Network and System Security

To date the considerable computation and storage power of clouds that have attracted great attention from mobile users and mobile service providers over the past few years. The convergence of mobile devices and clouds that leads to a brand new era of could-based mobile applications. It brings long-listed advantages for mobile users to get rid of the constraints of mobile devices (including limited mobile memory, data processing ability and battery). However, mobile clouds yield new security and privacy risks in open network setting. This survey paper attempts to introduce security risks on mobile clouds in the view point of applied cryptography.

Recently, a few pragmatic and privacy protecting systems for authentication in multiple systems have been designed. The most prominent examples are Restricted Identification and Pseudonymous Signature schemes designed by the German Federal Office for Information Security for German personal identity cards. The main properties are that a user can authenticate himself with a single private key (stored on a smart-card), but nevertheless the user’s IDs in different systems are unlinkable.We develop a solution which enables a user to achieve the above mentioned goals while using more than one personal device, each holding a single secret key, but different for each device – as for security reasons no secret key is allowed to leave a secure device. Our solution is privacy preserving: it will remain hidden for the service system which device is used. Nevertheless, if a device gets stolen, lost or compromised, the user can revoke it (leaving his other devices intact).In particular, in this way we create a strong authentication framework for cloud users, where the cloud does not learn indirectly personal data. In the standard solutions there is no way to avoid leaking information that, for instance, the user is in his office and authenticates via his desktop computer.Our solution is based on a novel cryptographic primitive, called Pseudonymous Public Key Group Signature.

Text-based passwords are unable to prevent shoulder-surfing attacks. In this paper, a new authentication mechanism was introduced to send out misleading information to attackers when the former entered its text-based passwords; the latter was unable to decipher the true passwords by simply recording or looking at them. The misleading information was the pressure values (i.e., pressures exerted by the users) measured by pressure sensors embedded under the smartphone touchscreens. The systems detected each pressure value entered by the users and determined whether it was to be saved (i.e., as a true password) or omitted (i.e., as misleading information). Regarding this authentication method, because attackers were unable to know the users’ pressure values, they were unable to differentiate between true and misleading information and thus had no way of knowing the users’ actual passwords. In the end, our authentication mechanism improved the deficiency of current text-based passwords and enhanced system security.

Most of the mutual authentication protocols with user anonymity proposed for providing secure roaming service through wireless communications are based on smart cards and have to establish public key cryptosystems in advance. To solve this, Guo et al. firstly proposed an efficient mutual authentication protocol with user anonymity using smart card for wireless communications. Unfortunately, we will demonstrate their scheme requires high modular exponential operations for security issues, and does not allow users to change passwords freely. Based on modular square root, we propose an efficient remote user authentication protocol with smart cards for wireless communications. Compared with others, our protocol is more suitable for mobile devices and smart-card users.

In this paper, we propose an efficient fine-grained access control system for secure Personal Health Records (PHRs) in cloud computing. In this system, the patients have fine-grained access control for their health records. The underlying primitive of this system is a newly designed identity-based conditional proxy re-encryption scheme with chosen-ciphertext security, which is the first of its kind that achieves the highest security level. It is also highly efficient. The public parameters size and also, the private key and ciphertext size are constant and our experimental results indicate that the computational cost does not rely on the message size.

Reducing energy consumption has become an important task in cloud datacenters. Many existing scheduling approaches in cloud datacenters try to consolidate virtual machines (VMs) to the minimum number of physical machines (PMs) and hence minimize the energy consumption. VM live migration technique is used to dynamically consolidate VMs to as few PMs as possible; however, it introduces high migration overhead. Furthermore, the cost factor is usually not taken into account by existing approaches, which will lead to high payment cost for cloud users. In this paper, we aim to achieve energy reduction for cloud providers and payment saving for cloud users, and at the same time, without introducing VM migration overhead and without compromising deadline guarantees for user tasks. Motivated by the fact that some of the tasks have relatively loose deadlines, we can further reduce energy consumption by proactively postponing the tasks without waking up new PMs. In this paper, we propose a heuristic task scheduling algorithm called Energy and Deadline Aware with Non-Migration Scheduling (EDA-NMS) algorithm. EDA-NMS exploits the looseness of task deadlines and tries to postpone the execution of the tasks that have loose deadlines in order to avoid waking up new PMs. When determining the VM instant types, EDA-NMS selects the instant types that are just sufficient to guarantee task deadline to reduce user payment cost. The results of extensive experiments show that our algorithm performs better than other existing algorithms on achieving energy efficiency without introducing VM migration overhead and without compromising deadline guarantees.

This paper presents an infrastructure-based mobile cloud computing framework that obstructs the execution of JavaScript (JS) worms injected from the untrustworthy remote servers. The execution of such worms triggers the Cross-Site Scripting (XSS) attack on the mobile cloud-based Online Social Network (OSN). The framework executes in two steps. Initially, it extracts the Uniform Resource Identifier (URI) links embedded in the HTTP response for extracting the untrusted JS links/code. Secondly, our framework generates the Document Object Model (DOM) tree corresponding to each extracted HTTP response. This tree is explored for the script nodes and extracts the embedded JS code. Now, both these extracted set of JS code will be explored for the detection of similar code. Such similar code will simply point towards the untrusted JavaScript code that will be utilized by an attacker to exploit the vulnerabilities of XSS attack on the OSN. The prototype of our framework was developed in Java and integrated the functionality of its components on the virtual machines of mobile cloud platforms. The experimental testing and performance evaluation of our work was carried out on the open source OSN websites that are integrated in the virtual cloud servers. Evaluation results revealed that our framework is capable enough to detect the untrusted JS worms with very high precision rate, fewer rates of false positives and acceptable performance overhead.

Text categorization is a foundational task in many NLP applications. Traditional text classifiers often rely on hand engineering features, and recently Convolutional Neural Networks (CNNs) with word vectors have achieved remarkably better performance than traditional methods [15, 20]. In this paper, we combined prior knowledge into deep learning method for structured text categorization. In our model, we apply word embedding to capture both semantic and syntactic information of words, and apply different convolutional neural networks to capture advanced features of different parts of the structured text. Since different text parts perform different impact on the text categorization result, a linear SVM kernel is then applied to decide the final categorization result. Moreover, in order to enhance discriminativeness of the word, we employ latent topic models to assign topics for each word in the text corpus, and learn topical word embeddings based on both words and their topics. We conduct experiments on several datasets. The experimental results show that our model outperforms typical text categorization models, especially when the text in the dataset have a similar structure.

Over the last decade, VoIP services and more especially the SIP-based ones, have gained much attention due to the low-cost and simple models they offer. Nevertheless, their inherently insecure design make them prone to a plethora of attacks. This work concentrates on the detection of resource consumption attacks targeting SIP ecosystems. While this topic has been addressed in the literature to a great extent, only a handful of works examine the potential of Machine Learning (ML) techniques to detect DoS and even fewer do so in realtime. Spurred by this fact, the work at hand assesses the potential of 5 different ML-driven methods in nipping SIP-powered DDoS attacks in the bud. Our experiments involving 17 realistically simulated (D)DoS scenarios of varied attack volume in terms of calls/sec and user population, suggest that some of the classifiers show promising detection accuracy even in low-rate DDoS incidents. We also show that the performance of ML-based detection in terms of classification time overhead does not exceed 3.5 ms in average with a mean standard deviation of 7.7 ms.

An oblivious signature is a kind of digital signature providing privacy protection for the signature requester. According to the pioneer work introduced by Chen in 1994, it is defined in two different types; an oblivious signature with n messages and, an oblivious signature with n keys. In an oblivious signature with n messages, it allows a signature requester to get a signature on 1-out-of-n messages while during the signing process, the signer cannot find out which one of the n messages has been signed. In an oblivious signature with n keys, it allows a signature requester to get a signature signed by 1-out-of-n signers while during the signing process, no one except the requester can know who has really signed the message. In 2008, Tso et al. gave formal definitions on the models of oblivious signatures and gave an example on the construction of oblivious signatures based on the Schnorr signature. In this paper, we follow Tso et al.’s work but combine the two functionalities into one scheme. We called it Two-in-one oblivious signature. In out scheme, a signature requester can ask 1-out-of-$$n_1$$n1 signers to sign 1-out-of-$$n_2$$n2 messages. At the end of our protocol, no one (including the $$n_1$$n1 possible-signers) knows who has really signed the message as well as which one of the $$n_2$$n2 message has been signed. The scheme is useful in many applications such as e-cash, e-voting and e-auction etc. We will give a formal model on our scheme and give a rigorous security proof based on the random oracle model.

We present a novel design for stateless transitive signature ($$\mathrm {TS}$$TS) for undirected graph to authenticate dynamically growing graph data. Our construction is built on the widely studied $$\mathrm {ZSS}$$ZSS signature technology [19] with bilinear mapping, and using general cryptographic hash functions (e.g., $$\mathrm {SHA}$$SHA-512 and $$\mathrm {MD}6$$MD6). Compared with the existing stateless $$\mathrm {TS}$$TS schemes for undirected graph in the literature, our scheme is more efficient. The scheme is also proven transitively unforgeable against adaptive chosen-message attack under the $$\mathrm {M2SDH}$$M2SDH assumption in the random oracle model.

A social matching service has recently become popular. These services help a user to search friends having common preference or interest. On the other hand, users use their personal information for matching in social matching services, and thus the privacy-preserving profile matching protocols have been well studied. However, although there are various privacy-preserving profile matching protocols, they may cause unwilling matching. In order to solve this problem, it is necessary to achieve a fine-grained matching mechanism considering conditions.In this paper, we propose a privacy-preserving profile matching protocol embedded with homomorphic encryption considering conditions: matching is established only when the conditions are satisfied. Our protocol reduces computational cost of user’s device by using the map-to-prime technique and setting an honest-but-curious server. Furthermore, even if a server is attacked, user’s secret key or personal data does not leak since our protocol is designed for a server without such confidential data.

Credit card system has proven itself to be a convenient way for individuals to complete transactions. Despite its great benefits, credit card system also brings in great privacy risks to users. The card issuing bank knows the details of all transactions made by every user, including transaction date, amount, and merchant. These contain sensitive information of the users which may reveal their whereabouts, preferences, daily routines, etc. In this paper, we build privacy preserving credit card systems that hide the expenses of individual users from the bank, while preserving most of the features provided by the current credit card system at the same time.

Machine-learning augments today’s IDS capability to cope with unknown malware. However, if an attacker gains partial knowledge about the IDS’s classifier, he can create a modified version of his malware, which can evade detection. In this article we present an IDS based on various classifiers using system calls executed by the inspected code as features. We then present a camouflage algorithm that is used to modify malicious code to be classified as benign, while preserving the code’s functionality, for decision tree and random forest classifiers. We also present transformations to the classifier’s input, to prevent this camouflage - and a modified camouflage algorithm that overcomes those transformations. Our research shows that it is not enough to provide a decision tree based classifier with a large training set to counter malware. One must also be aware of the possibility that the classifier would be fooled by a camouflage algorithm, and try to counter such an attempt with techniques such as input transformation or training set updates.

Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attack-prevention method that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small.

Digital forensics is a fast-evolving field of study in contemporary times. One of the challenges of forensic analysis is the quality of evidence captured from computing devices and networks involved in a crime. The credibility of forensic evidence is dependent on the accuracy of established timelines of captured events. Despite the rising orders of magnitude in data volume captured by forensic analysts, the reliability and independence of the timing data source may be questionable due to the underlying network dynamics and the skew in the large number of intermediary system clocks that dictate packet time stamps. Through this paper, we propose a mechanism to verify the accuracy of forensic timing data through collaborative verification of forensic evidence obtained from multiple third party servers. The proposed scheme does analysis of HTTP response headers extracted from network packet capture (PCAP) files and validity testing of third party data through the application of statistical methods. We also develop a proof of concept universal time agreement protocol to independently verify timestamps generated by local logging servers and to provide a mechanism that may be adopted in digital forensics procedures.

Pubilc Key Encrytion with Keyword Search (PEKS) scheme allows users to search encrypted messages by using a particular keyword without leaking any information. Practically, users might need to relate multiple keywords to one message. To effectively encrypt multiple keywords, Baek et al. first presented a PEKS scheme with multiple keywords (MPEKS). In this paper, we come up with a new efficient secure channel free PEKS scheme with multiple keywords named SCF-MPEKS. We give formal definitions and a concrete construction of SCF-MPEKS. The proposed SCF-MPEKS scheme is secure in the presented models of indistinguishability for SCF-MPEKS. Our scheme removes the secure channel assumption between the server and the receiver, which has much better performance in terms of both computational and communication overhead than Baek et al.’s MPEKS scheme for building a secure channel is very costly.

We consider the problem of searchable encryption scheme which allows a user to search over encrypted data without decrypting it. Existing schemes in the symmetric setting only deal with equality search or a limited similarity keyword search. In this paper, we study Bloom filter-based searchable symmetric encryption schemes which make search on encrypted keywords more expressive and flexible, i.e., support fuzzy search or wildcard search by using multiple wildcard characters. Our schemes are more efficient than previous solutions on both computation cost and communication cost. Security of our main construction is analyzed based on a formal, strong security model for searchable symmetric encryption.

Nowadays the cloud security becomes a significant issue: while the single user keyword search on encrypted data has been proposed, encrypting files before uploading scarifies the advantage of the convenience of sharing data with others on the cloud.We design a searchable encryption for the multi-user case. We combine the advantage of efficiency of the symmetric encryption with authentication of the asymmetric encryption to provide a secure and efficient system of shareable keyword search on encrypted data.

There has been considerable research in specifying authorization policies for XML documents. Most of these approaches consider only hierarchical structure of underlying data. They define authorization policies by directly identifying XML nodes in the policies. These approaches work well for hierarchical structure but are not suitable for other required characteristics we identify in this paper as semantical association and scatteredness.This paper presents an attribute based protection model for JSON documents. We assign security-label attribute values to JSON elements and specify authorization policies using these values. By using security-label attribute, we leverage semantical association and scatteredness properties. Our protection mechanism defines two types of policies called authorization and labeling policies. We present an operational model to specify authorization policies and different models for defining labeling policies. Finally, we demonstrate a proof-of-concept for the proposed models in the Swift service of OpenStack IaaS cloud.

Several attribute-based access control (ABAC) models have been recently proposed to provide finer-grained authorization and to address the shortcomings of existing models. In particular, Servos et al. [33] presented a hierarchical group and attribute based access control (HGABAC) model which introduces a novel approach of attribute inheritance through user and object groups. For authorization purposes the effect of attribute inheritance from groups can be equivalently realized by direct attribute assignment to users and objects. Hence the practical benefit of HGABAC-like models is with respect to administration. In this paper we propose the first administration model for HGABAC called $$\mathrm {GURA_G}$$GURAG. $$\mathrm {GURA_G}$$GURAG consists of three sub-models: UAA for user attribute assignment, UGAA for user-group attribute assignment and UGA for user to user-group assignment.

Several access control models that use attributes have been proposed, although none so far is regarded as a definitive characterization of attribute-based access control (ABAC). Among these a recently proposed model is the attribute-based access matrix (ABAM) model [14] that extends the HRU model [4] by introducing attributes. In this paper we consider the finite case of ABAM, where the number of attributes is finite and the permissible values (i.e., domain) for each attribute is finite. Henceforth, we understand ABAM to mean finite ABAM. A separately developed model with finite attribute domains is PreUCON$$\mathrm {_A}$$A [10], which is a sub-model of the usage control UCON model [9]. This paper explores the relationship between the expressive power of these two finite attribute domain models. Since the safety problem for HRU is undecidable it follows safety is also undecidable for ABAM, while it is known to be decidable for PreUCON$$\mathrm {_A}$$A [10]. Hence ABAM cannot be reduced to PreUCON$$\mathrm {_A}$$A. We define a special case of ABAM called RL-ABAM2 and show that RL-ABAM2 and PreUCON$$\mathrm {_A}$$A are equivalent in expressive power, but each has its own advantages. Finally, we propose a possible way to combine the advantages of these two models.

Cloud service provider that is equipped with tremendous resources enables the terminals with constrained resources to perform outsourced query or computation on large scale data. Security challenges are always the research hotspots in the outsourced computation community. In this paper, we investigate the problem of publicly verifiable outsourced matrix multiplication. However, in the state-of-the-art scheme, a large number of computationally expensive operations are adopted to achieve the goal of public verification. Thus, the state-of-the-art scheme works inefficiently actually due to the fact that most of the time is spent on the verification-related computing. To lower the verification-related time cost, we propose an efficient scheme for public verification of outsourced matrix multiplication. The two-dimensional matrix is transformed into a one-dimensional vector, which retains the computing ability and is used as the substitute for subsequent verification-related work. The security analysis demonstrates the security of the proposed outsourcing scheme, and the performance analysis shows the running efficiency of the scheme.

Reputation boards are popular tools because of their useful information of products for consumers. In this paper, we propose a rating scheme for the reputation boards. The feature of our rating scheme is that it enables users to rate not only products but also their providers expressively by using digital signatures with predications on ratees. First, we define a syntax of such an expressive rating scheme. Then, we provide a generic conversion of a cryptographic primitive called an attribute-based signature scheme (ABS) into an expressive rating scheme. Using a boolean formula on attributes of ratees, signatures with predications on ratees are generated, which we call expressive ratings. Public linkability of ABS is effectively used to prohibit double ratings. Also, employing an ABS scheme of the Fiat-Shamir type, we construct a concrete efficient expressive rating scheme.

In recent years, attacks involving polynomial cryptanalysis have become an important tool in evaluating encryption algorithms involving stream ciphers. Stream cipher designs are difficult to implement since they are prone to weaknesses based on usage, with properties being similar to one-time pad key-stream are subjected to very strict requirements. Contemporary stream cipher designs are highly vulnerable to Algebraic cryptanalysis based on linear algebra, in which the inputs and outputs are formulated as multivariate polynomial equations. Solving a nonlinear system of multivariate equations will reduce complexity, which in turn yields the targeted secret information. Recently, Addition Modulo $$2^n$$2n has been suggested over logic XOR as a mixing operator to guard against such attacks. However, it has been observed that the complexity of Modulo Addition can be drastically decreased with the appropriate formulation of polynomial equations and probabilistic conditions. A new model for enhanced Addition Modulo is proposed. The framework for the new design is characterized by user-defined expandable security for stronger encryption and does not impose changes in the existing layout for stream ciphers such as SNOW 2.0, BIVIUM, CryptMT, Grain Family, etc. The structure of the proposed design is highly scalable, boosts the Algebraic degree and thwarts the probabilistic conditions by maintaining the original hardware complexity without changing the integrity of the Addition Modulo $$2^n$$2n.

In the FSE 2015 conference, Li et al. introduced a new method to construct differential characteristics of block ciphers by exploiting the meet-in-the-middle like technique. Inspired by the method, in this paper we obtain general results on truncated differential characteristics of block ciphers with Feistel structure. Applying the result to RoadRunneR, which is a fast bit-slice lightweight block cipher proposed in the LightSec 2015 conference for low cost 8-bit processors, we find 5-round truncated differential characteristics with probability $$2^{-56}$$2-56. Using the truncated differential characteristics, we present a attack on 7-round RoadRunneR-128 without whitening keys, with data complexity of $$2^{55}$$255 chosen plaintexts, time complexity of $$2^{121}$$2121 encryptions, and memory complexity of $$2^{68}$$268. This is the currently best known attack on RoadRunneR block cipher.

Oblivious RAM (ORAM) is a security-provable model that can be used to protect a client’s access pattern to remote storage. Existing ORAM constructions were designed mainly for communication efficiency, but the server-side storage efficiency was generally neglected. This paper proposes DF-ORAM, which has the following features when N blocks each of B bits are outsourced: (i) server-side storage overhead is 3N bits (i.e., no dummy blocks); (ii) no server-side computational cost; (iii) server-client communication cost is $$O(\log N\cdot B)$$O(logN·B) bit per query; and (iv) client-side storage cost is $$O(\lambda \cdot B)$$O(λ·B) bits where $$\lambda $$λ is a security parameter. Asymptotical and implementation-based evaluation demonstrate DF-ORAM to be the most communication-efficient and storage-efficient one among the existing ORAMs that do not require server-side computation.

To enhance the performance of single intrusion detection systems (IDSs), collaborative intrusion detection networks (CIDNs) have been developed, which enable a set of IDS nodes to communicate with each other. In such a distributed network, insider attacks like collusion attacks are the main threat. In the literature, challenge-based trust mechanisms have been established to identify malicious nodes by evaluating the satisfaction between challenges and responses. However, we find that such mechanisms rely on two major assumptions, which may result in a weak threat model and make CIDNs still vulnerable to advanced insider attacks in practical deployment. In this paper, we design a novel type of collusion attack, called passive message fingerprint attack (PMFA), which can collect messages and identify normal requests in a passive way. In the evaluation, we explore the attack performance under both simulated and real network environments. Experimental results indicate that under our attack, malicious nodes can send malicious responses to normal requests while maintaining their trust values.

Iris recognition system has demonstrated its strong capability in performing personal verification and identification with promising recognition accuracy. However, the conventional iris recognition system stores the unprotected iris templates in a database, which is potentially being compromised. Even though biometric template protection provides a feasible solution to secure biometric template, a trade-off between security and recognition accuracy is incurred. That is, the higher security level always trades with poor recognition accuracy and vice versa. In this paper, a new iris template protection scheme is proposed, namely “Indexing-First-One” (IFO) hashing. IFO hashing transforms the binary feature into index value with Jacaard distance preservation. The resultant template offers a good indication of inheriting similarity from the IrisCode and strong concealment of IrisCode against inversion attack as well as other major security and privacy attacks. Experiments on CASIA-v3 data set substantiate that the proposed scheme can achieve as low as 0.54 % equal error rate and well preservation of recognition performance before and after IFO hashing.

The Web has long become a major platform for online criminal activities. URLs are used as the main vehicle in this domain. To counter this issues security community focused its efforts on developing techniques for mostly blacklisting of malicious URLs. While successful in protecting users from known malicious domains, this approach only solves part of the problem. The new malicious URLs that sprang up all over the web in masses commonly get a head start in this race. Besides that Alexa ranked trusted websites may convey compromised fraudulent URLs called defacement URL. In this work, we explore a lightweight approach to detection and categorization of the malicious URLs according to their attack type. We show that lexical analysis is effective and efficient for proactive detection of these URLs. We provide the set of sufficient features necessary for accurate categorization and evaluate the accuracy of the approach on a set of over 110,000 URLs. We also study the effect of the obfuscation techniques on malicious URLs to figure out the type of obfuscation technique targeted at specific type of malicious URL.

Microblogging sites, such as Sina Weibo and Twitter, have gained significantly in popularity and become an important source for real-time information dissemination. Inevitably, these services are also used to spread false rumors and misinformation, usually with the unintentional collaboration from innocent users. Previous studies show that microblog information credibility can be assessed automatically based on the features extracted from message contents and users. In this paper, we address this problem from a new perspective by exploring the human input in the propagation process of popular microblog posts. Specifically, we consider that the users are the gatekeepers of their own media portal on microblogging sites, as they decide which information is filtered for dissemination to their followers. We find that truthful posts and false rumors exhibit distinguishable patterns in terms of which gatekeepers forward them and what the gatekeepers comment on them. Based on this finding, we propose to assess the information credibility of popular microblog posts with Hidden Markov Models (HMMs) of gatekeeping behavior. The proposed approach is evaluated using a real life data set that consists of over ten thousand popular posts collected from Sina Weibo.

Pattern mining is a branch of data mining used to discover hidden patterns or correlations among data. We use rare sequential pattern mining to find anomalies in critical infrastructure control networks such as supervisory control and data acquisition (SCADA) networks. As anomalous events occur rarely in a system and SCADA systems’ topology and actions do not change often, we argue that some anomalies can be detected using rare sequential pattern mining. This anomaly detection would be useful for intrusion detection or erroneous behaviour of a system. Although research into rare itemsets mining previously exists, neither research into rare sequential pattern mining nor its applicability to SCADA system anomaly detection has previously been completed. Moreover, since there is no consideration to events order, the applicability to intrusion detection in SCADA is minimal. By ensuring the events’ order is maintained, in this paper, we propose a novel Rare Sequential Pattern Mining (RSPM) technique which is a useful anomaly detection system for SCADA. We compared our algorithm with a rare itemset mining algorithm and found anomalous events in SCADA logs.

For exponentiation function modulo a composite $$f_{g,N}(x)=g^x \mod N$$fg,N(x)=gxmodN, where $$|N|=n$$|N|=n, an elegant algorithm is constructed by Goldreich and Rosen to reprove that the upper and lower half bits of this function are simultaneously hard separately under the factoring intractability assumption. Here we improve their algorithm to reduce the time by a factor $$\mathcal {O}(\log n\epsilon ^{-1})$$O(lognϵ-1). If error probability $$\frac{1}{2^{(1-1/2c)m}}$$12(1-1/2c)m is tolerated, the reduced factor could be $$\mathcal {O}((n\epsilon ^{-1})^{1/2c})$$O((nϵ-1)1/2c) for a constant $$c\ge 2$$c≥2.

The cloud can be used to outsource data storage or data computation. Data computation outsourcing enables to move computationally expensive operations outside a mobile device. Many pairing-based cryptographic schemes are designed to enable documents’ encryption while fulfilling some defined security requirements. In practice, client applications should be implemented for mobile devices. Their computational capabilities are significantly lower than standard computers. Thus, advanced cryptographic calculations, like bilinear pairing calculation, might take too much time for a good user experience. In this paper, we analyse the possibilities to securely outsource bilinear pairings computation from a mobile device to possibly dishonest servers. Several test scenarios were implemented. Also, we have modified one of the pairing-based schemes that allows to encrypt and decrypt documents and we have created its secure outsourced version. Next, we have tested execution times of encryption and decryption algorithms of the original scheme and its outsourced version. The tests were conducted using different outsourcing models. The execution times showing time spent on the mobile device and the server are presented and discussed. The tests have shown that in certain conditions outsourcing bilinear pairing calculation can speed up overall computation time. Also, it simplifies implementation on different mobile operating systems.

Bloom filter is a bit array (a one-dimensional storage structure) that provides a compact representation for a set of data, which can be used to answer the membership query in an efficient manner with possible false positives. It has a lot of applications in many areas. In this paper, we further improve Bloom filter by proposing the use of multi-dimensional matrix to replace the one-dimensional structure. Based on our N-dimensional matrix structure, we propose four kinds of filter implementation, namely OFFF, ZFFF, WOFF, FFF (we refer it as Feng Filter). We prove that the false positive rate of our method is lower than the traditional one-dimensional Bloom filter. We also present the detailed implementation of our proposed filter. The traditional Bloom filter can be regarded as a special case of the Feng Filter.