Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Cloud computing (40)
- Access control (35)
- Privacy (35)
- Authentication (25)
- Privacy-preserving (24)
-
- Security (24)
- Searchable encryption (21)
- Blockchain (19)
- Encryption (19)
- Attribute-based encryption (18)
- Cloud storage (18)
- Anonymity (15)
- Data privacy (15)
- RFID (15)
- Revocation (14)
- Cryptography (13)
- Android (10)
- Homomorphic encryption (10)
- Keyword search (10)
- Machine learning (10)
- Digital signature (9)
- Protocols (9)
- Data outsourcing (8)
- Data sharing (8)
- Information security (8)
- Privacy protection (8)
- Proxy re-encryption (8)
- Servers (8)
- Verifiability (8)
- Virtualization (8)
- Publication Year
Articles 1 - 30 of 843
Full-Text Articles in Physical Sciences and Mathematics
Cmd: Co-Analyzed Iot Malware Detection And Forensics Via Network And Hardware Domains, Ziming Zhao, Zhaoxuan Li, Jiongchi Yu, Fan Zhang, Xiaofei Xie, Haitao Xu, Binbin Chen
Cmd: Co-Analyzed Iot Malware Detection And Forensics Via Network And Hardware Domains, Ziming Zhao, Zhaoxuan Li, Jiongchi Yu, Fan Zhang, Xiaofei Xie, Haitao Xu, Binbin Chen
Research Collection School Of Computing and Information Systems
With the widespread use of Internet of Things (IoT) devices, malware detection has become a hot spot for both academic and industrial communities. Existing approaches can be roughly categorized into network-side and host-side. However, existing network-side methods are difficult to capture contextual semantics from cross-source traffic, and previous host-side methods could be adversary-perceived and expose risks for tampering. More importantly, a single perspective cannot comprehensively track the multi-stage lifecycle of IoT malware. In this paper, we present CMD, a co-analyzed IoT malware detection and forensics system by combining hardware and network domains. For the network part, CMD proposes a tailored …
Flgan: Gan-Based Unbiased Federated Learning Under Non-Iid Settings, Zhuoran Ma, Yang Liu, Yinbin Miao, Guowen Xu, Ximeng Liu, Jianfeng Ma, Robert H. Deng
Flgan: Gan-Based Unbiased Federated Learning Under Non-Iid Settings, Zhuoran Ma, Yang Liu, Yinbin Miao, Guowen Xu, Ximeng Liu, Jianfeng Ma, Robert H. Deng
Research Collection School Of Computing and Information Systems
Federated Learning (FL) suffers from low convergence and significant accuracy loss due to local biases caused by non-Independent and Identically Distributed (non-IID) data. To enhance the non-IID FL performance, a straightforward idea is to leverage the Generative Adversarial Network (GAN) to mitigate local biases using synthesized samples. Unfortunately, existing GAN-based solutions have inherent limitations, which do not support non-IID data and even compromise user privacy. To tackle the above issues, we propose a GAN-based unbiased FL scheme, called FlGan, to mitigate local biases using synthesized samples generated by GAN while preserving user-level privacy in the FL setting. Specifically, FlGan first …
Harnessing The Advances Of Meda To Optimize Multi-Puf For Enhancing Ip Security Of Biochips, Chen Dong, Xiaodong Guo, Sihuang Lian, Yinan Yao, Zhenyi Chen, Yang Yang, Zhanghui Liu
Harnessing The Advances Of Meda To Optimize Multi-Puf For Enhancing Ip Security Of Biochips, Chen Dong, Xiaodong Guo, Sihuang Lian, Yinan Yao, Zhenyi Chen, Yang Yang, Zhanghui Liu
Research Collection School Of Computing and Information Systems
Digital microfluidic biochips (DMFBs) have a significant stride in the applications of medicine and the biochemistry in recent years. DMFBs based on micro-electrode-dot-array (MEDA) architecture, as the next-generation DMFBs, aim to overcome drawbacks of conventional DMFBs, such as droplet size restriction, low accuracy, and poor sensing ability. Since the potential market value of MEDA biochips is vast, it is of paramount importance to explore approaches to protect the intellectual property (IP) of MEDA biochips during the development process. In this paper, an IP authentication strategy based on the multi-PUF applied to MEDA biochips is presented, called bioMPUF, consisting of Delay …
Stopguess: A Framework For Public-Key Authenticated Encryption With Keyword Search, Tao Xiang, Zhongming Wang, Biwen Chen, Xiaoguo Li, Peng Wang, Fei Chen
Stopguess: A Framework For Public-Key Authenticated Encryption With Keyword Search, Tao Xiang, Zhongming Wang, Biwen Chen, Xiaoguo Li, Peng Wang, Fei Chen
Research Collection School Of Computing and Information Systems
Public key encryption with keyword search (PEKS) allows users to search on encrypted data without leaking the keyword information from the ciphertexts. But it does not preserve keyword privacy within the trapdoors, because an adversary (e.g., untrusted server) might launch inside keyword-guessing attacks (IKGA) to guess keywords from the trapdoors. In recent years, public key authenticated encryption with keyword search (PAEKS) has become a promising primitive to counter the IKGA. However, existing PAEKS schemes focus on the concrete construction of PAEKS, making them unable to support modular construction, intuitive proof, or flexible extension. In this paper, our proposal called “StopGuess” …
Sigmadiff: Semantics-Aware Deep Graph Matching For Pseudocode Diffing, Lian Gao, Yu Qu, Sheng Yu, Yue Duan, Heng Yin
Sigmadiff: Semantics-Aware Deep Graph Matching For Pseudocode Diffing, Lian Gao, Yu Qu, Sheng Yu, Yue Duan, Heng Yin
Research Collection School Of Computing and Information Systems
Pseudocode diffing precisely locates similar parts and captures differences between the decompiled pseudocode of two given binaries. It is particularly useful in many security scenarios such as code plagiarism detection, lineage analysis, patch, vulnerability analysis, etc. However, existing pseudocode diffing and binary diffing tools suffer from low accuracy and poor scalability, since they either rely on manually-designed heuristics (e.g., Diaphora) or heavy computations like matrix factorization (e.g., DeepBinDiff). To address the limitations, in this paper, we propose a semantics-aware, deep neural network-based model called SIGMADIFF. SIGMADIFF first constructs IR (Intermediate Representation) level interprocedural program dependency graphs (IPDGs). Then it uses …
When Evolutionary Computation Meets Privacy, Bowen Zhao, Wei-Neng Chen, Xiaoguo Li, Ximeng Liu, Qingqi Pei, Jun Zhang
When Evolutionary Computation Meets Privacy, Bowen Zhao, Wei-Neng Chen, Xiaoguo Li, Ximeng Liu, Qingqi Pei, Jun Zhang
Research Collection School Of Computing and Information Systems
Recently, evolutionary computation (EC) has experienced significant advancements due to the integration of machine learning, distributed computing, and big data technologies. These developments have led to new research avenues in EC, such as distributed EC and surrogate-assisted EC. While these advancements have greatly enhanced the performance and applicability of EC, they have also raised concerns regarding privacy leakages, specifically the disclosure of optimal results and surrogate models. Consequently, the combination of evolutionary computation and privacy protection becomes an increasing necessity. However, a comprehensive exploration of privacy concerns in evolutionary computation is currently lacking, particularly in terms of identifying the object, …
Predicting Viral Rumors And Vulnerable Users With Graph-Based Neural Multi-Task Learning For Infodemic Surveillance, Xuan Zhang, Wei Gao
Predicting Viral Rumors And Vulnerable Users With Graph-Based Neural Multi-Task Learning For Infodemic Surveillance, Xuan Zhang, Wei Gao
Research Collection School Of Computing and Information Systems
In the age of the infodemic, it is crucial to have tools for effectively monitoring the spread of rampant rumors that can quickly go viral, as well as identifying vulnerable users who may be more susceptible to spreading such misinformation. This proactive approach allows for timely preventive measures to be taken, mitigating the negative impact of false information on society. We propose a novel approach to predict viral rumors and vulnerable users using a unified graph neural network model. We pre-train network-based user embeddings and leverage a cross-attention mechanism between users and posts, together with a community-enhanced vulnerability propagation (CVP) …
Attribute-Hiding Fuzzy Encryption For Privacy-Preserving Data Evaluation, Zhenhua Chen, Luqi Huang, Guomin Yang, Willy Susilo, Xingbing Fu, Xingxing Jia
Attribute-Hiding Fuzzy Encryption For Privacy-Preserving Data Evaluation, Zhenhua Chen, Luqi Huang, Guomin Yang, Willy Susilo, Xingbing Fu, Xingxing Jia
Research Collection School Of Computing and Information Systems
Privacy-preserving data evaluation is one of the prominent research topics in the big data era. In many data evaluation applications that involve sensitive information, such as the medical records of patients in a medical system, protecting data privacy during the data evaluation process has become an essential requirement. Aiming at solving this problem, numerous fuzzy encryption systems for different similarity metrics have been proposed in literature. Unfortunately, the existing fuzzy encryption systems either fail to achieve attribute-hiding or achieve it, but are impractical. In this paper, we propose a new fuzzy encryption scheme for privacy-preserving data evaluation based on overlap …
Efficient Privacy-Preserving Spatial Data Query In Cloud Computing, Yinbin Miao, Yutao Yang, Xinghua Li, Linfeng Wei, Zhiquan Liu, Robert H. Deng
Efficient Privacy-Preserving Spatial Data Query In Cloud Computing, Yinbin Miao, Yutao Yang, Xinghua Li, Linfeng Wei, Zhiquan Liu, Robert H. Deng
Research Collection School Of Computing and Information Systems
With the rapid development of geographic location technology and the explosive growth of data, a large amount of spatial data is outsourced to the cloud server for reducing the local high storage and computing burdens, but at the same time causes security issues. Thus, extensive privacy-preserving spatial data query schemes have been proposed. Most of the existing schemes use Asymmetric Scalar-Product-Preserving Encryption (ASPE) to encrypt data, but ASPE has proven to be insecure against known plaintext attack. And the existing schemes require users to provide more information about query range and thus generate a large amount of ciphertexts, which causes …
Provably Secure Decisions Based On Potentially Malicious Information, Dongxia Wang, Tim Muller, Jun Sun
Provably Secure Decisions Based On Potentially Malicious Information, Dongxia Wang, Tim Muller, Jun Sun
Research Collection School Of Computing and Information Systems
There are various security-critical decisions routinely made, on the basis of information provided by peers: routing messages, user reports, sensor data, navigational information, blockchain updates, etc. Jury theorems were proposed in sociology to make decisions based on information from peers, which assume peers may be mistaken with some probability. We focus on attackers in a system, which manifest as peers that strategically report fake information to manipulate decision making. We define the property of robustness: a lower bound probability of deciding correctly, regardless of what information attackers provide. When peers are independently selected, we propose an optimal, robust decision mechanism …
Stealthy Backdoor Attack For Code Models, Zhou Yang, Bowen Xu, Jie M. Zhang, Hong Jin Kang, Jieke Shi, Junda He, David Lo
Stealthy Backdoor Attack For Code Models, Zhou Yang, Bowen Xu, Jie M. Zhang, Hong Jin Kang, Jieke Shi, Junda He, David Lo
Research Collection School Of Computing and Information Systems
Code models, such as CodeBERT and CodeT5, offer general-purpose representations of code and play a vital role in supporting downstream automated software engineering tasks. Most recently, code models were revealed to be vulnerable to backdoor attacks. A code model that is backdoor-attacked can behave normally on clean examples but will produce pre-defined malicious outputs on examples injected with that activate the backdoors. Existing backdoor attacks on code models use unstealthy and easy-to-detect triggers. This paper aims to investigate the vulnerability of code models with backdoor attacks. To this end, we propose A (dversarial eature as daptive Back). A achieves stealthiness …
Soci+: An Enhanced Toolkit For Secure Outsourced Computation On Integers, Bowen Zhao, Weiquan Deng, Xiaoguo Li, Ximeng Liu, Qingqi Pei, Robert H. Deng
Soci+: An Enhanced Toolkit For Secure Outsourced Computation On Integers, Bowen Zhao, Weiquan Deng, Xiaoguo Li, Ximeng Liu, Qingqi Pei, Robert H. Deng
Research Collection School Of Computing and Information Systems
Secure outsourced computation is critical for cloud computing to safeguard data confidentiality and ensure data usability. Recently, secure outsourced computation schemes following a twin-server architecture based on partially homomorphic cryptosystems have received increasing attention. The Secure Outsourced Computation on Integers (SOCI) [1] toolkit is the state-of-the-art among these schemes which can perform secure computation on integers without requiring the costly bootstrapping operation as in fully homomorphic encryption; however, SOCI suffers from relatively large computation and communication overhead. In this paper, we propose SOCI+ which significantly improves the performance of SOCI. Specifically, SOCI+ employs a novel (2,2)-threshold Paillier cryptosystem with fast …
Learning Program Semantics For Vulnerability Detection Via Vulnerability-Specific Inter-Procedural Slicing, Bozhi Wu, Shangqing Liu, Xiao Yang, Zhiming Li, Jun Sun, Shang-Wei Lin
Learning Program Semantics For Vulnerability Detection Via Vulnerability-Specific Inter-Procedural Slicing, Bozhi Wu, Shangqing Liu, Xiao Yang, Zhiming Li, Jun Sun, Shang-Wei Lin
Research Collection School Of Computing and Information Systems
Learning-based approaches that learn code representations for software vulnerability detection have been proven to produce inspiring results. However, they still fail to capture complete and precise vulnerability semantics for code representations. To address the limitations, in this work, we propose a learning-based approach namely SnapVuln, which first utilizes multiple vulnerability-specific inter-procedural slicing algorithms to capture vulnerability semantics of various types and then employs a Gated Graph Neural Network (GGNN) with an attention mechanism to learn vulnerability semantics. We compare SnapVuln with state-of-the-art learning-based approaches on two public datasets, and confirm that SnapVuln outperforms them. We further perform an ablation study …
From Asset Flow To Status, Action And Intention Discovery: Early Malice Detection In Cryptocurrency, Ling Cheng, Feida Zhu, Yong Wang, Ruicheng Liang, Huiwen Liu
From Asset Flow To Status, Action And Intention Discovery: Early Malice Detection In Cryptocurrency, Ling Cheng, Feida Zhu, Yong Wang, Ruicheng Liang, Huiwen Liu
Research Collection School Of Computing and Information Systems
Cryptocurrency has been subject to illicit activities probably more often than traditional financial assets due to the pseudo-anonymous nature of its transacting entities. An ideal detection model is expected to achieve all three critical properties of early detection, good interpretability, and versatility for various illicit activities. However, existing solutions cannot meet all these requirements, as most of them heavily rely on deep learning without interpretability and are only available for retrospective analysis of a specific illicit type. To tackle all these challenges, we propose Intention Monitor for early malice detection in Bitcoin, where the on-chain record data for a certain …
Mitigating Membership Inference Attacks Via Weighted Smoothing, Minghan Tan, Xiaofei Xie, Jun Sun, Tianhao Wang
Mitigating Membership Inference Attacks Via Weighted Smoothing, Minghan Tan, Xiaofei Xie, Jun Sun, Tianhao Wang
Research Collection School Of Computing and Information Systems
Recent advancements in deep learning have spotlighted a crucial privacy vulnerability to membership inference attack (MIA), where adversaries can determine if specific data was present in a training set, thus potentially revealing sensitive information. In this paper, we introduce a technique, weighted smoothing (WS), to mitigate MIA risks. Our approach is anchored on the observation that training samples differ in their vulnerability to MIA, primarily based on their distance to clusters of similar samples. The intuition is clusters will make model predictions more confident and increase MIA risks. Thus WS strategically introduces noise to training samples, depending on whether they …
Privacy-Preserving Bloom Filter-Based Keyword Search Over Large Encrypted Cloud Data, Yanrong Liang, Jianfeng Ma, Yinbin Miao, Da Kuang, Xiangdong Meng, Robert H. Deng
Privacy-Preserving Bloom Filter-Based Keyword Search Over Large Encrypted Cloud Data, Yanrong Liang, Jianfeng Ma, Yinbin Miao, Da Kuang, Xiangdong Meng, Robert H. Deng
Research Collection School Of Computing and Information Systems
To achieve the search over encrypted data in cloud server, Searchable Encryption (SE) has attracted extensive attention from both academic and industrial fields. The existing Bloom filter-based SE schemes can achieve similarity search, but will generally incur high false positive rates, and even leak the privacy of values in Bloom filters (BF). To solve the above problems, we first propose a basic Privacy-preserving Bloom filter-based Keyword Search scheme using the Circular Shift and Coalesce-Bloom Filter (CSC-BF) and Symmetric-key Hidden Vector Encryption (SHVE) technology (namely PBKS), which can achieve effective search while protecting the values in BFs. Then, we design a …
Krover: A Symbolic Execution Engine For Dynamic Kernel Analysis, Pansilu Madhura Bhashana Pitigalaarachchi Pitigala Arachchillage, Xuhua Ding, Haiqing Qiu, Haoxin Tu, Jiaqi Hong, Lingxiao Jiang
Krover: A Symbolic Execution Engine For Dynamic Kernel Analysis, Pansilu Madhura Bhashana Pitigalaarachchi Pitigala Arachchillage, Xuhua Ding, Haiqing Qiu, Haoxin Tu, Jiaqi Hong, Lingxiao Jiang
Research Collection School Of Computing and Information Systems
We present KRover, a novel kernel symbolic execution engine catered for dynamic kernel analysis such as vulnerability analysis and exploit generation. Different from existing symbolic execution engines, KRover operates directly upon a live kernel thread's virtual memory and weaves symbolic execution into the target's native executions. KRover is compact as it neither lifts the target binary to an intermediary representation nor uses QEMU or dynamic binary translation. Benchmarked against S2E, our performance experiments show that KRover is up to 50 times faster but with one tenth to one quarter of S2E memory cost. As shown in our four case studies, …
Privacy-Preserving Arbitrary Geometric Range Query In Mobile Internet Of Vehicles, Yinbin Miao, Lin Song, Xinghua Li, Hongwei Li, Kim-Kwang Raymond Choo, Robert H. Deng
Privacy-Preserving Arbitrary Geometric Range Query In Mobile Internet Of Vehicles, Yinbin Miao, Lin Song, Xinghua Li, Hongwei Li, Kim-Kwang Raymond Choo, Robert H. Deng
Research Collection School Of Computing and Information Systems
The mobile Internet of Vehicles (IoVs) has great potential for intelligent transportation, and creates spatial data query demands to realize the value of data. Outsourcing spatial data to a cloud server eliminates the need for local computation and storage, but it leads to data security and privacy threats caused by untrusted third-parties. Existing privacy-preserving spatial range query solutions based on Homomorphic Encryption (HE) have been developed to increase security. However, in the single server model, the private key is held by the query user, which incurs high computation and communication burdens on query users due to multiple rounds of interactions. …
Ppdf: A Privacy-Preserving Cloud-Based Data Distribution System With Filtering, Yudi Zhang, Willy Susilo, Fuchun Guo, Guomin Yang
Ppdf: A Privacy-Preserving Cloud-Based Data Distribution System With Filtering, Yudi Zhang, Willy Susilo, Fuchun Guo, Guomin Yang
Research Collection School Of Computing and Information Systems
Cloud computing has emerged as a popular choice for distributing data among both individuals and companies. Ciphertext-policy attribute-based encryption (CP-ABE) has been extensively used to provide data security and enable fine-grained access control. With this encryption technique, only users whose attributes satisfy the access policy can access the plaintext. In order to mitigate the computational overhead on users, particularly on lightweight devices, partial decryption has been introduced, where the cloud assists in performing the decryption computations without revealing sensitive information. However, in this process, the cloud obtains the user's attributes, thus infringing on the user's privacy. To address this issue, …
Visilience: An Interactive Visualization Framework For Resilience Analysis Using Control-Flow Graph, Hailong Jiang, Shaolun Ruan, Bo Fang, Yong Wang, Qiang Guan
Visilience: An Interactive Visualization Framework For Resilience Analysis Using Control-Flow Graph, Hailong Jiang, Shaolun Ruan, Bo Fang, Yong Wang, Qiang Guan
Research Collection School Of Computing and Information Systems
Soft errors have become one of the main concerns for the resilience of HPC applications, as these errors can cause HPC applications to generate serious outcomes such as silent data corruption (SDC). Many approaches have been proposed to analyze the resilience of HPC applications. However, existing studies rarely address the challenges of analysis result perception. Specifically, resilience analysis techniques often produce a massive volume of unstructured data, making it difficult for programmers to perform resilience analysis due to non-intuitive raw data. Furthermore, different analysis models produce diverse results with multiple levels of detail, which can create obstacles to compare and …
Configuring Timing Parameters To Ensure Execution-Time Opacity In Timed Automata, Étienne André, Engel Lefaucheux, Didier Lime, Dylan Marinho, Jun Sun
Configuring Timing Parameters To Ensure Execution-Time Opacity In Timed Automata, Étienne André, Engel Lefaucheux, Didier Lime, Dylan Marinho, Jun Sun
Research Collection School Of Computing and Information Systems
Timing information leakage occurs whenever an attacker successfully deduces confidential internal information by observing some timed information such as events with timestamps. Timed automata are an extension of finite-state automata with a set of clocks evolving linearly and that can be tested or reset, making this formalism able to reason on systems involving concurrency and timing constraints. In this paper, we summarize a recent line of works using timed automata as the input formalism, in which we assume that the attacker has access (only) to the system execution time. First, we address the following execution-time opacity problem: given a timed …
Decentralized Multimedia Data Sharing In Iov: A Learning-Based Equilibrium Of Supply And Demand, Jiani Fan, Minrui Xu, Jiale Guo, Lwin Khin Shar, Jiawen Kang, Dusit Niyato, Kwok-Yan Lam
Decentralized Multimedia Data Sharing In Iov: A Learning-Based Equilibrium Of Supply And Demand, Jiani Fan, Minrui Xu, Jiale Guo, Lwin Khin Shar, Jiawen Kang, Dusit Niyato, Kwok-Yan Lam
Research Collection School Of Computing and Information Systems
The Internet of Vehicles (IoV) has great potential to transform transportation systems by enhancing road safety, reducing traffic congestion, and improving user experience through onboard infotainment applications. Decentralized data sharing can improve security, privacy, reliability, and facilitate infotainment data sharing in IoVs. However, decentralized data sharing may not achieve the expected efficiency if there are IoV users who only want to consume the shared data but are not willing to contribute their own data to the community, resulting in incomplete information observed by other vehicles and infrastructure, which can introduce additional transmission latency. Therefore, in this paper, by modeling the …
Owner-Free Distributed Symmetric Searchable Encryption Supporting Conjunctive Queries, Qiuyun Tong, Xinghua Li, Yinbin Miao, Yunwei Wang, Ximeng Liu, Robert H. Deng
Owner-Free Distributed Symmetric Searchable Encryption Supporting Conjunctive Queries, Qiuyun Tong, Xinghua Li, Yinbin Miao, Yunwei Wang, Ximeng Liu, Robert H. Deng
Research Collection School Of Computing and Information Systems
Symmetric Searchable Encryption (SSE), as an ideal primitive, can ensure data privacy while supporting retrieval over encrypted data. However, existing multi-user SSE schemes require the data owner to share the secret key with all query users or always be online to generate search tokens. While there are some solutions to this problem, they have at least one weakness, such as non-supporting conjunctive query, result decryption assistance of the data owner, and unauthorized access. To solve the above issues, we propose an Owner-free Distributed Symmetric searchable encryption supporting Conjunctive query (ODiSC). Specifically, we first evaluate the Learning-Parity-with-Noise weak Pseudorandom Function (LPN-wPRF) …
Toward Intention Discovery For Early Malice Detection In Cryptocurrency, Ling Cheng, Feida Zhu, Yong Wang, Ruicheng Liang, Huiwen Liu
Toward Intention Discovery For Early Malice Detection In Cryptocurrency, Ling Cheng, Feida Zhu, Yong Wang, Ruicheng Liang, Huiwen Liu
Research Collection School Of Computing and Information Systems
Cryptocurrency’s pseudo-anonymous nature makes it vulnerable to malicious activities. However, existing deep learning solutions lack interpretability and only support retrospective analysis of specific malice types. To address these challenges, we propose Intention-Monitor for early malice detection in Bitcoin. Our model, utilizing Decision-Tree based feature Selection and Complement (DT-SC), builds different feature sets for different malice types. The Status Proposal Module (SPM) and hierarchical self-attention predictor provide real-time global status and address label predictions. A survival module determines the stopping point and proposes the status sequence (intention). Our model detects various malicious activities with strong interpretability, outperforming state-of-the-art methods in extensive …
Experimental Comparison Of Features, Analyses, And Classifiers For Android Malware Detection, Lwin Khin Shar, Biniam Fisseha Demissie, Mariano Ceccato, Naing Tun Yan, David Lo, Lingxiao Jiang, Christoph Bienert
Experimental Comparison Of Features, Analyses, And Classifiers For Android Malware Detection, Lwin Khin Shar, Biniam Fisseha Demissie, Mariano Ceccato, Naing Tun Yan, David Lo, Lingxiao Jiang, Christoph Bienert
Research Collection School Of Computing and Information Systems
Android malware detection has been an active area of research. In the past decade, several machine learning-based approaches based on different types of features that may characterize Android malware behaviors have been proposed. The usually-analyzed features include API usages and sequences at various abstraction levels (e.g., class and package), extracted using static or dynamic analysis. Additionally, features that characterize permission uses, native API calls and reflection have also been analyzed. Initial works used conventional classifiers such as Random Forest to learn on those features. In recent years, deep learning-based classifiers such as Recurrent Neural Network have been explored. Considering various …
Autoconf: Automated Configuration Of Unsupervised Learning Systems Using Metamorphic Testing And Bayesian Optimization, Lwin Khin Shar, Goknil Arda, Erik Johannes Husom, Sagar Sen Sen, Naing Tun Yan, Kisub Kim
Autoconf: Automated Configuration Of Unsupervised Learning Systems Using Metamorphic Testing And Bayesian Optimization, Lwin Khin Shar, Goknil Arda, Erik Johannes Husom, Sagar Sen Sen, Naing Tun Yan, Kisub Kim
Research Collection School Of Computing and Information Systems
Unsupervised learning systems using clustering have gained significant attention for numerous applications due to their unique ability to discover patterns and structures in large unlabeled datasets. However, their effectiveness highly depends on their configuration, which requires domain-specific expertise and often involves numerous manual trials. Specifically, selecting appropriate algorithms and hyperparameters adds to the com- plexity of the configuration process. In this paper, we propose, apply, and assess an automated approach (AutoConf) for config- uring unsupervised learning systems using clustering, leveraging metamorphic testing and Bayesian optimization. Metamorphic testing is utilized to verify the configurations of unsupervised learning systems by applying a …
Autodebloater: Automated Android App Debloating, Jiakun Liu, Xing Hu, Thung Ferdian, Shahar Maoz, Eran Toch, Debin Gao, David Lo
Autodebloater: Automated Android App Debloating, Jiakun Liu, Xing Hu, Thung Ferdian, Shahar Maoz, Eran Toch, Debin Gao, David Lo
Research Collection School Of Computing and Information Systems
Android applications are getting bigger with an increasing number of features. However, not all the features are needed by a specific user. The unnecessary features can increase the attack surface and cost additional resources (e.g., storage and memory). Therefore, it is important to remove unnecessary features from Android applications. However, it is difficult for the end users to fully explore the apps to identify the unnecessary features, and there is no off-the-shelf tool available to assist users to debloat the apps by themselves. In this work, we propose AutoDebloater to debloat Android applications automatically for end users. AutoDebloater is a …
Fine-Grained In-Context Permission Classification For Android Apps Using Control-Flow Graph Embedding, Vikas Kumar Malviya, Naing Tun Yan, Chee Wei Leow, Ailys Xynyn Tee, Lwin Khin Shar, Lingxiao Jiang
Fine-Grained In-Context Permission Classification For Android Apps Using Control-Flow Graph Embedding, Vikas Kumar Malviya, Naing Tun Yan, Chee Wei Leow, Ailys Xynyn Tee, Lwin Khin Shar, Lingxiao Jiang
Research Collection School Of Computing and Information Systems
Android is the most popular operating system for mobile devices nowadays. Permissions are a very important part of Android security architecture. Apps frequently need the users’ permission, but many of them only ask for it once—when the user uses the app for the first time—and then they keep and abuse the given permissions. Longing to enhance Android permission security and users’ private data protection is the driving factor behind our approach to explore fine-grained contextsensitive permission usage analysis and thereby identify misuses in Android apps. In this work, we propose an approach for classifying the fine-grained permission uses for each …
Hercules: Boosting The Performance Of Privacy-Preserving Federated Learning, Guowen Xu, Xingshuo Han, Shengmin Xu, Tianwei Zhang, Hongwei Li, Xinyi Huang, Robert H. Deng
Hercules: Boosting The Performance Of Privacy-Preserving Federated Learning, Guowen Xu, Xingshuo Han, Shengmin Xu, Tianwei Zhang, Hongwei Li, Xinyi Huang, Robert H. Deng
Research Collection School Of Computing and Information Systems
In this paper, we address the problem of privacy-preserving federated neural network training with N users. We present Hercules, an efficient and high-precision training framework that can tolerate collusion of up to N−1 users. Hercules follows the POSEIDON framework proposed by Sav et al. (NDSS’21), but makes a qualitative leap in performance with the following contributions: (i) we design a novel parallel homomorphic computation method for matrix operations, which enables fast Single Instruction and Multiple Data (SIMD) operations over ciphertexts. For the multiplication of two h×h dimensional matrices, our method reduces the computation complexity from O(h3) to O(h) . This …
Threshold Attribute-Based Credentials With Redactable Signature, Rui Shi, Huamin Feng, Yang Yang, Feng Yuan, Yingjiu Li, Hwee Hwa Pang, Robert H. Deng
Threshold Attribute-Based Credentials With Redactable Signature, Rui Shi, Huamin Feng, Yang Yang, Feng Yuan, Yingjiu Li, Hwee Hwa Pang, Robert H. Deng
Research Collection School Of Computing and Information Systems
Threshold attribute-based credentials are suitable for decentralized systems such as blockchains as such systems generally assume that authenticity, confidentiality, and availability can still be guaranteed in the presence of a threshold number of dishonest or faulty nodes. Coconut (NDSS'19) was the first selective disclosure attribute-based credentials scheme supporting threshold issuance. However, it does not support threshold tracing of user identities and threshold revocation of user credentials, which is desired for internal governance such as identity management, data auditing, and accountability. The communication and computation complexities of Coconut for verifying credentials are linear in the number of each user's attributes and …