A. A. Chilikov

DOI: https://doi.org/10.24108/mathm.0122.0000262

2022-09-24

Mathematics and Mathematical Modeling

Abstract:A problem of great importance that arises in designing and implementation of a cryptosystem is countering side channel attacks. Often an appropriate mathematical algorithm, implemented on a specific physical device to work in the physical environment, becomes vulnerable to such attacks. The “function sharing” technique is a prospective and efficient way to avoid this problem. In the paper we investigate “non-complete sharing” of Boolean functions and mappings, and functions and mappings over finite fields and provide a complete description of the set of functions with n variables, which have sharing. The main findings are the following: introducing and investigating a new concept of “weak” non-complete n -sharing, establishing its connection with “weak” and “classical” n- sharing, and substantiating its advantages from the algebraic point-of-view as well as establishing and proving a criterion for the existence of weak non-complete n -sharing for an arbitrary function. The results also include an explicit description of a set of functions which have weak sharing in terms of algebraic normal form, obtaining the precise and simple descriptions for the boundary (“border”) cases: n = 2, n=m and binary fields. Applying these results to the AES S-box allows complete solving the problem, i.e. a complete answer to the question of a representability of the S-box of the AES cipher as a sharing is available. We believe that the same way can be successful for other cryptographic algorithms.

Dincy R. Arikkat,Mert Cihangiroglu,Mauro Conti,Rafidha Rehiman K. A.,Serena Nicolazzo,Antonino Nocera,Vinod P

2024-06-20

Abstract:The rise of IT-dependent operations in modern organizations has heightened their vulnerability to cyberattacks. As a growing number of organizations include smart, interconnected devices in their systems to automate their processes, the attack surface becomes much bigger, and the complexity and frequency of attacks pose a significant threat. Consequently, organizations have been compelled to seek innovative approaches to mitigate the menaces inherent in their infrastructure. In response, considerable research efforts have been directed towards creating effective solutions for sharing Cyber Threat Intelligence (CTI). Current information-sharing methods lack privacy safeguards, leaving organizations vulnerable to leaks of both proprietary and confidential data. To tackle this problem, we designed a novel framework called SeCTIS (Secure Cyber Threat Intelligence Sharing), integrating Swarm Learning and Blockchain technologies to enable businesses to collaborate, preserving the privacy of their CTI data. Moreover, our approach provides a way to assess the data and model quality, and the trustworthiness of all the participants leveraging some validators through Zero Knowledge Proofs. An extensive experimental campaign demonstrates our framework's correctness and performance, and the detailed attack model discusses its robustness against attacks in the context of data and model quality.

Cryptography and Security

Yuxia Cheng,Qing Wu,Wenzhi Chen,Bei Wang

DOI: https://doi.org/10.1016/j.jpdc.2018.07.014

IF: 4.542

2018-01-01

Journal of Parallel and Distributed Computing

Abstract:Transmissible cyber threats have become one of the most serious security issues in cyberspace. Many techniques have been proposed to model, simulate and identify threats’ sources and their propagation in large-scale distributed networks. Most techniques are based on the analysis of real networks dataset that contains sensitive information. Traditional in-memory analysis of these dataset often causes data leakage due to system vulnerabilities. If the dataset itself is compromised by adversaries, this threat cost would be even higher than the threat being analysed. In this paper, we propose a new distributed shielded execution framework (Disef) for cyber threats analysis. The Disef framework enables efficient distributed analysis of network dataset while achieves security guarantees of data confidentiality and integrity. In-memory dataset is protected by using a new encrypted key–value format and could be efficiently transferred into Intel SGX enabled enclaves for shielded execution. Our experimental results showed that the proposed framework supports secure in-memory analysis of large network dataset and has comparable performance with systems that have no confidentiality and integrity guarantees.

Marcus Birgersson,Cyrille Artho,Musard Balliu

2024-10-14

Abstract:Many applications benefit from computations over the data of multiple users while preserving confidentiality. We present a solution where multiple mutually distrusting users' data can be aggregated with an acceptable overhead, while allowing users to be added to the system at any time without re-encrypting data. Our solution to this problem is to use a Trusted Execution Environment (Intel SGX) for the computation, while the confidential data is encrypted with the data owner's key and can be stored anywhere, without trust in the service provider. We do not require the user to be online during the computation phase and do not require a trusted party to store data in plain text. Still, the computation can only be carried out if the data owner explicitly has given permission. Experiments using common functions such as the sum, least square fit, histogram, and SVM classification, exhibit an average overhead of $1.6 \times$. In addition to these performance experiments, we present a use case for computing the distributions of taxis in a city without revealing the position of any other taxi to the other parties.

Cryptography and Security

Lakshmi Rama Kiran Pasumarthy,Hisham Ali,William J Buchanan,Jawad Ahmad,Audun Josang,Vasileios Mavroeidis,Mouad Lemoudden

DOI: https://doi.org/10.48550/arXiv.2403.05210

2024-03-08

Abstract:There is an increasing need to share threat information for the prevention of widespread cyber-attacks. While threat-related information sharing can be conducted through traditional information exchange methods, such as email communications etc., these methods are often weak in terms of their trustworthiness and privacy. Additionally, the absence of a trust infrastructure between different information-sharing domains also poses significant challenges. These challenges include redactment of information, the Right-to-be-forgotten, and access control to the information-sharing elements. These access issues could be related to time bounds, the trusted deletion of data, and the location of accesses. This paper presents an abstraction of a trusted information-sharing process which integrates Attribute-Based Encryption (ABE), Homomorphic Encryption (HE) and Zero Knowledge Proof (ZKP) integrated into a permissioned ledger, specifically Hyperledger Fabric (HLF). It then provides a protocol exchange between two threat-sharing agents that share encrypted messages through a trusted channel. This trusted channel can only be accessed by those trusted in the sharing and could be enabled for each data-sharing element or set up for long-term sharing.

Cryptography and Security

Adnan Gutub,Faiza Al-Shaarani,Khoulood Alharthi

DOI: https://doi.org/10.1007/s11042-024-19027-9

IF: 2.577

2024-04-21

Multimedia Tools and Applications

Abstract:In the face of malicious cyberattacks, classic security approaches like cryptography and steganography are becoming not sufficient. Secrecy are normally maintained by single party holding control over data causing it possibly being lost or revealed, with or without consciousness. Secret sharing can provide assistance unifying decisions by multi-authorized individuals distributing the target-key over several authorized participants, requested to interact for reconstructing the keys to reveal the privacy. Lately, counting-based secret sharing (CBSS) has been under focus being optimistic, as potential secret sharing scheme that is fast, intuitive, and practical. A primary limitation with this scheme is its restricted number of generated key-shares, which was deployed in the matrix-based secret sharing scheme. Unfortunately, the simple intuition behind these schemes made them prone to smart cyberattacks that can make uncovering the target-key dishonestly possible. In this paper, we demonstrate significant cyberattack weakness in the CBSS scheme, that also applies to the matrix-based scheme making them both unsafely vulnerable to selected key-shares integration. We introduce a novel algorithm that can defend this speculating existence of target-key suffering via exploring the problem deeply and advising appropriate protection procedure. The study enhances the structure secrecy to ensure that the key-shares are fully safeguarded. Our work further tests the security of the CBSS scheme protection strategy experimentations demonstrating remarked organisation robustness as well as possibility of producing sophisticated, versatile security system, to overcome breaching weaknesses of key-shares components for current ongoing developing IT utilizations.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Hisham Ali,Pavlos Papadopoulos,Jawad Ahmad,Nikolaos Pitropakis,Zakwan Jaroucheh,William J. Buchanan

DOI: https://doi.org/10.48550/arXiv.2112.10092

2021-12-19

Abstract:Threat information sharing is considered as one of the proactive defensive approaches for enhancing the overall security of trusted partners. Trusted partner organizations can provide access to past and current cybersecurity threats for reducing the risk of a potential cyberattack - the requirements for threat information sharing range from simplistic sharing of documents to threat intelligence sharing. Therefore, the storage and sharing of highly sensitive threat information raises considerable concerns regarding constructing a secure, trusted threat information exchange infrastructure. Establishing a trusted ecosystem for threat sharing will promote the validity, security, anonymity, scalability, latency efficiency, and traceability of the stored information that protects it from unauthorized disclosure. This paper proposes a system that ensures the security principles mentioned above by utilizing a distributed ledger technology that provides secure decentralized operations through smart contracts and provides a privacy-preserving ecosystem for threat information storage and sharing regarding the MITRE ATT\&CK framework.

Cryptography and Security

Mingyue Wang,Zizhuo Chen,Yinbin Miao,Hejiao Huang,Cong Wang,Xiaohua Jia

DOI: https://doi.org/10.1109/tifs.2023.3333244

IF: 7.231

2023-12-01

IEEE Transactions on Information Forensics and Security

Abstract:Cloud computing has been a research focus in both academic and industrial communities for decades. Along with this trend, Searchable Encryption (SE) technology emerged and developed as data privacy concerns increased. Many schemes are proposed to solve the privacy-preserving data-sharing problem in multi-user scenarios. Most existing solutions are based on the assumption that all users are trusted. However, there will be cross-user leakage when there are malicious or compromised ones. This is because of the inherent linkability of authorization information and the search result when multiple users request data from the same database. To this end, we propose a cross-user leakage mitigation scheme for authorized encrypted data sharing in a two-server model. We utilize a blinding factor to delink authorizations based on Symmetric Multi-Key Searchable Encryption (SMKSE). To break the linkability of query results, we combine the zero-sum garbled Bloom filter with the oblivious transfer technique, where each of the two servers can only know partial information. We devise a group-based Bloom filter structure in indices to improve efficiency. We perform formal security analysis and also demonstrate the efficiency through comparative experiments.

computer science, theory & methods,engineering, electrical & electronic

Divya G. Nair,V. P. Binu,G. Santhosh Kumar

DOI: https://doi.org/10.1109/ICDSE.2014.6974639

2015-02-26

Abstract:Privacy of the outsourced data is one of the major <a class="link-external link-http" href="http://challenge.Insecurity" rel="external noopener nofollow">this http URL</a> of the network environment and untrustworthiness of the service providers are obstacles of making the database as a <a class="link-external link-http" href="http://service.Collection" rel="external noopener nofollow">this http URL</a> and storage of personally identifiable information is a major privacy <a class="link-external link-http" href="http://concern.On" rel="external noopener nofollow">this http URL</a>-line public databases and resources pose a significant risk to user privacy, since a malicious database owner may monitor user queries and infer useful information about the <a class="link-external link-http" href="http://customer.The" rel="external noopener nofollow">this http URL</a> challenge in data privacy is to share data with third-party and at the same time securing the valuable information from unauthorized access and use by third party.A Private Information Retrieval(PIR) scheme allows a user to query database while hiding the identity of the data <a class="link-external link-http" href="http://retrieved.The" rel="external noopener nofollow">this http URL</a> naive solution for confidentiality is to encrypt data before <a class="link-external link-http" href="http://outsourcing.Query" rel="external noopener nofollow">this http URL</a> execution,key management and statistical inference are major challenges in this <a class="link-external link-http" href="http://case.The" rel="external noopener nofollow">this http URL</a> proposed system suggests a mechanism for secure storage and retrieval of private data using the secret sharing <a class="link-external link-http" href="http://technique.The" rel="external noopener nofollow">this http URL</a> idea is to develop a mechanism to store private information with a highly available storage provider which could be accessed from anywhere using queries while hiding the actual data values from the storage <a class="link-external link-http" href="http://provider.The" rel="external noopener nofollow">this http URL</a> private information retrieval system is implemented using Secure Multi-party Computation(SMC) technique which is based on secret sharing. Multi-party Computation enable parties to compute some joint function over their private <a class="link-external link-http" href="http://inputs.The" rel="external noopener nofollow">this http URL</a> query results are obtained by performing a secure computation on the shares owned by the different servers.

Cryptography and Security

P. Santi,D. Muchow

DOI: https://doi.org/10.1177/27.11.512345

1979-11-01

Abstract:This research describes a procedure for a morphometric analysis of the organ of Corti and stria vascularis in the chinchilla. In nine normal cochleae the length of the basilar membrane and the stria vascularis measured 18.47 and 25.22 mm, respectively. An average of 1910 inner and 7501 outer hair cells were present while an average of 15 inner and 90 outer hair cells were absent. In all cochleae examined there were always some missing hair cells in varying numbers even though the animals had no known ototoxic exposure. Stria area, width and thickness increased from the cochlear apex toward the base. Consistency of changes in stria dimensions among animals was enhanced by expressing position in terms of percentage stria length rather than distance as such. Total stria volume was estimated at 0.15 microliter.

Muhammad Tahir,Mingchu Li,Naeem Ayoub,Muhammad Aamir

DOI: https://doi.org/10.3390/app9030364

2019-01-22

Applied Sciences

Abstract:Computer networks are facing threats of ever-increasing frequency and sophistication. Encryption is becoming the norm in both legitimate and malicious network traffic. Therefore, intrusion detection systems (IDSs) are now required to work efficiently regardless of the encryption. In this study, we propose two new methods to improve the efficacy of the Cisco Cognitive Threat Analytics (CTA) system. In the first method, the efficacy of CTA is improved by sharing of intelligence information across a large number of enterprise networks. In the second method, a four variant-based global reputation model (GRM) is designed by employing an outlier ensemble normalization algorithm in the presence of missing data. Intelligence sharing provides additional information in the intrusion detection process, which is much needed, particularly for analysis of encrypted traffic with inherently low information content. Robustness of the novel outlier ensemble normalization algorithm is also demonstrated. These improvements are measured using both encrypted and non-encrypted network traffic. Results show that the proposed information sharing methods greatly improve the anomaly detection efficacy of malicious network behavior with bad base-line detection efficacy and slightly improve upon the average case.

Wei-Ting Lu,Wei Wu,Shih-Ya Lin,Min-Chi Tseng,Hung-Min Sun

DOI: https://doi.org/10.1007/978-3-319-46298-1_19

2016-01-01

Abstract:Nowadays the cloud security becomes a significant issue: while the single user keyword search on encrypted data has been proposed, encrypting files before uploading scarifies the advantage of the convenience of sharing data with others on the cloud. We design a searchable encryption for the multi-user case. We combine the advantage of efficiency of the symmetric encryption with authentication of the asymmetric encryption to provide a secure and efficient system of shareable keyword search on encrypted data.

Ibrahim Yahya Alzahrani,Seokhee Lee,Kyounggon Kim

DOI: https://doi.org/10.3390/electronics13132526

IF: 2.9

2024-06-27

Electronics

Abstract:Cybercrime threat intelligence enables proactive measures against threat actors and informed, data-driven security decisions. This study proposes a practical implementation of cybercrime threat intelligence in the Arab world by integrating Indicators of Compromise and collecting security alerts from honeypot systems and open-source intelligence. The data collected are stored on the Malware Information Sharing Platform, an open-source platform used to create and share Indicators of Compromise. This study highlights the intuitive interface of the Malware Information Sharing Platform for data analysis, threat identification, and the correlation of Indicators of Compromise. In addition, machine learning techniques are applied to improve predictive accuracy and identify patterns in the data. The decision tree classifier achieves a high accuracy of 99.79%, and the results reveal significant potential cyber-threats, demonstrating the effectiveness of the platform in providing actionable information to prevent, detect, and respond to cybercrime. This approach aims to improve the security posture of the Arab region.

engineering, electrical & electronic,physics, applied,computer science, information systems

Li Xu,Chi-Yao Weng,Lun-Pin Yuan,Mu-En Wu,Raylin Tso,Hung-Min Sun

DOI: https://doi.org/10.1007/s11227-015-1515-8

2015-01-01

Abstract:Cloud storage is one of the most important applications in our daily lives. User can store their own data into cloud storage and remotely access the saved data. Owing to the social media develops, users can share the digital files to other users, leading to the amount of data growing rapidly and searching abilities necessarily. In the some cases, servers cannot avoid data leakage even if the server provides complete access control. The encrypted data is a best way to resolve this problem but it may eliminate original structure and searching may become impossible. Applying searchable encryption for each receiver may produce messy duplication and occupy the quota of cloud storage from each receiver. User requires keeping their shared documents belonging up to date which are compared with the latest version. To this aim, we thus propose a sharable ID-based encryption with keyword search in cloud computing environment, which enables users to search in data owners’ shared storage while preserving privacy of data. For the performance analysis, we demonstrate the compared resultant with others ID-based or ID-relative encryption. In addition to that, we show the formal proof to verify the security of our proposed.

Han Qiu,Meikang Qiu,Meiqin Liu,Gerard Memmi

DOI: https://doi.org/10.1109/jbhi.2020.2973467

IF: 7.7

2020-01-01

IEEE Journal of Biomedical and Health Informatics

Abstract:The recent spades of cyber attacks have compromised end-users' data security and privacy in Medical Cyber-Physical Systems (MCPS) in the era of Health 4.0. Traditional standard encryption algorithms for data protection are designed based on a viewpoint of system architecture rather than a viewpoint of end-users. As such encryption algorithms are transferring the protection on the data to the protection on the keys, data safety, and privacy will be compromised once the key is exposed. In this paper, we propose a secure data storage and sharing method consisted of a selective encryption algorithm combined with fragmentation and dispersion to protect the data safety and privacy even when both transmission media (e.g. cloud servers) and keys are compromised. This method is based on a user-centric design that protects the data on a trusted device such as the end-users' smartphone and lets the end-user control the access for data sharing. We also evaluate the performance of the algorithm on a smartphone platform to prove efficiency.

Han Qiu,Meikang Qiu,Meiqin Liu,Gerard Memmi

DOI: https://doi.org/10.48550/arXiv.1904.08270

2019-04-17

Cryptography and Security

Abstract:The recent spades of cyber security attacks have compromised end users' data safety and privacy in Medical Cyber-Physical Systems (MCPS). Traditional standard encryption algorithms for data protection are designed based on a viewpoint of system architecture rather than a viewpoint of end users. As such encryption algorithms are transferring the protection on the data to the protection on the keys, data safety and privacy will be compromised once the key is exposed. In this paper, we propose a secure data storage and sharing method consisted by a selective encryption algorithm combined with fragmentation and dispersion to protect the data safety and privacy even when both transmission media (e.g. cloud servers) and keys are compromised. This method is based on a user-centric design that protects the data on a trusted device such as end user's smartphone and lets the end user to control the access for data sharing. We also evaluate the performance of the algorithm on a smartphone platform to prove the efficiency.

Sami Mokaddem,Gerard Wagener,Alexandre Dulaunoy,Andras Iklody

DOI: https://doi.org/10.48550/arXiv.1902.03914

2019-02-08

Cryptography and Security

Abstract:IT security community is recently facing a change of trend from closed to open working groups and from restrictive information to full information disclosure and sharing. One major feature for this trend change is the number of incidents and various Indicators of compromise (IoC) that appear on a daily base, which can only be faced and solved in a collaborative way. Sharing information is key to stay on top of the threats. To cover the needs of having a medium for information sharing, different initiatives were taken such as the Open Source Threat Intelligence and Sharing Platform called MISP. At current state, this sharing and collection platform has become far more than a malware information sharing platform. It includes all kind of IoCs, malware and vulnerabilities, but also financial threat or fraud information. Hence, the volume of information is increasing and evolving. In this paper we present implemented distributed data interaction methods for MISP followed by a generic scoring model for decaying information that is shared within MISP communities. As the MISP community members do not have the same objectives, use cases and implementations of the scoring model are discussed. A commonly encountered use case in practice is the detection of indicators of compromise in operational networks.

Kealan Dunnett,Shantanu Pal,Guntur Dharma Putra,Zahra Jadidi,Raja Jurdak

DOI: https://doi.org/10.48550/arXiv.2208.12031

2022-08-25

Abstract:Cyber Threat Intelligence (CTI) is the knowledge of cyber and physical threats that help mitigate potential cyber attacks. The rapid evolution of the current threat landscape has seen many organisations share CTI to strengthen their security posture for mutual benefit. However, in many cases, CTI data contains attributes (e.g., software versions) that have the potential to leak sensitive information or cause reputational damage to the sharing organisation. While current approaches allow restricting CTI sharing to trusted organisations, they lack solutions where the shared data can be verified and disseminated `differentially' (i.e., selective information sharing) with policies and metrics flexibly defined by an organisation. In this paper, we propose a blockchain-based CTI sharing framework that allows organisations to share sensitive CTI data in a trusted, verifiable and differential manner. We discuss the limitations associated with existing approaches and highlight the advantages of the proposed CTI sharing framework. We further present a detailed proof of concept using the Ethereum blockchain network. Our experimental results show that the proposed framework can facilitate the exchange of CTI without creating significant additional overheads.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Ivan Costa,Ivone Amorim,Eva Maia,Pedro Barbosa,Isabel Praca

2024-04-17

Abstract:Healthcare data contains some of the most sensitive information about an individual, yet sharing this data with healthcare practitioners can significantly enhance patient care and support research efforts. However, current systems for sharing health data between patients and caregivers do not fully address the critical security requirements of privacy, confidentiality, and consent management. Furthermore, compliance with regulatory laws such as GDPR and HIPAA is often deficient, largely because patients typically are asked to provide general consent for healthcare entities to access their data. Recognizing the limitations of existing systems, we present S3PHER, a novel approach to sharing health data that provides patients with control over who accesses their data, what data is accessed, and when. Our system ensures end to end privacy by integrating a Proxy ReEncryption Scheme with a Searchable Encryption Scheme, utilizing Homomorphic Encryption to enable healthcare practitioners to privately search and access patients' documents. The practicality and benefits of S3PHER are further validated through end to end deployment and use case analyses, with tests on real datasets demonstrating promising execution times.

Cryptography and Security