Preventing Data Leakage in a Cloud Environment

Despite the multifaceted advantages of cloud computing,concerns about data leakage or abuse impedes its adoption for security-sensi tive tasks.Recent investigations have revealed that the risk of unauthorized data access is one of the biggest concerns of users of cloud-based services.Transparency and accountability for data managed in the cloud is necessary.Specifically,when using a cloudhost service,a user typically has to trust both the cloud service provider and cloud infrastructure provider to properly handling private data.This is a multi-party system.Three particular trust models can be used according to the credibility of these providers.This pa per describes techniques for preventing data leakage that can be used with these different models.

A Trustworthiness-Based Distribution Model for Data Leakage Prevention

Under the global circumstances where data leakage gets more and more severe, we present a trustworthiness-based distribution model that aims at data leakage prevention （DLP）. In our model, first, the distributor calculates the user＇s trustworthiness based on his historical behaviors; second, according to the user＇s trustworthiness and his obtained file set overlapping leaked file set, the distributor accesses the probability of the user＇s intentional leak behavior as the subjective risk assessment; third, the distributor evaluates the user＇s platform vulnerability as an objective element; last, the distributor makes decisions whether to distribute the file based on the integrated risk assessment. The experiments indicate that the model can distinguish users of different types and make the probability of malicious users＇ requirements being denied much higher than that of honest users＇ requirements being denied, so that the model is capable of preventing data leakage validly.

Wavelet domain adaptive filtering algorithm for removing the seamless pipe noise contained in the magnetic flux leakage data

With the widespread application and fast development of gas and oil pipeline network in China, the pipeline inspection technology has been used more extensively. The magnetic flux leakage （MFL） method has established itself as the most widely used in-line inspection technique for the evaluation of gas and oil pipelines. The MFL data obtained from seamless pipeline inspection is usually contaminated by the seamless pipe noise （SPN）. SPN can in some cases completely mask MFL signals from certain type of defects, and therefore considerably reduces the detectability of the defect signals. In this paper, a new de-noising algorithm called wavelet domain adaptive filtering is proposed for removing the SPN contained in the MFL data. The new algorithm results from combining the wavelet transform with the adaptive filtering technique. Results from application of the proposed algorithm to the MFL data from field tests show that the proposed algorithm has good performance and considerably improves the detectability of the defect signals in the MFL data.

A Review on Distribution Model for Mobile Agent-Based Information Leakage Prevention

With the continuous use of cloud and distributed computing, the threats associated with data and information technology (IT) in such an environment have also increased. Thus, data security and data leakage prevention have become important in a distributed environment. In this aspect, mobile agent-based systems are one of the latest mechanisms to identify and prevent the intrusion and leakage of the data across the network. Thus, to tackle one or more of the several challenges on Mobile Agent-Based Information Leakage Prevention, this paper aim at providing a comprehensive, detailed, and systematic study of the Distribution Model for Mobile Agent-Based Information Leakage Prevention. This paper involves the review of papers selected from the journals which are published in 2009 and 2019. The critical review is presented for the distributed mobile agent-based intrusion detection systems in terms of their design analysis, techniques, and shortcomings. Initially, eighty-five papers were identified, but a paper selection process reduced the number of papers to thirteen important reviews.

Powermitter:Data Exfiltration from Air-Gapped Computer through Switching Power Supply

Air-gapped computers are isolated both logically and physically from all kinds of existing common communication channel, such as USB ports, wireless and wired net- works. Although the feasibility of infiltrating an air-gapped computer has been proved in recent years, data exfiltration from such sys- tems is still considered to be a challenging task. In this paper we present Powermittcr, a novel approach that can exfiltrate data through an air-gapped computer via its power adapter. Our method utilizes the switched-mode pow- er supply, which exists in all of the laptops, desktop computers and servers nowadays. We demonstrate that a malware can indirectly con- trol the electromagnetic emission frequency of the power supply by leveraging the CPU utili- zation. Furthermore, we show that the emitted signals can be received and demodulated by a dedicated device. We present the proof of con- cept design of the power covert channel and implement a prototype of Powermitter consist- ing of a transmitter and a receiver. The trans- mitter leaks out data by using a variant binary frequency shift keying modulation, and the emitted signal can be captured and decoded by software based virtual oscilloscope through such covert channel. We tested Powermitter on three different computers. The experiment re-suits show the feasibility of this power covert channel. We show that our method can also be used to leak data from different types of embedded systems which use switching power supply.

Secure Federated Learning over Wireless Communication Networks with Model Compression

Although federated learning(FL)has become very popular recently,it is vulnerable to gradient leakage attacks.Recent studies have shown that attackers can reconstruct clients’private data from shared models or gradients.Many existing works focus on adding privacy protection mechanisms to prevent user privacy leakages,such as differential privacy(DP)and homomorphic encryption.These defenses may cause an increase in computation and communication costs or degrade the performance of FL.Besides,they do not consider the impact of wireless network resources on the FL training process.Herein,we propose weight compression,a defense method to prevent gradient leakage attacks for FL over wireless networks.The gradient compression matrix is determined by the user’s location and channel conditions.We also add Gaussian noise to the compressed gradients to strengthen the defense.This joint learning of wireless resource allocation and weight compression matrix is formulated as an optimization problem with the objective of minimizing the FL loss function.To find the solution,we first analyze the convergence rate of FL and quantify the effect of the weight matrix on FL convergence.Then,we seek the optimal resource block(RB)allocation by exhaustive search or ant colony optimization(ACO)and then use the CVX toolbox to obtain the optimal weight matrix to minimize the optimization function.The simulation results show that the optimized RB can accelerate the convergence of FL.

A Method to Improve the Accuracy of Personal Information Detection

It is necessary to confirm the personal data factors and the rules of verification before conducting personal data detection. So that the detection method can be written in the subsequent implementation of the automatic detection tool. This paper will conduct experiments on common personal data factor rules, including domestic personal identity numbers and credit card numbers with checksums. We use ChatGPT to test the accuracy of identifying personal information like ID card identification numbers or credit card numbers. And then use personal data correlation to reduce the time for personal data identification. Although the number of personal information factors found has decreased, it has had a better effect on the actual manual personal data identification. The result shows that it saves about 45% of the calculation time, and the execution efficiency of the accuracy is also improved with the original method by about 22%, which is about 2.2 times higher than the general method. Therefore, the method proposed in this paper can accurately and effectively find out the leftover personal information in the enterprise. .

Development of Sustainable Wireless Resource model through Shrewd Neural Network

Due to an increasing number of wireless spectrums,the network components are tangling with multiple frequencies and the result create hindrance in resource management process.During resource management process,data leakage is one of the sensitive enigma that requires an astute consideration.Considering all these issues,a sustainable wireless resource management proposal(DSWR-SNN)has been developed by incorporating a shrewd Neural Network.The resources are managed by testing performance of each network component connected wirelessly through dataset testing which matches the results from the dataset corpus.The performance of the proposed DSWR-SNN method has been compared with state of the art studies Hopfield Neural Network(HNN),Radio Resource Management(RRM),and Deep Q-Network(DQN),and results are evaluated by conducting simulation using Python with TensorFlow based on Bandwidth Utilization,Duplicate Packet Handling,Data Leakage,and Energy Consumption.The result illustrates the marvelous performance of the proposed method and effective in addressing the challenges of resource allocation in wireless communication systems.

6T SRAM cell analysis for DRV and read stability

The present paper analyzes the hold and read stability with temperature and aspect ratio variations. To reduce the power dissipation, one of the effective techniques is the supply voltage reduction. At this reduced supply voltage the data must be stable. So, the minimum voltage should be discovered which can also retain the data. This voltage is the data retention voltage（DRV）. The DRV for 6T SRAM cell is estimated and analyzed in this paper.The sensitivity analysis is performed for the DRV variation with the variation in the temperature and aspect ratio of the pull up and pull down transistors. Cadence Virtuoso is used for DRV analysis using 45 nm GPDK technology files. After this, the read stability analysis of 6T SRAM cell in terms of SRRV（supply read retention voltage） and WRRV（wordline read retention voltage） is carried out. Read stability in terms of RSNM can be discovered by accessing the internal storage nodes. But in the case of dense SRAM arrays instead of using internal storage nodes,the stability can be discovered by using direct bit line measurements with the help of SRRV and WRRV. SRRV is used to find the minimum supply voltage for which data can be retained during a read operation. Similarly, WRRV is used to find the boosted value of wordline voltage, for which data can be retained during read operation. The SRRV and WRRV values are then analyzed for different Cell Ratios. The results of SRRV and WRRV are then compared with the reported data for the validation of the accuracy of the results.