Security, Privacy, and Anonymity in Computation, Communication, and Storage

Table of Contents

1. The 3rd International Symposium on Sensor-Cloud Systems (SCS 2017)

   1. Frontmatter

   2. On-Street Car Parking Prediction in Smart City: A Multi-source Data Analysis in Sensor-Cloud Environment

      Walaa Alajali, Sheng Wen, Wanlei Zhou

      Abstract

      Smart car parking systems in smart cities aim to provide high-quality services to their users. The key to success for smart car parking systems is the ability to predict available car parking lots throughout the city at different times. Drivers can then select a suitable car parking location. However, the prediction process can be affected by many different factors in smart cities such as people mobility and car traffic. This study investigates the use of multi-source data (car parking data, pedestrian data, car traffic data) to predict available car parking in fifteen minute intervals. It explores the relationship between pedestrian volume and demand for car parking in specific areas. This data is then used to predict conditions on holidays and during special events, when the number of pedestrians dramatically increases. A Gradient Boosting Regression Trees (GBRT) is used for prediction. It is an ensemble method that can be more accurate than a single Regression Tree and Support Vector Regression. The probability of error for our model is 0.0291.

   3. A Weight-Bind-Based Safe Top-k Query Processing Scheme in Two-Tiered Sensor Networks

      Xiaoyan Kui, Shigeng Zhang, Wei Li, Ping Zhong, Xingpo Ma, Huakun Du

      Abstract

      Privacy and integrity are two important requirements in cyber security. Because of the limited computing capability and resources of sensor nodes, it is a great challenge to meet these two requirements at the same time for top-k queries in two-tiered sensor networks. In this paper, a weight-bind-based safe top-k query processing scheme named WBB-TQ (Weight-Bind-Based safe top-k Query processing scheme) is proposed to solve this problem. WBB-TQ combines the pair-wise-key encryption technique and the order-preserving symmetric encryption scheme (OPES) so that the storage nodes at the upper layer of the network can process top-k queries without knowing the exact values of either sensing data or their corresponding scores. Thus, the data privacy for top-k queries is preserved. To achieve the integrity of top-k query results, a novel weight-bind-based method is proposed in WBB-TQ to establish relationships among data items generated by each sensor node so that the Sink node can detect whether adversaries drop and/or tamper with part or all of the qualified top-k data items in the query results. Simulation results show that, WBB-TQ not only preserves data privacy and integrity of top-k query results, but also achieves a low cost of computation and communication on secure top-k query processing in two-tiered sensor networks.

   4. A Floorplanning Algorithm for Partially Reconfigurable FPGA in Wireless Sensor Network

      Jinyu Wang, Weiguo Wu, Zhaonan Qin, Dongfang Zhao

      Abstract

      Floorplanning represents a critical step when dealing with Partially Reconfigurable (PR) designed Field Programmable Gate Array (FPGA) in Wireless Sensor Networks (WSNs). In the WSN, a task is always rejected by floorplanner when the free reconfigurable resources are enough but the shape is not matched, leading to high rejection rates and low utilization of resources. In this paper, we provide a novel algorithm named Best-Fit Duration and Transformation (BFDT) floorplanning to improve the performance of FPGA system. The main innovations of this paper are two folds. Firstly, to place tasks as many as possible and enhance the utilization of resources, we propose best-fit duration strategy based on the adhesion duration indicator, which keeps the positional relationship as long as possible between adjoining tasks. Secondly, we propose a task shape transformation method to allow some rejected tasks to be placed by changing their aspect ratio, therefore reduces the rejection rate. The BFDT performs very well in the simulation experiments with unknown task shapes and arriving times. Compared to the first-fit and best-fit algorithms, the BFDT reduces the rejection rate up to 22% and 13% in almost the same total execution time, which also holds a better resources utilization.

   5. CO-TDMA: A TDMA Protocol for Collecting Data and OAP at the Same Time

      Hao He, Weidong Yi, Ming Li, Xiawei Jiang

      Abstract

      Wireless reprogramming of wireless sensor networks (WSNs) usually requires switching to dedicated over-the-air programming (OAP) protocols, and often needs to stop current work of data collection. This paper presents CO-TDMA, a low power consumption TDMA protocol using adaptive beacons, which provides a capability to both collect data and transmit OAP codes at the same time. A CO-TDMA frame consists of several data slots, an access slot and several beacon slots. The data slots are used to transmit collecting data, the access slot is used to update network topology or other changes, and the beacon slots are used to transmit data ACK beacon and optional OAP data. The major contribution is the design of the adaptive beacon transmitted in beacon slots: in data collection state, the beacon only carries the ACK information of collecting data for every node in the network (Beacon-piggyback mechanism); when the OAP transmissions are needed, the OAP codes will attach behind the ACK bytes in the payload of a packet. The OAP information is encoded with rateless digital fountain codes to close to 100% reliability if enough packets are received. By multiplex use of beacon slots, we can transmit the OAP codes with very little extra energy consumptions (0.113% RDC), without impacting the normal data collection.

   6. Cloud-Assisted Data Storage and Query Processing at Vehicular Ad-Hoc Sensor Networks

      Yongxuan Lai, Lv Zheng, Tian Wang, Fang Yang, Qifeng Zhou

      Abstract

      In this paper we propose an efficient cloud-assisted data storage and query processing scheme for VANETs. It integrates the cloud and vehicular networks to facilitate data storage and indexing, so queries could be processed and forwarded along different communication channels according to the cost and time bounds of the queries. Moreover, the cloud calculates a result forwarding strategy by solving a Linear Programming problem, where the query results choose the best path either through the 4G channel or through DSRC (Dedicated Short Range Communication). This research is the first step towards the integration of the cloud and the vehicular networks, as well as the 4G channel, to improve the effectiveness and speeding up of the query processing in VANETs. Extensive experiments demonstrate that up to 94% of the queries could be successfully processed in the proposed scheme, QRF much higher than existing query schemes, while at the same time with a relatively low querying cost.

   7. EFAV-MERD: Expected Forwarding Area Volume and Residual Distance Mathematic Expectation Routing Protocol for UASNs

      Haitao Yu, Qingwen Wang, Nianmin Yao, Yan Chu, Maojie Zhou, Yingrui Ma

      Abstract

      The design of routing protocols for Underwater Acoustic Sensor Networks (UASNs) has many challenges arising from long variable propagation delay, high mobility in 3D environments, limited bandwidth, energy-constraint, noise, multi-path and so on. In order to improve the reliability, reduce end-to-end delay and energy cost for UASNs, this paper presents a routing protocol based on expected forwarding area volume and mathematical expectation of residual distance to sink node, EFAV-MERD. In EFAV-MERD, next forwarding nodes are selected based on both the forwarding region volume and the expected residual distance mathematical expectation to improve transmission reliability and reduce transmission overhead. We conduct extensive simulations using NS-3 simulator to verify the effectiveness and the validity of EFAV-MERD.

2. The 2nd International Workshop on Cloud Storage Service and Computing (WCSSC 2017)

   1. Frontmatter

   2. Fast Truss Decomposition in Memory

      Yuxuan Xing, Nong Xiao, Yutong Lu, Ronghua Li, Songping Yu, Siqi Gao

      Abstract

      The k-truss is a type of cohesive subgraphs proposed for the analysis of massive network. Existing in-memory algorithms for computing k-truss are inefficient for searching and parallel. We propose a novel traversal algorithm for truss decomposition: it effectively reduces computation complexity, we fully exploit the parallelism thanks to the optimization, and overlap IO and computation for a better performance. Our experiments on real datasets verify that it is 2x–5x faster than the exiting fastest in-memory algorithm.

   3. Pyramid: Revisiting Memory Extension with Remote Accessible Non-Volatile Main Memory

      Songping Yu, Mingzhu Deng, Yuxuan Xing, Nong Xiao, Fang Liu, Wei Chen

      Abstract

      Remote Direct Memory Access (RDMA) provides the ability to direct access remote user space memory without remote CPU’s involvement, shortening the network latency tremendously; in addition, a new generation of fast Non-Volatile Memory (NVM) technologies, such as 3D XPoint, is in production, and its property has the promise to access-speed like memory and durability-like storage. So, Remote access Non-Volatile Main Memory is reasonable. Traditional local memory extension is bounded by slow storage media (HDD/SSD). In this paper, first, we revisit local memory extension and propose a new memory extension model, Pyramid, extending memory with remote NVM; then, discussing the mechanism of remote data consistency, which can be delivered with RDMA operation of write-with-immediate in Pyramid; besides, we evaluate the performance of random access to remote NVM and manifest the performance opportunity brought by remote accessible NVM through comparing it with new technologies of storage-NVMe-SSD and PCM-based SSD. Finally, we argue that Pyramid promises memory scalability with good performance guarantee.

   4. Fully Decentralized Multi-Authority ABE Scheme in Data Sharing System

      Xiehua Li, Ziyu Huang

      Abstract

      In this paper, we propose an attribute-based encryption (ABE) scheme that can be used in data sharing systems with multiple distrusted authorizes. Unlike prior multi-authority ABEs, this scheme can achieve secret key generation in a fully decentralized manner, which eliminates the security risk on central authority (CA) compromise. By separating the key generation process among authorities and data owners (DOs), our scheme is resilient to collusion between malicious authorities and users. This new fully Decentralized Multi-Authority ABE (f-DMA) scheme is derived from CP-ABE that is resilient to collusion between authorities and users. Our system distinguishes between DO principal and attribute authorities (AAs): DOs own the data but allows AAs to arbitrate access by providing attribute labels to users. The data is protected by access policy encryption over these attributes. Unlike prior systems, attributes generated by AAs are not user-specific, and neither is the system susceptible to collusion between users who try to escalate their access by sharing keys. We prove our scheme correct under the Decisional Bilinear Diffie-Hellman (DBDH) assumption; we also include a complete end-to-end implementation that demonstrates the practical efficacy of our technique.

   5. Malware Variants Detection Using Density Based Spatial Clustering with Global Opcode Matrix

      Zejun Niu, Zheng Qin, Jixin Zhang, Hui Yin

      Abstract

      Over the past decades, the amount of malware has rapidly increased. Malware detection becomes one of most mission critical security problems as its threats spread from personal computers to cloud server. Some researchers have proposed machine learning methods which can detect malware variants by searching the similarities between malware and its variants. However, the large search space causes large time cost and memory space occupation. To reduce the search space while retaining the accuracy, we firstly propose to convert malware into global opcode matrix which is based on 2-tuple opcodes, and then cluster the opcode matrixes to patterns. We can easily recognize the malware variants by searching the similarities with the patterns. The experiments demonstrate that our approach is more efficient than the state-of-art approaches in time cost, memory space occupation and accuracy.

   6. Research on Graph Processing Systems on a Single Machine

      Yuxuan Xing, Siqi Gao, Nong Xiao, Fang Liu, Wei Chen

      Abstract

      With the rapid development of technologies such as cloud computing, the increasingly popularity of social network and other Internet applications, the data scale that human can access is growing at an unprecedented rate. Recently, technological changes associated with big data are hot in academy and industrial, and it’s meaningful to dig out the potential information in massive data. Many real-world problems can be represented as graphs, such as supply chain analysis, genealogy, web graphs, etc. Large graphs demand efficiently processing technologies to derive valuable knowledge and many graph processing engines have been developed. This paper first introduces concepts of graphs and categories of graph processing engine on a single machine. Thereafter, it focuses on analyzing and summarizing current researches about key techniques on graph processing, including data structure, parallel programing, and partitioning strategies. Finally, current research work about graph processing engine on a single machine is summarized and further research directions are pointed out.

   7. 3D Model Reconstruction with Sequence Image of Aircraft

      Huabo Sun, Yang Jiao, Chun Wang, Jingru Han

      Abstract

      In order to identify causes of civil aviation accidents, reconstruction and splice of wreckage is an important work for survey. This paper contributes to this research by proposing a wreckage 3D reconstruction method based on sequence image. According to the wreckage of fuselage and components, we respectively describe their reconstruction methods. Experiment results show that the algorithm can be well used to complete the mosaic reconstruction of aircraft wreckage and efficiency is greatly improved. The results show that, compared with physical splicing, the research result will help shortening the period and providing effective resolution to civil aviation accident investigation.

   8. Construction Research on Information Platform for Small and Medium-Sized Enterprises Based on Cloud Storage Technology

      Shulan Yu, Yongzheng Tang, Chunfeng Wang

      Abstract

      With the rapid development of modern information technology, small and medium sized enterprises gradually show the trend of large-scale exchange and sharing of information, and the previous information architecture cannot meet the needs of the application. Based on the comprehensive analysis of business requirements and related technologies, a small and medium-sized enterprise information platform based on cloud storage technology is established, which makes the system have the advantages of loose coupling, powerful and easy to expand in this paper. The architecture includes cloud storage, a number of basic services and basic application support system. In this paper, the module design and data access design for these services and application systems are presented, which provides a theoretical reference for the development of the system.

   9. XoT: A Flexible Block I/O Data Transfer Protocol for Xen

      Jin Zhang, Yuxuan Li, Chengjun Sun, Haoxiang Yang, Jiacheng Wu, Xiaoli Gong

      Abstract

      The management of I/O resources is an important part of virtualization. Although the traditional management is complex, it becomes more challenging in virtualization. There has been many researches on how to improve I/O performance or fairness on Linux using extra semantic data, unfortunately many of them are not proper for virtualization. Because of the limitation of I/O protocol, such extra data can not be transferred along with device data. This forms a semantic gap between VM and hypervisor. In this paper, we proposed Xen on Turnout (XoT), a flexible block I/O data transfer protocol for Xen. XoT makes it possible to transfer extra important I/O data across the gap. We also develop a prototype to prove the effectiveness of our protocol. Our result shows that preferential effect are well achieved for user to manage block I/O with the transferred extra data, with little performance lost.

3. The First International Symposium on Multimedia Security and Digital Forensics (MSDF 2017)

   1. Frontmatter

   2. Detecting Spliced Face Using Texture Analysis

      Divya S. Vidyadharan, Sabu M. Thampi

      Abstract

      Images are widely accepted as evidence of events despite the fact that images can be easily altered with adverse intentions. It is difficult to identify image alteration carried out by a skilled criminal. Digital forensics investigators need sophisticated tools to prove the legitimacy of digital images. The proposed work focuses on detecting altered digital images containing human facial regions. The work presents a method for detecting spliced face among a number of faces in an image. The proposed method makes use of the inconsistencies in the illuminant texture present in image pixels. For each facial region extracted from the image, a texture descriptor is extracted from its illumination representation followed by a comparison of all the texture descriptors to identify the spliced face. Experimental results show that the proposed method achieved better detection results than existing methods.

   3. Fine-Grained, Multi-key Search Control in Multi-user Searchable Encryption

      Manju S. Nair, M. S. Rajasree, Sabu M. Thampi

      Abstract

      Searchable encryption schemes support selective retrieval of encrypted data stored in the cloud storage. However, extending this scheme to support diverse set of users to selectively share and retrieve data from the cloud storage still remains as a challenge; it requires managing the access control policies of the users by a third party, the cloud provider. When multiple users are involved, the system needs to ensure that only controlled information is disclosed to a legitimate user and also a dishonest user colluding with the cloud provider cannot leak any thing beyond the granted privileges. The proposed model is designed to support fine grained search control on selected set of documents by authorized users. The system does not require shared keys or expensive trusted third parties. The search complexity is linear to the number of documents that can be accessed by an authorized user and is also secure against the possible leakage due to collusion attack. The security of the system is proved using rigorous security analysis.

   4. Overview of Performance Evaluation of Keyword Search Utilities in Forensic/E-Discovery Software

      Adedayo M. Balogun, Tranos Zuva

      Abstract

      Digital forensics has been modeled into a number of stages, which include examination and analysis. Keyword search is a popular tactic used by investigators during evidence examination and analysis. However, the belief that the success of forensic analysis depends on the examiner’s knowledge and experience has a strong hold in the digital forensic domain. It does imply the adequate awareness of the capabilities and limitations of the tools used by the examiner. Keyword search enables the examiner to quickly locate the existence of data items related to a case. This reduces investigation duration and eases the investigation process. This paper discusses the concepts of keyword search and the various keyword search techniques available. It highlights the algorithms on which they are based. In addition to the overview of, and argument for thorough understanding and evaluation of this technique in forensic utilities, this article also provides evaluation procedures to serve as direction for future evaluation/validation studies to ensure examiners know just how much to trust their software, as far as keyword searching is concerned.

4. The 2017 International Symposium on Big Data and Machine Learning in Information Security, Privacy and Anonymity (SPBD 2017)

   1. Frontmatter

   2. Distribution Network Topology Reconstruction Method Based on Lasso and Its Supplementary Criterions

      Xiaoyu Li, Shufang Li, Wenqi Li, Shiming Tian, Mingming Pan

      Abstract

      In order to solve the problem of topology reconstruction in distribution network, a new data driven algorithm is proposed, which uses only the timing voltage to reconstruct the un-loopy and loopy distribution network topology without the prior knowledge. Firstly, the topology reconstruction problem is transformed into a convex optimization problem, and the Lasso regularization method is utilized to obtain a sparse correlation coefficient matrix (CCM), which represents the connectivity of the topology. Secondly, the “And” rule is employed to reduce the redundancy of CCM. And then the criterion of the voltage correlation analysis model is adopted as a supplemental criterion to reduce the error rate of CCM. Finally, the topology reconstruction of the distribution network is realized based on the accurate CCM. Simulation results show that the algorithm has high accuracy, universality and low computational complexity.