Pub Date : 2014-09-01DOI: 10.1109/AsiaJCIS.2014.23
Nobuaki Furutani, Tao Ban, J. Nakazato, Jumpei Shimamura, Jun Kitazono, S. Ozawa
In this work, we propose a method to discriminate backscatter caused by DDoS attacks from normal traffic. Since DDoS attacks are imminent threats which could give serious economic damages to private companies and public organizations, it is quite important to detect DDoS backscatter as early as possible. To do this, 11 features of port/IP information are defined for network packets which are sent within a short time, and these features of packet traffic are classified by Suppurt Vector Machine (SVM). In the experiments, we use TCP packets for the evaluation because they include control flags (e.g. SYN-ACK, RST-ACK, RST, ACK) which can give label information (i.e. Backscatter or non-backscatter). We confirm that the proposed method can discriminate DDoS backscatter correctly from unknown dark net TCP packets with more than 90% accuracy.
{"title":"Detection of DDoS Backscatter Based on Traffic Features of Darknet TCP Packets","authors":"Nobuaki Furutani, Tao Ban, J. Nakazato, Jumpei Shimamura, Jun Kitazono, S. Ozawa","doi":"10.1109/AsiaJCIS.2014.23","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2014.23","url":null,"abstract":"In this work, we propose a method to discriminate backscatter caused by DDoS attacks from normal traffic. Since DDoS attacks are imminent threats which could give serious economic damages to private companies and public organizations, it is quite important to detect DDoS backscatter as early as possible. To do this, 11 features of port/IP information are defined for network packets which are sent within a short time, and these features of packet traffic are classified by Suppurt Vector Machine (SVM). In the experiments, we use TCP packets for the evaluation because they include control flags (e.g. SYN-ACK, RST-ACK, RST, ACK) which can give label information (i.e. Backscatter or non-backscatter). We confirm that the proposed method can discriminate DDoS backscatter correctly from unknown dark net TCP packets with more than 90% accuracy.","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"1969 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129980181","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the rapid development of electronic commerce, digital credentials are used with increasing frequency. Today users employing digital credentials not only complete the identity authentication process and obtain service, but also attach importance to their anonymity with the concept of privacy protection that is being rapidly developed. For this reason, anonymous credential mechanisms are being increasingly studied. However, while anonymous credentials provide privacy protection for users, the question of how to manage the credentials is a problem for issuers and service providers. In recent years, many literatures have proposed that the revocation list is a challenge to effectively implement, while users and credential consumers receive the corresponding revocation list with massive computational costs. In this paper, we present an improved anonymous credential revocation mechanism in which we examine how users not only provide passive revocation management but must spend considerable time in computational terms. We distribute the permission of revocation to the issuer and the service provider. The revocation phase can be executed only if both issuer and service provider permit, so users are not afraid that the issuer or service provider will access their private information. In addition, the issuer and the service provider can also manage illegal users. Consequently, online service systems can be more widely used. Further, we add a mechanism of time-revocation, which sets a time limit on the revocability of the anonymous credentials. This capability enables the issuer to more effectively manage the revocation phase.
{"title":"Anonymous Credential Scheme Supporting Active Revocation","authors":"Chun-I Fan, Chien-Nan Wu, Jen-Chun Hsu, Yi-Fan Tseng, Wen-Tsuen Chen","doi":"10.1109/AsiaJCIS.2014.17","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2014.17","url":null,"abstract":"With the rapid development of electronic commerce, digital credentials are used with increasing frequency. Today users employing digital credentials not only complete the identity authentication process and obtain service, but also attach importance to their anonymity with the concept of privacy protection that is being rapidly developed. For this reason, anonymous credential mechanisms are being increasingly studied. However, while anonymous credentials provide privacy protection for users, the question of how to manage the credentials is a problem for issuers and service providers. In recent years, many literatures have proposed that the revocation list is a challenge to effectively implement, while users and credential consumers receive the corresponding revocation list with massive computational costs. In this paper, we present an improved anonymous credential revocation mechanism in which we examine how users not only provide passive revocation management but must spend considerable time in computational terms. We distribute the permission of revocation to the issuer and the service provider. The revocation phase can be executed only if both issuer and service provider permit, so users are not afraid that the issuer or service provider will access their private information. In addition, the issuer and the service provider can also manage illegal users. Consequently, online service systems can be more widely used. Further, we add a mechanism of time-revocation, which sets a time limit on the revocability of the anonymous credentials. This capability enables the issuer to more effectively manage the revocation phase.","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134514692","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Nasato Goto, Akira Kanaoka, Masayuki Okada, E. Okamoto
Given the current situation on the Internet, it is important to determine the trust of the communication routes between a client and server. Such determination can only be established by end terminals such as clients and servers, not by intermediate routers or network providers so far. The revelations regarding PRISM and other programs highlight the importance of this issue. In this paper, a method to identify the trust level of a route between a client and a server is proposed. This method identifies the trust level using packet authentication, Probabilistic Packet Marking (PPM), and knowledge bases maintained by trusted third parties. A prototype system of the proposed method was developed and evaluated, and the evaluation results prove its feasibility. To the best of our knowledge, the proposed method is the first method to identify the trust level of a route based on information obtained from intermediate routers or Autonomous Systems (ASs).
{"title":"METRO: Measurement of End-to-End Route Trust","authors":"Nasato Goto, Akira Kanaoka, Masayuki Okada, E. Okamoto","doi":"10.2197/ipsjjip.23.613","DOIUrl":"https://doi.org/10.2197/ipsjjip.23.613","url":null,"abstract":"Given the current situation on the Internet, it is important to determine the trust of the communication routes between a client and server. Such determination can only be established by end terminals such as clients and servers, not by intermediate routers or network providers so far. The revelations regarding PRISM and other programs highlight the importance of this issue. In this paper, a method to identify the trust level of a route between a client and a server is proposed. This method identifies the trust level using packet authentication, Probabilistic Packet Marking (PPM), and knowledge bases maintained by trusted third parties. A prototype system of the proposed method was developed and evaluated, and the evaluation results prove its feasibility. To the best of our knowledge, the proposed method is the first method to identify the trust level of a route based on information obtained from intermediate routers or Autonomous Systems (ASs).","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126543712","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-09-01DOI: 10.1109/AsiaJCIS.2014.13
D. Guan, Yu-Shan Cheng
In this paper, we present a parity detection algorithm for residue number system using three-modulus set {2p -- 1, 2p + 1, 2p2 -- 1}, where p is a positive integer. Given residue number system representation of X = (x1, x2, x3) where x1 = X mod 2p-1, x2 = X mod 2p+1, x3 = X mod 2p2 -- 1. We show that the parity of X can be computed by (x1 + x2 + x3 + G (d) mod 2, where d = p (x2 -- x1) + (2x3 -- x1 -- x2), G (d) = 1, if d > 2 (2p2 -- 1) or d <; 0, otherwise, G(d) = 0.
本文利用三模集{2p—1,2p + 1,2p2—1}给出了残数系统的奇偶检测算法,其中p为正整数。给定X = (x1, x2, x3)的剩数系统表示,其中x1 = X mod 2p-1, x2 = X mod 2p+1, x3 = X mod 2p2 -1。我们证明了X的奇偶性可以用(x1 + x2 + x3 + G (d) mod 2来计算,其中d = p (x2—x1) + (2x3—x1—x2), G (d) = 1,如果d > 2 (2p2—1)或d <;0,否则G(d) = 0。
{"title":"Parity Detection for Some Three-Modulus Residue Number System","authors":"D. Guan, Yu-Shan Cheng","doi":"10.1109/AsiaJCIS.2014.13","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2014.13","url":null,"abstract":"In this paper, we present a parity detection algorithm for residue number system using three-modulus set {2p -- 1, 2p + 1, 2p<sup>2</sup> -- 1}, where p is a positive integer. Given residue number system representation of X = (x1, x2, x3) where x1 = X mod 2p-1, x2 = X mod 2p+1, x<sub>3</sub> = X mod 2p<sup>2</sup> -- 1. We show that the parity of X can be computed by (x1 + x2 + x<sub>3</sub> + G (d) mod 2, where d = p (x2 -- x1) + (2x<sub>3</sub> -- x1 -- x2), G (d) = 1, if d > 2 (2p<sup>2</sup> -- 1) or d <; 0, otherwise, G(d) = 0.","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"102 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115609480","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Vehicular ad hoc networks (VANETs) are advanced instances of mobile ad hoc networks with the aim of enhancing the safety and efficiency of road traffic. The basic idea is to allow arbitrary vehicles to broadcast ad hoc messages (e.g. Traffic accident notifications) to other vehicles and remind drivers to change their routes immediately or slow down to avoid dangers. However, some concerns on security and privacy are also raised in this environment. Messages should be signed and verified before they are trusted while the real identities of vehicles should not be revealed to guarantee source privacy, but they must be still traceable when VANETs were abused (e.g. Sending a fake message). Many related works have been presented in the literature so far. They can be generally divided into two constructions, where one is based on pseudonymous authentication and the other is based on group signatures. However, both of the two constructions have some drawbacks. In a pseudonymous-authentication-based scheme, a large revocation list is usually transmitted among vehicles. A group-signature-based scheme needs a large amount of computations for revocation checking. Furthermore, most of the previous schemes cannot support privacy preservation between roadside units (RSUs) and vehicles. Consequently, in this paper, we come up with a provably secure and strong privacy preserving protocol based on the blind signature technique to guarantee privacy and fulfill other essential security requirements in the vehicular communication environment. Furthermore, compared with other similar works, we offer an efficient tracing mechanism to trace and revoke the vehicles which abused the VANETs. Finally, we provide security analysis to show that our proposed scheme is secure.
{"title":"Strongly Privacy-Preserving Communication Protocol for VANETs","authors":"Chun-I Fan, Wei Sun, Shih-Wei Huang, Wen-Shenq Juang, Jheng-Jia Huang","doi":"10.1109/AsiaJCIS.2014.24","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2014.24","url":null,"abstract":"Vehicular ad hoc networks (VANETs) are advanced instances of mobile ad hoc networks with the aim of enhancing the safety and efficiency of road traffic. The basic idea is to allow arbitrary vehicles to broadcast ad hoc messages (e.g. Traffic accident notifications) to other vehicles and remind drivers to change their routes immediately or slow down to avoid dangers. However, some concerns on security and privacy are also raised in this environment. Messages should be signed and verified before they are trusted while the real identities of vehicles should not be revealed to guarantee source privacy, but they must be still traceable when VANETs were abused (e.g. Sending a fake message). Many related works have been presented in the literature so far. They can be generally divided into two constructions, where one is based on pseudonymous authentication and the other is based on group signatures. However, both of the two constructions have some drawbacks. In a pseudonymous-authentication-based scheme, a large revocation list is usually transmitted among vehicles. A group-signature-based scheme needs a large amount of computations for revocation checking. Furthermore, most of the previous schemes cannot support privacy preservation between roadside units (RSUs) and vehicles. Consequently, in this paper, we come up with a provably secure and strong privacy preserving protocol based on the blind signature technique to guarantee privacy and fulfill other essential security requirements in the vehicular communication environment. Furthermore, compared with other similar works, we offer an efficient tracing mechanism to trace and revoke the vehicles which abused the VANETs. Finally, we provide security analysis to show that our proposed scheme is secure.","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125229723","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This research mainly proposes a method to resolve the bottleneck of running RSA encryption algorithms on CPUs. The RSA encryption algorithm involves with the operation of large numbers. Accompanied by the enhancement of the hardware performance of computers, the RSA key length is increased for providing substantial security. To crack RSA encryption, methods based on factoring of large prime numbers are currently in use, in which GPU parallel techniques have been utilized to speed up factorization of prime numbers in recent years. However, most RSA encryptions are still performed on CPUs. To deal with the increasing speed of cracking through high speed GPU operations, the RSA key length continues to increase and so does the cost of RSA encryption. Presently many researches of RSA encryptions are based on the Montgomery algorithm, in which operations of modular multiplication are parallelized to enhance the performance, however, modulus operations are still performed on the single core CPU. In addition to use the Montgomery algorithm on CPUs to accelerate the RSA encryption algorithm, we also exploit the convolution property of the Fast Fourier Transform and the convergence of the Newton's method. As a result, cooperative heterogeneous computing for parallel processing on CPU/GPU hybrids is used to greatly enhance the encryption performance.
{"title":"Parallel Modulus Operations in RSA Encryption by CPU/GPU Hybrid Computation","authors":"Chu-Hsing Lin, Jung-Chun Liu, Cheng-Chieh Li, Po-Wei Chu","doi":"10.1109/AsiaJCIS.2014.25","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2014.25","url":null,"abstract":"This research mainly proposes a method to resolve the bottleneck of running RSA encryption algorithms on CPUs. The RSA encryption algorithm involves with the operation of large numbers. Accompanied by the enhancement of the hardware performance of computers, the RSA key length is increased for providing substantial security. To crack RSA encryption, methods based on factoring of large prime numbers are currently in use, in which GPU parallel techniques have been utilized to speed up factorization of prime numbers in recent years. However, most RSA encryptions are still performed on CPUs. To deal with the increasing speed of cracking through high speed GPU operations, the RSA key length continues to increase and so does the cost of RSA encryption. Presently many researches of RSA encryptions are based on the Montgomery algorithm, in which operations of modular multiplication are parallelized to enhance the performance, however, modulus operations are still performed on the single core CPU. In addition to use the Montgomery algorithm on CPUs to accelerate the RSA encryption algorithm, we also exploit the convolution property of the Fast Fourier Transform and the convergence of the Newton's method. As a result, cooperative heterogeneous computing for parallel processing on CPU/GPU hybrids is used to greatly enhance the encryption performance.","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126016131","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Confidential data should be encrypted in out-souring services in cloud computing environment in order to minimise the risk of data revealing. There have been many schemes, classified as searchable encryption, which provides capabilities to securely search over encrypted data through keywords without decryption key. In this paper, we try to combine the technique of searchable encryption with a secret sharing scheme that allows us to retrieve the portion of confidential data without recovering data.
{"title":"Secret Sharing Scheme with Efficient Keyword Search for Cloud Storage","authors":"Hiroaki Kikuchi, Kouichi Itoh, Mebae Ushida, Yuji Yamaoka, Takanori Oikawa","doi":"10.1109/AsiaJCIS.2014.33","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2014.33","url":null,"abstract":"Confidential data should be encrypted in out-souring services in cloud computing environment in order to minimise the risk of data revealing. There have been many schemes, classified as searchable encryption, which provides capabilities to securely search over encrypted data through keywords without decryption key. In this paper, we try to combine the technique of searchable encryption with a secret sharing scheme that allows us to retrieve the portion of confidential data without recovering data.","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"85 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133519130","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-09-01DOI: 10.1109/AsiaJCIS.2014.12
Zengguang Liu, Xiaochun Yin, Hoonjae Lee
With the fast emergence of Software-Defined Networking (SDN) and Cloud SIP Fire Wall (SFW), new solution is possible to defend SIP DoS attacks in IMS core network, which is impossible in traditional telecomm network through traditional SFW. In this paper, we first analyze the security threats of SIP DoS attacks in the telecomm network. And then based on the analysis, we construct the SIP DoS attack and defense models using queue theory. Further to this, based on the models, we propose an efficient SIP DoS attack defense scheme which is using priority queue and bandwidth control method. At last, simulation was taken to analyze and verify how our defense scheme improves the performance of cloud SFW and saves bandwidth during SIP DoS attack.
{"title":"An Efficient Defense Scheme against SIP DoS Attack in SDN Using Cloud SFW","authors":"Zengguang Liu, Xiaochun Yin, Hoonjae Lee","doi":"10.1109/AsiaJCIS.2014.12","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2014.12","url":null,"abstract":"With the fast emergence of Software-Defined Networking (SDN) and Cloud SIP Fire Wall (SFW), new solution is possible to defend SIP DoS attacks in IMS core network, which is impossible in traditional telecomm network through traditional SFW. In this paper, we first analyze the security threats of SIP DoS attacks in the telecomm network. And then based on the analysis, we construct the SIP DoS attack and defense models using queue theory. Further to this, based on the models, we propose an efficient SIP DoS attack defense scheme which is using priority queue and bandwidth control method. At last, simulation was taken to analyze and verify how our defense scheme improves the performance of cloud SFW and saves bandwidth during SIP DoS attack.","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122477671","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-09-01DOI: 10.1109/AsiaJCIS.2014.18
Yufeng Wang, Jing Xu
Recently, mobile social networking in proximity (MSNP) has gained tremendous attentions, which refers to the social interactions among physically proximate mobile users directly through the Bluetooth/WiFi interfaces on their Smartphones or other mobile devices. MSNP applications can provide users more opportunities to discover and make new social interactions within proximity area, e.g., Airports, bars or other social spots. However, users enjoy these conveniences at the cost of their growing privacy concerns. Usually, MSNP application consists of three phases. First, two users need discover each other in the neighbor-discovery phase, Second, they need compare their personal profiles in the matching phase, usually called private matching, Last, two matching users enter the interaction phase for real information exchange. In this paper, we concentrate on the privacy mechanisms in the first and second phases. In detail, two primary approaches to solving the privacy-preserving profile-based friend matching problem, are categorized and compared, including private set intersection (PSI) and vector dot product to measures the social proximity, and then, two typical schemes from those approaches are discussed respectively. Our primary goal is to summarize and analyze characteristics, challenges and future directions of the privacy-preserving profile-matching schemes in MSNP.
最近,移动近距离社交网络(mobile social networking in proximity, MSNP)引起了人们的广泛关注,它是指物理距离近的移动用户直接通过智能手机或其他移动设备上的蓝牙/WiFi接口进行的社交活动。MSNP应用程序可以为用户提供更多的机会,在邻近区域发现并进行新的社交互动,例如机场,酒吧或其他社交场所。然而,用户享受这些便利的代价是他们日益增长的隐私担忧。MSNP的应用通常包括三个阶段。首先,两个用户需要在邻居发现阶段发现对方;其次,两个用户需要在匹配阶段比较他们的个人资料,通常称为私有匹配;最后,两个匹配的用户进入交互阶段,进行真正的信息交换。在本文中,我们重点讨论了第一阶段和第二阶段的隐私机制。详细地对基于隐私保护的好友匹配问题的两种主要解决方法进行了分类和比较,包括私有集交集(PSI)和矢量点积(vector dot product)来度量社交接近度,然后分别讨论了这两种方法中的两种典型方案。我们的主要目标是总结和分析MSNP中隐私保护的轮廓匹配方案的特点、挑战和未来的发展方向。
{"title":"Overview on Privacy-Preserving Profile-Matching Mechanisms in Mobile Social Networks in Proximity (MSNP)","authors":"Yufeng Wang, Jing Xu","doi":"10.1109/AsiaJCIS.2014.18","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2014.18","url":null,"abstract":"Recently, mobile social networking in proximity (MSNP) has gained tremendous attentions, which refers to the social interactions among physically proximate mobile users directly through the Bluetooth/WiFi interfaces on their Smartphones or other mobile devices. MSNP applications can provide users more opportunities to discover and make new social interactions within proximity area, e.g., Airports, bars or other social spots. However, users enjoy these conveniences at the cost of their growing privacy concerns. Usually, MSNP application consists of three phases. First, two users need discover each other in the neighbor-discovery phase, Second, they need compare their personal profiles in the matching phase, usually called private matching, Last, two matching users enter the interaction phase for real information exchange. In this paper, we concentrate on the privacy mechanisms in the first and second phases. In detail, two primary approaches to solving the privacy-preserving profile-based friend matching problem, are categorized and compared, including private set intersection (PSI) and vector dot product to measures the social proximity, and then, two typical schemes from those approaches are discussed respectively. Our primary goal is to summarize and analyze characteristics, challenges and future directions of the privacy-preserving profile-matching schemes in MSNP.","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125071253","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-09-01DOI: 10.1109/AsiaJCIS.2014.26
Hiroki Kuzuno, Kenichi Magata
Android applications are widely used and many are 'free' applications which include advertisement (ad) modules that provide ad services and track user behavior statistics. However, these ad modules often collect users' personal information and device identification numbers along with usage statistics, which is a violation of privacy. In our analysis of 1,188 Android applications' network traffic, we identified 797 applications that included 45 previously known ad modules. We analyzed these ad modules' network behavior, and found that they have characteristic network traffic patterns for acquiring ad content, specifically images. In order to accurately differentiate between ad modules' network traffic and valid application network traffic, we propose a novel method based on the distance between network traffic graphs mapping the relationships between HTTP session data (such as HTML or Java Script). This distance describes the similarity between the sessions. Using this method, we can detect ad modules' traffic by comparing session graphs with the graphs of already known ad modules. In our evaluation, we generated 20,903 graphs of applications. We separated the application graphs into those generated by known ad modules (4,698 graphs), those we manually identified as ad modules (2,000 graphs), and standard application traffic. We then applied 1,000 graphs of known ad graphs to the other graph sets (the remaining 3,698 known ad graphs and the 2,000 manually classified ad graphs) to see how accurately they could be used to identify ad graphs. Our approach showed a 76% detection rate for known ad graphs, and a 96% detection rate for manually classified ad graphs.
{"title":"Detecting Advertisement Module Network Behavior with Graph Modeling","authors":"Hiroki Kuzuno, Kenichi Magata","doi":"10.1109/AsiaJCIS.2014.26","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2014.26","url":null,"abstract":"Android applications are widely used and many are 'free' applications which include advertisement (ad) modules that provide ad services and track user behavior statistics. However, these ad modules often collect users' personal information and device identification numbers along with usage statistics, which is a violation of privacy. In our analysis of 1,188 Android applications' network traffic, we identified 797 applications that included 45 previously known ad modules. We analyzed these ad modules' network behavior, and found that they have characteristic network traffic patterns for acquiring ad content, specifically images. In order to accurately differentiate between ad modules' network traffic and valid application network traffic, we propose a novel method based on the distance between network traffic graphs mapping the relationships between HTTP session data (such as HTML or Java Script). This distance describes the similarity between the sessions. Using this method, we can detect ad modules' traffic by comparing session graphs with the graphs of already known ad modules. In our evaluation, we generated 20,903 graphs of applications. We separated the application graphs into those generated by known ad modules (4,698 graphs), those we manually identified as ad modules (2,000 graphs), and standard application traffic. We then applied 1,000 graphs of known ad graphs to the other graph sets (the remaining 3,698 known ad graphs and the 2,000 manually classified ad graphs) to see how accurately they could be used to identify ad graphs. Our approach showed a 76% detection rate for known ad graphs, and a 96% detection rate for manually classified ad graphs.","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117150431","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: