Physical Sciences and Mathematics Commons^™

Structure Preserving Large Imagery Reconstruction, Ju Shen, Jianjun Yang, Sami Taha Abu Sneineh, Bryson Payne, Markus Hitz

Computer Science Faculty Publications

With the explosive growth of web-based cameras and mobile devices, billions of photographs are uploaded to the internet. We can trivially collect a huge number of photo streams for various goals, such as image clustering, 3D scene reconstruction, and other big data applications. However, such tasks are not easy due to the fact the retrieved photos can have large variations in their view perspectives, resolutions, lighting, noises, and distortions. Furthermore, with the occlusion of unexpected objects like people, vehicles, it is even more challenging to find feature correspondences and reconstruct realistic scenes. In this paper, we propose a structure-based image …

Information Security As A Determinant Of Nation’S Networked Readiness: A Country Level Analysis, Manal Yunis, Madison Ngafeeson, Kai Koong

Conference Papers in Published Proceedings

No abstract provided.

Integrity-Based Kernel Malware Detection, Feng Zhu

FIU Electronic Theses and Dissertations

Kernel-level malware is one of the most dangerous threats to the security of users on the Internet, so there is an urgent need for its detection. The most popular detection approach is misuse-based detection. However, it cannot catch up with today's advanced malware that increasingly apply polymorphism and obfuscation. In this thesis, we present our integrity-based detection for kernel-level malware, which does not rely on the specific features of malware.

We have developed an integrity analysis system that can derive and monitor integrity properties for commodity operating systems kernels. In our system, we focus on two classes of integrity properties: …

Permission Based Android Security: Issues And Countermeasures, Zheran Fang, Weili Han, Yingjiu Li

Research Collection School Of Computing and Information Systems

Android security has been a hot spot recently in both academic research and public concerns due to numerous instances of security attacks and privacy leakage on Android platform. Android security has been built upon a permission based mechanism which restricts accesses of third-party Android applications to critical resources on an Android device. Such permission based mechanism is widely criticized for its coarse-grained control of application permissions and difficult management of permissions by developers, marketers, and end-users. In this paper, we investigate the arising issues in Android security, including coarse granularity of permissions, incompetent permission administration, insufficient permission documentation, over-claim of …

Fully Secure Key-Policy Attribute-Based Encryption With Constant-Size Ciphertexts And Fast Decryption, Junzuo Lai, Robert H. Deng, Yingjiu Li, Jian Weng

Research Collection School Of Computing and Information Systems

Attribute-based encryption (ABE), introduced by Sahai and Waters, is a promising cryptographic primitive, which has been widely applied to implement fine-grained access control system for encrypted data. In its key-policy flavor, attribute sets are used to annotate ciphertexts and secret keys are associated with access structures that specify which ciphertexts a user is entitled to decrypt. In most existing key-policy attribute-based encryption (KP-ABE) constructions, the size of the ciphertext is proportional to the number of attributes associated with it and the decryption cost is proportional to the number of attributes used during decryption. In this paper, we present a new …

A Systematic Security Evaluation Of Android’S Multi-User Framework, Edward Paul Ratazzi, Yousra Aafer, Amit Ahlawat, Hao Hao, Yifei Wang, Wenliang Du

Electrical Engineering and Computer Science - All Scholarship

Like many desktop operating systems in the 1990s, Android is now in the process of including support for multiuser scenarios. Because these scenarios introduce new threats to the system, we should have an understanding of how well the system design addresses them. Since the security implications of multi-user support are truly pervasive, we developed a systematic approach to studying the system and identifying problems. Unlike other approaches that focus on specific attacks or threat models, ours systematically identifies critical places where access controls are not present or do not properly identify the subject and object of a decision. Finding these …

On The Database Lookup Problem Of Approximate Matching, Frank Breitinger, Harald Baier, Douglas White

Electrical & Computer Engineering and Computer Science Faculty Publications

Investigating seized devices within digital forensics gets more and more difficult due to the increasing amount of data. Hence, a common procedure uses automated file identification which reduces the amount of data an investigator has to look at by hand. Besides identifying exact duplicates, which is mostly solved using cryptographic hash functions, it is also helpful to detect similar data by applying approximate matching.

Let x denote the number of digests in a database, then the lookup for a single similarity digest has the complexity of O(x). In other words, the digest has to be compared against …

Aircraft Access To System-Wide Information Management Infrastructure, Mohammad Moallemi, Remzi Seker, Mohamed Mahmoud, Jayson Clifford, John Pesce, Carlos Castro, Massood Towhidnejad, Jonathan Standley, Robert Klein

Publications

Within the Federal Aviation Administration’s (FAA) NextGen project, System Wide Information Management (SWIM) program is the essential core in facilitating the collaborative access to the aviation information by various stakeholders. The Aircraft Access to SWIM (AAtS) initiative is an effort to connect the SWIM network to the aircraft to exchange the situational information between the aircraft and the National Airspace System (NAS). This paper summarizes the highlevel design and implementation of the AAtS infrastructure; namely the communication medium design, data management system, pilot peripheral, as well as the security of the data being exchanged and the performance of the entire …

Life (Logical Ios Forensics Examiner): An Open Source Ios Backup Forensics Examination Tool, Ibrahim Baggili, Shadi Al Awawdeh, Jason Moore

Electrical & Computer Engineering and Computer Science Faculty Publications

In this paper, we present LiFE (Logical iOS Forensics Examiner), an open source iOS backup forensics examination tool. This tool helps both researchers and practitioners alike in both understanding the backup structures of iOS devices and forensically examining iOS backups. The tool is currently capable of parsing device information, call history, voice messages, GPS locations, conversations, notes, images, address books, calendar entries, SMS messages, Aux locations, facebook data and e-mails. The tool consists of both a manual interface (where the user is able to manually examine the backup structures) and an automated examination interface (where the tool pulls out evidence …

Technique For Authenticating H.264/Svc And Its Performance Evaluation Over Wireless Mobile Networks, Yifan Zhao, Swee Won Lo, Robert H. Deng, Xuhua Ding

Research Collection School Of Computing and Information Systems

In this paper, a bit stream-based authentication scheme for H.264/Scalable Video Coding (SVC) is proposed. The proposed scheme seamlessly integrates cryptographic algorithms and Erasure Correction Codes (ECCs) to SVC video streams such that the authenti- cated streams are format compliant with the SVC specifications and preserve the three- dimensional scalability (i.e., spatial, quality and temporal) of the original streams. We implement our scheme on a smart phone and study its performance over a realistic bursty packet-lossy wireless mobile network. Our analysis and experimental results show that the scheme achieves very high verification rates with lower communication overhead and much smaller …

Towards Semantically Secure Outsourcing Of Association Rule Mining On Categorical Data, Junzuo Lai, Yingjiu Li, Robert H. Deng, Jian Weng, Chaowen Guan, Qiang Yan

Research Collection School Of Computing and Information Systems

When outsourcing association rule mining to cloud, it is critical for data owners to protect both sensitive raw data and valuable mining results from being snooped at cloud servers. Previous solutions addressing this concern add random noise to the raw data and/or encrypt the raw data with a substitution mapping. However, these solutions do not provide semantic security; partial information about raw data or mining results can be potentially discovered by an adversary at cloud servers under a reasonable assumption that the adversary knows some plaintext–ciphertext pairs. In this paper, we propose the first semantically secure solution for outsourcing association …

Identity-Based Encryption Secure Against Selective Opening Chosen-Ciphertext Attack, Junzuo Lai, Robert H. Deng, Shengli Liu, Jian Weng, Yunlei Zhao

Research Collection School Of Computing and Information Systems

Security against selective opening attack (SOA) requires that in a multi-user setting, even if an adversary has access to all ciphertexts from users, and adaptively corrupts some fraction of the users by exposing not only their messages but also the random coins, the remaining unopened messages retain their privacy. Recently, Bellare, Waters and Yilek considered SOA-security in the identity-based setting, and presented the first identity-based encryption (IBE) schemes that are proven secure against selective opening chosen plaintext attack (SO-CPA). However, how to achieve SO-CCA security for IBE is still open. In this paper, we introduce a new primitive called extractable …

Physio@Home: Design Explorations To Support Movement Guidance, Richard Tang, Hesam Alizadeh, Anthony Tang, Scott Bateman, Joaquim A.P. Jorge

Research Collection School Of Computing and Information Systems

Patients typically undergo physiotherapy with the help of a physiotherapist who teaches, guides, and corrects the patients as they perform exercises. It would be nice if people could repeat these exercises at home, potentially improving their recovery rate. However, without guidance and/or corrective feedback from a physiotherapist, the patient will not know whether they are doing their exercises correctly. To address this problem, we implemented a prototype that guides patients through pre-recorded exercise movements using visual guides overlaid atop a mirror-view of the patient on a wall-mounted display. We conducted informal evaluations and pilot studies to assess our prototype and …

Haptics In Remote Collaborative Exercise Systems For Seniors, Hesam Alizadeh, Richard Tang, Ehud Sharlin, Anthony Tang

Research Collection School Of Computing and Information Systems

Group exercise provides motivation to follow and maintain a healthy daily exercise schedule while enjoying beneficial encouragement and social support from friends and exercise partners. However, mobility and transportation issues frequently prevent seniors from engaging in group activities. To address this problem, we investigated the exercise needs of seniors and developed a prototype remote exercise system. Our system uses haptic feedback to simulate assistive pushing and pulling of limbs when exercising with a partner. We developed three distinct vibration metaphors -- constant push/pull, corrective feedback, and notification -- to convey engagement and connection between exercise partners. We conducted a preliminary …

The Security Of Simplified Data Encryption Standard, Brandon Barker

College of Arts and Sciences Presentations

The Data Encryption Standard (DES) is the most widely used symmetric key cryptosystem in the commercial world. DES was published in 1975 by the National Bureau of Standards, and since then it and its variants have been commonly used. DES is utilized in many modern industries and products including the Blackberry, electronic financial transactions, and access cards to corporate offices. An efficient but secure cryptosystem is challenging to produce and even after it has been deemed “secure” new attacks and vulnerabilities are often discovered. By investigating the algebraic structure of a simplified version of DES we are able to analyze …

Automatic Objects Removal For Scene Completion, Jianjun Yang, Yin Wang, Honggang Wang, Kun Hua, Wei Wang, Ju Shen

Computer Science Faculty Publications

With the explosive growth of Web-based cameras and mobile devices, billions of photographs are uploaded to the Internet. We can trivially collect a huge number of photo streams for various goals, such as 3D scene reconstruction and other big data applications. However, this is not an easy task due to the fact the retrieved photos are neither aligned nor calibrated. Furthermore, with the occlusion of unexpected foreground objects like people, vehicles, it is even more challenging to find feature correspondences and reconstruct realistic scenes. In this paper, we propose a structure-based image completion algorithm for object removal that produces visually …

A Hybrid Scheme For Authenticating Scalable Video Codestreams, Zhuo Wei, Yongdong Wu, Robert H. Deng, Xuhua Ding

Research Collection School Of Computing and Information Systems

A scalable video coding (SVC) codestream consists of one base layer and possibly several enhancement layers. The base layer, which contains the lowest quality and resolution images, is the foundation of the SVC codestream and must be delivered to recipients, whereas enhancement layers contain richer contour/texture of images in order to supplement the base layer in resolution, quality, and temporal scalabilities. This paper presents a novel hybrid authentication (HAU) scheme. The HAU employs both cryptographic authentication and content-based authentication techniques to ensure integrity and authenticity of the SVC codestreams. Our analysis and experimental results indicate that the HAU is able …

Semantic Privacy Policies For Service Description And Discovery In Service-Oriented Architecture, Diego Z. Garcia, Miriam A M Capretz, M. Beatriz F. Toledo

Electrical and Computer Engineering Publications

Privacy preservation in Service-Oriented Architecture (SOA) is an open problem. This paper focuses on the areas of service description and discovery. The problems in these areas are that currently it is not possible to describe how a service provider deals with information received from a service consumer as well as discover a service that satisfies the privacy preferences of a consumer. There is currently no framework which offers a solution that supports a rich description of privacy policies and their integration in the process of service discovery. Thus, the main goal of this paper is to propose a privacy preservation …

Two-Bit Pattern Analysis For Quantitative Information Flow, Ziyuan Meng

FIU Electronic Theses and Dissertations

Protecting confidential information from improper disclosure is a fundamental security goal. While encryption and access control are important tools for ensuring confidentiality, they cannot prevent an authorized system from leaking confidential information to its publicly observable outputs, whether inadvertently or maliciously. Hence, secure information flow aims to provide end-to-end control of information flow. Unfortunately, the traditionally-adopted policy of noninterference, which forbids all improper leakage, is often too restrictive. Theories of quantitative information flow address this issue by quantifying the amount of confidential information leaked by a system, with the goal of showing that it is intuitively “small” enough to be …

Foundations Of Quantitative Information Flow: Channels, Cascades, And The Information Order, Barbara Espinoza Becerra

FIU Electronic Theses and Dissertations

Secrecy is fundamental to computer security, but real systems often cannot avoid leaking some secret information. For this reason, the past decade has seen growing interest in quantitative theories of information flow that allow us to quantify the information being leaked. Within these theories, the system is modeled as an information-theoretic channel that specifies the probability of each output, given each input. Given a prior distribution on those inputs, entropy-like measures quantify the amount of information leakage caused by the channel.

This thesis presents new results in the theory of min-entropy leakage. First, we study the perspective of secrecy as …

How Many Credit Card Frauds Must We Endure Before Security Improves?, Maritza Martinez

UCF Forum

Yes, it can happen to you…

Inequalities And Asymmetries, Tamara Kneese

Media Studies

The availability of data is not evenly distributed. Some organizations, agencies, and sectors are better equipped to gather, use, and analyze data than others. If data is transformative, what are the consequences of defense and security agencies having greater capacity to leverage data than, say, education or social services? Financial wherewithal, technical capacity, and political determinants all affect where data is employed. As data and analytics emerge, who benefits and who doesn't, both at the individual level and the institutional level? What about the asymmetries between those who provide the data and those who collect it? How does uneven data …

Inferences & Connections, Tamara Kneese

Media Studies

Data-oriented systems are inferring relationships between people based on genetic material, behavioral patterns (e.g., shared geography imputed by phone carriers), and performed associations (e.g., "friends" online or shared photographs). What responsibilities do entities who collect data that imputes connections have to those who are implicated by association? For example, as DNA and other biological materials are collected outside of medicine (e.g., at point of arrest, by informatics services like 23andme, for scientific inquiry), what rights do relatives (living, dead, and not-yet-born) have? In what contexts is it acceptable to act based on inferred associations and in which contexts is it …

Algorithmic Accountability, Tamara Kneese

Media Studies

Accountability is fundamentally about checks and balances to power. In theory, both government and corporations are kept accountable through social, economic, and political mechanisms. Journalism and public advocates serve as an additional tool to hold powerful institutions and individuals accountable. But in a world of data and algorithms, accountability is often murky. Beyond questions about whether the market is sufficient or governmental regulation is necessary, how should algorithms be held accountable? For example what is the role of the fourth estate in holding data-oriented practices accountable?

Data Supply Chains, Tamara Kneese

Media Studies

As data moves between actors and organizations, what emerges is a data supply chain. Unlike manufacturing supply chains, transferred data is often duplicated in the process, challenging the essence of ownership. What does ethical data labor look like? How are the various stakeholders held accountable for being good data guardians? What does clean data transfer look like? What kinds of best practices can business and government put into place? What upstream rights to data providers have over downstream commercialization of their data?

Predicting Human Behavior, Tamara Kneese

Media Studies

Countless highly accurate predictions can be made from trace data, with varying degrees of personal or societal consequence (e.g., search engines predict hospital admission, gaming companies can predict compulsive gambling problems, government agencies predict criminal activity). Predicting human behavior can be both hugely beneficial and deeply problematic depending on the context. What kinds of predictive privacy harms are emerging? And what are the implications for systems of oversight and due process protections? For example, what are the implications for employment, health care and policing when predictive models are involved? How should varied organizations address what they can predict?

Keystroke Biometrics: The User Perspective, Chee Meng Tey, Payas Gupta, Kartik Muralidaran, Debin Gao

Research Collection School Of Computing and Information Systems

Usability is an important aspect of security, because poor usability motivates users to find shortcuts that bypass the system. Existing studies on keystroke biometrics evaluate the usability issue in terms of the average false rejection rate (FRR). We show in this paper that such an approach underestimates the user impact in two ways. First, the FRR of keystroke biometrics changes for the worse under a range of common conditions such as background music, exercise and even game playing. In a user study involving 111 participants, the average penalties (increases) in FRR are 0.0360 and 0.0498, respectively, for two different classifiers. …

Ropsteg: Program Steganography With Return Oriented Programming, Kangjie Lu, Siyang Xiong, Debin Gao

Research Collection School Of Computing and Information Systems

Many software obfuscation techniques have been proposed to hide program instructions or logic and to make reverse engineering hard. In this paper, we introduce a new property in software obfuscation, namely program steganography, where certain instructions are "diffused" in others in such a way that they are non-existent until program execution. Program steganography does not raise suspicion in program analysis, and conforms to the W⊕X and mandatory code signing security mechanisms. We further implement RopSteg, a novel software obfuscation system, to provide (to a certain degree) program steganography using return-oriented programming. We apply RopSteg to eight Windows executables and evaluate …

Ropecker: A Generic And Practical Approach For Defending Against Rop Attack, Yueqiang Cheng, Zongwei Zhou, Yu Miao, Xuhua Ding, Robert H. Deng

Research Collection School Of Computing and Information Systems

Return-Oriented Programming (ROP) is a sophisticated exploitation technique that is able to drive target applications to perform arbitrary unintended operations by constructing a gadget chain reusing existing small code sequences (gadgets). Existing defense mechanisms either only handle specific types of gadgets, require access to source code and/or a customized compiler, break the integrity of application binary, or suffer from high performance overhead. In this paper, we present a novel system, ROPecker, to efficiently and effectively defend against ROP attacks without relying on any other side information (e.g., source code and compiler support) or binary rewriting. ROPecker detects an ROP attack …

Key-Aggregate Cryptosystem For Scalable Data Sharing In Cloud Storage, Cheng-Kang Chu, Sherman S. M. Chow, Wen-Guey Tzeng, Jiangying Zhou, Robert H. Deng

Research Collection School Of Computing and Information Systems

Data sharing is an important functionality in cloud storage. In this article, we show how to securely, efficiently, and flexibly share data with others in cloud storage. We describe new public-key cryptosystems which produce constant-size ciphertexts such that efficient delegation of decryption rights for any set of ciphertexts are possible. The novelty is that one can aggregate any set of secret keys and make them as compact as a single key, but encompassing the power of all the keys being aggregated. In other words, the secret key holder can release a constant-size aggregate key for flexible choices of ciphertext set …