Pub Date : 2019-08-01DOI: 10.4108/eai.19-8-2019.163134
Zhengping Luo, Zhe Qu, T. Nguyen, Hui Zeng, Zhuo Lu
High Performance Computing (HPC) systems mainly focused on how to improve performances of the computing. It has competitive processing capacity both in terms of calculation speed and available memory. HPC infrastructures are valuable computing resources that need to be carefully guarded and avoid being maliciously used. Thus, vulnerabilities are quintessential issues in HPC systems due to most of jobs and resources run or stored usually are sensitive and high-profit information. In this survey, we comprehensively review securities of HPC systems from a log-analyzing perspective, including well-known attacks and widely used defenses, especially intruder detection methods. We found that log files are used for the security purposes much less than what we expected. How to use all the available log files comprehensively and employ state-of-the-art intrusion techniques to improve the robustness of HPC systems still lies for future research.
{"title":"Security of HPC Systems: From a Log-analyzing Perspective","authors":"Zhengping Luo, Zhe Qu, T. Nguyen, Hui Zeng, Zhuo Lu","doi":"10.4108/eai.19-8-2019.163134","DOIUrl":"https://doi.org/10.4108/eai.19-8-2019.163134","url":null,"abstract":"High Performance Computing (HPC) systems mainly focused on how to improve performances of the computing. It has competitive processing capacity both in terms of calculation speed and available memory. HPC infrastructures are valuable computing resources that need to be carefully guarded and avoid being maliciously used. Thus, vulnerabilities are quintessential issues in HPC systems due to most of jobs and resources run or stored usually are sensitive and high-profit information. In this survey, we comprehensively review securities of HPC systems from a log-analyzing perspective, including well-known attacks and widely used defenses, especially intruder detection methods. We found that log files are used for the security purposes much less than what we expected. How to use all the available log files comprehensively and employ state-of-the-art intrusion techniques to improve the robustness of HPC systems still lies for future research.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133524909","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-08-01DOI: 10.4108/eai.13-7-2018.163091
Andrew Meyer, Sankardas Roy
Digital forensics (DF) tools are used for post-mortem investigation of cyber-crimes. CFTT (Computer Forensics Tool Testing) Program at National Institute of Standards and Technology (NIST) has defined expectations for a DF tool’s behavior. Understanding these expectations and how DF tools work is critical for ensuring integrity of the forensic analysis results. In this paper, we consider standardization of one class of DF tools which are for Deleted File Recovery (DFR). We design a list of canonical test file system images to evaluate a DFR tool. Via extensive experiments we find that many popular DFR tools do not satisfy some of the standards, and we compile a comparative analysis of these tools, which could help the user choose the right tool. Furthermore, one of our research questions identifies the factors which make a DFR tool fail. Moreover, we also provide critique on applicability of the standards. Our findings is likely to trigger more research on compliance of standards from the researcher community as well as the practitioners.
{"title":"Do Metadata-based Deleted-File-Recovery (DFR) Tools Meet NIST Guidelines?","authors":"Andrew Meyer, Sankardas Roy","doi":"10.4108/eai.13-7-2018.163091","DOIUrl":"https://doi.org/10.4108/eai.13-7-2018.163091","url":null,"abstract":"Digital forensics (DF) tools are used for post-mortem investigation of cyber-crimes. CFTT (Computer Forensics Tool Testing) Program at National Institute of Standards and Technology (NIST) has defined expectations for a DF tool’s behavior. Understanding these expectations and how DF tools work is critical for ensuring integrity of the forensic analysis results. In this paper, we consider standardization of one class of DF tools which are for Deleted File Recovery (DFR). We design a list of canonical test file system images to evaluate a DFR tool. Via extensive experiments we find that many popular DFR tools do not satisfy some of the standards, and we compile a comparative analysis of these tools, which could help the user choose the right tool. Furthermore, one of our research questions identifies the factors which make a DFR tool fail. Moreover, we also provide critique on applicability of the standards. Our findings is likely to trigger more research on compliance of standards from the researcher community as well as the practitioners.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121244039","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-04-29DOI: 10.4108/eai.13-7-2018.162290
Anyi Liu, Selena Haidar, Yuan Cheng, Yingjiu Li
{"title":"Confidential State Verification for the Delegated Cloud Jobs with Confidential Audit Log","authors":"Anyi Liu, Selena Haidar, Yuan Cheng, Yingjiu Li","doi":"10.4108/eai.13-7-2018.162290","DOIUrl":"https://doi.org/10.4108/eai.13-7-2018.162290","url":null,"abstract":"","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114900064","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-04-29DOI: 10.4108/eai.13-7-2018.162291
Hongfa Xue, Yurong Chen, Guru Venkataramani, Tian Lan
The rapid inflation of software features brings inefficiency and vulnerabilities into programs, resulting in an increased attack surface with a higher possibility of exploitation. In this paper, we propose a novel framework for automated software mass customization (AMASS), which automatically identifies program features from binaries, tailors and eliminates the features to create customized program binaries in accordance with user needs, in a fully unsupervised fashion. It enables us to modularize program features and efficiently create customized program binaries at large scale. Evaluation using real-world executables including OpenSSL and LibreOffice demonstrates that AMASS can create a wide range of customized binaries for diverse feature requirements, with an average 92.76% accuracy for feature/function identification and up to 67% reduction of program attack surface.
{"title":"AMASS: Automated Software Mass Customization via Feature Identification and Tailoring","authors":"Hongfa Xue, Yurong Chen, Guru Venkataramani, Tian Lan","doi":"10.4108/eai.13-7-2018.162291","DOIUrl":"https://doi.org/10.4108/eai.13-7-2018.162291","url":null,"abstract":"The rapid inflation of software features brings inefficiency and vulnerabilities into programs, resulting in an increased attack surface with a higher possibility of exploitation. In this paper, we propose a novel framework for automated software mass customization (AMASS), which automatically identifies program features from binaries, tailors and eliminates the features to create customized program binaries in accordance with user needs, in a fully unsupervised fashion. It enables us to modularize program features and efficiently create customized program binaries at large scale. Evaluation using real-world executables including OpenSSL and LibreOffice demonstrates that AMASS can create a wide range of customized binaries for diverse feature requirements, with an average 92.76% accuracy for feature/function identification and up to 67% reduction of program attack surface.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115121897","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-04-29DOI: 10.4108/eai.29-1-2019.161977
Weiqi Cui, Jiangmin Yu, Yanmin Gong, Eric Chan-Tin
Website fingerprinting attacks have been shown to be able to predict the website visited even if the network connection is encrypted and anonymized. These attacks have achieved accuracies as high as 92%. Mitigations to these attacks are using cover/decoy network traffic to add noise, padding to ensure all the network packets are the same size, and introducing network delays to confuse an adversary. Although these mitigations have been shown to be effective, reducing the accuracy to 10%, the overhead is high. The latency overhead is above 100% and the bandwidth overhead is at least 30%. We introduce a new realistic cover traffic algorithm, based on a user’s previous network traffic, to mitigate website fingerprinting attacks. In simulations, our algorithm reduces the accuracy of attacks to 14% with zero latency overhead and about 20% bandwidth overhead. In real-world experiments, our algorithms reduces the accuracy of attacks to 16% with only 20% bandwidth overhead. Received on 30 February 2019; accepted on 20 April 2019; published on 29 April 2019
{"title":"Efficient, Effective, and Realistic Website Fingerprinting Mitigation","authors":"Weiqi Cui, Jiangmin Yu, Yanmin Gong, Eric Chan-Tin","doi":"10.4108/eai.29-1-2019.161977","DOIUrl":"https://doi.org/10.4108/eai.29-1-2019.161977","url":null,"abstract":"Website fingerprinting attacks have been shown to be able to predict the website visited even if the network connection is encrypted and anonymized. These attacks have achieved accuracies as high as 92%. Mitigations to these attacks are using cover/decoy network traffic to add noise, padding to ensure all the network packets are the same size, and introducing network delays to confuse an adversary. Although these mitigations have been shown to be effective, reducing the accuracy to 10%, the overhead is high. The latency overhead is above 100% and the bandwidth overhead is at least 30%. We introduce a new realistic cover traffic algorithm, based on a user’s previous network traffic, to mitigate website fingerprinting attacks. In simulations, our algorithm reduces the accuracy of attacks to 14% with zero latency overhead and about 20% bandwidth overhead. In real-world experiments, our algorithms reduces the accuracy of attacks to 16% with only 20% bandwidth overhead. Received on 30 February 2019; accepted on 20 April 2019; published on 29 April 2019","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"86 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115662384","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-04-29DOI: 10.4108/EAI.13-7-2018.159803
V. Sachidananda, Suhas Bhairav, Y. Elovici
Internet of Things (IoT) exposes various vulnerabilities at different levels. One such exploitable vulnerability is Denial of Service (DoS). In this work, we focus on a large-scale extensive study of various forms of DoS and how it can be exploited in different protocols of IoT. We propose an attack and defense framework called OWL which is tailored for IoT and that can perform various forms of DoS on IP, Bluetooth, and Zigbee devices. We consider various DoS vulnerabilities such as illegitimate packet injection, Bluetooth Low Energy (BLE) scanning attack, Zigbee frame counter-attack, etc., regarding IP, Bluetooth and Zigbee devices. To understand how resilient is IoT for DoS, we propose two new metrics to measure the Resilience and the Quality of Service (QoS) degradation in IoT. We have conducted large-scale experimentation with real IoT devices in our security IoT testbed. The experiments conducted are for DoS, Distributed Denial of Service (DDoS) by setting up Mirai and Permanent Denial of Service (PDoS) using BrickerBot on various IoT devices. We have also compared our framework with the existing state of the art tools. Received on 10 February 2019, accepted on 02 April 2019, published on 29 April 2019
{"title":"Spill the Beans: Extrospection of Internet of Things by Exploiting Denial of Service","authors":"V. Sachidananda, Suhas Bhairav, Y. Elovici","doi":"10.4108/EAI.13-7-2018.159803","DOIUrl":"https://doi.org/10.4108/EAI.13-7-2018.159803","url":null,"abstract":"Internet of Things (IoT) exposes various vulnerabilities at different levels. One such exploitable vulnerability is Denial of Service (DoS). In this work, we focus on a large-scale extensive study of various forms of DoS and how it can be exploited in different protocols of IoT. We propose an attack and defense framework called OWL which is tailored for IoT and that can perform various forms of DoS on IP, Bluetooth, and Zigbee devices. We consider various DoS vulnerabilities such as illegitimate packet injection, Bluetooth Low Energy (BLE) scanning attack, Zigbee frame counter-attack, etc., regarding IP, Bluetooth and Zigbee devices. To understand how resilient is IoT for DoS, we propose two new metrics to measure the Resilience and the Quality of Service (QoS) degradation in IoT. We have conducted large-scale experimentation with real IoT devices in our security IoT testbed. The experiments conducted are for DoS, Distributed Denial of Service (DDoS) by setting up Mirai and Permanent Denial of Service (PDoS) using BrickerBot on various IoT devices. We have also compared our framework with the existing state of the art tools. Received on 10 February 2019, accepted on 02 April 2019, published on 29 April 2019","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122129533","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-04-29DOI: 10.4108/eai.29-4-2019.162405
Qiumao Ma, Wensheng Zhang
Most of existing ORAM constructions have communication efficiency as the major optimization priority; the server storage efficiency, however, has not received much attention. Motivated by the observation that, the server storage efficiency is as important as communication efficiency when the storage capacity is very large and/or the outsourced data are not frequently accessed, we propose in this paper a new ORAM construction called Octopus ORAM. Through extensive security analysis and performance comparison, we demonstrate that, Octopus ORAM is secure; also, it significantly improves the server storage efficiency, achieves a comparable level of communication efficiency as state-of-the-art ORAM constructions, at the cost of increased client-side storage, and the increased client-side storage should be affordable to the clients who adopt local facilities such as cloud storage gateways. Received on 04 March 2019; accepted on 26 April 2019; published on 29 April 2019
{"title":"Octopus ORAM: An Oblivious RAM with Communication and Server Storage Efficiency","authors":"Qiumao Ma, Wensheng Zhang","doi":"10.4108/eai.29-4-2019.162405","DOIUrl":"https://doi.org/10.4108/eai.29-4-2019.162405","url":null,"abstract":"Most of existing ORAM constructions have communication efficiency as the major optimization priority; the server storage efficiency, however, has not received much attention. Motivated by the observation that, the server storage efficiency is as important as communication efficiency when the storage capacity is very large and/or the outsourced data are not frequently accessed, we propose in this paper a new ORAM construction called Octopus ORAM. Through extensive security analysis and performance comparison, we demonstrate that, Octopus ORAM is secure; also, it significantly improves the server storage efficiency, achieves a comparable level of communication efficiency as state-of-the-art ORAM constructions, at the cost of increased client-side storage, and the increased client-side storage should be affordable to the clients who adopt local facilities such as cloud storage gateways. Received on 04 March 2019; accepted on 26 April 2019; published on 29 April 2019","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"76 12","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131456358","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-29DOI: 10.4108/EAI.25-1-2019.159347
V. Anastopoulos, S. Katsikas
Organizations collect log data for various reasons, including security related ones. The multitude and diversity of the devices that generate log records increases, resulting to dispersed networks and large volumes of data. The design of a log management infrastructure is usually led by decisions that are commonly based on industry best practices and experience, but fail to adapt to the evolving threat landscape. In this work a novel methodology for the design of a dynamic log management infrastructure is proposed. The proposed methodology leverages social network analysis to relate the infrastructure with the threat landscape, thus enabling it to evolve as threats evolve. The workings of the methodology are demonstrated by means of its application for the design of the log management infrastructure of a real organization.
{"title":"A Methodology for the Dynamic Design of Adaptive Log Management Infrastructures","authors":"V. Anastopoulos, S. Katsikas","doi":"10.4108/EAI.25-1-2019.159347","DOIUrl":"https://doi.org/10.4108/EAI.25-1-2019.159347","url":null,"abstract":"Organizations collect log data for various reasons, including security related ones. The multitude and diversity of the devices that generate log records increases, resulting to dispersed networks and large volumes of data. The design of a log management infrastructure is usually led by decisions that are commonly based on industry best practices and experience, but fail to adapt to the evolving threat landscape. In this work a novel methodology for the design of a dynamic log management infrastructure is proposed. The proposed methodology leverages social network analysis to relate the infrastructure with the threat landscape, thus enabling it to evolve as threats evolve. The workings of the methodology are demonstrated by means of its application for the design of the log management infrastructure of a real organization.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"116 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122623698","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-29DOI: 10.4108/EAI.25-1-2019.159346
Naiwei Liu, Wanyu Zang, Songqing Chen, Meng Yu, R. Sandhu
In recent years, research efforts have been made to develop safe and secure environments for ARM platform. The new ARMv8 architecture brought in security features by design. However, there are still some security problems with ARMv8. For example, on Cortex-A series, there are risks that the system is vulnerable to sidechannel attacks. One major category of side-channel attacks utilizes cache memory to obtain a victim’s secret information. In the cache based side-channel attacks, an attacker measures a sequence of cache operations to obtain a victim’s memory access information, deriving more sensitive information. The success of such attacks highly depends on accurate information about the victim’s cache accesses. In this paper, we describe an innovative approach to defend against side-channel attack on Cortex-A series chips. We also considered the side-channel attacks in the context of using TrustZone protection on ARM. Our adaptive noise injection can significantly reduce the bandwidth of side-channel while maintaining an affordable system overhead. The proposed defense mechanisms can be used on ARM Cortex-A architecture. Our experimental evaluation and theoretical analysis show the effectiveness and efficiency of our proposed defense.
{"title":"Adaptive Noise Injection against Side-Channel Attacks on ARM Platform","authors":"Naiwei Liu, Wanyu Zang, Songqing Chen, Meng Yu, R. Sandhu","doi":"10.4108/EAI.25-1-2019.159346","DOIUrl":"https://doi.org/10.4108/EAI.25-1-2019.159346","url":null,"abstract":"In recent years, research efforts have been made to develop safe and secure environments for ARM platform. The new ARMv8 architecture brought in security features by design. However, there are still some security problems with ARMv8. For example, on Cortex-A series, there are risks that the system is vulnerable to sidechannel attacks. One major category of side-channel attacks utilizes cache memory to obtain a victim’s secret information. In the cache based side-channel attacks, an attacker measures a sequence of cache operations to obtain a victim’s memory access information, deriving more sensitive information. The success of such attacks highly depends on accurate information about the victim’s cache accesses. In this paper, we describe an innovative approach to defend against side-channel attack on Cortex-A series chips. We also considered the side-channel attacks in the context of using TrustZone protection on ARM. Our adaptive noise injection can significantly reduce the bandwidth of side-channel while maintaining an affordable system overhead. The proposed defense mechanisms can be used on ARM Cortex-A architecture. Our experimental evaluation and theoretical analysis show the effectiveness and efficiency of our proposed defense.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132481089","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-29DOI: 10.4108/eai.29-7-2019.159627
Y. Tang, Kai Li, K. Areekijseree, Shuigeng Zhou, Liting Hu
In the era of big data, the data-processing pipeline becomes increasingly distributed among multiple sites. To connect data consumers with remote producers, a public directory service is essential. This is evidenced by adoption in emerging applications such as electronic healthcare. This work systematically studies the privacy-preserving and security hardening of a public directory service. First, we address the privacy preservation of serving a directory over the Internet. With Internet eavesdroppers performing attacks with background knowledge, the directory service has to be privacy preserving, for the compliance with data-protection laws (e.g., HiPAA). We propose techniques to adaptively inject noises to the public directory in such a way that is aware of application-level data schema, effectively preserving privacy and achieving high search recall. Second, we tackle the problem of securely constructing the directory among distrusting data producers. For provable security, we model the directory construction problem by secure multi-party computations (MPC). For efficiency, we propose a pre-computation framework that minimizes the private computation and conducts aggressive pre-computation on public data. In addition, we tackle the systems-level efficiency by exploiting data-level parallelism on general-purpose graphics processing units (GPGPU). We apply the proposed scheme to real health-care scenarios for constructing patient-locator services in emerging Health Information Exchange (or HIE) networks. For privacy evaluation, we conduct extensive analysis of our noise-injecting techniques against various background-knowledge attacks. We conduct experiments on real-world datasets and demonstrate the low attack success rate for the protection effectiveness. For performance evaluation, we implement our MPC optimization techniques on open-source MPC software. Through experiments on local and geo-distributed settings, our performance results show that the proposed pre-computation achieves a speedup of more than an order of magnitude without security loss. Received on 15 December 2018; accepted on 20 January 2019; published on 29 January 2019
{"title":"Privacy-Preserving Multi-Party Directory Services","authors":"Y. Tang, Kai Li, K. Areekijseree, Shuigeng Zhou, Liting Hu","doi":"10.4108/eai.29-7-2019.159627","DOIUrl":"https://doi.org/10.4108/eai.29-7-2019.159627","url":null,"abstract":"In the era of big data, the data-processing pipeline becomes increasingly distributed among multiple sites. To connect data consumers with remote producers, a public directory service is essential. This is evidenced by adoption in emerging applications such as electronic healthcare. This work systematically studies the privacy-preserving and security hardening of a public directory service. First, we address the privacy preservation of serving a directory over the Internet. With Internet eavesdroppers performing attacks with background knowledge, the directory service has to be privacy preserving, for the compliance with data-protection laws (e.g., HiPAA). We propose techniques to adaptively inject noises to the public directory in such a way that is aware of application-level data schema, effectively preserving privacy and achieving high search recall. Second, we tackle the problem of securely constructing the directory among distrusting data producers. For provable security, we model the directory construction problem by secure multi-party computations (MPC). For efficiency, we propose a pre-computation framework that minimizes the private computation and conducts aggressive pre-computation on public data. In addition, we tackle the systems-level efficiency by exploiting data-level parallelism on general-purpose graphics processing units (GPGPU). We apply the proposed scheme to real health-care scenarios for constructing patient-locator services in emerging Health Information Exchange (or HIE) networks. For privacy evaluation, we conduct extensive analysis of our noise-injecting techniques against various background-knowledge attacks. We conduct experiments on real-world datasets and demonstrate the low attack success rate for the protection effectiveness. For performance evaluation, we implement our MPC optimization techniques on open-source MPC software. Through experiments on local and geo-distributed settings, our performance results show that the proposed pre-computation achieves a speedup of more than an order of magnitude without security loss. Received on 15 December 2018; accepted on 20 January 2019; published on 29 January 2019","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116196664","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: