282 research outputs found
Privacy-aware Security Applications in the Era of Internet of Things
In this dissertation, we introduce several novel privacy-aware security applications. We split these contributions into three main categories: First, to strengthen the current authentication mechanisms, we designed two novel privacy-aware alternative complementary authentication mechanisms, Continuous Authentication (CA) and Multi-factor Authentication (MFA). Our first system is Wearable-assisted Continuous Authentication (WACA), where we used the sensor data collected from a wrist-worn device to authenticate users continuously. Then, we improved WACA by integrating a noise-tolerant template matching technique called NTT-Sec to make it privacy-aware as the collected data can be sensitive. We also designed a novel, lightweight, Privacy-aware Continuous Authentication (PACA) protocol. PACA is easily applicable to other biometric authentication mechanisms when feature vectors are represented as fixed-length real-valued vectors. In addition to CA, we also introduced a privacy-aware multi-factor authentication method, called PINTA. In PINTA, we used fuzzy hashing and homomorphic encryption mechanisms to protect the users\u27 sensitive profiles while providing privacy-preserving authentication. For the second privacy-aware contribution, we designed a multi-stage privacy attack to smart home users using the wireless network traffic generated during the communication of the devices. The attack works even on the encrypted data as it is only using the metadata of the network traffic. Moreover, we also designed a novel solution based on the generation of spoofed traffic. Finally, we introduced two privacy-aware secure data exchange mechanisms, which allow sharing the data between multiple parties (e.g., companies, hospitals) while preserving the privacy of the individual in the dataset. These mechanisms were realized with the combination of Secure Multiparty Computation (SMC) and Differential Privacy (DP) techniques. In addition, we designed a policy language, called Curie Policy Language (CPL), to handle the conflicting relationships among parties.
The novel methods, attacks, and countermeasures in this dissertation were verified with theoretical analysis and extensive experiments with real devices and users. We believe that the research in this dissertation has far-reaching implications on privacy-aware alternative complementary authentication methods, smart home user privacy research, as well as the privacy-aware and secure data exchange methods
Efficient Robust Secret Sharing from Expander Graphs
Threshold secret sharing is a protocol that allows a dealer to share a secret among players so that any coalition of players learns nothing about the secret, but any players can reconstruct the secret in its entirety.
Robust secret sharing (RSS) provides the additional guarantee that even if malicious players mangle their shares, they cannot cause the honest players to reconstruct an incorrect secret.
When , RSS is known to be impossible, but for much less is known.
When previous RSS protocols could either achieve optimal share size with inefficient (exponential time) reconstruction procedures, or sub-optimal share size with polynomial time reconstruction.
In this work, we construct a simple RSS protocol for that achieves logarithmic overhead in terms of share size and simultaneously allows efficient reconstruction. Our shares size increases by an additive term of , and reconstruction succeeds except with probability at most . This provides a partial solution to a problem posed by Cevallos et al. in Eurocrypt 2012. Namely, when we show that the share size in RSS schemes do not require an overhead that is linear in .
Previous efficient RSS protocols like that of Rabin and Ben-Or (STOC \u2789) and Cevallos et al. (Eurocrypt \u2712) use MACs to allow each player to check the shares of each other player in the protocol. These checks provide robustness, but require significant overhead in share size. Our construction identifies the players as nodes in an expander graph, each player only checks its neighbors in the expander graph.
When , the concurrent, independent work of Cramer et al. (Eurocrypt \u2715) shows how to achieve shares that \emph{decrease} with the number of players using completely different techniques
Deep Neural Network Solution for Detecting Intrusion in Network
In our experiment, we found that deep learning surpassed machine learning when utilizing the DSSTE algorithm to sample imbalanced training set samples. These methods excel in terms of throughput due to their complex structure and ability to autonomously acquire relevant features from a dataset. The current study focuses on employing deep learning techniques such as RNN and Deep-NN, as well as algorithm design, to aid network IDS designers. Since public datasets already preprocess the data features, deep learning is unable to leverage its automatic feature extraction capability, limiting its ability to learn from preprocessed features. To harness the advantages of deep learning in feature extraction, mitigate the impact of imbalanced data, and enhance classification accuracy, our approach involves directly applying the deep learning model for feature extraction and model training on the existing network traffic data. By doing so, we aim to capitalize on deep learning's benefits, improving feature extraction, reducing the influence of imbalanced data, and enhancing classification accuracy
Quantum Cryptography Beyond Quantum Key Distribution
Quantum cryptography is the art and science of exploiting quantum mechanical
effects in order to perform cryptographic tasks. While the most well-known
example of this discipline is quantum key distribution (QKD), there exist many
other applications such as quantum money, randomness generation, secure two-
and multi-party computation and delegated quantum computation. Quantum
cryptography also studies the limitations and challenges resulting from quantum
adversaries---including the impossibility of quantum bit commitment, the
difficulty of quantum rewinding and the definition of quantum security models
for classical primitives. In this review article, aimed primarily at
cryptographers unfamiliar with the quantum world, we survey the area of
theoretical quantum cryptography, with an emphasis on the constructions and
limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference
Stimulating cooperative behavior of autonomous devices - an analysis of requirements and existing approaches
In the context of mobile and wireless devices, an information
system is no longer a centralized component storing all the
relevant data nor is it a decentralized component governed by a
common authority. Rather, the information spread across huge
numbers of autonomous mobile and wireless devices owned by
independent organizations and individuals can be regarded as a
highly dynamic, virtual information system. For this vision to
become reality, the autonomous devices involved need to be
motivated to cooperate. This cooperation needs to occur not only
on the application layer, but, depending on the network
architecture, also on the lower layers from the link layer on
upwards. In this report, we investigate on which protocol layers
cooperation is needed and what constitutes uncooperative behavior.
We then identify necessary properties of incentive schemes that
encourage cooperation and discourage uncooperative behavior. In
this context, we examine remuneration types that are a major
constituent of incentive schemes. Finally, using the example of
ad hoc networks, the most challenging technical basis of a
wireless information system, we compare existing incentive
schemes to these characteristics
Implementing Homomorphic Encryption Based Secure Feedback Control for Physical Systems
This paper is about an encryption based approach to the secure implementation
of feedback controllers for physical systems. Specifically, Paillier's
homomorphic encryption is used to digitally implement a class of linear dynamic
controllers, which includes the commonplace static gain and PID type feedback
control laws as special cases. The developed implementation is amenable to
Field Programmable Gate Array (FPGA) realization. Experimental results,
including timing analysis and resource usage characteristics for different
encryption key lengths, are presented for the realization of an inverted
pendulum controller; as this is an unstable plant, the control is necessarily
fast
- …