Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Access control (1)
- Android Malware (1)
- Anonymity (1)
- Automated Test Case Generation (1)
- Blank signature (1)
-
- Cloud computing (1)
- Cloud storage (1)
- Coercive attack (1)
- Confidentiality (1)
- Deep Learning (1)
- Delegation chain (1)
- Digital signature (1)
- Keyword search (1)
- Malicious URL Detection (1)
- Mining Sandboxing (1)
- Mobile security (1)
- Near field communication (1)
- Optimistic fair exchange (1)
- Path authentication (1)
- Plausibly deniable encryption (1)
- Privacy (1)
- Proxy signature (1)
- RFID (1)
- Redactable signature (1)
- Revocation (1)
- Sanitizable signature (1)
- Scalability (1)
- Secure provenance (1)
- Supply chain management (1)
- Thin provisioning (1)
Articles 1 - 7 of 7
Full-Text Articles in Information Security
Vpsearch: Achieving Verifiability For Privacy-Preserving Multi-Keyword Search Over Encrypted Cloud Data, Zhiguo Wan, Robert H. Deng
Vpsearch: Achieving Verifiability For Privacy-Preserving Multi-Keyword Search Over Encrypted Cloud Data, Zhiguo Wan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Although cloud computing offers elastic computation and storage resources, it poses challenges on verifiability of computations and data privacy. In this work we investigate verifiability for privacy-preserving multi-keyword search over outsourced documents. As the cloud server may return incorrect results due to system faults or incentive to reduce computation cost, it is critical to offer verifiability of search results and privacy protection for outsourced data at the same time. To fulfill these requirements, we design aVerifiablePrivacy-preserving keywordSearch scheme, called VPSearch, by integrating an adapted homomorphic MAC technique with a privacy-preserving multi-keyword search scheme. The proposed scheme enables the client to …
Verifiably Encrypted Cascade-Instantiable Blank Signatures To Secure Progressive Decision Management, Yujue Wang, Hwee Hwa Pang, Robert H. Deng
Verifiably Encrypted Cascade-Instantiable Blank Signatures To Secure Progressive Decision Management, Yujue Wang, Hwee Hwa Pang, Robert H. Deng
Research Collection School Of Computing and Information Systems
In this paper, we introduce the notion of verifiably encrypted cascade-instantiable blank signatures (CBS) in a multi-user setting. In CBS, there is a delegation chain that starts with an originator and is followed by a sequence of proxies. The originator creates and signs a template, which may comprise fixed fields and exchangeable fields. Thereafter, each proxy along the delegation chain is able to make an instantiation of the template from the choices passed down from her direct predecessor, before generating a signature for her instantiation. First, we present a non-interactive basic CBS construction that does not rely on any shared …
Every Step You Take, I’Ll Be Watching You: Practical Stepauth-Entication Of Rfid Paths, Kai Bu, Yingjiu Li
Every Step You Take, I’Ll Be Watching You: Practical Stepauth-Entication Of Rfid Paths, Kai Bu, Yingjiu Li
Research Collection School Of Computing and Information Systems
Path authentication thwarts counterfeits in RFID-based supply chains. Its motivation is that tagged products taking invalid paths are likely faked and injected by adversaries at certain supply chain partners/steps. Existing solutions are path-grained in that they simply regard a product as genuine if it takes any valid path. Furthermore, they enforce distributed authentication by offloading the sets of valid paths to some or all steps from a centralized issuer. This not only imposes network and storage overhead but also leaks transaction privacy. We present StepAuth, the first step-grained path authentication protocol that is practically efficient for authenticating products with strict …
Urlnet: Learning A Url Representation With Deep Learning For Malicious Url Detection, Hung Le, Hong Quang Pham, Doyen Sahoo, Steven C. H. Hoi
Urlnet: Learning A Url Representation With Deep Learning For Malicious Url Detection, Hung Le, Hong Quang Pham, Doyen Sahoo, Steven C. H. Hoi
Research Collection School Of Computing and Information Systems
Malicious URLs host unsolicited content and are used to perpetrate cybercrimes. It is imperative to detect them in a timely manner. Traditionally, this is done through the usage of blacklists, which cannot be exhaustive, and cannot detect newly generated malicious URLs. To address this, recent years have witnessed several efforts to perform Malicious URL Detection using Machine Learning. The most popular and scalable approaches use lexical properties of the URL string by extracting Bag-of-words like features, followed by applying machine learning models such as SVMs. There are also other features designed by experts to improve the prediction performance of the …
Mining Sandboxes: Are We There Yet?, Lingfeng Bao, Tien Duy B. Le, David Lo
Mining Sandboxes: Are We There Yet?, Lingfeng Bao, Tien Duy B. Le, David Lo
Research Collection School Of Computing and Information Systems
The popularity of Android platform on mobile devices has attracted much attention from many developers and researchers, as well as malware writers. Recently, Jamrozik et al. proposed a technique to secure Android applications referred to as mining sandboxes. They used an automated test case generation technique to explore the behavior of the app under test and then extracted a set of sensitive APIs that were called. Based on the extracted sensitive APIs, they built a sandbox that can block access to APIs not used during testing. However, they only evaluated the proposed technique with benign apps but not investigated whether …
Attribute-Based Cloud Storage With Secure Provenance Over Encrypted Data, Hui Cui, Robert H. Deng, Yingjiu Li
Attribute-Based Cloud Storage With Secure Provenance Over Encrypted Data, Hui Cui, Robert H. Deng, Yingjiu Li
Research Collection School Of Computing and Information Systems
To securely and conveniently enjoy the benefits of cloud storage, it is desirable to design a cloud data storage system which protects data privacy from storage servers through encryption, allows fine-grained access control such that data providers can expressively specify who are eligible to access the encrypted data, enables dynamic user management such that the total number of data users is unbounded and user revocation can be carried out conveniently, supports data provider anonymity and traceability such that a data provider’s identity is not disclosed to data users in normal circumstances but can be traced by a trusted authority if …
User-Friendly Deniable Storage For Mobile Devices, Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, Wen-Tao Zhu, Yingjiu Li, Zhan. Wang
User-Friendly Deniable Storage For Mobile Devices, Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, Wen-Tao Zhu, Yingjiu Li, Zhan. Wang
Research Collection School Of Computing and Information Systems
Mobile devices are prevalently used to process sensitive data, but traditional encryption may not work when an adversary is able to coerce the device owners to disclose the encryption keys. Plausibly Deniable Encryption (PDE) is thus designed to protect sensitive data against this powerful adversary. In this paper, we present MobiPluto, a user-friendly PDE scheme for denying the existence of sensitive data stored on mobile devices. A salient difference between MobiPluto and the existing PDE systems is that any block-based file systems can be deployed on top of it. To further improve usability and deniability of MobiPluto, we introduce a …