Purpose: This research aims to evaluate the potential threats to patient privacy and confidentiality posed by mHealth applications on mobile devices. Methodology: A comprehensive literature review was conducted, selec...Purpose: This research aims to evaluate the potential threats to patient privacy and confidentiality posed by mHealth applications on mobile devices. Methodology: A comprehensive literature review was conducted, selecting eighty-eight articles published over the past fifteen years. The study assessed data gathering and storage practices, regulatory adherence, legal structures, consent procedures, user education, and strategies to mitigate risks. Results: The findings reveal significant advancements in technologies designed to safeguard privacy and facilitate the widespread use of mHealth apps. However, persistent ethical issues related to privacy remain largely unchanged despite these technological strides.展开更多
In this paper, we propose a theoretical-information Confidential Procedure Model (CPM) to quantify confidentiality (or information leakage). The advantages of the CPM model include the following: 1) confidentiality lo...In this paper, we propose a theoretical-information Confidential Procedure Model (CPM) to quantify confidentiality (or information leakage). The advantages of the CPM model include the following: 1) confidentiality loss is formalized as a dynamic procedure, instead of a static function, and described via the "waterfall" diagram; 2) confidentiality loss is quantified in a relative manner, i.e., taken as a quantitative metric, the ratio of the conditional entropy being reserved after observing the entropy of the original full confidential information; 3) the optimal attacks including exhaustive attacks as well as all possible attacks that have (or have not even) been discovered, are taken into account when defining the novel concept of the confidential degree. To elucidate the proposed model, we analyze the information leakage in side-channel attacks and the anonymity of DC-net in a quantitative manner.展开更多
Video games have been around for several decades and have had many advancements from the original start of video games. Video games started as virtual games that were advertised towards children, and these virtual gam...Video games have been around for several decades and have had many advancements from the original start of video games. Video games started as virtual games that were advertised towards children, and these virtual games created a virtual reality of a variety of genres. These genres included sports games, such as tennis, football, baseball, war games, fantasy, puzzles, etc. The start of these games was derived from a sports genre and now has a popularity in multiplayer-online-shooting games. The purpose of this paper is to investigate different types of tools available for cheating in virtual world making players have undue advantage over other players in a competition. With the advancement in technology, these video games have become more expanded in the development aspects of gaming. Video game developers have created long lines of codes to create a new look of video games. As video games have progressed, the coding, bugs, bots, and errors of video games have changed throughout the years. The coding of video games has branched out from the original video games, which have given many benefits to this virtual world, while simultaneously creating more problems such as bots. Analysis of tools available for cheating in a game has disadvantaged normal gamer in a fair contest.展开更多
Opportunistic networks(OppNets)are usually a set of smart,wearable,and portable devices or entities with mobility that connect wirelessly without requiring infrastructure.Such a network is of great importance in data ...Opportunistic networks(OppNets)are usually a set of smart,wearable,and portable devices or entities with mobility that connect wirelessly without requiring infrastructure.Such a network is of great importance in data transmission,particularly in incidents and disasters,whether man-made or natural.However,message integrity and confidentiality are of concern when dealing with vital and physiological data transmission under strict privacy regulations.In this work,we propose a structure to classify messages based on their priority in different queues.Furthermore,due to the decentralized architecture of OppNets,we propose a blockchain-based structure for providing security for high-priority messages.It contains three sequences of functional blocks with a light and simplified implementation that make it suitable for battery-powered wearable devices that are limited in energy consumption and computational units.The simulation results show that by increasing the number of nodes in the network,the average of the changes in block sizes is neglectable,which addresses the computation bottleneck.Furthermore,we analyze the performance of the proposed structure in terms of message delivery and network overhead compared with the Epidemic and Prophet routing algorithms.These results indicate advancing the overall performance of the proposed algorithm.展开更多
Ensuring confidentiality of sensitive data is of paramount importance,since data leakage may not only endanger data owners’privacy,but also ruin reputation of businesses as well as violate various regulations like HI...Ensuring confidentiality of sensitive data is of paramount importance,since data leakage may not only endanger data owners’privacy,but also ruin reputation of businesses as well as violate various regulations like HIPPA and Sarbanes-Oxley Act.To provide confidentiality guarantee,the data should be protected when they are preserved in the personal computing devices(i.e.,confidentiality during their lifetime);and also,they should be rendered irrecoverable after they are removed from the devices(i.e.,confidentiality after their lifetime).Encryption and secure deletion are used to ensure data confidentiality during and after their lifetime,respectively.This work aims to perform a thorough literature review on the techniques being used to protect confidentiality of the data in personal computing devices,including both encryption and secure deletion.Especially for encryption,we mainly focus on the novel plausibly deniable encryption(PDE),which can ensure data confidentiality against both a coercive(i.e.,the attacker can coerce the data owner for the decryption key)and a non-coercive attacker.展开更多
We propose a novel technique to increase the confidentiality of an optical code division multiple access (OCDMA) system. A virtual user technique is analyzed and implemented to make an OCDMA system secure. Using thi...We propose a novel technique to increase the confidentiality of an optical code division multiple access (OCDMA) system. A virtual user technique is analyzed and implemented to make an OCDMA system secure. Using this technique, an eavesdropper will never find an isolated authorized user's signal. When authorized users and virtual users transmit data synchronously and asynehronously, network security increases by 25% and 37.5%, respectively.展开更多
Publish/subscribe(pub/sub)systems are widely used in large-scale messaging systems due to their asynchronous and decoupled nature.With the population of pub/sub cloud services,the privacy protection problem of pub/sub...Publish/subscribe(pub/sub)systems are widely used in large-scale messaging systems due to their asynchronous and decoupled nature.With the population of pub/sub cloud services,the privacy protection problem of pub/sub systems has started to emerge,and events and subscriptions are exposed when executing event matching on untrustworthy cloud brokers.However,as the number of subscriptions increases,the effectiveness of the previous confidentiality protection approaches declines drastically.In this paper,we propose SBM(scalable blind matching),an effective confidentiality protection scheme for pub/sub systems.To the best of our knowledge,SBM is the first scheme that applies order-preserving encryption algorithm to protect the system’s confidentiality and ensure its scalability.In this scheme,SBM-I is highly effective in subscription matching but is unable to achieve ideal security IND-OCPA,whereas SBM-II is suggested to ensure system security and SGX is used to reduce interaction and boost ciphertext matching performance.The experiment demonstrates that this method has better matching performance compared to others:the average matching time of SBM-I is 3–4 orders of magnitude faster than the matching algorithm MP and SGX-based algorithm SCBR when the number of subscriptions is 500,000,and the average matching time of SBM-II is 40 times faster than MP and 24 times than SCBR.展开更多
The rapid adoption of Internet of Things(IoT)technologies has introduced significant security challenges across the physical,network,and application layers,particularly with the widespread use of the Message Queue Tel...The rapid adoption of Internet of Things(IoT)technologies has introduced significant security challenges across the physical,network,and application layers,particularly with the widespread use of the Message Queue Telemetry Transport(MQTT)protocol,which,while efficient in bandwidth consumption,lacks inherent security features,making it vulnerable to various cyber threats.This research addresses these challenges by presenting a secure,lightweight communication proxy that enhances the scalability and security of MQTT-based Internet of Things(IoT)networks.The proposed solution builds upon the Dang-Scheme,a mutual authentication protocol designed explicitly for resource-constrained environments and enhances it using Elliptic Curve Cryptography(ECC).This integration significantly improves device authentication,data confidentiality,and energy efficiency,achieving an 87.68%increase in data confidentiality and up to 77.04%energy savings during publish/subscribe communications in smart homes.The Middleware Broker System dynamically manages transaction keys and session IDs,offering robust defences against common cyber threats like impersonation and brute-force attacks.Penetration testing with tools such as Hydra and Nmap further validated the system’s security,demonstrating its potential to significantly improve the security and efficiency of IoT networks while underscoring the need for ongoing research to combat emerging threats.展开更多
In order to provide a practicable solution to data confidentiality in cloud storage service,a data assured deletion scheme,which achieves the fine grained access control,hopping and sniffing attacks resistance,data dy...In order to provide a practicable solution to data confidentiality in cloud storage service,a data assured deletion scheme,which achieves the fine grained access control,hopping and sniffing attacks resistance,data dynamics and deduplication,is proposed.In our scheme,data blocks are encrypted by a two-level encryption approach,in which the control keys are generated from a key derivation tree,encrypted by an All-OrNothing algorithm and then distributed into DHT network after being partitioned by secret sharing.This guarantees that only authorized users can recover the control keys and then decrypt the outsourced data in an ownerspecified data lifetime.Besides confidentiality,data dynamics and deduplication are also achieved separately by adjustment of key derivation tree and convergent encryption.The analysis and experimental results show that our scheme can satisfy its security goal and perform the assured deletion with low cost.展开更多
With the rapid development of the Internet of Things(IoT),Location-Based Services(LBS)are becoming more and more popular.However,for the users being served,how to protect their location privacy has become a growing co...With the rapid development of the Internet of Things(IoT),Location-Based Services(LBS)are becoming more and more popular.However,for the users being served,how to protect their location privacy has become a growing concern.This has led to great difficulty in establishing trust between the users and the service providers,hindering the development of LBS for more comprehensive functions.In this paper,we first establish a strong identity verification mechanism to ensure the authentication security of the system and then design a new location privacy protection mechanism based on the privacy proximity test problem.This mechanism not only guarantees the confidentiality of the user s information during the subsequent information interaction and dynamic data transmission,but also meets the service provider's requirements for related data.展开更多
The emerging edge computing technology for the Internet of Things has been playing an important role in our daily life. It is promising to utilize a multi-receiver signcryption scheme to protect the transmission data ...The emerging edge computing technology for the Internet of Things has been playing an important role in our daily life. It is promising to utilize a multi-receiver signcryption scheme to protect the transmission data when an edge device broadcasts its sensing data to many different end devices at a time.There are several things to consider when we design a signcryption scheme. First existing schemes need to maintain a secure channel to generate the user private key, which may increase economic costs. Second the system private key of those schemes is kept secret by a single key generation center(KGC), and the single point of failure of KGC may compromise the whole system. For this, we propose a multi-receiver multimessage signcryption scheme without the secure channel. Firstly the scheme allows KGC to send secrets through the public channel, which reduces maintenance costs. Secondly, to eliminate the single point of failure, the scheme utilizes multiple KGCs to manage the system private key, and updates the secret of each KGC periodically to resist advanced persistent threat attacks. We demonstrate that the proposed scheme can achieve expected security properties. Performance analysis shows that it is with shorter ciphertext length and higher efficiency.展开更多
Transmission pipelines are vulnerable to various accidents and acts of vandalism.Therefore,a reliable monitoring system is needed to secure the transmission pipelines.A wireless sensor network is a wireless network co...Transmission pipelines are vulnerable to various accidents and acts of vandalism.Therefore,a reliable monitoring system is needed to secure the transmission pipelines.A wireless sensor network is a wireless network consisting of distributed devices distributed at various distances,which monitors the physical and environmental conditions using sensors.Wireless sensor networks have many uses,including the built-in sensor on the outside of the pipeline or installed to support bridge structures,robotics,healthcare,environmental monitoring,etc.Wireless Sensor networks could be used to monitor the temperature,pressure,leak detection and sabotage of transmission lines.Wireless sensor networks are vulnerable to various attacks.Cryptographic algorithms have a good role in information security for wireless sensor networks.Now,various types of cryptographic algorithms provide security in networks,but there are still some problems.In this research,to improve the power of these algorithms,a new hybrid encryption algorithm for monitoring energy transmission lines and increasing the security of wireless sensor networks is proposed.The proposed hybrid encryption algorithm provides the security and timely transmission of data in wireless sensor networks to monitor the transmission pipelines.The proposed algorithm fulfills three principles of cryptography:integrity,confidentiality and authentication.The details of the algorithm and basic concepts are presented in such a way that the algorithm can be operational.展开更多
Privacy protection for big data linking is discussed here in relation to the Central Statistics Office (CSO), Ireland's, big data linking project titled the 'Structure of Earnings Survey - Administrative Data Proj...Privacy protection for big data linking is discussed here in relation to the Central Statistics Office (CSO), Ireland's, big data linking project titled the 'Structure of Earnings Survey - Administrative Data Project' (SESADP). The result of the project was the creation of datasets and statistical outputs for the years 2011 to 2014 to meet Eurostat's annual earnings statistics requirements and the Structure of Earnings Survey (SES) Regulation. Record linking across the Census and various public sector datasets enabled the necessary information to be acquired to meet the Eurostat earnings requirements. However, the risk of statistical disclosure (i.e. identifying an individual on the dataset) is high unless privacy and confidentiality safe-guards are built into the data matching process. This paper looks at the three methods of linking records on big datasets employed on the SESADP, and how to anonymise the data to protect the identity of the individuals, where potentially disclosive variables exist.展开更多
Radio frequency identification (RFID) system is a contactless automatic identification system, which uses small and low cost RFID tags. The primary problem of current security and privacy preserving schemes is that,...Radio frequency identification (RFID) system is a contactless automatic identification system, which uses small and low cost RFID tags. The primary problem of current security and privacy preserving schemes is that, in order to identify only one single tag, these schemes require a linear computational complexity on the server side. We propose an efficient mutual authentication protocol for passive RFID tags that provides confidentiality, untraceability, mutual authentication, and efficiency. The proposed protocol shifts the heavy burden of asymmetric encryption and decryption operations on the more powerful server side and only leaves lightweight hash operation on tag side. It is also efficient in terms of time complexity, space complexity, and communication cost, which are very important for practical large-scale RFID applications.展开更多
In order to protect historical ciphertext when the private key leaked in the broadcasting system,the forward-secure multi-receiver signcryption scheme is designed based on the generic graded multilinear mapping encodi...In order to protect historical ciphertext when the private key leaked in the broadcasting system,the forward-secure multi-receiver signcryption scheme is designed based on the generic graded multilinear mapping encoding structure,which effectively prevents illegal access from intruder to the ciphertext in the past time period when the private key in current time period is revealed.Through the generalization of the existing multilinear mapping encoding system,it proposes the generic graded multilinear mapping encoding structure and the generic graded decision Diffie-Hellman problem.Because of the generic graded multilinear mapping encoding system adopted,almost all candidate multilinear mapping encoding systems can automatically adapt to our scheme.Under the assumption of generic graded decision Diffie-Hellman problem,it has proved that the scheme has the information confidentiality and unforgeability in the current time period.After putting forward the security model of forward-secure multi-receiver signcryption scheme,and under the assumption of generic graded decision Diffie-Hellman problem,it has proved that the scheme has the message forward-confidentiality and forward-unforgeability.Compared with other forward-secure public key encryption schemes,the relationship between our scheme and time periods is sub-linear,so it is less complex.展开更多
We present a secure storage system named HermitFS against many types ofattacks. HermitFS uses strong cryptography algorithms and a secure protocol to secure the data fromthe time it is written to the time an authorize...We present a secure storage system named HermitFS against many types ofattacks. HermitFS uses strong cryptography algorithms and a secure protocol to secure the data fromthe time it is written to the time an authorized user accesses it. Our experimental results andsecure analysis show that HermitFS can protect information from unauthorized access in any openenvironment with little penalty of data o-verhead and acceptable performance.展开更多
Security testing is a critical concern for organizations worldwide due to the potential financial setbacks and damage to reputation caused by insecure software systems.One of the challenges in software security testin...Security testing is a critical concern for organizations worldwide due to the potential financial setbacks and damage to reputation caused by insecure software systems.One of the challenges in software security testing is test case prioritization,which aims to reduce redundancy in fault occurrences when executing test suites.By effectively applying test case prioritization,both the time and cost required for developing secure software can be reduced.This paper proposes a test case prioritization technique based on the Ant Colony Optimization(ACO)algorithm,a metaheuristic approach.The performance of the ACO-based technique is evaluated using the Average Percentage of Fault Detection(APFD)metric,comparing it with traditional techniques.It has been applied to a Mobile Payment Wallet application to validate the proposed approach.The results demonstrate that the proposed technique outperforms the traditional techniques in terms of the APFD metric.The ACO-based technique achieves an APFD of approximately 76%,two percent higher than the second-best optimal ordering technique.These findings suggest that metaheuristic-based prioritization techniques can effectively identify the best test cases,saving time and improving software security overall.展开更多
Group key management technique is a fundamental building block for secure and reliable group communication systems.In order to successfully achieve this goal, group session key needs to be generated and distributed to...Group key management technique is a fundamental building block for secure and reliable group communication systems.In order to successfully achieve this goal, group session key needs to be generated and distributed to all group members in a secure and authenticated manner.The most commonly used method is based on Lagrange interpolating polynomial over the prime field F p={0,1,2,…, p-1}. A novel approach to group key transfer protocol based on a category of algebraic-geometry code is presented over the infinite field GF(2 m). The attractive advantages are obvious. Especially, the non-repeatability, confidentiality, and authentication of group key transfer protocols are obtained easily. Besides, a more generalized and simple mathematical construction model is proposed which also can be applied perfectly to related fields of information security.展开更多
Attacks on fully integrated servers,apps,and communication networks via the Internet of Things(IoT)are growing exponentially.Sensitive devices’effectiveness harms end users,increases cyber threats and identity theft,...Attacks on fully integrated servers,apps,and communication networks via the Internet of Things(IoT)are growing exponentially.Sensitive devices’effectiveness harms end users,increases cyber threats and identity theft,raises costs,and negatively impacts income as problems brought on by the Internet of Things network go unnoticed for extended periods.Attacks on Internet of Things interfaces must be closely monitored in real time for effective safety and security.Following the 1,2,3,and 4G cellular networks,the 5th generation wireless 5G network is indeed the great invasion of mankind and is known as the global advancement of cellular networks.Even to this day,experts are working on the evolution’s sixth generation(6G).It offers amazing capabilities for connecting everything,including gadgets and machines,with wavelengths ranging from 1 to 10 mm and frequencies ranging from 300 MHz to 3 GHz.It gives you the most recent information.Many countries have already established this technology within their border.Security is the most crucial aspect of using a 5G network.Because of the absence of study and network deployment,new technology first introduces new gaps for attackers and hackers.Internet Protocol(IP)attacks and intrusion will become more prevalent in this system.An efficient approach to detect intrusion in the 5G network using a Machine Learning algorithm will be provided in this research.This research will highlight the high accuracy rate by validating it for unidentified and suspicious circumstances in the 5G network,such as intruder hackers/attackers.After applying different machine learning algorithms,obtained the best result on Linear Regression Algorithm’s implementation on the dataset results in 92.12%on test data and 92.13%on train data with 92%precision.展开更多
文摘Purpose: This research aims to evaluate the potential threats to patient privacy and confidentiality posed by mHealth applications on mobile devices. Methodology: A comprehensive literature review was conducted, selecting eighty-eight articles published over the past fifteen years. The study assessed data gathering and storage practices, regulatory adherence, legal structures, consent procedures, user education, and strategies to mitigate risks. Results: The findings reveal significant advancements in technologies designed to safeguard privacy and facilitate the widespread use of mHealth apps. However, persistent ethical issues related to privacy remain largely unchanged despite these technological strides.
基金supported by the National Natural Science Foundation of China under Grants No.61172085,No.61272536,No.11061130539,No.61103221,No.61271118,No.61021004
文摘In this paper, we propose a theoretical-information Confidential Procedure Model (CPM) to quantify confidentiality (or information leakage). The advantages of the CPM model include the following: 1) confidentiality loss is formalized as a dynamic procedure, instead of a static function, and described via the "waterfall" diagram; 2) confidentiality loss is quantified in a relative manner, i.e., taken as a quantitative metric, the ratio of the conditional entropy being reserved after observing the entropy of the original full confidential information; 3) the optimal attacks including exhaustive attacks as well as all possible attacks that have (or have not even) been discovered, are taken into account when defining the novel concept of the confidential degree. To elucidate the proposed model, we analyze the information leakage in side-channel attacks and the anonymity of DC-net in a quantitative manner.
文摘Video games have been around for several decades and have had many advancements from the original start of video games. Video games started as virtual games that were advertised towards children, and these virtual games created a virtual reality of a variety of genres. These genres included sports games, such as tennis, football, baseball, war games, fantasy, puzzles, etc. The start of these games was derived from a sports genre and now has a popularity in multiplayer-online-shooting games. The purpose of this paper is to investigate different types of tools available for cheating in virtual world making players have undue advantage over other players in a competition. With the advancement in technology, these video games have become more expanded in the development aspects of gaming. Video game developers have created long lines of codes to create a new look of video games. As video games have progressed, the coding, bugs, bots, and errors of video games have changed throughout the years. The coding of video games has branched out from the original video games, which have given many benefits to this virtual world, while simultaneously creating more problems such as bots. Analysis of tools available for cheating in a game has disadvantaged normal gamer in a fair contest.
文摘Opportunistic networks(OppNets)are usually a set of smart,wearable,and portable devices or entities with mobility that connect wirelessly without requiring infrastructure.Such a network is of great importance in data transmission,particularly in incidents and disasters,whether man-made or natural.However,message integrity and confidentiality are of concern when dealing with vital and physiological data transmission under strict privacy regulations.In this work,we propose a structure to classify messages based on their priority in different queues.Furthermore,due to the decentralized architecture of OppNets,we propose a blockchain-based structure for providing security for high-priority messages.It contains three sequences of functional blocks with a light and simplified implementation that make it suitable for battery-powered wearable devices that are limited in energy consumption and computational units.The simulation results show that by increasing the number of nodes in the network,the average of the changes in block sizes is neglectable,which addresses the computation bottleneck.Furthermore,we analyze the performance of the proposed structure in terms of message delivery and network overhead compared with the Epidemic and Prophet routing algorithms.These results indicate advancing the overall performance of the proposed algorithm.
基金partially supported by the National Key Research&Development Program of China(Grant No.2017YFC0822704)National Natural Science Foundation of China(No.61602476,No.61772518 and No.61602475).
文摘Ensuring confidentiality of sensitive data is of paramount importance,since data leakage may not only endanger data owners’privacy,but also ruin reputation of businesses as well as violate various regulations like HIPPA and Sarbanes-Oxley Act.To provide confidentiality guarantee,the data should be protected when they are preserved in the personal computing devices(i.e.,confidentiality during their lifetime);and also,they should be rendered irrecoverable after they are removed from the devices(i.e.,confidentiality after their lifetime).Encryption and secure deletion are used to ensure data confidentiality during and after their lifetime,respectively.This work aims to perform a thorough literature review on the techniques being used to protect confidentiality of the data in personal computing devices,including both encryption and secure deletion.Especially for encryption,we mainly focus on the novel plausibly deniable encryption(PDE),which can ensure data confidentiality against both a coercive(i.e.,the attacker can coerce the data owner for the decryption key)and a non-coercive attacker.
文摘We propose a novel technique to increase the confidentiality of an optical code division multiple access (OCDMA) system. A virtual user technique is analyzed and implemented to make an OCDMA system secure. Using this technique, an eavesdropper will never find an isolated authorized user's signal. When authorized users and virtual users transmit data synchronously and asynehronously, network security increases by 25% and 37.5%, respectively.
基金This work was supported by the Natural Science Foundation of Beijing Municipality(M21037)Key Technologies Research and Development Program(2022YFF0902701)2022 Industrial Internet Public Service Platform-Industrial Internet Oriented Virtual Currency Mining Governance Public Service Platform Project by the Ministry of Industry and Information Technology of PRC,Major Research and Application Project for the Supervision Platform of Virtual Currency Mining Behavior by the Ministry of Education of PRC,and the 111 Project(Grant No.B21049).
文摘Publish/subscribe(pub/sub)systems are widely used in large-scale messaging systems due to their asynchronous and decoupled nature.With the population of pub/sub cloud services,the privacy protection problem of pub/sub systems has started to emerge,and events and subscriptions are exposed when executing event matching on untrustworthy cloud brokers.However,as the number of subscriptions increases,the effectiveness of the previous confidentiality protection approaches declines drastically.In this paper,we propose SBM(scalable blind matching),an effective confidentiality protection scheme for pub/sub systems.To the best of our knowledge,SBM is the first scheme that applies order-preserving encryption algorithm to protect the system’s confidentiality and ensure its scalability.In this scheme,SBM-I is highly effective in subscription matching but is unable to achieve ideal security IND-OCPA,whereas SBM-II is suggested to ensure system security and SGX is used to reduce interaction and boost ciphertext matching performance.The experiment demonstrates that this method has better matching performance compared to others:the average matching time of SBM-I is 3–4 orders of magnitude faster than the matching algorithm MP and SGX-based algorithm SCBR when the number of subscriptions is 500,000,and the average matching time of SBM-II is 40 times faster than MP and 24 times than SCBR.
基金supported through Universiti Sains Malaysia(USM)and the Ministry of Higher Education Malaysia providing the research grant,Fundamental Research Grant Scheme(FRGS-Grant No.FRGS/1/2020/TK0/USM/02/1).
文摘The rapid adoption of Internet of Things(IoT)technologies has introduced significant security challenges across the physical,network,and application layers,particularly with the widespread use of the Message Queue Telemetry Transport(MQTT)protocol,which,while efficient in bandwidth consumption,lacks inherent security features,making it vulnerable to various cyber threats.This research addresses these challenges by presenting a secure,lightweight communication proxy that enhances the scalability and security of MQTT-based Internet of Things(IoT)networks.The proposed solution builds upon the Dang-Scheme,a mutual authentication protocol designed explicitly for resource-constrained environments and enhances it using Elliptic Curve Cryptography(ECC).This integration significantly improves device authentication,data confidentiality,and energy efficiency,achieving an 87.68%increase in data confidentiality and up to 77.04%energy savings during publish/subscribe communications in smart homes.The Middleware Broker System dynamically manages transaction keys and session IDs,offering robust defences against common cyber threats like impersonation and brute-force attacks.Penetration testing with tools such as Hydra and Nmap further validated the system’s security,demonstrating its potential to significantly improve the security and efficiency of IoT networks while underscoring the need for ongoing research to combat emerging threats.
基金supported by the National Key Basic Research Program of China(973 program) under Grant No.2012CB315901
文摘In order to provide a practicable solution to data confidentiality in cloud storage service,a data assured deletion scheme,which achieves the fine grained access control,hopping and sniffing attacks resistance,data dynamics and deduplication,is proposed.In our scheme,data blocks are encrypted by a two-level encryption approach,in which the control keys are generated from a key derivation tree,encrypted by an All-OrNothing algorithm and then distributed into DHT network after being partitioned by secret sharing.This guarantees that only authorized users can recover the control keys and then decrypt the outsourced data in an ownerspecified data lifetime.Besides confidentiality,data dynamics and deduplication are also achieved separately by adjustment of key derivation tree and convergent encryption.The analysis and experimental results show that our scheme can satisfy its security goal and perform the assured deletion with low cost.
基金This work has been partly supported by the National Natural Science Foundation of China under Grant No.61702212the Fundamental Research Funds for the Central Universities under Grand NO.CCNU19TS017.
文摘With the rapid development of the Internet of Things(IoT),Location-Based Services(LBS)are becoming more and more popular.However,for the users being served,how to protect their location privacy has become a growing concern.This has led to great difficulty in establishing trust between the users and the service providers,hindering the development of LBS for more comprehensive functions.In this paper,we first establish a strong identity verification mechanism to ensure the authentication security of the system and then design a new location privacy protection mechanism based on the privacy proximity test problem.This mechanism not only guarantees the confidentiality of the user s information during the subsequent information interaction and dynamic data transmission,but also meets the service provider's requirements for related data.
基金supported by National Key Research and Development Program of China (2020YFB1005404)National Natural Science Foundation of China (62172010)Henan Province Higher Education Key Research Project (22A520048)。
文摘The emerging edge computing technology for the Internet of Things has been playing an important role in our daily life. It is promising to utilize a multi-receiver signcryption scheme to protect the transmission data when an edge device broadcasts its sensing data to many different end devices at a time.There are several things to consider when we design a signcryption scheme. First existing schemes need to maintain a secure channel to generate the user private key, which may increase economic costs. Second the system private key of those schemes is kept secret by a single key generation center(KGC), and the single point of failure of KGC may compromise the whole system. For this, we propose a multi-receiver multimessage signcryption scheme without the secure channel. Firstly the scheme allows KGC to send secrets through the public channel, which reduces maintenance costs. Secondly, to eliminate the single point of failure, the scheme utilizes multiple KGCs to manage the system private key, and updates the secret of each KGC periodically to resist advanced persistent threat attacks. We demonstrate that the proposed scheme can achieve expected security properties. Performance analysis shows that it is with shorter ciphertext length and higher efficiency.
文摘Transmission pipelines are vulnerable to various accidents and acts of vandalism.Therefore,a reliable monitoring system is needed to secure the transmission pipelines.A wireless sensor network is a wireless network consisting of distributed devices distributed at various distances,which monitors the physical and environmental conditions using sensors.Wireless sensor networks have many uses,including the built-in sensor on the outside of the pipeline or installed to support bridge structures,robotics,healthcare,environmental monitoring,etc.Wireless Sensor networks could be used to monitor the temperature,pressure,leak detection and sabotage of transmission lines.Wireless sensor networks are vulnerable to various attacks.Cryptographic algorithms have a good role in information security for wireless sensor networks.Now,various types of cryptographic algorithms provide security in networks,but there are still some problems.In this research,to improve the power of these algorithms,a new hybrid encryption algorithm for monitoring energy transmission lines and increasing the security of wireless sensor networks is proposed.The proposed hybrid encryption algorithm provides the security and timely transmission of data in wireless sensor networks to monitor the transmission pipelines.The proposed algorithm fulfills three principles of cryptography:integrity,confidentiality and authentication.The details of the algorithm and basic concepts are presented in such a way that the algorithm can be operational.
文摘Privacy protection for big data linking is discussed here in relation to the Central Statistics Office (CSO), Ireland's, big data linking project titled the 'Structure of Earnings Survey - Administrative Data Project' (SESADP). The result of the project was the creation of datasets and statistical outputs for the years 2011 to 2014 to meet Eurostat's annual earnings statistics requirements and the Structure of Earnings Survey (SES) Regulation. Record linking across the Census and various public sector datasets enabled the necessary information to be acquired to meet the Eurostat earnings requirements. However, the risk of statistical disclosure (i.e. identifying an individual on the dataset) is high unless privacy and confidentiality safe-guards are built into the data matching process. This paper looks at the three methods of linking records on big datasets employed on the SESADP, and how to anonymise the data to protect the identity of the individuals, where potentially disclosive variables exist.
基金supported by Fundamental Research Funds for the Central Universities of China (No.N100323001)Scientific Research Foundation of the Higher Education Institutions of Hebei Province of China (No.Z2010215)
文摘Radio frequency identification (RFID) system is a contactless automatic identification system, which uses small and low cost RFID tags. The primary problem of current security and privacy preserving schemes is that, in order to identify only one single tag, these schemes require a linear computational complexity on the server side. We propose an efficient mutual authentication protocol for passive RFID tags that provides confidentiality, untraceability, mutual authentication, and efficiency. The proposed protocol shifts the heavy burden of asymmetric encryption and decryption operations on the more powerful server side and only leaves lightweight hash operation on tag side. It is also efficient in terms of time complexity, space complexity, and communication cost, which are very important for practical large-scale RFID applications.
基金Sponsored by the National Natural Science Foundation of China(Grant No.61401226,61672270,61602216)the MOE(Ministry of Education in China) Project of Humanities and Social Sciences(Grant No.14YJAZH023,15YJCZH129)+2 种基金the Basic Research Program of Jiangsu University of Technology(Grant No.KYY14007)the Qing Lan Project for Young Researchers of Jiangsu Province of China(Grant No.KYQ14004)the Open Fund of State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences(Grant No.2015-MSB-10)
文摘In order to protect historical ciphertext when the private key leaked in the broadcasting system,the forward-secure multi-receiver signcryption scheme is designed based on the generic graded multilinear mapping encoding structure,which effectively prevents illegal access from intruder to the ciphertext in the past time period when the private key in current time period is revealed.Through the generalization of the existing multilinear mapping encoding system,it proposes the generic graded multilinear mapping encoding structure and the generic graded decision Diffie-Hellman problem.Because of the generic graded multilinear mapping encoding system adopted,almost all candidate multilinear mapping encoding systems can automatically adapt to our scheme.Under the assumption of generic graded decision Diffie-Hellman problem,it has proved that the scheme has the information confidentiality and unforgeability in the current time period.After putting forward the security model of forward-secure multi-receiver signcryption scheme,and under the assumption of generic graded decision Diffie-Hellman problem,it has proved that the scheme has the message forward-confidentiality and forward-unforgeability.Compared with other forward-secure public key encryption schemes,the relationship between our scheme and time periods is sub-linear,so it is less complex.
基金Supported by the National High Tech Researchand Development Plan of China(2001AA114141)
文摘We present a secure storage system named HermitFS against many types ofattacks. HermitFS uses strong cryptography algorithms and a secure protocol to secure the data fromthe time it is written to the time an authorized user accesses it. Our experimental results andsecure analysis show that HermitFS can protect information from unauthorized access in any openenvironment with little penalty of data o-verhead and acceptable performance.
基金Deanship of Scientific Research at King Khalid University for funding this work through Large Group Research Project under Grant Number RGP2/249/44.
文摘Security testing is a critical concern for organizations worldwide due to the potential financial setbacks and damage to reputation caused by insecure software systems.One of the challenges in software security testing is test case prioritization,which aims to reduce redundancy in fault occurrences when executing test suites.By effectively applying test case prioritization,both the time and cost required for developing secure software can be reduced.This paper proposes a test case prioritization technique based on the Ant Colony Optimization(ACO)algorithm,a metaheuristic approach.The performance of the ACO-based technique is evaluated using the Average Percentage of Fault Detection(APFD)metric,comparing it with traditional techniques.It has been applied to a Mobile Payment Wallet application to validate the proposed approach.The results demonstrate that the proposed technique outperforms the traditional techniques in terms of the APFD metric.The ACO-based technique achieves an APFD of approximately 76%,two percent higher than the second-best optimal ordering technique.These findings suggest that metaheuristic-based prioritization techniques can effectively identify the best test cases,saving time and improving software security overall.
基金Supported by the National Natural Science Foundation of China(No.61501064)Sichuan Technology Support Program(No.2015GZ0088)
文摘Group key management technique is a fundamental building block for secure and reliable group communication systems.In order to successfully achieve this goal, group session key needs to be generated and distributed to all group members in a secure and authenticated manner.The most commonly used method is based on Lagrange interpolating polynomial over the prime field F p={0,1,2,…, p-1}. A novel approach to group key transfer protocol based on a category of algebraic-geometry code is presented over the infinite field GF(2 m). The attractive advantages are obvious. Especially, the non-repeatability, confidentiality, and authentication of group key transfer protocols are obtained easily. Besides, a more generalized and simple mathematical construction model is proposed which also can be applied perfectly to related fields of information security.
文摘Attacks on fully integrated servers,apps,and communication networks via the Internet of Things(IoT)are growing exponentially.Sensitive devices’effectiveness harms end users,increases cyber threats and identity theft,raises costs,and negatively impacts income as problems brought on by the Internet of Things network go unnoticed for extended periods.Attacks on Internet of Things interfaces must be closely monitored in real time for effective safety and security.Following the 1,2,3,and 4G cellular networks,the 5th generation wireless 5G network is indeed the great invasion of mankind and is known as the global advancement of cellular networks.Even to this day,experts are working on the evolution’s sixth generation(6G).It offers amazing capabilities for connecting everything,including gadgets and machines,with wavelengths ranging from 1 to 10 mm and frequencies ranging from 300 MHz to 3 GHz.It gives you the most recent information.Many countries have already established this technology within their border.Security is the most crucial aspect of using a 5G network.Because of the absence of study and network deployment,new technology first introduces new gaps for attackers and hackers.Internet Protocol(IP)attacks and intrusion will become more prevalent in this system.An efficient approach to detect intrusion in the 5G network using a Machine Learning algorithm will be provided in this research.This research will highlight the high accuracy rate by validating it for unidentified and suspicious circumstances in the 5G network,such as intruder hackers/attackers.After applying different machine learning algorithms,obtained the best result on Linear Regression Algorithm’s implementation on the dataset results in 92.12%on test data and 92.13%on train data with 92%precision.
