Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Cloud computing (3)
- Security (3)
- Authentication (2)
- Public key cryptography (2)
- Roaming (2)
-
- Smart card (2)
- Abstract Syntax Tree (1)
- Access control (1)
- Adversarial attacks (1)
- Android Runtime (1)
- Anomaly detectors (1)
- Anonymity (1)
- Authenticated key exchange (1)
- Cloud service (1)
- Compiler Optimization (1)
- Computer Security (1)
- Computer Viruses (1)
- Computers (1)
- Cryptanalysis (1)
- Cyber insurance (1)
- Cyber-physical systems (1)
- Database Systems (1)
- Databases (1)
- Designated verifier signature (1)
- Digital signature (1)
- Dynamic programming (1)
- Edit distance (1)
- Encoding (1)
- Function Signature (1)
- Functional signature (1)
Articles 1 - 20 of 20
Full-Text Articles in Information Security
Sigmadiff: Semantics-Aware Deep Graph Matching For Pseudocode Diffing, Lian Gao, Yu Qu, Sheng Yu, Yue Duan, Heng Yin
Sigmadiff: Semantics-Aware Deep Graph Matching For Pseudocode Diffing, Lian Gao, Yu Qu, Sheng Yu, Yue Duan, Heng Yin
Research Collection School Of Computing and Information Systems
Pseudocode diffing precisely locates similar parts and captures differences between the decompiled pseudocode of two given binaries. It is particularly useful in many security scenarios such as code plagiarism detection, lineage analysis, patch, vulnerability analysis, etc. However, existing pseudocode diffing and binary diffing tools suffer from low accuracy and poor scalability, since they either rely on manually-designed heuristics (e.g., Diaphora) or heavy computations like matrix factorization (e.g., DeepBinDiff). To address the limitations, in this paper, we propose a semantics-aware, deep neural network-based model called SIGMADIFF. SIGMADIFF first constructs IR (Intermediate Representation) level interprocedural program dependency graphs (IPDGs). Then it uses …
Enhancing Security Patch Identification By Capturing Structures In Commits, Bozhi Wu, Shangqing Liu, Ruitao Feng, Xiaofei Xie, Jingkai Siow, Shang-Wei Lin
Enhancing Security Patch Identification By Capturing Structures In Commits, Bozhi Wu, Shangqing Liu, Ruitao Feng, Xiaofei Xie, Jingkai Siow, Shang-Wei Lin
Research Collection School Of Computing and Information Systems
With the rapid increasing number of open source software (OSS), the majority of the software vulnerabilities in the open source components are fixed silently, which leads to the deployed software that integrated them being unable to get a timely update. Hence, it is critical to design a security patch identification system to ensure the security of the utilized software. However, most of the existing works for security patch identification just consider the changed code and the commit message of a commit as a flat sequence of tokens with simple neural networks to learn its semantics, while the structure information is …
Chosen-Instruction Attack Against Commercial Code Virtualization Obfuscators, Shijia Li, Chunfu Jia, Pengda Qiu, Qiyuan Chen, Jiang Ming, Debin Gao
Chosen-Instruction Attack Against Commercial Code Virtualization Obfuscators, Shijia Li, Chunfu Jia, Pengda Qiu, Qiyuan Chen, Jiang Ming, Debin Gao
Research Collection School Of Computing and Information Systems
—Code virtualization is a well-known sophisticated obfuscation technique that uses custom virtual machines (VM) to emulate the semantics of original native instructions. Commercial VM-based obfuscators (e.g., Themida and VMProtect) are often abused by malware developers to conceal malicious behaviors. Since the internal mechanism of commercial obfuscators is a black box, it is a daunting challenge for the analyst to understand the behavior of virtualized programs. To figure out the code virtualization mechanism and design deobfuscation techniques, the analyst has to perform reverse-engineering on large-scale highly obfuscated programs. This knowledge learning process suffers from painful cost and imprecision. In this project, …
Resil: Revivifying Function Signature Inference Using Deep Learning With Domain-Specific Knowledge, Yan Lin, Debin Gao, David Lo
Resil: Revivifying Function Signature Inference Using Deep Learning With Domain-Specific Knowledge, Yan Lin, Debin Gao, David Lo
Research Collection School Of Computing and Information Systems
Function signature recovery is important for binary analysis and security enhancement, such as bug finding and control-flow integrity enforcement. However, binary executables typically have crucial information vital for function signature recovery stripped off during compilation. To make things worse, recent studies show that many compiler optimization strategies further complicate the recovery of function signatures with intended violations to function calling conventions.In this paper, we first perform a systematic study to quantify the extent to which compiler optimizations (negatively) impact the accuracy of existing deep learning techniques for function signature recovery. Our experiments show that a state-of-the-art deep learning technique has …
Adversarial Attacks And Mitigation For Anomaly Detectors Of Cyber-Physical Systems, Yifan Jia, Jingyi Wang, Christopher M. Poskitt, Sudipta Chattopadhyay, Jun Sun, Yuqi Chen
Adversarial Attacks And Mitigation For Anomaly Detectors Of Cyber-Physical Systems, Yifan Jia, Jingyi Wang, Christopher M. Poskitt, Sudipta Chattopadhyay, Jun Sun, Yuqi Chen
Research Collection School Of Computing and Information Systems
The threats faced by cyber-physical systems (CPSs) in critical infrastructure have motivated research into a multitude of attack detection mechanisms, including anomaly detectors based on neural network models. The effectiveness of anomaly detectors can be assessed by subjecting them to test suites of attacks, but less consideration has been given to adversarial attackers that craft noise specifically designed to deceive them. While successfully applied in domains such as images and audio, adversarial attacks are much harder to implement in CPSs due to the presence of other built-in defence mechanisms such as rule checkers (or invariant checkers). In this work, we …
Privacy-Preserving Network Path Validation, Binanda Sengupta, Yingjiu Li, Kai Bu, Robert H. Deng
Privacy-Preserving Network Path Validation, Binanda Sengupta, Yingjiu Li, Kai Bu, Robert H. Deng
Research Collection School Of Computing and Information Systems
The end-users communicating over a network path currently have no control over the path. For a better quality of service, the source node often opts for a superior (or premium) network path to send packets to the destination node. However, the current Internet architecture provides no assurance that the packets indeed follow the designated path. Network path validation schemes address this issue and enable each node present on a network path to validate whether each packet has followed the specific path so far. In this work, we introduce two notions of privacy—path privacy and index privacy—in the context of network …
A Scalable Approach To Joint Cyber Insurance And Security-As-A-Service Provisioning In Cloud Computing, Jonathan David Chase, Dusit Niyato, Ping Wang, Sivadon Chaisiri, Ryan K. L. Ko
A Scalable Approach To Joint Cyber Insurance And Security-As-A-Service Provisioning In Cloud Computing, Jonathan David Chase, Dusit Niyato, Ping Wang, Sivadon Chaisiri, Ryan K. L. Ko
Research Collection School Of Computing and Information Systems
As computing services are increasingly cloud-based, corporations are investing in cloud-based security measures. The Security-as-a-Service (SECaaS) paradigm allows customers to outsource security to the cloud, through the payment of a subscription fee. However, no security system is bulletproof, and even one successful attack can result in the loss of data and revenue worth millions of dollars. To guard against this eventuality, customers may also purchase cyber insurance to receive recompense in the case of loss. To achieve cost effectiveness, it is necessary to balance provisioning of security and insurance, even when future costs and risks are uncertain. To this end, …
Authorized Function Homomorphic Signature, Qingwen Guo, Qiong Huang, Guomin Yang
Authorized Function Homomorphic Signature, Qingwen Guo, Qiong Huang, Guomin Yang
Research Collection School Of Computing and Information Systems
Homomorphic signature (HS) is a novel primitive that allows an agency to carry out arbitrary (polynomial time) computation f on the signed data (m) over right arrow and accordingly gain a signature sigma(h) for the computation result f ((m) over right arrow) with respect to f on behalf of the data owner (DO). However, since DO lacks control of the agency's behavior, receivers would believe that DO did authenticate the computation result even if the agency misbehaves and applies a function that the DO does not want. To address the problem above, in this paper we introduce a new primitive …
Situation-Aware Authenticated Video Broadcasting Over Train-Trackside Wifi Networks, Yongdong Wu, Dengpan Ye, Zhuo Wei, Qian Wang, William Tan, Robert H. Deng
Situation-Aware Authenticated Video Broadcasting Over Train-Trackside Wifi Networks, Yongdong Wu, Dengpan Ye, Zhuo Wei, Qian Wang, William Tan, Robert H. Deng
Research Collection School Of Computing and Information Systems
Live video programmes can bring in better travel experience for subway passengers and earn abundant advertisement revenue for subway operators. However, because the train-trackside channels for video dissemination are easily accessible to anyone, the video traffic are vulnerable to attacks which may cause deadly tragedies. This paper presents a situation-aware authenticated video broadcasting scheme in the railway network which consists of train, on-board sensor, trackside GSM-R (Global System for Mobile Communications-Railway) device, WiFi AP (Access Point), and train control center. Specifically, the scheme has four modules: (1) a train uses its on-board sensors to obtain its speed, location, and RSSI …
Survey Of Randomization Defenses On Cloud Computing, Jianming Fu, Yan Lin, Xiuwen Liu, Xu Zhang
Survey Of Randomization Defenses On Cloud Computing, Jianming Fu, Yan Lin, Xiuwen Liu, Xu Zhang
Research Collection School Of Computing and Information Systems
Cloud computing has changed the processing mode on resources of individuals and industries by providing computing and storage services to users. However, existing defenses on cloud, such as virtual machine monitoring and integrity detection, cannot counter against attacks result from the homogeneity and vulnerability of services effectively. In this paper, we have investigated the threats on cloud computing platform from the perspective of cloud service, service interface and network interface, such as code reuse attack, side channel attack and SQL injection. Code reuse attack chains code snippets (gadgets) located in binaries to bypass Data Execution Prevention (DEP). Side channel attack …
On Return Oriented Programming Threats In Android Runtime, Akshaya Venkateswara Raja, Jehyun Lee, Debin Gao
On Return Oriented Programming Threats In Android Runtime, Akshaya Venkateswara Raja, Jehyun Lee, Debin Gao
Research Collection School Of Computing and Information Systems
Android has taken a large share of operating systems forsmart devices including smartphones, and has been an attractive target to theattackers. The arms race between attackers and defenders typically occurs ontwo front lines — the latest attacking technology and the latest updates to theoperating system (including defense mechanisms deployed). In terms of attackingtechnology, Return-Oriented Programming (ROP) is one of the most sophisticatedattack methods on Android devices. In terms of the operating system updates,Android Runtime (ART) was the latest and biggest change to the Android family.In this paper, we investigate the extent to which Android Runtime (ART) makesReturn-Oriented Programming (ROP) attacks …
Edit Distance Based Encryption And Its Application, Tran Viet Xuan Phuong, Guomin Yang, Willy Susilo, Kaitai Liang
Edit Distance Based Encryption And Its Application, Tran Viet Xuan Phuong, Guomin Yang, Willy Susilo, Kaitai Liang
Research Collection School Of Computing and Information Systems
Edit distance, also known as Levenshtein distance, is a very useful tool to measure the similarity between two strings. It has been widely used in many applications such as natural language processing and bioinformatics. In this paper, we introduce a new type of fuzzy public key encryption called Edit Distance-based Encryption (EDE). In EDE, the encryptor can specify an alphabet string and a threshold when encrypting a message, and a decryptor can obtain a decryption key generated from another alphabet string, and the decryption will be successful if and only if the edit distance between the two strings is within …
A Robust Smart Card-Based Anonymous User Authentication Protocol For Wireless Communications, Fengton Wen, Willy Susilo, Guomin Yang
A Robust Smart Card-Based Anonymous User Authentication Protocol For Wireless Communications, Fengton Wen, Willy Susilo, Guomin Yang
Research Collection School Of Computing and Information Systems
Anonymous user authentication is an important but challenging task for wireless communications. In a recent paper, Das proposed a smart cardï based anonymous user authentication protocol for wireless communications. The scheme can protect user privacy and is believed to be secure against a range of network attacks even if the secret information stored in the smart card is compromised. In this paper, we reanalyze the security of Das' scheme, and show that the scheme is in fact insecure against impersonation attacks. We then propose a new smart cardï based anonymous user authentication protocol for wireless communications. Compared with the existing …
A Secure And Effective Anonymous User Authentication Scheme For Roaming Service In Global Mobility Networks, Fengtong Wen, Willy Susilo, Guomin Yang
A Secure And Effective Anonymous User Authentication Scheme For Roaming Service In Global Mobility Networks, Fengtong Wen, Willy Susilo, Guomin Yang
Research Collection School Of Computing and Information Systems
In global mobility networks, anonymous user authentication is an essential task for enabling roaming service. In a recent paper, Jiang et al. proposed a smart card based anonymous user authentication scheme for roaming service in global mobility networks. This scheme can protect user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Jiang et al.’s scheme, and show that the scheme is in fact insecure against the stolen-verifier attack and replay attack. Then, we …
(Strong) Multidesignated Verifiers Signatures Secure Against Rogue Key Attack, Yunmei Zhang, Man Ho Au, Guomin Yang, Willy Susilo
(Strong) Multidesignated Verifiers Signatures Secure Against Rogue Key Attack, Yunmei Zhang, Man Ho Au, Guomin Yang, Willy Susilo
Research Collection School Of Computing and Information Systems
Designated verifier signatures (DVS) allow a signer to create a signature whose validity can only be verified by a specific entity chosen by the signer. In addition, the chosen entity, known as the designated verifier, cannot convince any body that the signature is created by the signer. Multi-designated verifiers signatures (MDVS) are a natural extension of DVS in which the signer can choose multiple designated verifiers. DVS and MDVS are useful primitives in electronic voting and contract signing. In this paper, we investigate various aspects of MDVS and make two contributions. Firstly, we revisit the notion of unforgeability under rogue …
Defeating Sql Injection, Lwin Khin Shar, Hee Beng Kuan Tan
Defeating Sql Injection, Lwin Khin Shar, Hee Beng Kuan Tan
Research Collection School Of Computing and Information Systems
The best strategy for combating SQL injection, which has emerged as the most widespread website security risk, calls for integrating defensive coding practices with both vulnerability detection and runtime attack prevention methods.
Traceable And Retrievable Identity-Based Encryption, Man Ho Au, Qiong Huang, Joseph K. Liu, Willy Susilo, Duncan S. Wong, Guomin Yang
Traceable And Retrievable Identity-Based Encryption, Man Ho Au, Qiong Huang, Joseph K. Liu, Willy Susilo, Duncan S. Wong, Guomin Yang
Research Collection School Of Computing and Information Systems
Very recently, the concept of Traceable Identity-based Encryption (IBE) scheme (or Accountable Authority Identity based Encryption scheme) was introduced in Crypto 2007. This concept enables some mechanisms to reduce the trust of a private key generator (PKG) in an IBE system. The aim of this paper is threefold. First, we discuss some subtleties in the first traceable IBE scheme in the Crypto 2007 paper. Second, we present an extension to this work by having the PKG’s master secret key retrieved automatically if more than one user secret key are released. This way, the user can produce a concrete proof of …
Anonymous And Authenticated Key Exchange For Roaming Networks, Guomin Yang, Duncan S. Wong, Xiaotie Deng
Anonymous And Authenticated Key Exchange For Roaming Networks, Guomin Yang, Duncan S. Wong, Xiaotie Deng
Research Collection School Of Computing and Information Systems
User privacy is a notable security issue in wireless communications. It concerns about user identities from being exposed and user movements and whereabouts from being tracked. The concern of user privacy is particularly signified in systems which support roaming when users are able to hop across networks administered by different operators. In this paper, we propose a novel construction approach of anonymous and authenticated key exchange protocols for a roaming user and a visiting server to establish a random session key in such a way that the visiting server authenticates the user's home server without knowing exactly who the user …
Anonymous Dos-Resistant Access Control Protocol Using Passwords For Wireless Networks, Zhiguo Wan, Robert H. Deng, Feng Bao, Akkihebbal L. Ananda
Anonymous Dos-Resistant Access Control Protocol Using Passwords For Wireless Networks, Zhiguo Wan, Robert H. Deng, Feng Bao, Akkihebbal L. Ananda
Research Collection School Of Computing and Information Systems
Wireless networks have gained overwhelming popularity over their wired counterpart due to their great flexibility and convenience, but access control of wireless networks has been a serious problem because of the open medium. Passwords remain the most popular way for access control as well as authentication and key exchange. But existing password-based access control protocols are not satisfactory in that they do not provide DoS-resistance or anonymity. In this paper we analyze the weaknesses of an access control protocol using passwords for wireless networks in IEEE LCN 2001, and propose a different access control protocol using passwords for wireless networks. …
Security Analysis And Improvement Of Return Routability Protocol, Ying Qiu, Jianying Zhou, Robert H. Deng
Security Analysis And Improvement Of Return Routability Protocol, Ying Qiu, Jianying Zhou, Robert H. Deng
Research Collection School Of Computing and Information Systems
Mobile communication plays a more and more important role in computer networks. How to authenticate a new connecting address belonging to a said mobile node is one of the key issues in mobile networks. This paper analyzes the Return Routability (RR) protocol and proposes an improved security solution for the RR protocol without changing its architecture. With the improvement, three types of redirect attacks can be prevented.