Enabling Fine-Grained Multi-Keyword Search Supporting Classified Sub-Dictionaries over Encrypted Cloud Data

Enabling Fine-Grained Multi-Keyword Search Supporting Classified Sub-Dictionaries over Encrypted Cloud Data DOWNLOAD PROJECT SYNOPSIS Using cloud computing, individuals can store their data on remote servers and allow data access to public users through the cloud servers. As the outsourced data are likely to contain sensitive privacy information, they are typically encrypted before uploaded to the cloud. This, however, significantly limits the usability of outsourced data due to the difficulty of searching over the encrypted data. Developed the fine-grained multi-keyword search schemes over encrypted cloud data. The original contributions are three-fold.…

Read More

Group Key Agreement with Local Connectivity

Group Key Agreement with Local Connectivity DOWNLOAD PROJECT SYNOPSIS A group key agreement problem is studied where a user is only aware of his neighbors while the connectivity graph is arbitrary. In our problem, there is no centralized initialization for users. A group key agreement with these features is very suitable for social networks. Under our setting, we construct two efficient protocols with passive security. We obtain lower bounds on the round complexity for this type of protocol, which demonstrates that our constructions are round efficient. Finally, we construct an…

Read More

Key-Recovery Attacks on KIDS, a Keyed Anomaly Detection System

Key-Recovery Attacks on KIDS, a Keyed Anomaly Detection System Most anomaly detection systems rely on machine learning algorithms to derive a model of normality that is later used to detect suspicious events. Some works conducted over the last years have pointed out that such algorithms are generally susceptible to deception, notably in the form of attacks carefully constructed to evade detection. Various learning schemes have been proposed to overcome this weakness. Core idea is akin to the functioning of some cryptographic primitives, namely to introduce a secret element (the key)…

Read More

A Lightweight Scheme for Detecting Provenance Forgery and Packet Drop Attacks

A Lightweight Secure Scheme for Detecting Provenance Forgery and Packet Drop Attacks in Wireless Sensor Networks Large-scale sensor networks are deployed in numerous application domains, and the data they collect are used in decision-making for critical infrastructures. Data are streamed from multiple sources through intermediate processing nodes that aggregate information. A malicious adversary may introduce additional nodes in the network or compromise existing ones. Therefore, assuring high data trustworthiness is crucial for correct decision-making. Data provenance represents a key factor in evaluating the trustworthiness of sensor data. Provenance management for…

Read More

Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment

Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment Despite two decades of intensive research, it remains a challenge to design a practical anonymous two-factor authentication scheme, for the designers are confronted with an impressive list of security requirements and desirable attributes. Numerous solutions have been proposed, yet most of them are shortly found either unable to satisfy some critical security requirements or short of a few important features. To overcome this unsatisfactory situation, researchers often work around it in hopes of a new proposal, while paying little…

Read More

Hiding in the Mobile Crowd: Location Privacy through Collaboration

Hiding in the Mobile Crowd: Location Privacy through Collaboration Location-aware smartphones support various location-based services (LBSs): users query the LBS server and learn on the fly about their surroundings. However, such queries give away private information, enabling the LBS to track users. A user-collaborative privacy-preserving approach is proposed for LBSs. This solution does not require changing the LBS server architecture and does not assume third party servers; yet, it significantly improves users’ location privacy. The gain stems from the collaboration of mobile devices: they keep their context information in a…

Read More

Cost-Based Optimization of Service Compositions

Cost-Based Optimization of Service Compositions SERVICES COMPUTING APRIL-JUNE 2013 Technology Used: Dot Net For providers of composite services, preventing cases of SLA violations is crucial. Previous work has established runtime adaptation of compositions as a promising tool to achieve SLA conformance. However, to get a realistic and complete view of the decision process of service providers, the costs of adaptation need to be taken into account. In this paper, we formalize the problem of finding the optimal set of adaptations, which minimizes the total costs arising from SLA violations and…

Read More

SORT: A Self-Organizing Trust Model for Peer-to-Peer Systems

SORT: A Self-Organizing Trust Model for Peer-to-Peer Systems DEPENDABLE AND SECURE COMPUTING JANUARY/FEBRUARY 2013 Open nature of peer-to-peer systems exposes them to malicious activity. Building trust relationships among peers can mitigate attacks of malicious peers. This paper presents distributed algorithms that enable a peer to reason about trustworthiness of other peers based on past interactions and recommendations. Peers create their own trust network in their proximity by using local information available and do not try to learn global trust information. Two contexts of trust, service, and recommendation contexts, are defined…

Read More

NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems

NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems Jul/Aug 2013 Cloud security is one of most important issues that has attracted a lot of research and development effort in past few years. Particularly, attackers can explore vulnerabilities of a cloud system and compromise virtual machines to deploy further large-scale Distributed Denial-of-Service (DDoS). DDoS attacks usually involve early stage actions such as multistep exploitation, low-frequency vulnerability scanning, and compromising identified vulnerable virtual machines as zombies, and finally DDoS attacks through the compromised zombies. Within the cloud system, especially…

Read More

Toward Secure Multikeyword Top-k Retrieval over Encrypted Cloud Data

Toward Secure Multikeyword Top-k Retrieval over Encrypted Cloud Data Jul / Aug 2013 Cloud computing has emerging as a promising pattern for data outsourcing and high-quality data services. However, concerns of sensitive information on cloud potentially causes privacy problems. Data encryption protects data security to some extent, but at the cost of compromised efficiency. Searchable symmetric encryption (SSE) allows retrieval of encrypted data over cloud. In this paper, we focus on addressing data privacy issues using SSE. For the first time, we formulate the privacy issue from the aspect of…

Read More