Skip to main content
main-content

Über dieses Buch

This six volume set LNCS 11063 – 11068 constitutes the thoroughly refereed conference proceedings of the 4th International Conference on Cloud Computing and Security, ICCCS 2018, held in Haikou, China, in June 2018. The 386 full papers of these six volumes were carefully reviewed and selected from 1743 submissions. The papers cover ideas and achievements in the theory and practice of all areas of inventive systems which includes control, artificial intelligence, automation systems, computing systems, electrical and informative systems. The six volumes are arranged according to the subject areas as follows: cloud computing, cloud security, encryption, information hiding, IoT security, multimedia forensics.

Inhaltsverzeichnis

Frontmatter

Cloud Security

Frontmatter

Digital Continuity Guarantee Based on Data Consistency in Cloud Storage

Since the British National Archives put forward the concept of the digital continuity in 2007, Some developed countries have developed a digital continuity plan of action. At the same time, digital continuity has become a hot topic in electronic document research. However, there is still a lack of technologies and measures to protect digital continuity.Data usability is the foundation of digital continuity, and its focus is on making digital information readable and operational. Data consistency is the essential requirement of data usability. If there is no data consistency, then there is no data availability. Therefore, ensuring digital consistency of electronic records is the basis for digital continuity. This paper proposes a framework for verifying the consistency of electronic record data based on functional dependency theory. Moreover, an example of verifying the data consistency based on functional dependency theory is given to check the data consistency of electronic record periodically.

Yongjun Ren, Yepeng Liu, Chengshan Qian

Dynamic Risk Access Control Model for Cloud Platform

In cloud environment, the traditional risk access control model cannot match rules dynamically and the risk values are insensitive for access requests. This paper proposed a cloud platform dynamic risk access control model (CPDAC) to solve the above problems. Firstly, the attribute-based access control model was improved by introducing the event calculus mechanism, and then the dynamic rule-matching module was constructed in the CPDAC. Secondly, based on programming regression (PR), the risk-evaluation-index weight distribution module was designed, and the risk assessment module with high sensitive value to access requests was constructed. Experimental results show that CPDAC is effective and feasible; in addition, the model is better in real-time and dynamic than other existing models.

Lixia Xie, Ruixin Wei, Yuguang Ning, Hongyu Yang

Efficient Multiparty Quantum Secret Sharing Scheme in High-Dimensional System

Quantum secret sharing (QSS) is an important component of quantum cryptograph. The original QSS scheme was proposed based on entangled GHZ states. But a drawback of the scheme is that only half of the quantum resource is effective, and the other half has to be discarded. To enhance the efficiency of the scheme, we propose an efficient multiparty QSS scheme and generalized it in high-dimensional system. By using a measurement-delay strategy on the dealer’s side, the efficiency of the improved QSS schemes can be raised to 100%, rather than 50% or $$\frac{1}{d}$$ in previous schemes.

Ming-Ming Wang, Lu-Ting Tian, Zhi-Guo Qu

EkCRNN: A kNN Privacy Preserving Query Algorithm Based on Circular Region Extension

In location based services, users can request interesting services around them at any time and anywhere through mobile devices. They need to send their locations to get the service, which may cause the disclosure of their location privacy. In order to protect the location privacy, a typical way is to convert the specific location into a location area. After finding the interest points around the region, the server needs to refine the result set to get the exact result of the query. In this article, we extended the existing kNN query algorithm based on the circular region, and proposed an algorithm called EkCRNN. This algorithm used an anonymous server to exchange information between the user and the LBS server. We compared two algorithms through experiments, and the experimental results show that our algorithm has higher accuracy.

Honghao Zhou, Tinghuai Ma, Jing Jia, Yuan Tian, Mznah Al-Rodhaan

Fast Detection of Heavy Hitters in Software Defined Networking Using an Adaptive and Learning Method

Heavy Hitters refer to the set of flows that represent a significantly large proportion of the link capacity or of the active traffic. Identifying Heavy Hitters is of particular importance in both network management and security applications. Traditional methods are focusing on sampling in the middle box and analyzing those packets using streaming algorithms. The paradigm of Software Defined Network (SDN) simplifies the work of flow counting. However, continuously monitoring the network will introduce overhead, which needs to be considered as a tradeoff between accurate measurement in real-time. In this paper, We propose a novel method that stamps each suspicious flow with a weight based on an online learning algorithm. The granularity of measurement is dynamically changed according to the importance of each flow. We take advantage of history flows to make the procedure of finding a heavy hitter faster so that applications can make decisions instantly. Using real-world data, we show that our online learning method can detect heavy hitters faster with less overhead and the same accuracy.

Zhiliang Wang, Changping Zhou, Yang Yu, Xingang Shi, Xia Yin, Jiangyuan Yao

Focused Crawler Framework Based on Open Search Engine

When users need to analyze webpages related to some specific topics, generally they use crawlers to acquire webpages, and then analyze the results to extract those match the users’ interests. However, in data acquisition stage, users usually have customize demand on acquiring data. Ordinary crawler systems are very resource-constrained so they cannot traverse the entire internet. Meanwhile, search engines can satisfy these demand but it relies on many manual interactions. The traditional solution is to constrain the crawlers in some limited domain, but this will lead to the problem of low recall rate as well as inefficiency. In order to solve the problems above, this paper does some research on focused crawlers framework based on open search engine. It takes advantage of open search engine’s information gather and retrieval capabilities, and can automatically/semi-automatically generate the topic model to interpret and complete users search intents, with only a few seed keywords need to be provided initially. Then it uses open search engine interfaces to iteratively crawl topic-specific webpages. Compared with the traditional ways, the focused crawler based on open search engine proposed in this paper improves the recall rate and efficiency under the premise of ensuring the accuracy.

Jiawei Liu, Yongfeng Huang

Identity Based Privacy Information Sharing with Similarity Test in Cloud Environment

In recent years, great progress has been made in global digital construction, various kinds of methods, such as encryption, isolated storage and firewall, are used to prevent information from stealing. However, the above mentioned technologies severely hinder information sharing, especially in some special areas, such as medical industries in which doctors need to share similar patient’s information to improve the effectiveness of treatment. The premise of sharing information is to find the desired information on encrypted data, although identity based encryption scheme with equality test (IBEET) has been defined as a viable solution, it can only search for the ciphertext formed by the exact same plaintext. In this paper, we firstly propose an efficient identity based privacy information sharing with similarity test in cloud environment. Our scheme can search out similar data of the target data on encrypted content. Besides, we use advanced Locality-Sensitive Hashing function to generate index for data to protect the privacy information of users.

Faguo Wu, Wang Yao, Xiao Zhang, Zhiming Zheng, Wenhua Wang

Image Encryption and Compression Based on a VAE Generative Model

To solve the problem that the network security real-time transmits image, a new image encryption and compression method based on a variational auto-encoder (VAE) generative model is proposed in this paper. The algorithm aims to encrypt and compress images by using a variational auto-encoder generative model. Firstly, we use multi-layer perceptual neural network to train the VAE model, and set parameters of the model to get the best model. Then, the peak signal-to-noise ratio (PSNR) and mean square error (MSE) are used to measure the compression effect and Set the number of iterations of the model. Finally, we extract the data of based on a variational auto-encoder and perform division, then the data input the VAE generative model to encrypt image and analyze encryption images. In this paper, we use the standard image of 256 * 256 to do simulation experiments and use histogram and image correlation to analyze the results of encryption. The simulation results show that the proposed method can effectively compress and encrypt images, and then obtain better compression image than stacked auto-encoder (SAE), while the algorithm is faster and easier encrypting and decrypting images and the decrypted image distortion rate is low and suitable for practical applications.

Xintao Duan, Jingjing Liu, En Zhang, Haoxian Song, Kai Jia

Improved Two-Factor Authentication Protocol Based on Biometric Feature and Password for Cloud Service

Secure and efficient authentication protocols are necessary for cloud service. Multi-factor authentication protocols taking advantage of smart card, user’s password and biometric, are more secure than password-based single-factor authentication protocols which are widely used in practice. However, almost all the existed two-factor authentication protocols and multi-factor authentication protocols are based on smart cards, which will inevitably lead to a series of security problems caused by the loss of smart cards. Recently, Li et al. proposed a two-factor authenticated key agreement protocol based on biometric feature and password innovatively without using smart card. But we demonstrate that Li et al.’s protocol can’t resist the privileged-insider attack and the stolen verifier attack. Moreover, their protocol failed to provide user anonymity. To overcome the weaknesses of Li et al.’s scheme, we then proposed an improved two-factor authentication protocol based on the extended Chebyshev chaotic mapping. To illustrate the security of our scheme, we give a standard formal proof with the sequence of games (SOG) technique. Furthermore, we also present a comprehensive heuristic security analysis to demonstrate that the proposed protocol is capable of withstanding all the possible various attacks and provides the desired security features. Compared with other schemes, ours is more secure and efficient.

Jian Song, Bo-ru Xu, Guo-chao Zhang, Guang-song Li, Chuan-gui Ma, Ai-jun Ge

Mass Discovery of Android Malware Behavioral Characteristics for Detection Consideration

Android malware have surged and been sophisticated, posing a great threat to users. The key challenge of detect Android malware is how to discovery their behavioral characteristics at a large scale, and use them to detect Android malware. In this work, we are motivated to discover the discriminatory features extracted from Android APK files for Android malware detection. To achieve this goal, firstly we extract a very large number of static features from each Android application (or app). Secondly, we explain the importance of each kind of feature in Android malware detection. Thirdly, we fed these features into three different classifiers (e.g., SVM, DT, RandomFoerst) for the detection of Android malware. We conduct extensive experiments on large real-world app sets consisting of 6,820 Android malware and 37,581 Android benign apps. The experimental results and our analysis give insights regarding what discriminatory features are most effective to characterize Android malware for building an effective and efficient Android malware detection approach.

Xin Su, Weiqi Shi, Jiuchuan Lin, Xin Wang

Medical Information Access Control Method Based on Weighted Information Entropy

With the rapid popularization of the Internet and the Information Office of medical institutions, a large amount of electronic medical information has been generated. Medical information involves the privacy of the patient. At present, many lawless use various means to obtain the patient’s privacy information and take advantage of it for benefits. At present, there are many research methods of medical data access control, but the structure of medical data is complex, and the amount of data is huge. The contradiction between privacy protection and data utilization is still difficult to balance. A method of medical information access control based on weighted information entropy is proposed for the privacy protection and data utilization of electronic medical information. This method uses information entropy to measure the amount of information that a medical information visitor possesses, and sets different weights for different kinds of privacy information to assist in computing information contents. Method sets the tolerance of information and compares the amount of information the visitor has with the tolerance. The access strategy decides whether to feed back the requested medical information according to comparison result. After security analysis and comparison, this method can effectively protect the patient’s privacy information and meet the needs of the legitimate visitors.

Lijuan Zheng, Linhao Zhang, Meng Cui, Jianyou Chen, Shaobo Yang, Zhaoxuan Li

Modeling and Analysis of a Hybrid Authentication Protocol for VANET

A policy mechanism of pseudonym exchange was established in VANET. The group signature is introduced as the identity attribute tag of the message which be used as a supplement to pseudonym. A white list mechanism is also proposed to avoid generate huge storage and cancellation overhead in the pseudonym signature scheme. The security and performance analysis show that the proposed protocol is feasible. In the storage overhead, authentication speed and robustness are superior to the traditional scheme. However, the increase of message length has little effect on packet loss rate and end-to-end delay. Compared to its performance in privacy protection and saving computational overhead, these effects can be ignored.

Yang Xu, Ziwang Wang, Lei Huang, Xiaoyao Xie

Modeling and Data Analysis of the Balise System

As the key components of the train control system, Balise and Balise Transmission Module (BTM) cooperate with each other and fulfill the ground-train information transmission to ensure the safety and reliability of train operation. However, Balise is a transmission point device which is based on electronic coupling, the up-link signal easily affected by surrounding electromagnetic field. Aiming at the requirements for developments of high-speed railway, this paper builds the model for the dynamic transmission process of the Balise up-link signal using finite integral method (FIT) and electromagnetic field theory, respectively. It is proved that the model has sufficient accuracy for presenting the desired characteristics. Then, the effects of electromagnetic pulse (EMP) on the Balise up-link is studied using electromagnetic field theory, and the time domain waveform of the Balise system induced current is derived. The simulation analysis shows that the electromagnetic pulse belongs to transient electromagnetic interference. Its duration is usually shorter than the communication time of the Balise up-link, but its spectrum distribution is wider and its pulse energy is larger. When the spectral range of the electromagnetic pulse overlaps the operating band of the Balise up-link, in-band interference will occur, and it can cause bit errors in the Balise up-link signal, which will influence the safety of high-speed railway operation.

Shuai Zhang, Zhiwei Gao, Li Cui

Network Attack Prediction Method Based on Threat Intelligence

The increasing number of Advanced Persistent Threat (APT) and compound attacks have brought greater challenges to network security issues. In order to effectively prevent and respond to compound attacks, a method of cyber-attack prediction based on threat intelligence is proposed. Firstly, a threat intelligence matching method is used to extract high-quality threat intelligence from the external threat intelligence, and then predicting the attack behavior based on the context data in high-quality threat intelligence. In the absence of high-quality threat intelligence, the mixed strategy Nash equilibrium is used to predict the attack behavior. According to the game relationship between attack strategy and defense strategy.

Junshe Wang, Yuzi Yi, Hongbin Zhang, Ning Cao

Network Security Situation Assessment Approach Based on Attack-Defense Stochastic Game Model

To analyze the influence of threat propagation on network system and accurately evaluate system security, this paper proposes an approach to improve the awareness of network security, based on Attack-Defense Stochastic Game Model (ADSGM). The variety of network security elements collected by multi-sensors are fused into a standard dataset such as assets, threats and vulnerabilities. For every threat, it builds a threat propagation network and propagation rule. By using the game theory to analyze the network offensive and defensive process, it establishes the ADSGM. The ADSGM can dynamically evaluate network security situation and provide the best reinforcement schema. Experimental results on a specific network indicate that the approach is more precise and more suitable for a real network environment. The reinforcement schema can effectively prevent the propagation of threats and reduce security risks.

Jianyi Liu, Fangyu Weng, Ru Zhang, Yunbiao Guo

Preservation Mechanism of Electronic Record Based on Erasure Code and Multi Copies in Cloud Storage

With the rapid growth of cloud storage center, the cumulative volume of data reaches EB and even ZB from PB. As a result, both network size and the number of storage nodes continue to grow explosively, while the data failure rate is still increasing. Cloud storage centers encode the raw data into erasure codes, to save the system overhead as much as possible meanwhile guarantee the reliability of data. However, the state-of-art erasure codes techniques still rely on a conventional centralized model which results in unaffordable encoding/decoding cost, and thus cannot adapt to the data-intensive processing requirements for distributed cloud storage environments. In the paper, the preservation mechanism of combining erasure code and copy backup is proposed, to improve the reliability of electronic records in cloud storage. This paper focuses on the erasure code archiving of electronic documents and puts forward the ability aware erasure code filing of electronic documents. Moreover, the corresponding implementation algorithm and steps are described.

Yongjun Ren, Lin Zhou, Yepeng Liu, Xiaorui Zhang

Privacy-Preserved Prediction for Mobile Application Adoption

As the increasing quantity of mobile applications brings all kinds of benefits to smartphone users, people are more difficult to pick a new suitable mobile application (also known as app) out of hundreds in an app store. Thus, predicting which app will be installed by a specific user can help both users and app store operators. Existing works have focused on this problem and tried to use various features and algorithms to help recommend apps to users. However, some of them suffer from privacy and security issues, i.e. the system requires too much personal information about the user, such as detailed location series, social network information or even age, gender and other personality traits. And most of the content-based filtering methods only take the apps that have similar topics or functions to the already-used ones into consideration but ignore the demand saturation situation and the facts that users may explore new topics according to their personality. In this paper, we put forward a novel method, which uses limited user information to recommend new apps to individuals. It protects user privacy and achieves high accuracy at the same time. Experiments show that the proposed model achieve 23.5% precision and 19.3% recall in top-5 (out of 577 apps) prediction result.

Changxu Wang, Jing Chu

Privacy-Preserving Credit Scoring on Cloud

Credit scoring needs comprehensive data to achieve accurate assessment. However, these data often lie in the different places such as banks and financial institutions, internet firms, and almost all the data contain privacy information. Meanwhile, the acquisition of big data and privacy protection influence the rapid development of big data for credit scoring. And the introduction of big data for credit scoring proposes a lot of requirements for computing and storage capabilities. Cloud servers can provide powerful computing and storage services, but it also accompanies with higher privacy requirements. In this paper, we designed an additively homomorphic based secure multiparty computation scheme to collect and calculate credit data shared by different parties and at the same time preserve privacy in the cloud computing. We introduced two scenarios for credit scoring in this paper: one is to collect statistic information of relevant variables (such as a user’s overdue information in all banks) based on the existing credit model. The other is to collect a large amount of data for training to get credit evaluation model, but the efficiency of this scenario will be significantly lower due to the need of lots of multiplication operations. Finally, we analyzed the security and performance of our scheme, and proved that our scheme is safe and does not reveal the privacy of data in the cloud server.

Jilin Wang, Yingzi Chen, Xiaoqing Feng

QS-Code: A Quasi-Systematic Erasure Code with Partial Security for Cloud Storage

To address the reliability and privacy concerns in cloud storage systems, we present a quasi-systematic erasure code with partial security, referred to as QS-code. As a new family of maximum distance separable (MDS) codes, it has a number of advantages, privacy-preserving, efficient and reliable in data access and storage. In QS-code, the coded data maintain the originality of one of the two data blocks in the original file, allowing for efficient data accessing, while preserving the privacy of the other. Results of our experiment showed that QS-code outperforms encryption technology in computational efficiency.

Chong Wang, Ke Zhou, Ronglei Wei

Research and Application of Traceability Model for Agricultural Products

Aiming at the problem of strong decentralization, poor compatibility and low sharing in the traceability system of domestic agricultural products, combined with the industrial chain of agricultural products, three general traceability models of agricultural products were proposed and established. Through the research of the model, it is concluded that the establishment of the traceability information flow model of agricultural products ensures seamless connection of all links in the agricultural product chain, and facilitates the traceability of agricultural products smoothly. The information sharing model of the traceability information of agricultural products improves the sharing of traceability information and is beneficial to the establishment of a comprehensive traceability system. The traceability function model of agricultural products provides a more general model for the traceability system. The validity of the model was proved by applying the model to the traceability system of winter jujube, providing a theoretical basis and a feasible solution for the construction of agricultural products.

Xiaotong Wu, Pingzeng Liu, Jianrui Ding, Changqing Song, Bangguo Li, Xueru Yu

Research on Risk Aversion Enterprise Financial Crisis Warning Based on Support Vector Data Description

Enterprise financial crisis warning is on the basis of the existing financial index to construct and run mathematical model to predict the possibility of enterprise financial crisis. Due Based on reviewing research situation of enterprise financial crisis warning both domestic and foreign, a new financial crisis warning model based on support vector data description for risk aversion enterprise is proposed which aims at the ignorance of loss differences caused by model errors from the angle of the usage of financial crisis model by the manager of risk aversion enterprises. The theoretical analysis and empirical study show that the proposed model can reduce the second class of financial crisis warning model errors.

Xiang Yu, Shuang Chen, Yanbo Li, Hui Lu, Le Wang

Research on Trust Management Model in Cloud Manufacturing

For security and trust issues in cloud manufacturing systems, trust management issues in the trust system are analyzed. An effective trust management model was proposed and introduced in detail. The model considers multiple trust-related factors. The model adds a time period to the calculation of direct trust. The reputation information of the node, the attenuation of the trust recommendation transmission, and the weight of the trust level are taken into consideration. The model combines weighted tightness with trust. This method implements traversal of the recommended node. Ultimately, indirect trust is derived. Based on the values of direct trust, indirect trust, and the weight of the overall trust assessment, a comprehensive degree of trust is derived. Trust values are saved and updated. Experiments show that the research is credible and practical. The model improves the overall safety performance of cloud manufacturing systems.

Xiaolan Xie, Xiao Zhou, Tianwei Yuan

Resource Allocation Based on Reverse Auction Algorithm in Edge Computing Environment

With the exploding growth in the number of devices and data traffic, cloud networks face challenges such as high speeds and low latency. The traditional edge calculation is to send data that can’t be processed by the local edge server to the remote cloud for processing. This will put great pressure on the remote cloud server, and the data will have relatively large transmission delay through the intermediate device. For this problem, this paper proposes an edge calculation method based on reverse auction algorithm to process the data nearby, and adopts the idea of reverse auction to distribute the overloaded data to the edge server with less load, reduce the transmission delay, improve the user experience, and balance the server load. The final simulation results show that allocating overloaded data to adjacent edge server for processing can make server load balance and significantly reduce transmission delay compared to sending to remote cloud.

Xinfeng Zhu, Zhihao Zhang, Yanling Wang, Guohai Wang

RITS: Real-Time Interactive Text Steganography Based on Automatic Dialogue Model

Steganography based on texts has always been a hot but extremely hard research topic. Due to the high coding characteristics of the text compared to other information carriers, the redundancy of information is very low, which makes it really difficult to hide information inside. In this paper, combined with the recurrent neural network (RNN) and reinforcement learning (RL), we designed and implemented a real-time interactive text steganography model (RITS). The proposed model can automatically generate semantically coherent and syntactically correct dialogues based on the input sentence, through the reasonable encoding of the text in the dialog generation process to realize secret information hiding and transmission. We trained our model using publicly collected datasets which contains 5808 dialogues and evaluated the proposed model from several perspectives. Experimental results show that the proposed model can be very efficient to implement the embedding and extraction of information. The generated dialogue texts are of high quality which shows high concealment.

Zhongliang Yang, Pengyu Zhang, Minyu Jiang, Yongfeng Huang, Yu-Jin Zhang

Searchable Encryption Scheme Based on CPABE with Attribute Update in a Cloud Medical Environment

With the development in cloud storage, hospitals outsource the encrypted electronic medical records to the cloud services for economic saving. A cloud medical environment where the attribute is frequently updated, the existing searchable encryption schemes cannot support both ciphertext search and fine-grained access control. Therefore, combining ciphertext policy attribute-based encryption with searchable encryption technology, a cryptographic retrieval scheme supporting attribute update is proposed. Attributes can be updated frequently and partial decryption is transferred to the cloud storage server. Security analysis shows that the scheme can protect security and privacy under the DBDH assumption and the experimental results with real data show that the scheme is an efficient and practical application.

Sun Jingzhang, Cao Chunjie, Li Hui

Secure File Storage System Among Distributed Public Clouds

This paper studies the technology of file storage and retrieval in multiple public clouds based on secret sharing. The research is based on a local storage and multiple public cloud storage to achieve the exchange of data between local storage and public cloud storage. Users can view files, upload files, download files, delete files, and retrieve files through local clients. A file storage directory tree is provided which records the file nodes. Through this storage directory tree, users can examine the structure of file storage on the client, add nodes, that is the simulation of deleting files, and delete nodes, that is the simulation of downloading files. After symmetric encryption, the source file which users upload through the client is stochastically deposited into multiple cloud-storage spaces in the form of encrypted file. Based on the idea of Shamir secret sharing, as the original secret, the storage directory tree is divided into several sub-secrets each of which is deposited individually into a specified cloud-storage space. During the separation, the key data which used for the reconstruction of the original secret is preserved in the local-storage space. The symmetric key is generated by an algorithm, and the seed of the key is preserved in the simulated local storage. The purpose of the study is to improve the data security of public cloud storage, reduce the risk of user data leakage, and provide users with convenient and practical system services.

Li Ximing, Chen Weizhao, Guo Yubin, Zhang Senyang, Huang Qiong

Security Strategy of Campus Network Data Center in Cloud Environment

In the campus network security strategy, the traditional university data center only considers traffic safety as the consideration factor, in the cloud computing environment, the security model of the virtualization data center is transformed from 2d to 3d. This paper proposes four security strategies and designs the security and equipment deployment of campus network data center under the cloud environment, thus improving the security of campus network data center in the cloud environment.

Ge Suhui, Wan Quan, Sun Wenhui

SLIDE: An Efficient Secure Linguistic Steganography Detection Protocol

Linguistic steganography detection aims at distinguishing between normal text and stego-text. In this paper, based on homomorphic cryptosystem, we propose an efficient secure protocol for linguistic steganography detection. The protocol involves a vendor holding a private detector of linguistic steganography and a user in possession of some private text documents consisting of stego-text and normal text. By cooperatively performing the secure two-party protocol, the user can securely obtain the detection results of his private documents returned by the vendor’s remote detector while both vendor and user learn nothing about the privacy of each other. It is shown the proposed protocol is still secure against probe attack. Experiment result and theoretical analysis confirm the efficiency, correctness, security, computation complexity and communication overheads of our scheme.

Linghao Zhang, Sheng Wang, Wei Gan, Chao Tang, Jie Zhang, Huihui Liang

Study on the Development of U.S. Intercontinental Alliance Clean Renewable Energy Based on CA-DEA Model

This paper establishes a data envelopment analysis model to assess the sustainable development of energy in each state. At the same time, we use the principal component analysis method to select renewable energy indicators and form an evaluation system. Calculate and rank the clean renewable energy development index for each state and assess the development of clean energy in the four states. At the same time, we use the Corresponding analysis method, taking time and selected indicators as variables, and conducted a differentiated analysis of the development of energy indicators at each stage. Through a comprehensive analysis of indicators and factors such as the population, the geography, the climate, the industry, etc., we compared the development of each state, determined the choice of the best development area, and the similarities and differences between the development forecasts of the states in 2025 and 2050, and formulated proposal for faster and more effective development of the Intercontinental Union.

Yazhou Dong, Mengxing Huang, Di Wu, Xijun He, Zhaoqing Wang, Uzair Aslam Bhatti

SU-IDS: A Semi-supervised and Unsupervised Framework for Network Intrusion Detection

Network Intrusion Detection Systems (NIDSs) are increasingly crucial due to the expansion of computer networks. Detection techniques based on machine learning have attracted extensive attention for their capability to detect novel attacks. However, they require a large amount of labeled training data to train an effective model, which is difficult and expensive to obtain. To this effect, it is critically important to build models which can learn from unlabeled or partially-labeled data. In this paper, we propose an autoencoder-based framework, i.e., SU-IDS, for semi-supervised and unsupervised network intrusion detection. The framework augments the usual clustering (or classification) loss with an auxiliary loss of autoencoder, and thus achieves a better performance. The experimental results on the classic NSL-KDD dataset and the modern CICIDS2017 dataset show the superiority of our proposed models.

Erxue Min, Jun Long, Qiang Liu, Jianjing Cui, Zhiping Cai, Junbo Ma

Using Blockchain for Data Auditing in Cloud Storage

Cloud storage is one of the most important service of cloud computing. Since cloud service providers can not be completely trusted, traditional auditing methods can’t guarantee the security of data sources. This paper proposes a security framework for cloud data audit using blockchain technology. User’s operational information on the file is formed to a block after validated by all checked nodes in the blockchain network, and then to be put into the blockchain. Any modification or fake to the operational information can be inspected through the chain structure of block, thus ensuring the security of auditing data source. We construct a prototype in an Ethereum-based blockchain using Aliyun as data storage service, then test the time overhead of uploading file, broadcasting operation information and packing information into block chain. The results show that the time for packaging block remains unchanged from an overall viewpoint, and as the file size increasing, packaging block occupies less percentage in the entire process of file uploading or downloading.

Chunhua Li, Jiaqi Hu, Ke Zhou, Yuanzhang Wang, Hongyu Deng

Encryption

Frontmatter

A Chaotic Searchable Image Encryption Scheme Integrating with Block Truncation Coding

In order to provide secure retrieval for encrypted digital images in cloud-based system, a secure searchable image encryption algorithm based on Block Truncation Coding (BTC) and Henon chaotic map is presented. Henon Chaotic map is used to encrypt two quantization levels of BTC compressed images, and a pseudo random sequence is created by chaotic map to scramble the bit plane of each sub-block. The feature value of each sub-block is computed according to the relationship between the number of 1s and 0s in the corresponding bit plane. The encrypted image retrieval can be achieved by comparing the normalized correlation coefficients between the feature vectors. Experimental results show that the proposed scheme has satisfactory retrieval accuracy and security. Meanwhile, it has low computational cost and can be used for encrypted images retrieval in the cloud.

Mingfang Jiang, Guang Sun

A Face Privacy Protection Algorithm Based on Block Scrambling and Deep Learning

In recent years, with the widespread use of face recognition authentication technology, the phenomenon that a large number of face photos are stored on a third-party server is very common, and the problem of face privacy protection is very prominent. This paper presents a face privacy protection algorithm based on deep convolutional neural network (CNN), FBSR (Face Block Scrambling Recognition). The algorithm uses Arnold random scrambling to segment key face images and key parts. The server directly verifies scrambled face images through CNN model. The FBSR algorithm enables the server to save the original face template throughout the entire process, thus it achieves effective scrambling protection of the original face image. Experimental results show that the proposed algorithm has a recognition rate of 97.62% after CNN recognition, which strengthens face privacy protection to some extent.

Wei Shen, Zhendong Wu, Jianwu Zhang

A General Two-Server Framework for Ciphertext-Checkable Encryption Against Offline Message Recovery Attack

In CT-RSA 2010, Yang et al. proposed a notion of public key encryption with equality test (PKEET), which allows a tester to check whether two ciphertexts encrypted under different public keys as well as the same public key contain the same message. Then various PKEET schemes are proposed to enforce authorization mechanisms for users to specify who can perform equality test on their ciphertexts. However, it is still an open problem for PKEET to resist offline message recovery attack until now. In this paper, we introduce a general two-server framework for ciphertext-checkable encryption scheme to withstand offline message recovery attack. Furthermore, it has a nice property of flexible authorization and supports checking two types of equations on the ciphertexts of $$M_{i}$$ and $$M_{j}$$ under different public keys as well as the same public key: $$aM_{i} = bM_{j}$$ and $$M_{i}^{a} = M_{j}^{b}$$ , where a and b are integers.

Yunhao Ling, Sha Ma, Qiong Huang, Ximing Li

A Hash-Based Public Key Cryptosystem

In this paper, a new public key cryptosystem based on hash is proposed. The algorithm uses hash and time-memory trade-off to construct a trap-door one-way function. It can guarantee the security strength equivalent to the same length symmetric encryption algorithm. Meanwhile, our algorithm has a fast encryption speed and reasonable decryption time, which can be applied to message encryption on the occasions of limited resources such as wireless sensor network. Experimental and theoretical analysis proves that under the same encryption strength, our algorithm’s packet length can be much lower than traditional encryption schemes such as RSA, and has an excellent performance in encryption.

Qian Yin, Gang Luo

A Homomorphic Masking Defense Scheme Based on RSA Cryptography Algorithm

Aiming at the implement of RSA algorithm, the attack methods are variety. In order to ensure the algorithm can against the side channel attack, in this paper, we present a masking scheme for RSA decryption. Our scheme exploits the multiply-homomorphic property of the existing RSA encryption scheme to compute an multiply-mask as an encryption of a random message and randomly splits the secret key into two shares as the sub-calculate such that each share is statistically independent from the original value. Our solution differs in several aspects from the recent masking RSA implementation. According to encrypted random number, the original ciphertext is blinded and the splitting secret key can reduce the size of the key and speed up the calculation of the algorithm. During the decryption, all the operations are under the masking state, therefore, through multiply masking and secret key splitting, we can secure a RSA implementation, the scheme we proposed can against the timing attack, simple power attack and differential power attack. Compared with others, this scheme can reach a higher calculation and security level.

Juanmei Zhang, Zichen Li, Yafei Sun, Boya Liu, Yatao Yang

A New Dependency Parsing Tree Generation Algorithm Based on the Semantic Dependency Relationship Between Words

In this paper it presents a new dependency parsing tree (DPT) generation algorithm. Different from other similar algorithms, which based on statistical probability model, the algorithm converts the dependency parsing tree generation problem into a semantic segments dividing problem. In this paper, the co-occurrence frequency of words is firstly analyzed, and it is pointed out that the co-occurrence frequency of words can be used as the basis for the judgment of semantic dependence relationship between words. Then it further analyzes the change of co-occurrence frequency entropy of words in a semantic unit (sentence is used as the basic semantic unit in this paper). And we present an algorithm to divide a sentence into semantic fragments in which words has tight semantic relationship with each other. Based on the above work, this paper divides the DPT generation algorithm into three steps. The first step is to divide the sentence into semantic fragments. The second step is to distinguish semantic core word and non-semantic core words according to the semantic dependency relationship between words in a semantic fragment. Then in the last step the DPT is generated according semantic dependency relationship between semantic core words. Based on court documents which collected from web, the experiments of our DPT generation algorithm are conducted in this paper. And the results show that the DPT generation algorithm in this paper maintains a high degree of consistency with the DPT tree generated by human.

Jin Han, Wen Long Xu, Yu Ting Jing

A Novel Hierarchical Identity-Based Encryption Scheme from Lattices

Hierarchical identity based encryption is a powerful public key encryption scheme where entities are arranged in a directed tree. Each entity in the tree is provided with a secret key from its parent and can delegate this secret key to its children so that a child entity can decrypt messages intended for it. Aiming at the high complexity in user’s private key extraction and large expansion ratio of trapdoor size in previous hierarchical identity-based encryption schemes, in this paper, we proposed a new HIBE scheme. We first used the implicit extension method to improve preimage sampling algorithm, and then we combined the improved algorithm with MP12 trapdoor delegation algorithm to construct an efficient hierarchical identity-based encryption user’s private key extraction algorithm. Finally, we integrated the new extraction algorithm and the Dual-LWE algorithm to complete our scheme. Compared with the similar schemes, the efficiency of our scheme is improved in system establishment and user’s private key extraction stage, the trapdoor size grows only linearly with the system hierarchical depth, and the improved preimage sample algorithm partly solves the Gaussian parameter increasing problem induced by MP12 trapdoor delegation. The security of the proposed scheme strictly reduces to the hardness of decisional learning with errors problem in the standard model.

Qing Ye, Mingxing Hu, Wei Gao, Yongli Tang

A Novel Hierarchical Identity-Based Fully Homomorphic Encryption Scheme from Lattices

Hierarchical identity-based fully homomorphic encryption (HIBFHE) scheme is a powerful scheme, as it aggregates the advantages of both fully homomorphic encryption and hierarchical identity-based encryption systems. In recent years, the construction of HIBFHE schemes were mainly based on lattices due to their conjectured resistance against quantum cryptanalysis, however, which makes these cryptosystems further unpractical. The first hierarchical identity-based fully homomorphic encryption scheme was presented by Gentry, Sahai and Waters (CRYPTO 2013). Their scheme however works with a not well performed trapdoor and delegation algorithm; that is, the trapdoor is conceptually and algorithmically complex, and the delegation algorithm’s performance is sensitive with the lattice dimension. In this work, we substantially improve their work by using a novel trapdoor function and its relevant algorithms. Specifically, we first use that construct an efficient algorithm for sampling-invertible matrix, based on this we construct a novel delegation algorithm which can keep the lattice dimension unchanged upon delegation. Building on this result, we first construct a more efficient hierarchical identity-based encryption scheme, and then transform it to HIBFHE scheme by using eigenvector method. Under the hardness of Learning with Errors problem, the resulting scheme can be proven secure in the standard model. To the best of our knowledge, this is the first HIBFHE scheme in fixed dimension.

Mingxing Hu, Qing Ye, Wei Gao, Yongli Tang

A Novel Privacy-Preserving Decentralized Ciphertext-Policy Attribute-Based Encryption with Anonymous Key Generation

A privacy-preserving decentralized ciphertext-policy attribute-based encryption (CP-ABE) scheme is a variant of the multi-authority attribute-based encryption schemes where it requires neither a central authority nor cooperation among authorities for issuing secret keys. It also featured the privacy-preserving and resisting user collusion. However, previous privacy-preserving decentralized CP-ABE schemes can only hide user’s partial information, such as global identifier (GID), but user’s attribute information leaked to the authority may be sensitive which will lead to privacy disclosure. To overcome this shortcoming, we propose an improved privacy-preserving decentralized CP-ABE scheme with anonymous key generation protocol, where it can prevent authorities from learning any information about user’s both GID and attributes. Theoretical analysis and simulation results demonstrate that the proposed scheme is secure and efficient. In the standard model, its security is reduced to a standard decisional bilinear Diffie-Hellman complexity assumption.

Hongjian Yin, Leyou Zhang, Yi Mu

A Robust Fingerprint Identification Method by Deep Learning with Gabor Filter Multidimensional Feature Expansion

Traditional fingerprint methods based on minutiae matching perform well for the acquisition of large area fingerprint. But the accuracy rate and the robustness of small area fingerprint decreases obviously when contains less minutia. Aiming at solving the above problem, a small area fingerprint matching method based on Convolution Neural Network (CNN) which selecting the center block of fingerprint as the region of interest (ROI) after preprocessing and using the Gabor filter to extract feature as multidimensional feature extension named ROIFE_CNN (ROI of fingerprint feature extension recognition of CNN) is proposed to enhance robustness. Experiments show that the accuracy of small area fingerprint classification based on CNN is enhanced.

Jiajia Yang, Zhendong Wu, Jianwu Zhang

A Survey on the New Development of Medical Image Security Algorithms

With the development of big data, cloud computing and artificial intelligence, smart healthcare based on Internet plus has become a highly attractive application area. Medical image storage and analysis are progressively becoming cloud-based, providing the preconditions for the efficient cooperation of remote diagnostics and the full sharing of research resources. However, the frequent medical data breach events have greatly infringed on the privacy of users and brought about huge social losses. Therefore, how to strengthen medical images security and privacy protection during transmission, storage and use is very urgent. In this paper, the security requirements of medical images in cloud computing are analyzed. And a survey is introduced focusing on the development status of medical images security techniques in recent 5 years. The open issues of medical image security are also analyzed in this paper, which point out the possible directions for future research.

Yun Tan, Jiaohua Qin, Ling Tan, Hao Tang, Xuyu Xiang

Adaptively Chosen Ciphertext Secure Lattice IBE Based Programmable Hash Function in the Standard Model

In order to increase security of identity-based encryption (IBE) scheme in the standard model from lattice, and reduce the size of master public key, we propose a new lattice-based IBE scheme. This scheme mainly uses the identity-based lossy trapdoor function to generate trapdoor, and get the master public key, master private key and ciphertext from programmable hash function. Comparative analysis shows that, compared to MP12 trapdoor delegation algorithm, identity-based lossy trapdoor function is directly related to user’s identity, at the same time the trapdoor is lossy, each different identity corresponds to a different trapdoor, it is impossible to distinguish that the master public key whether is lossy or injective for the adversary, so that the adversary is unable to obtain complete information about how to construct the trapdoor functions, this feature makes the trapdoor function more secure than other trapdoor functions. In addition, the size of master public of previous scheme is $$ {\rm O}\left( n \right) $$ ( $$ n $$ denotes the length of the user’s identity), using programmable hash function constructs master public key of our scheme, so that our scheme master public key size is reduced to $$ {\rm O}\left( {\log n} \right) $$ , the size of the master public key of our scheme is reduced and the efficiency of our scheme is improved. Finally, we can prove our scheme is indistinguishability from random under adaptive chosen ciphertext and chosen-identity attacks (INDr-ID-CCA) secure based on learning with error hard problem in the standard model.

Yongli Tang, Mingming Wang, Zongqu Zhao, Qing Ye

An Efficient and Secure Key Agreement Protocol Preserving User Anonymity Under Chebyshev Chaotic Maps

A type of key agreement protocol based on chaotic maps was proposed in 2009. Soon after the proposal, it was analyzed and improved. Unfortunately, there are still two weaknesses in the two improved protocols. To strengthen the performance of the focused type of protocol, a new improved protocol based on Niu et al.’s protocol is proposed in this paper. Theoretical analysis shows that our improved protocol is immune to denial of service attacks through the keyed hashed digests with either the secret key or the session key. Moreover, modified protocol is more cost-efficient by shifting most computations from on-line to off-line.

Hong Lai, Mingxing Luo, Li Tao, Fuyuan Xiao, Cheng Zhan, Xiaofang Hu

An Efficient Privacy-Preserving Handover Authentication Scheme for Mobile Wireless Network

An efficient and secure authentication protocol is essential to enable the mobile devices handover seamlessly to a different access point. However, due to the limited computation resource and battery capacity in mobile devices as well as the openness and insecurity of wireless channel, designing an efficient and secure handover scheme for wireless network is a challenging task. Furthermore, most of the existing handover schemes are vulnerable to various kinds of attacks and cannot yield good performance. According to the analysis of the current schemes, we summarize the security goals that should be fulfilled by the handover authentication scheme. In this paper, we present a new handover authentication and key agreement scheme on elliptic curve cryptosystem for mobile wireless networks which does not involve the trusted third party and provides privacy-preserving mutual authentication between mobile devices and the access point. The proposed scheme consists of three phases: system setup, handover preparation, handover authentication. We give the details of each phase. The theoretical analysis indicates that the proposed scheme achieves universal security features. The secrecy of the generated session key and mutual authentication of the proposed scheme are verified by ProVerif. In addition, performance comparison shows that the proposed scheme outperforms the related schemes in terms of computation cost and communication overhead.

Jiaqing Mo, Zhongwang Hu, Yuhua Lin

Analysis and Improvement on an Image Encryption Algorithm Based on Bit Level Permutation

A modeling description of Ye algorithm is first presented in this paper. Then a chosen plaintext attack is proposed aiming at the drawback of Ye algorithm that the generation procedure of permutation vectors has no relation with plain image. With the attack, the permutation vectors (keystreams equivalent to secret key) can be correctly recovered with only ceil(log2(8MN)) chosen plain images, which is proved by Proposition 1. Thirdly, an improvement of Ye algorithm is proposed. Experiments and analysis show the validity of chosen plaintext attack and the security of improved algorithm. Attack and improvement proposed in this paper provides concrete method of security analysis and “plain image related” design idea of secure permutation against chosen plaintext attack for analysis and design of chaos based image encryption algorithm.

Bin Lu, Fenlin Liu, Ping Xu, Xin Ge

Attribute-Based Encryption Scheme Supporting Tree-Access Structure on Ideal Lattices

Attribute-based encryption (ABE) has been an active research area in cryptography due to its attractive applications. But almost all ABE scheme are based on bilinear maps, which leave them vulnerable to quantum cryptanalysis. The cryptographic system based on lattices is considered to be able to resist the quantum attack, and the computational efficiency is high. Therefore, the encryption scheme based on lattice theory has received wide attention in recent years. At present, the research of the attribute based encryption scheme on ideal lattices is lacking, and there are many problems need to be solved. Lots of existing schemes support only a single access policy and cannot support flexible expressions. For solving the problem of designing access structure in attribute-based encryption scheme under quantum environment, combined with Zhu’s scheme, an attribute-based encryption scheme supporting tree access structures on ideal lattices is introduced. The scheme adopts tree-access structure to express access strategy, the leaf nodes of the tree represent attributes, and the non-leaf nodes represent logical operators. The access tree can express the access policy flexibly by Shamir threshold secret sharing technology, including “and”, “or”, “threshold” operation. The scheme is proved to be secure against chosen plaintext attack under the standard mode. The analysis shows that our scheme can resist the quantum attack and realize the flexible access strategy with the better performance.

Jinxia Yu, Chaochao Yang, Yongli Tang, Xixi Yan

Big Data Security Framework Based on Encryption

The biggest challenge for big data era from a security point of view is the protection of user’s privacy and data security. Big data analysis is a more complex process, especially if the data is unstructured. We must transfer the unstructured to the structured data if we query the information. Organizations will have to track down what pieces of information in their big data are ddata security and the related technologies for big data security, which includes Key Management for Access Control, Attribute-Based Access Control, Secure Search for Parties Involved, Searchable Encryption and Secure Data Processing.

Shaobing Wu, Changmei Wang

Controlled Bidirectional Remote Preparation of Single- and Two-Qubit State

We propose two novel schemes for controlled bidirectional remote state preparation of single- and two-qubit state by using five- and nine-qubit entangled state as the quantum channel. First, our schemes are considered in two cases that the coefficients of prepared state are real and complex, respectively. Second, by virtue of appropriate measurement and the corresponding local unitary operations, we explicitly give how to accomplish these preparation tasks. Third, taking the first scheme as an example, we discuss our scheme in four kinds of noisy environments (bit-flip, phase-flip, amplitude-damping and depolarizing noisy environment). We calculate fidelity and find that it depends on the prepared state coefficients and decoherence rate. Eventually, some discussions are given.

Yi-Ru Sun, Gang Xu, Xiu-Bo Chen, Yi-Xian Yang

Efficient Group Signature Scheme Over NTRU Lattice

Group signature schemes empower users to sign messages in the name of a group at the same time (1) keeping anonymity with respect to an outsider, and (2) guaranteeing traceability of a signer when needed. In this work we construct a new group signature scheme based on NTRU lattices. To achieve goals, we use a new algorithm for sampling a basis on NTRU lattice. Group signatures have many features, such as anonymity and traceability. They play an important role in the field of cryptography, and group-based group signatures are more resistant to quantum attacks. However, the unique advantages of lattice cryptography have the disadvantage of space consumption. At present the group signature schemes has high communication cost, and their size of system public key size is too large. Hence NTRU lattice is a kind of special lattice based on polynomial ring, and only involves polynomial ring small integer multiplication and modular arithmetic compared with the general case. NTRU lattice system shortens the length of public key, and has the faster computing speed. In order to reduce the size of the lattice key, this paper uses the Gaussian discrete distributed sampling algorithm on the NTRU lattice to construct a new NTRU lattice-based group signature. And provide relevant safety certification and efficiency analysis.

Qing Ye, Xiaomeng Yang, Xixi Yan, Zongqu Zhao

Error Tolerant ASCA on FPGA

Algebraic Side-Channel Attack (ASCA) is a side-channel attack that models the cryptographic algorithm and side-channel leakage from the system as a set of equations, then solves for the secret key. Unlike pure side-channel attacks, ASCA has low data complexity and can succeed in unknown plaintext/ciphertext scenarios. However, past research on ASCA has been done on either 8-bit microcontroller data or simulated data. In this paper, we explore the application and feasibility of error tolerant ASCA on different platforms, such as field-programmable gate array (FPGA) and examines the error model of Hamming weights in terms of success of the attack. FPGA runs faster and is more difficult for encryption power trace to be isolated so it presents more of a challenge for the attacker. Since FPGA is as susceptible to ASCA as 8-bit micro-controllers, the attack could have widespread implications since it may be applicable to other hardware platforms as well.

Chujiao Ma, John Chandy

Fuzzy Identity-Based Signature from Lattices for Identities in a Large Universe

A fuzzy identity-based signature (FIBS) is exactly like a traditional identity-based signature except that a signature issued under an identity $$\mathrm {id}$$ can be verified under any identity $$\mathrm {id}'$$ that is “close enough” to $$\mathrm {id}$$ . This property allows FIBS having an efficient application in biometric authentication and three schemes over lattices exist, two constructions in the random oracle model and one in the standard model. However, the identities can only support binary vectors, i.e., $$\{0,1\}^{\ell }$$ , which greatly limit the scope of its application. In this paper, a FIBS scheme from the hardness of lattice problems for identities living in a large universe, i.e., $$({\mathbb {Z}}_{q}^{n})^{\ell }$$ , is proposed, so that they can capture more expressive attributes and the new construction is proved to be existentially unforgetable against adaptively chosen identity and message attacks (EU-aID-CMA) in the random oracle model.

Yanhua Zhang, Yong Gan, Yifeng Yin, Huiwen Jia, Yinghui Meng

Improvement of STDM Watermarking Algorithm Based on Watson Model

In order to ensure the security of transmission data in the system, a secure transmission channel can be established by using steganography in order to ensure the security of transmission data in the system. STDM (Spread Transform Dither Modulation) watermarking algorithm has a good performance on robustness, capacity and blind detection. In order to make a balance between robustness and transparency, this paper make some improvements on the selection and construction of project vector of STDM based on research of Watson vision model, and then proposed an improvement STDM watermarking algorithm. The simulation results shows that this method can improve robustness performance when comes into JPEG attack.

Wenting Jiang, Zhongmiao Kang, Yan Chen

Improving Privacy-Preserving CP-ABE with Hidden Access Policy

User’s privacy-preserving has become an urgent problem with the rapid development of cloud technologies. Anonymous ciphertext-policy Attribute Based Encryption (CP-ABE) not only protects the security of data, but also ensures that the privacy of the data user is not compromised. However, most of the known schemes have some shortcomings where those schemes either cannot achieve compact security or are inefficient in Encryption and Decryption. Additionally, recent works show the reality of the anonymity in some proposed schemes is doubtful. To address the problems above, we use the double exponent technique to construct an anonymous CP-ABE scheme which is more compact than the results at present. The proposed scheme with hidden access policy works in prime order groups. Meanwhile, we prove the security of our scheme under the decisional n-BDHE and decisional linear assumption.

Leyou Zhang, Yilei Cui, Yi Mu

Integral and Impossible Differential Cryptanalysis of RC6

The block cipher RC6 is one of the finalists of the five candidates of AES for its security, simplicity and easy soft-hardware implementation. In view of its importance, the resistance of RC6 against integral cryptanalysis and impossible differential cryptanalysis is evaluated in this paper. The result shows that the complexities of both integral attack on RC6 reduced to 4 rounds and impossible differential attack on RC6 reduced to 5 rounds are lower than exhaustive search. Meanwhile, it is demonstrated that RC6 with more rounds is immune to the two kinds of cryptanalysis since the data-dependent cycle increases the diffusion immensely.

Hongguo Zhu, Xin Hai, Jiuchuan Lin

Multi-class Imbalanced Learning with One-Versus-One Decomposition: An Empirical Study

In supervised learning, the underlying skewed distribution of multiple classes poses extreme difficulties for learning good models. A common scheme to deal with the multi-class imbalanced problem is to decompose an original dataset into several binary-class subsets and incorporate some imbalanced learning techniques. This paper presents our empirical study on the state-of-the-art multi-class imbalanced learning algorithms which are based on One-versus-One (OVO) decomposition. We implemented six algorithms in literature, including SMOTEBagging, UnderBagging, OVO plus OVA, OVO plus SMOTE, One-Against-Higher-Order, and DynamicOVO, and evaluate their performance in terms of multi-class Area Under the ROC (MAUC) on eighteen datasets with different characteristics. Experimental results show that the OVO plus SMOTE algorithm is superior to other algorithms and it is quite stable.

Yanjun Song, Jing Zhang, Han Yan, Qianmu Li

Multiple Schemes for Bike-Share Service Authentication Using QR Code and Visual Cryptography

With the growing application of quick response (QR) code on bike-share service, there is the possibility of tampering and replacing the QR code. Thus the security of the personal information and the property are fragile. To solve the problem, we propose the multiple QR code authentication schemes for bike-share service. The hierarchy visual cryptography system (HVCS) is combined with the error correction of QR code in Scheme I. Firstly, the secret image for authentication is encrypted into two shared images (referred to as shadows) according to improved (2, 2)-PVCS. Secondly, one of the shadows is stored in cloud server and the another shadow is encrypted into n sub-shadows based on probability. Then these sub-shadows are fused with QR codes to get the security QR codes which are posted on bikes. Finally, when users scan the security QR codes (shadows) by smartphone, the shadow stored in cloud server is downloaded and stack with the scanned QR code to decode the secret image for QR code authentication. Scheme II is a method of adapting multiply secret images for batter visual effect. The multi-secret visual cryptography system (MVCS) and the XOR mechanism of RS with Positives Basis Vector Matrix (PBVM) are combined. Firstly, a random grid is generated as the special shadow in cloud server. Secondly a series of shadows is generated according to the MVCS. Then these shadows are fused with QR code by XOR mechanism of RS code to obtain the security QR codes. Finally, secret images are decoded by stacking the special shadow and security QR codes. Experimental results show that our methods has great capacity and high security.

Li Li, Jier Yu, Bing Wang, Qili Zhou, Shanqing Zhang, Jianfeng Lu, Chin-Chen Chang

Power Network Vulnerability Detection Based on Improved Adaboost Algorithm

The impact of the Internet on the power industry is increasing, the detection of power network vulnerability becomes more and more important. Traditional power network vulnerabilities detection methods are relatively labor-intensive and inefficient, so, the power network vulnerability detection algorithm based on improved Adaboost is proposed in this paper. It is a kind of machine learning algorithm, which select C4.5 decision tree as weak classifier to integrate a strong classifier. Compared with neural network, KNN and other methods, the proposed algorithm is more efficient in power network vulnerability detection.

Wenwei Tao, Song Liu, Yang Su, Chao Hu

Privacy Preserving for Big Data Based on Fuzzy Set

Today Big Data is one of the major technology usages for every research areas in competitive world. There are many important aspects with Big Data which would be volume, velocity, variety and veracity. Furthermore it is necessary to optimize existing methods to be executable for privacy preserving of Big Data. In this paper, firstly analysis about Big Data and its associated privacy Preserving, then makes an overview of privacy preservation especially for the Location Privacy Data. Furthermore it proposes model for privacy preserving, and then gives formulation about the algorithm of Privacy Preserving Based on Fuzzy Set (PPFS) which can help to achieve privacy preserving.

Jun Wu, Chunzhi Wang

Quantum Private Comparison Based on Delegating Quantum Computation

Based on delegating quantum computation (DQC) model, a two-party quantum private comparison protocol with single photons is proposed, and it is also generalized to the multi-party case. In the protocols, the clients’ inputs are firstly encrypted with the shared keys, and then sent to quantum center (QC) to perform quantum computation, i.e., the CNOT operations with which QC can get the comparison result. By utilizing the DQC model, clients with limited quantum resources can delegate semi-honest QC to perform quantum comparison of equality, besides their information sequences are encrypted and transmitted only once. Analysis shows that out protocols have very good security, low communication complexity and high efficiency.

Haibin Wang, Daomeng Pan, Wenjie Liu

Reversible Data Hiding in Partially-Encrypted Images

This paper presents a novel reversible data hiding method for medical images with privacy protection in only partial of the image areas. Specifically, only those areas with privacy protection requirement are encrypted. Firstly, the cover image is segmented into two layers including the foreground layer where privacy information exists, and the background layer. Then, a parameter termed as shadowing factor is proposed to balance the requirements of privacy protection and embedding capacity. With the shadowing factor, the privacy area and the embedding area are obtained. Finally, location scrambling is employed to encrypt the privacy area, and data are embedded into the embedding area. The benefits of the proposed partial-encryption based RDH method are in three folds: improving the embedding capacity, providing implementation flexibility in choosing existing data hiding techniques, and presenting users with the capability of understanding some of the image content from the partially-encrypted image even without decryption.

Haishan Chen, Wien Hong, Jiangqun Ni, Tung-Shou Chen

Secure Multiparty Quantum Summation Based on d-Level Single Particles

In this paper, we propose a multiparty quantum summation module d protocol based on d-level single particles (where d is a prime number). A semi-trusted additional party is introduced to help multiple participants achieve this summation task. Our protocol is more practical and efficient, because it uses only single particles rather than entangled states. After that, the Chinese remainder theorem is utilized to get the summation without module d. Furthermore, the security of our protocols is analyzed, it shows that our protocols could resist some well-known attacks.

Xin Tang, Gang Xu, Kun-Chang Li, Xiu-Bo Chen, Yi-Xian Yang

Survey and Analysis of Cryptographic Techniques for Privacy Protection in Recommender Systems

In recent years, internet is packed with a lot of information, which has prevented timely retrieval of useful information. Recommender systems have helped to solve this information surplus and also provide personalized information retrieval. However, for an efficient recommendation, the recommender systems require users’ personal information which is a serious privacy concern for many. Some Cryptographic techniques are used for protecting users’ privacy in recommender systems while still allowing the system to generate a useful and accurate recommendation to the users. In this paper, we have surveyed recent studies, observed the current trends and proposed future insight in the use of cryptographic techniques e.g. homomorphic encryption for users’ privacy protection in recommender systems. We have also highlighted the protocol used in terms of whether it is centralized or decentralized and some of their limitations e.g. heavy reliance on trusted/semi-trusted third party etc. In addition, we considered the adversary each protocol is protected against with the purpose of guiding researchers interested in the use of cryptographic techniques for privacy protection in recommender systems.

Taiwo Blessing Ogunseyi, Cheng Yang

The CP-ABE with Full Verifiability Outsourced Decryption and White-Box Traceability

In the CP-ABE scheme, the private key is defined on attributes shared by multiple users. For any private key that can not be traced back to the owner of the original key, the malicious users may sell their decryption privileges to third parties for economic benefit and will not be discoverable. In addition, most of the existing ABE schemes have a linear increase in decryption cost and ciphertext size with the complexity of access structure. These problems severely limit the application of CP-ABE. By defining the traceable table to trace the user who intentionally disclosed the key, the cost of the decryption operation is reduced through the outsourcing operation, in this paper, a CP-ABE scheme was proposed that is traceable and fully verifiability for outsourced decryption. The scheme can simultaneously check the correctness for transformed ciphertext of the authorized user and unauthorized user. And this scheme supports any monotonous access structure, increasing traceability in the existing CP-ABE scheme will not have any impact on its security. This paper is proved to be selective CPA-secure in the standard model.

Li Cong, Yang Xiaoyuan, Liu Yazhou, Wang Xu’an

Backmatter

Weitere Informationen

Premium Partner

    Bildnachweise