multimedia Delivery Systems: Model, Techniques, And Applications, Robert H. Deng, Yanjiang Yang
A Study Of Content Authentication In Proxy-Enabled Multimedia Delivery Systems: Model, Techniques, And Applications, Robert H. Deng, Yanjiang Yang
Research Collection School Of Computing and Information Systems
Compared with the direct server-user approach, the server-proxy-user architecture for multimedia delivery promises significantly improved system scalability. The introduction of the intermediary transcoding proxies between content servers and end users in this architecture, however, brings unprecedented challenges to content security. In this article, we present a systematic study on the end-to-end content authentication problem in the server-proxy-user context, where intermediary proxies transcode multimedia content dynamically. We present a formal model for the authentication problem, propose a concrete construction for authenticating generic data modality and formally prove its security. We then apply the generic construction to authenticating specific multimedia formats, for …
Beyond Output Voting: Detecting Compromised Replicas Using Hmm-Based Behavioral Distance, Debin Gao, Michael K. Reiter, Dawn Song
Beyond Output Voting: Detecting Compromised Replicas Using Hmm-Based Behavioral Distance, Debin Gao, Michael K. Reiter, Dawn Song
Research Collection School Of Computing and Information Systems
Many host-based anomaly detection techniques have been proposed to detect code-injection attacks on servers. The vast majority, however, are susceptible to "mimicry" attacks in which the injected code masquerades as the original server software, including returning the correct service responses, while conducting its attack. "Behavioral distance," by which two diverse replicas processing the same inputs are continually monitored to detect divergence in their low-level (system-call) behaviors and hence potentially the compromise of one of them, has been proposed for detecting mimicry attacks. In this paper, we present a novel approach to behavioral distance measurement using a new type of hidden …
A Block Oriented Fingerprinting Scheme In Relational Database, Siyuan Liu, Shuhong Wang, Robert H. Deng, Weizhong Shao
A Block Oriented Fingerprinting Scheme In Relational Database, Siyuan Liu, Shuhong Wang, Robert H. Deng, Weizhong Shao
Research Collection School Of Computing and Information Systems
The need for protecting rights over relational data is of ever increasing concern. There have recently been some pioneering works in this area. In this paper, we propose an effective fingerprinting scheme based on the idea of block method in the area of multimedia fingerprinting. The scheme ensures that certain bit positions of the data contain specific values. The bit positions are determined by the keys known only to the owner of the data and different buyers of the database have different bit positions and different specific values for those bit positions. The detection of the fingerprint can be completed …
Security Analysis And Improvement Of Return Routability Protocol, Ying Qiu, Jianying Zhou, Robert H. Deng
Security Analysis And Improvement Of Return Routability Protocol, Ying Qiu, Jianying Zhou, Robert H. Deng
Research Collection School Of Computing and Information Systems
Mobile communication plays a more and more important role in computer networks. How to authenticate a new connecting address belonging to a said mobile node is one of the key issues in mobile networks. This paper analyzes the Return Routability (RR) protocol and proposes an improved security solution for the RR protocol without changing its architecture. With the improvement, three types of redirect attacks can be prevented.
Steganographic Schemes For File System And B-Tree, Hwee Hwa Pang, Kian-Lee Tan, Xuan Zhou
Steganographic Schemes For File System And B-Tree, Hwee Hwa Pang, Kian-Lee Tan, Xuan Zhou
Research Collection School Of Computing and Information Systems
While user access control and encryption can protect valuable data from passive observers, these techniques leave visible ciphertexts that are likely to alert an active adversary to the existence of the data. We introduce StegFD, a steganographic file driver that securely hides user-selected files in a file system so that, without the corresponding access keys, an attacker would not be able to deduce their existence. Unlike other steganographic schemes proposed previously, our construction satisfies the prerequisites of a practical file system in ensuring the integrity of the files and maintaining efficient space utilization. We also propose two schemes for implementing …
Making The Key Agreement Protocol In Mobile Ad Hoc Network More Efficient, Gang Yao, Kui Ren, Feng Bao, Robert H. Deng, Dengguo Feng
Making The Key Agreement Protocol In Mobile Ad Hoc Network More Efficient, Gang Yao, Kui Ren, Feng Bao, Robert H. Deng, Dengguo Feng
Research Collection School Of Computing and Information Systems
Mobile ad hoc networks offer convenient infrastructureless communications over the shared wireless channel. However, the nature of mobile ad hoc networks makes them vulnerable to security attacks, such as passive eavesdropping over the wireless channel and denial of service attacks by malicious nodes. To ensure the security, several cryptography protocols are implemented. Due to the resource scarcity in mobile ad hoc networks, the protocols must be communication efficient and need as less computational power as possible. Broadcast communication is an important operation for many application in mobile ad hoc networks. To securely broadcast a message, all the members in the …