Trusted Computing and Information Security

The existing Ciphertext-Policy Attribute-Based Encryption (CP-ABE) scheme from lattices can only support a simple threshold access structure, resulting in its limited application scenario. In order to improve the flexibility and expressiveness of the CP-ABE scheme, we present a CP-ABE for circuits from lattices in this paper. The new scheme generates secret key for each attribute of the attribute set by invoking the sampling algorithm from lattices and embeds the attribute set into the secret keys. Meanwhile, to associate the ciphertext with a circuit, we design a Secret Matrix Distribution Mechanism (SMDM) for circuits, which distributes a matrix with specific form to each node of the circuit, and the scheme can generate the ciphertexts by combining the matrices of the leaf nodes. In the decryption phase, the SMDM guarantees the user who satisfies the access structure can decrypt the ciphertexts correctly. Finally, we prove that our scheme is secure against chosen plaintext attack in the selective weak security model under the Learning with Errors (LWE) assumptions.

The security of SPECK under impossible differential cryptanalysis is studied. Based on multiple 6-round impossible differential distinguishers and combined with the divide-and-conquer attack and time-and-memory tradeoff, the improved 10-round impossible differential cryptanalysis of SPECK32/64 and SPECK48/96 is presented by adding one round forward and three rounds backward. In addition, by further analyzing the properties of the differential diffusion of addition, many 7-round impossible differential distinguishers of SPECK families of block ciphers are constructed. And the 11-round impossible differential cryptanalysis of SPECK32/64 and SPECK48/96 is presented by adding one round forward and three rounds backward.

Aim to improve the detection accuracy, a novel peer-to-peer botnet detection method based on permutation entropy and adaptive information fusion algorithm was proposed. Permutation entropy was utilized to characterize the complexity measure of network traffic, which did not vary with the structure of peer-to-peer network, peer-to-peer protocol and attack type. Kalman filter was utilized to detect the abnormalities of the complexity measure. Furthermore, the features of TCP packets were utilized to reduce the negative impact of web applications on botnet detection, especially the web applications that were based on peer-to-peer protocols. To get more accurate information fusion result, an adaptive information fusion algorithm was proposed to fuse the above detection results to get the final detection result, which combined Dempster-Shafer theory and Dezert-Smarandache theory by using their superiorities and overcoming their disadvantages. The experiment results show that the proposed method is able to detect peer-to-peer botnet with higher accuracy and stronger robustness.

At present, APT attack detection has become the focus of the network security protection field. APT attacks are one of the most difficult attacks in cyber attacks. The complexity and variability of APT attack behavior greatly increases the difficulty of attack detection. In order to cope with APT attack, some well-known network security companies at home and abroad have developed a commercial APT intrusion detection system. This highly targeted attack can not be identified by the traditional intrusion detection system. Therefore, in order to deal with this new type of cyber attack. The paper proposes a new method to detect APT attack from different organizations. Data mining algorithm is used to analyze every organization’s APT network attack behavior and obtain association rules, so as to customize the design of the Snort rules and apply them to intrusion detection system. Experiments have shown that the evaluation index of the intrusion detection system using the extended Snort rule is significantly better than the traditional Snort intrusion detection system when detecting the same test data. The precision of the extended Snort intrusion detection system is as high as 98.3%, and the false alarm rate is almost 0, which ultimately achieves the purpose of APT detection.

In order to enhance the security of network operations, establish effective security measures, prevent the destruction of security incidents, and reduce or eliminate the losses caused by threats through network risk assessment is of important practical significance. However, most risk assessment methods focus on the research of threats and vulnerabilities. There are relatively few researches on risk based on network assets and there is a lack of accuracy in risk assessment. Therefore, this paper proposes a network risk assessment method based on asset association graphs. The method first describes the network from the perspective of asset interconnection and builds an asset association graph; secondly, it builds a threat scenario based on the asset association graph, identifies a threat event, and uses the probability of a threat event and the loss caused by the asset to obtain a quantitative description of the risk assessment; Different network risk levels and make decisions. Experiments show that the method of network risk assessment based on asset association proposed in this paper can realize the risk assessment of all assets, hosts and entire network system in the network, and provide effective guidance for network security protection.

Passwords remain the dominant method in data encryption and identity authentication, but they are vulnerable to guessing attack. Most users incline to choose meaningful words to make up passwords. Lots of these words are human-memorable. In this paper, we propose a hierarchical semantic model that combines LSTM with semantic analysis to implement password guessing. With our model, the potential probability relationship between words can be mined. After training the model with 4.5 million passwords from leaked Chinese passwords, we generate lots of passwords guesses ordered by probability. 0.5 million passwords are reserved for model testing. In addition, we also pick up CSDN passwords, the Rockyou passwords, and Facebook passwords as model-testing sets. Each dataset contains 0.5 million passwords. LSTM-based model, PCFG, and Markov-based model are selected for comparison. Experiments show that our model has a higher coverage rate than the other models of the reserved dataset and CSDN dataset. Besides, our model can hit more passwords for the Rockyou dataset and Facebook dataset than PCFG.

Virus, trojan and malware on embedded systems have brought significant effect for the information security of the industrial control systems (ICS). ICS as the national core infrastructure, the security affects the national economy and livelihood of all people. Trusted computing technology (TCT) is a technology developed and promoted by the trusted computing group (TCG). At present, TCT has been applied to the general systems, such as multitasking and distributed systems. However, it is necessary to verify the feasibility of applying TCT to the specific systems with high real-time requirements. This paper implements a trusted real-time operating system (tRTOS) based on Preempt-rt, which turns the original linux kernel into a fully pre-emptible kernel. The soft-ware trusted platform module (SW-TPM) is built in the kernel mode to provide trusted computing services. After that, the schedule policy and priority of tpmd, which is the daemon of SW-TPM, have been adjusted. In this approach, tpmd may not be pre-empted while running. It means that, SW-TPM can provide services of encryption, attestation at real-time, which can meet the requirements of RTOS in embedded systems. This paper has measured the execution time of several TPM commands in the tRTOS and a contrast system. A comparative test is carried out between tRTOS and a non-real-time system. The result shows that, the average execution time of TPM commands in the tRTOS is reduced by 15.3% without system interference, and 32.7% with system interference.

In order to solve the data transmission security problem of the sensing network, this paper proposes a multi-level trusted clustering mechanism. The proposed mechanism combines multi-level clustering, identity authentication, and trusted computing to solve network expansion problems, reduce energy consumption when ordinary nodes transmit data to aggregation nodes, and ensure that the identity of IOT nodes and the messages are trusted. According to the routing protocol, each sensor node uses a multi-level clustering algorithm to divide each node into multiple levels of clusters. Then it transmits two-way identity authentication and platform integrity authentication to ensure the identity of nodes is trusted. Finally, it adopts a key distribution management method based on vector space to manage keys. Logic analysis and experimental results show that the proposed scheme has a high malicious attack resistance rate and a small amount of computation, which reduces the energy consumption of the IOT nodes during transmission and ensures the security of the transmitted messages.

In the trusted testing of cloud platforms, isolation testing of virtual networks is one of the important tasks. The traditional isolation detection method only extracts network configuration information from the database and reconstructs the network structure. However, these data do not necessarily reflect the current status of the virtual network and may affect the test results. To solve the above problems, this paper proposes a multi-layer virtual network isolation detection method based on trusted third party for distributed cloud platform environment. Firstly, The basic idea of the method is to extract the correct test input data from the database and each agent node, and then compare these data with the reference value, and then conduct a multi-layer evaluation of the isolation of the virtual network based on the comparison result. Then, a formal method is used to verify the effectiveness of the proposed scheme in detecting network isolation under both the policy updating and post-update scenarios. Finally, build a simulation experiment environment based on CloudSim4.0 to evaluate the performance of the multi-layer detection method, including the comparison with the traditional detection methods, and test the performance overhead of the test method on the test-end system. The experimental results show that the multi-layer detection method has less impact on the test-end system’s performance, and as the test scale increases, the gap with the traditional program’s overhead will gradually decrease.

The Internet of Things connects a large number of real objects with the Internet through a variety of sensing technologies and it is a network that implements the concept of connected objects. However, as a new concept of network, because of its large number and variety of terminals, wide range of distribution, the traditional security mechanisms are not adapted to the Internet of Things (IoT) architecture, and the existed researches use the static information of sensing nodes to measure and judge the trust of sensing nodes. It results the real-time trust of Internet of Things hard to be judged. Therefore, this paper purposes a behavioral measurement model suitable for the sensing nodes of Internet of Things to make up the insufficient of existed sensing nodes measurement mechanism of Internet of Things. This model is designed for the Internet of Things, and bases on the identity authentication and the static measurement to measure the behavior of sensing nodes. It through designs different behavior measurement functions to assess and calculate the behavior of sensing nodes synthetically. According to divide the trusted level of sensing nodes, this model can defense the attacks, such as the node hijacking attack, the physical capture attacks and the denial of service attacks.

Mobile cloud computing (MCC) is becoming an important way of data sharing. It is of great value for people to store and retrieve personal data at anytime and anywhere. Attribute-based encryption (ABE) can solve the problem of flexible sharing among multiple users in traditional encryption, but it cannot apply to mobile clients directly because of its low efficiency. How to meet the people’s practical application needs and to control and manage the personal data safely and flexibly is a concrete embodiment of the security problem after the cloud computing is mobile. In this paper, an efficient and revocable decentralizing attribute-based encryption scheme for mobile cloud environment is proposed. In the scheme, it does not have the upper limit of the total attribute, and without the central authority (CA), each attribute authority generates private key independently with the users. In addition, the linear secret-sharing scheme (LSSS) is used to construct the access structure with a high flexibility. The method of precomputing and outsourcing can reduce the computation cost of the user side. Besides, the scheme is proved to be static secure and support revocation under the random oracle model. Compared to the existing related schemes, the proposed scheme is more practical and effective in mobile cloud environment.

Traditional voting schemes are used for the credit evaluation and authentication. During the voting process, the contents need to be verified through the signature algorithms. Traditional signature schemes for voting scenes exist several drawbacks such as distrust of central nodes for the group signature and inefficiency for the ring signature. A trusted center selection scheme is proposed based on Dynamic Bayesian Network, which can be adapted in the isomerized blockchain. By introducing the historical interaction window, the aging factor, and the penalty factor, the adaptive trusted metrics can be obtained through aggregating the direct credibility and the indirect credibility. A new threshold group signature scheme is introduced through collaboration between users and the trusted centers. In order to protect the user identities, the blinding process is proposed. In case of compromising, the trusted centers create redundant backup, and can be updated with the proposed selection scheme. Security analysis shows that the proposed signature, whose difficulty is equivalent to the discrete logarithm of the elliptic curve, achieves a high level of anonymity and can resist impersonation attacks. Computational complexity analysis shows that the new method with low computational cost and transmission efficiency can be effectively adapted to the isomerized blockchain scene.

Searching over encrypted data is a critical operation to enforce the encryption-before-outsourcing mechanism, which is a fundamental solution to protect data privacy in the untrusted cloud environment. However, most of the existing searchable encryption solutions suffer from the problem of key management and the problem of flexible and fine-grained access control in multi-data owners and multi-data users environment.

Therefore, we propose a hierarchical attribute-based keyword search (HABKS) scheme. Our scheme not only realizes the order management of the key because of its hierarchical structure, but also implements a flexible and fine-grained access control depending on CP-ABE for encrypting keywords indexes and data files. We formally prove the security of HABKS, and then analyze the performance of HABKS. Finally, we implement HABKS scheme with comprehensive experiments. Experiment results show that it is efficient and flexible for searching encrypted data in cloud.

With the explosive development of the mobile Internet, the security threats faced by the mobile Internet have grown rapidly in recent years. Since the normal operation of the mobile Internet depends on the trust between nodes, the existing trusted measurement model cannot fully and dynamically evaluate mobile Internet computing nodes, and the trust transmission has a great deal of energy consumption. Aiming at above problems, this paper proposes a trusted measurement model combining static measurement and node behavior measurement. The model is based on the computing environment measurement of the mobile Internet computing node, and is also based on node behavior measurement, combining direct and recommended trust values to complete the measurement of nodes. It can more objectively reflect the trust degree of nodes, effectively detecting malicious nodes, and ensuring the normal operation of mobile Internet services. The simulation experiment results show that this method can effectively balance the subjectivity and objectivity of trust assessment, and can quickly avoid malicious nodes and reduce the energy consumption of the trust transmission.

Trusted access to the Internet of Things sensing layer node is the precondition for the trusted operation of the Internet of Things. How to quickly and accurately implement identity authentication of a sensing node is currently a research hotspot. After comprehensive consideration of the security requirements and functional requirements of the sensing Node Identity Authentication, this paper proposes a fast identity authentication scheme for sensing nodes. In the identification process of sensing nodes, the data aggregation node is responsible for the selection of system parameters and the registration of sensing nodes. It does not directly participate in the authentication process and simplifies the authentication process. The computational efficiency is high, and the security analysis shows that the scheme has forward security and can resist malicious attacks such as replay attacks, key information disclosure attacks, and forgery attacks. Also, the solution supports key updates. Computational complexity analysis shows that this protocol uses only a small amount of computational complexity in exchange for higher security and more features.

ElGamal cryptography is one of the most important Public Key Cryptography (PKC) since Diffie-Hellman exchanges was proposed, however these PKCs which are based on the hard problems that discrete logarithm problem and integer factorization problem are weak with advances in quantum computers. So some alternatives should be proposed. Majid Khan et al. proposed two ElGamal-like public-key encryption schemes based on large abelian subgroup of general linear group over a residue ring, however the two schemes were not long before it was proved unsafe by us. Then, Saba Inam and Rashid (2016) proposed an improved cryptosystem which can resist my attack on “NEURAL COMPUTING & APPLICATIONS”. By analyzing the security of the public key cryptography, we propose an improved method of algebraic key-recovery attack in the polynomial computational complexity despiteing the designers’ claim the cryptosystem is optimal security. Besides, we provide corresponding practical attack example to illustrate the attack method in our cryptanalysis, which breaks instances claiming 80 bits of security less than one minute on a single desktop computer.

In order to deeply understand Windows security and explore the flaws of Windows UAC mechanism, the origin of UAC mechanism is firstly introduced, and then its implementation principles are analyzed. After that, various current UAC bypass methods are classified and different types of UAC bypass methods are elaborated on. Based on the understanding of the existing bypassing methods, the defects of the current UAC mechanism are discussed in depth, and the improvement scheme of the UAC mechanism is proposed.

At present, Vehicular Ad-Hoc Networks (VANETs) has been a hot research topic for researchers in the intelligent transportation. It can not only provide real-time traffic information for managers, but also provide effective safety protection for drivers. However, in practical applications, the communication between vehicles is in a real-time changing network environment, which may be eavesdropping, locating and tracking. Therefore, it is essential to preserve the privacy in VANETs. Based on the Chinese remainder theorem and DSA signature algorithm, this paper proposes an efficient revocable group signature privacy protection scheme for VANETs. It can not only protect the anonymity of the vehicles, but also provide traceability for the Trusted Authority (TA) when traffics escape. At the same time, it can provide revocable functions for the vehicles when they send malicious messages or are in dispute. From the proofs of correctness and security, we know that they can not only have the properties of traceability and anonymity, but also can resist against framed attacks. According to the performance verification, we obtain it can improve the efficiency of signatures and meet the demand for real-time and efficient for VANETs.

Wireless sensor networks (WSNs) face many security challenges in their applications. In order to improve the security of WSNs, a trust security algorithm based on nodes behavior analysis and cloud model is proposed. According to the behavior characteristics of the conventional attacks, three kinds of trust factors are defined and introduced to the trust security algorithm: the transmission rate factor, the spatial correlation factor and the replay attack factor. The cloud model is used to judge the security status of the nodes according to these three trust factors. In the comprehensive calculation of the trust value, the time attenuation factor and the strategy for excluding the impersonation factor by historical evaluations are introduced. Moreover, the influence of the impersonation factor is further excluded by considering the acceptance domain of the trust distribution, and the defamatory nodes could get punished finally. Simulation experiments show that the proposed algorithm can detect the malicious nodes, identify the impersonation nodes, and resist on impersonation attacks effectively.

Security compliance auditing against standards, regulations or requirements in cloud environments is of increasing importance to boost trust between stakeholders. Many automatic security compliance auditing tools have been developed to facilitate accountability and transparency of a cloud provider to its tenants in a large scale and complex cloud. User operations in clouds that may cause security compliance violations have attracted attention, including some management operations conducted by insider attackers. System changes induced by the operations concerning security policies are captured for auditing. However, existing cloud security compliance auditing tools mainly concentrate on verification rather than on evidence provision. In this paper, we propose an automatic approach to digging evidence for security compliance violations of user operations, by mining the insights of system execution for the operations from system execution traces. Both known and potentially unknown suspicious user operation re-quests that may cause security compliance violations, or suspect system execution behavior changes, are automatically recognized. More importantly, evidences related to the detected suspicious requests are presented for further auditing, where the abnormal and expected snippets are marked in the relevant extracted execution traces. We have evaluated our method in OpenStack, a popular open source cloud operating system. The experimental results demonstrate the capability of our approach to detecting user opera-tion requests causing security compliance violations and presenting relevant evidences.

Millionaire problem and private set intersection problem are not only the basic issues in the secure multiparty computation, but also the building block for privacy-preserving cooperative computation. However, so far the existing solutions to the two problems cannot resist the quantum attack, and in the meanwhile are inefficient enough. Aiming at these drawbacks, in this paper we first construct two new 0–1 encoding. Subsequently, using the designed 0–1 encoding, we transform Millionaire problem into the summation problem, and further transform the set intersection problem into the product problem. Lastly, taking advantage of NTRU homomorphic encryption, we propose Protocol 1 for Millionaire problem and Protocol 2 for the secure set intersection problem, respectively. The final analyses indicate that the two protocols designed in this paper are not only secure against the quantum attack but also more efficient compared with the previous schemes, In addition, Protocol 1 has more fine-grained comparing result for any two elements in total order set than the previous; Protocol 2 has a two-fold functionality in that it is not only secure against quantum attacks but also applicable for cloud computing environment.

In order to solve the data security problem in cloud storage system, an access control scheme which supports for a finer attribute expression for cloud storage data based on CP-ASBE (Ciphertext-Policy Attribute-Sets Based Encryption) is proposed in this paper, which can solve the problem of attribute confusion based on attribute encryption algorithm. A multi-authorization center is used to address single-point security issues. The digest of plaintext is used to encrypt the plaintext, and then the CP-ASBE encryption key is used to improve the efficiency and save the storage space of the cloud storage. In terms of attribute revocation, access control lists are used to handle coarse-grained privilege revocation. For fine-grained attribute revocation, proxy re-encryption is used and the complex calculations are delegated to the computationally powerful DataNode node. The confidentiality, integrity, non-repudiation, availability and security of the scheme are analyzed and proved. The results show that the cloud storage data access control scheme based on CP-ASBE can effectively improve the security of user data in HDFS (Hadoop Distributed File System) cloud storage system.

As the source of spamming, phishing, malware and many more such attacks, malicious URL is a chronic and complicated problem on the Internet. Machine learning approaches have taken effect and obtained high accuracy in detecting malicious URL. But the tedious process of extracting features from URL and the high dimension of feature vector makes the implementing time consuming. This paper presents a deep learning method using Stacked denoising autoencoders model to learn and detect intrinsic malicious features. We employ an SdA network to analyze URLs and extract features automatically. Then a logistic regression is implemented to detect malicious and benign URLs, which can generate detection models without a manually feature engineering. We have implemented our network model using Keras, a high-level neural networks API with a Tensor-flow backend, an open source deep learning library. 5 datasets were used and 4 other method were compared with our model. In the result, our architecture achieves an accuracy of 98.25% and a micro-averaged F1 score of 0.98, tested on a mixed dataset containing around 2 million samples.

Software vulnerabilities are weakness, flaws or errors introduced during the life cycle of a software system. Although, previous studies have demonstrated the practical significance of using software metrics to predict vulnerable software components, empirical evidence shows that these metrics are plagued with issues pertaining to their effectiveness and robustness. This paper investigates the feasibility of using Bellwethers (i.e., exemplary data) for predicting and classifying software vulnerabilities. We introduced a Bellwether method using the following operators, PARTITION, SAMPLE + TRAIN and APPLY. The Bellwethers sampled by the three operators are used to train a learner (i.e., deep neural networks) with the aim of predicting essential or non-essential vulnerabilities. We evaluate the proposed Bellwether method using vulnerability reports extracted from three popular web browsers offered by CVE. Again, the mean absolute error (MAE), Welch’s t-test and Cliff’s δ effect size are used to further evaluate the prediction performance and practical statistical significant difference between the Bellwethers and the growing portfolio. We found that there exist subsets of vulnerability records (Bellwethers) in the studied datasets that can yield improved accuracy for software vulnerability prediction. The result shows that recall and precision measures from the text mining process were in a range of 73.9%–85.3% and 67.9%–81.8% respectively across the three studied datasets. The findings further show that the use of the Bellwethers for predictive modelling is a promising research direction for assisting software engineers and practitioners when seeking to predict instances of vulnerability records that demand much attention prior to software release.