Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Attribute-Based Encryption (2)
- Authentication (2)
- Human factors (2)
- Privacy (2)
- Access control (1)
-
- Android (1)
- Android security (1)
- Anomaly detection (1)
- Application plagiarism (1)
- Association rule mining (1)
- Attribute-based signature (1)
- Auditing (1)
- Authorized Searchable Public-Key Encryption (1)
- Bias (1)
- Bug Localization (1)
- Bugzilla (1)
- Camouflaged applications (1)
- Chosen ciphertext security (1)
- Ciphertext policy (1)
- Client-to-client (1)
- Cloning (1)
- Cloud storage (1)
- Clouds (1)
- Code obfuscation (1)
- Concolic testing (1)
- Constant-Size Ciphertexts (1)
- Constant-size ciphertext (1)
- Cross-domain (1)
- Cryptanalysis (1)
- Cryptographic controls (1)
Articles 1 - 30 of 34
Full-Text Articles in Physical Sciences and Mathematics
Detecting Camouflaged Applications On Mobile Application Markets, Mon Kywe Su, Yingjiu Li, Huijie Robert Deng, Jason Hong
Detecting Camouflaged Applications On Mobile Application Markets, Mon Kywe Su, Yingjiu Li, Huijie Robert Deng, Jason Hong
Research Collection School Of Computing and Information Systems
Application plagiarism or application cloning is an emerging threat in mobile application markets. It reduces profits of original developers and sometimes even harms the security and privacy of users. In this paper, we introduce a new concept, called camouflaged applications, where external features of mobile applications, such as icons, screenshots, application names or descriptions, are copied. We then propose a scalable detection framework, which can find these suspiciously similar camouflaged applications. To accomplish this, we apply text-based retrieval methods and content-based image retrieval methods in our framework. Our framework is implemented and tested with 30,625 Android applications from the official …
Android Or Ios For Better Privacy Protection?, Jin Han, Qiang Yan, Debin Gao, Jianying Zhou, Huijie Robert Deng
Android Or Ios For Better Privacy Protection?, Jin Han, Qiang Yan, Debin Gao, Jianying Zhou, Huijie Robert Deng
Research Collection School Of Computing and Information Systems
With the rapid growth of the mobile market, security of mobile platforms is receiving increasing attention from both research community as well as the public. In this paper, we make the first attempt to establish a baseline for security comparison between the two most popular mobile platforms. We investigate applications that run on both Android and iOS and examine the difference in the usage of their security sensitive APIs (SS-APIs). Our analysis over 2,600 applications shows that iOS applications consistently access more SS-APIs than their counterparts on Android. The additional privileges gained on iOS are often associated with accessing private …
Web Application Vulnerability Prediction Using Hybrid Program Analysis And Machine Learning, Lwin Khin Shar, Lionel Briand, Hee Beng Kuan Tan
Web Application Vulnerability Prediction Using Hybrid Program Analysis And Machine Learning, Lwin Khin Shar, Lionel Briand, Hee Beng Kuan Tan
Research Collection School Of Computing and Information Systems
Due to limited time and resources, web software engineers need support in identifying vulnerable code. A practical approach to predicting vulnerable code would enable them to prioritize security auditing efforts. In this paper, we propose using a set of hybrid (staticþdynamic) code attributes that characterize input validation and input sanitization code patterns and are expected to be significant indicators of web application vulnerabilities. Because static and dynamic program analyses complement each other, both techniques are used to extract the proposed attributes in an accurate and scalable way. Current vulnerability prediction techniques rely on the availability of data labeled with vulnerability …
Semantics-Aware Android Malware Classification Using Weighted Contextual Api Dependency Graphs, Mu Zhang, Yue Duan, Heng Yin, Zhiruo Zhao
Semantics-Aware Android Malware Classification Using Weighted Contextual Api Dependency Graphs, Mu Zhang, Yue Duan, Heng Yin, Zhiruo Zhao
Research Collection School Of Computing and Information Systems
The drastic increase of Android malware has led to a strong interest in developing methods to automate the malware analysis process. Existing automated Android malware detection and classification methods fall into two general categories: 1) signature-based and 2) machine learning-based. Signature-based approaches can be easily evaded by bytecode-level transformation attacks. Prior learning-based works extract features from application syntax, rather than program semantics, and are also subject to evasion. In this paper, we propose a novel semantic-based approach that classifies Android malware via dependency graphs. To battle transformation attacks, we extract a weighted contextual API dependency graph as program semantics to …
Stopwatch: A Cloud Architecture For Timing Channel Mitigation, Peng Li, Debin Gao, Michael K Reiter
Stopwatch: A Cloud Architecture For Timing Channel Mitigation, Peng Li, Debin Gao, Michael K Reiter
Research Collection School Of Computing and Information Systems
This article presents StopWatch, a system that defends against timing-based side-channel attacks that arise from coresidency of victims and attackers in infrastructure-as-a-service clouds. StopWatch triplicates each cloud-resident guest virtual machine (VM) and places replicas so that the three replicas of a guest VM are coresident with nonoverlapping sets of (replicas of) other VMs. StopWatch uses the timing of I/O events at a VM’s replicas collectively to determine the timings observed by each one or by an external observer, so that observable timing behaviors are similarly likely in the absence of any other individual, coresident VMs. We detail the design and …
Attribute-Based Signing Right Delegation, Weiwei Liu, Yi Mu, Guomin Yang
Attribute-Based Signing Right Delegation, Weiwei Liu, Yi Mu, Guomin Yang
Research Collection School Of Computing and Information Systems
Attribute-based signature and proxy signature are both very useful in many real-world applications. In this paper, we combine the special features of both signatures and propose an attribute-based proxy signature scheme, where the original signer, who possesses a set of attributes, can delegate his/her signing right to a designated proxy signer. By verifying the signature, a verifier can be convinced that the signature is generated by the proxy signer who has obtained the delegation from a legitimate signer whose attributes satisfy a predicate. However, the verifier cannot tell from the signature who is the original signer. We provide the formal …
Analyzing The Dangers Posed By Chrome Extensions, Lujo Bauer, Shaoying Cai, Limin Jia, Timothy Passaro, Yuan Tian
Analyzing The Dangers Posed By Chrome Extensions, Lujo Bauer, Shaoying Cai, Limin Jia, Timothy Passaro, Yuan Tian
Research Collection School Of Computing and Information Systems
A common characteristic of modern web browsers is that their functionality can be extended via third-party addons. In this paper we focus on Chrome extensions, to which the Chrome browser exports a rich API: extensions can potentially make network requests, access the local file system, get low-level information about running processes, etc. To guard against misuse, Chrome uses a permission system to curtail an extension's privileges. We demonstrate a series of attacks by which extensions can steal data, track user behavior, and collude to elevate their privileges. Although some attacks have previously been reported, we show that subtler versions can …
Verifiable Computation On Outsourced Encrypted Data, Junzuo Lai, Robert H. Deng, Hwee Hwa Pang, Jian Weng
Verifiable Computation On Outsourced Encrypted Data, Junzuo Lai, Robert H. Deng, Hwee Hwa Pang, Jian Weng
Research Collection School Of Computing and Information Systems
On one hand, homomorphic encryption allows a cloud server to perform computation on outsourced encrypted data but provides no verifiability that the computation is correct. On the other hand, homomorphic authenticator, such as homomorphic signature with public verifiability and homomorphic MAC with private verifiability, guarantees authenticity of computation over outsourced data but does not provide data confidentiality. Since cloud servers are usually operated by third-party providers which are almost certain to be outside the trust domain of cloud users, neither homomorphic encryption nor homomorphic authenticator suffices for verifiable computation on outsourced encrypted data in the cloud. In this paper, we …
Efficient Hidden Vector Encryption With Constant-Size Ciphertext, Tran Viet Xuan Phuong, Guomin Yang, Willy Susilo
Efficient Hidden Vector Encryption With Constant-Size Ciphertext, Tran Viet Xuan Phuong, Guomin Yang, Willy Susilo
Research Collection School Of Computing and Information Systems
A Hidden Vector Encryption (HVE) scheme is a special type of anonymous identity-based encryption (IBE) scheme where the attribute string associated with the ciphertext or the user secret key can contain wildcards. In this paper, we introduce two constant-size ciphertext-policy hidden vector encryption (CP-HVE) schemes. Our first scheme is constructed on composite order bilinear groups, while the second one is built on prime order bilinear groups. Both schemes are proven secure in a selective security model which captures plaintext (or payload) and attribute hiding. To the best of our knowledge, our schemes are the first HVE constructions that can achieve …
Privatedroid: Private Browsing Mode For Android, Su Mon Kywe, Christopher Landis, Yutong Pei, Justin Satterfield, Yuan Tian, Patrick Tague
Privatedroid: Private Browsing Mode For Android, Su Mon Kywe, Christopher Landis, Yutong Pei, Justin Satterfield, Yuan Tian, Patrick Tague
Research Collection School Of Computing and Information Systems
Private browsing mode is a privacy feature adopted by many modern computer browsers. With the increased use of mobile devices and escalating privacy concerns for mobile users, browser applications on mobile devices have also started incorporating private browsing mode. Even so, the use of private browsing mode is limited to the browser applications and cannot be applied directly on other third-party mobile applications. In this paper, we propose PrivateDroid, which provides a private browsing mode for third-party applications on the Android platform. First, we discuss three possible approaches of implementing mobile private browsing mode: code instrumentation, an extra sandbox, and …
Dupfinder: Integrated Tool Support For Duplicate Bug Report Detection, Ferdian Thung, Pavneet Singh Kochhar, David Lo
Dupfinder: Integrated Tool Support For Duplicate Bug Report Detection, Ferdian Thung, Pavneet Singh Kochhar, David Lo
Research Collection School Of Computing and Information Systems
To track bugs that appear in a software, developers often make use of a bug tracking system. Users can report bugs that they encounter in such a system. Bug reporting is inherently an uncoordinated distributed process though and thus when a user submits a new bug report, there might be cases when another bug report describing exactly the same problem is already present in the system. Such bug reports are duplicate of each other and these duplicate bug reports need to be identified. A number of past studies have proposed a number of automated approaches to detect duplicate bug reports. …
Potential Biases In Bug Localization: Do They Matter?, Pavneet Singh Kochhar, Yuan Tian, David Lo
Potential Biases In Bug Localization: Do They Matter?, Pavneet Singh Kochhar, Yuan Tian, David Lo
Research Collection School Of Computing and Information Systems
Issue tracking systems are valuable resources during software maintenance activities and contain information about the issues faced during the development of a project as well as after its release. Many projects receive many reports of bugs and it is challenging for developers to manually debug and fix them. To mitigate this problem, past studies have proposed information retrieval (IR)-based bug localization techniques, which takes as input a textual description of a bug stored in an issue tracking system, and returns a list of potentially buggy source code files. These studies often evaluate their effectiveness on issue reports marked as bugs …
Uncovering Embarrassing Moments In In-Situ Exposure Of Incoming Mobile Messages, Chulhong Min, Saumay Pushp, Seungchul Lee, Inseok Hwang, Youngki Lee, Seungwoo Kang, Junehwa Song
Uncovering Embarrassing Moments In In-Situ Exposure Of Incoming Mobile Messages, Chulhong Min, Saumay Pushp, Seungchul Lee, Inseok Hwang, Youngki Lee, Seungwoo Kang, Junehwa Song
Research Collection School Of Computing and Information Systems
Mobile instant messengers serve as major interaction media for everyday chats. Contrary to the belief that a message is seen only by a designated receiver, it can be accidentally exposed to someone nearby and could result in embarrassing moments, for example, when the receiver is viewing pictures together with his friend upon the message arrival. To understand the significance of the problem and core factors that cause such embarrassments, we collected 961 in-situ responses from 14 participants upon the actual message arrival and analyzed them from the perspective of the receiver's situation. The results showed that 29% of message arrivals …
Authorized Keyword Search On Encrypted Data, Jie Shi, Junzuo Lai, Yingjiu Li, Huijie Robert Deng, Jian Weng
Authorized Keyword Search On Encrypted Data, Jie Shi, Junzuo Lai, Yingjiu Li, Huijie Robert Deng, Jian Weng
Research Collection School Of Computing and Information Systems
Cloud computing has drawn much attention from research and industry in recent years. Plenty of enterprises and individuals are outsourcing their data to cloud servers. As those data may contain sensitive information, it should be encrypted before outsourced to cloud servers. In order to ensure that only authorized users can search and further access the encrypted data, two important capabilities must be supported: keyword search and access control. Recently, rigorous efforts have been made on either keyword search or access control over encrypted data. However, to the best of our knowledge, there is no encryption scheme supporting both capabilities in …
Control Flow Obfuscation Using Neural Network To Fight Concolic Testing, Haoyu Ma, Xinjie Ma, Weijie Liu, Zhipeng Huang, Debin Gao, Chunfu Jia
Control Flow Obfuscation Using Neural Network To Fight Concolic Testing, Haoyu Ma, Xinjie Ma, Weijie Liu, Zhipeng Huang, Debin Gao, Chunfu Jia
Research Collection School Of Computing and Information Systems
Concolic testing is widely regarded as the state-of-the-art technique in dynamic discovering and analyzing trigger-based behavior in software programs. It uses symbolic execution and an automatic theorem prover to generate new concrete test cases to maximize code coverage for scenarios like software verification and malware analysis. While malicious developers usually try their best to hide malicious executions, there are also circumstances in which legitimate reasons are presented for a program to conceal trigger-based conditions and the corresponding behavior, which leads to the demand of control flow obfuscation techniques. We propose a novel control flow obfuscation design based on the incomprehensibility …
Permission Based Android Security: Issues And Countermeasures, Zheran Fang, Weili Han, Yingjiu Li
Permission Based Android Security: Issues And Countermeasures, Zheran Fang, Weili Han, Yingjiu Li
Research Collection School Of Computing and Information Systems
Android security has been a hot spot recently in both academic research and public concerns due to numerous instances of security attacks and privacy leakage on Android platform. Android security has been built upon a permission based mechanism which restricts accesses of third-party Android applications to critical resources on an Android device. Such permission based mechanism is widely criticized for its coarse-grained control of application permissions and difficult management of permissions by developers, marketers, and end-users. In this paper, we investigate the arising issues in Android security, including coarse granularity of permissions, incompetent permission administration, insufficient permission documentation, over-claim of …
Fully Secure Key-Policy Attribute-Based Encryption With Constant-Size Ciphertexts And Fast Decryption, Junzuo Lai, Robert H. Deng, Yingjiu Li, Jian Weng
Fully Secure Key-Policy Attribute-Based Encryption With Constant-Size Ciphertexts And Fast Decryption, Junzuo Lai, Robert H. Deng, Yingjiu Li, Jian Weng
Research Collection School Of Computing and Information Systems
Attribute-based encryption (ABE), introduced by Sahai and Waters, is a promising cryptographic primitive, which has been widely applied to implement fine-grained access control system for encrypted data. In its key-policy flavor, attribute sets are used to annotate ciphertexts and secret keys are associated with access structures that specify which ciphertexts a user is entitled to decrypt. In most existing key-policy attribute-based encryption (KP-ABE) constructions, the size of the ciphertext is proportional to the number of attributes associated with it and the decryption cost is proportional to the number of attributes used during decryption. In this paper, we present a new …
Identity-Based Encryption Secure Against Selective Opening Chosen-Ciphertext Attack, Junzuo Lai, Robert H. Deng, Shengli Liu, Jian Weng, Yunlei Zhao
Identity-Based Encryption Secure Against Selective Opening Chosen-Ciphertext Attack, Junzuo Lai, Robert H. Deng, Shengli Liu, Jian Weng, Yunlei Zhao
Research Collection School Of Computing and Information Systems
Security against selective opening attack (SOA) requires that in a multi-user setting, even if an adversary has access to all ciphertexts from users, and adaptively corrupts some fraction of the users by exposing not only their messages but also the random coins, the remaining unopened messages retain their privacy. Recently, Bellare, Waters and Yilek considered SOA-security in the identity-based setting, and presented the first identity-based encryption (IBE) schemes that are proven secure against selective opening chosen plaintext attack (SO-CPA). However, how to achieve SO-CCA security for IBE is still open. In this paper, we introduce a new primitive called extractable …
Physio@Home: Design Explorations To Support Movement Guidance, Richard Tang, Hesam Alizadeh, Anthony Tang, Scott Bateman, Joaquim A.P. Jorge
Physio@Home: Design Explorations To Support Movement Guidance, Richard Tang, Hesam Alizadeh, Anthony Tang, Scott Bateman, Joaquim A.P. Jorge
Research Collection School Of Computing and Information Systems
Patients typically undergo physiotherapy with the help of a physiotherapist who teaches, guides, and corrects the patients as they perform exercises. It would be nice if people could repeat these exercises at home, potentially improving their recovery rate. However, without guidance and/or corrective feedback from a physiotherapist, the patient will not know whether they are doing their exercises correctly. To address this problem, we implemented a prototype that guides patients through pre-recorded exercise movements using visual guides overlaid atop a mirror-view of the patient on a wall-mounted display. We conducted informal evaluations and pilot studies to assess our prototype and …
Technique For Authenticating H.264/Svc And Its Performance Evaluation Over Wireless Mobile Networks, Yifan Zhao, Swee Won Lo, Robert H. Deng, Xuhua Ding
Technique For Authenticating H.264/Svc And Its Performance Evaluation Over Wireless Mobile Networks, Yifan Zhao, Swee Won Lo, Robert H. Deng, Xuhua Ding
Research Collection School Of Computing and Information Systems
In this paper, a bit stream-based authentication scheme for H.264/Scalable Video Coding (SVC) is proposed. The proposed scheme seamlessly integrates cryptographic algorithms and Erasure Correction Codes (ECCs) to SVC video streams such that the authenti- cated streams are format compliant with the SVC specifications and preserve the three- dimensional scalability (i.e., spatial, quality and temporal) of the original streams. We implement our scheme on a smart phone and study its performance over a realistic bursty packet-lossy wireless mobile network. Our analysis and experimental results show that the scheme achieves very high verification rates with lower communication overhead and much smaller …
Towards Semantically Secure Outsourcing Of Association Rule Mining On Categorical Data, Junzuo Lai, Yingjiu Li, Robert H. Deng, Jian Weng, Chaowen Guan, Qiang Yan
Towards Semantically Secure Outsourcing Of Association Rule Mining On Categorical Data, Junzuo Lai, Yingjiu Li, Robert H. Deng, Jian Weng, Chaowen Guan, Qiang Yan
Research Collection School Of Computing and Information Systems
When outsourcing association rule mining to cloud, it is critical for data owners to protect both sensitive raw data and valuable mining results from being snooped at cloud servers. Previous solutions addressing this concern add random noise to the raw data and/or encrypt the raw data with a substitution mapping. However, these solutions do not provide semantic security; partial information about raw data or mining results can be potentially discovered by an adversary at cloud servers under a reasonable assumption that the adversary knows some plaintext–ciphertext pairs. In this paper, we propose the first semantically secure solution for outsourcing association …
Haptics In Remote Collaborative Exercise Systems For Seniors, Hesam Alizadeh, Richard Tang, Ehud Sharlin, Anthony Tang
Haptics In Remote Collaborative Exercise Systems For Seniors, Hesam Alizadeh, Richard Tang, Ehud Sharlin, Anthony Tang
Research Collection School Of Computing and Information Systems
Group exercise provides motivation to follow and maintain a healthy daily exercise schedule while enjoying beneficial encouragement and social support from friends and exercise partners. However, mobility and transportation issues frequently prevent seniors from engaging in group activities. To address this problem, we investigated the exercise needs of seniors and developed a prototype remote exercise system. Our system uses haptic feedback to simulate assistive pushing and pulling of limbs when exercising with a partner. We developed three distinct vibration metaphors -- constant push/pull, corrective feedback, and notification -- to convey engagement and connection between exercise partners. We conducted a preliminary …
A Hybrid Scheme For Authenticating Scalable Video Codestreams, Zhuo Wei, Yongdong Wu, Robert H. Deng, Xuhua Ding
A Hybrid Scheme For Authenticating Scalable Video Codestreams, Zhuo Wei, Yongdong Wu, Robert H. Deng, Xuhua Ding
Research Collection School Of Computing and Information Systems
A scalable video coding (SVC) codestream consists of one base layer and possibly several enhancement layers. The base layer, which contains the lowest quality and resolution images, is the foundation of the SVC codestream and must be delivered to recipients, whereas enhancement layers contain richer contour/texture of images in order to supplement the base layer in resolution, quality, and temporal scalabilities. This paper presents a novel hybrid authentication (HAU) scheme. The HAU employs both cryptographic authentication and content-based authentication techniques to ensure integrity and authenticity of the SVC codestreams. Our analysis and experimental results indicate that the HAU is able …
Keystroke Biometrics: The User Perspective, Chee Meng Tey, Payas Gupta, Kartik Muralidaran, Debin Gao
Keystroke Biometrics: The User Perspective, Chee Meng Tey, Payas Gupta, Kartik Muralidaran, Debin Gao
Research Collection School Of Computing and Information Systems
Usability is an important aspect of security, because poor usability motivates users to find shortcuts that bypass the system. Existing studies on keystroke biometrics evaluate the usability issue in terms of the average false rejection rate (FRR). We show in this paper that such an approach underestimates the user impact in two ways. First, the FRR of keystroke biometrics changes for the worse under a range of common conditions such as background music, exercise and even game playing. In a user study involving 111 participants, the average penalties (increases) in FRR are 0.0360 and 0.0498, respectively, for two different classifiers. …
Ropsteg: Program Steganography With Return Oriented Programming, Kangjie Lu, Siyang Xiong, Debin Gao
Ropsteg: Program Steganography With Return Oriented Programming, Kangjie Lu, Siyang Xiong, Debin Gao
Research Collection School Of Computing and Information Systems
Many software obfuscation techniques have been proposed to hide program instructions or logic and to make reverse engineering hard. In this paper, we introduce a new property in software obfuscation, namely program steganography, where certain instructions are "diffused" in others in such a way that they are non-existent until program execution. Program steganography does not raise suspicion in program analysis, and conforms to the W⊕X and mandatory code signing security mechanisms. We further implement RopSteg, a novel software obfuscation system, to provide (to a certain degree) program steganography using return-oriented programming. We apply RopSteg to eight Windows executables and evaluate …
Key-Aggregate Cryptosystem For Scalable Data Sharing In Cloud Storage, Cheng-Kang Chu, Sherman S. M. Chow, Wen-Guey Tzeng, Jiangying Zhou, Robert H. Deng
Key-Aggregate Cryptosystem For Scalable Data Sharing In Cloud Storage, Cheng-Kang Chu, Sherman S. M. Chow, Wen-Guey Tzeng, Jiangying Zhou, Robert H. Deng
Research Collection School Of Computing and Information Systems
Data sharing is an important functionality in cloud storage. In this article, we show how to securely, efficiently, and flexibly share data with others in cloud storage. We describe new public-key cryptosystems which produce constant-size ciphertexts such that efficient delegation of decryption rights for any set of ciphertexts are possible. The novelty is that one can aggregate any set of secret keys and make them as compact as a single key, but encompassing the power of all the keys being aggregated. In other words, the secret key holder can release a constant-size aggregate key for flexible choices of ciphertext set …
Ropecker: A Generic And Practical Approach For Defending Against Rop Attack, Yueqiang Cheng, Zongwei Zhou, Yu Miao, Xuhua Ding, Robert H. Deng
Ropecker: A Generic And Practical Approach For Defending Against Rop Attack, Yueqiang Cheng, Zongwei Zhou, Yu Miao, Xuhua Ding, Robert H. Deng
Research Collection School Of Computing and Information Systems
Return-Oriented Programming (ROP) is a sophisticated exploitation technique that is able to drive target applications to perform arbitrary unintended operations by constructing a gadget chain reusing existing small code sequences (gadgets). Existing defense mechanisms either only handle specific types of gadgets, require access to source code and/or a customized compiler, break the integrity of application binary, or suffer from high performance overhead. In this paper, we present a novel system, ROPecker, to efficiently and effectively defend against ROP attacks without relying on any other side information (e.g., source code and compiler support) or binary rewriting. ROPecker detects an ROP attack …
Identity Based Identification From Algebraic Coding Theory, Guomin Yang, Chik How Tan, Yi Mu, Willy Susilo, Duncan S. Wong
Identity Based Identification From Algebraic Coding Theory, Guomin Yang, Chik How Tan, Yi Mu, Willy Susilo, Duncan S. Wong
Research Collection School Of Computing and Information Systems
Cryptographic identification schemes allow a remote user to prove his/her identity to a verifier who holds some public information of the user, such as the user public key or identity. Most of the existing cryptographic identification schemes are based on numbertheoretic hard problems such as Discrete Log and Factorization. This paper focuses on the design and analysis of identity based identification (IBI) schemes based on algebraic coding theory. We first revisit an existing code-based IBI scheme which is derived by combining the Courtois–Finiasz–Sendrier signature scheme and the Stern zero-knowledge identification scheme. Previous results have shown that this IBI scheme is …
Detecting Click Fraud In Online Advertising: A Data Mining Approach, Richard Oentaryo, Ee Peng Lim, Michael Finegold, David Lo, Feida Zhu, Clifton Phua, Eng-Yeow Cheu, Ghim-Eng Yap, Kelvin Sim, Kasun Perera, Bijay Neupane, Mustafa Faisal, Zeyar Aung, Wei Lee Woon, Wei Chen, Dhaval Patel, Daniel Berrar
Detecting Click Fraud In Online Advertising: A Data Mining Approach, Richard Oentaryo, Ee Peng Lim, Michael Finegold, David Lo, Feida Zhu, Clifton Phua, Eng-Yeow Cheu, Ghim-Eng Yap, Kelvin Sim, Kasun Perera, Bijay Neupane, Mustafa Faisal, Zeyar Aung, Wei Lee Woon, Wei Chen, Dhaval Patel, Daniel Berrar
Research Collection School Of Computing and Information Systems
Click fraud - the deliberate clicking on advertisements with no real interest on the product or service offered - is one of the most daunting problems in online advertising. Building an elective fraud detection method is thus pivotal for online advertising businesses. We organized a Fraud Detection in Mobile Advertising (FDMA) 2012 Competition, opening the opportunity for participants to work on real-world fraud data from BuzzCity Pte. Ltd., a global mobile advertising company based in Singapore. In particular, the task is to identify fraudulent publishers who generate illegitimate clicks, and distinguish them from normal publishers. The competition was held from …
A Robust Smart Card-Based Anonymous User Authentication Protocol For Wireless Communications, Fengton Wen, Willy Susilo, Guomin Yang
A Robust Smart Card-Based Anonymous User Authentication Protocol For Wireless Communications, Fengton Wen, Willy Susilo, Guomin Yang
Research Collection School Of Computing and Information Systems
Anonymous user authentication is an important but challenging task for wireless communications. In a recent paper, Das proposed a smart cardï based anonymous user authentication protocol for wireless communications. The scheme can protect user privacy and is believed to be secure against a range of network attacks even if the secret information stored in the smart card is compromised. In this paper, we reanalyze the security of Das' scheme, and show that the scheme is in fact insecure against impersonation attacks. We then propose a new smart cardï based anonymous user authentication protocol for wireless communications. Compared with the existing …