5,052 research outputs found
Tree-formed Verification Data for Trusted Platforms
The establishment of trust relationships to a computing platform relies on
validation processes. Validation allows an external entity to build trust in
the expected behaviour of the platform based on provided evidence of the
platform's configuration. In a process like remote attestation, the 'trusted'
platform submits verification data created during a start up process. These
data consist of hardware-protected values of platform configuration registers,
containing nested measurement values, e.g., hash values, of loaded or started
components. Commonly, the register values are created in linear order by a
hardware-secured operation. Fine-grained diagnosis of components, based on the
linear order of verification data and associated measurement logs, is not
optimal. We propose a method to use tree-formed verification data to validate a
platform. Component measurement values represent leaves, and protected
registers represent roots of a hash tree. We describe the basic mechanism of
validating a platform using tree-formed measurement logs and root registers and
show an logarithmic speed-up for the search of faults. Secure creation of a
tree is possible using a limited number of hardware-protected registers and a
single protected operation. In this way, the security of tree-formed
verification data is maintained.Comment: 15 pages, 11 figures, v3: Reference added, v4: Revised, accepted for
publication in Computers and Securit
Secure Data Provenance in Home Energy Monitoring Networks
Smart grid empowers home owners to efficiently manage their smart home appliances within a Home Area Network (HAN), by real time monitoring and fine-grained control. However, it offers the possibility for a malicious user to intrude into the HAN and deceive the smart metering system with fraudulent energy usage report. While most of the existing works have focused on how to prevent data tampering in HAN's communication channel, this paper looks into a relatively less studied security aspect namely data provenance. We propose a novel solution based on Shamir's secret sharing and threshold cryptography to guarantee that the reported energy usage is collected from the specific appliance as claimed at a particular location, and that it reflects the real consumption of the energy. A byproduct of the proposed security solution is a guarantee of data integrity. A prototype implementation is presented to demonstrate the feasibility and practicality of the proposed solution
Auditable data structures: theory and applications
Every digital process needs to consume some data in order to work properly.
It is very common for applications to use some external data in their
processes, getting them by sources such as external APIs. Therefore, trusting
the received data becomes crucial in such scenarios, considering that if the
data are not self-produced by the consumer, the trust in the external data
source, or in the data that the source produces, can not always be taken for
granted. The most used approach to generate trust in the external source is
based on authenticated data structures, that are able to authenticate the
source when queried through the generation of proofs. Such proofs are useful to
assess authenticity or integrity, however, an external user could also be
interested in verifying the data history and its consistency. This problem
seems to be unaddressed by current literature, which proposes some approaches
aimed at executing audits by internal actors with prior knowledge about the
data structures. In this paper, we address the scenario of an external auditor
with no data knowledge that wants to verify the data history consistency. We
analyze the terminology and the current state of the art of the auditable data
structures, then we will propose a general framework to support external audits
from both internal and external users
The paradigm-shift of social spambots: Evidence, theories, and tools for the arms race
Recent studies in social media spam and automation provide anecdotal
argumentation of the rise of a new generation of spambots, so-called social
spambots. Here, for the first time, we extensively study this novel phenomenon
on Twitter and we provide quantitative evidence that a paradigm-shift exists in
spambot design. First, we measure current Twitter's capabilities of detecting
the new social spambots. Later, we assess the human performance in
discriminating between genuine accounts, social spambots, and traditional
spambots. Then, we benchmark several state-of-the-art techniques proposed by
the academic literature. Results show that neither Twitter, nor humans, nor
cutting-edge applications are currently capable of accurately detecting the new
social spambots. Our results call for new approaches capable of turning the
tide in the fight against this raising phenomenon. We conclude by reviewing the
latest literature on spambots detection and we highlight an emerging common
research trend based on the analysis of collective behaviors. Insights derived
from both our extensive experimental campaign and survey shed light on the most
promising directions of research and lay the foundations for the arms race
against the novel social spambots. Finally, to foster research on this novel
phenomenon, we make publicly available to the scientific community all the
datasets used in this study.Comment: To appear in Proc. 26th WWW, 2017, Companion Volume (Web Science
Track, Perth, Australia, 3-7 April, 2017
Tamper detection in RFID tags, using, fragile watermarking
Security and privacy are one of the two primary concerns with RFID (Radio Frequency Identification) adoption. While the mainstream RFID research is focused on solving the privacy issues, this paper focuses on security issues in general and data tampering in particular. We specifically consider the issue of detecting data tampering on the RFID tags for applications such as data integrity management. To address this issue, we present a novel fragile watermarking scheme, which embeds a fragile watermark (or pattern) in the serial number partition of the RFID tag. This pattern is verified to identify whether or not the data on the RFID tags has been tampered with. The novelty of this watermarking scheme lies in the fact that we have applied watermarking technology to RFID tags; in comparison, most of the existing watermarking schemes are limited to images, or audio or video applications. We term this scheme TamDetect because it is a tamper detection solution. TamDetect is designed such that it can be easily plugged into existing RFID middleware applications. This proposal is one of the first works that integrates watermarking and RFID technologies together. This paper provides a detailed theoretical foundation for the TamDetect solution
Recovering and restoring tampered RFID data using steganographic principles
Security is one major issue with RFID technology. Mainstream research in RFID security addresses the following security properties i.e. anonymity, confidentiality and authenticity, however it does not cater for integrity. In this paper we consider the fourth security property i.e. integrity. We try to solve the issue of data recovery after RFID data has been tampered. To address this issue, we present a novel steganographic solution, which embeds a secret pattern in the serial number partition of the RFID tag. This secret pattern is the data that we assume would most likely be the candidate for tampering, for example the manufacturer?s and products details stored on the RFID tag. The main motivation for an attacker to tamper this data would be economic benefits like low logistics cost, or quicker custom clearance, and this can only be achieved by changing product details or manufacturer details on the RFID tag. The novelty of this scheme lies in the fact that we have applied steganographic principles to RFID tags; in comparison, most of the existing steganographic solutions are limited to images, or audio, or video applications. We term this scheme ResTamp because it is restores tampered data. This paper provides a detailed theoretical foundation for the ResTamp algorithm
- …