A privacy-preserving fuzzy interest matching protocol for friends finding in social networks

Nowadays, it is very popular to make friends, share photographs, and exchange news throughout social networks. Social networks widely expand the area of people’s social connections and make communication much smoother than ever before. In a social network, there are many social groups established based on common interests among persons, such as learning group, family group, and reading group. People often describe their profiles when registering as a user in a social network. Then social networks can organize these users into groups of friends according to their profiles. However, an important issue must be considered, namely many users’ sensitive profiles could have been leaked out during this process. Therefore, it is reasonable to design a privacy-preserving friends-finding protocol in social network. Toward this goal, we design a fuzzy interest matching protocol based on private set intersection. Concretely, two candidate users can first organize their profiles into sets, then use Bloom filters to generate new data structures, and finally find the intersection sets to decide whether being friends or not in the social network. The protocol is shown to be secure in the malicious model and can be useful for practical purposes.Peer ReviewedPostprint (author's final draft

SOFIR: Securely Outsourced Forensic Image Recognition

Forensic image recognition tools are used by law enforcement agencies all over the world to automatically detect illegal images on confiscated equipment. This detection is commonly done with the help of a strictly confidential database consisting of hash values of known illegal images. To detect and mitigate the distribution of illegal images, for instance in network traffic of companies or Internet service providers, it is desirable to outsource the recognition of illegal images to these companies. However, law enforcement agencies want to keep their hash databases secret at all costs as an unwanted release may result in misuse which could ultimately render these databases useless.\ud We present SOFIR, a tool for the Secure Outsourcing of Forensic Image Recognition allowing companies and law enforcement agencies to jointly detect illegal network traffic at its source, thus facilitating immediate regulatory actions. SOFIR cryptographically hides the hash database from the involved companies. At fixed intervals, SOFIR sends out an encrypted report to the law enforcement agency that only contains the number of found illegal images in the given interval, while otherwise keeping the company’s legal network traffic private. Our experimental results show the effectiveness and practicality of our approach in the real-world

In-packet Bloom filters: Design and networking applications

The Bloom filter (BF) is a well-known space-efficient data structure that answers set membership queries with some probability of false positives. In an attempt to solve many of the limitations of current inter-networking architectures, some recent proposals rely on including small BFs in packet headers for routing, security, accountability or other purposes that move application states into the packets themselves. In this paper, we consider the design of such in-packet Bloom filters (iBF). Our main contributions are exploring the design space and the evaluation of a series of extensions (1) to increase the practicality and performance of iBFs, (2) to enable false-negative-free element deletion, and (3) to provide security enhancements. In addition to the theoretical estimates, extensive simulations of the multiple design parameters and implementation alternatives validate the usefulness of the extensions, providing for enhanced and novel iBF networking applications.Comment: 15 pages, 11 figures, preprint submitted to Elsevier COMNET Journa

Use of Information Centric Network (ICN) as a viable Alternative to Traditional IP Network in Forwarding Mechanism: A Practical Approach to Preventing DoS using Bloom Filter Packet Forwarding

This paper focuses on identifying the benefits of using ICN network as an alternative to forwarding mechanism in place of the traditional IP network. The ICN network uses an In-packet Bloom filter as the forwarding identifier, where a complete analysis of the false positive probability is carried out. The formulas used in the false positive analysis include the classical formula, Bose formula and the experimental formula. However, this work does not involve the actual implementation of the Bloom filters on the router, but rather an explanation of the possibility is given. In the experimental program, we used MATLAB to generate a set of links and encode them as Bloom filters and used a function known as setdiff, which extracts the number of links to be tested from the actual links array. Keywords: Information Centric Network (ICN), IP Network, DoS, DDoS, TCP/IP Protocol Suite

Scalability Analysis of Signatures in Transactional Memory Systems

Signatures have been proposed in transactional memory systems to represent read and write sets and to decouple transaction conflict detection from private caches or to accelerate it. Generally, signatures are implemented as Bloom filters that allow unbounded read/write sets to be summarized in bounded space at the cost of false conflict detection. It is known that this behavior has great impact in parallel performance. In this work, a scalability study of state-of-the-art signature designs is presented, for different orthogonal transactional characteristics, including contention, length, concurrency and spatial locality. This study was accomplished using the Stanford EigenBench benchmark. This benchmark was modified to support spatial locality analysis using a Zipf address distribution. Experimental evaluation on a hardware transactional memory simulator shows the impact of those parameters in the behavior of state-of-the-art signatures.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tech