main-content

## Über dieses Buch

This book constitutes the refereed post-conference proceedings of the 9th International Conference on Mobile Networks and Management, MONAMI 2017, held in Melbourne, Australia, in December 2017.
The 30 revised full papers were carefully reviewed and selected from 43 submissions. The papers handle topics in the area of mobile computing, wireless networking and management.

## Inhaltsverzeichnis

### Offloading of Fog Data Networks with Network Coded Cooperative D2D Communications

Abstract
Future fog data networks are expected to be assisted by users cooperation and coding schemes. Given the finite I/O access bandwidth of the drives in the data servers and the explosive increase in the end users’ demand for download of the content from the servers, in this paper, we consider the implementation of instantly decodable network coding (IDNC) in full-duplex device-to-device (D2D) enabled cooperative distributed data networks. In particular, this paper is concerned with optimizing D2D communications with efficiently coded transmissions such that we offload traffic from the expensive backhaul of network servers. Previous works implementing IDNC have not focused on a cooperative architecture, therefore a new theoretical-graph model is proposed and the optimal problem formulation is presented. However, as the optimal solution suffers from the intractability of being NP-hard, it is not suitable for real-time communications. The complexity of the problem is addressed by presenting a greedy heuristic algorithm used over the proposed graph model. The paper shows that by implementing IDNC in a full-duplex cooperative D2D network model significant reduction in the number of downloads required from the servers can be achieved, which will result in saving valuable servers’ resources.

### Persistent vs Service IDs in Android: Session Fingerprinting from Apps

Abstract
Android has conquered the mobile market, reaching a market share above 85%. The post Lollipop versions have introduced radical changes in the platform, significantly improving the provided security and privacy of the users. Nonetheless, the platform offers several features that can be exploited to fingerprint users. Of specific interest are the fingerprinting capabilities which do not request any dangerous permission from the user, therefore they can be silently shipped with any application without the user being able to trace them, let alone blocking them. Having Android AOSP as our baseline we discuss various such methods and their applicability.
Efthimios Alepis, Constantinos Patsakis

### Towards Developing Network Forensic Mechanism for Botnet Activities in the IoT Based on Machine Learning Techniques

Abstract
The IoT is a network of interconnected everyday objects called “things” that have been augmented with a small measure of computing capabilities. Lately, the IoT has been affected by a variety of different botnet activities. As botnets have been the cause of serious security risks and financial damage over the years, existing Network forensic techniques cannot identify and track current sophisticated methods of botnets. This is because commercial tools mainly depend on signature-based approaches that cannot discover new forms of botnet. In literature, several studies have conducted the use of Machine Learning (ML) techniques in order to train and validate a model for defining such attacks, but they still produce high false alarm rates with the challenge of investigating the tracks of botnets. This paper investigates the role of ML techniques for developing a Network forensic mechanism based on network flow identifiers that can track suspicious activities of botnets. The experimental results using the UNSW-NB15 dataset revealed that ML techniques with flow identifiers can effectively and efficiently detect botnets’ attacks and their tracks.
Nickolaos Koroniotis, Nour Moustafa, Elena Sitnikova, Jill Slay

### Performance Comparison of Distributed Pattern Matching Algorithms on Hadoop MapReduce Framework

Abstract
Creating meaning out of the growing Big Data is an insurmountable challenge data scientists face and pattern matching algorithms are great means to create such meaning from heaps of data. However, the available pattern matching algorithms are mostly tested with linear programming models whose adaptability and efficiency are not tested in distributed programming models such as Hadoop MapReduce, which supports Big Data. This paper explains an experience of parallelizing three of such pattern matching algorithms, namely - Knuth Morris Pratt Algorithm (KMP), Boyer Moore Algorithm (BM) and a lesser known Franek Jennings Smyth (FJS) Algorithm and porting them to Hadoop MapReduce framework. All the three algorithms are converted to MapReduce programs using key value pairs and experimented on single node as well as cluster Hadoop environment. The result analysis with the Project Gutenberg data-set has shown all the three parallel algorithms scale well on Hadoop environment as the data size increases. The experimental results prove that KMP algorithm gives higher performance for shorter patterns over BM, and BM algorithm gives higher performance than KMP for longer patterns. However, FJS algorithm, which is a hybrid of KMP and Boyer horspool algorithm which is advanced version of BM, outperforms both KMP and BM for shorter and longer patterns, and emerges as the most suitable algorithm for pattern matching in a Hadoop environment.
C. P. Sona, Jaison Paul Mulerikkal

### Robust Fingerprint Matching Based on Convolutional Neural Networks

Abstract
Fingerprint has been widely used in biometric authentication systems due to its uniqueness and consistency. Despite tremendous progress made in automatic fingerprint identification systems (AFIS), highly efficient and accurate fingerprint matching remains a critical challenge. In this paper, we propose a novel fingerprint matching method based on Convolutional Neural Networks (ConvNets). The fingerprint matching problem is formulated as a classification system, in which an elaborately designed ConvNets is learned to classify each fingerprint pair as a match or not. A key contribution of this work is to directly learn relational features, which indicate identity similarities, from raw pixels of fingerprint pairs. In order to achieve robustness and characterize the similarities comprehensively, incomplete and partial fingerprint pairs were taken into account to extract complementary features. Experimental results on FVC2002 database demonstrate the high performance of the proposed method in terms of both false acceptance rate (FAR) and false rejection rate (FRR). Thanks to the robustness of feature extraction, the proposed method is applicable of incomplete and partial fingerprint matching.
Yanming Zhu, Xuefei Yin, Jiankun Hu

### A Personalized Multi-keyword Ranked Search Method Over Encrypted Cloud Data

Abstract
Due to data privacy considerations, the data owners usually encrypt their documents before outsourcing to the cloud. The ability to search the encrypted documents is of great importance. Existing methods usually use the keywords to express users’ query intention, however it’s difficult for the users to construct a good query without the knowledge of document collection. This paper proposes a personalized ciphertext retrieval method based on relevance feedback, which utilizes user interaction to improve the correlation with the search results. The users only need to determine the relevance of the documents instead of constructing a good query, which can greatly improve the users query satisfaction. The selected IEEE published papers are taken as a sample of the experiment. The experimental results show that the proposed method is efficient and could raise the users’ satisfaction. Compared with MRSE-HCI method, our method could achieve higher precision rate and equally high efficiency performance.
Xue Tian, Peisong Shen, Tengfei Yang, Chi Chen, Jiankun Hu

### Application of Fuzzy Comprehensive Evaluation Method for Reservoir Well Logging Interpretation While Drilling

Abstract
Reservoir classification and evaluation is the base for gas reservoir description. Well logging interpretation while drilling technique collects drilling logging signal in real-time through the sensor module, and transmits to the database server wirelessly. Well logging interpretation model is applied to reservoir information analysis, which is important to describe gas reservoirs accurately. Because of complicated geological conditions, there is a deviation in single well logging interpretation model. To solve the problem, a reservoir well logging evaluation while drilling method based on fuzzy comprehensive evaluation is proposed. Key parameters affecting reservoir evaluation, such as porosity, permeability and gas saturation are considered. Fully mining the information contained in GR, SP, AC and RT well logging data. Firstly, the reservoir is divided into gas, poor-gas, dry layer and water layer. For each well logging method, statistical method is used to calculate the subordinate intervals of each reservoir’s parameters, and the membership degree is calculated to form the evaluation matrix of the well logging method. Then, the weight of each parameter is selected to form the comprehensive evaluation weight matrix, and fuzzy comprehensive evaluation result of well logging is computed. Finally, the comprehensive evaluation results of different well logging methods are composed to evaluation matrix, and fuzzy comprehensive evaluation method is used again to get the final reservoir evaluation category, so as to provide scientific basis for gas field development decision making.
Zhaohua Zhou, Shi Shi, Shunan Ma, Jing Fu

### Factor Effects for Routing in a Delay-Tolerant Wireless Sensor Network for Lake Environment Monitoring

Abstract
Delay-tolerant wireless sensor networks (DTWSN) is a promising tool to facilitate communication in disruptive and challenged sensor network environments not usually catered by traditional systems. In this paper, DTWSN application to a real-life lake scenario is considered with the description of the routing problem and proposed solution. Opportunistic Network Environment (ONE) simulator was utilized to determine the performance of First Contact, Epidemic and Spray and Wait routing protocols on the map-based mobility model of the lake. Factors considered are the number of nodes, bit rate and ferry speed. Analyses of delivery probability, latency and overhead ratio as well as buffer time and hop count as metrics of performance evaluation against the protocols are done using JMP software. Results revealed that Spray and wait outperforms the other protocols for the given scenario.
Rizza T. Loquias, Nestor Michael C. Tiglao, Jhoanna Rhodette I. Pedrasa, Joel Joseph S. Marciano

### Estimating Public Opinion in Social Media Content Using Aspect-Based Opinion Mining

Abstract
With the development of the Internet, social media has been the main platform for human to express opinions about products/services, key figures, socio-political and economic events… Besides the benefits that the platform offers, there are still various security threats relating to the fact that most extremist groups have been abusing social media to spread distorted beliefs, to incite the act of terrorism, politics, religions, to recruit, to raise funds and much more. These groups tend to include sentiment leading to illegal affairs such as terrorism, cyber-attacks, etc. when sharing their opinions and comments. Therefore, it is necessary to capture public opinions and social behaviors in social media content. This is a challenging research topic related to aspect-based opinion mining, which is the problem of determining what the exact opinions on specific aspects are rather than getting an overall positive or negative sentiment at the document level. For an entity, the main task is to detect all mentioned aspects of the entity and then produce a summary of each aspect’s sentiment orientation. This paper proposes an aspect-based opinion mining model to address the problem of estimating public opinion in social media content. The model has two phases: 1 - extracting aspects based on double propagation techniques, and 2 - classifying opinions about the detected aspects with the consideration of the context of review sentences using the hybrid approach of machine learning and lexicon-based method.
Yen Hong Tran, Quang Nhat Tran

### An Approach for Host-Based Intrusion Detection System Design Using Convolutional Neural Network

Abstract
Along with the drastic growth of telecommunication and networking, the cyber-threats are getting more and more sophisticated and certainly leading to severe consequences. With the fact that various segments of industrial systems are deployed with Information and Computer Technology, the damage of cyber-attacks is now expanding to physical infrastructure. In order to mitigate the damage as well as reduce the False Alarm Rate, an advanced yet well-design Intrusion Detection System (IDS) must be deployed. This paper focuses on system call traces as an object for designing a Host-based anomaly IDS. Sharing several similarities with research objects in Natural Language Processing and Image Recognition, a Host-based IDS design procedure based on Convolutional Neural Network (CNN) for system call traces is implemented. The decent preliminary results harvested from modern benchmarking datasets NGIDS-DS and ADFA-LD demonstrated this approachs feasibility.
Nam Nhat Tran, Ruhul Sarker, Jiankun Hu

### A Robust Contactless Fingerprint Enhancement Algorithm

Abstract
Compared to contact fingerprint images, contactless fingerprint images have three particular characteristics: (1) contactless fingerprint images have less noise than contact fingerprint images; (2) there are less discontinuities of ridges in contactless fingerprint images; and (3) the ridge-valley pattern of contactless fingerprint is much more unclear than that of contact fingerprint images. These properties increase a great difficulty to the contactless fingerprint enhancement. In this paper, we propose a robust contactless fingerprint enhancement algorithm based on simple sinusoidal-shaped filter kernel to fully take advantage of the properties of contactless fingerprint. First, an effective preprocessing is proposed to preliminarily strengthen the ridge-valley contrast of contactless fingerprint images. Then, simple sinusoidal-shaped filter kernel is proposed to enhance the contactless fingerprint images. Finally, we propose a score-filtering procedure to effectively recover the ridge-valley pattern. Comprehensive experiments were performed to evaluate the proposed method from aspects of image quality, minutiae extraction and fingerprint verification. Experimental results demonstrate the high performance of the proposed algorithm in contactless fingerprint enhancement.
Xuefei Yin, Yanming Zhu, Jiankun Hu

### Designing Anomaly Detection System for Cloud Servers by Frequency Domain Features of System Call Identifiers and Machine Learning

Abstract
The protection of operating systems from the current cyber threats has paramount importance. This importance is reflected by the functional dependency of any known or unknown cyber-attack upon the machines operating system. In order to design an anomaly detection system to protect an operating system from unknown attacks, acquiring comprehensive information related to running activities is the first crucial step. System call identifiers are one of the most reflective logs related to running activities in an operating system. Number of system call identifiers based host anomaly detection systems have been presented from the last two decades by using logs as raw system call identifiers. However, due to the stealth and penetration power of the unknown attacks, there is a need of acquiring and investigating more possible logs from machines operating system for the reliable protection. In this paper, firstly we apply the sine and Fourier transformation to the short sequence of system call identifiers, in order to model the frequency domain feature vector of any running activity at the cloud server. Second, different machine learning algorithms are trained and tested as anomaly detection engine using frequency domain transformed feature vectors of the short sequence of system call identifiers. The proposed work is evaluated using recently released intrusion detection systems data-set i.e., NGIDS-DS alongside two other old data-sets for comparative purposes. The experimental results indicate that the frequency domain feature vectors of short sequence of system call identifiers have comparatively superior performance than raw short sequence of system call identifiers, in detecting anomalies and building normal profile.
Waqas Haider, Jiankun Hu, Nour Moustafa

### A Variant of BLS Signature Scheme with Tight Security Reduction

Abstract
In 2001, Boneh, Lynn and Shacham designed a signature scheme using the properties of bilinear pairing from elliptic curve, and based its security under the Computational Diffie-Hellman (CDH) assumption. However, the security reduction is not tight as there is a loss of roughly $$q_s$$, the number of sign queries. In this paper, we propose a variant of the BLS signature with tight security reduction based on the co-CDH assumption. Besides upgraded to the notion of strong existential unforgeability under chosen message attack, the variant is backward-compatible with the original BLS signature.
Tiong-Sik Ng, Syh-Yuan Tan, Ji-Jian Chin

### Quantum Authentication Scheme Based on Fingerprint-Encoded Graph States

Abstract
We demonstrate an improved quantum authentication scheme which involves fingerprint recognition and quantum authentication. This scheme is designed to solve the practical problem in knowledge-based quantum authentication systems. It can satisfy the requirement of secure remote communication by using fingerprint-encoded graph states. The encoded graph states, which determine the preferred legitimate participants in the deterministic network, enable the facility of the implementable fingerprint-based authentication. The fingerprint template used for authentication in this scheme is of revocability and diversity. Security analysis shows that the proposed scheme can effectively defend various attacks including forgery attack, intercept-resend attack and man-in-the-middle attack. What’s more, this novel scheme takes advantages of the merits in terms of both fingerprint recognition and quantum authentication, rendering it more secure, convenient and practical for users than its original counterpart, knowledge-based quantum authentication.
Fei Li, Ying Guo, Jiankun Hu

### Cooperative Information Security/Cybersecurity Curriculum Development

Abstract
It is often difficult to meaningfully convey concepts like security incident management cycle, information sharing, cooperation, as well as the roles of people, processes and technology in information and cybersecurity courses. Such complexity requires immersive and interactive learning based on continuous cooperation between industry and academia. In this paper we highlight the ongoing industry/university cooperative effort towards an cooperative schema to enforce the Information Security and Cybersecurity Curriculum development within an existing Master of Computing.
Abdelaziz Bouras, Houssem Gasmi, Fadi Ghemri

### An Energy Saving Mechanism Based on Vacation Queuing Theory in Data Center Networks

Abstract
To satisfy the growing need for computing resources, data centers consume a huge amount of power which raises serious concerns regarding the scale of the energy consumption and wastage. One of the important reasons for such energy wastage relates to the redundancies. Redundancies are defined as the backup routing paths and unneeded active ports implemented for the sake of load balancing and fault tolerance. The energy loss may also be caused by the random nature of incoming packets forcing nodes to stay powered on all the times to await for incoming tasks. This paper proposes a re-architecturing of network devices to address energy wastage issue by consolidating the traffic arriving from different interfaces into fewer ports and turning off the idle ones. This paper also proposes to attribute sleeping and active periods to the processing ports to prevent them from remaining active waiting for random arrivals. Finally, we use the vacation queuing theory to model the packets arriving process and calculate the expectation of vacation periods and the energy saved. Then, we strengthen our work with a simulation part that validates the analytical derivations and shows that the proposed mechanism can reduce more than 25% of the energy consumption.
Emna Baccour, Ala Gouissem, Sebti Foufou, Ridha Hamila, Zahir Tari, Albert Y. Zomaya

### Homomorphic Evaluation of Database Queries

Abstract
Homomorphic encryption is an encryption method that enables computing over encrypted data. This has a wide range of real world ramifications such as being able to blindly compute a search result sent to a remote server without revealing its content. This paper discusses how database search queries can be made secure using a homomorphic encryption scheme. We propose a new database search technique that can be used with the ring-based fully homomorphic encryption scheme proposed by Braserski.
Hamid Usefi, Sudharaka Palamakumbura

### A Cache-Aware Congestion Control for Reliable Transport in Wireless Sensor Networks

Abstract
Data caching and congestion control are two strategies that can enhance the transport reliability in constrained Wireless Sensor Networks. However, these two mechanisms are designed independently for most transport protocols developed for WSN. This work developed a new cache-aware congestion control mechanism for reliable transport. RT-CaCC utilizes cache management policies such as cache insertion, cache elimination and cache size to mitigate packet losses in the network while maximizing cache utilization and resource allocation. It uses two cache management policies for packet loss detection: implicit notifications and expiration of timeout. In addition, it utilizes congestion avoidance using cache-aware rate control mechanism employing transmission window limit as a function of cache size. Results showed that the RT-CaCC obtained significant improvement gain in terms of cache utilization, end-to-end delay and throughput performance specifically during high level of packet loss in the network.
Melchizedek I. Alipio, Nestor Michael C. Tiglao

### A New Lightweight Mutual Authentication Protocol to Secure Real Time Tracking of Radioactive Sources

Abstract
Radioactive applications are employed in many aspects of our life, such as industry, medicine and agriculture. One of the most important issues that need to be addressed is the security of the movement of radioactive sources. There are many threats that may occur during the transportation of the radioactive sources from one place to another. This paper investigates the security issues in the transportation of the radioactive sources. Thus, it is an attempt to build a secure, real time freight tracking system in which the radioactive source can be under inspection and control at all times during transportation from the shipment provider to the end user. Thus, we proposed a novel lightweight mutual authentication protocol to be used for securing the transportation of radioactive materials. Also, the security requirements for the proposed protocol were verified using the Scyther tool.
Mouza Ahmed Bani Shemaili, Chan Yeob Yeun, Mohamed Jamal Zemerly, Khalid Mubarak, Hyun Ku Yeun, Yoon Seok Chang, Basim Zafar, Mohammed Simsim, Yasir Salih, Gaemyoung Lee

### Fog Computing as a Critical Link Between a Central Cloud and IoT in Support of Fast Discovery of New Hydrocarbon Reservoirs

Abstract
The overall process of discovering hydrocarbon traps, starting with geological exploration through to Seismic Data Processing (SDP) is very expensive and time consuming. In the real-world, the oil and gas production relies on how soon seismic data is computationally processed. The ability for an oil and gas company to perform seismic computation at higher speed within shorter time provides competitive advantage in the race to discover new hydrocarbon reservoirs. We are convinced that the current state of research in areas such as cloud computing, fog computing, and edge computing will make a major change. The goal of this paper is to present the first step towards the development of such a three-level system and show its feasibility in the context of a model for hydrocarbon exploration and discovery operation.
Andrzej M. Goscinski, Zahir Tari, Izzatdin A. Aziz, Eidah J. Alzahrani

### Performance Assessment of Cloud Migrations from Network and Application Point of View

Abstract
Stateful migration processes for Cloud Services require the knowledge about their influencing parameters for the migration decision. Previous work focuses on the placement after the migration but not the migration process. In this work we evaluate the impact of network parameters on the migration performance as well as on the migrated applications. Therefore we propose an automatically set up testbed using OpenStack to measure key characteristics of the migration process.
Lukas Iffländer, Christopher Metter, Florian Wamser, Phuoc Tran-Gia, Samuel Kounev

### A Cloud Service Enhanced Method Supporting Context-Aware Applications

Abstract
Mobile cloud computing is emerging as a powerful platform for running demanding applications migrated from mobile devices to a remote cloud. For some real-time or urgent deadline-constrained applications, the migration process generates intolerable transmission latency. Cloudlets co-located with Access Points (APs) are considered as an efficient way to reduce such transmission latency. However, it is still a challenge to manage the cloudlets that have been deployed for fixed context-aware applications to achieve cost savings. In view of this challenge, a cloud service enhanced method supporting context-aware applications is proposed in this paper. Specifically, a cloudlet management principle is designed to provide a reference for cloudlet status judgment. Then a relevant cloud service enhanced method is proposed to decide which active cloudlets should be shut down. Finally, the experimental and analytical results demonstrate the validity of our proposed method.
Zifan Liu, Qing Cai, Song Wang, Xiaolong Xu, Wanchun Dou, Shui Yu

### Application of 3D Delaunay Triangulation in Fingerprint Authentication System

Abstract
Biometric security has found many applications in Internet of Things (IoT) security. Many mobile devices including smart phones have supplied fingerprint authentication function. However, the authentication performance in such restricted environment has been downgraded significantly. A number of methods based on Delaunay triangulation have been proposed for minutiae-based fingerprint matching, due to some favorable properties of the Delaunay triangulation under image distortion. However, all existing methods are based on 2D pattern, of which each unit, a Delaunay triangle, can only provide limited discrimination ability and could cause low matching performance. In this paper, we propose a 3D Delaunay triangulation based fingerprint authentication system as an improvement to improve the authentication performance without adding extra sensor data. Each unit in a 3D Delaunay triangulation is a Delaunay tetrahedron, which can provide higher discrimination than a Delaunay triangle. From the experimental results it is observed that the 3D Delaunay triangulation based fingerprint authentication system outperforms the 2D based system in terms of matching performance by using same feature representation, e.g., edge. Furthermore, some issues in applying 3D Delaunay triangulation in fingerprint authentication, have been discussed and solved. To the best of our knowledge, this is the first work in literature that deploys 3D Delaunay triangulation in fingerprint authentication research.
Wencheng Yang, Guanglou Zheng, Ahmed Ibrahim, Junaid Chaudhry, Song Wang, Jiankun Hu, Craig Valli

### The Public Verifiability of Public Key Encryption with Keyword Search

Abstract
Cloud computing has been widely recognized as the next big thing in this era. Users outsourced data to cloud server and cloud server provided service economic savings and various convenience for users. Public key encryption with keyword search (PEKS) which provides a solution for a third party user to search on remote data encrypted by data owner. Since the server may be dishonest, it can perform search operation on encrypted data and only return partial results. Therefore, it is necessary to verify the correctness and completeness of the search result. Existing PEKS schemes only support data receiver’s private verification, however, in practice, we usually need anyone can verify the server’s search result. In this paper, we propose a PEKS with public verifiability scheme, which can achieve the security of ciphertext indistinguishability, trapdoor indistinguishability, keyword guessing attack and public verifiability. Comparing previous PEKS schemes, our scheme is public verifiability, while keeping the encrypted data security in cloud server and search operation privately over the encrypted data.
Binrui Zhu, Jiameng Sun, Jing Qin, Jixin Ma

### Malicious Bitcoin Transaction Tracing Using Incidence Relation Clustering

Abstract
Since the generation of Bitcoin, it has gained attention of all sectors of the society. Law breakers committed crimes by utilizing the anonymous characteristics of Bitcoin. Recently, how to track malicious Bitcoin transactions has been proposed and studied. To address the challenge, existing solutions have limitations in accuracy, comprehensiveness, and efficiency. In this paper, we study Bitcoin blackmail virus WannaCry event incurred in May 2017. The three Bitcoin addresses disclosed in this blackmail event are only restricted to receivers accepting Bitcoin sent by victims, and no further transaction has been found yet. Therefore, we acquire and verify experimental data by example of similar Bitcoin blackmail virus CryptoLocker occurred in 2013. We focus on how to track malicious Bitcoin transactions, and adopt a new heuristic clustering method to acquire incidence relation between addresses of Bitcoin and improved Louvain clustering algorithm to further acquire incidence relation between users. In addition, through a lot of experiments, we compare the performance of our algorithm with another related work. The new heuristic clustering method can improve comprehensiveness and accuracy of the results. The improved Louvain clustering algorithm can increase working efficiency. Specifically, we propose a method acquiring internal relationship between Bitcoin addresses and users, so as to make Bitcoin transaction deanonymisation possible, and realize a better utilization of Bitcoin in the future.
Baokun Zheng, Liehuang Zhu, Meng Shen, Xiaojiang Du, Jing Yang, Feng Gao, Yandong Li, Chuan Zhang, Sheng Liu, Shu Yin

### Cryptanalysis of Salsa and ChaCha: Revisited

Abstract
Stream cipher is one of the basic cryptographic primitives that provide the confidentiality of communication through insecure channel. EU ECRYPT network has organized a project for identifying new stream suitable for widespread adoption where the ciphers can provide a more security levels. Finally the result of the project has identified new stream ciphers referred as eSTREAM. Salsa20 is one of the eSTREAM cipher built on a pseudorandom function. In this paper our contribution is two phases. First phase have two parts. In WCC 2015, Maitra et al. [9] explained characterization of valid states by reversing one round of Salsa20. In first part, we have revisited the Maitra et al. [9] characterization of valid states by reversing one round of Salsa20. We found there is a mistake in one bit change in $$8^{th}$$ and $$9^{th}$$ word in first round will result in valid initial state. In second part, Maitra et al. [9] as mentioned that it would be an interesting combinatorial problem to characterize all such states. We have characterized nine more values which lead to valid initial states. The combinations $$(s_4,s_7)$$, $$(s_2,s_3)$$, $$(s_{13},s_{14})$$, $$(s_1,s_6)$$, $$(s_1,s_{11})$$, $$(s_1,s_{12})$$, $$(s_6,s_{11})$$, $$(s_6,s_{12})$$ and $$(s_{11}, s_{12})$$ which characterized as valid states.
In second phase, FSE 2008 Aumasson et al. [1] attacked 128-key bit of Salsa20/7 within $$2^{111}$$ time and ChaCha6 in within $$2^{107}$$ time. After this with best of our knowledge there does not exist any improvement on this attack. In this paper we have attacked 128-key bit of Salsa20/7 within $$2^{107}$$ time and ChaCha6 within $$2^{102}$$ time. Maitra [8] improved the attack on Salsa20/8 and ChaCha7 by choosing proper IVs corresponding to the 256-key bit. Applying the same concept we have attacked 128-key bit of Salsa20/7 within time $$2^{104}$$ and ChaCha7 within time $$2^{101}$$.
Kakumani K. C. Deepthi, Kunwar Singh

### CloudShare: Towards a Cost-Efficient and Privacy-Preserving Alliance Cloud Using Permissioned Blockchains

Abstract
Data explosion has raised a scalability challenge to cloud storage management, while spinning disk capacity growth rates will continue to slow down. Major data holders such as cloud storage providers with a heavy reliance on disk as a storage medium will need to orchestrate multiple kinds of storage to better manage their relentless data growth.
In this paper, we first explore the scenario that multiple clouds are driven by interests to make the storage resources efficiently allocated without requiring a trusted third party, and then propose a novel model, called CloudShare, to enable multi-clouds to carry out a transparent encrypted data deduplication among cross-users via blockchain. Our scheme significantly reduces the storage costs of each cloud, and saves the upload bandwidth of users, while ensuring data confidentiality and consistency. We demonstrate via simulations on a realistic datasets that CloudShare achieves both the effectiveness and the efficiency.
Yandong Li, Liehuang Zhu, Meng Shen, Feng Gao, Baokun Zheng, Xiaojiang Du, Sheng Liu, Shu Yin

### Probability Risk Identification Based Intrusion Detection System for SCADA Systems

Abstract
As Supervisory Control and Data Acquisition (SCADA) systems control several critical infrastructures, they have connected to the internet. Consequently, SCADA systems face different sophisticated types of cyber adversaries. This paper suggests a Probability Risk Identification based Intrusion Detection System (PRI-IDS) technique based on analysing network traffic of Modbus TCP/IP for identifying replay attacks. It is acknowledged that Modbus TCP is usually vulnerable due to its unauthenticated and unencrypted nature. Our technique is evaluated using a simulation environment by configuring a testbed, which is a custom SCADA network that is cheap, accurate and scalable. The testbed is exploited when testing the IDS by sending individual packets from an attacker located on the same LAN as the Modbus master and slave. The experimental results demonstrated that the proposed technique can effectively and efficiently recognise replay attacks.
Thomas Marsden, Nour Moustafa, Elena Sitnikova, Gideon Creech

### Anonymizing k-NN Classification on MapReduce

Abstract
Data analytics scenario such as a classification algorithm plays an important role in data mining to identify a category of a new observation and is often used to drive new knowledge. However, classification algorithm on a big data analytics platform such as MapReduce and Spark, often runs on plain text without an appropriate privacy protection mechanism. This leaves user’s data to be vulnerable from unauthorized access and puts the data at a great privacy risk. To address such concern, we propose a new novel k-NN classifier which can run on an anonymized dataset on MapReduce platform. We describe new Map and Reduce algorithms to produce different anonymized datasets for k-NN classifier. We also illustrate the details of experiments we performed on the multiple anonymized data sets to understand the effects between the level of privacy protection (data privacy) and the high-value insights (data utility) trade-off before and after data anonymization.
Sibghat Ullah Bazai, Julian Jang-Jaccard, Ruili Wang

### A Cancellable Ranking Based Hashing Method for Fingerprint Template Protection

Abstract
Despite a variety of theoretical-sound techniques have been proposed for biometric template protection, there is rarely practical solution that guarantees non-invertibility, cancellability, non-linkability and performance simultaneously. In this paper, a cancellable ranking based hashing is proposed for fingerprint template protection. The proposed method transforms a real-valued feature vector into an index code such that the pairwise-order measure in the hashed codes are closely correlated with rank similarity measure. Such a ranking based hashing offers two major merits: (1) Resilient to noises/perturbations in numeric values; and (2) Highly nonlinear embedding based on the rank correlation statistics. The former takes care of the accuracy performance mitigating numeric noises/perturbations while the latter offers strong non-invertible transformation via nonlinear feature embedding from Euclidean to Rank space that leads to toughness in inversion yet still preserve accuracy performance. The experimental results demonstrate reasonable accuracy performance on benchmark FVC2002 and FVC2004 fingerprint databases. The analyses justify its resilience to inversion, brute force and preimage attack as well as satisfy the revocability and unlink ability criteria of cancellable biometrics.
Zhe Jin, Jung Yeon Hwang, Soohyung Kim, Sangrae Cho, Yen-Lung Lai, Andrew Beng Jin Teoh

### Backmatter

Weitere Informationen