This paper introduces a comprehensive framework for the detection and identification of malicious smart contracts, emphasizing their vulnerabilities. The framework leverages the capabilities of GPT‐3, which have been adapted and fine‐tuned for binary and multi‐class classification tasks. To the best of our knowledge, this study is the first to explore the use of GPT‐3 specifically for detecting and identifying malicious smart contracts. The framework addresses previously unexplored research questions and provides insightful answers through rigorous experimentation. The contributions of this work include proposing a novel approach, pioneering the adaptation of GPT‐3 for this purpose, and offering valuable insights into the detection of malicious smart contracts and vulnerabilities. Notably, our research reveals that GPT‐3 excels not only in understanding natural language but also in decoding the secrets embedded in numerical codes like opcodes. This finding extends the applicability of GPT‐3 beyond language‐based tasks and highlights its potential in enhancing smart contract security.
{"title":"Detection of malicious smart contracts by fine‐tuning GPT‐3","authors":"Msvpj Sathvik, Hirak Mazumdar","doi":"10.1002/spy2.430","DOIUrl":"https://doi.org/10.1002/spy2.430","url":null,"abstract":"This paper introduces a comprehensive framework for the detection and identification of malicious smart contracts, emphasizing their vulnerabilities. The framework leverages the capabilities of GPT‐3, which have been adapted and fine‐tuned for binary and multi‐class classification tasks. To the best of our knowledge, this study is the first to explore the use of GPT‐3 specifically for detecting and identifying malicious smart contracts. The framework addresses previously unexplored research questions and provides insightful answers through rigorous experimentation. The contributions of this work include proposing a novel approach, pioneering the adaptation of GPT‐3 for this purpose, and offering valuable insights into the detection of malicious smart contracts and vulnerabilities. Notably, our research reveals that GPT‐3 excels not only in understanding natural language but also in decoding the secrets embedded in numerical codes like opcodes. This finding extends the applicability of GPT‐3 beyond language‐based tasks and highlights its potential in enhancing smart contract security.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-06-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141366363","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yi Wang, Hao Yang, Yiming Zhang, Yitao Zhao, Shaoyang Yin
To meet the increasing electricity demand and achieve the goals of “carbon peaking” and “carbon neutrality”, it is urgent to develop a new power system with new energy as the main body and large‐scale integration of power intelligent electronic devices. However, the large‐scale access to intelligent devices will bring new network security issues. In response to network security threats, a power grid network security situational awareness system is established to assess the security situation of the power grid and strengthen the network security. Cloud data sharing enables security monitoring data to flow faster and be fully used to facilitate security situational research and judgment. Nevertheless, in reality, issues such as privacy leakage, data tampering, and unauthorized access hinder the application of cloud data sharing. To solve the above problems, we propose a new secure sharing scheme for power system security monitoring data based on batch verification ring signature. In this scheme, we design a batch verification ring signature algorithm to guarantee users' anonymity and promote the efficiency of data sharing. Then, we formally prove that our scheme achieves three security features: anonymity, confidentiality, and unforgeability. Finally, experimental simulations show that our scheme's computational cost is less than half that of other schemes, which also has lower communication overhead.
{"title":"Privacy‐preserving security monitoring data sharing of new power system based on batch verification ring signature","authors":"Yi Wang, Hao Yang, Yiming Zhang, Yitao Zhao, Shaoyang Yin","doi":"10.1002/spy2.418","DOIUrl":"https://doi.org/10.1002/spy2.418","url":null,"abstract":"To meet the increasing electricity demand and achieve the goals of “carbon peaking” and “carbon neutrality”, it is urgent to develop a new power system with new energy as the main body and large‐scale integration of power intelligent electronic devices. However, the large‐scale access to intelligent devices will bring new network security issues. In response to network security threats, a power grid network security situational awareness system is established to assess the security situation of the power grid and strengthen the network security. Cloud data sharing enables security monitoring data to flow faster and be fully used to facilitate security situational research and judgment. Nevertheless, in reality, issues such as privacy leakage, data tampering, and unauthorized access hinder the application of cloud data sharing. To solve the above problems, we propose a new secure sharing scheme for power system security monitoring data based on batch verification ring signature. In this scheme, we design a batch verification ring signature algorithm to guarantee users' anonymity and promote the efficiency of data sharing. Then, we formally prove that our scheme achieves three security features: anonymity, confidentiality, and unforgeability. Finally, experimental simulations show that our scheme's computational cost is less than half that of other schemes, which also has lower communication overhead.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-06-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141374967","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This study investigates the adoption of quantum computing (QC) technology using the diffusion of innovation (DOI) theory and provides an extensive literature review. We deployed structural equation modeling to analyze data from a survey conducted among 96 top managers in various industries from Canada, the US, and Europe, including IT‐based small and medium‐sized enterprises (SMEs) dealing with QC software development. Our survey analysis indicates that the complexity of QC systems and software is the main barrier to the future adoption of quantum computing. This research offers insights into how future quantum computers can impact the security and privacy of information, emphasizing the importance of privacy protection. In this context, the study contributes to the notion of privacy engineering in the complex context of QC. The study established important outlines and tools for shaping future QCs. Our study, backed by empirical evidence, underscores the significant impact of new technology on citizens', organizations', firms', and government‐private data. The results provide a clear message to policymakers, industry leaders, and developers: privacy engineering should be an integral part of technical development, and it's crucial to act before costs escalate. In this context, our study stands out as one of the few that use NLP and structural equation modeling to address privacy challenges in QC research through experimental research, offering practical solutions to real‐world problems.
本研究利用创新扩散(DOI)理论研究了量子计算(QC)技术的采用情况,并提供了大量文献综述。我们采用结构方程模型对来自加拿大、美国和欧洲不同行业的 96 位高层管理人员进行了调查,其中包括从事量子计算软件开发的 IT 型中小企业(SMEs)。我们的调查分析表明,量子计算系统和软件的复杂性是未来采用量子计算的主要障碍。这项研究为未来量子计算机如何影响信息安全和隐私提供了见解,强调了隐私保护的重要性。在此背景下,本研究为复杂的量子计算背景下的隐私工程概念做出了贡献。研究为塑造未来的量子计算机制定了重要的纲要和工具。我们的研究以经验证据为支撑,强调了新技术对公民、组织、公司以及政府和私人数据的重大影响。研究结果为政策制定者、行业领导者和开发人员提供了一个明确的信息:隐私工程应成为技术开发不可分割的一部分,在成本上升之前采取行动至关重要。在此背景下,我们的研究脱颖而出,成为通过实验研究使用 NLP 和结构方程建模来解决质量控制研究中的隐私挑战的少数研究之一,为现实世界的问题提供了切实可行的解决方案。
{"title":"A survey analysis of quantum computing adoption and the paradigm of privacy engineering","authors":"Nour Mousa, Farid Shirazi","doi":"10.1002/spy2.419","DOIUrl":"https://doi.org/10.1002/spy2.419","url":null,"abstract":"This study investigates the adoption of quantum computing (QC) technology using the diffusion of innovation (DOI) theory and provides an extensive literature review. We deployed structural equation modeling to analyze data from a survey conducted among 96 top managers in various industries from Canada, the US, and Europe, including IT‐based small and medium‐sized enterprises (SMEs) dealing with QC software development. Our survey analysis indicates that the complexity of QC systems and software is the main barrier to the future adoption of quantum computing. This research offers insights into how future quantum computers can impact the security and privacy of information, emphasizing the importance of privacy protection. In this context, the study contributes to the notion of privacy engineering in the complex context of QC. The study established important outlines and tools for shaping future QCs. Our study, backed by empirical evidence, underscores the significant impact of new technology on citizens', organizations', firms', and government‐private data. The results provide a clear message to policymakers, industry leaders, and developers: privacy engineering should be an integral part of technical development, and it's crucial to act before costs escalate. In this context, our study stands out as one of the few that use NLP and structural equation modeling to address privacy challenges in QC research through experimental research, offering practical solutions to real‐world problems.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-06-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141373831","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Electronic medical records are a patient's digital asset that enhances the information available to doctors for tracking their patients' health. When this information is stored in a secure environment, health examination reports can serve as a dependable repository for thorough observation of a patient's well‐being. However, it is crucial for the owner to have control over access to these repositories. In this scenario, a blockchain ecosystem with appropriate access control mechanisms can help create a distributed and decentralized storage platform to ensure the safety and security of data. Developing cost‐effective smart contracts and creating clear design diagrams to represent them are essential for establishing such an ecosystem. This paper introduces a smart contract for the Ethereum blockchain that allows an owner to maintain control over their data. The paper presents a diagram for visually representing the modules within our smart contract, providing readers with a clearer understanding of the access control techniques utilized in implementing our strategies. Our smart contract offers clinicians a valuable means of accessing historical data to promptly evaluate a patient's health in emergency situations. We showcase its efficacy by illustrating how it streamlines insurance claims, where it verifies the patient's coverage and automatically authorizes medical expense payments. Lastly, a study is presented to showcase an effective method of storing the ingested data within the Ethereum network. The suggested approach allows restrictions on data visibility based on the viewer's accessibility through identity‐based access control achieved using additional structures in smart contracts. These structures store filtered records accessible to users based on their viewing privileges. The simulated test bed results support the efficiency of using smart contracts with additional structures in terms of gas consumption when compared to those that use a single structure for read and write operations.
{"title":"Designing efficient patient‐centric smart contracts for healthcare ecosystems with access control capabilities","authors":"Kausthav Pratim Kalita, Debojit Boro, Dhruba Kumar Bhattacharyya","doi":"10.1002/spy2.427","DOIUrl":"https://doi.org/10.1002/spy2.427","url":null,"abstract":"Electronic medical records are a patient's digital asset that enhances the information available to doctors for tracking their patients' health. When this information is stored in a secure environment, health examination reports can serve as a dependable repository for thorough observation of a patient's well‐being. However, it is crucial for the owner to have control over access to these repositories. In this scenario, a blockchain ecosystem with appropriate access control mechanisms can help create a distributed and decentralized storage platform to ensure the safety and security of data. Developing cost‐effective smart contracts and creating clear design diagrams to represent them are essential for establishing such an ecosystem. This paper introduces a smart contract for the Ethereum blockchain that allows an owner to maintain control over their data. The paper presents a diagram for visually representing the modules within our smart contract, providing readers with a clearer understanding of the access control techniques utilized in implementing our strategies. Our smart contract offers clinicians a valuable means of accessing historical data to promptly evaluate a patient's health in emergency situations. We showcase its efficacy by illustrating how it streamlines insurance claims, where it verifies the patient's coverage and automatically authorizes medical expense payments. Lastly, a study is presented to showcase an effective method of storing the ingested data within the Ethereum network. The suggested approach allows restrictions on data visibility based on the viewer's accessibility through identity‐based access control achieved using additional structures in smart contracts. These structures store filtered records accessible to users based on their viewing privileges. The simulated test bed results support the efficiency of using smart contracts with additional structures in terms of gas consumption when compared to those that use a single structure for read and write operations.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-06-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141372182","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Srijanee Mookherji, Odelu Vanga, R. Prasath, A. K. Das
Internet of Medical Things (IoMT) enable users to avail healthcare services remotely. In IoMT, sensor nodes (SNs), like blood pressure sensors and temperature sensors, collect health data from patients and communicate it to Health Workers (HWs) such as doctors, nurses, and so on. The HWs cater to the patients remotely, known as remote patient monitoring (RPM), by using data obtained from SNs. The communicated health data between SNs and HWs are sensitive in nature. Leakage and modification of such data leads to huge consequences, particularly patient death during medical emergencies. Hence, ensuring mutual authentication along with data integrity and privacy is of utmost important in the healthcare domain. In the literature, many authentication protocols are presented for healthcare applications specific to IoMT‐RPM. But, most of the existing approaches fail to provide adequate security against well‐known attacks includes impersonation and man‐in‐the‐middle attacks. In this paper, we propose a privacy preserving authentication protocol for IoMT‐RPM which is secure against various known attacks. We present a rigorous formal security analysis of our protocol under the extended Canetti‐Krawczyk (eCK) adversary model. In addition, we also perform formal verification using Tamarin Prover, a symbolic formal analysis tool. The results show that the proposed protocol is secure under eCK‐adversary model. We then present the comparative performance analysis to show the efficiency of the proposed protocol over the existing protocols. As a result, the proposed protocol provides high security without compromising the performance over the existing protocols, and therefore, our protocol is very much suitable for real‐time applications.
{"title":"A secure authentication protocol for remote patient monitoring in an internet‐of‐medical‐things environment","authors":"Srijanee Mookherji, Odelu Vanga, R. Prasath, A. K. Das","doi":"10.1002/spy2.428","DOIUrl":"https://doi.org/10.1002/spy2.428","url":null,"abstract":"Internet of Medical Things (IoMT) enable users to avail healthcare services remotely. In IoMT, sensor nodes (SNs), like blood pressure sensors and temperature sensors, collect health data from patients and communicate it to Health Workers (HWs) such as doctors, nurses, and so on. The HWs cater to the patients remotely, known as remote patient monitoring (RPM), by using data obtained from SNs. The communicated health data between SNs and HWs are sensitive in nature. Leakage and modification of such data leads to huge consequences, particularly patient death during medical emergencies. Hence, ensuring mutual authentication along with data integrity and privacy is of utmost important in the healthcare domain. In the literature, many authentication protocols are presented for healthcare applications specific to IoMT‐RPM. But, most of the existing approaches fail to provide adequate security against well‐known attacks includes impersonation and man‐in‐the‐middle attacks. In this paper, we propose a privacy preserving authentication protocol for IoMT‐RPM which is secure against various known attacks. We present a rigorous formal security analysis of our protocol under the extended Canetti‐Krawczyk (eCK) adversary model. In addition, we also perform formal verification using Tamarin Prover, a symbolic formal analysis tool. The results show that the proposed protocol is secure under eCK‐adversary model. We then present the comparative performance analysis to show the efficiency of the proposed protocol over the existing protocols. As a result, the proposed protocol provides high security without compromising the performance over the existing protocols, and therefore, our protocol is very much suitable for real‐time applications.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141383301","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The widespread adoption of Internet of Things (IoT) devices has revolutionized daily life, offering convenience and efficiency. However, this growth has also brought new security challenges. With the escalating use of Internet and network technology, the number of cyber‐attacks has increased, intensifying the focus on Intrusion Detection Systems (IDS) among researchers. Network intrusion detection (NID) plays a crucial role in securing IoT networks, becoming essential for modern security infrastructure. Recently, machine learning algorithms have shown promise in providing IDS solutions. Yet, IoT IDS systems face challenges due to their functional and physical diversity, making comprehensive feature utilization impractical. Therefore, effective feature selection becomes imperative. In this research, a novel feature selection methodology for anomaly‐based NIDS is proposed. The methodology commences by employing two filter‐based techniques, namely 1‐way ANOVA and the Pearson correlation coefficient, to meticulously identify and extract pertinent features from the dataset. These methods serve as initial filters to discern the most relevant attributes, ensuring that only the most informative features are retained for subsequent analysis. Subsequently, the most optimal features identified by both methodologies are extracted utilizing the principles of union and intersection in mathematical set theory. Using the NSL‐KDD and UNSW‐NB15 datasets, we exemplify how our model can outperform conventional ML classifiers in terms of detection rate, precision, recall. In our study, intrusion detection is carried out by SVM, kNN, Decision Tree, Logistic Regression and Random Forest using trained attack patterns. The demonstrated results highlight the exceptional performance of the proposed system, with an impressive accuracy rate of 99.6% on the NSL‐KDD dataset and a substantial 97.7% on the UNSW‐NB15 dataset, clearly surpassing the performance of contemporary methods.
{"title":"Network intrusion detection system for IoT security using machine learning and statistical based hybrid feature selection","authors":"Supongmen Walling, Sibesh Lodh","doi":"10.1002/spy2.429","DOIUrl":"https://doi.org/10.1002/spy2.429","url":null,"abstract":"The widespread adoption of Internet of Things (IoT) devices has revolutionized daily life, offering convenience and efficiency. However, this growth has also brought new security challenges. With the escalating use of Internet and network technology, the number of cyber‐attacks has increased, intensifying the focus on Intrusion Detection Systems (IDS) among researchers. Network intrusion detection (NID) plays a crucial role in securing IoT networks, becoming essential for modern security infrastructure. Recently, machine learning algorithms have shown promise in providing IDS solutions. Yet, IoT IDS systems face challenges due to their functional and physical diversity, making comprehensive feature utilization impractical. Therefore, effective feature selection becomes imperative. In this research, a novel feature selection methodology for anomaly‐based NIDS is proposed. The methodology commences by employing two filter‐based techniques, namely 1‐way ANOVA and the Pearson correlation coefficient, to meticulously identify and extract pertinent features from the dataset. These methods serve as initial filters to discern the most relevant attributes, ensuring that only the most informative features are retained for subsequent analysis. Subsequently, the most optimal features identified by both methodologies are extracted utilizing the principles of union and intersection in mathematical set theory. Using the NSL‐KDD and UNSW‐NB15 datasets, we exemplify how our model can outperform conventional ML classifiers in terms of detection rate, precision, recall. In our study, intrusion detection is carried out by SVM, kNN, Decision Tree, Logistic Regression and Random Forest using trained attack patterns. The demonstrated results highlight the exceptional performance of the proposed system, with an impressive accuracy rate of 99.6% on the NSL‐KDD dataset and a substantial 97.7% on the UNSW‐NB15 dataset, clearly surpassing the performance of contemporary methods.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141386198","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Hira Rasheed, Rafidah Md Noor, Norjihan Abdul Ghani, Iftikhar Ahmad
Location‐based services (LBS) leverage the geographical information of a device to deliver information, entertainment, and other services tailored to the user's present location. LBS not only brings leisure to people's lives but also raises concerns about users' privacy. Consequently, location privacy protection has captured the attention of researchers owing to the increased adoption of location‐based services and the potential privacy issues faced by users. Along with location privacy, query privacy is also a crucial privacy concern that incurs possible damage to individual privacy and even to users' safety. Preserving location privacy only secures the user's current location but protection of query privacy guarantees the security of the user's future possible location. However, to the best of our knowledge, none of the relevant studies realized the significance of query privacy. This review paper provides an overview of LBS and its components, classifying the LBS based on: granularity, number of queries, initiator, and range. We investigated the threat model, vulnerabilities, and privacy attacks in LBS, reviewed the approaches used by the researchers to mitigate the location and query privacy threats, and evaluation metrics. We also analyzed the ability of current methods to implicitly/explicitly secure query privacy and the impact of recent technological progression on problem‐building and solution evolution. Finally, this paper concludes by identifying the open issues in the existing research and directions for future work.
{"title":"Preserving location‐query privacy in location‐based services: A review","authors":"Hira Rasheed, Rafidah Md Noor, Norjihan Abdul Ghani, Iftikhar Ahmad","doi":"10.1002/spy2.412","DOIUrl":"https://doi.org/10.1002/spy2.412","url":null,"abstract":"Location‐based services (LBS) leverage the geographical information of a device to deliver information, entertainment, and other services tailored to the user's present location. LBS not only brings leisure to people's lives but also raises concerns about users' privacy. Consequently, location privacy protection has captured the attention of researchers owing to the increased adoption of location‐based services and the potential privacy issues faced by users. Along with location privacy, query privacy is also a crucial privacy concern that incurs possible damage to individual privacy and even to users' safety. Preserving location privacy only secures the user's current location but protection of query privacy guarantees the security of the user's future possible location. However, to the best of our knowledge, none of the relevant studies realized the significance of query privacy. This review paper provides an overview of LBS and its components, classifying the LBS based on: granularity, number of queries, initiator, and range. We investigated the threat model, vulnerabilities, and privacy attacks in LBS, reviewed the approaches used by the researchers to mitigate the location and query privacy threats, and evaluation metrics. We also analyzed the ability of current methods to implicitly/explicitly secure query privacy and the impact of recent technological progression on problem‐building and solution evolution. Finally, this paper concludes by identifying the open issues in the existing research and directions for future work.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-05-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140975350","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Modern technologies of computing cloud are showing great promise, but at the same time create new security challenges that hinder full acceptance. Given that most of these services often use cloud networks as channels for communication, securing data transmission is crucial. This paper introduce a new hybrid encryption algorithm, the proposed two‐layered PRC6 cipher, tailored address security concerns in cloud computing environments with minimal resource constraints. The PRC6 cipher incorporates enhancements from Cha‐cha into an extension of the RC6 cipher. PRC6 implements double encryption. At the first level, the plain text is divided into four equal parts, each encrypted by processes derived from RC6, which include shifting, summation, modulo arithmetic, and XOR with a generated key. The second level incorporates a Quarter round function, among others, to further obscure the encoded message. PRC6 is implemented in a parallel computing model to significantly reduce overall computation time, especially important for lightweight applications. Experimental results show that the algorithm can achieve a high level of security for cloud workloads. It activates parallel mode in just seven encryption rounds, cutting calculation time to 50% in a matter of seconds. Performance evaluations against popular encryption standards also indicate that PRC6 offers promising security benefits when computational resources are limited. This hybrid approach presents a viable solution for strengthening data protection in modern cloud systems and it stand against the most popular attacks like brute force.
{"title":"PRC6: Hybrid lightweight cipher for enhanced cloud data security in parallel environment","authors":"Zahraa A. Mohammed, Khalid Ali Hussein","doi":"10.1002/spy2.413","DOIUrl":"https://doi.org/10.1002/spy2.413","url":null,"abstract":"Modern technologies of computing cloud are showing great promise, but at the same time create new security challenges that hinder full acceptance. Given that most of these services often use cloud networks as channels for communication, securing data transmission is crucial. This paper introduce a new hybrid encryption algorithm, the proposed two‐layered PRC6 cipher, tailored address security concerns in cloud computing environments with minimal resource constraints. The PRC6 cipher incorporates enhancements from Cha‐cha into an extension of the RC6 cipher. PRC6 implements double encryption. At the first level, the plain text is divided into four equal parts, each encrypted by processes derived from RC6, which include shifting, summation, modulo arithmetic, and XOR with a generated key. The second level incorporates a Quarter round function, among others, to further obscure the encoded message. PRC6 is implemented in a parallel computing model to significantly reduce overall computation time, especially important for lightweight applications. Experimental results show that the algorithm can achieve a high level of security for cloud workloads. It activates parallel mode in just seven encryption rounds, cutting calculation time to 50% in a matter of seconds. Performance evaluations against popular encryption standards also indicate that PRC6 offers promising security benefits when computational resources are limited. This hybrid approach presents a viable solution for strengthening data protection in modern cloud systems and it stand against the most popular attacks like brute force.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140977990","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the speedy growth of the populace, corresponding waste also grows, notably raising greater concern about the monitoring of waste in urban areas. Although the traditional method of waste monitoring has benefited city waste management systems, it remains time‐consuming, inefficient, and detrimental to public health. This situation can be improved by integrating advanced technologies, which can significantly enhance the flexibility and performance of waste monitoring systems. However, these advanced technologies encounter numerous security challenges. In this article, we have implemented a signature‐based monitoring approach to oversee the status of smart bins. To ensure the security, robustness, and reliability of the introduced protocol, we utilized tools such as AVISPA, Scyther, the ROR model, and Mao and Boyd logic. As discussed in the informal security analysis, the introduced protocol successfully fulfills the security requirements for smart waste monitoring systems. Finally, an in‐depth comparative analysis of the related works and the introduced protocol shows that the latter provides greater security, reliability, and efficiency. As a result, the reliability and hardness of the cryptographic operations used in the introduced protocol make it secure enough to use in real‐world applications.
随着人口的快速增长,相应的垃圾也随之增加,这尤其引起了人们对城市地区垃圾监测的更大关注。虽然传统的垃圾监测方法有利于城市垃圾管理系统,但仍然耗时长、效率低,而且不利于公众健康。这种情况可以通过整合先进技术得到改善,这些技术可以大大提高垃圾监测系统的灵活性和性能。然而,这些先进技术也遇到了许多安全挑战。在本文中,我们采用了一种基于签名的监控方法来监督智能垃圾箱的状态。为了确保所引入协议的安全性、稳健性和可靠性,我们利用了 AVISPA、Scyther、ROR 模型以及 Mao 和 Boyd 逻辑等工具。正如非正式安全分析中所讨论的那样,引入的协议成功地满足了智能废物监测系统的安全要求。最后,对相关著作和引入协议的深入对比分析表明,后者提供了更高的安全性、可靠性和效率。因此,引入协议中使用的加密操作的可靠性和硬度使其足以在实际应用中安全使用。
{"title":"SiSMA‐SWMS: Signature‐based Secure Monitoring Approach for Smart Waste Monitoring Systems","authors":"Radhika Lama, Sandip Karmakar","doi":"10.1002/spy2.405","DOIUrl":"https://doi.org/10.1002/spy2.405","url":null,"abstract":"With the speedy growth of the populace, corresponding waste also grows, notably raising greater concern about the monitoring of waste in urban areas. Although the traditional method of waste monitoring has benefited city waste management systems, it remains time‐consuming, inefficient, and detrimental to public health. This situation can be improved by integrating advanced technologies, which can significantly enhance the flexibility and performance of waste monitoring systems. However, these advanced technologies encounter numerous security challenges. In this article, we have implemented a signature‐based monitoring approach to oversee the status of smart bins. To ensure the security, robustness, and reliability of the introduced protocol, we utilized tools such as AVISPA, Scyther, the ROR model, and Mao and Boyd logic. As discussed in the informal security analysis, the introduced protocol successfully fulfills the security requirements for smart waste monitoring systems. Finally, an in‐depth comparative analysis of the related works and the introduced protocol shows that the latter provides greater security, reliability, and efficiency. As a result, the reliability and hardness of the cryptographic operations used in the introduced protocol make it secure enough to use in real‐world applications.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141005154","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Shi Jin, Yichun Wang, Zhaofeng Guo, Li Yang, Xiaosan Su
To reduce the security authentication time cost, forwarding delay, and enhance message security of Beidou communication short messages, this paper proposes a Beidou communication short message encryption technology based on SM9 (Mobile Code Secure Communication). This technology uses split hierarchical clustering algorithm to cluster the short message data of Beidou Communication, in order to unify the processing of similar short message data and improve the encryption efficiency of subsequent short messages. Based on the data clustering results, this paper constructs a short message forwarding verification model using the SM9 identification password algorithm, and provides the message content of the communication application protocol and the communication receiving information protocol to achieve low‐cost and efficient forwarding verification. In addition, this article improves the initial value selection of Logistic chaotic mapping by coupling the tent map with coupled mapping lattice (CML) in the spatiotemporal chaos model to generate a chaotic initial value sequence, thereby expanding the key space, enhancing the ability to resist exhaustive attacks, enhancing the randomness of the generated key parameters, and optimizing the encryption effect of short messages. The experimental results show that the short message security authentication time of the technology proposed in this article is basically controlled within 25 ms, and the minimum forwarding delay is only 23.9 ms, which can effectively resist attacks and improve the security of Beidou communication.
{"title":"Short message encryption technology of Beidou communication based on SM9","authors":"Shi Jin, Yichun Wang, Zhaofeng Guo, Li Yang, Xiaosan Su","doi":"10.1002/spy2.411","DOIUrl":"https://doi.org/10.1002/spy2.411","url":null,"abstract":"To reduce the security authentication time cost, forwarding delay, and enhance message security of Beidou communication short messages, this paper proposes a Beidou communication short message encryption technology based on SM9 (Mobile Code Secure Communication). This technology uses split hierarchical clustering algorithm to cluster the short message data of Beidou Communication, in order to unify the processing of similar short message data and improve the encryption efficiency of subsequent short messages. Based on the data clustering results, this paper constructs a short message forwarding verification model using the SM9 identification password algorithm, and provides the message content of the communication application protocol and the communication receiving information protocol to achieve low‐cost and efficient forwarding verification. In addition, this article improves the initial value selection of Logistic chaotic mapping by coupling the tent map with coupled mapping lattice (CML) in the spatiotemporal chaos model to generate a chaotic initial value sequence, thereby expanding the key space, enhancing the ability to resist exhaustive attacks, enhancing the randomness of the generated key parameters, and optimizing the encryption effect of short messages. The experimental results show that the short message security authentication time of the technology proposed in this article is basically controlled within 25 ms, and the minimum forwarding delay is only 23.9 ms, which can effectively resist attacks and improve the security of Beidou communication.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141003248","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}