IEEE 2017-2018 Network Security Projects in DotNet
Tons of online user behavior data are being generated every day on the booming and ubiquitous Internet. Growing efforts have been devoted to mining the abundant behavior data to extract valuable information for research purposes or business interests. However, online users' privacy is thus under the risk of being exposed to third-parties. The last decade has witnessed a body of research works trying to perform data aggregation in a privacy-preserving way. Most of existing methods guarantee strong privacy protection yet at the cost of very limited aggregation operations, such as allowing only summation, which hardly satisfies the need of behavior analysis. In this paper, we propose a scheme PPSA, which encrypts users' sensitive data to prevent privacy disclosure from both outside analysts and the aggregation service provider, and fully supports selective aggregate functions for online user behavior analysis while guaranteeing differential privacy. We have implemented our method and evaluated its performance using a trace-driven evaluation based on a real online behavior dataset. Experiment results show that our scheme effectively supports both overall aggregate queries and various selective aggregate queries with acceptable computation and communication overheads.
With the advances of machine learning algorithms and the pervasiveness of network terminals, the online medical prediagnosis system, which can provide the diagnosis of healthcare provider anywhere anytime, has attracted considerable interest recently. However, the flourish of online medical prediagnosis system still faces many challenges including information security and privacy preservation. In this paper, we propose an e fficient and privacy-preserving online medical prediagnosis framework, called eDiag, by using nonlinear kernel support vector machine (SVM). With eDiag, the sensitive personal health information can be processed without privacy disclosure during online prediagnosis service. Specifically, based on an improved expression for the nonlinear SVM, an efficient and privacy-preserving classification scheme is introduced with lightweight multiparty random masking and polynomial aggregation techniques. The encrypted user query is directly operated at the service provider without decryption, and the diagnosis result can only be decrypted by user. Through extensive analysis, we show that eDiag can ensure that users' health information and healthcare provider's prediction model are kept confidential, and has significantly less computation and communication overhead than existing schemes. In addition, performance evaluations via implementing eDiag on smartphone and computer demonstrate eDiag's effectiveness in term of real online environment.
Online social networks (OSNs) gradually integrate financial capabilities by enabling the usage of real and virtual currency. They serve as new platforms to host a variety of business activities, such as online promotion events, where users can possibly get virtual currency as rewards by participating in such events. Both OSNs and business partners are significantly concerned when attackers instrument a set of accounts to collect virtual currency from these events, which make these events ineffective and result in significant financial loss. It becomes of great importance to proactively detecting these malicious accounts before the online promotion activities and subsequently decreases their priority to be rewarded. In this paper, we propose a novel system, namely ProGuard, to accomplish this objective by systematically integrating features that characterize accounts from three perspectives including their general behaviors, their recharging patterns, and the usage of their currency. We have performed extensive experiments based on data collected from the Tencent QQ, a global leading OSN with built-in financial management activities. Experimental results have demonstrated that our system can accomplish a high detection rate of 96.67% at a very low false positive rate of 0.3%
This paper proposes a novel reversible image data hiding scheme over encrypted domain. Data embedding is achieved through a public key modulation mechanism, in which access to the secret encryption key is not needed. At the decoder side, a powerful two-class SVM classifier is designed to distinguish encrypted and nonencrypted image patches, allowing us to jointly decode the embedded message and the original image signal. Compared with the state-of-the-art methods, the proposed approach provides higher embedding capacity and is able to perfectly reconstruct the original image as well as the embedded message. Extensive experimental results are provided to validate the superior performance of our scheme.
To support the ever-increasing data traffic demands, the Internet has been experiencing a rapid growth in recent decades. Effective and efficient monitoring is highly needed in order to properly manage such complex infrastructure. It is of theoretical and practical significance to derive network device importance (i.e., node rank) for resource utilization optimization, user experience improvement, and security enhancement. Recent development in the Internet infrastructure has introduced prosperous in-network computation resources across the network. To exploit such distributed resources, in this article, we propose a core-graphbased framework, called FRank, for fast node ranking algorithms, which accelerates convergence and reduces communication cost by converting most inter-partition state change propagations into intra-partition ones. We have implemented FRank in a cluster to validate its correctness and efficiency. The experiment results demonstrate that at the least FRank reduces the execution time of existing cutting-edge methods by 30.2 percent with 43.5 percent less communication cost.
Content-based image retrieval (CBIR) applications have been rapidly developed along with the increase in the quantity, availability and importance of images in our daily life. However, the wide deployment of CBIR scheme has been limited by its the severe computation and storage requirement. In this paper, we propose a privacy-preserving content-based image retrieval scheme, which allows the data owner to outsource the image database and CBIR service to the cloud, without revealing the actual content of the database to the cloud server. Local features are utilized to represent the images, and earth mover’s distance (EMD) is employed to evaluate the similarity of images. The EMD computation is essentially a linear programming (LP) problem. The proposed scheme transforms the EMD problem in such a way that the cloud server can solve it without learning the sensitive information. In addition, local sensitive hash (LSH) is utilized to improve the search efficiency. The security analysis and experiments show the security and efficiency of the proposed scheme.
With a profusion of network applications, traffic classification plays a crucial role in network management and policy-based security control. The widely used encryption transmission protocols, such as the secure socket layer/transport layer security (SSL/TLS) protocols, lead to the failure of traditional payload-based classification methods. Existing methods for encrypted traffic classification cannot achieve high discrimination accuracy for applications with similar fingerprints. In this paper, we propose an attribute-aware encrypted traffic classification method based on the second-order Markov Chains. We start by exploring approaches that can further improve the performance of existing methods in terms of discrimination accuracy, and make promising observations that the application attribute bigram, which consists of the certificate packet length and the first application data size in SSL/TLS sessions, contributes to application discrimination. To increase the diversity of application fingerprints, we develop a new method by incorporating the attribute bigrams into the second-order homogeneous Markov chains. Extensive evaluation results show that the proposed method can improve the classification accuracy by 29% on the average compared with the state-of-the-art Markov-based method.
Shoulder surfing or adversarial eavesdropping to infer users' keystrokes on physical QWERTY keyboards continues to be a serious privacy threat. Despite this, practical and efficient countermeasures against such attacks are still lacking. In this paper, we propose keyboard randomization as a simple, yet effective, countermeasure against various types of keystroke inference attacks. Our proposal consists of several keyboard randomization strategies which randomizes or changes the position of keys on the keyboard. The randomized keyboard is then projected to the typing user by means of an augmented reality wearable device. As the randomized keyboard is visually superimposed over the actual physical keyboard, and is visible only to the typing user through the augmented reality device, it acts as an effective countermeasure against both side-channel and visual-channel based keystroke inference attacks. We implement our proposed solution on a commercially available augmented reality device and conduct preliminary evaluations to validate its performance and effectiveness.
Secret key generation by extracting the shared randomness in a wireless fading channel is a promising way to ensure wireless communication security. Previous studies only consider key generation in static networks, but real-world key establishments are usually dynamic. In this paper, for the first time, we investigate the pairwise key generation in dynamic wireless networks with a center node and random arrival users (e.g., roadside units (RSUs) with vehicles). We establish the key generation model for these kinds of networks. We propose a method based on discrete Markov chain to calculate the average time a user will spend on waiting and completing the key generation, called average key generation delay (AKGD). Our method can tackle both serial and parallel key generation scheduling under various conditions. We propose a novel scheduling method, which exploits wireless broadcast characteristic to reduce AKGD and probing energy. We conduct extensive simulations to show the effectiveness of our model and method. The analytical and simulation results match each other.
Mobile specific webpages differ significantly from their desktop counterparts in content, layout and functionality. Accordingly, existing techniques to detect malicious websites are unlikely to work for such webpages. In this paper, we design and implement kAYO, a mechanism that distinguishes between malicious and benign mobile webpages. kAYO makes this determination based on static features of a webpage ranging from the number of iframes to the presence of known fraudulent phone numbers. First, we experimentally demonstrate the need for mobile specific techniques and then identify a range of new static features that highly correlate with mobile malicious webpages.We then apply kAYO to a dataset of over 350,000 known benign and malicious mobile webpages and demonstrate 90% accuracy in classification. Moreover, we discover, characterize and report a number of webpages missed by Google Safe Browsing and VirusTotal, but detected by kAYO. Finally, we build a browser extension using kAYO to protect users from malicious mobile websites in real-time. In doing so, we provide the first static analysis technique to detect malicious mobile webpages.
Security problems have become obstacles in the practical application of wireless sensor networks (WSNs), and intrusion detection is the second line of defense. In this paper, an intrusion detection based on dynamic state context and hierarchical trust in WSNs is proposed, which is flexible and suitable for constantly changing WSNs characterized by changes in the perceptual environment, transitions of states of nodes, and variations in trust value. A multidimensional two-tier hierarchical trust mechanism in the level of sensor nodes (SNs) and cluster heads (CHs) considering interactive trust, honesty trust, and content trust is put forward, which combines direct evaluation and feedback-based evaluation in the fixed hop range. This means that the trust of SNs is evaluated by CHs, and the trust of CHs is evaluated by neighbor CHs and BS; in this way, the complexity of evaluation is reduced without evaluations by all other CHs in networks. Meanwhile, the intrusion detection mechanism based on a self-adaptive dynamic trust threshold is described, which improves the flexibility and applicability and is suitable for cluster-based WSNs. The experiment simulation and evaluation indicate that the mechanism we proposed outperforms the existing typical system in malicious detection and resource overhead.
We investigate the physical layer security in cooperative wireless networks where a source (Alice) transmits a confidential message to a destination (Bob) with the help of a cooperative node (Charlie), in the presence of an eavesdropper (Eve). Cooperative transmission is explored to secure communication between Alice and Bob, while ensuring the desired quality of service (QoS) at Charlie's receiver. We provide a transmit design for outage constrained secrecy rate maximization, taking both security and QoS constraints into account. Unlike the conventional cooperative security that adopts a fixed transmission scheme, we propose a mechanism for transmit strategy adaptation with security protection. Specifically, the proposed cooperative transmission is replaced by a cooperative jamming scheme if either security or QoS constraint is not satisfied. Numerical results confirm that our design enables dynamic transmission, and thus is flexible and environment-adaptive.
Recognizing information about the origin of a digital image has been individuated as a crucial task to be tackled by the image forensic scientific community. Understanding something on the previous history of an image could be strategic to address any successive assessment to be made on it: knowing the kind of device used for acquisition or, better, the model of the camera could focus investigations in a specific direction. Sometimes just revealing that a determined post-processing, such as an interpolation or a filtering, has been performed on an image could be of fundamental importance to go back to its provenance. This paper locates in such a context and proposes an innovative method to inquire if an image derives from a social network and, in particular, try to distinguish from, which one has been downloaded. The technique is based on the assumption that each social network applies a peculiar and mostly unknown manipulation that, however, leaves some distinctive traces on the image; such traces can be extracted to feature every platform. By resorting at trained classifiers, the presented methodology is satisfactorily able to discern different social network origins. Experimental results carried out on diverse image datasets and in various operative conditions witness that such a distinction is possible. In addition, the proposed method is also able to go back to the original JPEG quality factor the image had before being uploaded on a social network.
In this article, we review the state of the art of privacy-preserving schemes for ad hoc social networks, including, mobile social networks (MSNs) and vehicular social networks (VSNs). Specifically, we select and in-detail examine thirty-three privacy-preserving schemes developed for or applied in the context of ad hoc social networks. Based on novel schemes published between 2008 and 2016, we survey privacy preservation models, including location privacy, identity privacy, anonymity, traceability, interest privacy, backward privacy, and content oriented privacy. Recent significant attacks of leaking privacy, countermeasures, and game theoretic approaches in VSNs and MSNs are summarized in form of tables. In addition, an overview of recommendations for further research is also provided. With this survey, readers can acquire a thorough understanding of research trends in privacy-preserving schemes for ad hoc social networks.