Purpose: This research aims to evaluate the potential threats to patient privacy and confidentiality posed by mHealth applications on mobile devices. Methodology: A comprehensive literature review was conducted, selec...Purpose: This research aims to evaluate the potential threats to patient privacy and confidentiality posed by mHealth applications on mobile devices. Methodology: A comprehensive literature review was conducted, selecting eighty-eight articles published over the past fifteen years. The study assessed data gathering and storage practices, regulatory adherence, legal structures, consent procedures, user education, and strategies to mitigate risks. Results: The findings reveal significant advancements in technologies designed to safeguard privacy and facilitate the widespread use of mHealth apps. However, persistent ethical issues related to privacy remain largely unchanged despite these technological strides.展开更多
Video games have been around for several decades and have had many advancements from the original start of video games. Video games started as virtual games that were advertised towards children, and these virtual gam...Video games have been around for several decades and have had many advancements from the original start of video games. Video games started as virtual games that were advertised towards children, and these virtual games created a virtual reality of a variety of genres. These genres included sports games, such as tennis, football, baseball, war games, fantasy, puzzles, etc. The start of these games was derived from a sports genre and now has a popularity in multiplayer-online-shooting games. The purpose of this paper is to investigate different types of tools available for cheating in virtual world making players have undue advantage over other players in a competition. With the advancement in technology, these video games have become more expanded in the development aspects of gaming. Video game developers have created long lines of codes to create a new look of video games. As video games have progressed, the coding, bugs, bots, and errors of video games have changed throughout the years. The coding of video games has branched out from the original video games, which have given many benefits to this virtual world, while simultaneously creating more problems such as bots. Analysis of tools available for cheating in a game has disadvantaged normal gamer in a fair contest.展开更多
In this paper, we propose a theoretical-information Confidential Procedure Model (CPM) to quantify confidentiality (or information leakage). The advantages of the CPM model include the following: 1) confidentiality lo...In this paper, we propose a theoretical-information Confidential Procedure Model (CPM) to quantify confidentiality (or information leakage). The advantages of the CPM model include the following: 1) confidentiality loss is formalized as a dynamic procedure, instead of a static function, and described via the "waterfall" diagram; 2) confidentiality loss is quantified in a relative manner, i.e., taken as a quantitative metric, the ratio of the conditional entropy being reserved after observing the entropy of the original full confidential information; 3) the optimal attacks including exhaustive attacks as well as all possible attacks that have (or have not even) been discovered, are taken into account when defining the novel concept of the confidential degree. To elucidate the proposed model, we analyze the information leakage in side-channel attacks and the anonymity of DC-net in a quantitative manner.展开更多
Opportunistic networks(OppNets)are usually a set of smart,wearable,and portable devices or entities with mobility that connect wirelessly without requiring infrastructure.Such a network is of great importance in data ...Opportunistic networks(OppNets)are usually a set of smart,wearable,and portable devices or entities with mobility that connect wirelessly without requiring infrastructure.Such a network is of great importance in data transmission,particularly in incidents and disasters,whether man-made or natural.However,message integrity and confidentiality are of concern when dealing with vital and physiological data transmission under strict privacy regulations.In this work,we propose a structure to classify messages based on their priority in different queues.Furthermore,due to the decentralized architecture of OppNets,we propose a blockchain-based structure for providing security for high-priority messages.It contains three sequences of functional blocks with a light and simplified implementation that make it suitable for battery-powered wearable devices that are limited in energy consumption and computational units.The simulation results show that by increasing the number of nodes in the network,the average of the changes in block sizes is neglectable,which addresses the computation bottleneck.Furthermore,we analyze the performance of the proposed structure in terms of message delivery and network overhead compared with the Epidemic and Prophet routing algorithms.These results indicate advancing the overall performance of the proposed algorithm.展开更多
Publish/subscribe(pub/sub)systems are widely used in large-scale messaging systems due to their asynchronous and decoupled nature.With the population of pub/sub cloud services,the privacy protection problem of pub/sub...Publish/subscribe(pub/sub)systems are widely used in large-scale messaging systems due to their asynchronous and decoupled nature.With the population of pub/sub cloud services,the privacy protection problem of pub/sub systems has started to emerge,and events and subscriptions are exposed when executing event matching on untrustworthy cloud brokers.However,as the number of subscriptions increases,the effectiveness of the previous confidentiality protection approaches declines drastically.In this paper,we propose SBM(scalable blind matching),an effective confidentiality protection scheme for pub/sub systems.To the best of our knowledge,SBM is the first scheme that applies order-preserving encryption algorithm to protect the system’s confidentiality and ensure its scalability.In this scheme,SBM-I is highly effective in subscription matching but is unable to achieve ideal security IND-OCPA,whereas SBM-II is suggested to ensure system security and SGX is used to reduce interaction and boost ciphertext matching performance.The experiment demonstrates that this method has better matching performance compared to others:the average matching time of SBM-I is 3–4 orders of magnitude faster than the matching algorithm MP and SGX-based algorithm SCBR when the number of subscriptions is 500,000,and the average matching time of SBM-II is 40 times faster than MP and 24 times than SCBR.展开更多
The rapid adoption of Internet of Things(IoT)technologies has introduced significant security challenges across the physical,network,and application layers,particularly with the widespread use of the Message Queue Tel...The rapid adoption of Internet of Things(IoT)technologies has introduced significant security challenges across the physical,network,and application layers,particularly with the widespread use of the Message Queue Telemetry Transport(MQTT)protocol,which,while efficient in bandwidth consumption,lacks inherent security features,making it vulnerable to various cyber threats.This research addresses these challenges by presenting a secure,lightweight communication proxy that enhances the scalability and security of MQTT-based Internet of Things(IoT)networks.The proposed solution builds upon the Dang-Scheme,a mutual authentication protocol designed explicitly for resource-constrained environments and enhances it using Elliptic Curve Cryptography(ECC).This integration significantly improves device authentication,data confidentiality,and energy efficiency,achieving an 87.68%increase in data confidentiality and up to 77.04%energy savings during publish/subscribe communications in smart homes.The Middleware Broker System dynamically manages transaction keys and session IDs,offering robust defences against common cyber threats like impersonation and brute-force attacks.Penetration testing with tools such as Hydra and Nmap further validated the system’s security,demonstrating its potential to significantly improve the security and efficiency of IoT networks while underscoring the need for ongoing research to combat emerging threats.展开更多
Ensuring confidentiality of sensitive data is of paramount importance,since data leakage may not only endanger data owners’privacy,but also ruin reputation of businesses as well as violate various regulations like HI...Ensuring confidentiality of sensitive data is of paramount importance,since data leakage may not only endanger data owners’privacy,but also ruin reputation of businesses as well as violate various regulations like HIPPA and Sarbanes-Oxley Act.To provide confidentiality guarantee,the data should be protected when they are preserved in the personal computing devices(i.e.,confidentiality during their lifetime);and also,they should be rendered irrecoverable after they are removed from the devices(i.e.,confidentiality after their lifetime).Encryption and secure deletion are used to ensure data confidentiality during and after their lifetime,respectively.This work aims to perform a thorough literature review on the techniques being used to protect confidentiality of the data in personal computing devices,including both encryption and secure deletion.Especially for encryption,we mainly focus on the novel plausibly deniable encryption(PDE),which can ensure data confidentiality against both a coercive(i.e.,the attacker can coerce the data owner for the decryption key)and a non-coercive attacker.展开更多
We propose a novel technique to increase the confidentiality of an optical code division multiple access (OCDMA) system. A virtual user technique is analyzed and implemented to make an OCDMA system secure. Using thi...We propose a novel technique to increase the confidentiality of an optical code division multiple access (OCDMA) system. A virtual user technique is analyzed and implemented to make an OCDMA system secure. Using this technique, an eavesdropper will never find an isolated authorized user's signal. When authorized users and virtual users transmit data synchronously and asynehronously, network security increases by 25% and 37.5%, respectively.展开更多
Security testing is a critical concern for organizations worldwide due to the potential financial setbacks and damage to reputation caused by insecure software systems.One of the challenges in software security testin...Security testing is a critical concern for organizations worldwide due to the potential financial setbacks and damage to reputation caused by insecure software systems.One of the challenges in software security testing is test case prioritization,which aims to reduce redundancy in fault occurrences when executing test suites.By effectively applying test case prioritization,both the time and cost required for developing secure software can be reduced.This paper proposes a test case prioritization technique based on the Ant Colony Optimization(ACO)algorithm,a metaheuristic approach.The performance of the ACO-based technique is evaluated using the Average Percentage of Fault Detection(APFD)metric,comparing it with traditional techniques.It has been applied to a Mobile Payment Wallet application to validate the proposed approach.The results demonstrate that the proposed technique outperforms the traditional techniques in terms of the APFD metric.The ACO-based technique achieves an APFD of approximately 76%,two percent higher than the second-best optimal ordering technique.These findings suggest that metaheuristic-based prioritization techniques can effectively identify the best test cases,saving time and improving software security overall.展开更多
Attacks on fully integrated servers,apps,and communication networks via the Internet of Things(IoT)are growing exponentially.Sensitive devices’effectiveness harms end users,increases cyber threats and identity theft,...Attacks on fully integrated servers,apps,and communication networks via the Internet of Things(IoT)are growing exponentially.Sensitive devices’effectiveness harms end users,increases cyber threats and identity theft,raises costs,and negatively impacts income as problems brought on by the Internet of Things network go unnoticed for extended periods.Attacks on Internet of Things interfaces must be closely monitored in real time for effective safety and security.Following the 1,2,3,and 4G cellular networks,the 5th generation wireless 5G network is indeed the great invasion of mankind and is known as the global advancement of cellular networks.Even to this day,experts are working on the evolution’s sixth generation(6G).It offers amazing capabilities for connecting everything,including gadgets and machines,with wavelengths ranging from 1 to 10 mm and frequencies ranging from 300 MHz to 3 GHz.It gives you the most recent information.Many countries have already established this technology within their border.Security is the most crucial aspect of using a 5G network.Because of the absence of study and network deployment,new technology first introduces new gaps for attackers and hackers.Internet Protocol(IP)attacks and intrusion will become more prevalent in this system.An efficient approach to detect intrusion in the 5G network using a Machine Learning algorithm will be provided in this research.This research will highlight the high accuracy rate by validating it for unidentified and suspicious circumstances in the 5G network,such as intruder hackers/attackers.After applying different machine learning algorithms,obtained the best result on Linear Regression Algorithm’s implementation on the dataset results in 92.12%on test data and 92.13%on train data with 92%precision.展开更多
The Internet of Things(IoT)is converting today’s physical world into a complex and sophisticated network of connected devices on an enormous scale.The existing malicious node detection mechanism in traditional approa...The Internet of Things(IoT)is converting today’s physical world into a complex and sophisticated network of connected devices on an enormous scale.The existing malicious node detection mechanism in traditional approaches lacks in transparency,availability,or traceability of the detection phase.To overcome these concerns,we provide a decentralized technique using blockchain technology.Despite the fact that blockchain technology is applicable to create that type of models,existing harmony set of instructions are susceptible to do violence to such as DoS and Sybil,making blockchain systems unfeasible.Here,a new Proof-of-Improved-Participation(PoIP)harmony instruction was suggested that benefits the participation rules to select honest peers for mining while limiting malicious peers.Under an evaluation the PoIP outperforms the Proof-of-Work(PoW)instructions are demonstrated,Proof of Stake(PoS)instructions in terms of energy consumption,accuracy,and bandwidth.To compare the three consensus protocols with respect to efficiency,we build a lightweight mining model andfind that PoIP consensus has greater efficiency than PoW and PoS.PoIP has 25%lower attack risk than existing consensus.As a consequence,our suggested methodology can provide the needed security with minimal attack risk and high accuracy,according to the analysis results.As a result,suggested consensus is more efficient than existing methods in terms of block generation time.Hence we suggest that suggested consensus is very suitable for IoT-based applications especially in healthcare.展开更多
This paper deals with the security of stock market transactions within financial markets, particularly that of the West African Economic and Monetary Union (UEMOA). The confidentiality and integrity of sensitive data ...This paper deals with the security of stock market transactions within financial markets, particularly that of the West African Economic and Monetary Union (UEMOA). The confidentiality and integrity of sensitive data in the stock market being crucial, the implementation of robust systems which guarantee trust between the different actors is essential. We therefore proposed, after analyzing the limits of several security approaches in the literature, an architecture based on blockchain technology making it possible to both identify and reduce the vulnerabilities linked to the design, implementation work or the use of web applications used for transactions. Our proposal makes it possible, thanks to two-factor authentication via the Blockchain, to strengthen the security of investors’ accounts and the automated recording of transactions in the Blockchain while guaranteeing the integrity of stock market operations. It also provides an application vulnerability report. To validate our approach, we compared our results to those of three other security tools, at the level of different metrics. Our approach achieved the best performance in each case.展开更多
Data security and privacy protection have become the focus of cybersecurity protection in many countries.The utilization of confidential computing technology can significantly enhance data security.However,there are a...Data security and privacy protection have become the focus of cybersecurity protection in many countries.The utilization of confidential computing technology can significantly enhance data security.However,there are a variety of confidential computing technology routes,with significant differences in the principles and interfaces of implementation.There is an urgent need to develop relevant standards and specifications and guide the design,development,deployment and application of confidential computing related products.This paper introduces the development progress of the national standard project“Information security techniques—General framework for the confidential computing”and its pilot application scenarios across various industries.Additionally,it proposes suggestions on modifying and improving the standard to promote the healthy development of the confidential computing industry ecosystem.展开更多
In order to provide a practicable solution to data confidentiality in cloud storage service,a data assured deletion scheme,which achieves the fine grained access control,hopping and sniffing attacks resistance,data dy...In order to provide a practicable solution to data confidentiality in cloud storage service,a data assured deletion scheme,which achieves the fine grained access control,hopping and sniffing attacks resistance,data dynamics and deduplication,is proposed.In our scheme,data blocks are encrypted by a two-level encryption approach,in which the control keys are generated from a key derivation tree,encrypted by an All-OrNothing algorithm and then distributed into DHT network after being partitioned by secret sharing.This guarantees that only authorized users can recover the control keys and then decrypt the outsourced data in an ownerspecified data lifetime.Besides confidentiality,data dynamics and deduplication are also achieved separately by adjustment of key derivation tree and convergent encryption.The analysis and experimental results show that our scheme can satisfy its security goal and perform the assured deletion with low cost.展开更多
With the rapid development of the Internet of Things(IoT),Location-Based Services(LBS)are becoming more and more popular.However,for the users being served,how to protect their location privacy has become a growing co...With the rapid development of the Internet of Things(IoT),Location-Based Services(LBS)are becoming more and more popular.However,for the users being served,how to protect their location privacy has become a growing concern.This has led to great difficulty in establishing trust between the users and the service providers,hindering the development of LBS for more comprehensive functions.In this paper,we first establish a strong identity verification mechanism to ensure the authentication security of the system and then design a new location privacy protection mechanism based on the privacy proximity test problem.This mechanism not only guarantees the confidentiality of the user s information during the subsequent information interaction and dynamic data transmission,but also meets the service provider's requirements for related data.展开更多
The emerging edge computing technology for the Internet of Things has been playing an important role in our daily life. It is promising to utilize a multi-receiver signcryption scheme to protect the transmission data ...The emerging edge computing technology for the Internet of Things has been playing an important role in our daily life. It is promising to utilize a multi-receiver signcryption scheme to protect the transmission data when an edge device broadcasts its sensing data to many different end devices at a time.There are several things to consider when we design a signcryption scheme. First existing schemes need to maintain a secure channel to generate the user private key, which may increase economic costs. Second the system private key of those schemes is kept secret by a single key generation center(KGC), and the single point of failure of KGC may compromise the whole system. For this, we propose a multi-receiver multimessage signcryption scheme without the secure channel. Firstly the scheme allows KGC to send secrets through the public channel, which reduces maintenance costs. Secondly, to eliminate the single point of failure, the scheme utilizes multiple KGCs to manage the system private key, and updates the secret of each KGC periodically to resist advanced persistent threat attacks. We demonstrate that the proposed scheme can achieve expected security properties. Performance analysis shows that it is with shorter ciphertext length and higher efficiency.展开更多
Transmission pipelines are vulnerable to various accidents and acts of vandalism.Therefore,a reliable monitoring system is needed to secure the transmission pipelines.A wireless sensor network is a wireless network co...Transmission pipelines are vulnerable to various accidents and acts of vandalism.Therefore,a reliable monitoring system is needed to secure the transmission pipelines.A wireless sensor network is a wireless network consisting of distributed devices distributed at various distances,which monitors the physical and environmental conditions using sensors.Wireless sensor networks have many uses,including the built-in sensor on the outside of the pipeline or installed to support bridge structures,robotics,healthcare,environmental monitoring,etc.Wireless Sensor networks could be used to monitor the temperature,pressure,leak detection and sabotage of transmission lines.Wireless sensor networks are vulnerable to various attacks.Cryptographic algorithms have a good role in information security for wireless sensor networks.Now,various types of cryptographic algorithms provide security in networks,but there are still some problems.In this research,to improve the power of these algorithms,a new hybrid encryption algorithm for monitoring energy transmission lines and increasing the security of wireless sensor networks is proposed.The proposed hybrid encryption algorithm provides the security and timely transmission of data in wireless sensor networks to monitor the transmission pipelines.The proposed algorithm fulfills three principles of cryptography:integrity,confidentiality and authentication.The details of the algorithm and basic concepts are presented in such a way that the algorithm can be operational.展开更多
Ransomware is considered one of the most threatening cyberattacks.Existing solutions have focused mainly on discriminating ransomware by analyzing the apps themselves,but they have overlooked possible ways of hiding r...Ransomware is considered one of the most threatening cyberattacks.Existing solutions have focused mainly on discriminating ransomware by analyzing the apps themselves,but they have overlooked possible ways of hiding ransomware apps and making them difficult to be detected and then analyzed.Therefore,this paper proposes a novel ransomware hiding model by utilizing a block-based High-Efficiency Video Coding(HEVC)steganography approach.The main idea of the proposed steganography approach is the division of the secret ransomware data and cover HEVC frames into different blocks.After that,the Least Significant Bit(LSB)based Hamming Distance(HD)calculation is performed amongst the secret data’s divided blocks and cover frames.Finally,the secret data bits are hidden into the marked bits of the cover HEVC frame-blocks based on the calculated HD value.The main advantage of the suggested steganography approach is the minor impact on the cover HEVC frames after embedding the ransomware while preserving the histogram attributes of the cover video frame with a high imperceptibility.This is due to the utilization of an adaptive steganography cost function during the embedding process.The proposed ransomware hiding approach was heavily examined using subjective and objective tests and applying different HEVC streams with diverse resolutions and different secret ransomware apps of various sizes.The obtained results prove the efficiency of the proposed steganography approach by achieving high capacity and successful embedding process while ensuring the hidden ransomware’s undetectability within the video frames.For example,in terms of embedding quality,the proposed model achieved a high peak signal-to-noise ratio that reached 59.3 dB and a low mean-square-error of 0.07 for the examined HEVC streams.Also,out of 65 antivirus engines,no engine could detect the existence of the embedded ransomware app.展开更多
Security is critical to the success of software,particularly in today’s fast-paced,technology-driven environment.It ensures that data,code,and services maintain their CIA(Confidentiality,Integrity,and Availability).T...Security is critical to the success of software,particularly in today’s fast-paced,technology-driven environment.It ensures that data,code,and services maintain their CIA(Confidentiality,Integrity,and Availability).This is only possible if security is taken into account at all stages of the SDLC(Software Development Life Cycle).Various approaches to software quality have been developed,such as CMMI(Capabilitymaturitymodel integration).However,there exists no explicit solution for incorporating security into all phases of SDLC.One of the major causes of pervasive vulnerabilities is a failure to prioritize security.Even the most proactive companies use the“patch and penetrate”strategy,inwhich security is accessed once the job is completed.Increased cost,time overrun,not integrating testing and input in SDLC,usage of third-party tools and components,and lack of knowledge are all reasons for not paying attention to the security angle during the SDLC,despite the fact that secure software development is essential for business continuity and survival in today’s ICT world.There is a need to implement best practices in SDLC to address security at all levels.To fill this gap,we have provided a detailed overview of secure software development practices while taking care of project costs and deadlines.We proposed a secure SDLC framework based on the identified practices,which integrates the best security practices in various SDLC phases.A mathematical model is used to validate the proposed framework.A case study and findings show that the proposed system aids in the integration of security best practices into the overall SDLC,resulting in more secure applications.展开更多
文摘Purpose: This research aims to evaluate the potential threats to patient privacy and confidentiality posed by mHealth applications on mobile devices. Methodology: A comprehensive literature review was conducted, selecting eighty-eight articles published over the past fifteen years. The study assessed data gathering and storage practices, regulatory adherence, legal structures, consent procedures, user education, and strategies to mitigate risks. Results: The findings reveal significant advancements in technologies designed to safeguard privacy and facilitate the widespread use of mHealth apps. However, persistent ethical issues related to privacy remain largely unchanged despite these technological strides.
文摘Video games have been around for several decades and have had many advancements from the original start of video games. Video games started as virtual games that were advertised towards children, and these virtual games created a virtual reality of a variety of genres. These genres included sports games, such as tennis, football, baseball, war games, fantasy, puzzles, etc. The start of these games was derived from a sports genre and now has a popularity in multiplayer-online-shooting games. The purpose of this paper is to investigate different types of tools available for cheating in virtual world making players have undue advantage over other players in a competition. With the advancement in technology, these video games have become more expanded in the development aspects of gaming. Video game developers have created long lines of codes to create a new look of video games. As video games have progressed, the coding, bugs, bots, and errors of video games have changed throughout the years. The coding of video games has branched out from the original video games, which have given many benefits to this virtual world, while simultaneously creating more problems such as bots. Analysis of tools available for cheating in a game has disadvantaged normal gamer in a fair contest.
基金supported by the National Natural Science Foundation of China under Grants No.61172085,No.61272536,No.11061130539,No.61103221,No.61271118,No.61021004
文摘In this paper, we propose a theoretical-information Confidential Procedure Model (CPM) to quantify confidentiality (or information leakage). The advantages of the CPM model include the following: 1) confidentiality loss is formalized as a dynamic procedure, instead of a static function, and described via the "waterfall" diagram; 2) confidentiality loss is quantified in a relative manner, i.e., taken as a quantitative metric, the ratio of the conditional entropy being reserved after observing the entropy of the original full confidential information; 3) the optimal attacks including exhaustive attacks as well as all possible attacks that have (or have not even) been discovered, are taken into account when defining the novel concept of the confidential degree. To elucidate the proposed model, we analyze the information leakage in side-channel attacks and the anonymity of DC-net in a quantitative manner.
文摘Opportunistic networks(OppNets)are usually a set of smart,wearable,and portable devices or entities with mobility that connect wirelessly without requiring infrastructure.Such a network is of great importance in data transmission,particularly in incidents and disasters,whether man-made or natural.However,message integrity and confidentiality are of concern when dealing with vital and physiological data transmission under strict privacy regulations.In this work,we propose a structure to classify messages based on their priority in different queues.Furthermore,due to the decentralized architecture of OppNets,we propose a blockchain-based structure for providing security for high-priority messages.It contains three sequences of functional blocks with a light and simplified implementation that make it suitable for battery-powered wearable devices that are limited in energy consumption and computational units.The simulation results show that by increasing the number of nodes in the network,the average of the changes in block sizes is neglectable,which addresses the computation bottleneck.Furthermore,we analyze the performance of the proposed structure in terms of message delivery and network overhead compared with the Epidemic and Prophet routing algorithms.These results indicate advancing the overall performance of the proposed algorithm.
基金This work was supported by the Natural Science Foundation of Beijing Municipality(M21037)Key Technologies Research and Development Program(2022YFF0902701)2022 Industrial Internet Public Service Platform-Industrial Internet Oriented Virtual Currency Mining Governance Public Service Platform Project by the Ministry of Industry and Information Technology of PRC,Major Research and Application Project for the Supervision Platform of Virtual Currency Mining Behavior by the Ministry of Education of PRC,and the 111 Project(Grant No.B21049).
文摘Publish/subscribe(pub/sub)systems are widely used in large-scale messaging systems due to their asynchronous and decoupled nature.With the population of pub/sub cloud services,the privacy protection problem of pub/sub systems has started to emerge,and events and subscriptions are exposed when executing event matching on untrustworthy cloud brokers.However,as the number of subscriptions increases,the effectiveness of the previous confidentiality protection approaches declines drastically.In this paper,we propose SBM(scalable blind matching),an effective confidentiality protection scheme for pub/sub systems.To the best of our knowledge,SBM is the first scheme that applies order-preserving encryption algorithm to protect the system’s confidentiality and ensure its scalability.In this scheme,SBM-I is highly effective in subscription matching but is unable to achieve ideal security IND-OCPA,whereas SBM-II is suggested to ensure system security and SGX is used to reduce interaction and boost ciphertext matching performance.The experiment demonstrates that this method has better matching performance compared to others:the average matching time of SBM-I is 3–4 orders of magnitude faster than the matching algorithm MP and SGX-based algorithm SCBR when the number of subscriptions is 500,000,and the average matching time of SBM-II is 40 times faster than MP and 24 times than SCBR.
基金supported through Universiti Sains Malaysia(USM)and the Ministry of Higher Education Malaysia providing the research grant,Fundamental Research Grant Scheme(FRGS-Grant No.FRGS/1/2020/TK0/USM/02/1).
文摘The rapid adoption of Internet of Things(IoT)technologies has introduced significant security challenges across the physical,network,and application layers,particularly with the widespread use of the Message Queue Telemetry Transport(MQTT)protocol,which,while efficient in bandwidth consumption,lacks inherent security features,making it vulnerable to various cyber threats.This research addresses these challenges by presenting a secure,lightweight communication proxy that enhances the scalability and security of MQTT-based Internet of Things(IoT)networks.The proposed solution builds upon the Dang-Scheme,a mutual authentication protocol designed explicitly for resource-constrained environments and enhances it using Elliptic Curve Cryptography(ECC).This integration significantly improves device authentication,data confidentiality,and energy efficiency,achieving an 87.68%increase in data confidentiality and up to 77.04%energy savings during publish/subscribe communications in smart homes.The Middleware Broker System dynamically manages transaction keys and session IDs,offering robust defences against common cyber threats like impersonation and brute-force attacks.Penetration testing with tools such as Hydra and Nmap further validated the system’s security,demonstrating its potential to significantly improve the security and efficiency of IoT networks while underscoring the need for ongoing research to combat emerging threats.
基金partially supported by the National Key Research&Development Program of China(Grant No.2017YFC0822704)National Natural Science Foundation of China(No.61602476,No.61772518 and No.61602475).
文摘Ensuring confidentiality of sensitive data is of paramount importance,since data leakage may not only endanger data owners’privacy,but also ruin reputation of businesses as well as violate various regulations like HIPPA and Sarbanes-Oxley Act.To provide confidentiality guarantee,the data should be protected when they are preserved in the personal computing devices(i.e.,confidentiality during their lifetime);and also,they should be rendered irrecoverable after they are removed from the devices(i.e.,confidentiality after their lifetime).Encryption and secure deletion are used to ensure data confidentiality during and after their lifetime,respectively.This work aims to perform a thorough literature review on the techniques being used to protect confidentiality of the data in personal computing devices,including both encryption and secure deletion.Especially for encryption,we mainly focus on the novel plausibly deniable encryption(PDE),which can ensure data confidentiality against both a coercive(i.e.,the attacker can coerce the data owner for the decryption key)and a non-coercive attacker.
文摘We propose a novel technique to increase the confidentiality of an optical code division multiple access (OCDMA) system. A virtual user technique is analyzed and implemented to make an OCDMA system secure. Using this technique, an eavesdropper will never find an isolated authorized user's signal. When authorized users and virtual users transmit data synchronously and asynehronously, network security increases by 25% and 37.5%, respectively.
基金Deanship of Scientific Research at King Khalid University for funding this work through Large Group Research Project under Grant Number RGP2/249/44.
文摘Security testing is a critical concern for organizations worldwide due to the potential financial setbacks and damage to reputation caused by insecure software systems.One of the challenges in software security testing is test case prioritization,which aims to reduce redundancy in fault occurrences when executing test suites.By effectively applying test case prioritization,both the time and cost required for developing secure software can be reduced.This paper proposes a test case prioritization technique based on the Ant Colony Optimization(ACO)algorithm,a metaheuristic approach.The performance of the ACO-based technique is evaluated using the Average Percentage of Fault Detection(APFD)metric,comparing it with traditional techniques.It has been applied to a Mobile Payment Wallet application to validate the proposed approach.The results demonstrate that the proposed technique outperforms the traditional techniques in terms of the APFD metric.The ACO-based technique achieves an APFD of approximately 76%,two percent higher than the second-best optimal ordering technique.These findings suggest that metaheuristic-based prioritization techniques can effectively identify the best test cases,saving time and improving software security overall.
文摘Attacks on fully integrated servers,apps,and communication networks via the Internet of Things(IoT)are growing exponentially.Sensitive devices’effectiveness harms end users,increases cyber threats and identity theft,raises costs,and negatively impacts income as problems brought on by the Internet of Things network go unnoticed for extended periods.Attacks on Internet of Things interfaces must be closely monitored in real time for effective safety and security.Following the 1,2,3,and 4G cellular networks,the 5th generation wireless 5G network is indeed the great invasion of mankind and is known as the global advancement of cellular networks.Even to this day,experts are working on the evolution’s sixth generation(6G).It offers amazing capabilities for connecting everything,including gadgets and machines,with wavelengths ranging from 1 to 10 mm and frequencies ranging from 300 MHz to 3 GHz.It gives you the most recent information.Many countries have already established this technology within their border.Security is the most crucial aspect of using a 5G network.Because of the absence of study and network deployment,new technology first introduces new gaps for attackers and hackers.Internet Protocol(IP)attacks and intrusion will become more prevalent in this system.An efficient approach to detect intrusion in the 5G network using a Machine Learning algorithm will be provided in this research.This research will highlight the high accuracy rate by validating it for unidentified and suspicious circumstances in the 5G network,such as intruder hackers/attackers.After applying different machine learning algorithms,obtained the best result on Linear Regression Algorithm’s implementation on the dataset results in 92.12%on test data and 92.13%on train data with 92%precision.
文摘The Internet of Things(IoT)is converting today’s physical world into a complex and sophisticated network of connected devices on an enormous scale.The existing malicious node detection mechanism in traditional approaches lacks in transparency,availability,or traceability of the detection phase.To overcome these concerns,we provide a decentralized technique using blockchain technology.Despite the fact that blockchain technology is applicable to create that type of models,existing harmony set of instructions are susceptible to do violence to such as DoS and Sybil,making blockchain systems unfeasible.Here,a new Proof-of-Improved-Participation(PoIP)harmony instruction was suggested that benefits the participation rules to select honest peers for mining while limiting malicious peers.Under an evaluation the PoIP outperforms the Proof-of-Work(PoW)instructions are demonstrated,Proof of Stake(PoS)instructions in terms of energy consumption,accuracy,and bandwidth.To compare the three consensus protocols with respect to efficiency,we build a lightweight mining model andfind that PoIP consensus has greater efficiency than PoW and PoS.PoIP has 25%lower attack risk than existing consensus.As a consequence,our suggested methodology can provide the needed security with minimal attack risk and high accuracy,according to the analysis results.As a result,suggested consensus is more efficient than existing methods in terms of block generation time.Hence we suggest that suggested consensus is very suitable for IoT-based applications especially in healthcare.
文摘This paper deals with the security of stock market transactions within financial markets, particularly that of the West African Economic and Monetary Union (UEMOA). The confidentiality and integrity of sensitive data in the stock market being crucial, the implementation of robust systems which guarantee trust between the different actors is essential. We therefore proposed, after analyzing the limits of several security approaches in the literature, an architecture based on blockchain technology making it possible to both identify and reduce the vulnerabilities linked to the design, implementation work or the use of web applications used for transactions. Our proposal makes it possible, thanks to two-factor authentication via the Blockchain, to strengthen the security of investors’ accounts and the automated recording of transactions in the Blockchain while guaranteeing the integrity of stock market operations. It also provides an application vulnerability report. To validate our approach, we compared our results to those of three other security tools, at the level of different metrics. Our approach achieved the best performance in each case.
文摘Data security and privacy protection have become the focus of cybersecurity protection in many countries.The utilization of confidential computing technology can significantly enhance data security.However,there are a variety of confidential computing technology routes,with significant differences in the principles and interfaces of implementation.There is an urgent need to develop relevant standards and specifications and guide the design,development,deployment and application of confidential computing related products.This paper introduces the development progress of the national standard project“Information security techniques—General framework for the confidential computing”and its pilot application scenarios across various industries.Additionally,it proposes suggestions on modifying and improving the standard to promote the healthy development of the confidential computing industry ecosystem.
基金supported by the National Key Basic Research Program of China(973 program) under Grant No.2012CB315901
文摘In order to provide a practicable solution to data confidentiality in cloud storage service,a data assured deletion scheme,which achieves the fine grained access control,hopping and sniffing attacks resistance,data dynamics and deduplication,is proposed.In our scheme,data blocks are encrypted by a two-level encryption approach,in which the control keys are generated from a key derivation tree,encrypted by an All-OrNothing algorithm and then distributed into DHT network after being partitioned by secret sharing.This guarantees that only authorized users can recover the control keys and then decrypt the outsourced data in an ownerspecified data lifetime.Besides confidentiality,data dynamics and deduplication are also achieved separately by adjustment of key derivation tree and convergent encryption.The analysis and experimental results show that our scheme can satisfy its security goal and perform the assured deletion with low cost.
基金This work has been partly supported by the National Natural Science Foundation of China under Grant No.61702212the Fundamental Research Funds for the Central Universities under Grand NO.CCNU19TS017.
文摘With the rapid development of the Internet of Things(IoT),Location-Based Services(LBS)are becoming more and more popular.However,for the users being served,how to protect their location privacy has become a growing concern.This has led to great difficulty in establishing trust between the users and the service providers,hindering the development of LBS for more comprehensive functions.In this paper,we first establish a strong identity verification mechanism to ensure the authentication security of the system and then design a new location privacy protection mechanism based on the privacy proximity test problem.This mechanism not only guarantees the confidentiality of the user s information during the subsequent information interaction and dynamic data transmission,but also meets the service provider's requirements for related data.
基金supported by National Key Research and Development Program of China (2020YFB1005404)National Natural Science Foundation of China (62172010)Henan Province Higher Education Key Research Project (22A520048)。
文摘The emerging edge computing technology for the Internet of Things has been playing an important role in our daily life. It is promising to utilize a multi-receiver signcryption scheme to protect the transmission data when an edge device broadcasts its sensing data to many different end devices at a time.There are several things to consider when we design a signcryption scheme. First existing schemes need to maintain a secure channel to generate the user private key, which may increase economic costs. Second the system private key of those schemes is kept secret by a single key generation center(KGC), and the single point of failure of KGC may compromise the whole system. For this, we propose a multi-receiver multimessage signcryption scheme without the secure channel. Firstly the scheme allows KGC to send secrets through the public channel, which reduces maintenance costs. Secondly, to eliminate the single point of failure, the scheme utilizes multiple KGCs to manage the system private key, and updates the secret of each KGC periodically to resist advanced persistent threat attacks. We demonstrate that the proposed scheme can achieve expected security properties. Performance analysis shows that it is with shorter ciphertext length and higher efficiency.
文摘Transmission pipelines are vulnerable to various accidents and acts of vandalism.Therefore,a reliable monitoring system is needed to secure the transmission pipelines.A wireless sensor network is a wireless network consisting of distributed devices distributed at various distances,which monitors the physical and environmental conditions using sensors.Wireless sensor networks have many uses,including the built-in sensor on the outside of the pipeline or installed to support bridge structures,robotics,healthcare,environmental monitoring,etc.Wireless Sensor networks could be used to monitor the temperature,pressure,leak detection and sabotage of transmission lines.Wireless sensor networks are vulnerable to various attacks.Cryptographic algorithms have a good role in information security for wireless sensor networks.Now,various types of cryptographic algorithms provide security in networks,but there are still some problems.In this research,to improve the power of these algorithms,a new hybrid encryption algorithm for monitoring energy transmission lines and increasing the security of wireless sensor networks is proposed.The proposed hybrid encryption algorithm provides the security and timely transmission of data in wireless sensor networks to monitor the transmission pipelines.The proposed algorithm fulfills three principles of cryptography:integrity,confidentiality and authentication.The details of the algorithm and basic concepts are presented in such a way that the algorithm can be operational.
文摘Ransomware is considered one of the most threatening cyberattacks.Existing solutions have focused mainly on discriminating ransomware by analyzing the apps themselves,but they have overlooked possible ways of hiding ransomware apps and making them difficult to be detected and then analyzed.Therefore,this paper proposes a novel ransomware hiding model by utilizing a block-based High-Efficiency Video Coding(HEVC)steganography approach.The main idea of the proposed steganography approach is the division of the secret ransomware data and cover HEVC frames into different blocks.After that,the Least Significant Bit(LSB)based Hamming Distance(HD)calculation is performed amongst the secret data’s divided blocks and cover frames.Finally,the secret data bits are hidden into the marked bits of the cover HEVC frame-blocks based on the calculated HD value.The main advantage of the suggested steganography approach is the minor impact on the cover HEVC frames after embedding the ransomware while preserving the histogram attributes of the cover video frame with a high imperceptibility.This is due to the utilization of an adaptive steganography cost function during the embedding process.The proposed ransomware hiding approach was heavily examined using subjective and objective tests and applying different HEVC streams with diverse resolutions and different secret ransomware apps of various sizes.The obtained results prove the efficiency of the proposed steganography approach by achieving high capacity and successful embedding process while ensuring the hidden ransomware’s undetectability within the video frames.For example,in terms of embedding quality,the proposed model achieved a high peak signal-to-noise ratio that reached 59.3 dB and a low mean-square-error of 0.07 for the examined HEVC streams.Also,out of 65 antivirus engines,no engine could detect the existence of the embedded ransomware app.
文摘Security is critical to the success of software,particularly in today’s fast-paced,technology-driven environment.It ensures that data,code,and services maintain their CIA(Confidentiality,Integrity,and Availability).This is only possible if security is taken into account at all stages of the SDLC(Software Development Life Cycle).Various approaches to software quality have been developed,such as CMMI(Capabilitymaturitymodel integration).However,there exists no explicit solution for incorporating security into all phases of SDLC.One of the major causes of pervasive vulnerabilities is a failure to prioritize security.Even the most proactive companies use the“patch and penetrate”strategy,inwhich security is accessed once the job is completed.Increased cost,time overrun,not integrating testing and input in SDLC,usage of third-party tools and components,and lack of knowledge are all reasons for not paying attention to the security angle during the SDLC,despite the fact that secure software development is essential for business continuity and survival in today’s ICT world.There is a need to implement best practices in SDLC to address security at all levels.To fill this gap,we have provided a detailed overview of secure software development practices while taking care of project costs and deadlines.We proposed a secure SDLC framework based on the identified practices,which integrates the best security practices in various SDLC phases.A mathematical model is used to validate the proposed framework.A case study and findings show that the proposed system aids in the integration of security best practices into the overall SDLC,resulting in more secure applications.