Mahmoud Abdallah, Nhien-An Le-Khac, Hamed Z. Jahromi, A. Jurcut
Software-Defined Networking (SDN) is a promising technology for the future Internet. However, the SDN paradigm introduces new attack vectors that do not exist in the conventional distributed networks. This paper develops a hybrid Intrusion Detection System (IDS) by combining the Convolutional Neural Network (CNN) and Long Short-Term Memory Network (LSTM). The proposed model is capable of capturing the spatial and temporal features of the network traffic. Two regularization techniques i.e., L2 Regularization () and dropout method are used to overcome with the overfitting problem. The proposed method improves the intrusion detection performance of zero-day attacks. The InSDN dataset — the most recent dataset for SDN networks is used to test and evaluate the performance of the proposed model. The results indicate that integrating the CNN with LSTM improves the intrusion detection performance and achieves an accuracy of 96.32%. The estimated accuracy is higher than the accuracy of each individual model. In addition, it is established that the regularization techniques improves the performance of the CNN algorithms in detecting new intrusions when compared to the standard CNN. The findings of this study facilitates the development of robust IDS systems for SDN environment.
{"title":"A Hybrid CNN-LSTM Based Approach for Anomaly Detection Systems in SDNs","authors":"Mahmoud Abdallah, Nhien-An Le-Khac, Hamed Z. Jahromi, A. Jurcut","doi":"10.1145/3465481.3469190","DOIUrl":"https://doi.org/10.1145/3465481.3469190","url":null,"abstract":"Software-Defined Networking (SDN) is a promising technology for the future Internet. However, the SDN paradigm introduces new attack vectors that do not exist in the conventional distributed networks. This paper develops a hybrid Intrusion Detection System (IDS) by combining the Convolutional Neural Network (CNN) and Long Short-Term Memory Network (LSTM). The proposed model is capable of capturing the spatial and temporal features of the network traffic. Two regularization techniques i.e., L2 Regularization () and dropout method are used to overcome with the overfitting problem. The proposed method improves the intrusion detection performance of zero-day attacks. The InSDN dataset — the most recent dataset for SDN networks is used to test and evaluate the performance of the proposed model. The results indicate that integrating the CNN with LSTM improves the intrusion detection performance and achieves an accuracy of 96.32%. The estimated accuracy is higher than the accuracy of each individual model. In addition, it is established that the regularization techniques improves the performance of the CNN algorithms in detecting new intrusions when compared to the standard CNN. The findings of this study facilitates the development of robust IDS systems for SDN environment.","PeriodicalId":417395,"journal":{"name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","volume":"133 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121544525","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
D. Megías, M. Kuribayashi, A. Rosales, W. Mazurczyk
Digital media have changed the classical model of mass media that considers the transmitter of a message and a passive receiver, to a model where users of the digital media can appropriate the contents, recreate, and circulate them. In this context, online social media are a suitable circuit for the distribution of fake news and the spread of disinformation. Particularly, photo and video editing tools and recent advances in artificial intelligence allow non-professionals to easily counterfeit multimedia documents and create deep fakes. To avoid the spread of disinformation, some online social media deploy methods to filter fake content. Although this can be an effective method, its centralized approach gives an enormous power to the manager of these services. Considering the above, this paper outlines the main principles and research approach of the ongoing DISSIMILAR project, which is focused on the detection of fake news on social media platforms using information hiding techniques, in particular, digital watermarking, combined with machine learning approaches.
{"title":"DISSIMILAR: Towards fake news detection using information hiding, signal processing and machine learning","authors":"D. Megías, M. Kuribayashi, A. Rosales, W. Mazurczyk","doi":"10.1145/3465481.3470088","DOIUrl":"https://doi.org/10.1145/3465481.3470088","url":null,"abstract":"Digital media have changed the classical model of mass media that considers the transmitter of a message and a passive receiver, to a model where users of the digital media can appropriate the contents, recreate, and circulate them. In this context, online social media are a suitable circuit for the distribution of fake news and the spread of disinformation. Particularly, photo and video editing tools and recent advances in artificial intelligence allow non-professionals to easily counterfeit multimedia documents and create deep fakes. To avoid the spread of disinformation, some online social media deploy methods to filter fake content. Although this can be an effective method, its centralized approach gives an enormous power to the manager of these services. Considering the above, this paper outlines the main principles and research approach of the ongoing DISSIMILAR project, which is focused on the detection of fake news on social media platforms using information hiding techniques, in particular, digital watermarking, combined with machine learning approaches.","PeriodicalId":417395,"journal":{"name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124031777","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Martínez-Rodríguez, Ignacio M. Delgado-Lozano, B. Brumley
In recent years, numerous attacks have appeared that aim to steal secret information from their victim using the power side-channel vector, yet without direct physical access. These attacks are called Remote Power Attacks or Remote Power Analysis, utilizing resources that are natively present inside the victim environment. However, there is no unified definition about the limitations that a power attack requires to be defined as remote. This paper aims to propose a unified definition and concrete threat models to clearly differentiate remote power attacks from non-remote ones. Additionally, we collect the main remote power attacks performed so far from the literature, and the principal proposed countermeasures to avoid them. The search of such countermeasures denoted a clear gap in preventing remote power attacks at the technical level. Thus, the academic community must face an important challenge to avoid this emerging threat, given the clear room for improvement that should be addressed in terms of defense and security of devices that work with private information.
{"title":"SoK: Remote Power Analysis","authors":"M. Martínez-Rodríguez, Ignacio M. Delgado-Lozano, B. Brumley","doi":"10.1145/3465481.3465773","DOIUrl":"https://doi.org/10.1145/3465481.3465773","url":null,"abstract":"In recent years, numerous attacks have appeared that aim to steal secret information from their victim using the power side-channel vector, yet without direct physical access. These attacks are called Remote Power Attacks or Remote Power Analysis, utilizing resources that are natively present inside the victim environment. However, there is no unified definition about the limitations that a power attack requires to be defined as remote. This paper aims to propose a unified definition and concrete threat models to clearly differentiate remote power attacks from non-remote ones. Additionally, we collect the main remote power attacks performed so far from the literature, and the principal proposed countermeasures to avoid them. The search of such countermeasures denoted a clear gap in preventing remote power attacks at the technical level. Thus, the academic community must face an important challenge to avoid this emerging threat, given the clear room for improvement that should be addressed in terms of defense and security of devices that work with private information.","PeriodicalId":417395,"journal":{"name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","volume":"05 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129804235","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
MI-LXC is a framework to simulate an internet-like infrastructure on top of LXC to practice cybersecurity on a realistic environment. MI-LXC follows the infrastructure-as-code paradigm to program the topology of the system and the provisioning of the different hosts. This construction is highly customizable, allowing to create hosts ranging from webservers to graphical desktops. Provisioning of similar subsets of features on different hosts is attained through a template mechanism. MI-LXC currently provides 28 hosts in 11 AS, allowing to simulate BGP routing, DNS, SMTP, HTTP, Certification authorities as well as attacks against these protocols. In this article, we present the MI-LXC framework, the generated infrastructure and some labs on top of it. MI-LXC is a free software (AGPL).
{"title":"MI-LXC: A Small-Scale Internet-Like Environment for Network Security Teaching","authors":"François Lesueur, Camille Noûs","doi":"10.1145/3465481.3469181","DOIUrl":"https://doi.org/10.1145/3465481.3469181","url":null,"abstract":"MI-LXC is a framework to simulate an internet-like infrastructure on top of LXC to practice cybersecurity on a realistic environment. MI-LXC follows the infrastructure-as-code paradigm to program the topology of the system and the provisioning of the different hosts. This construction is highly customizable, allowing to create hosts ranging from webservers to graphical desktops. Provisioning of similar subsets of features on different hosts is attained through a template mechanism. MI-LXC currently provides 28 hosts in 11 AS, allowing to simulate BGP routing, DNS, SMTP, HTTP, Certification authorities as well as attacks against these protocols. In this article, we present the MI-LXC framework, the generated infrastructure and some labs on top of it. MI-LXC is a free software (AGPL).","PeriodicalId":417395,"journal":{"name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129853912","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Wainakh, Aleksej Strassheim, Tim Grube, Jörg Daubert, Max Mühlhäuser
Decentralized online social networks enhance users’ privacy by empowering them to control their data. However, these networks mostly lack for practical solutions for building recommender systems in a privacy-preserving manner that help to improve the network’s services. Association rule mining is one of the basic building blocks for many recommender systems. In this paper, we propose an efficient approach enabling rule mining on distributed data. We leverage the Metropolis-Hasting random walk sampling and distributed FP-Growth mining algorithm to maintain the users’ privacy. We evaluate our approach on three real-world datasets. Results reveal that the approach achieves high average precision scores () for as low as 1% sample size in well-connected social networks with remarkable reduction in communication and computational costs.
{"title":"Enabling Privacy-Preserving Rule Mining in Decentralized Social Networks","authors":"A. Wainakh, Aleksej Strassheim, Tim Grube, Jörg Daubert, Max Mühlhäuser","doi":"10.1145/3465481.3465482","DOIUrl":"https://doi.org/10.1145/3465481.3465482","url":null,"abstract":"Decentralized online social networks enhance users’ privacy by empowering them to control their data. However, these networks mostly lack for practical solutions for building recommender systems in a privacy-preserving manner that help to improve the network’s services. Association rule mining is one of the basic building blocks for many recommender systems. In this paper, we propose an efficient approach enabling rule mining on distributed data. We leverage the Metropolis-Hasting random walk sampling and distributed FP-Growth mining algorithm to maintain the users’ privacy. We evaluate our approach on three real-world datasets. Results reveal that the approach achieves high average precision scores () for as low as 1% sample size in well-connected social networks with remarkable reduction in communication and computational costs.","PeriodicalId":417395,"journal":{"name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125564186","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In the Tor-network are many single-vendor marketplace web sites with a wide range of offers. Some of these vendor websites could be hosted by the same operators. In this paper, a method is presented to find out similarities between these vendor websites to discover possible operational structures between them. In order to accomplish this, similarity values are determined between the darknet websites by combining various features from the different categories structure, content and metadata. A dataset is determined by a first execution of the method and manual validation. Based on this data set, important features are extracted using decision trees. The features of the category structure HTML-Tag, HTML-Class, HTML-DOM-Tree as well as the metadata features File Content and Links-To have proven to be particularly important and can very effectively highlight similarities between darknet web sites. Supported by the similarity detection method, it was found that only 49% of 258 single-vendor marketplaces were unique, i.e. no similar sites existed. In addition, it was possible to find several duplicates of vendor websites, which made up 20%.
{"title":"Discovery of Single-Vendor Marketplace Operators in the Tor-Network","authors":"Fabian Brenner, Florian Platzer, M. Steinebach","doi":"10.1145/3465481.3470026","DOIUrl":"https://doi.org/10.1145/3465481.3470026","url":null,"abstract":"In the Tor-network are many single-vendor marketplace web sites with a wide range of offers. Some of these vendor websites could be hosted by the same operators. In this paper, a method is presented to find out similarities between these vendor websites to discover possible operational structures between them. In order to accomplish this, similarity values are determined between the darknet websites by combining various features from the different categories structure, content and metadata. A dataset is determined by a first execution of the method and manual validation. Based on this data set, important features are extracted using decision trees. The features of the category structure HTML-Tag, HTML-Class, HTML-DOM-Tree as well as the metadata features File Content and Links-To have proven to be particularly important and can very effectively highlight similarities between darknet web sites. Supported by the similarity detection method, it was found that only 49% of 258 single-vendor marketplaces were unique, i.e. no similar sites existed. In addition, it was possible to find several duplicates of vendor websites, which made up 20%.","PeriodicalId":417395,"journal":{"name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124521179","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The open fronthaul interface is a standard protocol for a link between the radio units and the distributed unit in RAN, enabling different vendors interoperable. We study the security requirements of the open fronthaul interface for 5G networks. The O-RAN management plane (M-plane) mandates an end-to-end security using SSHv2, whereas the O-RAN control and user plane (CU-plane) do not support any security measure yet. We investigate MACsec for the CU-plane security, which is recommended as one of security options in the eCPRI specification. Furthermore, we implemented quantum-safe crypto solutions using a hybrid mode key exchange and signature schemes, which can be applied for the post-quantum SSH and MACsec protocols.
{"title":"Secure Open Fronthaul Interface for 5G Networks","authors":"J. Cho, Andrew Sergeev","doi":"10.1145/3465481.3470080","DOIUrl":"https://doi.org/10.1145/3465481.3470080","url":null,"abstract":"The open fronthaul interface is a standard protocol for a link between the radio units and the distributed unit in RAN, enabling different vendors interoperable. We study the security requirements of the open fronthaul interface for 5G networks. The O-RAN management plane (M-plane) mandates an end-to-end security using SSHv2, whereas the O-RAN control and user plane (CU-plane) do not support any security measure yet. We investigate MACsec for the CU-plane security, which is recommended as one of security options in the eCPRI specification. Furthermore, we implemented quantum-safe crypto solutions using a hybrid mode key exchange and signature schemes, which can be applied for the post-quantum SSH and MACsec protocols.","PeriodicalId":417395,"journal":{"name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115833808","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sara Ricci, L. Malina, P. Jedlicka, D. Smekal, J. Hajny, Peter Cíbik, P. Dobias
In July 2020, the lattice-based CRYSTALS-Dilithium digital signature scheme has been chosen as one of the three third-round finalists in the post-quantum cryptography standardization process by the National Institute of Standards and Technology (NIST). In this work, we present the first Very High Speed Integrated Circuit Hardware Description Language (VHDL) implementation of the CRYSTALS-Dilithium signature scheme for Field-Programmable Gate Arrays (FPGAs). Due to our parallelization-based design requiring only low numbers of cycles, running at high frequency and using reasonable amount of hardware resources on FPGA, our implementation is able to sign 15832 messages per second and verify 10524 signatures per second. In particular, the signing algorithm requires 68461 Look-Up Tables (LUTs), 86295 Flip-Flops (FFs), and the verification algorithm takes 61738 LUTs and 34963 FFs on Virtex 7 UltraScale+ FPGAs. In this article, experimental results for each Dilithium security level are provided and our VHDL-based implementation is compared with related High-Level Synthesis (HLS)-based implementations. Our solution is ca 114 times faster (in the signing algorithm) and requires less hardware resources.
{"title":"Implementing CRYSTALS-Dilithium Signature Scheme on FPGAs","authors":"Sara Ricci, L. Malina, P. Jedlicka, D. Smekal, J. Hajny, Peter Cíbik, P. Dobias","doi":"10.1145/3465481.3465756","DOIUrl":"https://doi.org/10.1145/3465481.3465756","url":null,"abstract":"In July 2020, the lattice-based CRYSTALS-Dilithium digital signature scheme has been chosen as one of the three third-round finalists in the post-quantum cryptography standardization process by the National Institute of Standards and Technology (NIST). In this work, we present the first Very High Speed Integrated Circuit Hardware Description Language (VHDL) implementation of the CRYSTALS-Dilithium signature scheme for Field-Programmable Gate Arrays (FPGAs). Due to our parallelization-based design requiring only low numbers of cycles, running at high frequency and using reasonable amount of hardware resources on FPGA, our implementation is able to sign 15832 messages per second and verify 10524 signatures per second. In particular, the signing algorithm requires 68461 Look-Up Tables (LUTs), 86295 Flip-Flops (FFs), and the verification algorithm takes 61738 LUTs and 34963 FFs on Virtex 7 UltraScale+ FPGAs. In this article, experimental results for each Dilithium security level are provided and our VHDL-based implementation is compared with related High-Level Synthesis (HLS)-based implementations. Our solution is ca 114 times faster (in the signing algorithm) and requires less hardware resources.","PeriodicalId":417395,"journal":{"name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133037747","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Vehicles have become connected in many ways. They communicate with the cloud and will use Vehicle-to-Everything (V2X) communication to exchange warning messages and perform cooperative actions such as platooning. Vehicles have already been attacked and will become even more attractive targets due to their increasing connectivity, the amount of data they produce and their importance to our society. It is therefore crucial to provide cyber security measures to prevent and limit the impact of attacks. As it is problematic for a vehicle to reliably assess its own state when it is compromised, we investigate how vehicle trust can be used to identify compromised vehicles and how fleet-wide attacks can be detected at an early stage using cloud data. In our proposed V2C Anomaly Detection framework, peer vehicles assess each other based on their perceived behavior in traffic and V2X-enabled interactions, and upload these assessments to the cloud for analysis. This framework consists of four modules. For each module we define functional demands, interfaces and evaluate solutions proposed in literature allowing manufacturers and fleet owners to choose appropriate techniques. We detail attack scenarios where this type of framework is particularly useful in detecting and identifying potential attacks and failing software and hardware. Furthermore, we describe what basic vehicle data the cloud analysis can be based upon.
{"title":"V2C: A Trust-Based Vehicle to Cloud Anomaly Detection Framework for Automotive Systems","authors":"Thomas Rosenstatter, T. Olovsson, M. Almgren","doi":"10.1145/3465481.3465750","DOIUrl":"https://doi.org/10.1145/3465481.3465750","url":null,"abstract":"Vehicles have become connected in many ways. They communicate with the cloud and will use Vehicle-to-Everything (V2X) communication to exchange warning messages and perform cooperative actions such as platooning. Vehicles have already been attacked and will become even more attractive targets due to their increasing connectivity, the amount of data they produce and their importance to our society. It is therefore crucial to provide cyber security measures to prevent and limit the impact of attacks. As it is problematic for a vehicle to reliably assess its own state when it is compromised, we investigate how vehicle trust can be used to identify compromised vehicles and how fleet-wide attacks can be detected at an early stage using cloud data. In our proposed V2C Anomaly Detection framework, peer vehicles assess each other based on their perceived behavior in traffic and V2X-enabled interactions, and upload these assessments to the cloud for analysis. This framework consists of four modules. For each module we define functional demands, interfaces and evaluate solutions proposed in literature allowing manufacturers and fleet owners to choose appropriate techniques. We detail attack scenarios where this type of framework is particularly useful in detecting and identifying potential attacks and failing software and hardware. Furthermore, we describe what basic vehicle data the cloud analysis can be based upon.","PeriodicalId":417395,"journal":{"name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","volume":"23 1-2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131593989","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Petr Dzurenda, Carles Angles-Tafalla, Sara Ricci, L. Malina
This work presents a complex privacy-preserving solution based on attribute-based credentials and smart contract techniques for emerging parking services in city zones. Our system provides the full set of privacy-enhancing features such as anonymity, untraceability, and unlinkability of user parking registrations. Thanks to that it prevents the city and service providers from profiling and tracking the users (e.g., their movement). Furthermore, we involved smart contracts and the underlying decentralized Blockchain technology in payment and verification phases to prevent the presence of a single point of failure in those processes which can endanger the system’s security and availability. We provide the full cryptographic specification of the system, its security analysis, and the implementation results in this paper.
{"title":"Privacy-Preserving Online Parking Based on Smart Contracts","authors":"Petr Dzurenda, Carles Angles-Tafalla, Sara Ricci, L. Malina","doi":"10.1145/3465481.3470058","DOIUrl":"https://doi.org/10.1145/3465481.3470058","url":null,"abstract":"This work presents a complex privacy-preserving solution based on attribute-based credentials and smart contract techniques for emerging parking services in city zones. Our system provides the full set of privacy-enhancing features such as anonymity, untraceability, and unlinkability of user parking registrations. Thanks to that it prevents the city and service providers from profiling and tracking the users (e.g., their movement). Furthermore, we involved smart contracts and the underlying decentralized Blockchain technology in payment and verification phases to prevent the presence of a single point of failure in those processes which can endanger the system’s security and availability. We provide the full cryptographic specification of the system, its security analysis, and the implementation results in this paper.","PeriodicalId":417395,"journal":{"name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131181556","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: