ABAKA : a novel attribute-based k-anonymous collaborative solution for LBSs

The increasing use of mobile devices, along with advances in telecommunication systems, increased the popularity of Location-Based Services (LBSs). In LBSs, users share their exact location with a potentially untrusted Location-Based Service Provider (LBSP). In such a scenario, user privacy becomes a major con- cern: the knowledge about user location may lead to her identification as well as a continuous tracing of her position. Researchers proposed several approaches to preserve users’ location privacy. They also showed that hiding the location of an LBS user is not enough to guarantee her privacy, i.e., user’s pro- file attributes or background knowledge of an attacker may reveal the user’s identity. In this paper we propose ABAKA, a novel collaborative approach that provides identity privacy for LBS users considering users’ profile attributes. In particular, our solution guarantees p -sensitive k -anonymity for the user that sends an LBS request to the LBSP. ABAKA computes a cloaked area by collaborative multi-hop forwarding of the LBS query, and using Ciphertext-Policy Attribute-Based Encryption (CP-ABE). We ran a thorough set of experiments to evaluate our solution: the results confirm the feasibility and efficiency of our proposal

A multilabel fuzzy relevance clustering system for malware attack attribution in the edge layer of cyber-physical networks

The rapid increase in the number of malicious programs has made malware forensics a daunting task and caused users’ systems to become in danger. Timely identification of malware characteristics including its origin and the malware sample family would significantly limit the potential damage of malware. This is a more profound risk in Cyber-Physical Systems (CPSs), where a malware attack may cause significant physical damage to the infrastructure. Due to limited on-device available memory and processing power in CPS devices, most of the efforts for protecting CPS networks are focused on the edge layer, where the majority of security mechanisms are deployed. Since the majority of advanced and sophisticated malware programs are combining features from different families, these malicious programs are not similar enough to any existing malware family and easily evade binary classifier detection. Therefore, in this article, we propose a novel multilabel fuzzy clustering system for malware attack attribution. Our system is deployed on the edge layer to provide insight into applicable malware threats to the CPS network. We leverage static analysis by utilizing Opcode frequencies as the feature space to classify malware families. We observed that a multilabel classifier does not classify a part of samples. We named this problem the instance coverage problem. To overcome this problem, we developed an ensemble-based multilabel fuzzy classification method to suggest the relevance of a malware instance to the stricken families. This classifier identified samples of VirusShare, RansomwareTracker, and BIG2015 with an accuracy of 94.66%, 94.26%, and 97.56%, respectively

On the feasibility of attribute-based encryption on Internet of Things devices

Attribute-based encryption (ABE) could be an effective cryptographic tool for the secure management of Internet of Things (IoT) devices, but its feasibility in the IoT has been under-investigated thus far. This article explores such feasibility for well-known IoT platforms, namely, Intel Galileo Gen 2, Intel Edison, Raspberry pi 1 model B, and Raspberry pi zero, and concludes that adopting ABE in the IoT is indeed feasible

Intelligent conditional collaborative private data sharing

With the advent of distributed systems, secure and privacy-preserving data sharing between different entities (individuals or organizations) becomes a challenging issue. There are several real-world scenarios in which different entities are willing to share their private data only under certain circumstances, such as sharing the system logs when there is indications of cyber attack in order to provide cyber threat intelligence. Therefore, over the past few years, several researchers proposed solutions for collaborative data sharing, mostly based on existing cryptographic algorithms. However, the existing approaches are not appropriate for conditional data sharing, i.e., sharing the data if and only if a pre-defined condition is satisfied due to the occurrence of an event. Moreover, in case the existing solutions are used in conditional data sharing scenarios, the shared secret will be revealed to all parties and re-keying process is necessary. In this work, in order to address the aforementioned challenges, we propose, a “conditional collaborative private data sharing” protocol based on Identity-Based Encryption and Threshold Secret Sharing schemes. In our proposed approach, the condition based on which the encrypted data will be revealed to the collaborating parties (or a central entity) could be of two types: (i) threshold, or (ii) pre-defined policy. Supported by thorough analytical and experimental analysis, we show the effectiveness and performance of our proposal

Forensic investigation of cooperative storage cloud service: Symform as a case study

Researchers envisioned Storage as a Service (StaaS) as an effective solution to the distributed management of digital data. Cooperative storage cloud forensic is relatively new and is an under-explored area of research. Using Symform as a case study, we seek to determine the data remnants from the use of cooperative cloud storage services. In particular, we consider both mobile devices and personal computers running various popular operating systems, namely Windows 8.1, Mac OS X Mavericks 10.9.5, Ubuntu 14.04.1 LTS, iOS 7.1.2, and Android KitKat 4.4.4. Potential artefacts recovered during the research include data relating to the installation and uninstallation of the cloud applications, log-in to and log-out from Symform account using the client application, file synchronization as well as their time stamp information. This research contributes to an in-depth understanding of the types of terrestrial artifacts that are likely to remain after the use of cooperative storage cloud on client devices

A cyber-kill-chain based taxonomy of crypto-ransomware features

In spite of being just a few years old, ransomware is quickly becoming a serious threat to our digital infrastructures, data and services. Majority of ransomware families are requesting for a ransom payment to restore a custodian access or decrypt data which were encrypted by the ransomware earlier. Although the ransomware attack strategy seems to be simple, security specialists ranked ransomware as a sophisticated attack vector with many variations and families. Wide range of features which are available in different families and versions of ransomware further complicates their detection and analysis. Though the existing body of research provides significant discussions about ransomware details and capabilities, the all research body is fragmented. Therefore, a ransomware feature taxonomy would advance cyber defenders’ understanding of associated risks of ransomware. In this paper we provide, to the best of our knowledge, the first scientific taxonomy of ransomware features, aligned with Lockheed Martin Cyber Kill Chain (CKC) model. CKC is a well-established model in industry that describes stages of cyber intrusion attempts. To ease the challenge of applying our taxonomy in real world, we also provide the corresponding ransomware defence taxonomy aligned with Courses of Action matrix (an intelligence-driven defence model). We believe that this research study is of high value for the cyber security research community, as it provides the researchers with a means of assessing the vulnerabilities and attack vectors towards the intended victims

Security challenges of Internet of Underwater Things : a systematic literature review

Water covers approximately 71% of the earth surface, yet much of the underwater world remains unexplored due to technology limitations. Internet of Underwater Things (IoUT) is a network of underwater objects that enables monitoring subsea environment remotely. Underwater Wireless Sensor Network (UWSN) is the main enabling technology for IoUT. UWSNs are characterised by the limitations of the underlying acoustic communication medium, high energy consumption, lack of hardware resources to implement computationally intensive tasks and dynamic network topology due to node mobility. These characteristics render UNWSNs vulnerable to different attacks, such as Wormhole, Sybil, flooding, jamming, spoofing and Denial of Service (DoS) attacks. This article reviews peer-reviewed literature that addresses the security challenges and attacks on UWSNs as well as possible mitigative solutions. Findings show that the biggest contributing factors to security threats in UWSNs are the limited energy supply, the limited communication medium and the harsh underwater communication conditions. Researchers in this field agree that the security measures of terrestrial wireless sensor networks are not directly applicable to UWSNs due to the unique nature of the underwater environment where resource management becomes a significant challenge. This article also outlines future research directions on security and privacy challenges of IoUT and UWSN

Evaluating the risk of disclosure and utility in a synthetic dataset

The advancement of information technology has improved the delivery of financial services by the introduction of Financial Technology (FinTech). To enhance their customer satisfaction, Fintech companies leverage artificial intelligence (AI) to collect fine-grained data about individuals, which enables them to provide more intelligent and customized services. However, although visions thereof promise to make our lives easier, they also raise major security and privacy concerns for their users. Differential privacy (DP) is a popular technique for protecting individual privacy and at the same time for releasing data for public use. However, very few research efforts have been devoted to maintaining a balance between the corresponding risk of data disclosure (RoD) and data utility. In this paper, we propose data-driven approaches to differentially release private data to evaluate the RoD. We develop algorithms to evaluate whether the differentially private synthetic dataset offers sufficient privacy. In addition to privacy, the utility of the synthetic dataset is an important metric for the differential release of private data. Thus, we propose a data-driven algorithm that uses curve fitting to measure and predict the error of the statistical result incurred by adding random noise to the original dataset. We also present an algorithm for choosing an appropriate privacy budget ϵ to maintain the balance between privacy and utility. Our comprehensive experimental analysis proves both the efficiency and estimation accuracy of the proposed algorithms

PROUD : verifiable privacy-preserving outsourced attribute based signcryption supporting access policy update for cloud assisted IoT applications

The ever-growing number of Internet connected devices poses several cybersecurity risks. Most of the exchanged data between the Internet of Things (IoT) devices are not adequately secured due to resource constraints on IoT devices. Attribute Based SignCryption (ABSC) is a powerful cryptographic mechanism suitable for distributed environments, providing flexible access control and data secrecy. However, it imposes high designcryption costs, and does not support access policy update (user addition/revocation). This paper presents PROUD, an ABSC solution, to securely outsource data designcryption process to edge servers in order to reduce the computation overhead on the user side. PROUD allows end-users to offload most of the designcryption overhead to an edge server and verify the correctness of the received partially designcrypted data from the edge server. Moreover, PROUD provides the access policy update feature with neither involving a proxy-server, nor re-signcrypting the signcrypted message and re-distributing the users’ secret keys. The access policy update feature in PROUD does not affect the size of the message received by the end-user which reduces the bandwidth and the storage usage. Our comprehensive theoretical and experimental analysis prove that PROUD outperforms existing schemes in terms of functionality, communication and computation overhead