Security, Privacy, and Anonymity in Computation, Communication, and Storage

Table of Contents

1. The 3rd International Symposium on Dependability in Sensor, Cloud, and Big Data Systems and Applications (DependSys 2017)

   1. Frontmatter

   2. Password Recovery for ZIP Files Based on ARM-FPGA Cluster

      Xu Bai, Lei Jiang, Jiajia Yang, Qiong Dai, Md. Zakirul Alam Bhuiyan

      Abstract

      Password recovery of ZIP encrypted files is an important problem in computer forensics. The encryption is based on standard cryptographic algorithms as SHA1, HMAC and AES. The traditional methods such as dictionary and brute-force require very large computing power and techniques of reducing the password space. In this paper, we have developed a distributed password recovery system based on Zynq (a heterogeneous chip combining ARM CPU and FPGA fabric) cluster. The FPGA provides hardware acceleration for cryptographic algorithms. And the ARM completes the decompression after decryption to check candidate passwords. To reduce the computation of unzip, we only decompress the header of the file compressed according to different headers of common document formats. We adopt a cluster-building methodology to improve parallelism and calculation power. Finally, the experimental results show that single node is as fast as a core of i7-3770 CPU and the 48-node cluster can check 50,000 passwords per second. It also achieves about \(2\times \) energy efficiency.

   3. Comparison of Different Centrality Measures to Find Influential Nodes in Complex Networks

      Fanpeng Meng, Yijun Gu, Shunshun Fu, Mengdi Wang, Yuchen Guo

      Abstract

      In this paper, we compare the performance of representative centrality measures, classical and up-to-date, on more real networks in various fields. With the aid of SIR information diffusion model to simulate the vertices’ influence in real networks, we apply the kendall’s tau correlation coefficient, distinguishability and robustness to test different centrality measures at the same level., to show the best application scenarios for certain measure.

   4. An FPGA-Based Algorithm to Accelerate Regular Expression Matching

      Jiajia Yang, Lei Jiang, Xu Bai, Qiong Dai, Majing Su, Md Zakirul Alam Bhuiyan

      Abstract

      State-of-the-art Network Intrusion Detection Systems (NIDSs) use regular expressions (REs) to detect attacks or vulnerabilities. In order to keep up with the ever-increasing speed, more and more NIDSs need to be implemented by dedicated hardware. A major bottleneck is that NIDSs scan incoming packets just byte by byte, which greatly limits their throughput. Besides, huge memory consumption limits it’s practicability. In this paper, we propose an algorithm for regular expression matching that consumes multiple characters per time while maintaining memory efficiency. It includes 3 ideas: (1) top-k state extraction; (2) variable-stride acceleration; (3) DFA compression. We tested our algorithm on several real-life RE rulesets. The experimental results show that it achieves good performance on both memory efficiency and high throughput. It could achieve 14–22x efficiency ratio than the original DFA on Bro and Snort rulesets, and 2–7x efficiency ratio than the original DFA on l7_filter ruleset.

   5. A Collaborative Filtering Recommendation Algorithm Based on Score Classification

      Jiachang Hao, Kun Niu, Zichao Meng, Shuo Huang, Bing Ma

      Abstract

      Living in the “information society”, we are bombarded with information whether or not we actively seek it, collaborative filtering technology on personalized recommendation are proposed as a solution in recent years. In order to improve the accuracy of the algorithm, this paper proposed a collaborative filtering recommendation algorithm based on score classification. In view of the behavioral habits that a user tends to give the items with extreme scores which he is interested in, every rating is classified according to the rating’s extremality. In the similarity measurement, the extreme ratings are classified as high-level ratings which are assigned with higher weights, and the moderate ratings that users rate out of herd mentality are assigned with lower weights. Experiments on test dataset show that our algorithm performs better in predicting the user’s ratings than traditional algorithms.

   6. FluteDB: An Efficient and Dependable Time-Series Database Storage Engine

      Chen Li, Jianxin Li, Jinghui Si, Yangyang Zhang

      Abstract

      Recently, with the widespread use of large-scale sensor network, time-series data is vastly generated and requires to be processed. Those traditional databases, however, show their limitations in storage when handling such a large stream data. Besides, the actual dependability of databases are also difficult to be guaranteed. In this paper, we present FluteDB, an efficient and dependable time-series database storage engine, which is composed of multiple time-series enhanced sub-modules. The validations of all sub-modules have demonstrated that our improved strategies significantly outperform the existing methods in real time-series environment. Meanwhile, the complete FluteDB utilizes various measures to guarantee its dependability and achieves a higher overall storage efficiency than the state-of-the-art time-series databases.

   7. Attacks on the Anti-collusion Data Sharing Scheme for Dynamic Groups in the Cloud

      S. Milton Ganesh, Vijayakumar Pandi, L. Jegatha Deborah, Md. Zakirul Alam Bhuiyan

      Abstract

      As the hype of the evolution of cloud computing has become a real possibility in the modern day outsourcing scenarios, users can benefit from cloud computing by uploading documents into the cloud servers for sharing it among a group of legitimate users. But, though cloud is a viable present day option for elastic storage facilities, its security is still a grave concern. Hence, in order to improve the secure communication among group members, Zhu and Jiang have proposed a protocol and claimed that key distribution to the group users can be done without any secure communication channels. They have claimed that their scheme is resistant to collusion attack and all the other attacks, thereby ensuring forward and backward secrecies as well. Firstly, in this research work, after extensive analysis, we have identified several issues in the protocol proposed by Zhu and Jiang which make it vulnerable to various attacks. Secondly, we have proved that an attacker can use the man-in-the-middle attack and break the protocol thereby getting the secret keys shared between the group manager and the group user. Thirdly, we have given enough proof that the scheme is vulnerable to message modification attack too. Finally, we claim that the earlier proposed protocol is not secure and a new protocol with improved security is the need of the hour.

   8. Research on Coupling Reliability Problem in Sensor-Cloud System

      Yuzhu Liang, Tian Wang, Md Zakirul Alam Bhuiyan, Anfeng Liu

      Abstract

      With the integration of WSNs and cloud computing, sensor-cloud system becomes popular in many fields where the physical nodes can be shared with multiple users. However, when a physical sensor node receives multiple service commands simultaneously, there are some service collisions, namely, coupling problem. This coupling problem leads to the failure of services. It is necessary to solve this problem, thus the reliability of system can be improved. In this paper, we propose a fog-based model and extend the classical Hungarian algorithm. The fog layer acts as a buffer and controller between the wireless sensor networks layer and the cloud layer in this model, where we use the classical Hungarian algorithm in the first matching and then schedule idle resources to achieve optimal matching. Experimental results and theoretical analysis show that our method can efficiently solve the coupling problem and increase the resource utilization and resource reliability.

   9. An On-demand Monitoring Approach for Cloud Computing Systems

      Zhenyue Long, Jijun Zeng, Hong Zou, Yunkui Song

      Abstract

      The number of virtual machines in cloud computing is constantly changing with business requirements, which raises a great challenge for monitoring dynamic objects. Traditional static monitoring methods set fixed monitoring cycles, but it is difficult to make a suitable tradeoff between monitoring timeliness and cost in cloud computing systems with a large number of virtual machines or container instances. To address the above issues, this paper proposes an on-demand monitoring approach for cloud computing. We introduce a variable cycle mechanism and an event driven mechanism in the interaction between agents and collectors to minimize network overhead and maximize monitoring efficiency. Finally, experimental results in TPC-W benchmark show that compared to the method with a fixed monitoring cycle, our approach has a lower monitoring overhead.

   10. Security on “A Lightweight Authentication Scheme with User Untraceability”

       Niranchana Radhakrishnan, Marimuthu Karuppiah, Vijayakumar Pandi, Md Zakirul Alam Bhuiyan

       Abstract

       Many smart cards based authentication schemes need been recommended in the writing. Recently, Yeh suggested a lightweight authentication scheme with user untraceability and claimed that his/her scheme is able to combat several attacks. Though, in this paper, we substantiate that Yeh’s scheme will be still defenseless on different malicious attacks and also will be likewise unabated on give acceptable a few necessary security objectives.

   11. A Security Scheme of Big Data Identity for Cloud Environment

       Rongxin Bao, Xu Yuan, Zhikui Chen, Yujie Zhang

       Abstract

       Nowadays, the security and privacy protection of Big Data have faced with severe challenges, especially on cloud environment with insecure channel. To address this issue, this paper proposes a security scheme of Big Data identity (SSBDI) for cloud environment, which can guarantee the security of Big Data transmission in the insecure channel. In SSBDI, firstly, linear congruential generator (LCG) based encryption matrixes and Vigenère cipher are employed to set the identity encryption by the client. After that, key bits are added to the end of cipher text in the encryption process. Finally, cipher texts are decrypted and computed in the cloud environment. Innovatively, each key bit can determine the encoding rule of one or more cipher text bits. Experimental results on National Institute of Standards and Technology (NIST) test show that the proposed scheme can meet the randomness of the security requirements. More important, with a very small amount of memory and CPU time cost, the scheme can encrypt massive data, which is particularly significant for Big Data identity encryption.

   12. A Compact Construction for Non-monotonic Online/Offline CP-ABE Scheme

       Junqi Zhang, Qingfeng Cheng, Fushan Wei, Xinglong Zhang

       Abstract

       Nowadays the mobile devices are becoming the necessities in our life, while they are generally resource-constrained, CP-ABE schemes designed for mobile devices should have the property of low computational complexity, therefore Online/Offline mechanism has prospect future in cryptographic mechanism. In this paper, we attempt to construct an unbounded Online/Offline CP-ABE scheme based on a non-monotonic access structure. During the offline phase, most of the computations for encryption are done; during the online phase, we transform the non-monotonic access structure with positive attribute sets into a monotonic access structure which is based on the LSSS access structure with positive and negative attribute sets, then it only needs a small amount of addition and multiplication operations for the rest components of encryption. Compared with the original non-monotonic CP-ABE scheme, our scheme remains the same on the public keys and the master secret keys, with only a small increase in computational complexity. The computational complexity during online phase is very small.

   13. RPS-TSM: A Robot Perception System Based on Temporal Semantic Map

       Haoyue Wang, Yangyang Zhang, Jianxin Li, Richong Zhang, Md Zakirul Alam Bhuiyan

       Abstract

       Perception ability is important for robots to gain intelligence. From basic sensor data collection to environmental geometry construction, or further semantic information extraction, perception ability gets promoted with a better understanding of data. This paper proposed Temporal Semantic Map (TSM), which adds a temporal dimension on traditional semantic map. Robots can not only perceive the information of the current environment, but also understand the normal state and have a memory of the environment. We have built a Robot Perception System (RPS) which can construct the TSM, automatically infer the normal status of environment using TSM, detect environmental changes and possible anomalies without any hard-coded/human-written rules. We implement RPS on top of the well-known robot operating system (ROS) and evaluate it with a robot inspector application in real scenarios.

   14. MediBchain: A Blockchain Based Privacy Preserving Platform for Healthcare Data

       Abdullah Al Omar, Mohammad Shahriar Rahman, Anirban Basu, Shinsaku Kiyomoto

       Abstract

       Healthcare data are grabbing the interest of cyber attackers in recent years. Annihilating consequences of healthcare data could be alleviated through decentralization. A peer to peer (P2P) network enables the property of decentralization, where different parties can store and run computation while keeping the sensitive health data private. Blockchain technology leverages decentralized or distributed process, which ensures the accountability and integrity of its use. This paper presents a patient centric healthcare data management system by using Blockchain as storage to attain privacy. Pseudonymity is ensured by using the cryptographic functions to protect patient’s data.

   15. The Art of Using Cross-Layer Design in Cognitive Radio Networks

       Qusay Medhat Salih, Md. Arafatur Rahman, Md. Zakirul Alam Bhuiyan, Zafril Rizal M. Azmi

       Abstract

       Cognitive Radio Networks (CRNs) have been obtained a significant focusing due to the ability of this technology to dissolve the issues of spectrum overcrowding and underutilization. In a CRNs, the secondary user (SU) is equipped to discover and use abandoned licensed channel, however, they must be desertion the channel if any interference is brought to the primary user (PU) who holds the channels. For that, the dynamic spectrum access (DSA) in CRNs is considered as an important application that allows for SU to use the licensed band in a dynamic way. Nevertheless, there are several challenges on CRNs such as interference, channel selection, routing, and etc. Cross-layer design can provide effective solutions in order to counteract these challenges. To this aim, in this paper, we have studied the existing related work about applying a cross-layer design in CRNs and how the upper layers and the lower layers parameters can optimize with the helping of a cross-layer. Finally, we have explained the implementation challenges of cross-layer design on CRNs.

   16. A Quality Model for Evaluating Encryption-as-a-Service

       Jin Wu, Zhiqiang Zhu, Songhui Guo

       Abstract

       Cloud computing is a promising paradigm and seen as a trend on information and technology. However, it is a challenge to ensure the security of cloud computing. Compared with other security schemes, Encryption-as-a-Service (EaaS) not only avoids the risk of cloud, but also is more efficient. For commercial success of Encryption-as-a-Service, we present a quality model to evaluate the quality level of service. We define four quality characteristics of Encryption-as-a-Service, and propose the corresponding metrics based on practical experience and research. Moreover, we define \( LE_{EaaS} \) as a comprehensive metric for the quality level, and determine weighting coefficients utilizing CRITIC method, which will make the evaluation more practical.

   17. Forensic Detection for Image Operation Order: Resizing and Contrast Enhancement

       Shangde Gao, Xin Liao, Sujin Guo, Xiong Li, P. Vijayakumar

       Abstract

       Currently, many forensic techniques have been developed to determine which processing operations were used to tamper multimedia contents. Determining the order of these operations, however, remains an open challenge. It is important to detect image operation order, because we can obtain the complete processing history of multimedia content, and even identify who manipulated the multimedia content and when it was manipulated. In this paper, we investigate the detection for the order of contrast enhancement and resizing. Two new algorithms are proposed to detect contrast enhancement and resizing respectively. We use the SVM to extract fingerprint of digital images and then detect the image operation of resizing and contrast enhancement. Experimental results show that the average classification accuracy of the proposed method is 88.97%.

   18. A Framework for Preventing the Exploitation of IoT Smart Toys for Reconnaissance and Exfiltration

       Jeffrey Haynes, Maribette Ramirez, Thaier Hayajneh, Md. Zakirul Alam Bhuiyan

       Abstract

       There are many concerns that come along with the Internet of Things that should be addressed because of its growing popularity. One major concern is the security issues related to connected devices. Connected toys are a category of IoT devices that are commonly overlooked when considering these issues, yet they are just as susceptible to attacks as any other device. This paper will look at recent incidents related to security issues involving connected toys and establish a framework with the intention of providing manufacturers with a set of standards that must be adhered to before a device can be marketed. The affected products in the discussed incidents are then tested against the proposed framework.

   19. Security and Attack Vector Analysis of IoT Devices

       Marc Capellupo, Jimmy Liranzo, Md Zakirul Alam Bhuiyan, Thaier Hayajneh, Guojun Wang

       Abstract

       The goal of this paper is to research and review through experimental testing the security of home automation devices. The methodology includes analysis and review of these home automation devices through traffic capture, device scanning, and wireless analysis. The devices that will be tested are the Amazon Echo, Osram Smart Lights, and TPLink power switch. We present a classification model to analyze the relation between potential risk and realized risk through potential vulnerabilities in these varying home automation devices. Possible security flaws that might be found include default configurations, easy to crack passwords, unencrypted traffic, responses to forged traffic, and full control of the device without any authentication. We also perform a review of their privacy exposure and outline the security vectors used to attack IoT devices, as well as the most recent malwares in control of over a million IoT devices.

   20. Security Solution of RFID Card Through Cryptography

       Md. Alam Hossain, Nazmul Hossain, Afridi Shahid, Shawon S. M. Rahman

       Abstract

       RFID was considered as an advanced technology for automatic identification of objects. RFID makes usage of radio alerts to discover, tune, kind and stumble on an expansion of items. Security prerequisite is necessary in most of the applications. User’s Authentication at the end of the RFID technology creates one of the major attacks on the system. A crucial challenge in RFID technology research is to provide efficient protection for the systems against tag cloning and information modification. In this paper, we have proposed a system where the information has to be more secured than existing system. We have used an encrypt-decrypt tools which is used for encryption and decryption of the information by a decryption keywords. The encrypted information can be saved to the local database or online cloud storage. But the main advantage of our proposed system is that the whole operation has worked with windows OS. Besides we also analyze the runtime for our system for a particular data and get a relatively better consuming runtime. Safety requirement is critical this packages. Our framework can be used to minimize the unauthorized usage of RFID Card information and focus on the runtime.

   21. Grouping Users for Quick Recommendations of Text Documents Based on Deep Neural Network

       Rajendran Karthika, Lazarus Jegatha Deborah, Pandi Vijayakumar, Sivaraman Audithan

       Abstract

       The use of Recommendation Systems in any domain plays a vital role in almost all information technology applications. The major focus of this research paper deals with users more preferably e-learners using the proposed Recommendation system. The major objective in developing any Recommendation system is based on many factors like accuracy, preciseness and fast measures. Recommendations given to each user is based on his/her domain interest was time consuming in the past. This research paper deals with the development of a recommendation system which is based on accuracy and fastness measures. One of the factors for developing a fast recommendation system can be obtained by developing efficient algorithms for grouping the existing and the new users quickly so that further domain recommendations might be easier. The proposed framework is based on deep neural network, which proved to be an efficient algorithm for high dimensional data training and testing. The accuracy of the algorithm is justified by the generation of semantic hash codes generated from the users’ profile information and the subsequent hamming distance computation. The fast and the accuracy measures of the framework is justified and the experimental results are promising.

   22. Module-Level Software Streaming Loading Model Based on Hypervisor

       Lian Duan, Fang Qi, Guojun Wang, Zhe Tang

       Abstract

       In the existing network computing system, the increasingly serious performance problems and endless security problems constantly troubled users and developers. Although the emergence of transparent computing, edge computing and fog computing alleviates this situation to some extent, they still do not fully utilize the collaborative computing power of server side and end-user. In order to address these problems, a new computing and loading model based on hypervisor, which is also called module-level software streaming loading model, will be introduced in this paper. Besides, Cleanroom Protocol and On-demand Prefetching Mechanism will be discussed in this paper. Based on this model, the system does not need to wait for OS or software data download completely when a device or a program to startup. It means the corresponding services can be immediately directly used or accessed by users. This solution can effectively reduce the waiting time for users and improve the user experience. Through a variety of comparative analyses, this model is proved to be an efficient and safe solution for the future computing and loading infrastructure.