Databases and Information Systems Commons^™

A Fine-Grained Attribute Based Data Retrieval With Proxy Re-Encryption Scheme For Data Outsourcing Systems, Hanshu Hong, Ximeng Liu, Zhixin Sun

Research Collection School Of Computing and Information Systems

Attribute based encryption is suitable for data protection in data outsourcing systems such as cloud computing. However, the leveraging of encryption technique may retrain some routine operations over the encrypted data, particularly in the field of data retrieval. This paper presents an attribute based date retrieval with proxy re-encryption (ABDR-PRE) to provide both fine-grained access control and retrieval over the ciphertexts. The proposed scheme achieves fine-grained data access management by adopting KP-ABE mechanism, a delegator can generate the re-encryption key and search indexes for the ciphertexts to be shared over the target delegatee’s attributes. Throughout the process of data sharing, …

Integration Of Blockchain Technology Into Automobiles To Prevent And Study The Causes Of Accidents, John Kim

Electronic Theses, Projects, and Dissertations

Automobile collisions occur daily. We now live in an information-driven world, one where technology is quickly evolving. Blockchain technology can change the automotive industry, the safety of the motoring public and its surrounding environment by incorporating this vast array of information. It can place safety and efficiency at the forefront to pedestrians, public establishments, and provide public agencies with pertinent information securely and efficiently. Other industries where Blockchain technology has been effective in are as follows: supply chain management, logistics, and banking. This paper reviews some statistical information regarding automobile collisions, Blockchain technology, Smart Contracts, Smart Cities; assesses the feasibility …

Privacy-Preserving Voluntary-Tallying Leader Election For Internet Of Things, Tong Wu, Guomin Yang, Liehuang Zhu, Yulin Wu

Research Collection School Of Computing and Information Systems

The Internet of Things (IoT) is commonly deployed with devices of limited power and computation capability. A centralized IoT architecture provides a simplified management for IoT system but brings redundancy by the unnecessary data traffic with a data center. A decentralized IoT reduces the cost on data traffic and is resilient to the single-point-of failure. The blockchain technique has attracted a large amount of research, which is redeemed as a perspective of decentralized IoT system infrastructure. It also brings new privacy challenges for that the blockchain is a public ledger of all digital events executed and shared among all participants. …

Towards Practical Differentially Private Mechanism Design And Deployment, Dan Zhang

Doctoral Dissertations

As the collection of personal data has increased, many institutions face an urgent need for reliable protection of sensitive data. Among the emerging privacy protection mechanisms, differential privacy offers a persuasive and provable assurance to individuals and has become the dominant model in the research community. However, despite growing adoption, the complexity of designing differentially private algorithms and effectively deploying them in real-world applications remains high. In this thesis, we address two main questions: 1) how can we aid programmers in developing private programs with high utility? and 2) how can we deploy differentially private algorithms to visual analytics systems? …

Design And Development Of Techniques To Ensure Integrity In Fog Computing Based Databases, Abdulwahab Fahad S. Alazeb

Graduate Theses and Dissertations

The advancement of information technology in coming years will bring significant changes to the way sensitive data is processed. But the volume of generated data is rapidly growing worldwide. Technologies such as cloud computing, fog computing, and the Internet of things (IoT) will offer business service providers and consumers opportunities to obtain effective and efficient services as well as enhance their experiences and services; increased availability and higher-quality services via real-time data processing augment the potential for technology to add value to everyday experiences. This improves human life quality and easiness. As promising as these technological innovations, they are prone …

Privacy-Preserving Cloud-Assisted Data Analytics, Wei Bao

Graduate Theses and Dissertations

Nowadays industries are collecting a massive and exponentially growing amount of data that can be utilized to extract useful insights for improving various aspects of our life. Data analytics (e.g., via the use of machine learning) has been extensively applied to make important decisions in various real world applications. However, it is challenging for resource-limited clients to analyze their data in an efficient way when its scale is large. Additionally, the data resources are increasingly distributed among different owners. Nonetheless, users' data may contain private information that needs to be protected.

Cloud computing has become more and more popular in …

A Coprocessor-Based Introspection Framework Via Intel Management Engine, Lei Zhou, Fengwei Zhang, Jidong Xiao, Kevin Leach, Westley Weimer, Xuhua Ding, Guojun Wang

Research Collection School Of Computing and Information Systems

During the past decade, virtualization-based (e.g., virtual machine introspection) and hardware-assisted approaches (e.g., x86 SMM and ARM TrustZone) have been used to defend against low-level malware such as rootkits. However, these approaches either require a large Trusted Computing Base (TCB) or they must share CPU time with the operating system, disrupting normal execution. In this article, we propose an introspection framework called NIGHTHAWK that transparently checks system integrity and monitor the runtime state of target system. NIGHTHAWK leverages the Intel Management Engine (IME), a co-processor that runs in isolation from the main CPU. By using the IME, our approach has …

A Mean-Field Markov Decision Process Model For Spatial-Temporal Subsidies In Ride-Sourcing Markets, Zheng Zhu, Jintao Ke, Hai Wang

Research Collection School Of Computing and Information Systems

Ride-sourcing services are increasingly popular because of their ability to accommodate on-demand travel needs. A critical issue faced by ride-sourcing platforms is the supply-demand imbalance, as a result of which drivers may spend substantial time on idle cruising and picking up remote passengers. Some platforms attempt to mitigate the imbalance by providing relocation guidance for idle drivers who may have their own self-relocation strategies and decline to follow the suggestions. Platforms then seek to induce drivers to system-desirable locations by offering them subsidies. This paper proposes a mean-field Markov decision process (MF-MDP) model to depict the dynamics in ride-sourcing markets …

Catch You With Cache: Out-Of-Vm Introspection To Trace Malicious Executions, Chao Su, Xuhua Ding, Qinghai Zeng

Research Collection School Of Computing and Information Systems

Out-of-VM introspection is an imperative part of security analysis. The legacy methods either modify the system, introducing enormous overhead, or rely heavily on hardware features, which are neither available nor practical in most cloud environments. In this paper, we propose a novel analysis method, named as Catcher, that utilizes CPU cache to perform out-of-VM introspection. Catcher does not make any modifications to the target program and its running environment, nor demands special hardware support. Implemented upon Linux KVM, it natively introspects the target's virtual memory. More importantly, it uses the cache-based side channel to infer the target control flow. To …

Analysis Of Theoretical And Applied Machine Learning Models For Network Intrusion Detection, Jonah Baron

Masters Theses & Doctoral Dissertations

Network Intrusion Detection System (IDS) devices play a crucial role in the realm of network security. These systems generate alerts for security analysts by performing signature-based and anomaly-based detection on malicious network traffic. However, there are several challenges when configuring and fine-tuning these IDS devices for high accuracy and precision. Machine learning utilizes a variety of algorithms and unique dataset input to generate models for effective classification. These machine learning techniques can be applied to IDS devices to classify and filter anomalous network traffic. This combination of machine learning and network security provides improved automated network defense by developing highly-optimized …

Securing Fog Federation From Behavior Of Rogue Nodes, Mohammed Saleh H. Alshehri

Graduate Theses and Dissertations

As the technological revolution advanced information security evolved with an increased need for confidential data protection on the internet. Individuals and organizations typically prefer outsourcing their confidential data to the cloud for processing and storage. As promising as the cloud computing paradigm is, it creates challenges; everything from data security to time latency issues with data computation and delivery to end-users. In response to these challenges CISCO introduced the fog computing paradigm in 2012. The intent was to overcome issues such as time latency and communication overhead and to bring computing and storage resources close to the ground and the …

Network-Based Detection And Prevention System Against Dns-Based Attacks, Yasir Faraj Mohammed

Graduate Theses and Dissertations

Individuals and organizations rely on the Internet as an essential environment for personal or business transactions. However, individuals and organizations have been primary targets for attacks that steal sensitive data. Adversaries can use different approaches to hide their activities inside the compromised network and communicate covertly between the malicious servers and the victims. The domain name system (DNS) protocol is one of these approaches that adversaries use to transfer stolen data outside the organization's network using various forms of DNS tunneling attacks. The main reason for targeting the DNS protocol is because DNS is available in almost every network, ignored, …

Achieving Differential Privacy And Fairness In Machine Learning, Depeng Xu

Graduate Theses and Dissertations

Machine learning algorithms are used to make decisions in various applications, such as recruiting, lending and policing. These algorithms rely on large amounts of sensitive individual information to work properly. Hence, there are sociological concerns about machine learning algorithms on matters like privacy and fairness. Currently, many studies only focus on protecting individual privacy or ensuring fairness of algorithms separately without taking consideration of their connection. However, there are new challenges arising in privacy preserving and fairness-aware machine learning. On one hand, there is fairness within the private model, i.e., how to meet both privacy and fairness requirements simultaneously in …

Characteristic Reassignment For Hardware Trojan Detection, Noah Waller

Graduate Theses and Dissertations

With the current business model and increasing complexity of hardware designs, third-party Intellectual Properties (IPs) are prevalently incorporated into first-party designs. However, the use of third-party IPs increases security concerns related to hardware Trojans inserted by attackers. A core threat posed by Hardware Trojans is the difficulty in detecting such malicious insertions/alternations in order to prevent the damage. This thesis work provides major improvements on a soft IP analysis methodology and tool known as the Structural Checking tool, which analyzes Register-Transfer Level (RTL) soft IPs for determining their functionalities and screening for hardware Trojans. This is done by breaking down …

A Framework To Detect The Susceptibility Of Employees To Social Engineering Attacks, Hashim H. Alneami

Doctoral Dissertations and Master's Theses

Social engineering attacks (SE-attacks) in enterprises are hastily growing and are becoming increasingly sophisticated. Generally, SE-attacks involve the psychological manipulation of employees into revealing confidential and valuable company data to cybercriminals. The ramifications could bring devastating financial and irreparable reputation loss to the companies. Because SE-attacks involve a human element, preventing these attacks can be tricky and challenging and has become a topic of interest for many researchers and security experts. While methods exist for detecting SE-attacks, our literature review of existing methods identified many crucial factors such as the national cultural, organizational, and personality traits of employees that enable …

On The Root Of Trust Identification Problem, Ivan De Oliveira Nunes, Xuhua Ding, Gene Tsudik

Research Collection School Of Computing and Information Systems

Trusted Execution Environments (TEEs) are becoming ubiquitous and are currently used in many security applications: from personal IoT gadgets to banking and databases. Prominent examples of such architectures are Intel SGX, ARM TrustZone, and Trusted Platform Modules (TPMs). A typical TEE relies on a dynamic Root of Trust (RoT) to provide security services such as code/data confidentiality and integrity, isolated secure software execution, remote attestation, and sensor auditing. Despite their usefulness, there is currently no secure means to determine whether a given security service or task is being performed by the particular RoT within a specific physical device. We refer …

On Decentralization Of Bitcoin: An Asset Perspective, Ling Cheng, Feida Zhu, Huiwen Liu, Chunyan Miao

Research Collection School Of Computing and Information Systems

Since its advent in 2009, Bitcoin, a cryptography-enabled peer-to-peer digital payment system, has been gaining increasing attention from both academia and industry. An effort designed to overcome a cluster of bottlenecks inherent in existing centralized financial systems, Bitcoin has always been championed by the crypto community as an example of the spirit of decentralization. While the decentralized nature of Bitcoin's Proof-of-Work consensus algorithm has often been discussed in great detail, no systematic study has so far been conducted to quantitatively measure the degree of decentralization of Bitcoin from an asset perspective -- How decentralized is Bitcoin as a financial asset? …

Buffer Overflow And Sql Injection In C++, Noah Warren Kapley

Masters Theses & Specialist Projects

Buffer overflows and SQL Injection have plagued programmers for many years. A successful buffer overflow, innocuous or not, damages a computer’s permanent memory. Safer buffer overflow programs are presented in this thesis for the C programs characterizing string concatenation, string copy, and format get string, a C program which takes input and output from a keyboard, in most cases. Safer string concatenation and string copy programs presented in this thesis require the programmer to specify the amount of storage space necessary for the program’s execution. This safety mechanism is designed to help programmers avoid over specifying the amount of storage …

Analysis Of System Performance Metrics Towards The Detection Of Cryptojacking In Iot Devices, Richard Matthews

Masters Theses & Doctoral Dissertations

This single-case mechanism study examined the effects of cryptojacking on Internet of Things (IoT) device performance metrics. Cryptojacking is a cyber-threat that involves stealing the computational resources of devices belonging to others to generate cryptocurrencies. The resources primarily include the processing cycles of devices and the additional electricity needed to power this additional load. The literature surveyed showed that cryptojacking has been gaining in popularity and is now one of the top cyberthreats. Cryptocurrencies offer anyone more freedom and anonymity than dealing with traditional financial institutions which make them especially attractive to cybercriminals. Other reasons for the increasing popularity of …

A Consent Framework For The Internet Of Things In The Gdpr Era, Gerald Chikukwa

Masters Theses & Doctoral Dissertations

The Internet of Things (IoT) is an environment of connected physical devices and objects that communicate amongst themselves over the internet. The IoT is based on the notion of always-connected customers, which allows businesses to collect large volumes of customer data to give them a competitive edge. Most of the data collected by these IoT devices include personal information, preferences, and behaviors. However, constant connectivity and sharing of data create security and privacy concerns. Laws and regulations like the General Data Protection Regulation (GDPR) of 2016 ensure that customers are protected by providing privacy and security guidelines to businesses. Data …

Block The Root Takeover: Validating Devices Using Blockchain Protocol, Sharmila Paul

Masters Theses & Doctoral Dissertations

This study addresses a vulnerability in the trust-based STP protocol that allows malicious users to target an Ethernet LAN with an STP Root-Takeover Attack. This subject is relevant because an STP Root-Takeover attack is a gateway to unauthorized control over the entire network stack of a personal or enterprise network. This study aims to address this problem with a potentially trustless research solution called the STP DApp. The STP DApp is the combination of a kernel /net modification called stpverify and a Hyperledger Fabric blockchain framework in a NodeJS runtime environment in userland. The STP DApp works as an Intrusion …

Privacy-Preserving Multi-Keyword Searchable Encryption For Distributed Systems, Xueqiao Liu, Guomin Yang, Willy Susilo, Joseph Tonien, Jian Shen

Research Collection School Of Computing and Information Systems

As cloud storage has been widely adopted in various applications, how to protect data privacy while allowing efficient data search and retrieval in a distributed environment remains a challenging research problem. Existing searchable encryption schemes are still inadequate on desired functionality and security/privacy perspectives. Specifically, supporting multi-keyword search under the multi-user setting, hiding search pattern and access pattern, and resisting keyword guessing attacks (KGA) are the most challenging tasks. In this article, we present a new searchable encryption scheme that addresses the above problems simultaneously, which makes it practical to be adopted in distributed systems. It not only enables multi-keyword …

Differential Training: A Generic Framework To Reduce Label Noises For Android Malware Detection, Jiayun Xu, Yingjiu Li, Robert H. Deng

Research Collection School Of Computing and Information Systems

A common problem in machine learning-based malware detection is that training data may contain noisy labels and it is challenging to make the training data noise-free at a large scale. To address this problem, we propose a generic framework to reduce the noise level of training data for the training of any machine learning-based Android malware detection. Our framework makes use of all intermediate states of two identical deep learning classification models during their training with a given noisy training dataset and generate a noise-detection feature vector for each input sample. Our framework then applies a set of outlier detection …

Novel Techniques In Recovering, Embedding, And Enforcing Policies For Control-Flow Integrity, Yan Lin

Dissertations and Theses Collection (Open Access)

Control-Flow Integrity (CFI) is an attractive security property with which most injected and code-reuse attacks can be defeated, including advanced attacking techniques like Return-Oriented Programming (ROP). CFI extracts a control-flow graph (CFG) for a given program and instruments the program to respect the CFG. Specifically, checks are inserted before indirect branch instructions. Before these instructions are executed during runtime, the checks consult the CFG to ensure that the indirect branch is allowed to reach the intended target. Hence, any sort of controlflow hijacking would be prevented. There are three fundamental components in CFI enforcement. The first component is accurately recovering …

Proposed Data Governance Framework For Small And Medium Scale Enterprises (Smes), Rejoice Okoro

All Graduate Theses, Dissertations, and Other Capstone Projects

Data governance is not a one size fits all, instead, it should be an evolutionary process that can be started small and measurable along the way. This research aims at proposing a data governance framework by ensuring data management processes, data security and control are compliant with laws and policies. This article also presents the first results of a comparative analysis between three data privacy laws and outlines five components which together form a data governance framework for SMEs. The data governance model documents data quality roles and their type of interaction with data quality management activities exploring how data …

Proxy-Free Privacy-Preserving Task Matching With Efficient Revocation In Crowdsourcing, Jiangang Shu, Kan Yang, Xiaohua Jia, Ximeng Liu, Cong Wang, Robert H. Deng

Research Collection School Of Computing and Information Systems

Task matching in crowdsourcing has been extensively explored with the increasing popularity of crowdsourcing. However, privacy of tasks and workers is usually ignored in most of exiting solutions. In this paper, we study the problem of privacy-preserving task matching for crowdsourcing with multiple requesters and multiple workers. Instead of utilizing proxy re-encryption, we propose a proxy-free task matching scheme for multi-requester/multi-worker crowdsourcing, which achieves task-worker matching over encrypted data with scalability and non-interaction. We further design two different mechanisms for worker revocation including ServerLocal Revocation (SLR) and Global Revocation (GR), which realize efficient worker revocation with minimal overhead on the …