Open Access. Powered by Scholars. Published by Universities.®
Databases and Information Systems Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Blockchain (2)
- Transparency (2)
- Access pattern (1)
- Attribute based data retrieval (1)
- BO (1)
-
- Ballot privacy (1)
- Bitcoin (1)
- BoF (1)
- Buffer Overflow (1)
- C (1)
- C++ (1)
- Cache (1)
- Collusion resistance (1)
- Crowdsourcing (1)
- Embedded systems (1)
- Integrity (1)
- Intel ME (1)
- Introspection (1)
- IoT (1)
- Malware Analysis (1)
- Markov decision process; Mean-field; Mixed agents; Ride-sourcing; Subsidy (1)
- Multi-keyword search (1)
- Multi-requester/multi-worker (1)
- Multi-user access (1)
- Network reliability (1)
- Networks (1)
- Non-intrusiveness (1)
- On-chain data analysis (1)
- Out-of-VM Introspection (1)
- Privacy (1)
Articles 1 - 11 of 11
Full-Text Articles in Databases and Information Systems
A Fine-Grained Attribute Based Data Retrieval With Proxy Re-Encryption Scheme For Data Outsourcing Systems, Hanshu Hong, Ximeng Liu, Zhixin Sun
A Fine-Grained Attribute Based Data Retrieval With Proxy Re-Encryption Scheme For Data Outsourcing Systems, Hanshu Hong, Ximeng Liu, Zhixin Sun
Research Collection School Of Computing and Information Systems
Attribute based encryption is suitable for data protection in data outsourcing systems such as cloud computing. However, the leveraging of encryption technique may retrain some routine operations over the encrypted data, particularly in the field of data retrieval. This paper presents an attribute based date retrieval with proxy re-encryption (ABDR-PRE) to provide both fine-grained access control and retrieval over the ciphertexts. The proposed scheme achieves fine-grained data access management by adopting KP-ABE mechanism, a delegator can generate the re-encryption key and search indexes for the ciphertexts to be shared over the target delegatee’s attributes. Throughout the process of data sharing, …
Privacy-Preserving Voluntary-Tallying Leader Election For Internet Of Things, Tong Wu, Guomin Yang, Liehuang Zhu, Yulin Wu
Privacy-Preserving Voluntary-Tallying Leader Election For Internet Of Things, Tong Wu, Guomin Yang, Liehuang Zhu, Yulin Wu
Research Collection School Of Computing and Information Systems
The Internet of Things (IoT) is commonly deployed with devices of limited power and computation capability. A centralized IoT architecture provides a simplified management for IoT system but brings redundancy by the unnecessary data traffic with a data center. A decentralized IoT reduces the cost on data traffic and is resilient to the single-point-of failure. The blockchain technique has attracted a large amount of research, which is redeemed as a perspective of decentralized IoT system infrastructure. It also brings new privacy challenges for that the blockchain is a public ledger of all digital events executed and shared among all participants. …
A Coprocessor-Based Introspection Framework Via Intel Management Engine, Lei Zhou, Fengwei Zhang, Jidong Xiao, Kevin Leach, Westley Weimer, Xuhua Ding, Guojun Wang
A Coprocessor-Based Introspection Framework Via Intel Management Engine, Lei Zhou, Fengwei Zhang, Jidong Xiao, Kevin Leach, Westley Weimer, Xuhua Ding, Guojun Wang
Research Collection School Of Computing and Information Systems
During the past decade, virtualization-based (e.g., virtual machine introspection) and hardware-assisted approaches (e.g., x86 SMM and ARM TrustZone) have been used to defend against low-level malware such as rootkits. However, these approaches either require a large Trusted Computing Base (TCB) or they must share CPU time with the operating system, disrupting normal execution. In this article, we propose an introspection framework called NIGHTHAWK that transparently checks system integrity and monitor the runtime state of target system. NIGHTHAWK leverages the Intel Management Engine (IME), a co-processor that runs in isolation from the main CPU. By using the IME, our approach has …
A Mean-Field Markov Decision Process Model For Spatial-Temporal Subsidies In Ride-Sourcing Markets, Zheng Zhu, Jintao Ke, Hai Wang
A Mean-Field Markov Decision Process Model For Spatial-Temporal Subsidies In Ride-Sourcing Markets, Zheng Zhu, Jintao Ke, Hai Wang
Research Collection School Of Computing and Information Systems
Ride-sourcing services are increasingly popular because of their ability to accommodate on-demand travel needs. A critical issue faced by ride-sourcing platforms is the supply-demand imbalance, as a result of which drivers may spend substantial time on idle cruising and picking up remote passengers. Some platforms attempt to mitigate the imbalance by providing relocation guidance for idle drivers who may have their own self-relocation strategies and decline to follow the suggestions. Platforms then seek to induce drivers to system-desirable locations by offering them subsidies. This paper proposes a mean-field Markov decision process (MF-MDP) model to depict the dynamics in ride-sourcing markets …
Catch You With Cache: Out-Of-Vm Introspection To Trace Malicious Executions, Chao Su, Xuhua Ding, Qinghai Zeng
Catch You With Cache: Out-Of-Vm Introspection To Trace Malicious Executions, Chao Su, Xuhua Ding, Qinghai Zeng
Research Collection School Of Computing and Information Systems
Out-of-VM introspection is an imperative part of security analysis. The legacy methods either modify the system, introducing enormous overhead, or rely heavily on hardware features, which are neither available nor practical in most cloud environments. In this paper, we propose a novel analysis method, named as Catcher, that utilizes CPU cache to perform out-of-VM introspection. Catcher does not make any modifications to the target program and its running environment, nor demands special hardware support. Implemented upon Linux KVM, it natively introspects the target's virtual memory. More importantly, it uses the cache-based side channel to infer the target control flow. To …
On The Root Of Trust Identification Problem, Ivan De Oliveira Nunes, Xuhua Ding, Gene Tsudik
On The Root Of Trust Identification Problem, Ivan De Oliveira Nunes, Xuhua Ding, Gene Tsudik
Research Collection School Of Computing and Information Systems
Trusted Execution Environments (TEEs) are becoming ubiquitous and are currently used in many security applications: from personal IoT gadgets to banking and databases. Prominent examples of such architectures are Intel SGX, ARM TrustZone, and Trusted Platform Modules (TPMs). A typical TEE relies on a dynamic Root of Trust (RoT) to provide security services such as code/data confidentiality and integrity, isolated secure software execution, remote attestation, and sensor auditing. Despite their usefulness, there is currently no secure means to determine whether a given security service or task is being performed by the particular RoT within a specific physical device. We refer …
On Decentralization Of Bitcoin: An Asset Perspective, Ling Cheng, Feida Zhu, Huiwen Liu, Chunyan Miao
On Decentralization Of Bitcoin: An Asset Perspective, Ling Cheng, Feida Zhu, Huiwen Liu, Chunyan Miao
Research Collection School Of Computing and Information Systems
Since its advent in 2009, Bitcoin, a cryptography-enabled peer-to-peer digital payment system, has been gaining increasing attention from both academia and industry. An effort designed to overcome a cluster of bottlenecks inherent in existing centralized financial systems, Bitcoin has always been championed by the crypto community as an example of the spirit of decentralization. While the decentralized nature of Bitcoin's Proof-of-Work consensus algorithm has often been discussed in great detail, no systematic study has so far been conducted to quantitatively measure the degree of decentralization of Bitcoin from an asset perspective -- How decentralized is Bitcoin as a financial asset? …
Buffer Overflow And Sql Injection In C++, Noah Warren Kapley
Buffer Overflow And Sql Injection In C++, Noah Warren Kapley
Masters Theses & Specialist Projects
Buffer overflows and SQL Injection have plagued programmers for many years. A successful buffer overflow, innocuous or not, damages a computer’s permanent memory. Safer buffer overflow programs are presented in this thesis for the C programs characterizing string concatenation, string copy, and format get string, a C program which takes input and output from a keyboard, in most cases. Safer string concatenation and string copy programs presented in this thesis require the programmer to specify the amount of storage space necessary for the program’s execution. This safety mechanism is designed to help programmers avoid over specifying the amount of storage …
Privacy-Preserving Multi-Keyword Searchable Encryption For Distributed Systems, Xueqiao Liu, Guomin Yang, Willy Susilo, Joseph Tonien, Jian Shen
Privacy-Preserving Multi-Keyword Searchable Encryption For Distributed Systems, Xueqiao Liu, Guomin Yang, Willy Susilo, Joseph Tonien, Jian Shen
Research Collection School Of Computing and Information Systems
As cloud storage has been widely adopted in various applications, how to protect data privacy while allowing efficient data search and retrieval in a distributed environment remains a challenging research problem. Existing searchable encryption schemes are still inadequate on desired functionality and security/privacy perspectives. Specifically, supporting multi-keyword search under the multi-user setting, hiding search pattern and access pattern, and resisting keyword guessing attacks (KGA) are the most challenging tasks. In this article, we present a new searchable encryption scheme that addresses the above problems simultaneously, which makes it practical to be adopted in distributed systems. It not only enables multi-keyword …
Differential Training: A Generic Framework To Reduce Label Noises For Android Malware Detection, Jiayun Xu, Yingjiu Li, Robert H. Deng
Differential Training: A Generic Framework To Reduce Label Noises For Android Malware Detection, Jiayun Xu, Yingjiu Li, Robert H. Deng
Research Collection School Of Computing and Information Systems
A common problem in machine learning-based malware detection is that training data may contain noisy labels and it is challenging to make the training data noise-free at a large scale. To address this problem, we propose a generic framework to reduce the noise level of training data for the training of any machine learning-based Android malware detection. Our framework makes use of all intermediate states of two identical deep learning classification models during their training with a given noisy training dataset and generate a noise-detection feature vector for each input sample. Our framework then applies a set of outlier detection …
Proxy-Free Privacy-Preserving Task Matching With Efficient Revocation In Crowdsourcing, Jiangang Shu, Kan Yang, Xiaohua Jia, Ximeng Liu, Cong Wang, Robert H. Deng
Proxy-Free Privacy-Preserving Task Matching With Efficient Revocation In Crowdsourcing, Jiangang Shu, Kan Yang, Xiaohua Jia, Ximeng Liu, Cong Wang, Robert H. Deng
Research Collection School Of Computing and Information Systems
Task matching in crowdsourcing has been extensively explored with the increasing popularity of crowdsourcing. However, privacy of tasks and workers is usually ignored in most of exiting solutions. In this paper, we study the problem of privacy-preserving task matching for crowdsourcing with multiple requesters and multiple workers. Instead of utilizing proxy re-encryption, we propose a proxy-free task matching scheme for multi-requester/multi-worker crowdsourcing, which achieves task-worker matching over encrypted data with scalability and non-interaction. We further design two different mechanisms for worker revocation including ServerLocal Revocation (SLR) and Global Revocation (GR), which realize efficient worker revocation with minimal overhead on the …