Security, Privacy, and Anonymity in Computation, Communication, and Storage

Table of Contents

1. The 8th International Workshop on Trust, Security and Privacy for Big Data (TrustData 2017)

   1. Frontmatter

   2. Two Improved Anonymous Authentication Methods for PCS

      Chun-lin Jiang, Shi-lan Wu, Ke Gu

      Abstract

      To avoid the weakness and also reduce the computation cost of Lee-Yeh’s anonymous authentication protocol, an improved scheme has been proposed by Lee-Chang, but it still needs too much message rounds. A double delegation-based scheme has been proposed by Ou-Hwang to reduce the message rounds. Though it needs only four message rounds which are two rounds less than the previous one, it is still considered to be further improved. This paper exploits two improved methods, one of which reduces one message round by accurately combining message parameters, and the other achieves efficiency by decreasing public-key computation on MS. The comparison shows that, our improvements are efficient and practical.

   3. Multi-match Segments Similarity Join Algorithm Based on MapReduce

      Heng Xiao, Xianchun Zhou

      Abstract

      Similarity joint is applied in many fields. While the similarity joint algorithm is used to clean the massive data set, MapReduce can provide an effective framework of distributed computers. This paper mainly analyzes the similarity joint algorithm which is based on MapReduce, and proposes an improved strategy that introduces the implementation process base on the framework of MapReduce in detail after the improvement of PassJoin algorithm. The improved algorithm increases the filtering conditions to eliminate its own redundancy in the filtering phase and reduces the times of reading the original string. The time consumption is reduced considerably by experiments, which shows the effectiveness of the improved strategy.

   4. GPU-Accelerated Histogram Generation on Smart-Phone and Webbrowser

      Hai Jiang, Xianyi Zhu, Yi Xiao, Jiawei Luo, Yan Zheng

      Abstract

      Histogram is a critical component of algorithms in image processing to count tonal percentage. The performance of generating histogram sequentially does not satisfy the demand of realtime applications on smart phone and webbrowser. This paper proposes a two-pixel voting scheme (2PVS) for histogram generation on GPU. Compared with previous methods, the scale of problem can be cut down by a half using 2PVS. Every two adjacent pixels are considered as one object to be voted into a bin of histogram, followed by a recursive texture reduction process. We implement this method with graphics interface, which is compatible with embedded device and webbrowser. Experiments show that our method runs 0.3 to 1.9 times faster than the baseline method on smartphone while 1.2 to 2.6 times faster on webbrowser.

   5. An Efficient Message Routing Algorithm Using Overhearing in Community Opportunistic Networks

      Junhai Zhou, Qin Liu, Siwang Zhou, Yapin Lin

      Abstract

      For the Opportunistic networks composed by mobile devices, which carried by people and have short-range wireless communication interface, its nodes movement reflects the characteristics of community. When nodes use wireless communication interface to broadcast information, other nodes within its sending range can overhear the sending information. The characteristic of broadcast is rarely used by the routing algorithms of the community opportunistic networks, so we present an efficient message routing algorithm using overhearing in community opportunistic networks. The algorithm divides the message routing into two phases: entering the destination community of message and reaching its destination node. The algorithm selects relay nodes for message based on the community attribute of nodes. At the same time, each node uses the overhearing information to advance the progress of message forwarding and clear redundant messages copies. Experiments result shows that it improves message delivery ratio effectively and reduce network overhead compared with some classic opportunistic networks routing algorithms.

   6. A Reversible Watermarking for 2D Vector Map Based on Triple Differences Expansion and Reversible Contrast Mapping

      Fei Peng, Zhen-Jie Yan, Min Long

      Abstract

      Aiming at the insufficient of the existed reversible watermarking for 2D vector map in capacity, imperceptibility and the requirement of high correlation in vector data, a reversible watermarking based on triple differences expansion and reversible contrast mapping is proposed in this paper. By establishing a new coordinates system, relative coordinates are constructed as cover data. The differences of every two adjacent relative coordinates are classified into 4 categories according to their values, and the watermark is embedded into the relative coordinates by using triple differences expansion and reversible contrast mapping. Experimental results and analysis indicate that the proposed watermarking significantly improves the capacity, imperceptibility, and it is robust against translation, rotation and scaling.

   7. Image Encryption Based on Multi-scrolls Chaotic System and Logistic Map

      Yaoqiang Xiao, Zhiyi Wang, Jun Cao, Jin Yuan

      Abstract

      The chaotic image encryption has been a hot research topic for years due to its remarkable functions. However, traditional chaotic systems exist some latent problems such as insecure key source, low key space, vulnerable to known-plaintext attacks and chosen-plaintext attacks. A novel encryption algorithm based on multi-scrolls chaotic system and Logistic map is proposed in the paper. The proposed algorithm uses multi-scrolls chaotic system and Logistic map to generate key sequences, and the cipher image is obtained by performing bit shuffling to the plain image according to key sequences, then double direction diffusion operations are applied to enhance the encryption performance. Multi-scrolls chaotic system has more complex dynamic characteristics and larger key space than single-scroll and traditional chaotic systems, which can obtain better encryption performance in image encryption. The experimental results show that our method has better encryption performance and higher security, which can be applied in other secure communication domain.

   8. A Novel Bivariate Entropy-Based Network Anomaly Detection System

      Christian Callegari, Michele Pagano

      Abstract

      Detecting anomalous traffic with low false alarm rates is of primary interest in IP networks management. The complexity of the most recent network attacks, as well as the literature, seems to point out that observing a single traffic descriptor can be not enough to detect the wide range of network attacks, which are present in the Internet nowadays.

      For such a reason, in this paper, we investigate a novel anomaly detection system that detects traffic anomalies by estimating the joint entropy of different traffic descriptors. The presented system is evaluated over the MawiLab traffic traces, a well-known data-set representing real traffic captured over a backbone network.

   9. The Full Provenance Stack: Five Layers for Complete and Meaningful Provenance

      Ryan K. L. Ko, Thye Way Phua

      Abstract

      This paper distils three decades of provenance research, and we propose a layered framework, the Full Provenance Stack, for describing provenance completely and meaningfully – within and across machines. The provenance layers aim to proliferate layer protocols and approaches for appropriate data provenance levels of detail, and empower cross-platform features – enabling identifying, detecting, responding and recovering capabilities across all cyber security, digital forensics, and data privacy scenarios.

   10. Neural Network Based Web Log Analysis for Web Intrusion Detection

       Kai Ma, Rong Jiang, Mianxiong Dong, Yan Jia, Aiping Li

       Abstract

       With the increased attacks of web servers and web applications, it is urgent to develop a system to detect web intrusions. Web log files are stream data recording users’ clicks behavior during surfing the Internet. By carefully analyzing these log files, we can reveal some potential anomalies or attacks so as to reduce the loss of property. A method, that applies neural network method to web intrusion detection based on web server access logs, is proposed in this paper. Before feeding the raw log files into neural network algorithms, we need to preprocess these text files and make sure processed logs are of good quality with less noisy and errors. At the result part, our evaluations also demonstrate that the proposed method is superior to decision tree classifier, which shows neural network method can be transplant to web intrusion detection effectively.

2. The 7th International Symposium on Trust, Security and Privacy for Emerging Applications (TSP 2017)

   1. Frontmatter

   2. Code Abstractions for Automatic Information Flow Control in a Model-Driven Approach

      Kuzman Katkalov, Kurt Stenzel, Wolfgang Reif

      Abstract

      Automatic information flow control (IFC) can be used to guarantee the absence of information leaks in security-critical applications. However, IFC of real-world, complex, distributed systems is challenging. In this paper, we show how a model-driven approach for development of such applications consisting of mobile apps and web services can help solve those challenges using automatic code abstractions.

   3. WaybackVisor: Hypervisor-Based Scalable Live Forensic Architecture for Timeline Analysis

      Manabu Hirano, Takuma Tsuzuki, Seishiro Ikeda, Naoga Taka, Kenji Fujiwara, Ryotaro Kobayashi

      Abstract

      Current forensic investigations have to process a large amount of collected data in a limited time. Moreover, we need to ensure collected data are not compromised before seizing suspects’ computers. For protecting evidences on important computers, this paper proposes a lightweight hypervisor that supports proactive collection and preservation of I/O logs. The proposed WaybackVisor automatically transfers all I/O logs of ATA drives to a Hadoop cluster. Our experiment showed the prototype implementation of WaybackVisor achieves write throughput of 79.7 MB/s. This paper also demonstrates timeline analysis functions for the I/O logs on the Hadoop cluster. Finally, we compared the proposed WaybackVisor with similar lightweight hypervisors that support live forensics.

   4. Cloud Ownership and Reliability – Issues and Developments

      Isaac Odun-Ayo, Nicholas Omoregbe, Modupe Odusami, Olasupo Ajayi

      Abstract

      Cloud computing is a composite paradigm that provides crucial services to individuals and organisations over networked infrastructure at a cost. The Cloud provides custom built applications, made available by a CSP to customers. Several customers can access an instance of one application. The Cloud also affords an avenue for customers to build their own application in a language compatible with a CSP and subsequently deploy that application on the Cloud. In addition, massive scalable storage and computing devices are available on the Cloud. A customers expects optimum services whenever and wherever it is required. Hence, system failure on the part of a CSP must not affect the services being provided to the customer. This paper examines present trends in the area of Cloud ownership reliability and provides a guide for future research. The paper aims to answer the following question: what is the current trend and development in Cloud ownership reliability? In addition, analysis was done on existing work published in journals, conferences, white papers and those published in reputable magazines, to answer the question raised. The expected result is the identification of trends in Cloud ownership and reliability which will be of benefit to prospective Cloud users and service providers alike.

   5. A Trust-Based Service Self-organizing Model for Cloud Market

      Wenjuan Li, Jian Cao, Jiyi Wu, Keyong Hu

      Abstract

      In view of the incomplete cloud market model and related mechanisms, and also the poor performance of cloud against malicious and false service, combined with the theory of self-organization system, multi-agent technology and trust, this paper introduced a trust-enabled three-tier cloud market model. The theory of self-organization system can well describe the dynamic relationship between inter-entity in the cloud service market, because it ensures the autonomy and intelligence of the market entities, and relies on the autonomous cooperation between them to adapt to the continuous changing, uncertain and open cloud environment. The implementation of market behavior by intelligent agents instead of cloud entities, realizes the decentralization and parallelization of service processing. In addition, trust factor is introduced into the model construction process in order to improve the ability of cloud market against malicious behavior. Finally, simulation experiments show that the new model can accelerate the differentiation and balance of cloud service market and improve the success rate of transactions.

   6. A Reliable Resource Scheduling for Network Function Virtualization

      Daoqiang Xu, Yefei Li, Ming Yin, Xin Li, Hao Li, Zhuzhong Qian

      Abstract

      Network function virtualization (NFV) is designed to reduce high cost of the hardware deployment and maintenance, which will be of great importance in the future resource management. NFV makes it possible for general servers to realize fast deployment of network functions, namely virtual network function (VNF), to achieve on-demand requests. The service request is generally composed of a sequence of VNFs, which is defined as a service chain. Although one node (server) only run one VNF at a time, the VNF could be shared with several VNF chains. How to deploy VNF and share VNF to achieve high usage of both computing and bandwidth resource is a challenge. In this paper, we present the VNF request model and the formal definition of the VNF deployment problem. Then, we investigate the VNF reuse and deployment problem, and propose a greedy strategy to deploy VNFs, so that the system could effectively offer a reliable VNF service. Simulations show that this VNF deployment schema could effectively improve the resource usage compared with other classic algorithms.

   7. On Global Resource Allocation in Clusters for Data Analytics

      Daoqiang Xu, Yefei Li, Songyun Wang, Xin Li, Zhuzhong Qian

      Abstract

      Hadoop YARN is one of the most commonly used frameworks for implementing MapReduce distributed computing model. The current resource allocation modes in YARN are triggered by events, which are executed when every slave sent heartbeat message to the master. In another word, the resource allocation is based on the order of every slave node, rather than the global information. A global resource allocation can achieve a better outcome than the allocation method based on every single node. In reality, resource allocation is a complicated issue and many influencing factors need to be considered. Based on the YARNs existing cluster architecture and allocation mode, this paper designs the mechanism of resource allocation and carries out work schedules to optimize the running time of cluster mainly focuses on network bandwidth and node execution rate. We make an improvement on the basis of the existing algorithm, and propose an algorithm used strategy based on the greedy choice to make resource allocation. We designed an experimental simulation of the operation of the clusters. Compared to the existing resource allocation model, the result shows our algorithm has improved the performance and shortens the execution time for the whole cluster.

   8. An Automatic Generation Method for Condition Expressions of CPN Model Focus on Tested Behaviors

      Tao Sun, Linjing Zhang, Huiping Ma

      Abstract

      Testing of the parallel software becomes more difficult because of the state space explosion. In theory, all possible input should be considered when testing. However, in actual, completely test is impossible, so we should carry on the targeted test rather than blindly choose test cases.

      Colored Petri Net (CPN) is an excellent language to describe parallel system. But, testing based on this method couldn’t complete efficiently when the state space is huge. A new automation algorithm which based on CPN is proposed in this paper. This method could generate the condition expressions automatically. The conditional expressions are a combination of the conditions on all feasible paths which from the initial place to the tested behaviors. First, all paths from current initial place to tested behaviors are found in this method. Second, all the pending arc expressions and guard expressions that obtained from these paths are extracted and processed, especially, the equivalence problem of the namesake variable of the key nodes would be resolved, and these key nodes mainly contain synchronous transition and synchronous concurrency transition. Besides, the substitution problem between different variables also is considered in this process. Finally, we obtain the conditional expressions by integrating all the pending expressions, these expressions are all about the initial position output variables. Test data that meet these conditions could reach the test target.

      These expressions could guide tester to choose the appropriate test case and remove redundancy data from testing data set. It can also be used to implement boundary value analysis, equivalence class division, and system model analysis. At the end of the paper, we give the instance to show this method is reasonable and effective.