Pub Date : 2017-08-01DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.300
Zengpeng Li, Chunguang Ma, Ding Wang, M. Zhao, Qian Zhao, Lu Zhou
Proxy re-encryption (PRE) is an important cryptographic primitive used for private information sharing. However, the recent advance in quantum computer has potentially crippled its security, as the traditional decisional Diffie-Hellman (DDH)-based PRE is venerable to the quantum attack. Thus, learning with errors (LWE)-based PRE schemes, as a kind of latticebased construction with the inherent quantum-resistant property, has attracted special research interest. Unfortunately, the main drawback of lattice-based public key encryption scheme is noise management after multiplication evaluation. Many cryptographers have been devoted to controlling the expansion of noise. In this line of work, Dagdelen-Gajek-G¨opfert (DGG) put forth the notion of learning with errors in the exponent (LWEE) which is based on lattice and group-theoretic assumption, meanwhile demonstrated a paradigm for constructing efficient quantum resistance public key schemes. In this paper, on top of DGG, we construct a single-bit, single-hop and unidirectional LWEE- based PRE scheme with indistinguishable chosen plaintext attack (IND-CPA) security. To the best of our knowledge, our scheme is the first LWEE-based PRE scheme.
{"title":"Toward Proxy Re-encryption From Learning with Errors in the Exponent","authors":"Zengpeng Li, Chunguang Ma, Ding Wang, M. Zhao, Qian Zhao, Lu Zhou","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.300","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.300","url":null,"abstract":"Proxy re-encryption (PRE) is an important cryptographic primitive used for private information sharing. However, the recent advance in quantum computer has potentially crippled its security, as the traditional decisional Diffie-Hellman (DDH)-based PRE is venerable to the quantum attack. Thus, learning with errors (LWE)-based PRE schemes, as a kind of latticebased construction with the inherent quantum-resistant property, has attracted special research interest. Unfortunately, the main drawback of lattice-based public key encryption scheme is noise management after multiplication evaluation. Many cryptographers have been devoted to controlling the expansion of noise. In this line of work, Dagdelen-Gajek-G¨opfert (DGG) put forth the notion of learning with errors in the exponent (LWEE) which is based on lattice and group-theoretic assumption, meanwhile demonstrated a paradigm for constructing efficient quantum resistance public key schemes. In this paper, on top of DGG, we construct a single-bit, single-hop and unidirectional LWEE- based PRE scheme with indistinguishable chosen plaintext attack (IND-CPA) security. To the best of our knowledge, our scheme is the first LWEE-based PRE scheme.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114678632","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.242
Qian Lu, Haipeng Qu, Y. Zhuang, Xi Jun Lin, Yanyong Zhu, Yunzheng Liu
As the widespread deployment and usage of 802.11-based wireless local area networks (WLANs), Wi-Fi users are vulnerable to be attacked by a security threat called evil twins. The evil twin, a kind of rogue access points (RAPs), masquerades as a legitimate access point (AP) to lure users to connect it. Malicious adversaries can easily configure evil twins on a laptop to induce victim wireless users. The presence of such a threat continuously leads to significant loss of information. In this paper, we propose a passive client-side detection approach that allows users to independently identify and locate evil twins without any assistance from a wireless network administrator. Because of the forwarding behavior of evil twins, proposed method compares 802.11 data frames sent by target APs to users to determine evil twin attacks. We implemented our detection and location technique in a Python tool named ET-spotter. Through implementation and evaluation in our study, our algorithm achieves 96% accuracy in distinguishing evil twins from legitimate APs.
{"title":"A Passive Client-based Approach to Detect Evil Twin Attacks","authors":"Qian Lu, Haipeng Qu, Y. Zhuang, Xi Jun Lin, Yanyong Zhu, Yunzheng Liu","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.242","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.242","url":null,"abstract":"As the widespread deployment and usage of 802.11-based wireless local area networks (WLANs), Wi-Fi users are vulnerable to be attacked by a security threat called evil twins. The evil twin, a kind of rogue access points (RAPs), masquerades as a legitimate access point (AP) to lure users to connect it. Malicious adversaries can easily configure evil twins on a laptop to induce victim wireless users. The presence of such a threat continuously leads to significant loss of information. In this paper, we propose a passive client-side detection approach that allows users to independently identify and locate evil twins without any assistance from a wireless network administrator. Because of the forwarding behavior of evil twins, proposed method compares 802.11 data frames sent by target APs to users to determine evil twin attacks. We implemented our detection and location technique in a Python tool named ET-spotter. Through implementation and evaluation in our study, our algorithm achieves 96% accuracy in distinguishing evil twins from legitimate APs.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"150 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114636911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.308
Xin Wang, Wei Zhang
Graphics processing units(GPUs) have been increasingly used to accelerate general purpose computations. By exploiting massive thread-level parallelism (TLP), GPUs can achieve high throughput as well as memory latency hiding. As a result, a very large register file (RF) is typically required to enable fast and low-cost context switching between tens of thousands of active threads. However, RF resource is still insufficient to enable all thread level parallelism and the lack of RF resources can hurt performance by limiting the occupancy of GPU threads. Moreover, if the available RF capacity can not fit the requirement of a thread block, GPU needs to fetch some variables from local memory which may lead to long memory access latencies. By observing that a large percentage of computed results actually have fewer significant bits compared to the full width of a 32-bit register for many GPGPU applications, we propose a GPU register packing scheme to dynamically exploit narrowwidth operands and pack multiple operands into a single fullwidth register. By using dynamically register packing, more RF space is available which allows GPU to enable more TLP through assigning additional thread blocks on SMs (Streaming Multiprocessors) and thus improve performance. The experimental results show that our GPU register packing scheme can achieve up to 1.96X speedup and 1.18X on average.
{"title":"GPU Register Packing: Dynamically Exploiting Narrow-Width Operands to Improve Performance","authors":"Xin Wang, Wei Zhang","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.308","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.308","url":null,"abstract":"Graphics processing units(GPUs) have been increasingly used to accelerate general purpose computations. By exploiting massive thread-level parallelism (TLP), GPUs can achieve high throughput as well as memory latency hiding. As a result, a very large register file (RF) is typically required to enable fast and low-cost context switching between tens of thousands of active threads. However, RF resource is still insufficient to enable all thread level parallelism and the lack of RF resources can hurt performance by limiting the occupancy of GPU threads. Moreover, if the available RF capacity can not fit the requirement of a thread block, GPU needs to fetch some variables from local memory which may lead to long memory access latencies. By observing that a large percentage of computed results actually have fewer significant bits compared to the full width of a 32-bit register for many GPGPU applications, we propose a GPU register packing scheme to dynamically exploit narrowwidth operands and pack multiple operands into a single fullwidth register. By using dynamically register packing, more RF space is available which allows GPU to enable more TLP through assigning additional thread blocks on SMs (Streaming Multiprocessors) and thus improve performance. The experimental results show that our GPU register packing scheme can achieve up to 1.96X speedup and 1.18X on average.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115717953","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.323
Liying Jiang, Jiafeng Li, L. Zhuo, Ziqi Zhu
Vehicle classification plays an important part in Intelligent Transport System. Recently, deep learning has showed outstanding performance in image classification. However, numerous parameters of the deep network need to be optimized which is time-consuming. PCANet is a light-weight deep learning network that is easy to train. In this paper, a new robust vehicle classification method is proposed, in which the deep features of PCANet, handcrafted features of HOG (Histogram of Oriented Gradient) and HU moments are extracted to describe the content property of vehicles. In addition, the spatial location information is introduced to HU moments to improve its distinguishing ability. The combined features are input to SVM (Support Vector Machine) to train the classification model. The vehicles are classified into six categories, i.e. large bus, car, motorcycle, minibus, truck and van. We construct a VehicleDataset including 13700 vehicle images extracted from real surveillance videos to carry out the experiments. The average classification accuracy can achieve 98.34%, which is 4.49% higher than that obtained from the conventional methods based on "Feature + Classifier" and is also slightly higher than that from GoogLeNet (98.26%). The proposed method doesn't need GPU and has much greater convenience than GoogLeNet. The experimental results have demonstrated that for a specific task, the combination of the deep features obtained from light-weight deep learning network and the handcrafted features can achieve comparable or even higher performance compared to the deeper neural network.
车辆分类是智能交通系统的重要组成部分。近年来,深度学习在图像分类方面表现突出。然而,深度网络中需要优化的参数众多,耗时长。PCANet是一种轻量级的深度学习网络,易于训练。本文提出了一种新的鲁棒车辆分类方法,该方法提取PCANet的深度特征、HOG (Histogram of Oriented Gradient)的手工特征和HU矩来描述车辆的内容属性。此外,将空间位置信息引入HU矩中,提高了HU矩的识别能力。将组合的特征输入到支持向量机(SVM)中训练分类模型。车辆分为六大类,即大客车、轿车、摩托车、小巴、卡车和面包车。我们构建了一个包含13700张从真实监控视频中提取的车辆图像的VehicleDataset来进行实验。平均分类准确率可达到98.34%,比基于“Feature + Classifier”的常规方法的分类准确率提高4.49%,也略高于GoogLeNet的分类准确率98.26%。该方法不需要GPU,且比GoogLeNet具有更大的便利性。实验结果表明,对于特定任务,轻量级深度学习网络获得的深度特征与手工制作的特征相结合可以达到与深层神经网络相当甚至更高的性能。
{"title":"Robust Vehicle Classification Based on the Combination of Deep Features and Handcrafted Features","authors":"Liying Jiang, Jiafeng Li, L. Zhuo, Ziqi Zhu","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.323","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.323","url":null,"abstract":"Vehicle classification plays an important part in Intelligent Transport System. Recently, deep learning has showed outstanding performance in image classification. However, numerous parameters of the deep network need to be optimized which is time-consuming. PCANet is a light-weight deep learning network that is easy to train. In this paper, a new robust vehicle classification method is proposed, in which the deep features of PCANet, handcrafted features of HOG (Histogram of Oriented Gradient) and HU moments are extracted to describe the content property of vehicles. In addition, the spatial location information is introduced to HU moments to improve its distinguishing ability. The combined features are input to SVM (Support Vector Machine) to train the classification model. The vehicles are classified into six categories, i.e. large bus, car, motorcycle, minibus, truck and van. We construct a VehicleDataset including 13700 vehicle images extracted from real surveillance videos to carry out the experiments. The average classification accuracy can achieve 98.34%, which is 4.49% higher than that obtained from the conventional methods based on \"Feature + Classifier\" and is also slightly higher than that from GoogLeNet (98.26%). The proposed method doesn't need GPU and has much greater convenience than GoogLeNet. The experimental results have demonstrated that for a specific task, the combination of the deep features obtained from light-weight deep learning network and the handcrafted features can achieve comparable or even higher performance compared to the deeper neural network.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"64 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123326874","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.252
Lyes Touati, Y. Challal
Attribute Based Encryption (ABE) scheme is a mechanism that allows implementing cryptographic fine grained access control to shared information. It achieves information sharing of type one-to-many users, without considering the number of users and their identities. However, original ABE systems presents some drawbacks, especially the non-efficiency of their attribute/key revocation mechanisms.Based on Ciphertext-Policy ABE (CP-ABE) scheme, we propose an efficient proxy-based immediate private key update for multicast group communications. Our solution does require neither re-encrypting cipher-texts, nor affecting other users (Updating secret keys).The proxy that has been introduced plays the role of a necessary semi-trusted assistant during the decryption process without taking decisions about who is eligible or not to decrypt data.Finally, we demonstrate that our scheme guarantees security requirements that we target and we also show through analysis that our scheme achieves effectively its goals.
{"title":"Mediator-Based Immediate Attribute Revocation Mechanism for CP-ABE in Multicast Group Communications","authors":"Lyes Touati, Y. Challal","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.252","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.252","url":null,"abstract":"Attribute Based Encryption (ABE) scheme is a mechanism that allows implementing cryptographic fine grained access control to shared information. It achieves information sharing of type one-to-many users, without considering the number of users and their identities. However, original ABE systems presents some drawbacks, especially the non-efficiency of their attribute/key revocation mechanisms.Based on Ciphertext-Policy ABE (CP-ABE) scheme, we propose an efficient proxy-based immediate private key update for multicast group communications. Our solution does require neither re-encrypting cipher-texts, nor affecting other users (Updating secret keys).The proxy that has been introduced plays the role of a necessary semi-trusted assistant during the decryption process without taking decisions about who is eligible or not to decrypt data.Finally, we demonstrate that our scheme guarantees security requirements that we target and we also show through analysis that our scheme achieves effectively its goals.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123665570","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.258
G. Modi, V. Laxmi, Smita Naval, M. Gaur
With the phenomenal increase in Android apps usage and storing of personal information on mobile devices, securing this sensitive information has assumed significance. The Android application developers knowingly or unknowingly create apps that may directly or indirectly leak this information to outside world. The majority of state-of-the-art approachesdetect leaks through inter-component communication (ICC) within an app. Android allows inter-component communication (ICC) within the components of the same application or across multiple applications. ICC mechanism is used for the exchange of information among apps. Via ICC, an app or a set of apps can send the sensitive information out of the application or device.In this paper, we propose an approach for intra-app as well as inter-app data transfer analysis through intents and/or sharedpreferences that improve the coverage of leakage paths detectedas compared to existing approaches. Our proposed approach iscapable of analyzing more than two applications at a time. Wehave evaluated proposed approach on the DroidBench datasetand 116 real-time apps randomly selected and downloadedfrom Google PlayStore. We detected 1298 inter-component pathswithin an app and 215 inter-app sensitive paths. Our approachreported ~17.71% of more inter-component paths using sharedpreferences for data transfer.
{"title":"Improving Leakage Path Coverage in Android Apps","authors":"G. Modi, V. Laxmi, Smita Naval, M. Gaur","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.258","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.258","url":null,"abstract":"With the phenomenal increase in Android apps usage and storing of personal information on mobile devices, securing this sensitive information has assumed significance. The Android application developers knowingly or unknowingly create apps that may directly or indirectly leak this information to outside world. The majority of state-of-the-art approachesdetect leaks through inter-component communication (ICC) within an app. Android allows inter-component communication (ICC) within the components of the same application or across multiple applications. ICC mechanism is used for the exchange of information among apps. Via ICC, an app or a set of apps can send the sensitive information out of the application or device.In this paper, we propose an approach for intra-app as well as inter-app data transfer analysis through intents and/or sharedpreferences that improve the coverage of leakage paths detectedas compared to existing approaches. Our proposed approach iscapable of analyzing more than two applications at a time. Wehave evaluated proposed approach on the DroidBench datasetand 116 real-time apps randomly selected and downloadedfrom Google PlayStore. We detected 1298 inter-component pathswithin an app and 215 inter-app sensitive paths. Our approachreported ~17.71% of more inter-component paths using sharedpreferences for data transfer.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128744528","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.275
Yao Liu, Qingkai Zeng, Pinghai Yuan
Obliviousness is crypto primitives which intent to hide access pattern. Although ORAM is strongest crypto model, it incurs significant overhead. Elaine Shi et. al. propose Obliviousness Data Structrue (ODS) that makes a great theriotical improvement comparing to general ORAM algorithm, in case of the data blocks exhibit some degree of access predictability. Take AVL tree as an example, when all data blocks are organized as one AVL tree, every nodes (data blocks) contain position information points to both of its child node. As such, the client can immediately obtain the next position to be accessed instead of issuing another ORAM access to the server for a PosMap lookup. Also, the algorithm need extra client space for updating the AVL tree.In this paper, we introduce oblivious AVL tree NodeLeaper, NodeLeaper for short, which enables position information of all child nodes to share part of bits. As such one can store multiple positions for is child and grandson node positions with same block size. In this way, the search can be processed in a leap manner. As a result, NodeLeaper theriotically needs less ORAM accessand client space for node updating than ODS.
{"title":"NodeLeaper: Lower Overhead Oblivious AVL Tree","authors":"Yao Liu, Qingkai Zeng, Pinghai Yuan","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.275","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.275","url":null,"abstract":"Obliviousness is crypto primitives which intent to hide access pattern. Although ORAM is strongest crypto model, it incurs significant overhead. Elaine Shi et. al. propose Obliviousness Data Structrue (ODS) that makes a great theriotical improvement comparing to general ORAM algorithm, in case of the data blocks exhibit some degree of access predictability. Take AVL tree as an example, when all data blocks are organized as one AVL tree, every nodes (data blocks) contain position information points to both of its child node. As such, the client can immediately obtain the next position to be accessed instead of issuing another ORAM access to the server for a PosMap lookup. Also, the algorithm need extra client space for updating the AVL tree.In this paper, we introduce oblivious AVL tree NodeLeaper, NodeLeaper for short, which enables position information of all child nodes to share part of bits. As such one can store multiple positions for is child and grandson node positions with same block size. In this way, the search can be processed in a leap manner. As a result, NodeLeaper theriotically needs less ORAM accessand client space for node updating than ODS.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125894427","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.331
Changqing Luo, Kaijin Zhang, Sergio Salinas, Pan Li
Modern organizations have collected vast amounts of data created by various systems and applications. Scientists and engineers have a strong desire to advance scientific and engineering knowledge from such massive data. QR factorization is one of the most fundamental mathematical tools for data analysis. However, conducting QR factorization of a matrix requires high computational complexity. This incurs a formidable challenge in efficiently analyzing large-scale data sets by normal users or small companies on traditional resource limited computers. To overcome this limitation, industry and academia propose to employ cloud computing that can offer abundant computing resources. This, however, raises privacy concerns because users' data may contain sensitive information that needs to be hidden for ethical, legal, or security reasons. To this end, we propose a privacy-preserving outsourcing algorithm for efficiently performing large-scale QR factorization. We implement the proposed algorithm on the Amazon Elastic Compute Cloud (EC2) platform and a laptop. The experiment results show significant time saving for the user.
{"title":"Efficient Privacy-Preserving Outsourcing of Large-Scale QR Factorization","authors":"Changqing Luo, Kaijin Zhang, Sergio Salinas, Pan Li","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.331","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.331","url":null,"abstract":"Modern organizations have collected vast amounts of data created by various systems and applications. Scientists and engineers have a strong desire to advance scientific and engineering knowledge from such massive data. QR factorization is one of the most fundamental mathematical tools for data analysis. However, conducting QR factorization of a matrix requires high computational complexity. This incurs a formidable challenge in efficiently analyzing large-scale data sets by normal users or small companies on traditional resource limited computers. To overcome this limitation, industry and academia propose to employ cloud computing that can offer abundant computing resources. This, however, raises privacy concerns because users' data may contain sensitive information that needs to be hidden for ethical, legal, or security reasons. To this end, we propose a privacy-preserving outsourcing algorithm for efficiently performing large-scale QR factorization. We implement the proposed algorithm on the Amazon Elastic Compute Cloud (EC2) platform and a laptop. The experiment results show significant time saving for the user.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"130 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127100314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.294
Hassan Qahur Al Mahri, L. Simpson, Harry Bartlett, E. Dawson, Kenneth Koon-Ho Wong
This paper investigates differential fault attacks against AEZ v4.2 authenticated encryption scheme. AEZ uses three different 128-bit keys (I, J, L) and can potentially work without a nonce or with a repeated nonce. Under these conditions, this paper identifies the best place to apply differential fault attacks. We exploit the structure of AEZ to minimise the total number of faults required for key recovery. We propose an approach that can reduce the number of fault injections required to retrieve all three AEZ keys, I, J and L, from six to four such that these keys are uniquely determined. As a second step, we further reduce the fault injections to three without reducing the success rate of the key recovery attack. This improvement to differential fault attacks on AEZ makes these attacks more practical. The attacks in this paper are verified experimentally using a generic implementation of AEZ v4.2 developed in C.
{"title":"A Fault-based Attack on AEZ v4.2","authors":"Hassan Qahur Al Mahri, L. Simpson, Harry Bartlett, E. Dawson, Kenneth Koon-Ho Wong","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.294","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.294","url":null,"abstract":"This paper investigates differential fault attacks against AEZ v4.2 authenticated encryption scheme. AEZ uses three different 128-bit keys (I, J, L) and can potentially work without a nonce or with a repeated nonce. Under these conditions, this paper identifies the best place to apply differential fault attacks. We exploit the structure of AEZ to minimise the total number of faults required for key recovery. We propose an approach that can reduce the number of fault injections required to retrieve all three AEZ keys, I, J and L, from six to four such that these keys are uniquely determined. As a second step, we further reduce the fault injections to three without reducing the success rate of the key recovery attack. This improvement to differential fault attacks on AEZ makes these attacks more practical. The attacks in this paper are verified experimentally using a generic implementation of AEZ v4.2 developed in C.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"94 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127227276","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.229
Minjian Zhang, Jianwei Hou, Ziqi Zhang, Wenchang Shi, Bo Qin, Bin Liang
Thanks to its flexibility and programmable features, Software-Defined Networking (SDN) has been attracting more and more attention from the academia and the industry. Unfortunately, the fundamental characteristic of SDN that decouples control plane from data plane becomes a potential attack surface as well, which enables adversaries to fingerprint and attack the SDNs. Existing work showed the possibility of fingerprinting an SDN with time-based features. However, they are coarse grained. This paper proposes a fine-grained fingerprinting approach and reveals the much more severe threats to SDN Security. By analyzing network packets, the approach digs out match fields of SDN flow rules innovatively. Being sensitive and control-related information in SDN, the match fields of flow rules can be used to infer the type of an SDN controller and the security policy of the network. With these sensitive configuration information, adversaries can launch more targeted and destructive attacks against an SDN. We implement our approach in both simulative and physical environments. Furthermore, we conduct experiments with different kinds of SDN controllers to verify the effectiveness of our concept. Experiment results demonstrate the feasibility to obtain highly sensitive, fine-grained information in SDN, and hence reveal the high risk of information disclosure in SDN and severe threats of attacks against SDN.
{"title":"Fine-Grained Fingerprinting Threats to Software-Defined Networks","authors":"Minjian Zhang, Jianwei Hou, Ziqi Zhang, Wenchang Shi, Bo Qin, Bin Liang","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.229","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.229","url":null,"abstract":"Thanks to its flexibility and programmable features, Software-Defined Networking (SDN) has been attracting more and more attention from the academia and the industry. Unfortunately, the fundamental characteristic of SDN that decouples control plane from data plane becomes a potential attack surface as well, which enables adversaries to fingerprint and attack the SDNs. Existing work showed the possibility of fingerprinting an SDN with time-based features. However, they are coarse grained. This paper proposes a fine-grained fingerprinting approach and reveals the much more severe threats to SDN Security. By analyzing network packets, the approach digs out match fields of SDN flow rules innovatively. Being sensitive and control-related information in SDN, the match fields of flow rules can be used to infer the type of an SDN controller and the security policy of the network. With these sensitive configuration information, adversaries can launch more targeted and destructive attacks against an SDN. We implement our approach in both simulative and physical environments. Furthermore, we conduct experiments with different kinds of SDN controllers to verify the effectiveness of our concept. Experiment results demonstrate the feasibility to obtain highly sensitive, fine-grained information in SDN, and hence reveal the high risk of information disclosure in SDN and severe threats of attacks against SDN.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133809492","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: