7,689 research outputs found
CONDOR: A Hybrid IDS to Offer Improved Intrusion Detection
Intrusion Detection Systems are an accepted and very
useful option to monitor, and detect malicious activities.
However, Intrusion Detection Systems have inherent limitations which lead to false positives and false negatives; we propose that combining signature and anomaly based IDSs should be examined. This paper contrasts signature and anomaly-based IDSs, and critiques some proposals about hybrid IDSs with signature and heuristic capabilities, before considering some of their contributions in order to include them as main features of a new hybrid IDS named CONDOR (COmbined Network intrusion Detection ORientate), which is designed to offer superior pattern analysis and anomaly detection by reducing false positive rates and administrator intervention
An Efficient Fog-Assisted Unstable Sensor Detection Scheme with Privacy Preserved
The Internet of Thing (IoT) has been a hot topic in both research community
and industry. It is anticipated that in future IoT, an enormous number of
sensors will collect the physical information every moment to enable the
control center making better decisions to improve the quality of service (QoS).
However, the sensors maybe faulty and thus generate inaccurate data which would
compromise the decision making. To guarantee the QoS, the system should be able
to detect faulty sensors so as to eliminate the damages of inaccurate data.
Various faulty sensor detection mechanisms have been developed in the context
of wireless sensor network (WSN). Some of them are only fit for WSN while the
others would bring a communication burden to control center. To detect the
faulty sensors for general IoT applications and save the communication resource
at the same time, an efficient faulty sensor detection scheme is proposed in
this paper. The proposed scheme takes advantage of fog computing to save the
computation and communication resource of control center. To preserve the
privacy of sensor data, the Paillier Cryptosystem is adopted in the fog
computing. The batch verification technique is applied to achieve efficient
authentication. The performance analyses are presented to demonstrate that the
proposed detection scheme is able to conserve the communication resource of
control center and achieve a high true positive ratio while maintaining an
acceptable false positive ratio. The scheme could also withstand various
security attacks and preserve data privacy.Comment: 11 pages, 5 figure
Delegating Private Quantum Computations
We give a protocol for the delegation of quantum computation on encrypted
data. More specifically, we show that in a client-server scenario, where the
client holds the encryption key for an encrypted quantum register held by the
server, it is possible for the server to perform a universal set of quantum
gates on the quantum data. All Clifford group gates are non-interactive, while
the remaining non-Clifford group gate that we implement (the p/8 gate) requires
the client to prepare and send a single random auxiliary qubit (chosen among
four possibilities), and exchange classical communication. This construction
improves on previous work, which requires either multiple auxiliary qubits or
two-way quantum communication. Using a reduction to an entanglement-based
protocol, we show privacy against any adversarial server according to a
simulation-based security definition.Comment: 13 pages, 15 figures. This paper focuses on the theory contribution
of arXiv:1309.258
Secure Mobile Identities
The unique identities of every mobile user (phone number,IMSI) and device
(IMEI) are far from secure and are increasingly vulnerable to a variety of
network-level threats. The exceedingly high reliance on the weak SIM
authentication layer does not present any notion of end-to-end security for
mobile users. We propose the design and implementation of Secure Mobile
Identities (SMI), a repetitive key-exchange protocol that uses this weak SIM
authentication as a foundation to enable mobile users to establish stronger
identity authenticity. The security guarantees of SMI are directly reliant on
the mobility of users and are further enhanced by external trusted entities
providing trusted location signatures (e.g. trusted GPS, NFC synchronization
points). In this paper, we demonstrate the efficacy of our protocol using an
implementation and analysis across standard mobility models
Recommended from our members
Multimedia delivery in the future internet
The term “Networked Media” implies that all kinds of media including text, image, 3D graphics, audio
and video are produced, distributed, shared, managed and consumed on-line through various networks,
like the Internet, Fiber, WiFi, WiMAX, GPRS, 3G and so on, in a convergent manner [1]. This white
paper is the contribution of the Media Delivery Platform (MDP) cluster and aims to cover the Networked
challenges of the Networked Media in the transition to the Future of the Internet.
Internet has evolved and changed the way we work and live. End users of the Internet have been confronted
with a bewildering range of media, services and applications and of technological innovations concerning
media formats, wireless networks, terminal types and capabilities. And there is little evidence that the pace
of this innovation is slowing. Today, over one billion of users access the Internet on regular basis, more
than 100 million users have downloaded at least one (multi)media file and over 47 millions of them do so
regularly, searching in more than 160 Exabytes1 of content. In the near future these numbers are expected
to exponentially rise. It is expected that the Internet content will be increased by at least a factor of 6, rising
to more than 990 Exabytes before 2012, fuelled mainly by the users themselves. Moreover, it is envisaged
that in a near- to mid-term future, the Internet will provide the means to share and distribute (new)
multimedia content and services with superior quality and striking flexibility, in a trusted and personalized
way, improving citizens’ quality of life, working conditions, edutainment and safety.
In this evolving environment, new transport protocols, new multimedia encoding schemes, cross-layer inthe
network adaptation, machine-to-machine communication (including RFIDs), rich 3D content as well as
community networks and the use of peer-to-peer (P2P) overlays are expected to generate new models of
interaction and cooperation, and be able to support enhanced perceived quality-of-experience (PQoE) and
innovative applications “on the move”, like virtual collaboration environments, personalised services/
media, virtual sport groups, on-line gaming, edutainment. In this context, the interaction with content
combined with interactive/multimedia search capabilities across distributed repositories, opportunistic P2P
networks and the dynamic adaptation to the characteristics of diverse mobile terminals are expected to
contribute towards such a vision.
Based on work that has taken place in a number of EC co-funded projects, in Framework Program 6 (FP6)
and Framework Program 7 (FP7), a group of experts and technology visionaries have voluntarily
contributed in this white paper aiming to describe the status, the state-of-the art, the challenges and the way
ahead in the area of Content Aware media delivery platforms
Barcoding-free BAC Pooling Enables Combinatorial Selective Sequencing of the Barley Gene Space
We propose a new sequencing protocol that combines recent advances in
combinatorial pooling design and second-generation sequencing technology to
efficiently approach de novo selective genome sequencing. We show that
combinatorial pooling is a cost-effective and practical alternative to
exhaustive DNA barcoding when dealing with hundreds or thousands of DNA
samples, such as genome-tiling gene-rich BAC clones. The novelty of the
protocol hinges on the computational ability to efficiently compare hundreds of
million of short reads and assign them to the correct BAC clones so that the
assembly can be carried out clone-by-clone. Experimental results on simulated
data for the rice genome show that the deconvolution is extremely accurate
(99.57% of the deconvoluted reads are assigned to the correct BAC), and the
resulting BAC assemblies have very high quality (BACs are covered by contigs
over about 77% of their length, on average). Experimental results on real data
for a gene-rich subset of the barley genome confirm that the deconvolution is
accurate (almost 70% of left/right pairs in paired-end reads are assigned to
the same BAC, despite being processed independently) and the BAC assemblies
have good quality (the average sum of all assembled contigs is about 88% of the
estimated BAC length)
Providing distributed certificate authority service in mobile ad hoc networks
In this paper, we propose an architecture for providing distributed Certificate Authority (CA) service in Mobile Ad Hoc Networks (MANET), based on threshold cryptography. We have two major contributions: 1) we make use of the cluster structure to provide CA service, and design a scheme for locating CA server nodes in MANET; 2) we provide a proactive secret share update protocol, which periodically updates CA secret shares with low system overhead. Compared with existing approaches, our CA architecture provides faster CA services to user nodes at reduced system overhead. © 2005 IEEE.published_or_final_versio
PACT: Privacy Sensitive Protocols and Mechanisms for Mobile Contact Tracing
The global health threat from COVID-19 has been controlled in a number of
instances by large-scale testing and contact tracing efforts. We created this
document to suggest three functionalities on how we might best harness
computing technologies to supporting the goals of public health organizations
in minimizing morbidity and mortality associated with the spread of COVID-19,
while protecting the civil liberties of individuals. In particular, this work
advocates for a third-party free approach to assisted mobile contact tracing,
because such an approach mitigates the security and privacy risks of requiring
a trusted third party. We also explicitly consider the inferential risks
involved in any contract tracing system, where any alert to a user could itself
give rise to de-anonymizing information.
More generally, we hope to participate in bringing together colleagues in
industry, academia, and civil society to discuss and converge on ideas around a
critical issue rising with attempts to mitigate the COVID-19 pandemic.Comment: 22 pages, 2 figure
EPDA: Enhancing Privacy-Preserving Data Authentication for Mobile Crowd Sensing
As a popular application, mobile crowd sensing systems aim at providing more
convenient service via the swarm intelligence. With the popularity of
sensor-embedded smart phones and intelligent wearable devices, mobile crowd
sensing is becoming an efficient way to obtain various types of sensing data
from individuals, which will make people's life more convenient. However,
mobile crowd sensing systems today are facing a critical challenge, namely the
privacy leakage of the sensitive information and valuable data, which can raise
grave concerns among the participants. To address this issue, we propose an
enhanced secure certificateless privacy-preserving verifiable data
authentication scheme for mobile crowd sensing, named EPDA. The proposed scheme
provides unconditional anonymous data authentication service for mobile crowd
sensing, by deploying an improved certificateless ring signature as the
cryptogram essential, in which the big sensing data should be signed by one of
legitimate members in a specific group and could be verified without exposing
the actual identity of the participant. The formal security proof demonstrates
that EPDA is secure against existential forgery under adaptive chosen message
and identity attacks in random oracle model. Finally, extensive simulations are
conducted. The results show that the proposed EPDA efficiently decreases
computational cost and time consumption in the sensing data authentication
process
A Survey on Software-Defined VANETs: Benefits, Challenges, and Future Directions
The evolving of Fifth Generation (5G) networks isbecoming more readily
available as a major driver of the growthof new applications and business
models. Vehicular Ad hocNetworks (VANETs) and Software Defined Networking
(SDN)represent the key enablers of 5G technology with the developmentof next
generation intelligent vehicular networks and applica-tions. In recent years,
researchers have focused on the integrationof SDN and VANET, and look at
different topics related to thearchitecture, the benefits of software-defined
VANET servicesand the new functionalities to adapt them. However, securityand
robustness of the complete architecture is still questionableand have been
largely negleted. Moreover, the deployment andintegration of novel entities and
several architectural componentsdrive new security threats and
vulnerabilities.In this paper, first we survey the state-of-the-art SDN
basedVehicular ad-hoc Network (SDVN) architectures for their net-working
infrastructure design, functionalities, benefits, and chal-lenges. Then we
discuss these SDVN architectures against majorsecurity threats that violate the
key security services such asavailability, confidentiality, authentication, and
data integrity.We also propose different countermeasures to these
threats.Finally, we discuss the lessons learned with the directions offuture
research work towards provisioning stringent security andprivacy solutions in
future SDVN architectures. To the best of ourknowledge, this is the first
comprehensive work that presents sucha survey and analysis on SDVNs in the era
of future generationnetworks (e.g., 5G, and Information centric networking)
andapplications (e.g., intelligent transportation system, and IoT-enabled
advertising in VANETs).Comment: 17 pages, 2 figure
- …