-
Efficient functional encryption for inner product with simulation-based security Cybersecurity Pub Date : 2021-01-06 Wenbo Liu, Qiong Huang, Xinjian Chen, Hongbo Li
Functional encryption (FE) is a novel paradigm for encryption scheme which allows tremendous flexibility in accessing encrypted information. In FE, a user can learn specific function of encrypted messages by restricted functional key and reveal nothing else about the messages. Inner product encryption (IPE) is a special type of functional encryption where the decryption algorithm, given a ciphertext
-
A renewable energy forecasting and control approach to secured edge-level efficiency in a distributed micro-grid Cybersecurity Pub Date : 2021-01-06 Raphael Anaadumba, Qi Liu, Bockarie Daniel Marah, Francis Mawuli Nakoty, Xiaodong Liu, Yonghong Zhang
Energy forecasting using Renewable energy sources (RESs) is gradually gaining weight in the research field due to the benefits it presents to the modern-day environment. Not only does energy forecasting using renewable energy sources help mitigate the greenhouse effect, it also helps to conserve energy for future use. Over the years, several methods for energy forecasting have been proposed, all of
-
On the combination of data augmentation method and gated convolution model for building effective and robust intrusion detection Cybersecurity Pub Date : 2020-12-15 Yixiang Wang, Shaohua lv, Jiqiang Liu, Xiaolin Chang, Jinqiang Wang
Deep learning (DL) has exhibited its exceptional performance in fields like intrusion detection. Various augmentation methods have been proposed to improve data quality and eventually to enhance the performance of DL models. However, the classic augmentation methods cannot be applied to those DL models which exploit the system-call sequences to detect intrusion. Previously, the seq2seq model has been
-
Sifu - a cybersecurity awareness platform with challenge assessment and intelligent coach Cybersecurity Pub Date : 2020-12-15 Tiago Espinha Gasiba, Ulrike Lechner, Maria Pinto-Albuquerque
Software vulnerabilities, when actively exploited by malicious parties, can lead to catastrophic consequences. Proper handling of software vulnerabilities is essential in the industrial context, particularly when the software is deployed in critical infrastructures. Therefore, several industrial standards mandate secure coding guidelines and industrial software developers’ training, as software quality
-
Inner product encryption from ring learning with errors Cybersecurity Pub Date : 2020-11-10 Shisen Fang, Shaojun Yang, Yuexin Zhang
The functional encryption scheme designed using the lattice can realize fine-grained encryption and it can resist quantum attacks. Unfortunately, the sizes of the keys and ciphertexts in cryptographic applications based on learning with errors are large, which makes the algorithm inefficient. Therefore, we construct a functional encryption for inner product predicates scheme by improving the learning
-
Practical pairing-Free sensor cooperation scheme for cloud-Assisted wireless body area networks Cybersecurity Pub Date : 2020-11-03 Yuanzhao Song, Haowen Tan
Nowadays, the design and construction of efficient internet of things (IoTs) has become a new strategies for improving living quality of all aspects. Emerging as one of the most significant extension of medical IoTs, wireless body area networks (WBANs) is capable of monitoring crucial physiological and behavioral information through wearable sensors, offering a new paradigm for the next-generation
-
Development of anti-phishing browser based on random forest and rule of extraction framework Cybersecurity Pub Date : 2020-10-14 Mohith Gowda HR, Adithya MV, Gunesh Prasad S, Vinay S
Phishing is a technique under Social Engineering attacks which is most widely used to get user sensitive information, such as login credentials and credit and debit card information, etc. It is carried out by a person masquerading as an authentic individual. To protect web users from these attacks, various anti-phishing techniques are developed, but they fail to protect the user from these attacks
-
Automating threat modeling using an ontology framework Cybersecurity Pub Date : 2020-10-01 Margus Välja, Fredrik Heiding, Ulrik Franke, Robert Lagerström
Threat modeling is of increasing importance to IT security, and it is a complex and resource demanding task. The aim of automating threat modeling is to simplify model creation by using data that are already available. However, the collected data often lack context; this can make the automated models less precise in terms of domain knowledge than those created by an expert human modeler. The lack of
-
ELAID: detecting integer-Overflow-to-Buffer-Overflow vulnerabilities by light-weight and accurate static analysis Cybersecurity Pub Date : 2020-09-08 Lili Xu; Mingjie Xu; Feng Li; Wei Huo
The Integer-Overflow-to-Buffer-Overflow (IO2BO) vulnerability has been widely exploited by attackers to cause severe damages to computer systems. Automatically identifying this kind of vulnerability is critical for software security. Despite many works have been done to mitigate integer overflow, existing tools either report large number of false positives or introduce unacceptable time consumption
-
Lightning-fast and privacy-preserving outsourced computation in the cloud Cybersecurity Pub Date : 2020-09-02 Ximeng Liu; Robert H. Deng; Pengfei Wu; Yang Yang
In this paper, we propose a framework for lightning-fast privacy-preserving outsourced computation framework in the cloud, which we refer to as LightCom. Using LightCom, a user can securely achieve the outsource data storage and fast, secure data processing in a single cloud server different from the existing multi-server outsourced computation model. Specifically, we first present a general secure
-
A novel feature extraction methodology using Siamese convolutional neural networks for intrusion detection Cybersecurity Pub Date : 2020-08-14 Serafeim Moustakidis; Patrik Karlsson
Intrusion detection systems (IDS) can play a significant role in detecting security threats or malicious attacks that aim to steal information and/or corrupt network protocols. To deal with the dynamic and complex nature of cyber-attacks, advanced intelligent tools have been applied resulting into powerful and automated IDS that rely on the latest advances of machine learning (ML) and deep learning
-
Using deep learning to solve computer security challenges: a survey Cybersecurity Pub Date : 2020-08-10 Yoon-Ho Choi; Peng Liu; Zitong Shang; Haizhou Wang; Zhilong Wang; Lan Zhang; Junwei Zhou; Qingtian Zou
Although using machine learning techniques to solve computer security challenges is not a new idea, the rapidly emerging Deep Learning technology has recently triggered a substantial amount of interests in the computer security community. This paper seeks to provide a dedicated review of the very recent research works on using Deep Learning techniques to solve computer security challenges. In particular
-
Conceptualisation of Cyberattack prediction with deep learning Cybersecurity Pub Date : 2020-06-17 Ayei E. Ibor; Florence A. Oladeji; Olusoji B. Okunoye; Obeten O. Ekabua
The state of the cyberspace portends uncertainty for the future Internet and its accelerated number of users. New paradigms add more concerns with big data collected through device sensors divulging large amounts of information, which can be used for targeted attacks. Though a plethora of extant approaches, models and algorithms have provided the basis for cyberattack predictions, there is the need
-
Cyber risk at the edge: current and future trends on cyber risk analytics and artificial intelligence in the industrial internet of things and industry 4.0 supply chains Cybersecurity Pub Date : 2020-06-02 Petar Radanliev; David De Roure; Kevin Page; Jason R. C. Nurse; Rafael Mantilla Montalvo; Omar Santos; La’Treall Maddox; Pete Burnap
Digital technologies have changed the way supply chain operations are structured. In this article, we conduct systematic syntheses of literature on the impact of new technologies on supply chains and the related cyber risks. A taxonomic/cladistic approach is used for the evaluations of progress in the area of supply chain integration in the Industrial Internet of Things and Industry 4.0, with a specific
-
Server-aided immediate and robust user revocation mechanism for SM9 Cybersecurity Pub Date : 2020-05-13 Shuzhou Sun; Hui Ma; Rui Zhang; Wenhan Xu
As the only approved Identity-Based Encryption scheme in China that is also standardized by ISO, SM9-IBE has been widely adopted in many real-world applications. However, similar to other IBE standard algorithms, SM9-IBE currently lacks revocation mechanism, which is vital for a real system. Worse still, we find that existing revocable techniques may not be suitable and efficient when applying to SM9-IBE
-
Iso-UniK: lightweight multi-process unikernel through memory protection keys Cybersecurity Pub Date : 2020-05-07 Guanyu Li; Dong Du; Yubin Xia
Unikernel, specializing a minimalistic libOS with an application, is an attractive design for cloud computing. However, the Achilles’ heel of unikernel is the lack of multi-process support, which makes it less flexible and applicable. Many applications rely on the process abstraction to isolate different components. For example, Apache with the multi-processing module isolates a request handler in
-
Correction to: Human-as-a-security-sensor for harvesting threat intelligence Cybersecurity Pub Date : 2019-11-26 Manfred Vielberth, Florian Menges, Günther Pernul
In the original publication of this article (Vielberth et al. 2019), the author list was not completed.
-
Review and insight on the behavioral aspects of cybersecurity Cybersecurity Pub Date : 2020-04-21 Rachid Ait Maalem Lahcen; Bruce Caulkins; Ram Mohapatra; Manish Kumar
Stories of cyber attacks are becoming a routine in which cyber attackers show new levels of intention by sophisticated attacks on networks. Unfortunately, cybercriminals have figured out profitable business models and they take advantage of the online anonymity. A serious situation that needs to improve for networks’ defenders. Therefore, a paradigm shift is essential to the effectiveness of current
-
Layered obfuscation: a taxonomy of software obfuscation techniques for layered security Cybersecurity Pub Date : 2020-04-03 Hui Xu; Yangfan Zhou; Jiang Ming; Michael Lyu
Software obfuscation has been developed for over 30 years. A problem always confusing the communities is what security strength the technique can achieve. Nowadays, this problem becomes even harder as the software economy becomes more diversified. Inspired by the classic idea of layered security for risk management, we propose layered obfuscation as a promising way to realize reliable software obfuscation
-
Under false flag: using technical artifacts for cyber attack attribution Cybersecurity Pub Date : 2020-03-20 Florian Skopik; Timea Pahi
The attribution of cyber attacks is often neglected. The consensus still is that little can be done to prosecute the perpetrators – and unfortunately, this might be right in many cases. What is however only of limited interest for the private industry is in the center of interest for nation states. Investigating if an attack was carried out in the name of a nation state is a crucial task for secret
-
Predicting individuals’ vulnerability to social engineering in social networks Cybersecurity Pub Date : 2020-03-05 Samar Muslah Albladi; George R. S. Weir
The popularity of social networking sites has attracted billions of users to engage and share their information on these networks. The vast amount of circulating data and information expose these networks to several security risks. Social engineering is one of the most common types of threat that may face social network users. Training and increasing users’ awareness of such threats is essential for
-
A DGA domain names detection modeling method based on integrating an attention mechanism and deep neural network Cybersecurity Pub Date : 2020-02-28 Fangli Ren; Zhengwei Jiang; Xuren Wang; Jian Liu
Command and control (C2) servers are used by attackers to operate communications. To perform attacks, attackers usually employee the Domain Generation Algorithm (DGA), with which to confirm rendezvous points to their C2 servers by generating various network locations. The detection of DGA domain names is one of the important technologies for command and control communication detection. Considering
-
Efficient electro-magnetic analysis of a GPU bitsliced AES implementation Cybersecurity Pub Date : 2020-02-19 Yiwen Gao; Yongbin Zhou; Wei Cheng
The advent of CUDA-enabled GPU makes it possible to provide cloud applications with high-performance data security services. Unfortunately, recent studies have shown that GPU-based applications are also susceptible to side-channel attacks. These published work studied the side-channel vulnerabilities of GPU-based AES implementations by taking the advantage of the cache sharing among multiple threads
-
Malware Guard Extension: abusing Intel SGX to conceal cache attacks Cybersecurity Pub Date : 2020-01-19 Michael Schwarz; Samuel Weiser; Daniel Gruss; Clémentine Maurice; Stefan Mangard
In modern computer systems, user processes are isolated from each other by the operating system and the hardware. Additionally, in a cloud scenario it is crucial that the hypervisor isolates tenants from other tenants that are co-located on the same physical machine. However, the hypervisor does not protect tenants against the cloud provider and thus, the supplied operating system and hardware. Intel
-
An emerging threat Fileless malware: a survey and research challenges Cybersecurity Pub Date : 2020-01-14 Sudhakar; Sushil Kumar
With the evolution of cybersecurity countermeasures, the threat landscape has also evolved, especially in malware from traditional file-based malware to sophisticated and multifarious fileless malware. Fileless malware does not use traditional executables to carry-out its activities. So, it does not use the file system, thereby evading signature-based detection system. The fileless malware attack is
-
Human-as-a-security-sensor for harvesting threat intelligence Cybersecurity Pub Date : 2019-10-22 Manfred Vielberth; Florian Menges; Günther Pernul
Humans are commonly seen as the weakest link in corporate information security. This led to a lot of effort being put into security training and awareness campaigns, which resulted in employees being less likely the target of successful attacks. Existing approaches, however, do not tap the full potential that can be gained through these campaigns. On the one hand, human perception offers an additional
-
Predicate encryption against master-key tampering attacks Cybersecurity Pub Date : 2019-08-27 Yuejun Liu; Rui Zhang; Yongbin Zhou
Many real world attacks often target the implementation of a cryptographic scheme, rather than the algorithm itself, and a system designer has to consider new models that can capture these attacks. For example, if the key can be tampered by physical attacks on the device, the security of the scheme becomes totally unclear. In this work, we investigate predicate encryption (PE), a powerful encryption
-
An efficient full dynamic group signature scheme over ring Cybersecurity Pub Date : 2019-07-17 Yiru Sun; Yanyan Liu; Bo Wu
The group signature scheme is an important primitive in cryptography, it allows members in a group to generate signatures anonymously on behalf of the whole group. In view of the practical application of such schemes, it is necessary to allow users’ registration and revocation when necessary, which makes the construction of dynamic group signature schemes become a significant direction. On the basis
-
Survey of intrusion detection systems: techniques, datasets and challenges Cybersecurity Pub Date : 2019-07-17 Ansam Khraisat; Iqbal Gondal; Peter Vamplew; Joarder Kamruzzaman
Cyber-attacks are becoming more sophisticated and thereby presenting increasing challenges in accurately detecting intrusions. Failure to prevent the intrusions could degrade the credibility of security services, e.g. data confidentiality, integrity, and availability. Numerous intrusion detection methods have been proposed in the literature to tackle computer security threats, which can be broadly
-
On the use of Max-SAT and PDDL in RBAC maintenance Cybersecurity Pub Date : 2019-07-01 Marco Benedetti; Marco Mori
Role-Based Access Control (RBAC) policies are at the core of Cybersecurity as they ease the enforcement of basic security principles, e.g., Least Privilege and Separation of Duties. As ICT systems and business processes evolve, RBAC policies have to be updated to prevent unauthorised access to resources by capturing errors and misalignments between the current policy and reality. However, such update
-
(Identity-based) dual receiver encryption from lattice-based programmable hash functions with high min-entropy Cybersecurity Pub Date : 2019-06-13 Yanyan Liu; Daode Zhang; Yi Deng; Bao Li
Dual receiver encryption (DRE) is an important cryptographic primitive introduced by Diament et al. at CCS’04, which allows two independent receivers to decrypt a same ciphertext to obtain the same plaintext. This primitive is quite useful in designing combined public key cryptosystems and denial of service attack-resilient protocols. In this paper, we obtain some results as follows. Using weak lattice-based
-
Memory access integrity: detecting fine-grained memory access errors in binary code Cybersecurity Pub Date : 2019-06-07 Wenjie Li; Dongpeng Xu; Wei Wu; Xiaorui Gong; Xiaobo Xiang; Yan Wang; Fangming gu; Qianxiang Zeng
As one of the most notorious programming errors, memory access errors still hurt modern software security. Particularly, they are hidden deeply in important software systems written in memory unsafe languages like C/C++. Plenty of work have been proposed to detect bugs leading to memory access errors. However, all existing works lack the ability to handle two challenges. First, they are not able to
-
One-way information reconciliation schemes of quantum key distribution Cybersecurity Pub Date : 2019-05-22 Li Yang; Hua Dong; Zhao Li
With the rapid improvement of quantum computing technology, quantum key distribution(QKD) is a hot technology. Information reconciliation is a key step of QKD which is useful for correcting key error. Classical message interaction is necessary in a practical information reconciliation scheme, which makes the efficiency of these protocols decreased. Therefore, some one-way information reconciliation
-
ASSERT: attack synthesis and separation with entropy redistribution towards predictive cyber defense Cybersecurity Pub Date : 2019-05-14 Ahmet Okutan; Shanchieh Jay Yang
The sophistication of cyberattacks penetrating into enterprise networks has called for predictive defense beyond intrusion detection, where different attack strategies can be analyzed and used to anticipate next malicious actions, especially the unusual ones. Unfortunately, traditional predictive analytics or machine learning techniques that require training data of known attack strategies are not
-
Creeper : a tool for detecting permission creep in file system access controls Cybersecurity Pub Date : 2019-04-15 Simon Parkinson; Saad Khan; James Bray; Daiyaan Shreef
Access control mechanisms are widely used in multi-user IT systems where it is necessary to restrict access to computing resources. This is certainly true of file systems whereby information needs to be protected against unintended access. User permissions often evolve over time, and changes are often made in an ad hoc manner and do not follow any rigorous process. This is largely due to the fact that
-
Towards IP geolocation with intermediate routers based on topology discovery Cybersecurity Pub Date : 2019-04-11 Zhihao Wang; Hong Li; Qiang Li; Wei Li; Hongsong Zhu; Limin Sun
IP geolocation determines geographical location by the IP address of Internet hosts. IP geolocation is widely used by target advertising, online fraud detection, cyber-attacks attribution and so on. It has gained much more attentions in these years since more and more physical devices are connected to cyberspace. Most geolocation methods cannot resolve the geolocation accuracy for those devices with
-
From proof-of-concept to exploitable Cybersecurity Pub Date : 2019-03-29 Yan Wang; Wei Wu; Chao Zhang; Xinyu Xing; Xiaorui Gong; Wei Zou
Exploitability assessment of vulnerabilities is important for both defenders and attackers. The ultimate way to assess the exploitability is crafting a working exploit. However, it usually takes tremendous hours and significant manual efforts. To address this issue, automated techniques can be adopted. Existing solutions usually explore in depth the crashing paths, i.e., paths taken by proof-of-concept
-
Adversarial attack and defense in reinforcement learning-from AI security view Cybersecurity Pub Date : 2019-03-29 Tong Chen; Jiqiang Liu; Yingxiao Xiang; Wenjia Niu; Endong Tong; Zhen Han
Reinforcement learning is a core technology for modern artificial intelligence, and it has become a workhorse for AI applications ranging from Atrai Game to Connected and Automated Vehicle System (CAV). Therefore, a reliable RL system is the foundation for the security critical applications in AI, which has attracted a concern that is more critical than ever. However, recent studies discover that the
-
Group topic-author model for efficient discovery of latent social astroturfing groups in tourism domain Cybersecurity Pub Date : 2019-03-25 Noora Alallaq; Muhmmad Al-khiza’ay; Xin Han
Astroturfing is a phenomenon in which sponsors of fake messages or reviews are masked because their intentions are not genuine. Astroturfing reviews are intentionally made to influence people to take decisions in favour of or against a target service or product or organization. The tourism sector being one of the sectors that is flourishing and witnessing unprecedented growth is affected by the activities
-
PathMarker: protecting web contents against inside crawlers Cybersecurity Pub Date : 2019-02-20 Shengye Wan; Yue Li; Kun Sun
Web crawlers have been misused for several malicious purposes such as downloading server data without permission from the website administrator. Moreover, armoured crawlers are evolving against new anti-crawler mechanisms in the arm races between crawler developers and crawler defenders. In this paper, based on one observation that normal users and malicious crawlers have different short-term and long-term
-
Comprehensive evaluation of key management hierarchies for outsourced data Cybersecurity Pub Date : 2019-02-19 Naveen Kumar; Anish Mathuria
Key management is an essential component of a cryptographic access control system with a large number of resources. It manages the secret keys assigned to the system entities in such a way that only authorized users can access a resource. Read access control allows read access of a resource by the authorized users and disallows others. An important objective of a key management is to reduce the secret
-
Privacy-preserving decision tree for epistasis detection Cybersecurity Pub Date : 2019-02-18 Qingfeng Chen; Xu Zhang; Ruchang Zhang
The interaction between gene loci, namely epistasis, is a widespread biological genetic phenomenon. In genome-wide association studies(GWAS), epistasis detection of complex diseases is a major challenge. Although many approaches using statistics, machine learning, and information entropy were proposed for epistasis detection, the privacy preserving for single nucleotide polymorphism(SNP) data has been
-
A framework for the extended evaluation of ABAC policies Cybersecurity Pub Date : 2019-02-08 Charles Morisset; Tim A. C. Willemse; Nicola Zannone
A main challenge of attribute-based access control (ABAC) is the handling of missing information. Several studies have shown that the way standard ABAC mechanisms, e.g. based on XACML, handle missing information is flawed, making ABAC policies vulnerable to attribute-hiding attacks. Recent work has addressed the problem of missing information in ABAC by introducing the notion of extended evaluation
-
The privacy protection mechanism of Hyperledger Fabric and its application in supply chain finance Cybersecurity Pub Date : 2019-01-30 Chaoqun Ma; Xiaolin Kong; Qiujun Lan; Zhongding Zhou
Blockchain technology ensures that data is tamper-proof, traceable, and trustworthy. This article introduces a well-known blockchain technology implementation—Hyperledger Fabric. The basic framework and privacy protection mechanisms of Hyperledger Fabric such as certificate authority, channel, Private Data Collection, etc. are described. As an example, a specific business scenario of supply chain finance
-
Semi Markov process inspired selfish aware co-operative scheme for wireless sensor networks (SMPISCS) Cybersecurity Pub Date : 2019-01-28 Kanchana Devi V; Ganesan R
In Wireless Sensor Network (WSN), energy and packet forwarding tendencies of sensor nodes plays a potential role in ensuring a maximum degree of co-operation under data delivery. This quantified level of co-operation signifies the performance of the network in terms of increased throughput, packet delivery rate and decreased delay depending on the data being aggregated and level of control overhead
-
Access control technologies for Big Data management systems: literature review and future trends Cybersecurity Pub Date : 2019-01-24 Pietro Colombo; Elena Ferrari
Data security and privacy issues are magnified by the volume, the variety, and the velocity of Big Data and by the lack, up to now, of a reference data model and related data manipulation languages. In this paper, we focus on one of the key data security services, that is, access control, by highlighting the differences with traditional data management systems and describing a set of requirements that
-
Automated extraction of attributes from natural language attribute-based access control (ABAC) Policies Cybersecurity Pub Date : 2019-01-21 Manar Alohaly; Hassan Takabi; Eduardo Blanco
The National Institute of Standards and Technology (NIST) has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access control policy (NLACP) to a machine-readable form. To study the automation process, we consider the hierarchical ABAC model as our reference model since it better reflects the requirements
-
DTrace: fine-grained and efficient data integrity checking with hardware instruction tracing Cybersecurity Pub Date : 2019-01-14 Xiayang Wang; Fuqian Huang; Haibo Chen
Recently released Intel processors have been equipped with hardware instruction tracing facilities to securely and efficiently record the program execution path. In this paper, we study a case for data integrity checking based on Intel Processor Trace (Intel PT), the instruction tracing facility on x86 processors. We incorporate software instrumentation and hardware instruction tracing to guarantee
-
Graph-based visual analytics for cyber threat intelligence Cybersecurity Pub Date : 2018-12-28 Fabian Böhm; Florian Menges; Günther Pernul
The ever-increasing amount of major security incidents has led to an emerging interest in cooperative approaches to encounter cyber threats. To enable cooperation in detecting and preventing attacks it is an inevitable necessity to have structured and standardized formats to describe an incident. Corresponding formats are complex and of an extensive nature as they are often designed for automated processing
-
Forecasting cyberattacks with incomplete, imbalanced, and insignificant data Cybersecurity Pub Date : 2018-12-18 Ahmet Okutan; Gordon Werner; Shanchieh Jay Yang; Katie McConky
Having the ability to forecast cyberattacks before they happen will unquestionably change the landscape of cyber warfare and cyber crime. This work predicts specific types of attacks on a potential victim network before the actual malicious actions take place. The challenge to forecasting cyberattacks is to extract relevant and reliable signals to treat sporadic and seemingly random acts of adversaries
-
Cloud repository as a malicious service: challenge, identification and implication Cybersecurity Pub Date : 2018-10-11 Xiaojing Liao; Sumayah Alrwais; Kan Yuan; Luyi Xing; XiaoFeng Wang; Shuang Hao; Raheem Beyah
The popularity of cloud hosting services also brings in new security chal- lenges: it has been reported that these services are increasingly utilized by miscreants for their malicious online activities. Mitigating this emerging threat, posed by such “bad repositories” (simply Bar), is challenging due to the different hosting strategy to traditional hosting service, the lack of direct observations of
-
Automated identification of sensitive data from implicit user specification Cybersecurity Pub Date : 2018-09-29 Ziqi Yang; Zhenkai Liang
The sensitivity of information is dependent on the context of application and user preference. Protecting sensitive data in the cloud era requires identifying them in the first place. It typically needs intensive manual efforts. More importantly, users may specify sensitive information only through an implicit manner. Existing research efforts on identifying sensitive data from its descriptive texts
-
Concurrent non-malleable zero-knowledge and simultaneous resettable non-malleable zero-knowledge in constant rounds Cybersecurity Pub Date : 2018-09-29 Zhenbin Yan; Yi Deng; Yiru Sun
Concurrent non-malleable zero-knowledge (CNMZK) considers the concurrent execution of zero-knowledge protocols in a setting even when adversaries can simultaneously corrupt multiple provers and verifiers. As far as we know, the round complexity of all the constructions of CNMZK arguments for NP is at least ω(logn). In this paper, we provide the first construction of a constant-round concurrent non-malleable
-
CCA1 secure FHE from PIO, revisited Cybersecurity Pub Date : 2018-09-25 Biao Wang; Xueqing Wang; Rui Xue
Fully data using only public information. So far, most FHE schemes are CPA secure. In PKC 2017, Canetti et al. extended the generic transformation of Boneh, Canetti, Halevi and Katz to turn any multi-key identity-based FHE scheme into a CCA1-secure FHE scheme. Their main construction of multi-key identity-based FHE is from probabilistic indistinguishability obfuscation (PIO) and statistical trapdoor
-
Sensitive system calls based packed malware variants detection using principal component initialized MultiLayers neural networks Cybersecurity Pub Date : 2018-09-10 Jixin Zhang; Kehuan Zhang; Zheng Qin; Hui Yin; Qixin Wu
Malware detection has become mission sensitive as its threats spread from computer systems to Internet of things systems. Modern malware variants are generally equipped with sophisticated packers, which allow them bypass modern machine learning based detection systems. To detect packed malware variants, unpacking techniques and dynamic malware analysis are the two choices. However, unpacking techniques
-
A survey of practical adversarial example attacks Cybersecurity Pub Date : 2018-09-06 Lu Sun; Mingtian Tan; Zhe Zhou
Adversarial examples revealed the weakness of machine learning techniques in terms of robustness, which moreover inspired adversaries to make use of the weakness to attack systems employing machine learning. Existing researches covered the methodologies of adversarial example generation, the root reason of the existence of adversarial examples, and some defense schemes. However practical attack against
-
Detecting telecommunication fraud by understanding the contents of a call Cybersecurity Pub Date : 2018-08-31 Qianqian Zhao; Kai Chen; Tongxin Li; Yi Yang; XiaoFeng Wang
Telecommunication fraud has continuously been causing severe financial loss to telecommunication customers in China for several years. Traditional approaches to detect telecommunication frauds usually rely on constructing a blacklist of fraud telephone numbers. However, attackers can simply evade such detection by changing their numbers, which is very easy to achieve through VoIP (Voice over IP). To
-
Making a good thing better: enhancing password/PIN-based user authentication with smartwatch Cybersecurity Pub Date : 2018-08-20 Bing Chang; Yingjiu Li; Qiongxiao Wang; Wen-Tao Zhu; Robert H. Deng
Wearing smartwatches becomes increasingly popular in people’s lives. This paper shows that a smartwatch can help its bearer authenticate to a login system effectively and securely even if the bearer’s password has already been revealed. This idea is motivated by our observation that a sensor-rich smartwatch is capable of tracking the wrist motions of its bearer typing a password or PIN, which can be
-
Fuzzing: a survey Cybersecurity Pub Date : 2018-06-05 Jun Li; Bodong Zhao; Chao Zhang
Security vulnerability is one of the root causes of cyber-security threats. To discover vulnerabilities and fix them in advance, researchers have proposed several techniques, among which fuzzing is the most widely used one. In recent years, fuzzing solutions, like AFL, have made great improvements in vulnerability discovery. This paper presents a summary of the recent advances, analyzes how they improve
-
Feedback control can make data structure layout randomization more cost-effective under zero-day attacks Cybersecurity Pub Date : 2018-06-05 Ping Chen; Zhisheng Hu; Jun Xu; Minghui Zhu; Peng Liu
In the wake of the research community gaining deep understanding about control-hijacking attacks, data-oriented attacks have emerged. Among data-oriented attacks, data structure manipulation attack (DSMA) is a major category. Pioneering research was conducted and shows that DSMA is able to circumvent the most effective defenses against control-hijacking attacks — DEP, ASLR and CFI. Up to this day,
Contents have been reproduced by permission of the publishers.